Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Route HttpClient over Socks5 Proxy, with remote DNS resolution. #545

Merged
merged 2 commits into from
Jul 26, 2016
Merged

Route HttpClient over Socks5 Proxy, with remote DNS resolution. #545

merged 2 commits into from
Jul 26, 2016

Conversation

dan-da
Copy link
Contributor

@dan-da dan-da commented Jul 26, 2016

This pull request partially addresses #522.

I say partially because there is some wiring up left to do so that HttpClient gets access to a Socks5Proxy object when called by a PriceProvider subclass. But the core functionality of making a request over socks5 with remote DNS is working.

I found it necessary to pull in apache components, as commented in the issue. They are only used when a proxy is available to HttpClient. Otherwise, the pre-existing code is used. The caller API (requestWithGet) remains the same.

The HttpClient code (proxy case) looks at the value of proxy.resolveAddrLocally(). So if a user setting is made to control that, then HttpClient will abide by it.

Testing

I tested this code twice by hard-coding addresses of (1) system tor port 9050 and (2) an ssh socks proxy, so that all callers used the proxy even without passing in a Socks5Proxy. I went so far as to firewall block all outgoing tcp/udp ports on the system except those used by tor (9001,9030). With this configuration, I was able to run bitsquare with full functionality when using the ssh tor port, and with everything but poloniex working when run over Tor ( because Poloniex uses cloudflare that blocks tor exit nodes. )

If anyone would like to duplicate the tor-only firewall config, I used the following ufw script on ubuntu:

$ cat ~/ufw_onlytor.sh 
sudo ufw reset
sudo ufw allow out 9001/tcp
sudo ufw allow out 9030/tcp
sudo ufw deny out 1:65535/tcp
sudo ufw deny out 1:65535/udp
sudo ufw enable

It can then be turned off with sudo ufw disable. You will likely want to save your old firewall config first, if any.

Note that bitsquare may take a little longer to connect to tor network with these firewall rules because tor normally use ports 80 and 443 as well as 9001 and 9030. I disabled 80 and 443 to be certain the http requests are not leaking.

I would have liked to finalize the integration, but I find myself baffled as to how to get the Socks5Proxy object to HttpClient. I do not yet grok this injection voodoo. So I think it best that @ManfredKarrer wire that up, and I will thereby learn.

Bounty

A bounty offer was made. At such time as the code is deemed acceptable to be merged, payment can be made to 1Byv5zUGHYtodMScTZcdBBc47Ber2GWNf. A reduced payment is acceptable given the unfinished status. I consider this code to be at least 90% complete. Of course I will fix any issues/nits found during review, etc.

@ManfredKarrer ManfredKarrer merged commit 5362b14 into bisq-network:Development Jul 26, 2016
@ManfredKarrer
Copy link
Contributor

I added the wire up using Guice. I pushed it to Dev branch.
Also disabled Tor in case of Poloniex and if no external proxy is set up.
If you like you can check it out and test if all works. I did not test much yet...

@ManfredKarrer
Copy link
Contributor

Bounty payment is on the way:
https://blockchain.info/de/tx/b1a9db2cc31d74e8353ee8ec6d7486a1713b3b18d164c2b513441f858a7df111

@ManfredKarrer
Copy link
Contributor

Thanks a lot again!
Was a great contribution, much more valuable as the compensation I could give you via the Bounty payment.

@dan-da
Copy link
Contributor Author

dan-da commented Jul 26, 2016

Thx! Seems to be working well here. I tried with both "tor for http requests" enabled and disabled.

On the first run, I did get some exceptions thrown due to 404 from bitcoinaverage. It's been fine after that, so probably an issue on their end. I'll report if any other issues arise.

Jul-26 09:38:04.943 [requestPrice-BitcoinAveragePriceProvider] ERROR i.b.h.HttpClient: <html><head><title>404 Not Found</title></head><body bgcolor="white"><center><h1>404 Not Found</h1></center><hr><center>nginx/1.10.0</center></body></html> 
io.bitsquare.http.HttpException: <html><head><title>404 Not Found</title></head><body bgcolor="white"><center><h1>404 Not Found</h1></center><hr><center>nginx/1.10.0</center></body></html>
        at io.bitsquare.http.HttpClient.requestWithGETNoProxy(HttpClient.java:77)
        at io.bitsquare.http.HttpClient.requestWithGET(HttpClient.java:56)
        at io.bitsquare.btc.pricefeed.providers.BitcoinAveragePriceProvider.getPrice(BitcoinAveragePriceProvider.java:51)
        at io.bitsquare.btc.pricefeed.GetPriceRequest.lambda$requestPrice$1(GetPriceRequest.java:50)
        at java.util.concurrent.FutureTask.run(FutureTask.java:266)
        at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
        at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
        at java.lang.Thread.run(Thread.java:745)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@dan-da @ManfredKarrer