Merge branch 'master' into stable

change the ip obtaining service
2026-03-14 15:22:29 +00:00 · 2018-08-01 21:32:34 +05:00 · 2018-08-01 21:30:05 +05:00 · 2018-07-13 12:57:46 +05:00 · 2018-07-10 19:22:04 +05:00 · 2018-07-10 15:48:39 +05:00
3 changed files with 98 additions and 30 deletions
--- a/2
+++ b/2
@@ -1,4 +1,4 @@
-FROM alpine:3.6
+FROM alpine:3.8

 RUN adduser tgproxy -u 10000 -D

--- a/README.md
+++ b/README.md
@@ -24,3 +24,4 @@ The proxy can be launched:
 - with a custom config: `python3 mtprotoproxy.py [configfile]`
 - several times, clients will be automaticaly balanced between instances
 - using *PyPy* interprteter
+- with runtime statistics exported for [Prometheus](https://prometheus.io/): using [prometheus](https://github.com/alexbers/mtprotoproxy/tree/prometheus) branch
--- a/mtprotoproxy.py
+++ b/mtprotoproxy.py
@@ -148,11 +148,13 @@ PREFER_IPV6 = config.get("PREFER_IPV6", socket.has_ipv6)
 # disables tg->client trafic reencryption, faster but less secure
 FAST_MODE = config.get("FAST_MODE", True)
 STATS_PRINT_PERIOD = config.get("STATS_PRINT_PERIOD", 600)
-PROXY_INFO_UPDATE_PERIOD = config.get("PROXY_INFO_UPDATE_PERIOD", 60*60*24)
-TO_CLT_BUFSIZE = config.get("TO_CLT_BUFSIZE", 8192)
+PROXY_INFO_UPDATE_PERIOD = config.get("PROXY_INFO_UPDATE_PERIOD", 24*60*60)
+TO_CLT_BUFSIZE = config.get("TO_CLT_BUFSIZE", 16384)
 TO_TG_BUFSIZE = config.get("TO_TG_BUFSIZE", 65536)
-CLIENT_KEEPALIVE = config.get("CLIENT_KEEPALIVE", 60*30)
+CLIENT_KEEPALIVE = config.get("CLIENT_KEEPALIVE", 10*60)
 CLIENT_HANDSHAKE_TIMEOUT = config.get("CLIENT_HANDSHAKE_TIMEOUT", 10)
+CLIENT_ACK_TIMEOUT = config.get("CLIENT_ACK_TIMEOUT", 5*60)
+TG_CONNECT_TIMEOUT = config.get("TG_CONNECT_TIMEOUT", 10)

 TG_DATACENTER_PORT = 443

@@ -223,14 +225,14 @@ def init_stats():
    stats = {user: collections.Counter() for user in USERS}


-def update_stats(user, connects=0, curr_connects=0, octets=0):
+def update_stats(user, connects=0, curr_connects=0, octets=0, msgs=0):
    global stats

    if user not in stats:
        stats[user] = collections.Counter()

    stats[user].update(connects=connects, curr_connects=curr_connects,
-                       octets=octets)
+                       octets=octets, msgs=msgs)


 class LayeredStreamReaderBase:
@@ -429,11 +431,6 @@ class MTProtoIntermediateFrameStreamReader(LayeredStreamReaderBase):
            msg_len -= 0x80000000

        data = await self.upstream.readexactly(msg_len)
-
-        if msg_len % 4 != 0:
-            cut_border = msg_len - (msg_len % 4)
-            data = data[:cut_border]
-
        return data, extra


@@ -445,6 +442,38 @@ class MTProtoIntermediateFrameStreamWriter(LayeredStreamWriterBase):
            return self.upstream.write(int.to_bytes(len(data), 4, 'little') + data)


+class MTProtoSecureIntermediateFrameStreamReader(LayeredStreamReaderBase):
+    async def read(self, buf_size):
+        msg_len_bytes = await self.upstream.readexactly(4)
+        msg_len = int.from_bytes(msg_len_bytes, "little")
+
+        extra = {}
+        if msg_len > 0x80000000:
+            extra["QUICKACK_FLAG"] = True
+            msg_len -= 0x80000000
+
+        data = await self.upstream.readexactly(msg_len)
+
+        if msg_len % 4 != 0:
+            cut_border = msg_len - (msg_len % 4)
+            data = data[:cut_border]
+
+        return data, extra
+
+
+class MTProtoSecureIntermediateFrameStreamWriter(LayeredStreamWriterBase):
+    def write(self, data, extra={}):
+        MAX_PADDING_LEN = 4
+        if extra.get("SIMPLE_ACK"):
+            # TODO: make this unpredictable
+            return self.upstream.write(data)
+        else:
+            padding_len = random.randrange(MAX_PADDING_LEN)
+            padding = bytearray([random.randrange(256) for i in range(padding_len)])
+            padded_data_len_bytes = int.to_bytes(len(data) + padding_len, 4, 'little')
+            return self.upstream.write(padded_data_len_bytes + data + padding)
+
+
 class ProxyReqStreamReader(LayeredStreamReaderBase):
    async def read(self, msg):
        RPC_PROXY_ANS = b"\x0d\xda\x03\x44"
@@ -503,6 +532,7 @@ class ProxyReqStreamWriter(LayeredStreamWriterBase):
        FLAG_HAS_AD_TAG = 0x8
        FLAG_MAGIC = 0x1000
        FLAG_EXTMODE2 = 0x20000
+        FLAG_PAD = 0x8000000
        FLAG_INTERMEDIATE = 0x20000000
        FLAG_ABRIDGED = 0x40000000
        FLAG_QUICKACK = 0x80000000
@@ -517,6 +547,8 @@ class ProxyReqStreamWriter(LayeredStreamWriterBase):
            flags |= FLAG_ABRIDGED
        elif self.proto_tag == PROTO_TAG_INTERMEDIATE:
            flags |= FLAG_INTERMEDIATE
+        elif self.proto_tag == PROTO_TAG_SECURE:
+            flags |= FLAG_INTERMEDIATE | FLAG_PAD

        if extra.get("QUICKACK_FLAG"):
            flags |= FLAG_QUICKACK
@@ -580,11 +612,31 @@ def set_keepalive(sock, interval=40, attempts=5):
        sock.setsockopt(socket.IPPROTO_TCP, socket.TCP_KEEPCNT, attempts)


+def set_ack_timeout(sock, timeout):
+    if hasattr(socket, "TCP_USER_TIMEOUT"):
+        sock.setsockopt(socket.IPPROTO_TCP, socket.TCP_USER_TIMEOUT, timeout*1000)
+
+
 def set_bufsizes(sock, recv_buf, send_buf):
    sock.setsockopt(socket.SOL_SOCKET, socket.SO_RCVBUF, recv_buf)
    sock.setsockopt(socket.SOL_SOCKET, socket.SO_SNDBUF, send_buf)


+async def open_connection_tryer(addr, port, limit, timeout, max_attempts=3):
+    for attempt in range(max_attempts-1):
+        try:
+            task = asyncio.open_connection(addr, port, limit=limit)
+            reader_tgt, writer_tgt = await asyncio.wait_for(task, timeout=timeout)
+            return reader_tgt, writer_tgt
+        except (OSError, asyncio.TimeoutError):
+            continue
+
+    # the last attempt
+    task = asyncio.open_connection(addr, port, limit=limit)
+    reader_tgt, writer_tgt = await asyncio.wait_for(task, timeout=timeout)
+    return reader_tgt, writer_tgt
+
+
 async def do_direct_handshake(proto_tag, dc_idx, dec_key_and_iv=None):
    RESERVED_NONCE_FIRST_CHARS = [b"\xef"]
    RESERVED_NONCE_BEGININGS = [b"\x48\x45\x41\x44", b"\x50\x4F\x53\x54",
@@ -603,18 +655,18 @@ async def do_direct_handshake(proto_tag, dc_idx, dec_key_and_iv=None):
        dc = TG_DATACENTERS_V4[dc_idx]

    try:
-        reader_tgt, writer_tgt = await asyncio.open_connection(dc, TG_DATACENTER_PORT,
-                                                               limit=TO_CLT_BUFSIZE)
-        set_keepalive(writer_tgt.get_extra_info("socket"))
-        set_bufsizes(writer_tgt.get_extra_info("socket"), TO_CLT_BUFSIZE, TO_TG_BUFSIZE)
-
+        reader_tgt, writer_tgt = await open_connection_tryer(
+            dc, TG_DATACENTER_PORT, limit=TO_CLT_BUFSIZE, timeout=TG_CONNECT_TIMEOUT)
    except ConnectionRefusedError as E:
        print_err("Got connection refused while trying to connect to", dc, TG_DATACENTER_PORT)
        return False
-    except OSError as E:
+    except (OSError, asyncio.TimeoutError) as E:
        print_err("Unable to connect to", dc, TG_DATACENTER_PORT)
        return False

+    set_keepalive(writer_tgt.get_extra_info("socket"))
+    set_bufsizes(writer_tgt.get_extra_info("socket"), TO_CLT_BUFSIZE, TO_TG_BUFSIZE)
+
    while True:
        rnd = bytearray([random.randrange(0, 256) for i in range(HANDSHAKE_LEN)])
        if rnd[:1] in RESERVED_NONCE_FIRST_CHARS:
@@ -704,16 +756,18 @@ async def do_middleproxy_handshake(proto_tag, dc_idx, cl_ip, cl_port):
        addr, port = random.choice(TG_MIDDLE_PROXIES_V4[dc_idx])

    try:
-        reader_tgt, writer_tgt = await asyncio.open_connection(addr, port, limit=TO_CLT_BUFSIZE)
-        set_keepalive(writer_tgt.get_extra_info("socket"))
-        set_bufsizes(writer_tgt.get_extra_info("socket"), TO_CLT_BUFSIZE, TO_TG_BUFSIZE)
+        reader_tgt, writer_tgt = await open_connection_tryer(addr, port, limit=TO_CLT_BUFSIZE,
+                                                             timeout=TG_CONNECT_TIMEOUT)
    except ConnectionRefusedError as E:
        print_err("Got connection refused while trying to connect to", addr, port)
        return False
-    except OSError as E:
+    except (OSError, asyncio.TimeoutError) as E:
        print_err("Unable to connect to", addr, port)
        return False

+    set_keepalive(writer_tgt.get_extra_info("socket"))
+    set_bufsizes(writer_tgt.get_extra_info("socket"), TO_CLT_BUFSIZE, TO_TG_BUFSIZE)
+
    writer_tgt = MTProtoFrameStreamWriter(writer_tgt, START_SEQ_NO)

    key_selector = PROXY_SECRET[:4]
@@ -809,7 +863,8 @@ async def do_middleproxy_handshake(proto_tag, dc_idx, cl_ip, cl_port):


 async def handle_client(reader_clt, writer_clt):
-    set_keepalive(writer_clt.get_extra_info("socket"), CLIENT_KEEPALIVE)
+    set_keepalive(writer_clt.get_extra_info("socket"), CLIENT_KEEPALIVE, attempts=3)
+    set_ack_timeout(writer_clt.get_extra_info("socket"), CLIENT_ACK_TIMEOUT)
    set_bufsizes(writer_clt.get_extra_info("socket"), TO_TG_BUFSIZE, TO_CLT_BUFSIZE)

    try:
@@ -855,9 +910,12 @@ async def handle_client(reader_clt, writer_clt):
        if proto_tag == PROTO_TAG_ABRIDGED:
            reader_clt = MTProtoCompactFrameStreamReader(reader_clt)
            writer_clt = MTProtoCompactFrameStreamWriter(writer_clt)
-        elif proto_tag in (PROTO_TAG_INTERMEDIATE, PROTO_TAG_SECURE):
+        elif proto_tag == PROTO_TAG_INTERMEDIATE:
            reader_clt = MTProtoIntermediateFrameStreamReader(reader_clt)
            writer_clt = MTProtoIntermediateFrameStreamWriter(writer_clt)
+        elif proto_tag == PROTO_TAG_SECURE:
+            reader_clt = MTProtoSecureIntermediateFrameStreamReader(reader_clt)
+            writer_clt = MTProtoSecureIntermediateFrameStreamWriter(writer_clt)
        else:
            return

@@ -875,7 +933,7 @@ async def handle_client(reader_clt, writer_clt):
                    await wr.drain()
                    return
                else:
-                    update_stats(user, octets=len(data))
+                    update_stats(user, octets=len(data), msgs=1)
                    wr.write(data, extra)
                    await wr.drain()
        except (OSError, asyncio.streams.IncompleteReadError) as e:
@@ -913,9 +971,9 @@ async def stats_printer():

        print("Stats for", time.strftime("%d.%m.%Y %H:%M:%S"))
        for user, stat in stats.items():
-            print("%s: %d connects (%d current), %.2f MB" % (
+            print("%s: %d connects (%d current), %.2f MB, %d msgs" % (
                user, stat["connects"], stat["curr_connects"],
-                stat["octets"] / 1000000))
+                stat["octets"] / 1000000, stat["msgs"]))
        print(flush=True)


@@ -1005,7 +1063,7 @@ def init_ip_info():
    TIMEOUT = 5

    try:
-        with urllib.request.urlopen('https://v4.ifconfig.co/ip', timeout=TIMEOUT) as f:
+        with urllib.request.urlopen('http://ipv4.myexternalip.com/raw', timeout=TIMEOUT) as f:
            if f.status != 200:
                raise Exception("Invalid status code")
            my_ip_info["ipv4"] = f.read().decode().strip()
@@ -1014,7 +1072,7 @@ def init_ip_info():

    if PREFER_IPV6:
        try:
-            with urllib.request.urlopen('https://v6.ifconfig.co/ip', timeout=TIMEOUT) as f:
+            with urllib.request.urlopen('http://ipv6.myexternalip.com/raw', timeout=TIMEOUT) as f:
                if f.status != 200:
                    raise Exception("Invalid status code")
                my_ip_info["ipv6"] = f.read().decode().strip()
@@ -1054,15 +1112,24 @@ def loop_exception_handler(loop, context):
    if exception:
        if isinstance(exception, TimeoutError):
            if transport:
-                print_err("Timeout, killing transport")
                transport.abort()
                return
        if isinstance(exception, OSError):
            IGNORE_ERRNO = {
-                10038  # operation on non-socket on Windows, likely because fd == -1
+                10038,  # operation on non-socket on Windows, likely because fd == -1
+                121,    # the semaphore timeout period has expired on Windows
+            }
+
+            FORCE_CLOSE_ERRNO = {
+                113,    # no route to host
+
            }
            if exception.errno in IGNORE_ERRNO:
                return
+            elif exception.errno in FORCE_CLOSE_ERRNO:
+                if transport:
+                    transport.abort()
+                    return

    loop.default_exception_handler(context)
Author	SHA1	Message	Date
Alexander Bersenev	e4473d6374	Merge branch 'master' into stable	2018-08-01 21:32:34 +05:00
Alexander Bersenev	c2278501bf	change the ip obtaining service	2018-08-01 21:30:05 +05:00
Alexander Bersenev	534b26cd04	Merge branch 'master' into stable	2018-07-13 12:57:46 +05:00
Alexander Bersenev	c1bef68602	update alpine linux in the image	2018-07-10 19:22:04 +05:00
Alexander Bersenev	8e79dacd26	make the passive protocol detection harder	2018-07-10 15:48:39 +05:00
Alexander Bersenev	520a26aa89	fix typo	2018-07-08 23:52:57 +05:00
Alexander Bersenev	647b6f6edd	add connect retrying	2018-07-08 19:05:45 +05:00
Alexander Bersenev	c2ad0de665	increase default buffer limit	2018-07-08 17:48:13 +05:00
Alexander Bersenev	47f7c088af	Merge branch 'master' into stable	2018-07-05 16:12:56 +05:00
Alexander Bersenev	6f8bfdb568	add timeout error to errno	2018-07-05 15:45:53 +05:00
Alexander Bersenev	0a7e2d85b8	shrink timeouts, removed annoying message about timeouts	2018-07-04 13:54:27 +05:00
Alexander Bersenev	0caf5f89a8	count msgs	2018-07-02 02:28:43 +05:00
Alexander Bersenev	33fabe7590	ignore no route to host error	2018-07-02 00:47:35 +05:00
Alexander Bersenev	c0ed5e1e38	Merge branch 'master' of github.com:alexbers/mtprotoproxy	2018-07-01 16:45:34 +05:00
Alexander Bersenev	bcac5eb878	add sending timeout	2018-07-01 16:43:54 +05:00
Alexander Bersenev	b38084bf36	add information about Prometheus to readme	2018-07-01 01:40:30 +05:00
Alexander Bersenev	93f71f5ec2	Merge branch 'master' into stable	2018-06-29 12:48:58 +05:00
Alexander Bersenev	4a47d79ea4	Merge branch 'master' into stable Synchronize branches	2018-06-19 20:45:20 +05:00
Alexander Bersenev	92204e492b	more work on flags	2018-06-17 23:32:07 +05:00
Alexander Bersenev	97ae711223	fix flags	2018-06-17 03:28:19 +05:00