Support win32 build

Also use sccache releases instead of building with cargo.
klzgrad · Apr 3, 2019 · 035a725 · 035a725
1 parent 0f66be5
commit 035a725
Show file tree

Hide file tree

Showing 6 changed files with 90 additions and 70 deletions.
diff --git a/.appveyor.yml b/.appveyor.yml
@@ -2,19 +2,21 @@ branches:
   except:
     - dev
 version: '{build}'
+platform:
+  - x64
+  - x86
 image: Visual Studio 2017
 install:
   - cinst ninja
 cache:
-  - '%USERPROFILE%\.cargo\bin'
   - '%LOCALAPPDATA%\Mozilla\sccache'
 build_script:
   - bash ./tools/import-upstream.sh
   - bash -c 'cd src; ./get-clang.sh'
   - bash -c '~/.cargo/bin/sccache -s'
-  - bash -c 'cd src; ./build.sh'
+  - bash -c 'cd src; EXTRA_FLAGS=target_cpu=\"$Platform\" ./build.sh'
   - bash -c '~/.cargo/bin/sccache -s'
-  - ps: $env:BUILD_NAME="naiveproxy-$env:APPVEYOR_REPO_TAG_NAME-win64"
+  - ps: $env:BUILD_NAME="naiveproxy-$env:APPVEYOR_REPO_TAG_NAME-win-$env:PLATFORM"
   - bash -c 'mkdir $BUILD_NAME'
   - bash -c 'cp src/out/Release/naive.exe src/config.json LICENSE USAGE.txt $BUILD_NAME'
   - bash -c '7z a $BUILD_NAME.zip $BUILD_NAME'

diff --git a/README.md b/README.md
@@ -2,7 +2,7 @@
 
 A secure, censorship-resistent proxy.
 
-NaïveProxy is naive as it reuses standard protocols (HTTP/2, HTTP/3) and common network stacks (Chrome, Caddy) with little variation. By being as common and boring as possible NaïveProxy is practically indistinguishable from mainstream traffic. Reusing common software stacks also ensures best practices in performance and security.
+NaïveProxy is naïve as it reuses standard protocols (HTTP/2, HTTP/3) and common network stacks (Chrome, Caddy) with little variation. By being as common and boring as possible NaïveProxy is practically indistinguishable from mainstream traffic. Reusing common software stacks also ensures best practices in performance and security.
 
 The following attacks are mitigated:
 
@@ -13,7 +13,7 @@ The following attacks are mitigated:
 
 ## Architecture
 
-[Browser → Naive (client)] ⟶ Censor ⟶ [Frontend → Naive (server)] ⟶ Internet
+[Browser → Naïve (client)] ⟶ Censor ⟶ [Frontend → Naïve (server)] ⟶ Internet
 
 NaïveProxy uses Chrome's network stack. What the censor can see is exactly regular HTTP/2 traffic between Chrome and standard Frontend (e.g. Caddy, HAProxy).
 
@@ -29,12 +29,18 @@ Note: On Linux libnss3 must be installed before using the prebuilt binary.
 
 ## Setup
 
-Locally run `./naive --proxy=https://user:[email protected]` and point the browser to a SOCKS5 proxy at port 1080.
+On the server, download Caddy (from https://caddyserver.com/download with plugin: http.forwardproxy):
+```
+curl -OJ 'https://caddyserver.com/download/linux/amd64?plugins=http.forwardproxy&license=personal'
+tar xf ./caddy_*.tar.gz
+sudo setcap cap_net_bind_service=+ep caddy
+```
 
-On the server run `./caddy` as the frontend with the following Caddyfile
+Run `./caddy` with the following Caddyfile (replace the example values accordingly):
 ```
 domain.example
 root /var/www/html
+tls [email protected]
 forwardproxy {
   basicauth user pass
   hide_ip
@@ -43,9 +49,28 @@ forwardproxy {
   upstream http://127.0.0.1:8080
 }
 ```
-and `./naive --listen=http://127.0.0.1:8080` behind it. See [Server Setup](https://github.com/klzgrad/naiveproxy/wiki/Server-Setup) for more details on building Caddy and enabling QUIC.
 
-For more information on parameter usage and format of `config.json`, see [USAGE.txt](https://github.com/klzgrad/naiveproxy/blob/master/USAGE.txt). See also [Parameter Tuning](https://github.com/klzgrad/naiveproxy/wiki/Parameter-Tuning) to improve client-side performance.
+and `./naive` with the following `config.json`:
+```json
+{
+  "listen": "http:/127.0.0.1:8080",
+  "padding": true
+}
+```
+
+Locally run `./naive` with `config.json`:
+```json
+{
+  "listen": "socks://127.0.0.1:1080",
+  "proxy": "https://user:[email protected]",
+  "padding": true
+}
+```
+to get a SOCKS5 proxy at local port 1080.
+
+See [USAGE.txt](https://github.com/klzgrad/naiveproxy/blob/master/USAGE.txt) on how to configure `config.json`. See also [Parameter Tuning](https://github.com/klzgrad/naiveproxy/wiki/Parameter-Tuning) to improve client-side performance.
+
+It's possible to run Caddy without Naive server, but you need to remove `padding` from `config.json` and `upstream` from Caddyfile.
 
 ## Build
 
@@ -56,15 +81,14 @@ Prerequisites:
 * MacOS (brew install): git, ninja, ccache (optional)
 * Windows ([choco install](https://chocolatey.org/)): git, python2, ninja, visualstudio2017community. See [Chromium's page](https://chromium.googlesource.com/chromium/src/+/master/docs/windows_build_instructions.md#Visual-Studio) for detail on Visual Studio setup requirements.
 
-
 Build (output to `./out/Release/naive`):
 ```
 git clone https://github.com/klzgrad/naiveproxy.git
 cd naiveproxy/src
 ./get-clang.sh
 ./build.sh
 ```
-The scripts download tools from Google servers with curl. If there is trouble try to set a proxy environment variable for curl, e.g. `export ALL_PROXY=socks5h://127.0.0.1:1080`.
+The scripts download tools from Google servers with curl. You may need to set a proxy environment variable for curl, e.g. `export ALL_PROXY=socks5h://127.0.0.1:1080`.
 
 ## FAQ
 

diff --git a/src/build.sh b/src/build.sh
@@ -6,16 +6,16 @@ mkdir -p "$TMPDIR"
 
 if [ "$1" = debug ]; then
   out=out/Debug
-  flags='
+  flags="$EXTRA_FLAGS
     is_debug=true
-    is_component_build=true'
+    is_component_build=true"
 else
   out=out/Release
-  flags='
+  flags="$EXTRA_FLAGS
     is_official_build=true
     use_jumbo_build=true
     exclude_unwind_tables=true
-    symbol_level=0'
+    symbol_level=0"
 fi
 
 if which ccache >/dev/null 2>&1; then

diff --git a/src/config.json b/src/config.json
@@ -1,6 +1,5 @@
 {
   "listen": "socks://127.0.0.1:1080",
   "proxy": "https://user:[email protected]",
-  "padding": false,
   "log": ""
 }
diff --git a/src/get-clang.sh b/src/get-clang.sh
@@ -31,14 +31,9 @@ fi
 
 # sccache (Windows)
 if [ "$ARCH" = Windows ]; then
-  export PATH="$PATH:$HOME/.cargo/bin"
-  if ! which cargo >/dev/null 2>&1; then
-    curl -OJ https://win.rustup.rs/
-    ./rustup-init.exe -y -v --no-modify-path
-  fi
-  if ! which sccache >/dev/null 2>&1; then
-    cargo install --git https://github.com/mozilla/sccache.git
-  fi
+  sccache_url="https://github.com/mozilla/sccache/releases/download/0.2.8/sccache-0.2.8-x86_64-pc-windows-msvc.tar.gz"
+  mkdir -p ~/.cargo/bin
+  curl -L "$sccache_url" | tar xzf - --strip=1 -C ~/.cargo/bin
 fi
 
 # gn

diff --git a/tests/basic.sh b/tests/basic.sh
@@ -32,63 +32,63 @@ test_naive() {
 
 test_naive 'Default config' socks5h://127.0.0.1:1080 '--log'
 
-echo '{"listen":"socks://127.0.0.1:61080","log":""}' >config.json
-test_naive 'Default config file' socks5h://127.0.0.1:61080 ''
+echo '{"listen":"socks://127.0.0.1:60101","log":""}' >config.json
+test_naive 'Default config file' socks5h://127.0.0.1:60101 ''
 rm -f config.json
 
-echo '{"listen":"socks://127.0.0.1:61080","log":""}' >/tmp/config.json
-test_naive 'Config file' socks5h://127.0.0.1:61080 '/tmp/config.json'
+echo '{"listen":"socks://127.0.0.1:60201","log":""}' >/tmp/config.json
+test_naive 'Config file' socks5h://127.0.0.1:60201 '/tmp/config.json'
 rm -f /tmp/config.json
 
 test_naive 'Trivial - listen scheme only' socks5h://127.0.0.1:1080 \
   '--log --listen=socks://'
 
-test_naive 'Trivial - listen no host' socks5h://127.0.0.1:61080 \
-  '--log --listen=socks://:61080'
+test_naive 'Trivial - listen no host' socks5h://127.0.0.1:60301 \
+  '--log --listen=socks://:60301'
 
 test_naive 'Trivial - listen no port' socks5h://127.0.0.1:1080 \
   '--log --listen=socks://127.0.0.1'
 
-test_naive 'SOCKS-SOCKS' socks5h://127.0.0.1:11080 \
-  '--log --listen=socks://:11080 --proxy=socks://127.0.0.1:21080' \
-  '--log --listen=socks://:21080'
+test_naive 'SOCKS-SOCKS' socks5h://127.0.0.1:60401 \
+  '--log --listen=socks://:60401 --proxy=socks://127.0.0.1:60402' \
+  '--log --listen=socks://:60402'
 
-test_naive 'SOCKS-SOCKS - proxy no port' socks5h://127.0.0.1:11080 \
-  '--log --listen=socks://:11080 --proxy=socks://127.0.0.1' \
+test_naive 'SOCKS-SOCKS - proxy no port' socks5h://127.0.0.1:60501 \
+  '--log --listen=socks://:60501 --proxy=socks://127.0.0.1' \
   '--log --listen=socks://:1080'
 
-test_naive 'SOCKS-HTTP' socks5h://127.0.0.1:11080 \
-  '--log --listen=socks://:11080 --proxy=http://127.0.0.1:28080' \
-  '--log --listen=http://:28080'
-
-test_naive 'HTTP-HTTP' http://127.0.0.1:18080 \
-  '--log --listen=http://:18080 --proxy=http://127.0.0.1:28080' \
-  '--log --listen=http://:28080'
-
-test_naive 'HTTP-SOCKS' http://127.0.0.1:18080 \
-  '--log --listen=http://:18080 --proxy=http://127.0.0.1:21080' \
-  '--log --listen=http://:21080'
-
-test_naive 'SOCKS-HTTP padded' socks5h://127.0.0.1:11080 \
-  '--log --listen=socks://:11080 --proxy=http://127.0.01:28080 --padding' \
-  '--log --listen=http://:28080 --padding'
-
-test_naive 'SOCKS-SOCKS-SOCKS' socks5h://127.0.0.1:11080 \
-  '--log --listen=socks://:11080 --proxy=socks://127.0.0.1:21080' \
-  '--log --listen=socks://:21080 --proxy=socks://127.0.0.1:31080' \
-  '--log --listen=socks://:31080'
-
-test_naive 'SOCKS-HTTP-SOCKS' socks5h://127.0.0.1:11080 \
-  '--log --listen=socks://:11080 --proxy=socks://127.0.0.1:28080' \
-  '--log --listen=socks://:28080 --proxy=socks://127.0.0.1:31080' \
-  '--log --listen=socks://:31080'
-
-test_naive 'HTTP-SOCKS-HTTP' socks5h://127.0.0.1:18080 \
-  '--log --listen=socks://:18080 --proxy=socks://127.0.0.1:21080' \
-  '--log --listen=socks://:21080 --proxy=socks://127.0.0.1:38080' \
-  '--log --listen=socks://:38080'
-
-test_naive 'HTTP-HTTP-HTTP' socks5h://127.0.0.1:18080 \
-  '--log --listen=socks://:18080 --proxy=socks://127.0.0.1:28080' \
-  '--log --listen=socks://:28080 --proxy=socks://127.0.0.1:38080' \
-  '--log --listen=socks://:38080'
+test_naive 'SOCKS-HTTP' socks5h://127.0.0.1:60601 \
+  '--log --listen=socks://:60601 --proxy=http://127.0.0.1:60602' \
+  '--log --listen=http://:60602'
+
+test_naive 'HTTP-HTTP' http://127.0.0.1:60701 \
+  '--log --listen=http://:60701 --proxy=http://127.0.0.1:60702' \
+  '--log --listen=http://:60702'
+
+test_naive 'HTTP-SOCKS' http://127.0.0.1:60801 \
+  '--log --listen=http://:60801 --proxy=http://127.0.0.1:60802' \
+  '--log --listen=http://:60802'
+
+test_naive 'SOCKS-HTTP padded' socks5h://127.0.0.1:60901 \
+  '--log --listen=socks://:60901 --proxy=http://127.0.01:60902 --padding' \
+  '--log --listen=http://:60902 --padding'
+
+test_naive 'SOCKS-SOCKS-SOCKS' socks5h://127.0.0.1:61001 \
+  '--log --listen=socks://:61001 --proxy=socks://127.0.0.1:61002' \
+  '--log --listen=socks://:61002 --proxy=socks://127.0.0.1:61003' \
+  '--log --listen=socks://:61003'
+
+test_naive 'SOCKS-HTTP-SOCKS' socks5h://127.0.0.1:61101 \
+  '--log --listen=socks://:61101 --proxy=socks://127.0.0.1:61102' \
+  '--log --listen=socks://:61102 --proxy=socks://127.0.0.1:61103' \
+  '--log --listen=socks://:61103'
+
+test_naive 'HTTP-SOCKS-HTTP' socks5h://127.0.0.1:61201 \
+  '--log --listen=socks://:61201 --proxy=socks://127.0.0.1:61202' \
+  '--log --listen=socks://:61202 --proxy=socks://127.0.0.1:61203' \
+  '--log --listen=socks://:61203'
+
+test_naive 'HTTP-HTTP-HTTP' socks5h://127.0.0.1:61301 \
+  '--log --listen=socks://:61301 --proxy=socks://127.0.0.1:61302' \
+  '--log --listen=socks://:61302 --proxy=socks://127.0.0.1:61303' \
+  '--log --listen=socks://:61303'