Merge remote-tracking branch 'origin/master' into stable

.travis.yml

@@ -5,16 +5,14 @@ sudo: false
 dist: trusty
 
 go:
-  - "1.11.x"
-  - 1.12.x
+  - 1.13.x
   - master
 
 before_script: make prepare
 
 script:
   - make all
   - make lint
-  - make test
 
 matrix:
   allow_failures:

Dockerfile

@@ -1,7 +1,7 @@
 ###############################################################################
 # BUILD STAGE
 
-FROM golang:1.12-alpine
+FROM golang:1.13-alpine
 
 RUN set -x \
   && apk --no-cache --update add \

Makefile

@@ -4,7 +4,7 @@ APP_NAME     := $(IMAGE_NAME)
 
 CC_BINARIES  := $(shell bash -c "echo -n $(APP_NAME)-{linux,freebsd,openbsd}-{386,amd64} $(APP_NAME)-linux-{arm,arm64}")
 
-GOLANGCI_LINT_VERSION := v1.15.0
+GOLANGCI_LINT_VERSION := v1.21.0
 
 VERSION_GO         := $(shell go version)
 VERSION_DATE       := $(shell date -Ru)
@@ -51,10 +51,6 @@ crosscompile: $(CC_BINARIES)
 crosscompile-dir:
 	@rm -rf "$(CC_DIR)" && mkdir -p "$(CC_DIR)"
 
-.PHONY: test
-test: vendor
-	@$(MOD_ON) go test -v ./...
-
 .PHONY: lint
 lint: vendor
 	@$(MOD_OFF) golangci-lint run

antireplay/cache.go

@@ -1,37 +1,36 @@
 package antireplay
 
-import (
-	"github.com/allegro/bigcache"
-	"github.com/juju/errors"
+import "github.com/VictoriaMetrics/fastcache"
 
-	"github.com/9seconds/mtg/config"
+var (
+	prefixObfuscated2 = []byte{0x00}
+	prefixTLS         = []byte{0x01}
 )
 
-// Cache defines storage for obfuscated2 handshake frames.
-type Cache struct {
-	cache *bigcache.BigCache
+type cache struct {
+	data *fastcache.Cache
 }
 
-func (a Cache) Add(frame []byte) {
-	a.cache.Set(string(frame), nil) // nolint: errcheck
+func (c *cache) AddObfuscated2(data []byte) {
+	c.data.Set(keyObfuscated2(data), nil)
 }
 
-func (a Cache) Has(frame []byte) bool {
-	_, err := a.cache.Get(string(frame))
+func (c *cache) AddTLS(data []byte) {
+	c.data.Set(keyTLS(data), nil)
+}
+
+func (c *cache) HasObfuscated2(data []byte) bool {
+	return c.data.Has(keyObfuscated2(data))
+}
+
+func (c *cache) HasTLS(data []byte) bool {
+	return c.data.Has(keyTLS(data))
+}
 
-	return err == nil
+func keyObfuscated2(data []byte) []byte {
+	return append(prefixObfuscated2, data...)
 }
 
-func NewCache(config *config.Config) (Cache, error) {
-	cache, err := bigcache.NewBigCache(bigcache.Config{
-		Shards:           1024,
-		LifeWindow:       config.AntiReplayEvictionTime,
-		Hasher:           hasher{},
-		HardMaxCacheSize: config.AntiReplayMaxSize,
-	})
-	if err != nil {
-		return Cache{}, errors.Annotate(err, "Cannot make cache")
-	}
-
-	return Cache{cache}, nil
+func keyTLS(data []byte) []byte {
+	return append(prefixTLS, data...)
 }

antireplay/init.go

@@ -0,0 +1,20 @@
+package antireplay
+
+import (
+	"sync"
+
+	"github.com/VictoriaMetrics/fastcache"
+
+	"mtg/config"
+)
+
+var (
+	Cache    cache
+	initOnce sync.Once
+)
+
+func Init() {
+	initOnce.Do(func() {
+		Cache.data = fastcache.New(config.C.AntiReplayMaxSize)
+	})
+}

cli/generate.go

@@ -0,0 +1,26 @@
+package cli
+
+import (
+	"crypto/rand"
+	"encoding/hex"
+
+	"mtg/config"
+)
+
+func Generate(secretType, hostname string) {
+	data := make([]byte, config.SimpleSecretLength)
+	if _, err := rand.Read(data); err != nil {
+		panic(err)
+	}
+
+	secret := hex.EncodeToString(data)
+
+	switch secretType {
+	case "simple":
+		PrintStdout(secret)
+	case "secured":
+		PrintStdout("dd" + secret)
+	default:
+		PrintStdout("ee" + secret + hex.EncodeToString([]byte(hostname)))
+	}
+}

cli/proxy.go

@@ -0,0 +1,102 @@
+package cli
+
+import (
+	"net"
+	"os"
+	"time"
+
+	"go.uber.org/zap"
+	"go.uber.org/zap/zapcore"
+
+	"mtg/antireplay"
+	"mtg/config"
+	"mtg/faketls"
+	"mtg/hub"
+	"mtg/ntp"
+	"mtg/obfuscated2"
+	"mtg/proxy"
+	"mtg/stats"
+	"mtg/telegram"
+	"mtg/utils"
+)
+
+func Proxy() error { // nolint: funlen
+	ctx := utils.GetSignalContext()
+
+	atom := zap.NewAtomicLevel()
+
+	switch {
+	case config.C.Debug:
+		atom.SetLevel(zapcore.DebugLevel)
+	case config.C.Verbose:
+		atom.SetLevel(zapcore.InfoLevel)
+	default:
+		atom.SetLevel(zapcore.ErrorLevel)
+	}
+
+	encoderCfg := zap.NewProductionEncoderConfig()
+	logger := zap.New(zapcore.NewCore(
+		zapcore.NewJSONEncoder(encoderCfg),
+		zapcore.Lock(os.Stderr),
+		atom,
+	))
+
+	zap.ReplaceGlobals(logger)
+	defer logger.Sync() // nolint: errcheck
+
+	if err := config.InitPublicAddress(ctx); err != nil {
+		Fatal(err)
+	}
+
+	zap.S().Debugw("Configuration", "config", config.Printable())
+
+	if len(config.C.AdTag) > 0 {
+		zap.S().Infow("Use middle proxy connection to Telegram")
+
+		diff, err := ntp.Fetch()
+		if err != nil {
+			Fatal("Cannot fetch time data from NTP")
+		}
+
+		if diff > time.Second {
+			Fatal("Your local time is skewed and drift is bigger than a second. Please sync your time.")
+		}
+
+		go ntp.AutoUpdate()
+	} else {
+		zap.S().Infow("Use direct connection to Telegram")
+	}
+
+	PrintJSONStdout(config.GetURLs())
+
+	if err := stats.Init(ctx); err != nil {
+		Fatal(err)
+	}
+
+	antireplay.Init()
+	telegram.Init()
+	hub.Init(ctx)
+
+	proxyListener, err := net.Listen("tcp", config.C.Bind.String())
+	if err != nil {
+		Fatal(err)
+	}
+
+	go func() {
+		<-ctx.Done()
+		proxyListener.Close()
+	}()
+
+	app := &proxy.Proxy{
+		Logger:              zap.S().Named("proxy"),
+		Context:             ctx,
+		ClientProtocolMaker: obfuscated2.MakeClientProtocol,
+	}
+	if config.C.SecretMode == config.SecretModeTLS {
+		app.ClientProtocolMaker = faketls.MakeClientProtocol
+	}
+
+	app.Serve(proxyListener)
+
+	return nil
+}

cli/utils.go

@@ -0,0 +1,43 @@
+package cli
+
+import (
+	"encoding/json"
+	"fmt"
+	"io"
+	"os"
+)
+
+func Fatal(arg interface{}) {
+	if value, ok := arg.(error); ok {
+		arg = fmt.Errorf("fatal error: %+v", value)
+	}
+
+	PrintStderr(arg)
+	os.Exit(1)
+}
+
+func PrintStderr(args ...interface{}) {
+	fmt.Fprintln(os.Stderr, args...)
+}
+
+func PrintStdout(args ...interface{}) {
+	fmt.Println(args...)
+}
+
+func PrintJSONStderr(data interface{}) {
+	printJSON(os.Stderr, data)
+}
+
+func PrintJSONStdout(data interface{}) {
+	printJSON(os.Stdout, data)
+}
+
+func printJSON(writer io.Writer, data interface{}) {
+	encoder := json.NewEncoder(writer)
+	encoder.SetEscapeHTML(false)
+	encoder.SetIndent("", "  ")
+
+	if err := encoder.Encode(data); err != nil {
+		panic(err)
+	}
+}