Merge pull request #5 from arloor/feature/support-rust-http-proxy

chore: Add support for using an HTTP proxy over TLS as the server

Author: arloor

Makefile

@@ -1,7 +1,7 @@
 PREFIX ?= /usr/local/bin
 TARGET ?= debug
 
-.PHONY: all build install uninstall clean
+.PHONY: all build install uninstall clean gh
 all: build
 
 build:
@@ -28,3 +28,6 @@ uninstall:
 
 clean:
 	cargo clean
+
+gh:
+	cargo install --path . --bin sslocal --features https-tunnel

README.md

@@ -31,6 +31,10 @@ Related Projects:
 - [honwen/openwrt-shadowsocks-rust](https://github.com/honwen/openwrt-shadowsocks-rust) OpenWRT solution for `sslocal`, [discussion](https://github.com/honwen/openwrt-shadowsocks-rust)
 - [cg31/shadowsocks-windows-gui-rust](https://github.com/cg31/shadowsocks-windows-gui-rust) Windows GUI client, [discussion](https://github.com/shadowsocks/shadowsocks-rust/issues/375)
 
+## About this fork
+
+Add support for using an HTTP proxy over TLS as the server. Specifically, it aims to support the use of [rust_http_proxy](https://github.com/arloor/rust_http_proxy) as the backend server. Refer to [https-tunnel-readme.md](https-tunnel-readme.md) for more infomation.
+
 ## Build & Install
 
 ### Optional Features

crates/shadowsocks-service/src/local/net/tcp/auto_proxy_stream.rs

@@ -53,48 +53,7 @@ pub struct HttpTunnelStream {
     addr: Address,
     auth: String,
 }
-// #[cfg(feature = "https-tunnel")]
-// static CONNECTOR: LazyLock<tokio_rustls::TlsConnector> = std::sync::LazyLock::new(|| {
-//     use log::warn;
-//     use once_cell::sync::Lazy;
-//     use std::sync::Arc;
-//     use tokio_rustls::{
-//         rustls::{ClientConfig, RootCertStore},
-//         TlsConnector,
-//     };
 
-//     static TLS_CONFIG: Lazy<Arc<ClientConfig>> = Lazy::new(|| {
-//         let mut config = ClientConfig::builder()
-//             .with_root_certificates(match rustls_native_certs::load_native_certs() {
-//                 Ok(certs) => {
-//                     let mut store = RootCertStore::empty();
-
-//                     for cert in certs {
-//                         if let Err(err) = store.add(cert) {
-//                             warn!("failed to add cert (native), error: {}", err);
-//                         }
-//                     }
-
-//                     store
-//                 }
-//                 Err(err) => {
-//                     warn!("failed to load native certs, {}, going to load from webpki-roots", err);
-
-//                     let mut store = RootCertStore::empty();
-//                     store.extend(webpki_roots::TLS_SERVER_ROOTS.iter().cloned());
-
-//                     store
-//                 }
-//             })
-//             .with_no_client_auth();
-
-//         // Try to negotiate HTTP/2
-//         config.alpn_protocols = vec![b"h2".to_vec(), b"http/1.1".to_vec()];
-//         Arc::new(config)
-//     });
-
-//     TlsConnector::from(TLS_CONFIG.clone())
-// });
 #[cfg(feature = "https-tunnel")]
 impl HttpTunnelStream {
     pub async fn handshake(&mut self) -> io::Result<()> {

https-tunnel-readme.md

@@ -0,0 +1,24 @@
+## vscode debug
+
+```bash
+cp .vscode/launch_example.json .vscode/launch.json
+```
+
+then modify the arguements in launch.json, especially the `-k` and `-s`.
+
+## install
+
+```bash
+make gh
+# eg cargo install --path . --bin sslocal --features https-tunnel
+```
+
+## run.vbs
+
+useful for windows users
+
+```bash
+Set WshShell = CreateObject("WScript.Shell")
+WshShell.Run "taskkill /F /IM sslocal.exe", 0, True
+WshShell.Run "sslocal --local-addr 0.0.0.0:2080 -k username:password -v -m aes-256-gcm -s host:444", 0
+```