meekserver

package module

v3.0.12 Latest Latest Go to latest Published: Aug 10, 2020 License: BSD-2-Clause, BSD-3-Clause Imports: 17 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/OperatorFoundation/shapeshifter-transports

Links

Open Source Insights

Documentation ¶

Overview ¶

Package meekserver is the server transport plugin for the meek pluggable transport. It acts as an HTTP server, keeps track of session ids, and forwards received data to a local OR port.

Sample usage in torrc:

ServerTransportListenAddr meek 0.0.0.0:443
ServerTransportPlugin meek exec ./meek-server --acme-hostnames meek-server.example --acme-email admin@meek-server.example --log meek-server.log

Using your own TLS certificate:

ServerTransportListenAddr meek 0.0.0.0:8443
ServerTransportPlugin meek exec ./meek-server --cert cert.pem --key key.pem --log meek-server.log

Plain HTTP usage:

ServerTransportListenAddr meek 0.0.0.0:8080
ServerTransportPlugin meek exec ./meek-server --disable-tls --log meek-server.log

The server runs in HTTPS mode by default, getting certificates from Let's Encrypt automatically. The server opens an auxiliary ACME listener on port 80 in order for the automatic certificates to work. If you have your own certificate, use the --cert and --key options. Use --disable-tls option to run with plain HTTP.

Package meekserver provides an implementation of the Meek circumvention protocol. Only a client implementation is provided, and no effort is made to normalize the TLS fingerprint.

It borrows quite liberally from the real meek-client code.

Index ¶

func NewMeekServerConnection(state *State, sessionID string) net.Conn
type Config
type MeekServer
- func NewMeekTransportServer(disableTLS bool, acmeEmail string, acmeHostnamesCommas string, stateDir string) *MeekServer
- func (transport *MeekServer) Listen(address string) (net.Listener, error)
type Session
- func (session *Session) IsExpired() bool
- func (session *Session) Touch()
type State
- func NewState() *State
type Transport
- func New(disableTLS bool, acmeHostnamesCommas string, acmeEmail string, address string, ...) (*Transport, error)
- func (transport *Transport) Listen() (net.Listener, error)

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func NewMeekServerConnection ¶

func NewMeekServerConnection(state *State, sessionID string) net.Conn

NewMeekServerConnection initializes the server connection

Types ¶

type Config ¶

type Config struct {
	AcmeEmail    string `json:"acme-email"`
	AcmeHostname string `json:"acme-hostnames"`
}

Config contains arguments formatted for a json file

type MeekServer ¶

type MeekServer struct {
	DisableTLS   bool
	AcmeEmail    string
	AcmeHostname string
	CertManager  *autocert.Manager
}

MeekServer is a Transport that uses domain fronting to shapeshift the application network traffic

func NewMeekTransportServer ¶

func NewMeekTransportServer(disableTLS bool, acmeEmail string, acmeHostnamesCommas string, stateDir string) *MeekServer

NewMeekTransportServer is a public initializer method to get a new meek transport

func (*MeekServer) Listen ¶

func (transport *MeekServer) Listen(address string) (net.Listener, error)

Listen on the meek transport does not have a corresponding server, only a client

type Session ¶

type Session struct {
	Or       fakeConn
	LastSeen time.Time
}

Session id maps to an existing OR port connection, which we keep open between received requests. The first time we see a new session id, we create a new OR port connection.

func (*Session) IsExpired ¶

func (session *Session) IsExpired() bool

IsExpired finds out if this session is old enough to be culled

func (*Session) Touch ¶

func (session *Session) Touch()

Touch marks a session as having been seen just now.

type State ¶

type State struct {
	// contains filtered or unexported fields
}

State serves as the http handler There is one state per HTTP listener. In the usual case there is just one listener, so there is just one global state.

func NewState ¶

func NewState() *State

NewState makes a new state

func (*State) CloseSession ¶

func (state *State) CloseSession(sessionID string)

CloseSession removes a session from the map and closes its corresponding OR port connection. Does nothing if the session id is not known.

func (*State) ExpireSessions ¶

func (state *State) ExpireSessions()

ExpireSessions prevents an endless loop, checking for expired sessions and removing them.

func (*State) Get ¶

func (state *State) Get(w http.ResponseWriter, req *http.Request)

Get handles a GET request. This doesn't have any purpose apart from diagnostics.

func (*State) GetSession ¶

func (state *State) GetSession(sessionID string) (*Session, error)

GetSession looks up a session by id, or create a new one (with its OR port connection) if it doesn't already exist.

func (*State) Post ¶

func (state *State) Post(w http.ResponseWriter, req *http.Request)

Post handles a POST request. Look up the session id and then do a transaction.

func (*State) ServeHTTP ¶

func (state *State) ServeHTTP(w http.ResponseWriter, req *http.Request)

type Transport ¶ added in v3.0.3

type Transport struct {
	DisableTLS  bool
	CertManager *autocert.Manager
	Address     string
}

func New ¶ added in v3.0.4

func New(disableTLS bool, acmeHostnamesCommas string, acmeEmail string, address string, stateDir string) (*Transport, error)

func (*Transport) Listen ¶ added in v3.0.3

func (transport *Transport) Listen() (net.Listener, error)

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL