TLS conn using Tor proxy

Getting Help
1

Snippets from gist modified for using tor proxy:

client.go

package main

import (
	"crypto/tls"
	"io"
	"log"

	"golang.org/x/net/proxy"
)

func main() {
	tor, err := proxy.SOCKS5("tcp", "127.0.0.1:9150", nil, proxy.Direct)
	if err != nil {
		log.Fatal(err)
	}

	cert, err := tls.LoadX509KeyPair("certs/client.pem", "certs/client.key")
	if err != nil {
		log.Fatalf("server: loadkeys: %s", err)
	}
	config := tls.Config{Certificates: []tls.Certificate{cert}, InsecureSkipVerify: false}

	conn, _ := tor.Dial("tcp", "<ip>:8080")
	tls.Client(conn, &config)

	message := "Hello\n"
	n, err := io.WriteString(conn, message)
	if err != nil {
		log.Fatalf("client: write: %s", err)
	}
	log.Printf("client: wrote %q (%d bytes)", message, n)

	reply := make([]byte, 256)
	n, err = conn.Read(reply)
	log.Printf("client: read %q (%d bytes)", string(reply[:n]), n)
	log.Print("client: exiting")

server.go

package main

import (
    "crypto/rand"
    "crypto/tls"
    "log"
    "net"
    "crypto/x509"
)

func main() {
    cert, err := tls.LoadX509KeyPair("certs/server.pem", "certs/server.key")
    if err != nil {
        log.Fatalf("server: loadkeys: %s", err)
    }
    config := tls.Config{Certificates: []tls.Certificate{cert}}
    config.Rand = rand.Reader
    service := ":8080"
    listener, err := tls.Listen("tcp", service, &config)
    if err != nil {
        log.Fatalf("server: listen: %s", err)
    }
    log.Print("server: listening")
    for {
        conn, err := listener.Accept()
        if err != nil {
            log.Printf("server: accept: %s", err)
            break
        }
        defer conn.Close()
        log.Printf("server: accepted from %s", conn.RemoteAddr())
        tlscon, ok := conn.(*tls.Conn)
        if ok {
            log.Print("ok=true")
            state := tlscon.ConnectionState()
            for _, v := range state.PeerCertificates {
                log.Print(x509.MarshalPKIXPublicKey(v.PublicKey))
            }
        }
        go handleClient(conn)
    }
}

func handleClient(conn net.Conn) {
    defer conn.Close()
    buf := make([]byte, 512)
    for {
        log.Print("server: conn: waiting")
        n, err := conn.Read(buf)
        if err != nil {
            if err != nil {
                log.Printf("server: conn: read: %s", err)
            }
            break
        }
        log.Printf("server: conn: echo %q\n", string(buf[:n]))
        n, err = conn.Write(buf[:n])

        n, err = conn.Write(buf[:n])
        log.Printf("server: conn: wrote %d bytes", n)

        if err != nil {
            log.Printf("server: write: %s", err)
            break
        }
    }
    log.Println("server: conn: closed")
}

Error (server side log):

2017/10/18 02:52:16 server: listening
2017/10/18 02:53:34 server: accepted from 197.231.221.211:1751
2017/10/18 02:53:34 ok=true
2017/10/18 02:53:34 server: conn: waiting
2017/10/18 02:53:34 server: conn: read: tls: oversized record received with length 27759
2017/10/18 02:53:34 server: conn: closed

Any ideas? :confused:

2

Googling the error message I came across this issue that says,

This is because Transport simply skips TLS if Proxy is non-nil, since it knows it doesn’t support Proxy with https.

This might apply here, as the most significant change you made is using a proxy.
Unfortuately, I was not able to find any hint about how to solve this.

3

This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.