rnet: servers

servers listen on all underlying interfaces and accept incoming connections
or packets and forward them to the gateway. If a L4 hop is set, then conns
are forwarded to that L4 hop. ipn.Proxy is an example of a hop.

Anything that can connect to these rnet.servers over LAN (for example,
Browsers on the same network as the Android running Rethink) can use
any of the L4 ipn.Proxy transports (like WireGuard, Http CONNECT, SOCKS5,
and the RPN over WebSockets) for egress (just like EveryProxy does).

The initial implementation (untested) contains support for SOCKS5 servers.

Author: ignoramous

intra/rnet/servers.go

@@ -0,0 +1,202 @@
+// Copyright (c) 2023 RethinkDNS and its authors.
+//
+// This Source Code Form is subject to the terms of the Mozilla Public
+// License, v. 2.0. If a copy of the MPL was not distributed with this
+// file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+package rnet
+
+import (
+	"errors"
+	"fmt"
+	"sync"
+
+	"github.com/celzero/firestack/intra/ipn"
+	"github.com/celzero/firestack/intra/log"
+	"github.com/celzero/firestack/intra/protect"
+)
+
+const (
+	// type of services
+	SVCSOCKS5 = "svcsocks5" // SOCKS5
+	SVCHTTP1  = "svchttp1"  // HTTP/1.1
+	PXSOCKS5  = "pxsocks5"  // SOCKS5 with forwarding proxy
+	PXHTTP1   = "pxhttp1"   // HTTP/1.1 with forwarding proxy
+
+	// status of proxies
+	SOK = 0  // svc OK
+	SKO = -1 // svc not OK
+	END = -2 // svc stopped
+)
+
+var (
+	errNoServer   = errors.New("no such server")
+	errSvcRunning = errors.New("service is running")
+	errNotUdp     = errors.New("not udp conn")
+	errNotTcp     = errors.New("not tcp conn")
+	errServerEnd  = errors.New("server stopped")
+	errProxyEnd   = errors.New("proxy stopped")
+
+	udptimeoutsec = 5 * 60                    // 5m
+	tcptimeoutsec = (2 * 60 * 60) + (40 * 60) // 2h40m
+)
+
+// todo: github.com/txthinking/brook/blob/master/pac.go
+
+type Server interface {
+	// Sets the proxy as the next hop.
+	Hop(p ipn.Proxy) error
+	// ID returns the ID of the server.
+	ID() string
+	// Start starts the server.
+	Start() error
+	// Type returns the type of the server.
+	Type() string
+	// Addr returns the address of the server.
+	GetAddr() string
+	// Status returns the status of the server.
+	Status() int
+	// Stop stops the server.
+	Stop() error
+	// Refresh re-registers the server.
+	Refresh() error
+}
+
+type Services interface {
+	// Add adds a server.
+	AddServer(id, url string) (Server, error)
+	// Bridge bridges or unbridges server with proxy.
+	Bridge(serverid, proxyid string) error
+	// Remove removes a server.
+	RemoveServer(id string) (ok bool)
+	// RemoveAll removes all servers, returns the number removed.
+	RemoveAll() (rm int)
+	// Get returns a Server.
+	GetServer(id string) (Server, error)
+	// Stop stops all services, returns the number stopped.
+	StopServers() (n int)
+	// Refresh re-registers servces and returns a csv of active ones.
+	RefreshServers() (active string)
+}
+
+var _ Server = (*socks5)(nil)
+
+type services struct {
+	sync.RWMutex
+	servers map[string]Server
+	proxies ipn.Proxies
+	ctl     protect.Controller
+}
+
+func NewServices(proxies ipn.Proxies, ctl protect.Controller) Services {
+	return &services{
+		servers: make(map[string]Server),
+		ctl:     ctl,
+		proxies: proxies,
+	}
+}
+
+func (s *services) AddServer(id, url string) (svc Server, err error) {
+	s.Lock()
+	defer s.Unlock()
+
+	if _, ok := s.servers[id]; ok {
+		return nil, errSvcRunning
+	}
+
+	switch id {
+	case SVCSOCKS5, PXSOCKS5:
+		svc, err = newSocks5Server(id, url, s.ctl)
+	case SVCHTTP1, PXHTTP1:
+		fallthrough
+	default:
+		return nil, errors.ErrUnsupported
+	}
+
+	s.servers[id] = svc
+	return svc, nil
+}
+
+func (s *services) Bridge(serverid, proxyid string) error {
+	s.Lock()
+	defer s.Unlock()
+
+	svc, ok := s.servers[serverid]
+	if !ok {
+		return errNoServer
+	}
+	// remove existing bridge, if any
+	if len(proxyid) <= 0 {
+		return svc.Hop(nil)
+	}
+	px, err := s.proxies.GetProxy(proxyid)
+	if err != nil {
+		return err
+	}
+	svcstr := fmt.Sprintf("%s/%s [%d] at %s", serverid, svc.Type(), svc.Status(), svc.GetAddr())
+	pxstr := fmt.Sprintf("%s/%s [%d] at %s", proxyid, px.Type(), px.Status(), px.GetAddr())
+	log.I("svc: bridge %s with %s", svcstr, pxstr)
+
+	return svc.Hop(px)
+}
+
+func (s *services) RemoveServer(id string) bool {
+	s.Lock()
+	defer s.Unlock()
+
+	if _, ok := s.servers[id]; ok {
+		delete(s.servers, id)
+		return true
+	}
+	return false
+}
+
+func (s *services) GetServer(id string) (Server, error) {
+	s.RLock()
+	defer s.RUnlock()
+
+	if svc, ok := s.servers[id]; ok {
+		return svc, nil
+	}
+	return nil, errNoServer
+}
+
+func (s *services) StopServers() int {
+	s.Lock()
+	defer s.Unlock()
+
+	for _, svc := range s.servers {
+		go svc.Stop()
+	}
+	return len(s.servers)
+}
+
+func (s *services) RefreshServers() string {
+	s.Lock()
+	defer s.Unlock()
+
+	var csv string
+	for _, svc := range s.servers {
+		sid := svc.ID()
+		if err := svc.Refresh(); err != nil {
+			log.W("svc: refresh %s; err: %v", sid, err)
+			continue
+		}
+		if csv == "" {
+			csv = sid
+		} else {
+			csv += "," + sid
+		}
+	}
+	return csv
+}
+
+func (s *services) RemoveAll() int {
+	n := s.StopServers()
+
+	s.Lock()
+	defer s.Unlock()
+
+	clear(s.servers)
+	return n
+}