mixnet

package
v0.0.0-...-b5aa0b6 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Aug 30, 2017 License: Apache-2.0 Imports: 21 Imported by: 2

README

Mixnet over CloudProxy

A mixnet router facilitates anonymous communications among a set of peers. Alice wants to send Msg to Bob; she encrypts, authenticates, and sends the message (Msg, Bob) to Molly, a mixnet router. Molly waits until she has n-1 more messages from n-1 other peers, then transmits the messages to their respective destinations simultaneously, thus anonymizing Alice among a set of n peers. Such a service is only useful if Molly can be trusted to not divulge the link (Alice, Bob). This document specifies a simple mixnet built on the CloudProxy platform that reduces this trust to the knowledge of a public key and trust in the owner of that key.

Security goals and threat model

There are three principals in our protocol: the sender, recipient, and the policy owner. Our goal is to design a protocol that provides anonymity for senders without requiring the recipient to execute the protocol. The policy owner controls the root policy private key that is used to attest to the instantiation of mixnet routers using the CloudProxy platform. CloudProxy exposes the code to the users, as well as the operating system in which it is running. To instantiate a mixnet router, a TPM coupled with the hardware platform generates a public key, which is attested to by the policy owner by signing it with the private policy key. When the machine boots, the OS is measured and generates a private/public key pair, which is attested to by the TPM; finally, the mixnet code itself is measured and generates a private/public key pair, which is attested to by the OS. Hence, trust in the mixnet routers to faithfully carry out the protocol is reduced to correct provisioning of the policy key.

We consider a global passive adversary who observes all communications between senders and mixnet routers, mixnet routers and other mixnet routers, and mixnet routers and recipients. The adversary may also send messages on channels it observes. Since the service is anonymous, the adversary is allowed to control any number of senders or recipients. The effect is that the state of that peer is exposed, including any and all cryptographic keys. We assume that the policy key was correctly provisioned; if the code implements the protocol correctly and is properly isolated during its execution, we claim this precludes the possibility of exposing a router’s state. (This is a strong claim offered here without proof. CloudProxy provides assurance that the expected program is running; assuming the code does not contain any bugs that allow it to be comprimised, a formal treatment of our protocol should reduce the adversary's control of the routers to standard cryptographic assumptions: in particular, CDH on elliptic curves, as well as the integrity and confidentiality of the cipher suite underyling TLS.)

The intended property of communications over the mixnet is unlinkability in the sense of [1]. Consider a set of senders S where |S| = n and a set of recipients T. Each sender chooses one recipient as well as a message to send so that M : S → T is an onto mapping. The messages are transmitted to their respective recipients over the mixnet; the adversary succeeds if it outputs (s, t) such that M(s) = t, unless it controls both s and t. We say that communication over the mixnet is unlinkable if for any adversary the probability of success is less than 1/n plus some negligible value.

Alternative definition: as above, except the adversary chooses the messages to be sent. This change may make it easier to analyze the unlinkability of a particular protocol. However, this would require the recipients to participate in the protocol, since messages exiting the mixnet must be encrypted.

For a protocol to achieve security in this sense, the messages must all have the same length; of course, this is not always reasonable in practice. Mixnets address this by splitting messages into fixed-length cells. Senders split messages into cells (zero-padding the last cell as needed) and send them to the first router where they are added to a queue. At each round the router waits until there are m cells in the queue from m distinct senders and transmits these simultaneously to achieve anonymity.

Extending the definition of unlinkability to a mixnet that divides messages into cells and transmits at rounds is challenging: the presence of variable-length messages exposes traffic patterns to the adversary. One way to mitigate this problem is to zero-pad all messages to the length of the longest message. This achieves a property called unobservability [1] which is too expensive for our purposes.

Another appraoch is to weaken the security model to one in which the adversary may only observe a fraction of the network at any one time; relaying messages over circuits of routers may make it more difficult to perform traffic analysis. This is the case for the design of the Tor onion-routing protocol [2]. We will consider extending our protocol to a network of routers to achieve security in this model. This approach may have the added benifit of reducing latency of messages traversing the mixnet.

Design Overview

Our mixnet design consists of two major component, router and proxy, and one administrative component, directory. A router (mixnet_router), or a mix, shuffles and routes users' messages, and a proxy (mixnet_proxy) accepts any TCP connections via a SOCKS5 proxy from a user and relays the packets through the mixnet. A directory (mixnet_directory) acts as a synchronization point, and manages a list of available routers in the mixnet currently for other routers and proxies to use.

At a high level, our design is, at least at the moment, an asynchronous free-flow mixnet. Unlike cascade-mixnets, a free-flow mixnet allows different messages to be routed through different paths through the network of mixes. It is also asynchronous in the sense that each mix makes their own routing decisions without coordinating with rest of the mixes in the network.

A typical messaging session for two end-to-end users, Alice and Bob, works as follows.

  1. Proxy accepts a connection from Alice, and receives a message to send to Bob.

  2. Proxy picks an entry mix. It then establishes a one-way authenticated TLS connection with the entry (the mix attests that it is running CloudProxy), and requests to establish a circuit to Bob. A circuit is a path of mixes in the network the messages for this particular end-to-end connection will be routed through.

  3. The entry mix selects random mixes to form a circuit. It establishes a two-way authenticated TLS connection to the next mix in the circuit, and it relays the circuit creation request to the next hop. The next mix does the same until the circuit reaches the exit mix.

  4. Once the circuit is established, the proxy sends the message over to the entry mix. Every packet exchanged between a mix and a proxy, called a cell, is of fixed length. If the message is shorter than a cell, then the message is padded to the fixed length. If the message is longer, then it is broken down into multiple cells.

  5. Once enough cells from different proxies are available at the entry mix, it permutes the cells, and sends the cells to the next mix in the circuit. Similarly, the intermediate mixes in circuits wait for enough cells from different circuits, and permute the cells, and send the cells to the next hops. The exit mix reconstructs the message from cells, and send the message to Bob.

  6. Bob can respond to the message, and the message will traverse the mixnet using the same circuit in reverse.

Note that in step 3, the entry mix picks the circuit through the network, not Bob. This is because the entry mix, which is CloudProxy authenticated, is assumed to be secure, and disabling malicious users (who are not authenticated) from selecting the path will likely enable better security.

The design also made several design decisions that trades-off security and performance. For instance, it may result in less latency to allow a mix in step 5 to treat connections from proxies and other routers the same way, and thus requires less connections from proxies. This, however, could reduce the anonymity set size of the proxies. Such design choices may change as we analyze the security of the system further.

Code Overview

Some of the important files are

  • queue.go: Implements the batching and mixing functionality for cells.
  • router.go Handles connections from/to proxies, routers, and end points. Uses a queue from queue.go to maintain 3 different queues for (1) cells sent from proxies, (2) cells sent to proxies, and (3) cells to/from other routers. This is required to be run in CloudProxy environment.
  • socks5.go: Implements a simple SOCKS5 proxy that proxy uses to listen to end users.
  • proxy.go: Uses socks5 to receive messages from end-users, breaks the messages into cells, and handles communication with the entry mix.
  • conn.go, listener.go, circuit.go: Used to manage different network connections and circuits.
  • mixnet.proto: Specifies the directives (e.g., creating/destroying circuits) used by proxies and routers.

Parameters

There are server system wide parameters that impact the security and performance of the system.

  • Batch size (batchsize): This determines how many cells from different circuits or proxies a router needs to collect before mixing and sending them to the next hop in the circuit.

  • Hop length: Currently, the default number of hops in the circuit is set to 3. Longer circuits will likely provide better anonymity, at the cost of increased latency, and vice-versa. The hop count also need not be fixed for all circuits, but we assume it is for simpler design and analysis.

  • Cell size: Each cell is fixed at 1024B currently. This should be at most 65KB, the maximum packet length for TCP.

Tests

mixnet_test.go and other test files contain unit tests and integration tests that can be run natively in Go. The largest integration test uses 20 proxies, 6 routers, and there are four paths through the routers used by 20 proxies. The messages are then echoed back to the proxies by a simple server at the end of the circuit.

The scripts in scripts runs a full Tao test (currently with soft-tao). It implements essentially the same integration test as the one in mixnet_test.go, except it runs it with real Tao (though SoftTao at the moment). The script assumes that CloudProxy is installed already. Please take a look at the README in the scripts directory for instructions to run the scripts.

References

[1] Andreas Pfitzman, 2010. A terminology for talking about privacy by data minimization: Anonymity, Unlinkability, Undetectability, Unobservability, Pseudonymity, and Identity Management. https://dud.inf.tu-dresden.de/literatur/Anon_Terminology_v0.34.pdf

[2] Tor specification. https://svn.torproject.org/svn/projects/design-paper/tor-design.pdf

[3] SOCKS Protocol Version 5. http://tools.ietf.org/html/rfc1928

Documentation

Overview

Package mixnet is a generated protocol buffer package.

It is generated from these files: 

mixnet.proto

It has these top-level messages: 

Directive
DirectoryMessage

Index

Constants

View Source 
const (
	// CellBytes specifies the length of a cell.
	CellBytes = 1 << 10

	// MaxMsgBytes specifies the maximum length of a message.
	MaxMsgBytes = 1 << 16
)
View Source 
const (
	// Update directory every x amount of time
	DefaultUpdateFrequency = 3600 * time.Second
	DefaultHopCount        = 2
	DefaultTimeout         = 10 * time.Second
)
View Source 
const (
	ID_SIZE   = 8
	LEN_SIZE  = 8
	BODY_SIZE = CellBytes - BODY - box.Overhead - 24
)
View Source 
const (
	ID   = 0
	TYPE = ID + ID_SIZE
	BODY = 9
)
View Source 
const (
	SocksVersion            = 0x05
	SocksMethodNoAuth       = 0x00
	SocksNoAcceptableMethod = 0xff
	SocksCmdConnect         = 0x01
	SocksAtypIPv4           = 0x01
	SocksRepSuccess         = 0x00
	SocksRepFailure         = 0x01
	SocksRepUnsupported     = 0x07
)

Codes used in the RFC standard of SOCKS version 5.

Variables

View Source 
var DirectiveType_name = map[int32]string{
	0: "ERROR",
	1: "CREATE",
	2: "CREATED",
	3: "DESTROY",
	4: "DESTROYED",
}
View Source 
var DirectiveType_value = map[string]int32{
	"ERROR":     0,
	"CREATE":    1,
	"CREATED":   2,
	"DESTROY":   3,
	"DESTROYED": 4,
}
View Source 
var DirectoryMessageType_name = map[int32]string{
	0: "REGISTER",
	1: "DELETE",
	2: "LIST",
	3: "DIRECTORY",
	4: "DIRERROR",
}
View Source 
var DirectoryMessageType_value = map[string]int32{
	"REGISTER":  0,
	"DELETE":    1,
	"LIST":      2,
	"DIRECTORY": 3,
	"DIRERROR":  4,
}

Functions

func GetDirectory 

func GetDirectory(c net.Conn) ([]string, [][]byte, error)

func Listen 

func Listen(network, laddr string, config *tls.Config, g tao.Guard, v *tao.Verifier, del *tao.Attestation) (net.Listener, error)

Listen listens on a TLS connection with RequestClientCert.

func RegisterRouter 

func RegisterRouter(c net.Conn, addrs []string, keys [][]byte) error

func SocksListen 

func SocksListen(network, addr string) (net.Listener, error)

SocksListen binds an address to a socket and returns a SocksListener for serving SOCKS clients.

Types

type Circuit 

type Circuit struct {
	// contains filtered or unexported fields
}

A circuit carries cells

func NewCircuit 

func NewCircuit(conn *Conn, id uint64, entry, exit, forward bool) *Circuit

A circuit now encrypts for the exit circuit. The key is assumed to be available through "peerKey", and publicKey and privateKey are the keys are local keys used to perform diffiehellman with peerKey. The keys are optional.

func (*Circuit) BufferCell 

func (c *Circuit) BufferCell(cell []byte, err error)

func (*Circuit) Close 

func (c *Circuit) Close() error

func (*Circuit) Decrypt 

func (c *Circuit) Decrypt(boxed []byte) ([]byte, bool)

func (*Circuit) Encrypt 

func (c *Circuit) Encrypt(msg []byte) []byte

func (*Circuit) Read 

func (c *Circuit) Read(msg []byte) (int, error)

func (*Circuit) ReceiveDirective 

func (c *Circuit) ReceiveDirective(d *Directive) error

ReceiveDirective awaits a reply from the peer and returns the directive received, e.g. in response to RouterContext.HandleProxy(). If the directive type is ERROR, return an error.

func (*Circuit) ReceiveMessage 

func (c *Circuit) ReceiveMessage() ([]byte, error)

ReceiveMessage reads message cells from the router and assembles them into a messsage.

func (*Circuit) SendDirective 

func (c *Circuit) SendDirective(d *Directive) (int, error)

SendDirective serializes and pads a directive to the length of a cell and sends it to the peer. A directive is signaled to the receiver by the first byte of the cell. The next few bytes encode the length of of the serialized protocol buffer. If the buffer doesn't fit in a cell, then throw an error.

func (*Circuit) SendMessage 

func (c *Circuit) SendMessage(msg []byte) error

SendMessage divides a message into cells and sends each cell over the network connection. A message is signaled to the receiver by the first byte of the first cell. The next few bytes encode the total number of bytes in the message.

func (*Circuit) SetKeys 

func (c *Circuit) SetKeys(peerKey, publicKey, privateKey *[32]byte)

func (*Circuit) Write 

func (c *Circuit) Write(msg []byte) (int, error)

type Conn 

type Conn struct {
	net.Conn
	// contains filtered or unexported fields
}

Conn implements the net.Conn interface. The read and write operations are overloaded to check that only cells are sent between entities in the mixnet protocol.

func (*Conn) AddCircuit 

func (c *Conn) AddCircuit(circuit *Circuit)

func (*Conn) DeleteCircuit 

func (c *Conn) DeleteCircuit(circuit *Circuit) bool

func (*Conn) Empty 

func (c *Conn) Empty() bool

func (*Conn) GetCircuit 

func (c *Conn) GetCircuit(id uint64) *Circuit

func (*Conn) Member 

func (c *Conn) Member(id uint64) bool

func (*Conn) Read 

func (c *Conn) Read(msg []byte) (n int, err error)

Read a cell from the channel. If len(msg) != CellBytes, return an error.

func (*Conn) Write 

func (c *Conn) Write(msg []byte) (n int, err error)

Write a cell to the channel. If the len(cell) != CellBytes, return an error.

type Directive 

type Directive struct {
	Type *DirectiveType `protobuf:"varint,1,req,name=type,enum=mixnet.DirectiveType" json:"type,omitempty"`
	// CREATE, a sequence of addresses (e.g. "192.168.1.1:7007")
	// comprising the circuit to be constructed over the mixnet. Each address
	// corresponds to a mixnet router except the last, which is the service the
	// proxy would like to contact.
	Addrs []string `protobuf:"bytes,2,rep,name=addrs" json:"addrs,omitempty"`
	Key   []byte   `protobuf:"bytes,3,opt,name=key" json:"key,omitempty"`
	// ERROR or FATAL, an error message.
	Error            *string `protobuf:"bytes,4,opt,name=error" json:"error,omitempty"`
	XXX_unrecognized []byte  `json:"-"`
}

func (*Directive) Descriptor 

func (*Directive) Descriptor() ([]byte, []int)

func (*Directive) GetAddrs 

func (m *Directive) GetAddrs() []string

func (*Directive) GetError 

func (m *Directive) GetError() string

func (*Directive) GetKey 

func (m *Directive) GetKey() []byte

func (*Directive) GetType 

func (m *Directive) GetType() DirectiveType

func (*Directive) ProtoMessage 

func (*Directive) ProtoMessage()

func (*Directive) Reset 

func (m *Directive) Reset()

func (*Directive) String 

func (m *Directive) String() string

type DirectiveType 

type DirectiveType int32
const (
	DirectiveType_ERROR     DirectiveType = 0
	DirectiveType_CREATE    DirectiveType = 1
	DirectiveType_CREATED   DirectiveType = 2
	DirectiveType_DESTROY   DirectiveType = 3
	DirectiveType_DESTROYED DirectiveType = 4
)

func (DirectiveType) Enum 

func (x DirectiveType) Enum() *DirectiveType

func (DirectiveType) EnumDescriptor 

func (DirectiveType) EnumDescriptor() ([]byte, []int)

func (DirectiveType) String 

func (x DirectiveType) String() string

func (*DirectiveType) UnmarshalJSON 

func (x *DirectiveType) UnmarshalJSON(data []byte) error

type DirectoryContext 

type DirectoryContext struct {
	// contains filtered or unexported fields
}

func NewDirectoryContext 

func NewDirectoryContext(path, network, addr string, timeout time.Duration,
	x509Identity *pkix.Name, t tao.Tao) (*DirectoryContext, error)

func (*DirectoryContext) Accept 

func (dc *DirectoryContext) Accept() (net.Conn, error)

func (*DirectoryContext) Close 

func (dc *DirectoryContext) Close()

type DirectoryMessage 

type DirectoryMessage struct {
	Type *DirectoryMessageType `protobuf:"varint,1,req,name=type,enum=mixnet.DirectoryMessageType" json:"type,omitempty"`
	// Addresses to register to or delete from the directory,
	// or list of all available mixnets
	Addrs []string `protobuf:"bytes,2,rep,name=addrs" json:"addrs,omitempty"`
	Keys  [][]byte `protobuf:"bytes,3,rep,name=keys" json:"keys,omitempty"`
	// Possible error message
	Error            *string `protobuf:"bytes,4,opt,name=error" json:"error,omitempty"`
	XXX_unrecognized []byte  `json:"-"`
}

func (*DirectoryMessage) Descriptor 

func (*DirectoryMessage) Descriptor() ([]byte, []int)

func (*DirectoryMessage) GetAddrs 

func (m *DirectoryMessage) GetAddrs() []string

func (*DirectoryMessage) GetError 

func (m *DirectoryMessage) GetError() string

func (*DirectoryMessage) GetKeys 

func (m *DirectoryMessage) GetKeys() [][]byte

func (*DirectoryMessage) GetType 

func (m *DirectoryMessage) GetType() DirectoryMessageType

func (*DirectoryMessage) ProtoMessage 

func (*DirectoryMessage) ProtoMessage()

func (*DirectoryMessage) Reset 

func (m *DirectoryMessage) Reset()

func (*DirectoryMessage) String 

func (m *DirectoryMessage) String() string

type DirectoryMessageType 

type DirectoryMessageType int32
const (
	DirectoryMessageType_REGISTER  DirectoryMessageType = 0
	DirectoryMessageType_DELETE    DirectoryMessageType = 1
	DirectoryMessageType_LIST      DirectoryMessageType = 2
	DirectoryMessageType_DIRECTORY DirectoryMessageType = 3
	DirectoryMessageType_DIRERROR  DirectoryMessageType = 4
)

func (DirectoryMessageType) Enum 

func (x DirectoryMessageType) Enum() *DirectoryMessageType

func (DirectoryMessageType) EnumDescriptor 

func (DirectoryMessageType) EnumDescriptor() ([]byte, []int)

func (DirectoryMessageType) String 

func (x DirectoryMessageType) String() string

func (*DirectoryMessageType) UnmarshalJSON 

func (x *DirectoryMessageType) UnmarshalJSON(data []byte) error

type ProxyContext 

type ProxyContext struct {
	// contains filtered or unexported fields
}

ProxyContext stores the runtime environment for a mixnet proxy. A mixnet proxy connects to a mixnet router on behalf of a client's application.

func NewProxyContext 

func NewProxyContext(path, network, addr string, directories []string, hopCount int, timeout time.Duration) (*ProxyContext, error)

NewProxyContext loads a domain from a local configuration.

func (*ProxyContext) Accept 

func (p *ProxyContext) Accept() (net.Conn, error)

Accept waits for clients running the SOCKS5 protocol.

func (*ProxyContext) Close 

func (p *ProxyContext) Close()

Close unbinds the proxy server socket.

func (*ProxyContext) CreateCircuit 

func (p *ProxyContext) CreateCircuit(path []string, dest string) (*Circuit, uint64, error)

CreateCircuit connects anonymously to a remote Tao-delegated mixnet router specified by path[0]. It directs the router to construct a circuit to dest. The user either provides just the exit, or the whole path

func (*ProxyContext) DestroyCircuit 

func (p *ProxyContext) DestroyCircuit(id uint64) error

DestroyCircuit directs the router to close the connection to the destination and destroy the circuit then closes the connection.

func (*ProxyContext) DialRouter 

func (p *ProxyContext) DialRouter(network, addr string) (*Conn, error)

DialRouter connects anonymously to a remote Tao-delegated mixnet router.

func (*ProxyContext) GetDirectory 

func (p *ProxyContext) GetDirectory(dirAddr string) ([]string, [][]byte, error)

Read the directory from a directory server TODO(kwonalbert): This is more or less a duplicate of the router get dir.. Combine them..

func (*ProxyContext) HandleClient 

func (p *ProxyContext) HandleClient(id uint64) error

HandleClient relays a message read from client connection c to mixnet connection d and relay reply.

func (*ProxyContext) ServeClient 

func (p *ProxyContext) ServeClient(c net.Conn, path []string, dest string) error

ServeClient creates a circuit over the mixnet and relays messages to a destination (specified by addrs[len(addrs)-1]) on behalf of the client. Read a message from the client, send it over the mixnet, wait for a reply, and forward it the client. Once an EOF is encountered (or some other error occurs), destroy the circuit.

type Queue 

type Queue struct {
	// contains filtered or unexported fields
}

The Queue structure maps a circuit identifier corresponding to a sender (in the router context) to a destination. It also maintains a message buffer for each sender. Once messages are ready on enough buffers, a batch of messages are transmitted simultaneously.

func NewQueue 

func NewQueue(network string, t tao.Tao, batchSize int, timeout time.Duration) (sq *Queue)

NewQueue creates a new Queue structure.

func (*Queue) Close 

func (sq *Queue) Close(id uint64, msg []byte, destroy bool, conn, errConn net.Conn)

Close creates a queueable object that sends the last msg in the circuit, closes the connection and deletes all associated resources.

func (*Queue) DoQueue 

func (sq *Queue) DoQueue(kill <-chan bool)

DoQueue adds messages to a queue and transmits messages in batches. It also provides an interface for receiving messages from a server. Typically a message is a cell, but when the calling router is an exit point, the message length is arbitrary. A batch is transmitted when there are messages on batchSize distinct sender channels.

func (*Queue) DoQueueErrorHandler 

func (sq *Queue) DoQueueErrorHandler(queue *Queue, kill <-chan bool)

DoQueueErrorHandler handles errors produced by DoQueue by enqueing onto queue a directive containing the error message.

func (*Queue) Enqueue 

func (sq *Queue) Enqueue(q *Queueable)

Enqueue inserts a queueable object into the queue. Note that this is generally unsafe to use concurrently because it doesn't make a copy of the data.

func (*Queue) EnqueueMsg 

func (sq *Queue) EnqueueMsg(id uint64, msg []byte, conn, errConn net.Conn)

EnqueueMsg copies a byte slice into a queueable object and adds it to the queue.

type Queueable 

type Queueable struct {
	// contains filtered or unexported fields
}

The Queueable object is passed through a channel and mutates the state of the Queue in some manner; for example, it can set the destination adddress or connection of a sender, add a message or request for reply to the queue, or destroy any resources associated with the connection.

type RouterContext 

type RouterContext struct {
	// contains filtered or unexported fields
}

RouterContext stores the runtime environment for a Tao-delegated router.

func NewRouterContext 

func NewRouterContext(path, network, addr string, timeout time.Duration,
	directories []string, batchSize int,
	x509Identity *pkix.Name, t tao.Tao) (r *RouterContext, err error)

NewRouterContext generates new keys, loads a local domain configuration from path and binds an anonymous listener socket to addr using network protocol. It also creates a regular listener socket for other routers to connect to. A delegation is requested from the Tao t which is nominally the parent of this hosted program.

func (*RouterContext) Accept 

func (r *RouterContext) Accept() (*Conn, error)

AcceptRouter Waits for connectons from other routers.

func (*RouterContext) Close 

func (r *RouterContext) Close()

Close releases any resources held by the hosted program.

func (*RouterContext) DeleteRouter 

func (r *RouterContext) DeleteRouter()

func (*RouterContext) DialRouter 

func (r *RouterContext) DialRouter(network, addr string) (*Conn, error)

DialRouter connects to a remote Tao-delegated mixnet router.

func (*RouterContext) GetDirectory 

func (r *RouterContext) GetDirectory(dirAddr string) ([]string, [][]byte, error)

Read the directory from a directory server

func (*RouterContext) HandleErr 

func (r *RouterContext) HandleErr()

Handle errors internal to the router When instantiating a real router (not for testing), one start this function as well to handle the errors

func (*RouterContext) Register 

func (r *RouterContext) Register(dirAddr string) error

Register the current router to a directory server

func (*RouterContext) SendError 

func (r *RouterContext) SendError(queue *Queue, queueId, id uint64, err error, c *Conn) error

SendError sends an error message to a client.

type SocksConn 

type SocksConn struct {
	net.Conn
	// contains filtered or unexported fields
}

SocksConn implements the net.Conn interface and contains a destination network and address for the proxy.

func (*SocksConn) DestinationAddr 

func (c *SocksConn) DestinationAddr() string

DestinationAddr returns the destination address negotiated in the SOCKS protocol.

type SocksListener 

type SocksListener struct {
	net.Listener
	// contains filtered or unexported fields
}

SocksListener implements the net.Listener interface as a SOCKS server. This program partially implements the server role in version 5 of the SOCKS protocol specified in RFC 1928. In particular, it only supports TCP clients with no authentication who request CONNECT to IPv4 addresses; neither BIND nor UDP ASSOCIATE are supported.

func (*SocksListener) Accept 

func (l *SocksListener) Accept() (net.Conn, error)

Accept exposes the SOCKS5 protocol to connecting client. Return the connection and the requested destination address.

Source Files

View all Source files

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.