fix connection handling

firefart · Feb 4, 2024 · eb9eb92 · eb9eb92
1 parent f7853ea
commit eb9eb92
Show file tree

Hide file tree

Showing 16 changed files with 260 additions and 210 deletions.
diff --git a/internal/cmd/bruteforce.go b/internal/cmd/bruteforce.go
@@ -2,6 +2,7 @@ package cmd
 
 import (
  "bufio"
+ "context"
  "fmt"
  "os"
  "strings"
@@ -43,7 +44,7 @@ func (opts BruteforceOpts) Validate() error {
  return nil
 }
 
-func BruteForce(opts BruteforceOpts) error {
+func BruteForce(ctx context.Context, opts BruteforceOpts) error {
  if err := opts.Validate(); err != nil {
  return err
  }
@@ -56,7 +57,7 @@ func BruteForce(opts BruteforceOpts) error {
 
  scanner := bufio.NewScanner(pfile)
  for scanner.Scan() {
- if err := testPassword(opts, scanner.Text()); err != nil {
+ if err := testPassword(ctx, opts, scanner.Text()); err != nil {
  return err
  }
  }
@@ -67,15 +68,15 @@ func BruteForce(opts BruteforceOpts) error {
  return nil
 }
 
-func testPassword(opts BruteforceOpts, password string) error {
- remote, err := internal.Connect(opts.Protocol, opts.TurnServer, opts.UseTLS, opts.Timeout)
+func testPassword(ctx context.Context, opts BruteforceOpts, password string) error {
+ remote, err := internal.Connect(ctx, opts.Protocol, opts.TurnServer, opts.UseTLS, opts.Timeout)
  if err != nil {
  return err
  }
 
  addressFamily := internal.AllocateProtocolIgnore
  allocateRequest := internal.AllocateRequest(internal.RequestedTransportUDP, addressFamily)
- allocateResponse, err := allocateRequest.SendAndReceive(opts.Log, remote, opts.Timeout)
+ allocateResponse, err := allocateRequest.SendAndReceive(ctx, opts.Log, remote, opts.Timeout)
  if err != nil {
  return fmt.Errorf("error on sending AllocateRequest: %w", err)
  }
@@ -87,7 +88,7 @@ func testPassword(opts BruteforceOpts, password string) error {
  nonce := string(allocateResponse.GetAttribute(internal.AttrNonce).Value)
 
  allocateRequest = internal.AllocateRequestAuth(opts.Username, password, nonce, realm, internal.RequestedTransportUDP, addressFamily)
- allocateResponse, err = allocateRequest.SendAndReceive(opts.Log, remote, opts.Timeout)
+ allocateResponse, err = allocateRequest.SendAndReceive(ctx, opts.Log, remote, opts.Timeout)
  if err != nil {
  return fmt.Errorf("error on sending AllocateRequest Auth: %w", err)
  }

diff --git a/internal/cmd/brutetransports.go b/internal/cmd/brutetransports.go
@@ -1,6 +1,7 @@
 package cmd
 
 import (
+ "context"
  "fmt"
  "strings"
  "time"
@@ -42,20 +43,20 @@ func (opts BruteTransportOpts) Validate() error {
  return nil
 }
 
-func BruteTransports(opts BruteTransportOpts) error {
+func BruteTransports(ctx context.Context, opts BruteTransportOpts) error {
  if err := opts.Validate(); err != nil {
  return err
  }
 
  for i := 0; i <= 255; i++ {
- conn, err := internal.Connect(opts.Protocol, opts.TurnServer, opts.UseTLS, opts.Timeout)
+ conn, err := internal.Connect(ctx, opts.Protocol, opts.TurnServer, opts.UseTLS, opts.Timeout)
  if err != nil {
  return err
  }
 
  x := internal.RequestedTransport(uint32(i))
  allocateRequest := internal.AllocateRequest(x, internal.AllocateProtocolIgnore)
- allocateResponse, err := allocateRequest.SendAndReceive(opts.Log, conn, opts.Timeout)
+ allocateResponse, err := allocateRequest.SendAndReceive(ctx, opts.Log, conn, opts.Timeout)
  if err != nil {
  return fmt.Errorf("error on sending allocate request: %w", err)
  }
@@ -64,7 +65,7 @@ func BruteTransports(opts BruteTransportOpts) error {
  nonce := string(allocateResponse.GetAttribute(internal.AttrNonce).Value)
 
  allocateRequest = internal.AllocateRequestAuth(opts.Username, opts.Password, nonce, realm, x, internal.AllocateProtocolIgnore)
- allocateResponse, err = allocateRequest.SendAndReceive(opts.Log, conn, opts.Timeout)
+ allocateResponse, err = allocateRequest.SendAndReceive(ctx, opts.Log, conn, opts.Timeout)
  if err != nil {
  return fmt.Errorf("error on sending allocate request auth: %w", err)
  }

diff --git a/internal/cmd/info.go b/internal/cmd/info.go
@@ -1,6 +1,7 @@
 package cmd
 
 import (
+ "context"
  "fmt"
  "strings"
  "time"
@@ -35,28 +36,28 @@ func (opts InfoOpts) Validate() error {
  return nil
 }
 
-func Info(opts InfoOpts) error {
+func Info(ctx context.Context, opts InfoOpts) error {
  if err := opts.Validate(); err != nil {
  return err
  }
 
- if attr, err := testStun(opts); err != nil {
+ if attr, err := testStun(ctx, opts); err != nil {
  opts.Log.Debugf("STUN error: %v", err)
  opts.Log.Error("this server does not support the STUN protocol")
  } else {
  opts.Log.Info("this server supports the STUN protocol")
  printAttributes(opts, attr)
  }
 
- if attr, err := testTurn(opts, internal.RequestedTransportUDP); err != nil {
+ if attr, err := testTurn(ctx, opts, internal.RequestedTransportUDP); err != nil {
  opts.Log.Debugf("TURN UDP error: %v", err)
  opts.Log.Error("this server does not support the TURN UDP protocol")
  } else {
  opts.Log.Info("this server supports the TURN protocol with UDP transports")
  printAttributes(opts, attr)
  }
 
- if attr, err := testTurn(opts, internal.RequestedTransportTCP); err != nil {
+ if attr, err := testTurn(ctx, opts, internal.RequestedTransportTCP); err != nil {
  opts.Log.Debugf("TURN TCP error: %v", err)
  opts.Log.Error("this server does not support the TURN TCP protocol")
  } else {
@@ -67,15 +68,15 @@ func Info(opts InfoOpts) error {
  return nil
 }
 
-func testStun(opts InfoOpts) ([]internal.Attribute, error) {
- conn, err := internal.Connect(opts.Protocol, opts.TurnServer, opts.UseTLS, opts.Timeout)
+func testStun(ctx context.Context, opts InfoOpts) ([]internal.Attribute, error) {
+ conn, err := internal.Connect(ctx, opts.Protocol, opts.TurnServer, opts.UseTLS, opts.Timeout)
  if err != nil {
  return nil, err
  }
  defer conn.Close()
 
  bindingRequest := internal.BindingRequest()
- bindingResponse, err := bindingRequest.SendAndReceive(opts.Log, conn, opts.Timeout)
+ bindingResponse, err := bindingRequest.SendAndReceive(ctx, opts.Log, conn, opts.Timeout)
  if err != nil {
  return nil, fmt.Errorf("error on sending binding request: %w", err)
  }
@@ -86,15 +87,15 @@ func testStun(opts InfoOpts) ([]internal.Attribute, error) {
  return bindingResponse.Attributes, nil
 }
 
-func testTurn(opts InfoOpts, proto internal.RequestedTransport) ([]internal.Attribute, error) {
- conn, err := internal.Connect(opts.Protocol, opts.TurnServer, opts.UseTLS, opts.Timeout)
+func testTurn(ctx context.Context, opts InfoOpts, proto internal.RequestedTransport) ([]internal.Attribute, error) {
+ conn, err := internal.Connect(ctx, opts.Protocol, opts.TurnServer, opts.UseTLS, opts.Timeout)
  if err != nil {
  return nil, err
  }
  defer conn.Close()
 
  allocateRequest := internal.AllocateRequest(proto, internal.AllocateProtocolIgnore)
- allocateResponse, err := allocateRequest.SendAndReceive(opts.Log, conn, opts.Timeout)
+ allocateResponse, err := allocateRequest.SendAndReceive(ctx, opts.Log, conn, opts.Timeout)
  if err != nil {
  return nil, fmt.Errorf("error on sending allocate request: %w", err)
  }

diff --git a/internal/cmd/memoryleak.go b/internal/cmd/memoryleak.go
@@ -1,6 +1,7 @@
 package cmd
 
 import (
+ "context"
  "fmt"
  "net/netip"
  "strings"
@@ -56,12 +57,12 @@ func (opts MemoryleakOpts) Validate() error {
  return nil
 }
 
-func MemoryLeak(opts MemoryleakOpts) error {
+func MemoryLeak(ctx context.Context, opts MemoryleakOpts) error {
  if err := opts.Validate(); err != nil {
  return err
  }
 
- remote, realm, nonce, err := internal.SetupTurnConnection(opts.Log, opts.Protocol, opts.TurnServer, opts.UseTLS, opts.Timeout, opts.TargetHost, opts.TargetPort, opts.Username, opts.Password)
+ remote, realm, nonce, err := internal.SetupTurnConnection(ctx, opts.Log, opts.Protocol, opts.TurnServer, opts.UseTLS, opts.Timeout, opts.TargetHost, opts.TargetPort, opts.Username, opts.Password)
  if err != nil {
  return err
  }
@@ -76,7 +77,7 @@ func MemoryLeak(opts MemoryleakOpts) error {
  return fmt.Errorf("error on generating ChannelBind request: %w", err)
  }
  opts.Log.Debugf("ChannelBind Request:\n%s", channelBindRequest.String())
- channelBindResponse, err := channelBindRequest.SendAndReceive(opts.Log, remote, opts.Timeout)
+ channelBindResponse, err := channelBindRequest.SendAndReceive(ctx, opts.Log, remote, opts.Timeout)
  if err != nil {
  return fmt.Errorf("error on sending ChannelBind request: %w", err)
  }
@@ -91,7 +92,7 @@ func MemoryLeak(opts MemoryleakOpts) error {
  toSend = append(toSend, helper.PutUint16(opts.Size)...)
  toSend = append(toSend, []byte("xxx")...)
  toSend = internal.Padding(toSend)
- err := helper.ConnectionWrite(remote, toSend, opts.Timeout)
+ err := helper.ConnectionWrite(ctx, remote, toSend, opts.Timeout)
  if err != nil {
  return fmt.Errorf("error on sending data: %w", err)
  }

diff --git a/internal/cmd/rangescan.go b/internal/cmd/rangescan.go
@@ -1,6 +1,7 @@
 package cmd
 
 import (
+ "context"
  "errors"
  "fmt"
  "net/netip"
@@ -45,7 +46,7 @@ func (opts RangeScanOpts) Validate() error {
  return nil
 }
 
-func RangeScan(opts RangeScanOpts) error {
+func RangeScan(ctx context.Context, opts RangeScanOpts) error {
  if err := opts.Validate(); err != nil {
  return err
  }
@@ -105,7 +106,7 @@ func RangeScan(opts RangeScanOpts) error {
  return fmt.Errorf("target is no valid ip address: %w", err)
  }
 
- suc, err := scanUDP(opts, ip, 80)
+ suc, err := scanUDP(ctx, opts, ip, 80)
  if err != nil {
  opts.Log.Errorf("UDP %s: %v", ip, err)
  }
@@ -121,7 +122,7 @@ func RangeScan(opts RangeScanOpts) error {
  return fmt.Errorf("target is no valid ip address: %w", err)
  }
 
- suc, err := scanTCP(opts, ip, 80)
+ suc, err := scanTCP(ctx, opts, ip, 80)
  if err != nil {
  opts.Log.Errorf("TCP %s: %v", ip, err)
  }
@@ -132,8 +133,8 @@ func RangeScan(opts RangeScanOpts) error {
  return nil
 }
 
-func scanTCP(opts RangeScanOpts, targetHost netip.Addr, targetPort uint16) (bool, error) {
- conn, err := internal.Connect(opts.Protocol, opts.TurnServer, opts.UseTLS, opts.Timeout)
+func scanTCP(ctx context.Context, opts RangeScanOpts, targetHost netip.Addr, targetPort uint16) (bool, error) {
+ conn, err := internal.Connect(ctx, opts.Protocol, opts.TurnServer, opts.UseTLS, opts.Timeout)
  if err != nil {
  return false, err
  }
@@ -145,7 +146,7 @@ func scanTCP(opts RangeScanOpts, targetHost netip.Addr, targetPort uint16) (bool
  }
 
  allocateRequest := internal.AllocateRequest(internal.RequestedTransportTCP, addressFamily)
- allocateResponse, err := allocateRequest.SendAndReceive(opts.Log, conn, opts.Timeout)
+ allocateResponse, err := allocateRequest.SendAndReceive(ctx, opts.Log, conn, opts.Timeout)
  if err != nil {
  return false, fmt.Errorf("error on sending allocate request 1: %w", err)
  }
@@ -157,7 +158,7 @@ func scanTCP(opts RangeScanOpts, targetHost netip.Addr, targetPort uint16) (bool
  nonce := string(allocateResponse.GetAttribute(internal.AttrNonce).Value)
 
  allocateRequest = internal.AllocateRequestAuth(opts.Username, opts.Password, nonce, realm, internal.RequestedTransportTCP, addressFamily)
- allocateResponse, err = allocateRequest.SendAndReceive(opts.Log, conn, opts.Timeout)
+ allocateResponse, err = allocateRequest.SendAndReceive(ctx, opts.Log, conn, opts.Timeout)
  if err != nil {
  return false, fmt.Errorf("error on sending allocate request 2: %w", err)
  }
@@ -169,7 +170,7 @@ func scanTCP(opts RangeScanOpts, targetHost netip.Addr, targetPort uint16) (bool
  if err != nil {
  return false, fmt.Errorf("error on generating Connect request: %w", err)
  }
- connectResponse, err := connectRequest.SendAndReceive(opts.Log, conn, opts.Timeout)
+ connectResponse, err := connectRequest.SendAndReceive(ctx, opts.Log, conn, opts.Timeout)
  if err != nil {
  // ignore timeouts, a timeout means open port
  if errors.Is(err, helper.ErrTimeout) {
@@ -184,8 +185,8 @@ func scanTCP(opts RangeScanOpts, targetHost netip.Addr, targetPort uint16) (bool
  return true, nil
 }
 
-func scanUDP(opts RangeScanOpts, targetHost netip.Addr, targetPort uint16) (bool, error) {
- remote, _, _, err := internal.SetupTurnConnection(opts.Log, opts.Protocol, opts.TurnServer, opts.UseTLS, opts.Timeout, targetHost, targetPort, opts.Username, opts.Password)
+func scanUDP(ctx context.Context, opts RangeScanOpts, targetHost netip.Addr, targetPort uint16) (bool, error) {
+ remote, _, _, err := internal.SetupTurnConnection(ctx, opts.Log, opts.Protocol, opts.TurnServer, opts.UseTLS, opts.Timeout, targetHost, targetPort, opts.Username, opts.Password)
  if err != nil {
  return false, err
  }

diff --git a/internal/cmd/socks.go b/internal/cmd/socks.go
@@ -52,13 +52,12 @@ func (opts SocksOpts) Validate() error {
  return nil
 }
 
-func Socks(opts SocksOpts) error {
+func Socks(ctx context.Context, opts SocksOpts) error {
  if err := opts.Validate(); err != nil {
  return err
  }
 
  handler := &socksimplementations.SocksTurnTCPHandler{
- Ctx: context.Background(),
  Server: opts.TurnServer,
  TURNUsername: opts.Username,
  TURNPassword: opts.Password,
@@ -74,7 +73,7 @@ func Socks(opts SocksOpts) error {
  Log: opts.Log,
  }
  opts.Log.Infof("starting SOCKS server on %s", opts.Listen)
- if err := p.Start(); err != nil {
+ if err := p.Start(ctx); err != nil {
  return err
  }
  <-p.Done

diff --git a/internal/cmd/tcpscanner.go b/internal/cmd/tcpscanner.go
@@ -1,6 +1,7 @@
 package cmd
 
 import (
+ "context"
  "crypto/tls"
  "encoding/hex"
  "fmt"
@@ -55,7 +56,7 @@ func (opts TCPScannerOpts) Validate() error {
  return nil
 }
 
-func TCPScanner(opts TCPScannerOpts) error {
+func TCPScanner(ctx context.Context, opts TCPScannerOpts) error {
  if err := opts.Validate(); err != nil {
  return err
  }
@@ -79,7 +80,7 @@ func TCPScanner(opts TCPScannerOpts) error {
  return fmt.Errorf("Invalid port %s: %w", port, err)
  }
  opts.Log.Debugf("Scanning %s:%d", ip.IP.String(), portI)
- if err := httpScan(opts, ip.IP, uint16(portI)); err != nil {
+ if err := httpScan(ctx, opts, ip.IP, uint16(portI)); err != nil {
  opts.Log.Errorf("error on running HTTP Scan for %s:%d: %v", ip.IP.String(), portI, err)
  }
  }
@@ -88,8 +89,8 @@ func TCPScanner(opts TCPScannerOpts) error {
  return nil
 }
 
-func httpScan(opts TCPScannerOpts, ip netip.Addr, port uint16) error {
- controlConnection, dataConnection, err := internal.SetupTurnTCPConnection(opts.Log, opts.TurnServer, opts.UseTLS, opts.Timeout, ip, port, opts.Username, opts.Password)
+func httpScan(ctx context.Context, opts TCPScannerOpts, ip netip.Addr, port uint16) error {
+ _, _, controlConnection, dataConnection, err := internal.SetupTurnTCPConnection(ctx, opts.Log, opts.TurnServer, opts.UseTLS, opts.Timeout, ip, port, opts.Username, opts.Password)
  if err != nil {
  return err
  }
@@ -103,10 +104,10 @@ func httpScan(opts TCPScannerOpts, ip netip.Addr, port uint16) error {
 
  if useTLS {
  tlsConn := tls.Client(dataConnection, &tls.Config{InsecureSkipVerify: true})
- if err := helper.ConnectionWrite(tlsConn, []byte(httpRequest), opts.Timeout); err != nil {
+ if err := helper.ConnectionWrite(ctx, tlsConn, []byte(httpRequest), opts.Timeout); err != nil {
  return fmt.Errorf("error on sending TLS data: %w", err)
  }
- data, err := helper.ConnectionRead(tlsConn, opts.Timeout)
+ data, err := helper.ConnectionRead(ctx, tlsConn, opts.Timeout)
  if err != nil {
  return fmt.Errorf("error on reading after sending TLS data: %w", err)
  }
@@ -116,10 +117,10 @@ func httpScan(opts TCPScannerOpts, ip netip.Addr, port uint16) error {
  }
 
  // plain text connection
- if err := helper.ConnectionWrite(dataConnection, []byte(httpRequest), opts.Timeout); err != nil {
+ if err := helper.ConnectionWrite(ctx, dataConnection, []byte(httpRequest), opts.Timeout); err != nil {
  return fmt.Errorf("error on sending data: %w", err)
  }
- data, err := helper.ConnectionRead(dataConnection, opts.Timeout)
+ data, err := helper.ConnectionRead(ctx, dataConnection, opts.Timeout)
  if err != nil {
  return fmt.Errorf("error on reading after sending data: %w", err)
  }