test code

yvbbrjdr · yvbbrjdr · commit cb01757fdf54 · 2017-08-03T12:21:27.000+08:00
diff --git a/.gitignore b/.gitignore
@@ -99,3 +99,9 @@ ENV/
 
 # mypy
 .mypy_cache/
+
+# macOS auto-generated file
+.DS_Store
+
+# VS Code files
+.vscode/
diff --git a/client.json.example b/client.json.example
@@ -0,0 +1,16 @@
+{
+    "in": {
+        "type": "plain",
+        "addr": "127.0.0.1",
+        "port": 8388
+    },
+    "out": [
+        {
+            "type": "tls",
+            "addr": "example.com",
+            "port": 443,
+            "outpass": "password",
+            "ca": "ca.crt"
+        }
+    ]
+}
diff --git a/config.py b/config.py
@@ -0,0 +1,35 @@
+'''
+FBoT, Foo or Bar over TLS.
+Copyright (C) 2017  yvbbrjdr
+
+This program is free software: you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation, either version 3 of the License, or
+(at your option) any later version.
+
+This program is distributed in the hope that it will be useful,
+but WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+GNU General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with this program.  If not, see <http://www.gnu.org/licenses/>.
+'''
+
+import json
+from hashlib import sha256
+
+config = {}
+
+def load(fp):
+    global config
+    config = json.load(fp)
+    for out in config['out']:
+        if out.get('inpass'):
+            out['inpass'] = sha256(out['inpass'].encode()).digest()
+        else:
+            out['inpass'] = b''
+        if out.get('outpass'):
+            out['outpass'] = sha256(out['outpass'].encode()).digest()
+        else:
+            out['outpass'] = b''
diff --git a/fbot.py b/fbot.py
@@ -0,0 +1,35 @@
+#!/usr/bin/env python3
+
+'''
+FBoT, Foo or Bar over TLS.
+Copyright (C) 2017  yvbbrjdr
+
+This program is free software: you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation, either version 3 of the License, or
+(at your option) any later version.
+
+This program is distributed in the hope that it will be useful,
+but WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+GNU General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with this program.  If not, see <http://www.gnu.org/licenses/>.
+'''
+
+import argparse
+import version
+import config
+import tcpserver
+
+def main():
+    parser = argparse.ArgumentParser(prog = 'FBoT', description = 'Foo or Bar over TLS.')
+    parser.add_argument('-v', '--version', action = 'version', version='%(prog)s ' + version.version)
+    parser.add_argument('config', help = 'the JSON config file to load', type = argparse.FileType('r'))
+    with parser.parse_args().config as fp:
+        config.load(fp)
+    tcpserver.TCPServer().listen()
+
+if __name__ == '__main__':
+    main()
diff --git a/log.py b/log.py
@@ -0,0 +1,28 @@
+'''
+FBoT, Foo or Bar over TLS.
+Copyright (C) 2017  yvbbrjdr
+
+This program is free software: you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation, either version 3 of the License, or
+(at your option) any later version.
+
+This program is distributed in the hope that it will be useful,
+but WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+GNU General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with this program.  If not, see <http://www.gnu.org/licenses/>.
+'''
+
+import datetime
+import socket
+
+def log(text, sock = None):
+    now = datetime.datetime.now().strftime('%Y-%m-%d %H:%M:%S')
+    if sock:
+        addr, port = sock.getpeername()
+        print('[%s] %s:%d %s' % (now, addr, port, text))
+    else:
+        print('[%s] %s' % (now, text))
diff --git a/server.json.example b/server.json.example
@@ -0,0 +1,22 @@
+{
+    "in": {
+        "type": "tls",
+        "addr": "0.0.0.0",
+        "port": 443,
+        "cert": "cert.pem",
+        "key": "key.pem"
+    },
+    "out": [
+        {
+            "type": "plain",
+            "addr": "127.0.0.1",
+            "port": 80
+        },
+        {
+            "type": "plain",
+            "addr": "127.0.0.1",
+            "port": 8388,
+            "inpass": "password"
+        }
+    ]
+}
diff --git a/tcpserver.py b/tcpserver.py
@@ -0,0 +1,45 @@
+'''
+FBoT, Foo or Bar over TLS.
+Copyright (C) 2017  yvbbrjdr
+
+This program is free software: you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation, either version 3 of the License, or
+(at your option) any later version.
+
+This program is distributed in the hope that it will be useful,
+but WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+GNU General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with this program.  If not, see <http://www.gnu.org/licenses/>.
+'''
+
+import socket
+import ssl
+import tunnel
+import config
+import log
+
+class TCPServer(object):
+    def __init__(self):
+        self.config = config.config['in']
+        self.isTLS = self.config['type'] == 'tls'
+        if self.isTLS:
+            self.context = ssl.create_default_context(ssl.Purpose.CLIENT_AUTH)
+            self.context.load_cert_chain(certfile = self.config['cert'], keyfile = self.config['key'])
+        self.socket = socket.socket()
+        self.socket.bind((self.config['addr'], self.config['port']))
+
+    def listen(self):
+        self.socket.listen()
+        log.log('Server is listening at %s:%d' % (self.config['addr'], self.config['port']))
+        while True:
+            clientSocket, _ = self.socket.accept()
+            if self.isTLS:
+                clientSocket = self.context.wrap_socket(clientSocket, server_side = True)
+            tunnel.Tunnel(clientSocket).start()
+
+    def __del__(self):
+        self.socket.close()
diff --git a/tunnel.py b/tunnel.py
@@ -0,0 +1,106 @@
+'''
+FBoT, Foo or Bar over TLS.
+Copyright (C) 2017  yvbbrjdr
+
+This program is free software: you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation, either version 3 of the License, or
+(at your option) any later version.
+
+This program is distributed in the hope that it will be useful,
+but WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+GNU General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with this program.  If not, see <http://www.gnu.org/licenses/>.
+'''
+
+import socket
+import threading
+import config
+import ssl
+from log import log
+
+class Tunnel(object):
+
+    hashLength = 32
+
+    def __init__(self, clientSocket):
+        log('connection established', clientSocket)
+        self.config = config.config['out']
+        self.clientSocket = clientSocket
+
+    def start(self):
+        self.clientOpen = True
+        self.serverOpen = False
+        self.firstPacketSent = False
+        threading.Thread(target = self.clientSocketThread).start()
+
+    def clientSocketThread(self):
+        while True:
+            data = self.clientSocket.recv(4096)
+            if data:
+                self.clientRecv(data)
+            else:
+                self.clientOpen = False
+                self.clientSocket.close()
+                if self.serverOpen:
+                    self.serverSocket.shutdown(socket.SHUT_RDWR)
+                break
+
+    def serverSocketThread(self):
+        while True:
+            data = self.serverSocket.recv(4096)
+            if data:
+                self.clientSocket.send(data)
+            else:
+                self.serverOpen = False
+                self.serverSocket.close()
+                if self.clientOpen:
+                    self.clientSocket.shutdown(socket.SHUT_RDWR)
+                break
+
+    def clientRecv(self, data):
+        if self.firstPacketSent:
+            self.serverSocket.send(data)
+        else:
+            self.firstPacketSent = True
+            if len(data) >= Tunnel.hashLength:
+                segment = data[:Tunnel.hashLength]
+                bar = None
+                for out in self.config:
+                    if out['inpass'] == segment:
+                        bar = out
+                        break
+                if bar:
+                    self.connectToServer(bar, data[Tunnel.hashLength:])
+                    return
+            foo = None
+            for out in self.config:
+                if out['inpass'] == b'':
+                    foo = out
+                    break
+            if foo:
+                self.connectToServer(foo, data)
+            else:
+                log('no out found', self.clientSocket)
+                self.clientSocket.shutdown(socket.SHUT_RDWR)
+
+    def connectToServer(self, out, data):
+        self.serverSocket = socket.socket()
+        if out['type'] == 'tls':
+            context = ssl.create_default_context()
+            if out.get('ca'):
+                context.load_verify_locations(out['ca'])
+            self.serverSocket = context.wrap_socket(self.serverSocket, server_hostname = out['addr'])
+        try:
+            self.serverSocket.connect((out['addr'], out['port']))
+        except:
+            log('%s:%d connect failed' % (out['addr'], out['port']))
+            self.clientSocket.shutdown(socket.SHUT_RDWR)
+            return
+        log('connect to %s:%d' % (out['addr'], out['port']), self.clientSocket)
+        self.serverOpen = True
+        self.serverSocket.send(out['outpass'] + data)
+        threading.Thread(target = self.serverSocketThread).start()
diff --git a/version.py b/version.py
@@ -0,0 +1,19 @@
+'''
+FBoT, Foo or Bar over TLS.
+Copyright (C) 2017  yvbbrjdr
+
+This program is free software: you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation, either version 3 of the License, or
+(at your option) any later version.
+
+This program is distributed in the hope that it will be useful,
+but WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+GNU General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with this program.  If not, see <http://www.gnu.org/licenses/>.
+'''
+
+version = '0.0.0'
