commit a43697091c161330ebc7f59372850f46ea372f65 Author: David Fifield david@bamsoftware.com Date: Sun Mar 11 22:33:19 2012 -0700
Nuke RTMFP stuff. --- README | 60 ---------- RTMFPSocket.as | 217 ----------------------------------- design.txt | 10 -- init.d/cumulus | 60 ---------- patches/cumulus-no-manage-log.patch | 39 ------ swfcat.as | 108 +----------------- 6 files changed, 2 insertions(+), 492 deletions(-)
diff --git a/README b/README index 006db8c..86524c7 100644 --- a/README +++ b/README @@ -95,34 +95,6 @@ without having to do port forwarding. 2. Run Tor using the included torrc file. $ tor -f flashproxy/torrc
-=== Using RTMFP - -This method uses a protocol called RTMFP to communicate through a NAT -without port forwarding. However it uses a public server at a fixed -address as an intermediary, so it can be easily blocked. (The -intermediate server is operated by the flash proxy developers, not by -Adobe as is usual with RTMFP.) This method also requires Flash Player on -the Tor client, which the other methods don't. - -1. Download swfcat.swf from - https://crypto.stanford.edu/flashproxy/swfcat.swf - and save it locally. We will assume it is saved at - /home/user/flashproxy/swfcat.swf. -2. Run the connector, without giving it a facilitator, and listening on - local ports only. In this configuration, it is the swfcat.swf program - that communicates with the facilitator, not the connector. - $ ./connector.py 127.0.0.1:9001 127.0.0.1:9002 -3. Open in a browser - file:///home/user/flashproxy/swfcat.swf?client=1&debug=1 - This should *not* be the same browser you use to browse over Tor. You - should not run Flash in your Tor browser. Use a separate Firefox - profile (firefox -no-remote -ProfileManager) or use a separate - browser entirely. -4. Run Tor using the included torrc file. - $ tor -f flashproxy/torrc - -You will see status messages in the swfcat.swf window. - === Troubleshooting
Make sure someone is viewing https://crypto.stanford.edu/flashproxy/, or @@ -213,35 +185,3 @@ crossdomaind server on CentOS. "make install" copies files to /usr/local/bin. # cp init.d/crossdomaind /etc/init.d/crossdomaind # chkconfig --add crossdomaind # service crossdomaind start - -=== Building the Cumulus RTMFP server - -There is a free RTMFP rendezvous server called Cumulus. It is a -replacement for the Adobe Cirrus service at rtmfp://p2p.rtmfp.net/. -These are instructions to build and install it. - -First install the prerequisite libpoco, http://poco.sourceforge.net/. -You only need the "Basic Edition." - # apt-get install libpoco-dev -or - $ cd poco-VERSION - $ ./configure && make - # make install - -Follow these steps to install the Cumulus server. You need to open port -1935/udp in the firewall. - $ git clone git://github.com/OpenRTMFP/Cumulus.git - $ cd Cumulus - $ patch -p0 < ~/flashproxy/patches/cumulus-no-manage-log.patch - $ cd CumulusLib - $ make LIBS=./ - # cp libCumulus.so /usr/local/lib - $ cd ../../CumulusService - $ make - # cp CumulusService /usr/local/bin - # useradd -d /dev/null -s /bin/false cumulus - # mkdir /var/cumulus - # chown -R cumulus.cumulus /var/cumulus - # cp flashproxy/init.d/cumulus /etc/init.d/cumulus - # chkconfig --add cumulus - # service cumulus start diff --git a/RTMFPSocket.as b/RTMFPSocket.as deleted file mode 100644 index 421f9cc..0000000 --- a/RTMFPSocket.as +++ /dev/null @@ -1,217 +0,0 @@ -/* -The RTMFPSocket class provides a socket-like interface around RTMFP -NetConnection and NetStream. Each RTMFPSocket contains one NetConnection and two -NetStreams, one for reading and one for writing. - -To create a listening socket: - var rs:RTMFPSocket = new RTMFPSocket(url, key); - rs.addEventListener(Event.COMPLETE, function (e:Event):void { - // rs.id is set and can be sent out of band to the client. - }); - rs.addEventListener(RTMFPSocket.ACCEPT_EVENT, function (e:Event):void { - // rs.peer_id is the ID of the connected client. - }); - rs.listen(); -To connect to a listening socket: - // Receive peer_id out of band. - var rs:RTMFPSocket = new RTMFPSocket(url, key); - rs.addEventListener(Event.CONNECT, function (e:Event):void { - // rs.id and rs.peer_id are now set. - }); -*/ - -package -{ - import flash.events.Event; - import flash.events.EventDispatcher; - import flash.events.IOErrorEvent; - import flash.events.NetStatusEvent; - import flash.events.ProgressEvent; - import flash.net.NetConnection; - import flash.net.NetStream; - import flash.utils.ByteArray; - - public class RTMFPSocket extends EventDispatcher - { - public static const ACCEPT_EVENT:String = "accept"; - - public var connected:Boolean; - - private var nc:NetConnection; - private var incoming:NetStream; - private var outgoing:NetStream; - - /* Cache to hold the peer ID between when connect is called and the - NetConnection exists. */ - private var connect_peer_id:String; - - private var buffer:ByteArray; - - private var cirrus_url:String; - private var cirrus_key:String; - - public function RTMFPSocket(cirrus_url:String, cirrus_key:String = "") - { - connected = false; - - buffer = new ByteArray(); - - this.cirrus_url = cirrus_url; - this.cirrus_key = cirrus_key; - - nc = new NetConnection(); - } - - public function get id():String - { - return nc.nearID; - } - - public function get peer_id():String - { - return incoming.farID; - } - - /* NetStatusEvents that aren't handled more specifically in - listen_netstatus_event or connect_netstatus_event. */ - private function generic_netstatus_event(e:NetStatusEvent):void - { - switch (e.info.code) { - case "NetConnection.Connect.Closed": - connected = false; - dispatchEvent(new Event(Event.CLOSE)); - break; - case "NetStream.Connect.Closed": - connected = false; - close(); - break; - default: - var event:IOErrorEvent = new IOErrorEvent(IOErrorEvent.IO_ERROR); - event.text = e.info.code; - dispatchEvent(event); - break; - } - } - - private function listen_netstatus_event(e:NetStatusEvent):void - { - switch (e.info.code) { - case "NetConnection.Connect.Success": - outgoing = new NetStream(nc, NetStream.DIRECT_CONNECTIONS); - outgoing.client = { - onPeerConnect: listen_onpeerconnect - }; - outgoing.publish("server"); - - /* listen is complete, ready to accept. */ - dispatchEvent(new Event(Event.COMPLETE)); - break; - case "NetStream.Connect.Success": - break; - default: - return generic_netstatus_event(e); - break; - } - } - - private function listen_onpeerconnect(peer:NetStream):Boolean { - incoming = new NetStream(nc, peer.farID); - incoming.client = { - r: receive_data - }; - incoming.play("client"); - - connected = true; - dispatchEvent(new Event(ACCEPT_EVENT)); - - return true; - } - - private function connect_netstatus_event(e:NetStatusEvent):void - { - switch (e.info.code) { - case "NetConnection.Connect.Success": - outgoing = new NetStream(nc, NetStream.DIRECT_CONNECTIONS); - outgoing.publish("client"); - - incoming = new NetStream(nc, connect_peer_id); - incoming.client = { - r: receive_data - }; - incoming.play("server"); - break; - case "NetStream.Connect.Success": - connected = true; - dispatchEvent(new Event(Event.CONNECT)); - break; - default: - return generic_netstatus_event(e); - break; - } - } - - /* Function called back when the other side does a send. */ - private function receive_data(bytes:ByteArray):void { - var event:ProgressEvent; - - event = new ProgressEvent(ProgressEvent.SOCKET_DATA); - event.bytesLoaded = bytes.bytesAvailable; - - bytes.readBytes(buffer, buffer.length, bytes.bytesAvailable); - - dispatchEvent(event); - } - - public function listen():void - { - nc.addEventListener(NetStatusEvent.NET_STATUS, listen_netstatus_event); - nc.connect(cirrus_url, cirrus_key); - } - - public function connect(peer_id:String):void - { - /* Store for later reading by connect_netstatus_event. */ - this.connect_peer_id = peer_id; - - nc.addEventListener(NetStatusEvent.NET_STATUS, connect_netstatus_event); - nc.connect(cirrus_url, cirrus_key); - } - - public function close():void - { - if (outgoing) - outgoing.close(); - if (incoming) - incoming.close(); - if (nc) - nc.close(); - } - - public function readBytes(output:ByteArray, offset:uint = 0, length:uint = 0):void - { - buffer.readBytes(output, offset, length); - if (buffer.bytesAvailable == 0) { - /* Reclaim memory space. */ - buffer.clear(); - } - } - - public function writeBytes(input:ByteArray, offset:uint = 0, length:uint = 0):void - { - var sendbuf:ByteArray; - - /* Read into a new buffer, in case offset and length do not - completely span input. */ - sendbuf = new ByteArray(); - sendbuf.writeBytes(input, offset, length); - - /* Use a short method name because it's sent over the wire. */ - outgoing.send("r", sendbuf); - } - - public function flush():void - { - /* Ignored. */ - } - } -} diff --git a/design.txt b/design.txt index 55427b6..b797262 100644 --- a/design.txt +++ b/design.txt @@ -108,12 +108,6 @@ Design of flash proxies
client=[<address>]:<port>
- or the form: - - POST / HTTP/1.0 - - client=[<rtmfp-id>]:<port> - The facilitator sends a 200 reply if the registration was successful and an error status otherwise. If the connector omits the [<address>] part, the facilitator will automatically fill it in based on the HTTP @@ -147,10 +141,6 @@ Design of flash proxies
client=[<address>:<port>]&relay=<address>:<port>
- or this: - - client=[<rtmfp-id>]&relay=<address>:<port> - If the value for the client parameter is empty, it means that there are no client registrations for this proxy.
diff --git a/init.d/cumulus b/init.d/cumulus deleted file mode 100755 index ba4f4d8..0000000 --- a/init.d/cumulus +++ /dev/null @@ -1,60 +0,0 @@ -#!/bin/sh -# -# cumulus This shell script takes care of starting and stopping -# the Cumulus server. -# -# chkconfig: 2345 90 10 -# description: Cumulus RTMFP server. -# processname: CumulusService -# pidfile: /var/cumulus/cumulus.pid - -# Installation instructions: -# cp init.d/cumulus /etc/init.d/cumulus -# chkconfig --add cumulus -# service cumulus start - -# Source function library. -. /etc/rc.d/init.d/functions - -BINDIR=/usr/local/bin -VARDIR=/var/cumulus -CUMULUS=$BINDIR/CumulusService -PIDFILE=$VARDIR/cumulus.pid -USER=cumulus - -# See how we were called. -case "$1" in - start) - [ -x $CUMULUS ] || exit 1 - echo -n $"Starting Cumulus server: " - cd $VARDIR && daemon --user cumulus --pidfile $PIDFILE $CUMULUS --daemon --pidfile=$PIDFILE - RETVAL=$? - echo - [ $RETVAL -eq 0 ] && touch /var/lock/subsys/cumulus - ;; - stop) - # Stop daemon. - echo -n $"Shutting down Cumulus server: " - killproc CumulusService - RETVAL=$? - echo - [ $RETVAL -eq 0 ] && rm -f /var/lock/subsys/cumulus - ;; - status) - status cumulus - RETVAL=$? - ;; - restart|reload) - $0 stop - $0 start - ;; - condrestart) - [ -f /var/lock/subsys/cumulus ] && restart || : - ;; - *) - echo $"Usage: $0 {start|stop|status|restart}" - RETVAL=3 - ;; -esac - -exit $RETVAL diff --git a/patches/cumulus-no-manage-log.patch b/patches/cumulus-no-manage-log.patch deleted file mode 100644 index 810b52d..0000000 --- a/patches/cumulus-no-manage-log.patch +++ /dev/null @@ -1,39 +0,0 @@ -Don't try to re-open log files. This avoids a failure after --daemon -causes a chdir to /. - -diff --git a/CumulusService/sources/main.cpp b/CumulusService/sources/main.cpp -index 891621f..39ea4eb 100644 ---- a/CumulusService/sources/main.cpp -+++ b/CumulusService/sources/main.cpp -@@ -132,7 +132,6 @@ protected: - void dumpHandler(const char* data,int size) { - cout.write(data,size); - _logStream.write(data,size); -- manageLogFile(); - } - - void logHandler(Thread::TID threadId,const std::string& threadName,Priority priority,const char *filePath,long line, const char *text) { -@@ -140,23 +139,6 @@ protected: - _logStream << DateTimeFormatter::format(LocalDateTime(),"%d/%m %H:%M:%S.%c ") - << g_logPriorities[priority-1] << '\t' << threadName << '(' << threadId << ")\t" - << Path(filePath).getFileName() << '[' << line << "] " << text << std::endl; -- manageLogFile(); -- } -- -- void manageLogFile() { -- if(_logFile.getSize()>LOG_SIZE) { -- _logStream.close(); -- int num = 10; -- File file(LOG_FILE(10)); -- if(file.exists()) -- file.remove(); -- while(--num>=0) { -- file = LOG_FILE_VAR(num); -- if(file.exists()) -- file.renameTo(LOG_FILE_VAR(num+1)); -- } -- _logStream.open(LOG_FILE(0),ios::in | ios::ate); -- } - } - - bool onConnection(Client& client) { diff --git a/swfcat.as b/swfcat.as index 76b35c4..13d8788 100644 --- a/swfcat.as +++ b/swfcat.as @@ -29,17 +29,6 @@ * What rate to limit all proxy traffic combined to. The special value "off" * disables the limit. The default is DEFAULT_RATE_LIMIT. There is a * sanity-check minimum of "10K". - * - * client=1 - * If set (to any value), run in client RTMFP mode. In this mode, rather than - * connecting to a facilitator and attempting to serve clients, swfcat starts an - * RTMFP socket and connects to a local address (to the connector, to be exact). - * See README for more on running in client RTMFP mode. No argument is required - * to use RTMFP when in the usual server mode. - * - * local=<HOST>:<PORT> - * When in client RTMFP mode (client=1), connect to this local address. The - * default is DEFAULT_LOCAL_TOR_CLIENT_ADDR. */
package @@ -63,19 +52,11 @@ package
public class swfcat extends Sprite { - private const RTMFP_URL:String = "rtmfp://tor-facilitator.bamsoftware.com"; - private const DEFAULT_FACILITATOR_ADDR:Object = { host: "tor-facilitator.bamsoftware.com", port: 9002 };
- /* Local Tor client to use in case of RTMFP connection. */ - private const DEFAULT_LOCAL_TOR_CLIENT_ADDR:Object = { - host: "127.0.0.1", - port: 9002 - }; - private const DEFAULT_MAX_NUM_PROXY_PAIRS:uint = 10;
/* In seconds. */ @@ -101,7 +82,6 @@ package private var fac_addr:Object; private var max_num_proxy_pairs:uint; private var facilitator_poll_interval:Number; - private var local_addr:Object;
public var rate_limit:RateLimit;
@@ -133,7 +113,7 @@ package
debug = this.loaderInfo.parameters["debug"];
- if (debug || this.loaderInfo.parameters["client"]) { + if (debug) { output_text = new TextField(); output_text.width = stage.stageWidth; output_text.height = stage.stageHeight; @@ -182,16 +162,7 @@ package else rate_limit = new RateUnlimit();
- local_addr = get_param_addr("local", DEFAULT_LOCAL_TOR_CLIENT_ADDR); - if (!local_addr) { - puts("Error: Local spec must be in the form "host:port"."); - return; - } - - if (this.loaderInfo.parameters["client"]) - client_main(); - else - proxy_main(); + proxy_main(); }
/* Get an address structure from the given movie parameter, or the given @@ -320,68 +291,6 @@ package badge.proxy_begin(); }
- private function client_main():void - { - var rs:RTMFPSocket; - - puts("Making RTMFP socket."); - rs = new RTMFPSocket(RTMFP_URL); - rs.addEventListener(Event.COMPLETE, function (e:Event):void { - puts("Got RTMFP id " + rs.id); - register(rs); - }); - rs.addEventListener(RTMFPSocket.ACCEPT_EVENT, client_accept); - - rs.listen(); - } - - private function client_accept(e:Event):void { - var rs:RTMFPSocket; - var s_t:Socket; - var proxy_pair:ProxyPair; - - rs = e.target as RTMFPSocket; - s_t = new Socket(); - - puts("Got RTMFP connection from " + rs.peer_id); - - proxy_pair = new ProxyPair(this, rs, function ():void { - /* Do nothing; already connected. */ - }, s_t, function ():void { - s_t.connect(local_addr.host, local_addr.port); - }); - proxy_pair.connect(); - } - - private function register(rs:RTMFPSocket):void { - var fac_url:String; - var loader:URLLoader; - var request:URLRequest; - - loader = new URLLoader(); - loader.addEventListener(Event.COMPLETE, function (e:Event):void { - puts("Facilitator: registered."); - }); - loader.addEventListener(SecurityErrorEvent.SECURITY_ERROR, function (e:SecurityErrorEvent):void { - puts("Facilitator: security error: " + e.text + "."); - rs.close(); - }); - loader.addEventListener(IOErrorEvent.IO_ERROR, function (e:IOErrorEvent):void { - puts("Facilitator: I/O error: " + e.text + "."); - rs.close(); - }); - - fac_url = "http://" + encodeURIComponent(fac_addr.host) - + ":" + encodeURIComponent(fac_addr.port) + "/"; - request = new URLRequest(fac_url); - request.method = URLRequestMethod.POST; - request.data = new URLVariables(); - request.data["client"] = rs.id; - - puts("Facilitator: connecting to " + fac_url + "."); - loader.load(request); - } - private function make_proxy_pair(client_spec:String, relay_spec:String):ProxyPair { var proxy_pair:ProxyPair; @@ -408,19 +317,6 @@ package return proxy_pair; }
- if (client_spec.match(/^[0-9A-Fa-f]{64}$/)) { - s_c = new RTMFPSocket(RTMFP_URL); - s_r = new Socket(); - proxy_pair = new ProxyPair(this, s_c, function ():void { - s_c.connect(client_spec); - }, s_r, function ():void { - s_r.connect(addr_r.host, addr_r.port); - }); - proxy_pair.set_name("<" + client_spec.substr(0, 4) + "...," - + addr_r.host + ":" + addr_r.port + ">"); - return proxy_pair; - } - throw new ArgumentError("Can't parse client spec "" + client_spec + ""."); }