README
¶
This package provides a way to make encrypted tcp traffic look similar to Bittorrent connection.
Considerations
- This is experimental package, mainly intended for use in my other projects.
- Symmetric encryption is used for initial handshake. Remember, DO NOT share keys between clients. Otherwise, they will be able to intercept and decrypt handshake message where session key is agreed upon.
How it works
Bittorrent handshake is emulated, InfoHash is used to transmit KeyID. KeyID MUST be 20 bytes in length. After that client and server hello are disguised as BitField messages
from BitTorrent protocol. Client and server negotiate block size, piece size, "file" size, session encryption key etc.
After that, both client and server will send REQUEST and PIECE messages as if they download parts of the torrent from each other.
Note: sending of REQUEST messages is triggered only from WriteMessage() function. This means that sometimes it may seem like peer is sending unrequested PIECE messages
which is not allowed by BittorrentSpec. This happens if client very rarely writes.
Depending on the use case, traffic pattern may be different from usual bittorrent connections, however analyzing all torrent connections should be pretty expensive due to sheer volume of traffic.
Thread safety (VERY IMPORTANT)
Safe scenario: two goroutines, one handles only writes and one only reads. Reads and writes may happen simultaneously
UNSAFE scenario: multiple goroutines call ReadMessage or WriteMessage without some synchronization like mutex.
REMEMBER! Race conditions may cause nonce repetition, which is disastrous for encryption algorithm used by this library.
Usage
Reads from connection are buffered, writes are not. May change in the future.
Use btunnel-proxy as a working example.
Documentation
¶
Index ¶
Constants ¶
const ClientVersion = "0.0.1"
const DefaultBlockSize = 1024 * 16 // bytes
const DefaultPieceSize = 1024 * 1024 * 4 //bytes
const MaxPieceCount = 10000
const ServerVersion = "0.0.1"
Variables ¶
var ProtoBTun = zap.String("proto", "btun")
var ProtoBittorrent = zap.String("proto", "bittorrent")
var ProtoTcp = zap.String("proto", "tcp")
Functions ¶
Types ¶
type ClientIDValidator ¶
type Connection ¶
type Connection struct {
// contains filtered or unexported fields
}
func Accept ¶
func Accept(logger *zap.Logger, conn net.Conn, keyStore KeyStore, validator ClientIDValidator) (*Connection, error)
Accept TCP connection and try to perform a handshake. TCP connection is not closed on failure. ClientIDValidator is a function that can be used to refuse connection if validator(clientID) == false.
func Connect ¶
func Connect(logger *zap.Logger, address string, keyID []byte, clientID string, keyStore KeyStore) (*Connection, error)
Connect to server at address with keyID and keyStore and clientID.
func (*Connection) Close ¶
func (conn *Connection) Close() error
Close closes the underlying TCP connection, rendering this struct useless Note: it is not safe to call Close when either ReadMessage or WriteMessage may be called by other goroutines.
func (*Connection) ReadMessage ¶
func (conn *Connection) ReadMessage() ([]byte, error)
ReadMessage reads next message from connection
func (*Connection) WriteMessage ¶
func (conn *Connection) WriteMessage(payload []byte) error
type SharedPeerId ¶
type SharedPeerId struct {
// contains filtered or unexported fields
}
func (*SharedPeerId) GetId ¶
func (pid *SharedPeerId) GetId() string
Source Files
Directories