July 2013 - tor-commits - lists.torproject.org

[flashproxy/master] Credit and bug number for --port-forwarding.
by dcf＠torproject.org 01 Jul '13

01 Jul '13

commit 64f4b0087db60ad231df1f199e2c618819a76716 Author: David Fifield <david(a)bamsoftware.com> Date: Mon Jul 1 00:26:52 2013 -0700 Credit and bug number for --port-forwarding. --- ChangeLog | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/ChangeLog b/ChangeLog index f1b12f3..0df25f9 100644 --- a/ChangeLog +++ b/ChangeLog @@ -38,7 +38,8 @@ Patch by Sukhbir Singh and David Fifield. Fixes bug 8285. o New --port-forwarding and friends options enable … [View More]

1 0

[flashproxy/master] Style and output changes in forward_ports.
by dcf＠torproject.org 01 Jul '13

01 Jul '13

commit 7bc60e7c01b36ea888c67347e3ce3ec24e6444b3 Author: David Fifield <david(a)bamsoftware.com> Date: Sun Jun 30 23:53:25 2013 -0700 Style and output changes in forward_ports. --- flashproxy-client | 20 +++++++++++--------- 1 file changed, 11 insertions(+), 9 deletions(-) diff --git a/flashproxy-client b/flashproxy-client index e65a0a0..008bd95 100755 --- a/flashproxy-client +++ b/flashproxy-client @@ -130,26 +130,28 @@ def safe_str(s): return s def forward_ports(… [View More]

1 0

[flashproxy/master] Allow forward_ports to forward multiple.
by dcf＠torproject.org 01 Jul '13

01 Jul '13

commit c14004eac7e5bb90ca590884fb97693397070589 Author: David Fifield <david(a)bamsoftware.com> Date: Sun Jun 30 20:19:04 2013 -0700 Allow forward_ports to forward multiple. --- flashproxy-client | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/flashproxy-client b/flashproxy-client index 4bbcc28..e65a0a0 100755 --- a/flashproxy-client +++ b/flashproxy-client @@ -129,11 +129,13 @@ def safe_str(s): else: return s -def forward_ports(… [View More]

1 0

[flashproxy/master] Change --nat-traversal to --port-forwarding.
by dcf＠torproject.org 01 Jul '13

01 Jul '13

commit a493cc910084d85986b4a5e674005b9d8ef11154 Author: David Fifield <david(a)bamsoftware.com> Date: Sun Jun 30 20:08:05 2013 -0700 Change --nat-traversal to --port-forwarding. To match torrc PortForwarding. --- flashproxy-client | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/flashproxy-client b/flashproxy-client index 2e1ce45..85c496f 100755 --- a/flashproxy-client +++ b/flashproxy-client @@ -59,8 +59,8 @@ class options(object): … [View More] register = False register_commands = [] pid_filename = None + port_forwarding = False safe_logging = True - nat_traversal = False address_family = socket.AF_UNSPEC # We accept up to this many bytes from a socket not yet matched with a partner @@ -113,7 +113,7 @@ omitted, it uses a public default. methods. Implies --register. Possible methods are appspot email http Default is "%(reg_methods)s". - --nat-traversal attempt to traverse NAT with tor-fw-helper. + --port-forwarding attempt to forward REMOTE port with tor-fw-helper. --unsafe-logging don't scrub IP addresses from logs.\ """ % { "progname": sys.argv[0], @@ -129,8 +129,8 @@ def safe_str(s): else: return s -def traverse_nat(): - if not options.nat_traversal: +def forward_ports(): + if not options.port_forwarding: return False port = options.remote_addrs[0][1] script_path = os.path.join(get_script_dir(), "tor-fw-helper") @@ -1085,7 +1085,7 @@ def main(): register_addr_spec = None register_methods = [] - opts, args = getopt.gnu_getopt(sys.argv[1:], "46f:hl:r", ["daemon", "external", "facilitator=", "facilitator-pubkey=", "help", "log=", "pidfile=", "register", "register-addr=", "register-methods=", "nat-traversal", "unsafe-logging"]) + opts, args = getopt.gnu_getopt(sys.argv[1:], "46f:hl:r", ["daemon", "external", "facilitator=", "facilitator-pubkey=", "help", "log=", "pidfile=", "register", "register-addr=", "register-methods=", "port-forwarding", "unsafe-logging"]) for o, a in opts: if o == "-4": options.address_family = socket.AF_INET @@ -1117,8 +1117,8 @@ def main(): elif o == "--register-methods": options.register = True register_methods.extend(a.split(",")) - elif o == "--nat-traversal": - options.nat_traversal = True + elif o == "--port-forwarding": + options.port_forwarding = True elif o == "--unsafe-logging": options.safe_logging = False @@ -1174,8 +1174,8 @@ def main(): for method in register_methods: options.register_commands.append(build_register_command(method)) - # Attempt to traverse NAT if enabled - traverse_nat() + # Attempt to forward ports if requested. + forward_ports() # Remote sockets, accepting remote WebSocket connections from proxies. remote_listen = [] [View Less]

1 0

[flashproxy/master] Add a --nat-traversal flag to flashproxy-client.
by dcf＠torproject.org 01 Jul '13

01 Jul '13

commit d9be6f4e8fe86c216f85f31d2ff3461d34d16a10 Author: Arlo Breault <arlolra(a)gmail.com> Date: Fri Jun 7 11:41:56 2013 -0700 Add a --nat-traversal flag to flashproxy-client. Uses the tor-fw-helper. --- flashproxy-client | 38 ++++++++++++++++++++++++++++++++++++-- 1 file changed, 36 insertions(+), 2 deletions(-) diff --git a/flashproxy-client b/flashproxy-client index 7feaefe..2e1ce45 100755 --- a/flashproxy-client +++ b/flashproxy-client @@ -60,6 +60,7 @@ class … [View More]options(object): register_commands = [] pid_filename = None safe_logging = True + nat_traversal = False address_family = socket.AF_UNSPEC # We accept up to this many bytes from a socket not yet matched with a partner @@ -112,6 +113,7 @@ omitted, it uses a public default. methods. Implies --register. Possible methods are appspot email http Default is "%(reg_methods)s". + --nat-traversal attempt to traverse NAT with tor-fw-helper. --unsafe-logging don't scrub IP addresses from logs.\ """ % { "progname": sys.argv[0], @@ -127,6 +129,29 @@ def safe_str(s): else: return s +def traverse_nat(): + if not options.nat_traversal: + return False + port = options.remote_addrs[0][1] + script_path = os.path.join(get_script_dir(), "tor-fw-helper") + command = [script_path, "-p", ":%s" % port] + try: + log(u"Attempting NAT traversal for port: %d" % port) + p = subprocess.Popen(command, stdout=subprocess.PIPE, stderr=subprocess.PIPE) + stdout, stderr = p.communicate() + except OSError, e: + log(u"Error opening tor-fw-helper.") + return False + if p.returncode != 0: + log("tor-fw-helper exited with status %d." % p.returncode) + return False + line = stdout.split() + if len(line) >= 5 and line[4] == "SUCCESS": + log(u"NAT traversal succeeded.") + return True + log(u"NAT traversal failed.") + return False + log_lock = threading.Lock() def log(msg): log_lock.acquire() @@ -948,7 +973,7 @@ def proxy_loop(): websocket_pending.pop(0) report_pending() -def build_register_command(method): +def get_script_dir(): # sys.path[0] usually contains the directory the script is located in. # py2exe overwrites this for bundled executables. if getattr(sys, "frozen", False): @@ -958,6 +983,10 @@ def build_register_command(method): if not script_dir: # Maybe the script was read from stdin; in any case don't guess at the directory. raise ValueError("Can't find executable directory for registration helpers") + return script_dir + +def build_register_command(method): + script_dir = get_script_dir() af = [] if options.address_family == socket.AF_INET: af = ["-4"] @@ -1056,7 +1085,7 @@ def main(): register_addr_spec = None register_methods = [] - opts, args = getopt.gnu_getopt(sys.argv[1:], "46f:hl:r", ["daemon", "external", "facilitator=", "facilitator-pubkey=", "help", "log=", "pidfile=", "register", "register-addr=", "register-methods=", "unsafe-logging"]) + opts, args = getopt.gnu_getopt(sys.argv[1:], "46f:hl:r", ["daemon", "external", "facilitator=", "facilitator-pubkey=", "help", "log=", "pidfile=", "register", "register-addr=", "register-methods=", "nat-traversal", "unsafe-logging"]) for o, a in opts: if o == "-4": options.address_family = socket.AF_INET @@ -1088,6 +1117,8 @@ def main(): elif o == "--register-methods": options.register = True register_methods.extend(a.split(",")) + elif o == "--nat-traversal": + options.nat_traversal = True elif o == "--unsafe-logging": options.safe_logging = False @@ -1143,6 +1174,9 @@ def main(): for method in register_methods: options.register_commands.append(build_register_command(method)) + # Attempt to traverse NAT if enabled + traverse_nat() + # Remote sockets, accepting remote WebSocket connections from proxies. remote_listen = [] for addr in options.remote_addrs: [View Less]

1 0

[flashproxy/master] Make forward_ports not depend on global options.
by dcf＠torproject.org 01 Jul '13

01 Jul '13

commit 8df7c24f7df2f2ef064eb4d06ea4cb8aaf160ecb Author: David Fifield <david(a)bamsoftware.com> Date: Sun Jun 30 20:10:35 2013 -0700 Make forward_ports not depend on global options. --- flashproxy-client | 12 +++++------- 1 file changed, 5 insertions(+), 7 deletions(-) diff --git a/flashproxy-client b/flashproxy-client index 85c496f..4bbcc28 100755 --- a/flashproxy-client +++ b/flashproxy-client @@ -129,14 +129,11 @@ def safe_str(s): else: return s -def … [View More]

1 0

[flashproxy/master] Move forward_ports down with like functions.
by dcf＠torproject.org 01 Jul '13

01 Jul '13

commit d2ffdb3446494a9b32e8be0fca784ca085933fde Author: David Fifield <david(a)bamsoftware.com> Date: Mon Jul 1 00:02:44 2013 -0700 Move forward_ports down with like functions. --- flashproxy-client | 46 +++++++++++++++++++++++----------------------- 1 file changed, 23 insertions(+), 23 deletions(-) diff --git a/flashproxy-client b/flashproxy-client index 0afec8d..45d765d 100755 --- a/flashproxy-client +++ b/flashproxy-client @@ -134,29 +134,6 @@ def safe_str(s): else: … [View More] return s -def forward_ports(pairs): - """Attempt to forward all given pairs (external, internal) pairs of ports - using port_forwarding_helper.""" - command = [options.port_forwarding_helper] - basename = os.path.basename(command[0]) - for external, internal in pairs: - command += ["-p", "%d:%d" % (external, internal)] - try: - log(u"Running port forwarding command: %s" % " ".join(command)) - p = subprocess.Popen(command, stdout=subprocess.PIPE, stderr=subprocess.PIPE) - stdout, stderr = p.communicate() - except OSError, e: - log(u"Error running %s: %s" % (basename, str(e))) - return False - for line in stdout.splitlines(): - log(u"%s: %s" % (basename, line)) - for line in stderr.splitlines(): - log(u"%s: %s" % (basename, line)) - if p.returncode != 0: - log("%s exited with status %d." % (basename, p.returncode)) - return False - return True - log_lock = threading.Lock() def log(msg): log_lock.acquire() @@ -724,6 +701,29 @@ def handle_socks_request(fd): def report_pending(): log(u"locals (%d): %s" % (len(locals), [safe_format_peername(x) for x in locals])) log(u"remotes (%d): %s" % (len(remotes), [safe_format_peername(x) for x in remotes])) + +def forward_ports(pairs): + """Attempt to forward all given pairs (external, internal) pairs of ports + using port_forwarding_helper.""" + command = [options.port_forwarding_helper] + basename = os.path.basename(command[0]) + for external, internal in pairs: + command += ["-p", "%d:%d" % (external, internal)] + try: + log(u"Running port forwarding command: %s" % " ".join(command)) + p = subprocess.Popen(command, stdout=subprocess.PIPE, stderr=subprocess.PIPE) + stdout, stderr = p.communicate() + except OSError, e: + log(u"Error running %s: %s" % (basename, str(e))) + return False + for line in stdout.splitlines(): + log(u"%s: %s" % (basename, line)) + for line in stderr.splitlines(): + log(u"%s: %s" % (basename, line)) + if p.returncode != 0: + log("%s exited with status %d." % (basename, p.returncode)) + return False + return True register_condvar = threading.Condition() def register(): [View Less]

1 0

[flashproxy/master] Add --port-forwarding-helper option.
by dcf＠torproject.org 01 Jul '13

01 Jul '13

commit 737afb19348910ddd34a2f93debf8d0e6dd5ea69 Author: David Fifield <david(a)bamsoftware.com> Date: Sun Jun 30 23:59:31 2013 -0700 Add --port-forwarding-helper option. --- flashproxy-client | 15 +++++++++++---- 1 file changed, 11 insertions(+), 4 deletions(-) diff --git a/flashproxy-client b/flashproxy-client index 008bd95..18b5634 100755 --- a/flashproxy-client +++ b/flashproxy-client @@ -37,6 +37,7 @@ DEFAULT_LOCAL_PORT_MANAGED = 0 DEFAULT_LOCAL_PORT_EXTERNAL = 9001 … [View More]DEFAULT_REMOTE_PORT = 9000 DEFAULT_REGISTER_METHODS = ["appspot", "email", "http"] +DEFAULT_PORT_FORWARDING_HELPER = "tor-fw-helper" # We will re-register if we have fewer than this many waiting proxies. The # facilitator may choose to ignore our requests. @@ -60,6 +61,7 @@ class options(object): register_commands = [] pid_filename = None port_forwarding = False + port_forwarding_helper = DEFAULT_PORT_FORWARDING_HELPER safe_logging = True address_family = socket.AF_UNSPEC @@ -113,13 +115,16 @@ omitted, it uses a public default. methods. Implies --register. Possible methods are appspot email http Default is "%(reg_methods)s". - --port-forwarding attempt to forward REMOTE port with tor-fw-helper. + --port-forwarding attempt to forward REMOTE port. + --port-forwarding-helper=PROGRAM use the given PROGRAM to forward ports + (default "%(port_forwarding_helper)s"). Implies --port-forwarding. --unsafe-logging don't scrub IP addresses from logs.\ """ % { "progname": sys.argv[0], "local_port": DEFAULT_LOCAL_PORT_EXTERNAL, "remote_port": DEFAULT_REMOTE_PORT, "reg_methods": ",".join(DEFAULT_REGISTER_METHODS), + "port_forwarding_helper": DEFAULT_PORT_FORWARDING_HELPER, } def safe_str(s): @@ -132,8 +137,7 @@ def safe_str(s): def forward_ports(pairs): """Attempt to forward all given pairs (external, internal) pairs of ports using port_forwarding_helper.""" - script_path = os.path.join(get_script_dir(), "tor-fw-helper") - command = [script_path] + command = [options.port_forwarding_helper] basename = os.path.basename(command[0]) for external, internal in pairs: command += ["-p", "%d:%d" % (external, internal)] @@ -1086,7 +1090,7 @@ def main(): register_addr_spec = None register_methods = [] - opts, args = getopt.gnu_getopt(sys.argv[1:], "46f:hl:r", ["daemon", "external", "facilitator=", "facilitator-pubkey=", "help", "log=", "pidfile=", "register", "register-addr=", "register-methods=", "port-forwarding", "unsafe-logging"]) + opts, args = getopt.gnu_getopt(sys.argv[1:], "46f:hl:r", ["daemon", "external", "facilitator=", "facilitator-pubkey=", "help", "log=", "pidfile=", "register", "register-addr=", "register-methods=", "port-forwarding", "port-forwarding-helper=", "unsafe-logging"]) for o, a in opts: if o == "-4": options.address_family = socket.AF_INET @@ -1120,6 +1124,9 @@ def main(): register_methods.extend(a.split(",")) elif o == "--port-forwarding": options.port_forwarding = True + elif o == "--port-forwarding-helper": + options.port_forwarding = True + options.port_forwarding_helper = a elif o == "--unsafe-logging": options.safe_logging = False [View Less]

1 0

[flashproxy/master] Add --port-forwarding-external option.
by dcf＠torproject.org 01 Jul '13

01 Jul '13

commit 04ea500b4a8ee01572e80f451936e76c8864022f Author: David Fifield <david(a)bamsoftware.com> Date: Mon Jul 1 00:13:16 2013 -0700 Add --port-forwarding-external option. In case your external mapped port is not the same as the internal port. --- flashproxy-client | 16 ++++++++++++++-- 1 file changed, 14 insertions(+), 2 deletions(-) diff --git a/flashproxy-client b/flashproxy-client index 45d765d..41d6559 100755 --- a/flashproxy-client +++ b/flashproxy-client @@ -62,… [View More]6 +62,7 @@ class options(object): pid_filename = None port_forwarding = False port_forwarding_helper = DEFAULT_PORT_FORWARDING_HELPER + port_forwarding_external = None safe_logging = True address_family = socket.AF_UNSPEC @@ -118,6 +119,9 @@ omitted, it uses a public default. --port-forwarding attempt to forward REMOTE port. --port-forwarding-helper=PROGRAM use the given PROGRAM to forward ports (default "%(port_forwarding_helper)s"). Implies --port-forwarding. + --port-forwarding-external=PORT forward the external PORT to REMOTE on + the local host (default same as REMOTE). Implies + --port-forwarding. --unsafe-logging don't scrub IP addresses from logs.\ """ % { "progname": sys.argv[0], @@ -1086,7 +1090,7 @@ def main(): register_addr_spec = None register_methods = [] - opts, args = getopt.gnu_getopt(sys.argv[1:], "46f:hl:r", ["daemon", "external", "facilitator=", "facilitator-pubkey=", "help", "log=", "pidfile=", "register", "register-addr=", "register-methods=", "port-forwarding", "port-forwarding-helper=", "unsafe-logging"]) + opts, args = getopt.gnu_getopt(sys.argv[1:], "46f:hl:r", ["daemon", "external", "facilitator=", "facilitator-pubkey=", "help", "log=", "pidfile=", "register", "register-addr=", "register-methods=", "port-forwarding", "port-forwarding-helper=", "port-forwarding-external=", "unsafe-logging"]) for o, a in opts: if o == "-4": options.address_family = socket.AF_INET @@ -1123,6 +1127,9 @@ def main(): elif o == "--port-forwarding-helper": options.port_forwarding = True options.port_forwarding_helper = a + elif o == "--port-forwarding-external": + options.port_forwarding = True + options.port_forwarding_external = int(a) elif o == "--unsafe-logging": options.safe_logging = False @@ -1180,7 +1187,12 @@ def main(): # Attempt to forward ports if requested. if options.port_forwarding: - forward_ports(((remote_addr[1], remote_addr[1]),)) + internal = remote_addr[1] + if options.port_forwarding_external is not None: + external = options.port_forwarding_external + else: + external = internal + forward_ports(((external, internal),)) # Remote sockets, accepting remote WebSocket connections from proxies. remote_listen = [] [View Less]

1 0

[flashproxy/master] Undo get_script_dir factoring.
by dcf＠torproject.org 01 Jul '13

01 Jul '13

commit c9fe23c3f501c461262d9fa0dea3fcdaf8a292cd Author: David Fifield <david(a)bamsoftware.com> Date: Mon Jul 1 00:01:10 2013 -0700 Undo get_script_dir factoring. --- flashproxy-client | 6 +----- 1 file changed, 1 insertion(+), 5 deletions(-) diff --git a/flashproxy-client b/flashproxy-client index 18b5634..0afec8d 100755 --- a/flashproxy-client +++ b/flashproxy-client @@ -978,7 +978,7 @@ def proxy_loop(): websocket_pending.pop(0) report_pending() -… [View More]

1 0