def __init__(self):
self.success_num = 0
self.fail_num = 0
self.continue_fail_num = 0
self.last_fail_time = 0
self.running = True
self.logger = logger
config_path = os.path.join(module_data_path, "tls_relay.json")
self.config = Config(config_path)
self.ca_cert_fn = os.path.join(module_data_path, "tls_relay_CA.crt")
self.openssl_context = SSLContext(logger)
if os.path.isfile(self.ca_cert_fn):
self.openssl_context.set_ca(self.ca_cert_fn)
host_fn = os.path.join(module_data_path, "tls_host.json")
self.host_manager = host_manager.HostManager(host_fn)
self.connect_creator = ConnectCreator(logger, self.config,
self.openssl_context,
self.host_manager)
self.check_ip = CheckIp(xlog.null, self.config, self.connect_creator)
ip_source = IpSimpleSource(self.config.ip_source_ips)
default_ip_list_fn = ""
ip_list_fn = os.path.join(module_data_path, "tls_relay_ip_list.txt")
self.ip_manager = IpManager(logger,
self.config,
ip_source,
check_local_network,
self.check_ip.check_ip,
default_ip_list_fn,
ip_list_fn,
scan_ip_log=None)
for ip in self.config.ip_source_ips:
self.ip_manager.add_ip(ip, 100)
self.connect_manager = ConnectManager(logger, self.config,
self.connect_creator,
self.ip_manager,
check_local_network)
self.http_dispatcher = HttpsDispatcher(logger, self.config,
self.ip_manager,
self.connect_manager)
self.rtts = collections.deque([(0, time.time())])
self.rtts_lock = threading.Lock()
self.traffics = collections.deque()
self.traffics_lock = threading.Lock()
self.recent_sent = 0
self.recent_received = 0
self.total_sent = 0
self.total_received = 0
self.account = ""
self.password = ""
threading.Thread(target=self.debug_data_clearup_thread).start()
def __init__(self):
self.running = True
self.logger = logger
config_path = os.path.join(module_data_path, "tls_relay.json")
self.config = Config(config_path)
self.ca_cert_fn = os.path.join(module_data_path, "tls_relay_CA.crt")
self.openssl_context = SSLContext(logger)
if os.path.isfile(self.ca_cert_fn):
self.openssl_context.set_ca(self.ca_cert_fn)
if not os.path.isdir(module_data_path):
os.mkdir(module_data_path)
if not os.path.isdir(tls_certs_path):
os.mkdir(tls_certs_path)
host_fn = os.path.join(module_data_path, "tls_host.json")
self.host_manager = host_manager.HostManager(host_fn)
self.connect_creator = connect_creator.ConnectCreator(
logger, self.config, self.openssl_context, self.host_manager)
self.check_ip = CheckIp(xlog.null, self.config, self.connect_creator)
ip_source = IpSimpleSource(self.config.ip_source_ips)
default_ip_list_fn = ""
ip_list_fn = os.path.join(module_data_path, "tls_relay_ip_list.txt")
self.ip_manager = IpManager(logger,
self.config,
ip_source,
check_local_network,
self.check_ip.check_ip,
default_ip_list_fn,
ip_list_fn,
scan_ip_log=None)
for ip in self.config.ip_source_ips:
self.ip_manager.add_ip(ip, 100)
self.connect_manager = ConnectManager(logger, self.config,
self.connect_creator,
self.ip_manager,
check_local_network)
self.http_dispatcher = HttpsDispatcher(logger, self.config,
self.ip_manager,
self.connect_manager)
self.account = ""
self.password = ""
def __init__(self):
ca_certs = os.path.join(current_path, "cacert.pem")
openssl_context = SSLContext(
logger,
ca_certs=ca_certs,
cipher_suites=[
b'ALL', b"!RC4-SHA", b"!ECDHE-RSA-RC4-SHA",
b"!ECDHE-RSA-AES128-GCM-SHA256", b"!AES128-GCM-SHA256",
b"!ECDHE-RSA-AES128-SHA", b"!AES128-SHA"
])
# host_manager = HostManagerBase()
host_manager = HostManager()
connect_creator = ConnectCreator(logger,
config,
openssl_context,
host_manager,
debug=True)
self.check_ip = CheckIp(logger, config, connect_creator)
self.lock = threading.Lock()
self.in_fd = open("ipv6_list.txt", "r")
self.out_fd = open(os.path.join(module_data_path, "ipv6_list.txt"),
"w")
def start(self):
self.running = True
self.host_manager = host_manager.HostManager(front.config, logger)
ca_certs = os.path.join(current_path, "cacert.pem")
self.openssl_context = SSLContext(
logger,
ca_certs=ca_certs,
support_http2=False,
cipher_suites=[
b'ALL', b"!RC4-SHA", b"!ECDHE-RSA-RC4-SHA",
b"!ECDHE-RSA-AES128-GCM-SHA256", b"!AES128-GCM-SHA256",
b"!ECDHE-RSA-AES128-SHA", b"!AES128-SHA"
])
self.connect_creator = ConnectCreator(logger, front.config,
self.openssl_context,
self.host_manager)
self.ip_manager = front.ip_manager
self.connect_manager = ConnectManager(logger, front.config,
self.connect_creator,
self.ip_manager,
check_local_network)
self.dispatchs = {}
def __init__(self):
self.logger = logger
config_path = os.path.join(module_data_path, "heroku_front.json")
self.config = Config(config_path)
ca_certs = os.path.join(current_path, "cacert.pem")
self.host_manager = host_manager.HostManager(self.logger,
self.config.appids)
openssl_context = SSLContext(logger, ca_certs=ca_certs)
self.connect_creator = ConnectCreator(logger, self.config,
openssl_context,
self.host_manager)
self.check_ip = CheckIp(xlog.null, self.config, self.connect_creator)
ip_source = None
default_ip_list_fn = os.path.join(current_path, "good_ip.txt")
ip_list_fn = os.path.join(module_data_path, "heroku_ip_list.txt")
self.ip_manager = IpManager(logger,
self.config,
ip_source,
check_local_network,
self.check_ip.check_ip,
default_ip_list_fn,
ip_list_fn,
scan_ip_log=None)
self.connect_manager = ConnectManager(logger, self.config,
self.connect_creator,
self.ip_manager,
check_local_network)
self.http_dispatcher = HttpsDispatcher(logger, self.config,
self.ip_manager,
self.connect_manager)
def __init__(self):
self.running = True
self.last_host = "center.xx-net.net"
self.logger = logger
config_path = os.path.join(module_data_path, "cloudfront_front.json")
self.config = Config(config_path)
sni_fn = os.path.join(current_path, "sni_list.txt")
self.host_manager = host_manager.HostManager(fn=sni_fn, max_size=120)
ca_certs = os.path.join(current_path, "cacert.pem")
openssl_context = SSLContext(logger, ca_certs=ca_certs, support_http2=True)
self.connect_creator = ConnectCreator(logger, self.config, openssl_context, self.host_manager)
self.ip_checker = CheckIp(xlog.null, self.config, self.connect_creator)
ip_source = Ipv4RangeSource(
logger, self.config,
os.path.join(current_path, "ip_range.txt"),
os.path.join(module_data_path, "cloudfront_ip_range.txt")
)
self.ip_manager = IpManager(
logger, self.config, ip_source, check_local_network,
self.check_ip,
os.path.join(current_path, "good_ip.txt"),
os.path.join(module_data_path, "cloudfront_ip_list.txt"),
scan_ip_log=None)
self.connect_manager = ConnectManager(
logger, self.config, self.connect_creator, self.ip_manager, check_local_network)
self.dispatchs = {}
def __init__(self):
self.running = True
self.logger = logger
self.config = config
self.host_manager = host_manager.HostManager(self.config, logger)
ca_certs = os.path.join(current_path, "cacert.pem")
self.openssl_context = SSLContext(
logger,
ca_certs=ca_certs,
support_http2=config.support_http2,
cipher_suites=[
'ALL', "!RC4-SHA", "!ECDHE-RSA-RC4-SHA",
"!ECDHE-RSA-AES128-GCM-SHA256", "!AES128-GCM-SHA256",
"!ECDHE-RSA-AES128-SHA", "!AES128-SHA"
])
self.connect_creator = ConnectCreator(logger, self.config,
self.openssl_context,
self.host_manager)
self.appid_manager = AppidManager(self.config, logger)
self.host_manager.appid_manager = self.appid_manager
self.check_ip = CheckIp(xlog.null, self.config, self.connect_creator)
self.ipv4_source = Ipv4RangeSource(
logger, self.config, os.path.join(current_path, "ip_range.txt"),
os.path.join(module_data_path, "ip_range.txt"))
self.ipv6_source = Ipv6PoolSource(
logger, self.config, os.path.join(current_path, "ipv6_list.txt"))
self.ip_source = IpCombineSource(logger, self.config, self.ipv4_source,
self.ipv6_source)
self.ip_manager = IpManager(logger,
self.config,
self.ip_source,
check_local_network,
self.check_ip.check_ip,
None,
os.path.join(module_data_path,
"good_ip.txt"),
scan_ip_log=None)
self.appid_manager.check_api = self.check_ip.check_ip
self.appid_manager.ip_manager = self.ip_manager
self.connect_manager = ConnectManager(logger, self.config,
self.connect_creator,
self.ip_manager,
check_local_network)
self.http_dispatcher = HttpsDispatcher(logger, self.config,
self.ip_manager,
self.connect_manager)
def __init__(self):
self.running = True
self.last_host = "center.xx-net.net"
self.logger = logger
config_path = os.path.join(module_data_path, "cloudflare_front.json")
self.config = Config(config_path)
ca_certs = os.path.join(current_path, "cacert.pem")
default_domain_fn = os.path.join(current_path, "front_domains.json")
domain_fn = os.path.join(module_data_path, "cloudflare_domains.json")
self.host_manager = host_manager.HostManager(self.config, logger,
default_domain_fn,
domain_fn, self)
openssl_context = SSLContext(logger, ca_certs=ca_certs)
self.connect_creator = ConnectCreator(logger, self.config,
openssl_context,
self.host_manager)
self.check_ip = CheckIp(xlog.null, self.config, self.connect_creator)
ip_source = Ipv4RangeSource(
logger, self.config, os.path.join(current_path, "ip_range.txt"),
os.path.join(module_data_path, "cloudflare_ip_range.txt"))
self.ip_manager = IpManager(logger,
self.config,
ip_source,
check_local_network,
self.check_ip.check_ip,
os.path.join(current_path, "good_ip.txt"),
os.path.join(module_data_path,
"cloudflare_ip_list.txt"),
scan_ip_log=None)
self.connect_manager = ConnectManager(logger, self.config,
self.connect_creator,
self.ip_manager,
check_local_network)
self.dispatchs = {}
self.success_num = 0
self.fail_num = 0
self.continue_fail_num = 0
self.last_fail_time = 0
self.rtts = collections.deque([(0, time.time())])
self.rtts_lock = threading.Lock()
self.traffics = collections.deque()
self.traffics_lock = threading.Lock()
self.recent_sent = 0
self.recent_received = 0
self.total_sent = 0
self.total_received = 0
threading.Thread(target=self.debug_data_clearup_thread).start()
def __init__(self):
self.success_num = 0
self.fail_num = 0
self.continue_fail_num = 0
self.last_fail_time = 0
self.running = True
self.logger = logger
config_path = os.path.join(module_data_path, "tls_relay.json")
self.config = Config(config_path)
self.ca_cert_fn = os.path.join(module_data_path, "tls_relay_CA.crt")
self.openssl_context = SSLContext(logger)
if os.path.isfile(self.ca_cert_fn):
self.openssl_context.set_ca(self.ca_cert_fn)
host_fn = os.path.join(module_data_path, "tls_host.json")
self.host_manager = host_manager.HostManager(host_fn)
self.connect_creator = ConnectCreator(logger, self.config, self.openssl_context, self.host_manager)
self.check_ip = CheckIp(xlog.null, self.config, self.connect_creator)
ip_source = IpSimpleSource(self.config.ip_source_ips)
default_ip_list_fn = ""
ip_list_fn = os.path.join(module_data_path, "tls_relay_ip_list.txt")
self.ip_manager = IpManager(logger, self.config, ip_source, check_local_network, self.check_ip.check_ip,
default_ip_list_fn, ip_list_fn, scan_ip_log=None)
for ip in self.config.ip_source_ips:
self.ip_manager.add_ip(ip, 100)
self.connect_manager = ConnectManager(logger, self.config, self.connect_creator, self.ip_manager, check_local_network)
self.http_dispatcher = HttpsDispatcher(logger, self.config, self.ip_manager, self.connect_manager)
self.rtts = collections.deque([(0, time.time())])
self.rtts_lock = threading.Lock()
self.traffics = collections.deque()
self.traffics_lock = threading.Lock()
self.recent_sent = 0
self.recent_received = 0
self.total_sent = 0
self.total_received = 0
self.account = ""
self.password = ""
threading.Thread(target=self.debug_data_clearup_thread).start()
def start(self):
self.running = True
ca_certs = os.path.join(current_path, "cacert.pem")
self.openssl_context = SSLContext(
logger,
ca_certs=ca_certs,
support_http2=config.support_http2,
cipher_suites=[
'ALL', "!RC4-SHA", "!ECDHE-RSA-RC4-SHA",
"!ECDHE-RSA-AES128-GCM-SHA256", "!AES128-GCM-SHA256",
"!ECDHE-RSA-AES128-SHA", "!AES128-SHA"
])
self.appid_manager = AppidManager(self.config, logger)
self.host_manager = host_manager.HostManager(self.config, logger)
self.host_manager.appid_manager = self.appid_manager
self.connect_creator = ConnectCreator(logger, self.config,
self.openssl_context,
self.host_manager)
#self.ip_checker = CheckIp(logger, self.config, self.connect_creator)
self.ipv6_source = Ipv6PoolSource(logger, self.config, "ipv6_list.txt")
self.ip_source = self.ipv6_source
self.ip_manager = IpManager(logger,
self.config,
self.ip_source,
check_local_network,
None,
os.path.join(data_path, "good_ip.txt"),
scan_ip_log=None)
#self.appid_manager.check_api = self.ip_checker.check_ip
self.appid_manager.ip_manager = self.ip_manager
self.connect_manager = ConnectManager(logger, self.config,
self.connect_creator,
self.ip_manager,
check_local_network)
self.http_dispatcher = HttpsDispatcher(logger, self.config,
self.ip_manager,
self.connect_manager)
def check_one(ip, top_domain, wait_time):
config_path = os.path.join(module_data_path, "heroku_front.json")
config = Config(config_path)
openssl_context = SSLContext(logger)
host_manager = HostManagerBase()
connect_creator = ConnectCreator(logger, config, openssl_context, host_manager,
debug=True)
check_ip = CheckIp(logger, config, connect_creator)
res = check_ip.check_ip(ip, host=top_domain, wait_time=wait_time)
if not res:
print("connect fail")
elif res.ok:
print(("success, domain:%s handshake:%d" % (res.domain, res.handshake_time)))
else:
print("not support")
def __init__(self):
config_path = os.path.join(module_data_path, "heroku_front.json")
config = Config(config_path)
openssl_context = SSLContext(logger)
host_manager = HostManagerBase()
connect_creator = ConnectCreator(logger, config, openssl_context, host_manager,
debug=True)
self.check_ip = CheckIp(logger, config, connect_creator)
self.lock = threading.Lock()
self.in_fd = open("good_ip.txt", "r")
self.out_fd = open(
os.path.join(module_data_path, "heroku_checked_ip.txt"),
"w"
)
def __init__(self):
self.running = True
self.last_host = "center.xx-net.org"
self.logger = logger
config_path = os.path.join(module_data_path, "cloudflare_front.json")
self.config = Config(config_path)
self.light_config = Config(config_path)
self.light_config.dispather_min_workers = 1
self.light_config.max_good_ip_num = 10
ca_certs = os.path.join(current_path, "cacert.pem")
default_domain_fn = os.path.join(current_path, "front_domains.json")
domain_fn = os.path.join(module_data_path, "cloudflare_domains.json")
self.host_manager = host_manager.HostManager(self.config, logger,
default_domain_fn,
domain_fn, self)
openssl_context = SSLContext(logger, ca_certs=ca_certs)
self.connect_creator = ConnectCreator(logger, self.config,
openssl_context,
self.host_manager)
self.check_ip = CheckIp(xlog.null, self.config, self.connect_creator)
ip_source = Ipv4RangeSource(
logger, self.config, os.path.join(current_path, "ip_range.txt"),
os.path.join(module_data_path, "cloudflare_ip_range.txt"))
self.ip_manager = IpManager(logger,
self.config,
ip_source,
check_local_network,
self.check_ip.check_ip,
os.path.join(current_path, "good_ip.txt"),
os.path.join(module_data_path,
"cloudflare_ip_list.txt"),
scan_ip_log=None)
self.connect_manager = ConnectManager(logger, self.config,
self.connect_creator,
self.ip_manager,
check_local_network)
self.dispatchs = {}
def start(self):
self.running = True
ca_certs = 'cacert.pem'
self.openssl_context = SSLContext(
logger,
ca_certs=ca_certs,
support_http2=config.support_http2,
protocol="TLSv1_2"
#cipher_suites=[b'ALL', b"!RC4-SHA", b"!ECDHE-RSA-RC4-SHA", b"!ECDHE-RSA-AES128-GCM-SHA256",
# b"!AES128-GCM-SHA256", b"!ECDHE-RSA-AES128-SHA", b"!AES128-SHA"]
)
self.appid_manager = AppidManager(self.config, logger)
self.host_manager = host_manager.HostManager(self.config, logger)
self.host_manager.appid_manager = self.appid_manager
self.connect_creator = ConnectCreator(logger, self.config,
self.openssl_context,
self.host_manager)
# self.ip_checker = CheckIp(xlog.null, self.config, self.connect_creator)
self.ip_manager = IpManager(logger,
self.config,
check_local_network,
None,
'good_ip.txt',
scan_ip_log=None)
# self.appid_manager.check_api = self.ip_checker.check_ip
self.appid_manager.ip_manager = self.ip_manager
self.connect_manager = ConnectManager(logger, self.config,
self.connect_creator,
self.ip_manager,
check_local_network)
self.http_dispatcher = HttpsDispatcher(logger, self.config,
self.ip_manager,
self.connect_manager)
def start(self):
self.running = True
self.host_manager = host_manager.HostManager(front.config, logger)
ca_certs = 'cacert.pem'
self.openssl_context = SSLContext(logger,
ca_certs=ca_certs,
support_http2=False,
protocol="TLSv1_2")
self.connect_creator = ConnectCreator(logger, front.config,
self.openssl_context,
self.host_manager)
self.ip_manager = front.ip_manager
self.connect_manager = ConnectManager(logger, front.config,
self.connect_creator,
self.ip_manager,
check_local_network)
self.dispatchs = {}
print(("test ip:%s" % ip))
if len(sys.argv) > 2:
top_domain = sys.argv[2]
else:
top_domain = None
if len(sys.argv) > 3:
wait_time = int(sys.argv[3])
else:
wait_time = 0
config_path = os.path.join(module_data_path, "tls_relay.json")
config = Config(config_path)
openssl_context = SSLContext(logger)
host_fn = os.path.join(module_data_path, "tls_host.json")
host_manager = HostManager(host_fn)
connect_creator = ConnectCreator(logger, config, openssl_context,
host_manager)
check_ip = CheckIp(logger, config, connect_creator)
res = check_ip.check_ip(ip,
sni=top_domain,
host=top_domain,
wait_time=wait_time)
if not res:
print("connect fail")
elif res.ok:
print(("success, domain:%s handshake:%d" %
class Front(object):
name = "tls_relay_front"
def __init__(self):
self.running = True
self.logger = logger
config_path = os.path.join(module_data_path, "tls_relay.json")
self.config = Config(config_path)
self.ca_cert_fn = os.path.join(module_data_path, "tls_relay_CA.crt")
self.openssl_context = SSLContext(logger)
if os.path.isfile(self.ca_cert_fn):
self.openssl_context.set_ca(self.ca_cert_fn)
host_fn = os.path.join(module_data_path, "tls_host.json")
self.host_manager = host_manager.HostManager(host_fn)
self.connect_creator = ConnectCreator(logger, self.config,
self.openssl_context,
self.host_manager)
self.check_ip = CheckIp(xlog.null, self.config, self.connect_creator)
ip_source = IpSimpleSource(self.config.ip_source_ips)
default_ip_list_fn = ""
ip_list_fn = os.path.join(module_data_path, "tls_relay_ip_list.txt")
self.ip_manager = IpManager(logger,
self.config,
ip_source,
check_local_network,
self.check_ip.check_ip,
default_ip_list_fn,
ip_list_fn,
scan_ip_log=None)
for ip in self.config.ip_source_ips:
self.ip_manager.add_ip(ip, 100)
self.connect_manager = ConnectManager(logger, self.config,
self.connect_creator,
self.ip_manager,
check_local_network)
self.http_dispatcher = HttpsDispatcher(logger, self.config,
self.ip_manager,
self.connect_manager)
self.account = ""
self.password = ""
def get_dispatcher(self, host=None):
return self.http_dispatcher
def set_x_tunnel_account(self, account, password):
self.account = account
self.password = password
def set_ips(self, ips):
if not ips:
return
host_info = {}
ca_certs = []
ipss = []
for ip in ips:
dat = ips[ip]
ca_cert = dat["ca_crt"]
sni = dat["sni"]
host_info[ip] = {"sni": sni, "ca_crt": ca_cert}
if ca_cert not in ca_certs:
ca_certs.append(ca_cert)
ipss.append(ip)
self.ip_manager.update_ips(ipss)
self.ip_manager.save(True)
self.host_manager.set_host(host_info)
ca_content = "\n\n".join(ca_certs)
with open(self.ca_cert_fn, "w") as fd:
fd.write(ca_content)
self.openssl_context.set_ca(self.ca_cert_fn)
self.logger.info("set_ips:%s", ",".join(ipss))
def request(self,
method,
host,
path="/",
headers={},
data="",
timeout=120):
headers = dict(headers)
headers["XX-Account"] = self.account
response = self.http_dispatcher.request(method,
host,
path,
dict(headers),
data,
timeout=timeout)
if not response:
logger.warn("req %s get response timeout", path)
return "", 602, {}
status = response.status
content = response.task.read_all()
if status == 200:
logger.debug("%s %s%s status:%d trace:%s", method, host, path,
status, response.task.get_trace())
else:
logger.warn("%s %s%s status:%d trace:%s", method, host, path,
status, response.task.get_trace())
return content, status, response
def stop(self):
logger.info("terminate")
self.connect_manager.set_ssl_created_cb(None)
self.http_dispatcher.stop()
self.connect_manager.stop()
self.ip_manager.stop()
self.running = False
def set_proxy(self, args):
logger.info("set_proxy:%s", args)
self.config.PROXY_ENABLE = args["enable"]
self.config.PROXY_TYPE = args["type"]
self.config.PROXY_HOST = args["host"]
self.config.PROXY_PORT = args["port"]
self.config.PROXY_USER = args["user"]
self.config.PROXY_PASSWD = args["passwd"]
self.config.save()
self.connect_creator.update_config()
if len(args):
sni = args.pop(0)
# print("Usage: check_ip.py [ip] [top_domain] [wait_time=0]")
xlog.info("test ip:%s", ip)
xlog.info("host:%s", host)
xlog.info("sni:%s", sni)
wait_time = 0
config_path = os.path.join(module_data_path, "cloudflare_front.json")
config = Config(config_path)
ca_certs = os.path.join(current_path, "cacert.pem")
openssl_context = SSLContext(logger, ca_certs=ca_certs)
host_manager = HostManagerBase()
connect_creator = ConnectCreator(logger, config, openssl_context, host_manager, debug=True)
check_ip = CheckIp(logger, config, connect_creator)
#check_all_domain(check_ip)
#check_all_ip(check_ip)
res = check_ip.check_ip(ip, sni=sni, host=host, wait_time=wait_time)
if not res:
xlog.warn("connect fail")
elif res.ok:
xlog.info("success, domain:%s handshake:%d", res.host, res.handshake_time)
else:
xlog.warn("not support")
if len(args):
sni = args.pop(0)
# print("Usage: check_ip.py [ip] [top_domain] [wait_time=0]")
xlog.info("test ip:%s", ip)
xlog.info("host:%s", host)
xlog.info("sni:%s", sni)
wait_time = 0
config_path = os.path.join(module_data_path, "cloudflare_front.json")
config = Config(config_path)
ca_certs = os.path.join(current_path, "cacert.pem")
openssl_context = SSLContext(logger, ca_certs=ca_certs, support_http2=True)
host_manager = HostManagerBase()
connect_creator = ConnectCreator(logger,
config,
openssl_context,
host_manager,
debug=True)
check_ip = CheckIp(logger, config, connect_creator)
#check_all_domain(check_ip)
#check_all_ip(check_ip)
res = check_ip.check_ip(ip, sni=sni, host=host, wait_time=wait_time)
if not res:
xlog.warn("connect fail")
elif res.ok:
print("test ip:%s" % ip)
if len(sys.argv) > 2:
top_domain = sys.argv[2]
else:
top_domain = None
if len(sys.argv) > 3:
wait_time = int(sys.argv[3])
else:
wait_time = 0
ca_certs = os.path.join(current_path, "cacert.pem")
openssl_context = SSLContext(
logger, ca_certs=ca_certs,
cipher_suites=['ALL', "!RC4-SHA", "!ECDHE-RSA-RC4-SHA", "!ECDHE-RSA-AES128-GCM-SHA256",
"!AES128-GCM-SHA256", "!ECDHE-RSA-AES128-SHA", "!AES128-SHA"]
)
host_manager = HostManagerBase()
connect_creator = ConnectCreator(logger, config, openssl_context, host_manager,
debug=True)
check_ip = CheckIp(logger, config, connect_creator)
res = check_ip.check_ip(ip, host=top_domain, wait_time=wait_time)
if not res:
print("connect fail")
elif res.ok:
print("success, domain:%s handshake:%d" % (res.host, res.handshake_time))
else:
print("not support")
print("Usage: check_ip.py [ip] [top_domain] [wait_time=0]")
xlog.info("test ip:%s", ip)
if len(sys.argv) > 2:
host = sys.argv[2]
xlog.info("host:%s", host)
if len(sys.argv) > 3:
wait_time = int(sys.argv[3])
else:
wait_time = 0
config_path = os.path.join(module_data_path, "cloudfront_front.json")
config = Config(config_path)
openssl_context = SSLContext(logger, support_http2=True)
host_manager = HostManagerBase()
connect_creator = ConnectCreator(logger,
config,
openssl_context,
host_manager,
debug=True)
check_ip = CheckIp(logger, config, connect_creator)
#check_all_ip(check_ip)
#exit(0)
res = check_ip.check_ip(ip, sni=sni, host=host, wait_time=wait_time)
if not res:
xlog.warn("connect fail")
elif res.ok:
class Front(object):
name = "tls_relay_front"
def __init__(self):
self.success_num = 0
self.fail_num = 0
self.continue_fail_num = 0
self.last_fail_time = 0
self.running = True
self.logger = logger
config_path = os.path.join(module_data_path, "tls_relay.json")
self.config = Config(config_path)
self.ca_cert_fn = os.path.join(module_data_path, "tls_relay_CA.crt")
self.openssl_context = SSLContext(logger)
if os.path.isfile(self.ca_cert_fn):
self.openssl_context.set_ca(self.ca_cert_fn)
host_fn = os.path.join(module_data_path, "tls_host.json")
self.host_manager = host_manager.HostManager(host_fn)
self.connect_creator = ConnectCreator(logger, self.config,
self.openssl_context,
self.host_manager)
self.check_ip = CheckIp(xlog.null, self.config, self.connect_creator)
ip_source = IpSimpleSource(self.config.ip_source_ips)
default_ip_list_fn = ""
ip_list_fn = os.path.join(module_data_path, "tls_relay_ip_list.txt")
self.ip_manager = IpManager(logger,
self.config,
ip_source,
check_local_network,
self.check_ip.check_ip,
default_ip_list_fn,
ip_list_fn,
scan_ip_log=None)
for ip in self.config.ip_source_ips:
self.ip_manager.add_ip(ip, 100)
self.connect_manager = ConnectManager(logger, self.config,
self.connect_creator,
self.ip_manager,
check_local_network)
self.http_dispatcher = HttpsDispatcher(logger, self.config,
self.ip_manager,
self.connect_manager)
self.rtts = collections.deque([(0, time.time())])
self.rtts_lock = threading.Lock()
self.traffics = collections.deque()
self.traffics_lock = threading.Lock()
self.recent_sent = 0
self.recent_received = 0
self.total_sent = 0
self.total_received = 0
self.account = ""
self.password = ""
threading.Thread(target=self.debug_data_clearup_thread).start()
def set_x_tunnel_account(self, account, password):
self.account = account
self.password = password
def log_debug_data(self, rtt, sent, received):
now = time.time()
self.rtts.append((rtt, now))
with self.traffics_lock:
self.traffics.append((sent, received, now))
self.recent_sent += sent
self.recent_received += received
self.total_sent += sent
self.total_received += received
def get_rtt(self):
now = time.time()
while len(self.rtts) > 1:
with self.rtts_lock:
rtt, log_time = rtt_log = max(self.rtts)
if now - log_time > 5:
self.rtts.remove(rtt_log)
continue
return rtt
return self.rtts[0][0]
def debug_data_clearup_thread(self):
while self.running:
now = time.time()
with self.rtts_lock:
if len(self.rtts) > 1 and now - self.rtts[0][-1] > 5:
self.rtts.popleft()
with self.traffics_lock:
if self.traffics and now - self.traffics[0][-1] > 60:
sent, received, _ = self.traffics.popleft()
self.recent_sent -= sent
self.recent_received -= received
time.sleep(1)
def worker_num(self):
return len(self.http_dispatcher.workers)
def set_ips(self, ips):
if not ips:
return
host_info = {}
ca_certs = []
ipss = []
for ip in ips:
dat = ips[ip]
ca_cert = dat["ca_crt"]
sni = dat["sni"]
host_info[ip] = {"sni": sni, "ca_crt": ca_cert}
if ca_cert not in ca_certs:
ca_certs.append(ca_cert)
ipss.append(ip)
self.ip_manager.update_ips(ipss)
self.ip_manager.save(True)
self.host_manager.set_host(host_info)
ca_content = "\n\n".join(ca_certs)
with open(self.ca_cert_fn, "w") as fd:
fd.write(ca_content)
self.openssl_context.set_ca(self.ca_cert_fn)
self.logger.info("set_ips:%s", ",".join(ipss))
def get_score(self, host=None):
now = time.time()
if now - self.last_fail_time < self.config.front_continue_fail_block and \
self.continue_fail_num > self.config.front_continue_fail_num:
return None
worker = self.http_dispatcher.get_worker(nowait=True)
if not worker:
return None
return worker.get_score()
def request(self,
method,
host,
path="/",
headers={},
data="",
timeout=120):
headers = dict(headers)
headers["XX-Account"] = self.account
response = self.http_dispatcher.request(method,
host,
path,
dict(headers),
data,
timeout=timeout)
if not response:
logger.warn("req %s get response timeout", path)
return "", 602, {}
status = response.status
if status not in [200, 405]:
# logger.warn("front request %s %s%s fail, status:%d", method, host, path, status)
self.fail_num += 1
self.continue_fail_num += 1
self.last_fail_time = time.time()
else:
self.success_num += 1
self.continue_fail_num = 0
content = response.task.read_all()
if status == 200:
logger.debug("%s %s%s status:%d trace:%s", method, host, path,
status, response.task.get_trace())
else:
logger.warn("%s %s%s status:%d trace:%s", method, host, path,
status, response.task.get_trace())
return content, status, response
def stop(self):
logger.info("terminate")
self.connect_manager.set_ssl_created_cb(None)
self.http_dispatcher.stop()
self.connect_manager.stop()
self.ip_manager.stop()
self.running = False
def set_proxy(self, args):
logger.info("set_proxy:%s", args)
self.config.PROXY_ENABLE = args["enable"]
self.config.PROXY_TYPE = args["type"]
self.config.PROXY_HOST = args["host"]
self.config.PROXY_PORT = args["port"]
self.config.PROXY_USER = args["user"]
self.config.PROXY_PASSWD = args["passwd"]
self.config.save()
self.connect_creator.update_config()
xlog.info(("test ip:%s" % ip))
if len(sys.argv) > 2:
top_domain = sys.argv[2]
else:
top_domain = None
if len(sys.argv) > 3:
wait_time = int(sys.argv[3])
else:
wait_time = 0
ca_certs = os.path.join(current_path, "cacert.pem")
openssl_context = SSLContext(
logger, ca_certs=ca_certs,
protocol="TLSv1_2"
# cipher_suites=[b'ALL', b"!RC4-SHA", b"!ECDHE-RSA-RC4-SHA", b"!ECDHE-RSA-AES128-GCM-SHA256",
# b"!AES128-GCM-SHA256", b"!ECDHE-RSA-AES128-SHA", b"!AES128-SHA"]
)
host_manager = HostManager(config, logger)
connect_creator = ConnectCreator(logger, config, openssl_context, host_manager,
debug=True)
check_ip = CheckIp(logger, config, connect_creator)
res = check_ip.check_ip(ip, host=top_domain, wait_time=wait_time)
if not res:
xlog.info("connect fail")
elif res.ok:
xlog.info(("success, domain:%s handshake:%d" % (res.host, res.handshake_time)))
else:
xlog.info("not support")
class Front(object):
name = "tls_relay_front"
def __init__(self):
self.success_num = 0
self.fail_num = 0
self.continue_fail_num = 0
self.last_fail_time = 0
self.running = True
self.logger = logger
config_path = os.path.join(module_data_path, "tls_relay.json")
self.config = Config(config_path)
self.ca_cert_fn = os.path.join(module_data_path, "tls_relay_CA.crt")
self.openssl_context = SSLContext(logger)
if os.path.isfile(self.ca_cert_fn):
self.openssl_context.set_ca(self.ca_cert_fn)
host_fn = os.path.join(module_data_path, "tls_host.json")
self.host_manager = host_manager.HostManager(host_fn)
self.connect_creator = ConnectCreator(logger, self.config, self.openssl_context, self.host_manager)
self.check_ip = CheckIp(xlog.null, self.config, self.connect_creator)
ip_source = IpSimpleSource(self.config.ip_source_ips)
default_ip_list_fn = ""
ip_list_fn = os.path.join(module_data_path, "tls_relay_ip_list.txt")
self.ip_manager = IpManager(logger, self.config, ip_source, check_local_network, self.check_ip.check_ip,
default_ip_list_fn, ip_list_fn, scan_ip_log=None)
for ip in self.config.ip_source_ips:
self.ip_manager.add_ip(ip, 100)
self.connect_manager = ConnectManager(logger, self.config, self.connect_creator, self.ip_manager, check_local_network)
self.http_dispatcher = HttpsDispatcher(logger, self.config, self.ip_manager, self.connect_manager)
self.rtts = collections.deque([(0, time.time())])
self.rtts_lock = threading.Lock()
self.traffics = collections.deque()
self.traffics_lock = threading.Lock()
self.recent_sent = 0
self.recent_received = 0
self.total_sent = 0
self.total_received = 0
self.account = ""
self.password = ""
threading.Thread(target=self.debug_data_clearup_thread).start()
def set_x_tunnel_account(self, account, password):
self.account = account
self.password = password
def log_debug_data(self, rtt, sent, received):
now = time.time()
self.rtts.append((rtt, now))
with self.traffics_lock:
self.traffics.append((sent, received, now))
self.recent_sent += sent
self.recent_received += received
self.total_sent += sent
self.total_received += received
def get_rtt(self):
now = time.time()
while len(self.rtts) > 1:
with self.rtts_lock:
rtt, log_time = rtt_log = max(self.rtts)
if now - log_time > 5:
self.rtts.remove(rtt_log)
continue
return rtt
return self.rtts[0][0]
def debug_data_clearup_thread(self):
while self.running:
now = time.time()
with self.rtts_lock:
if len(self.rtts) > 1 and now - self.rtts[0][-1] > 5:
self.rtts.popleft()
with self.traffics_lock:
if self.traffics and now - self.traffics[0][-1] > 60:
sent, received, _ = self.traffics.popleft()
self.recent_sent -= sent
self.recent_received -= received
time.sleep(1)
def worker_num(self):
return len(self.http_dispatcher.workers)
def set_ips(self, ips):
if not ips:
return
host_info = {}
ca_certs = []
ipss = []
for ip in ips:
dat = ips[ip]
ca_cert = dat["ca_crt"]
sni = dat["sni"]
host_info[ip] = {"sni":sni, "ca_crt":ca_cert}
if ca_cert not in ca_certs:
ca_certs.append(ca_cert)
ipss.append(ip)
self.ip_manager.update_ips(ipss)
self.ip_manager.save(True)
self.host_manager.set_host(host_info)
ca_content = "\n\n".join(ca_certs)
with open(self.ca_cert_fn, "w") as fd:
fd.write(ca_content)
self.openssl_context.set_ca(self.ca_cert_fn)
self.logger.info("set_ips:%s", ",".join(ipss))
def get_score(self, host=None):
now = time.time()
if now - self.last_fail_time < self.config.front_continue_fail_block and \
self.continue_fail_num > self.config.front_continue_fail_num:
return None
worker = self.http_dispatcher.get_worker(nowait=True)
if not worker:
return None
return worker.get_score()
def request(self, method, host, path="/", headers={}, data="", timeout=120):
headers = dict(headers)
headers["XX-Account"] = self.account
response = self.http_dispatcher.request(method, host, path, dict(headers), data, timeout=timeout)
if not response:
logger.warn("req %s get response timeout", path)
return "", 602, {}
status = response.status
if status not in [200, 405]:
# logger.warn("front request %s %s%s fail, status:%d", method, host, path, status)
self.fail_num += 1
self.continue_fail_num += 1
self.last_fail_time = time.time()
else:
self.success_num += 1
self.continue_fail_num = 0
content = response.task.read_all()
if status == 200:
logger.debug("%s %s%s status:%d trace:%s", method, host, path, status,
response.task.get_trace())
else:
logger.warn("%s %s%s status:%d trace:%s", method, host, path, status,
response.task.get_trace())
return content, status, response
def stop(self):
logger.info("terminate")
self.connect_manager.set_ssl_created_cb(None)
self.http_dispatcher.stop()
self.connect_manager.stop()
self.ip_manager.stop()
self.running = False
def set_proxy(self, args):
logger.info("set_proxy:%s", args)
self.config.PROXY_ENABLE = args["enable"]
self.config.PROXY_TYPE = args["type"]
self.config.PROXY_HOST = args["host"]
self.config.PROXY_PORT = args["port"]
self.config.PROXY_USER = args["user"]
self.config.PROXY_PASSWD = args["passwd"]
self.config.save()
self.connect_creator.update_config()
