48ebd8f0e5
From the Tor project page: obfsproxy is a tool that attempts to circumvent censorship, by transforming the Tor traffic between the client and the bridge. This way, censors, who usually monitor traffic between the client and the bridge, will see innocent-looking transformed traffic instead of the actual Tor traffic. This depends on: - pyptlib (#2053) - twisted (#2052) Also, txsocksx (#2058) is necessary to use an outgoing SOCKS proxy, and having either gmpy2 (#2067) or gmpy (#2051) installed will help speed up calculations. Signed-off-by: Jeffery To <jeffery.to@gmail.com>
158 lines
3.6 KiB
Bash
158 lines
3.6 KiB
Bash
#!/bin/sh /etc/rc.common
|
|
# Copyright (C) 2016 OpenWrt.org
|
|
|
|
START=80
|
|
STOP=20
|
|
USE_PROCD=1
|
|
|
|
PROG=/usr/bin/obfsproxy
|
|
|
|
append_arg() {
|
|
local cfg="$1"
|
|
local var="$2"
|
|
local opt="$3"
|
|
local def="$4"
|
|
local val
|
|
|
|
config_get val "$cfg" "$var"
|
|
[ -n "$val" -o -n "$def" ] && procd_append_param command "$opt" "${val:-$def}"
|
|
}
|
|
|
|
append_bool() {
|
|
local cfg="$1"
|
|
local var="$2"
|
|
local opt="$3"
|
|
local def="$4"
|
|
local val
|
|
|
|
config_get_bool val "$cfg" "$var" "$def"
|
|
[ "$val" = 1 ] && procd_append_param command "$opt"
|
|
}
|
|
|
|
append_plain() {
|
|
procd_append_param command "$1"
|
|
}
|
|
|
|
append_param() {
|
|
local cfg="$1"
|
|
local var="$2"
|
|
local opt="$3"
|
|
local def="$4"
|
|
local val
|
|
|
|
config_get val "$cfg" "$var"
|
|
[ -n "$val" -o -n "$def" ] && procd_append_param "$opt" "${val:-$def}"
|
|
}
|
|
|
|
append_proxy_spec() {
|
|
local cfg="$1"
|
|
local scheme_var="$2"
|
|
local username_var="$3"
|
|
local password_var="$4"
|
|
local host_var="$5"
|
|
local port_var="$6"
|
|
local opt="$7"
|
|
local def="$8"
|
|
local scheme
|
|
local username
|
|
local password
|
|
local host
|
|
local port
|
|
local login
|
|
local val
|
|
|
|
config_get scheme "$cfg" "$scheme_var"
|
|
config_get username "$cfg" "$username_var"
|
|
config_get password "$cfg" "$password_var"
|
|
config_get host "$cfg" "$host_var"
|
|
config_get port "$cfg" "$port_var"
|
|
[ "$username" ] && login="$username${password:+:$password}@"
|
|
[ -n "$scheme" -a -n "$host" -a -n "$port" ] && val="$scheme://$login$host:$port"
|
|
[ -n "$val" -o -n "$def" ] && procd_append_param command "$opt" "${val:-$def}"
|
|
}
|
|
|
|
append_host_port() {
|
|
local cfg="$1"
|
|
local host_var="$2"
|
|
local port_var="$3"
|
|
local opt="$4"
|
|
local def="$5"
|
|
local host
|
|
local port
|
|
local val
|
|
|
|
config_get host "$cfg" "$host_var"
|
|
config_get port "$cfg" "$port_var"
|
|
[ -n "$host" -a -n "$port" ] && val="$host:$port"
|
|
[ -n "$val" -o -n "$def" ] && {
|
|
[ "$opt" ] && procd_append_param command "$opt"
|
|
procd_append_param command "${val:-$def}"
|
|
}
|
|
}
|
|
|
|
start_instance() {
|
|
local cfg="$1"
|
|
local lib_dir="/var/lib/obfsproxy/$cfg"
|
|
local redirect=0
|
|
local enabled
|
|
local user
|
|
local transport
|
|
local password
|
|
local log_min_severity
|
|
|
|
config_get_bool enabled "$cfg" 'enabled' '0'
|
|
[ "$enabled" = 0 ] && return 1
|
|
|
|
config_get user "$cfg" 'user' 'root'
|
|
config_get transport "$cfg" 'transport'
|
|
[ "$transport" = "scramblesuit" ] && config_get password "$cfg" 'password'
|
|
|
|
[ -d "$lib_dir" ] || {
|
|
mkdir -m 0755 -p "$lib_dir/data"
|
|
chmod -R 0700 "$lib_dir"
|
|
}
|
|
[ "$password" ] && {
|
|
echo "$password" > "$lib_dir/secret"
|
|
chmod 0600 "$lib_dir/secret"
|
|
}
|
|
chown -R "$user:" "$lib_dir"
|
|
|
|
config_get log_min_severity "$cfg" 'log_min_severity'
|
|
[ "$log_min_severity" = "debug" ] && redirect=1
|
|
|
|
procd_open_instance
|
|
|
|
procd_set_param command "$PROG" --data-dir "$lib_dir/data" --syslog "obfsproxy($cfg)"
|
|
|
|
append_arg "$cfg" log_file "--log-file"
|
|
append_arg "$cfg" log_min_severity "--log-min-severity"
|
|
append_bool "$cfg" no_log "--no-log"
|
|
append_bool "$cfg" no_safe_logging "--no-safe-logging"
|
|
append_proxy_spec "$cfg" proxy_scheme proxy_username proxy_password proxy_host proxy_port "--proxy"
|
|
|
|
append_param "$cfg" transport command
|
|
[ "$transport" = "obfs2" ] && append_arg "$cfg" password "--shared-secret"
|
|
[ "$password" ] && procd_append_param command "--password-file" "$lib_dir/secret"
|
|
|
|
append_param "$cfg" mode command
|
|
append_host_port "$cfg" dest_host dest_port "--dest"
|
|
append_arg "$cfg" ext_cookie_file "--ext-cookie-file"
|
|
|
|
append_host_port "$cfg" listen_host listen_port
|
|
|
|
procd_set_param respawn
|
|
procd_set_param stdout $redirect
|
|
procd_set_param stderr $redirect
|
|
append_param "$cfg" user user
|
|
|
|
procd_close_instance
|
|
}
|
|
|
|
service_triggers() {
|
|
procd_add_reload_trigger obfsproxy
|
|
}
|
|
|
|
start_service() {
|
|
config_load obfsproxy
|
|
config_foreach start_instance obfsproxy
|
|
}
|