dpyproxy 2.2.0__tar.gz → 2.2.1__tar.gz

{dpyproxy-2.2.0 → dpyproxy-2.2.1}/.gitignore

@@ -159,8 +159,5 @@ cython_debug/
 #  option (not recommended) you can uncomment the following to ignore the entire idea folder.
 .idea/
 
-# Custom
-working_resolver_config.json
-
 # ruff
 .ruff_cache/

{dpyproxy-2.2.0 → dpyproxy-2.2.1}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: dpyproxy
-Version: 2.2.0
+Version: 2.2.1
 Summary: Python proxy that implements DPI evasion mechanisms (TLS record fragmentation, TCP segmentation, encrypted DNS, HTTP)
 Project-URL: Homepage, https://github.com/UPB-SysSec/DPYProxy
 Project-URL: Issues, https://github.com/UPB-SysSec/DPYProxy/issues
@@ -62,9 +62,9 @@ DNS censorship. In a typical setup, DPYProxy runs locally replacing your previou
 The DNS module automatically determines a working circumvention method and DNS resolver. You can also specify a 
 circumvention method and resolver manually (see Usage). 
 
-The DNS module saves working circumvention methods and resolvers to a file `working_resolvers.json`. This file is loaded
-on startup to speed up the determination of a working circumvention method. You can force re-determination using the 
-`--dns_skip_working_file` flag.
+The DNS module can save working circumvention methods and resolvers to a file see 
+(`--dns_working_resolver_configuration`). This file is loaded on startup to speed up the determination of a working
+circumvention method. By default, a new working circumvention method is determined in each run.
 
 ### TLS Module
 You can run the TLS Module of DPYProxy locally or on a separate machine. It functions like an HTTP CONNECT/SOCKSv4/SOCKSv5 proxy. I.e., you can specify
@@ -159,6 +159,8 @@ TLS Module:
                         Connection timeout in seconds
   --tls_host TLS_HOST   Address the proxy server runs on
   --tls_port TLS_PORT   Port the proxy server runs on
+  --tls_record_version TLS_RECORD_VERSION
+                        Overwrites the TLS version in the TLS record with the given bytes. Pre-defined values ['DEFAULT', 'TLS10', 'TLS11', 'TLS12', 'TLS13_DRAFT_28', 'TLS13', 'SSL3', 'INVALID_SMALLER', 'INVALID_BIGGER'] or 2 byte long values such as 0303 or FFFF can be provided.
   --tls_record_frag, --no-tls_record_frag
                         Whether to use record fragmentation to forwarded TLS handshake messages (default: True)
   --tls_tcp_frag, --no-tls_tcp_frag
@@ -196,8 +198,8 @@ DNS Module:
                         Whether the given IP ranges to compare are block page IPs or not. Default is False.
   --dns_add_sni DNS_ADD_SNI
                         Whether or not to include the SNI for encrypted DNS modes. Defaults to True.
-  --dns_skip_working_file DNS_SKIP_WORKING_FILE
-                        Whether taking the stored working resolver from a file should be skipped. Defaults to False.
+  --dns_working_resolver_config DNS_WORKING_RESOLVER_CONFIG
+                        DPYProxy can save a working DNS resolver configuration, provide a location for this file here. Example: ./.working_resolver_config.json. If empty (default) no configuration is saved and a working configuration is determined in each run.
 
 HTTP Module:
   --http_timeout HTTP_TIMEOUT
@@ -215,7 +217,7 @@ Standard options:
   -h, --help            Show this help message and exit
   --debug, --no-debug   Turns on debugging (default: False)
   --disabled_modules DISABLED_MODULES
-                        List of proxy modules to disable. By default, all none are disabled. Hence, all are enabled
+                        List of proxy modules to disable. By default, only the HTTP module is disabled.
 ```
 
 ## Examples

{dpyproxy-2.2.0 → dpyproxy-2.2.1}/README.md

@@ -12,9 +12,9 @@ DNS censorship. In a typical setup, DPYProxy runs locally replacing your previou
 The DNS module automatically determines a working circumvention method and DNS resolver. You can also specify a 
 circumvention method and resolver manually (see Usage). 
 
-The DNS module saves working circumvention methods and resolvers to a file `working_resolvers.json`. This file is loaded
-on startup to speed up the determination of a working circumvention method. You can force re-determination using the 
-`--dns_skip_working_file` flag.
+The DNS module can save working circumvention methods and resolvers to a file see 
+(`--dns_working_resolver_configuration`). This file is loaded on startup to speed up the determination of a working
+circumvention method. By default, a new working circumvention method is determined in each run.
 
 ### TLS Module
 You can run the TLS Module of DPYProxy locally or on a separate machine. It functions like an HTTP CONNECT/SOCKSv4/SOCKSv5 proxy. I.e., you can specify
@@ -109,6 +109,8 @@ TLS Module:
                         Connection timeout in seconds
   --tls_host TLS_HOST   Address the proxy server runs on
   --tls_port TLS_PORT   Port the proxy server runs on
+  --tls_record_version TLS_RECORD_VERSION
+                        Overwrites the TLS version in the TLS record with the given bytes. Pre-defined values ['DEFAULT', 'TLS10', 'TLS11', 'TLS12', 'TLS13_DRAFT_28', 'TLS13', 'SSL3', 'INVALID_SMALLER', 'INVALID_BIGGER'] or 2 byte long values such as 0303 or FFFF can be provided.
   --tls_record_frag, --no-tls_record_frag
                         Whether to use record fragmentation to forwarded TLS handshake messages (default: True)
   --tls_tcp_frag, --no-tls_tcp_frag
@@ -146,8 +148,8 @@ DNS Module:
                         Whether the given IP ranges to compare are block page IPs or not. Default is False.
   --dns_add_sni DNS_ADD_SNI
                         Whether or not to include the SNI for encrypted DNS modes. Defaults to True.
-  --dns_skip_working_file DNS_SKIP_WORKING_FILE
-                        Whether taking the stored working resolver from a file should be skipped. Defaults to False.
+  --dns_working_resolver_config DNS_WORKING_RESOLVER_CONFIG
+                        DPYProxy can save a working DNS resolver configuration, provide a location for this file here. Example: ./.working_resolver_config.json. If empty (default) no configuration is saved and a working configuration is determined in each run.
 
 HTTP Module:
   --http_timeout HTTP_TIMEOUT
@@ -165,7 +167,7 @@ Standard options:
   -h, --help            Show this help message and exit
   --debug, --no-debug   Turns on debugging (default: False)
   --disabled_modules DISABLED_MODULES
-                        List of proxy modules to disable. By default, all none are disabled. Hence, all are enabled
+                        List of proxy modules to disable. By default, only the HTTP module is disabled.
 ```
 
 ## Examples

{dpyproxy-2.2.0 → dpyproxy-2.2.1}/modules/dns/DnsModule.py

@@ -85,9 +85,11 @@ class DnsModule(Module):
         )
 
         dns_module.add_argument(
-            "--dns_skip_working_file",
-            default=False,
-            help="Whether taking the stored working resolver from a file should be skipped. Defaults to False.",
+            "--dns_working_resolver_config",
+            default="",
+            help="DPYProxy can save a working DNS resolver configuration, provide a location for this file here."
+            " Example: ./.working_resolver_config.json. If empty (default) no configuration is saved and"
+            " a working configuration is determined in each run.",
         )
 
     def extract_parameters(self, args: Namespace):
@@ -103,7 +105,7 @@ class DnsModule(Module):
             compare_ip_ranges=[x for x in args.dns_compare_ip_ranges.split(",")],
             block_page_ips=args.dns_block_page_ips,
             add_sni=args.dns_add_sni,
-            skip_working_file=args.dns_skip_working_file,
+            working_resolver_configuration=args.dns_working_resolver_config,
         )
 
     def start(self):

{dpyproxy-2.2.0 → dpyproxy-2.2.1}/modules/dns/DnsProxy.py

@@ -35,7 +35,7 @@ class DnsProxy:
         compare_ip_ranges: list[str],
         block_page_ips: bool,
         add_sni: bool,
-        skip_working_file: bool,
+        working_resolver_configuration: str = "",
     ):
         # timeout for socket reads and message reception
         self.timeout = timeout
@@ -46,7 +46,7 @@ class DnsProxy:
         self.block_page_ips = block_page_ips
         self.proxy_mode = proxy_mode
         self.add_sni = add_sni
-        self.skip_working_file = skip_working_file
+        self.working_resolver_configuration = working_resolver_configuration
 
         # initialize UDP and TCP server sockets
         self.udp_server = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)
@@ -165,9 +165,13 @@ class DnsProxy:
         found_working = False
         domain_resolver_generator = self.generate_domain_resolver()
 
-        if os.path.exists("working_resolver_config.json") and not self.skip_working_file:
-            logging.info("Trying already found working resolver from config")
-            with open("working_resolver_config.json", "r") as f:
+        if (
+            self.working_resolver_configuration
+            and not len(self.working_resolver_configuration) == 0
+            and os.path.exists(self.working_resolver_configuration)
+        ):
+            logging.info(f"Trying already found working resolver from config {self.working_resolver_configuration}")
+            with open(self.working_resolver_configuration, "r") as f:
                 data = json.load(f)
             resolver = DomainResolver.from_dict(data)
             self.domain_resolver = resolver
@@ -200,8 +204,10 @@ class DnsProxy:
                 logging.info(f"{domain_resolver} consistently reachable, keeping!")
                 self.domain_resolver = domain_resolver
                 self.proxy_mode = self.domain_resolver.dns_mode
-                with open("working_resolver_config.json", "w") as f:
-                    json.dump(domain_resolver.to_dict(), f, indent=4)
+                if self.working_resolver_configuration and not len(self.working_resolver_configuration) == 0:
+                    logging.info(f"Saving working resolver to {self.working_resolver_configuration}")
+                    with open(self.working_resolver_configuration, "w") as f:
+                        json.dump(domain_resolver.to_dict(), f, indent=4)
                 logging.info(
                     f"Finding consistent mode and starting resolvers took {time.time() - self.start_time} seconds "
                     "in total."

{dpyproxy-2.2.0 → dpyproxy-2.2.1}/pyproject.toml

@@ -4,7 +4,7 @@ build-backend = "hatchling.build"
 
 [project]
 name = "dpyproxy"
-version = "2.2.0"
+version = "2.2.1"
 description = "Python proxy that implements DPI evasion mechanisms (TLS record fragmentation, TCP segmentation, encrypted DNS, HTTP)"
 readme = "README.md"
 license = "Apache-2.0"