girl 9.1.0

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA256:
+  metadata.gz: ddce98f59f1102d50d58fd02775ed1305f3babb3a2b7998a4ed86f39438e2599
+  data.tar.gz: b51d851640addd0acb8d5367b9d6295a67036e720436c6d0bea9ed352222f9bc
+SHA512:
+  metadata.gz: 469527cb74ea0a0aab7af6358dcd345852c8c9c25b9adbcb69f70acaa582592b696a2549d92e3970d55b0a607fe400f107c8445e075fffb6c22bc4d82837289a
+  data.tar.gz: 1ce78e2d003752fb847c11ec505960c82a241d4d0b8ebde1047e7ac788532bb35ad6d985cf76067e20c638a788736336a35a2381b146664d4c391a5e3441d39f

data/girl.gemspec

@@ -0,0 +1,30 @@
+# coding: utf-8
+lib = File.expand_path('../lib', __FILE__)
+$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
+require 'girl/version'
+
+Gem::Specification.new do |spec|
+  spec.name          = 'girl'
+  spec.version       = Girl::VERSION
+  spec.authors       = ['takafan']
+  spec.email         = ['qqtakafan@gmail.com']
+
+  spec.summary       = %q{妹子}
+  spec.description   = %q{escape evil.}
+  spec.homepage      = 'https://github.com/takafan/girl'
+  spec.license       = 'MIT'
+
+  spec.files         = %w[
+girl.gemspec
+lib/girl.rb
+lib/girl/dns.rb
+lib/girl/head.rb
+lib/girl/proxy_worker.rb
+lib/girl/proxy.rb
+lib/girl/proxyd_worker.rb
+lib/girl/proxyd.rb
+lib/girl/version.rb
+  ]
+
+  spec.require_paths = ['lib']
+end

data/lib/girl/dns.rb

@@ -0,0 +1,137 @@
+module Girl
+  module Dns
+    
+    def pack_a_query( domain, type = 1 )
+      # https://www.ietf.org/rfc/rfc1035.txt
+      # https://www.ietf.org/rfc/rfc3596.txt
+      raise "domain may not exceed 255 chars" if domain.bytesize > 255
+      raise "invalid domain" if domain =~ /[^\w\.\-]/
+      data = [ rand( 65_535 ), 1, 0, 1, 0, 0, 0 ].pack( 'nCCnnnn' )
+      data << [ pack_domain( domain ), type, 1 ].pack( 'a*nn' )
+      data
+    end
+  
+    def pack_domain( domain )
+      data = ''
+  
+      domain.split( '.' ).each do | label |
+        raise "label may not exceed 63 chars" if label.bytesize > 63
+        data << [ label.bytesize, label ].pack( 'Ca*' )
+      end
+  
+      data << [ 0 ].pack( 'C' )
+      data
+    end
+  
+    def seek_dn( data, offset )
+      name = ""
+      datalen = data.bytesize
+  
+      loop do
+        raise "offset is greater than datalen" if datalen < ( offset + 1 )
+  
+        len = data.unpack( "@#{ offset } C" ).first
+  
+        if len == 0
+          offset += 1
+          break
+        elsif ( len & 0xC0 ) == 0xC0
+          raise "data ended before offset expand" if datalen < ( offset + 2 )
+  
+          ptr = data.unpack( "@#{ offset } n" ).first
+          ptr &= 0x3FFF
+          name2 = seek_dn( data, ptr ).first
+          raise "data is malformed" if name2.nil?
+  
+          name += name2
+          offset += 2
+          break
+        else
+          offset += 1
+          raise "no expansion found" if datalen < ( offset + len )
+  
+          elem = data[ offset..offset + len - 1 ]
+          name += "#{ elem }."
+          offset += len
+        end
+      end
+  
+      [ name, offset ]
+    end
+  
+    def seek_ip( data )
+      ip = nil
+      answer_count = data.unpack( "@6 n" ).first
+      # puts "debug answer count #{ answer_count }"
+      offset = seek_question( data )
+      # puts "debug offset #{ offset }"
+  
+      answer_count.times do
+        ip, offset = seek_rr_ip( data, offset )
+  
+        if ip then
+          break
+        end
+      end
+  
+      ip
+    end
+  
+    def seek_question( data )
+      offset = 12
+  
+      loop do
+        len = data.unpack( "@#{ offset } C" ).first
+        # puts "debug len #{ len } #{ data[ offset + 1, len ] }"
+        break if len == 0
+        offset += ( 1 + len )
+      end
+  
+      offset += 5
+      offset
+    end
+
+    def seek_question_dn( data )
+      id = data[ 0, 2 ]
+      parts = []
+      offset = 12
+  
+      loop do
+        len = data.unpack( "@#{ offset } C" ).first
+        # puts "debug len #{ len } #{ data[ offset + 1, len ] }"
+        break if len == 0
+        parts << data[ offset + 1, len ]
+        offset += ( 1 + len )
+      end
+      
+      type = data.unpack( "@#{ offset + 1 } n" ).first
+      # puts "debug id #{ id.inspect } dn #{ parts.join( '.' ).inspect } type #{ type }"
+      [ id, parts.join( '.' ), type ]
+    end
+  
+    def seek_rr_ip( data, offset )
+      ip = nil
+      name, offset = seek_dn( data, offset )
+      # puts "debug seek_dn #{ name }, #{ offset }"
+      type = data.unpack( "@#{ offset } n" ).first
+      # puts "debug type #{ type }"
+      offset += 8
+      rdlen = data.unpack( "@#{ offset } n" ).first
+      # puts "debug rdlen #{ rdlen }"
+      offset += 2
+  
+      if type == 1 then
+        raise "rdlen not 4?" if rdlen != 4
+        a, b, c, d = data.unpack( "@#{ offset } CCCC" )
+        ip = "#{ a }.#{ b }.#{ c }.#{ d }"
+      elsif type == 28 then
+        tokens = data.unpack("@#{ offset } n8")
+        ip = format( "%x:%x:%x:%x:%x:%x:%x:%x", *tokens )
+      end
+  
+      offset += rdlen
+      [ ip, offset ]
+    end
+
+  end
+end

data/lib/girl/head.rb

@@ -0,0 +1,20 @@
+module Girl
+  BACKLOG              = 512              # 听队列大小，满后掉SYN包
+  RLIMIT               = 1024             # sock数上限
+  READ_SIZE            = 4 * 1024 * 1024  # 一次读多少
+  WBUFF_LIMIT          = 30 * 1024 * 1024 # 写前上限，超过上限暂停读
+  RESUME_BELOW         = WBUFF_LIMIT / 2  # 降到多少以下恢复读
+  CLOSE_ABOVE          = WBUFF_LIMIT * 3  # 超过多少强制关闭
+  HEARTBEAT_INTERVAL   = 10               # 心跳间隔
+  CHECK_TRAFF_INTERVAL = 3600             # 检查今天是否是流量计数重置日间隔
+  HTTP_OK = "HTTP/1.1 200 OK\r\n\r\n"
+  RESERVED_ROUTE = <<EOF
+0.0.0.0/8
+10.0.0.0/8
+127.0.0.0/8
+169.254.0.0/16
+172.16.0.0/12
+192.168.0.0/16
+255.255.255.255/32
+EOF
+end

data/lib/girl/proxy.rb

@@ -0,0 +1,191 @@
+require 'fileutils'
+require 'girl/dns'
+require 'girl/head'
+require 'girl/proxy_worker'
+require 'girl/version'
+require 'ipaddr'
+require 'json'
+require 'socket'
+
+##
+# Girl::Proxy - 近端
+#
+#
+module Girl
+  class Proxy
+
+    def initialize( config_path = nil )
+      unless config_path then
+        config_path = File.expand_path( '../girl.conf.json', __FILE__ )
+      end
+
+      raise "missing config file #{ config_path }" unless File.exist?( config_path )
+
+      conf = JSON.parse( IO.binread( config_path ), symbolize_names: true )
+      puts "load #{ config_path } #{ conf.inspect }"
+      redir_port = conf[ :redir_port ]
+      memd_port = conf[ :memd_port ]
+      tspd_port = conf[ :tspd_port ]
+      proxyd_host = conf[ :proxyd_host ]
+      proxyd_port = conf[ :proxyd_port ]
+      nameserver = conf[ :nameserver ]
+      im = conf[ :im ]
+      direct_path = conf[ :direct_path ]
+      remote_path = conf[ :remote_path ]
+      appd_host = conf[ :appd_host ]
+      appd_port = conf[ :appd_port ]
+      head_len = conf[ :head_len ]               # 头长度
+      h_a_new_source = conf[ :h_a_new_source ]   # A
+      h_a_new_p2 = conf[ :h_a_new_p2 ]           # B
+      h_dst_close = conf[ :h_dst_close ]         # D
+      h_heartbeat = conf[ :h_heartbeat ]         # H
+      h_p1_close = conf[ :h_p1_close ]           # I
+      h_p2_close = conf[ :h_p2_close ]           # J
+      h_p2_traffic = conf[ :h_p2_traffic ]       # K
+      h_p1_overflow = conf[ :h_p1_overflow ]     # L
+      h_p1_underhalf = conf[ :h_p1_underhalf ]   # M
+      h_p2_overflow = conf[ :h_p2_overflow ]     # N
+      h_p2_underhalf = conf[ :h_p2_underhalf ]   # O
+      h_query = conf[ :h_query ]                 # Q
+      h_response = conf[ :h_response ]           # R
+      h_src_close = conf[ :h_src_close ]         # S
+      h_traffic = conf[ :h_traffic ]             # T
+      h_src_overflow = conf[ :h_src_overflow ]   # U
+      h_src_underhalf = conf[ :h_src_underhalf ] # V
+      h_dst_overflow = conf[ :h_dst_overflow ]   # W
+      h_dst_underhalf = conf[ :h_dst_underhalf ] # X
+      
+      expire_connecting = conf[ :expire_connecting ]     # 连接多久没有建成关闭（秒）
+      expire_long_after = conf[ :expire_long_after ]     # 长连接多久没有新流量关闭（秒）
+      expire_proxy_after = conf[ :expire_proxy_after ]   # proxy多久没有收到流量重建（秒）
+      expire_resolv_cache = conf[ :expire_resolv_cache ] # dns查询结果缓存多久（秒）
+      expire_short_after = conf[ :expire_short_after ]   # 短连接创建多久后关闭（秒）
+      is_debug = conf[ :is_debug ]
+
+      redir_port = redir_port ? redir_port.to_i : 6666
+      memd_port = memd_port ? memd_port.to_i : redir_port + 1
+      tspd_port = tspd_port ? tspd_port.to_i : 7777
+      raise "missing proxyd host" unless proxyd_host
+      proxyd_port = proxyd_port ? proxyd_port.to_i : 6060
+      nameserver = '114.114.114.114' unless nameserver
+      nameservers = nameserver.split( ' ' )
+      im = 'office-pc' unless im
+      directs = []
+
+      if direct_path then
+        raise "not found direct file #{ direct_path }" unless File.exist?( direct_path )
+        directs = ( RESERVED_ROUTE.split( "\n" ) + IO.binread( direct_path ).split( "\n" ) ).map{ | line | IPAddr.new( line.strip ) }
+      end
+
+      remotes = []
+
+      if remote_path then
+        raise "not found remote file #{ remote_path }" unless File.exist?( remote_path )
+        remotes = IO.binread( remote_path ).split( "\n" ).map{ | line | line.strip }
+      end
+
+      appd_host = appd_host ? appd_host.to_s : '127.0.0.1'
+      appd_port = appd_port ? appd_port.to_i : 22
+      head_len = head_len ? head_len.to_i : 59
+      h_a_new_source = h_a_new_source ? h_a_new_source.to_s : 'A'
+      h_a_new_p2 = h_a_new_p2 ? h_a_new_p2.to_s : 'B'
+      h_dst_close = h_dst_close ? h_dst_close.to_s : 'D'
+      h_heartbeat = h_heartbeat ? h_heartbeat.to_s : 'H'
+      h_p1_close = h_p1_close ? h_p1_close.to_s : 'I'
+      h_p2_close = h_p2_close ? h_p2_close.to_s : 'J'
+      h_p2_traffic = h_p2_traffic ? h_p2_traffic.to_s : 'K'
+      h_p1_overflow = h_p1_overflow ? h_p1_overflow.to_s : 'L'
+      h_p1_underhalf = h_p1_underhalf ? h_p1_underhalf.to_s : 'M'
+      h_p2_overflow = h_p2_overflow ? h_p2_overflow.to_s : 'N'
+      h_p2_underhalf = h_p2_underhalf ? h_p2_underhalf.to_s : 'O'
+      h_query = h_query ? h_query.to_s : 'Q'
+      h_response = h_response ? h_response.to_s : 'R'
+      h_src_close = h_src_close ? h_src_close.to_s : 'S'
+      h_traffic = h_traffic ? h_traffic.to_s : 'T'
+      h_src_overflow = h_src_overflow ? h_src_overflow.to_s : 'U'
+      h_src_underhalf = h_src_underhalf ? h_src_underhalf.to_s : 'V'
+      h_dst_overflow = h_dst_overflow ? h_dst_overflow.to_s : 'W'
+      h_dst_underhalf = h_dst_underhalf ? h_dst_underhalf.to_s : 'X'
+      expire_connecting = expire_connecting ? expire_connecting.to_i : 5
+      expire_long_after = expire_long_after ? expire_long_after.to_i : 3600
+      expire_proxy_after = expire_proxy_after ? expire_proxy_after.to_i : 60
+      expire_resolv_cache = expire_resolv_cache ? expire_resolv_cache.to_i : 600
+      expire_short_after = expire_short_after ? expire_short_after.to_i : 5
+      is_client_fastopen = is_server_fastopen = false
+
+      if RUBY_PLATFORM.include?( 'linux' ) then
+        IO.popen( 'sysctl -n net.ipv4.tcp_fastopen' ) do | io |
+          output = io.read
+          val = output.to_i % 4
+
+          if [ 1, 3 ].include?( val ) then
+            is_client_fastopen = true
+          end
+
+          if [ 2, 3 ].include?( val ) then
+            is_server_fastopen = true
+          end
+        end
+      end
+
+      puts "girl proxy #{ Girl::VERSION } #{ im }"
+      puts "#{ redir_port } #{ tspd_port } #{ proxyd_host } #{ proxyd_port } #{ appd_host } #{ appd_port } #{ nameservers.inspect } #{ is_client_fastopen } #{ is_server_fastopen }"
+      puts "#{ direct_path } #{ directs.size } directs"
+      puts "#{ remote_path } #{ remotes.size } remotes"
+
+      if %w[ darwin linux ].any?{ | plat | RUBY_PLATFORM.include?( plat ) } then
+        Process.setrlimit( :NOFILE, RLIMIT )
+        puts "NOFILE #{ Process.getrlimit( :NOFILE ).inspect }"
+      end
+
+      worker = Girl::ProxyWorker.new(
+        redir_port,
+        memd_port,
+        tspd_port,
+        proxyd_host,
+        proxyd_port,
+        nameservers,
+        im,
+        directs,
+        remotes,
+        appd_host,
+        appd_port,
+        head_len,
+        h_a_new_source,
+        h_a_new_p2,
+        h_dst_close,
+        h_heartbeat,
+        h_p1_close,
+        h_p2_close,
+        h_p2_traffic,
+        h_p1_overflow,
+        h_p1_underhalf,
+        h_p2_overflow,
+        h_p2_underhalf,
+        h_query,
+        h_response,
+        h_src_close,
+        h_traffic,
+        h_src_overflow,
+        h_src_underhalf,
+        h_dst_overflow,
+        h_dst_underhalf,
+        expire_connecting,
+        expire_long_after,
+        expire_proxy_after,
+        expire_resolv_cache,
+        expire_short_after,
+        is_debug,
+        is_client_fastopen,
+        is_server_fastopen )
+
+      Signal.trap( :TERM ) do
+        puts 'exit'
+        worker.quit!
+      end
+
+      worker.looping
+    end
+
+  end
+end