Opened 5 years ago

Closed 5 years ago

#5575 closed task (fixed)

Write our own WebSocket server transport plugin

Reported by: dcf Owned by: dcf
Priority: High Milestone:
Component: Archived/Flashproxy Version:
Severity: Keywords:
Cc: Actual Points:
Parent ID: #7166 Points:
Reviewer: Sponsor:

Description

The flash proxy README currently documents how to run the websockify (https://github.com/kanaka/websockify/) program as a ServerTransportPlugin. This works, and it does base64-encoded text frames that allow sending binary data. However, the program is rather larger than we need it to be, and hasn't been audited for security as far as I know. It also has an unwanted built-in web server (that serves local files). The built-in server is disabled by default, but easily enabled.

Solve these problems by writing our own, with an eye towards easy deployment and ability to work as a managed proxy.

Child Tickets

Change History (6)

comment:1 in reply to:  description Changed 5 years ago by dcf

Replying to dcf:

Another benefit of having our own server transport plugin is that we can support the ExtendedORPort. Karsten has told me that this is the best way to collect metrics on usage.

comment:2 Changed 5 years ago by dcf

Status: newneeds_review

This is written in /user/dcf/flashproxy.git branch transport. It doesn't yet support the extended OR port.

The new server transport is written in Go using a custom WebSocket library. Circumstances that led to this decision: websockify is written in Python. But Python is slow for WebSocket xor masking, and its ability as an HTTP server is not as nice as you would like. I wanted to write this program in C, except that I don't want to implement HTTP and base64 and everything in C, and I don't want to have to worry about memory safety very much. Go is like C, compiled but with automatic memory management, and good support for concurrency. There is even a websocket library, which it turns out is unusable for us, because 1) server support for subprotocols seems to be broken (it was broken for clients too until recently), and 2) it doesn't seem to limit the size of received frames. So it is written in Go with a minimal WebSocket implementation.

comment:3 Changed 5 years ago by dcf

Parent ID: #7166

comment:4 Changed 5 years ago by dcf

I opened #7620 for extended OR port support, apart from managedness.

comment:5 Changed 5 years ago by dcf

Priority: normalmajor

comment:6 Changed 5 years ago by dcf

Resolution: fixed
Status: needs_reviewclosed

Now merged.

Note: See TracTickets for help on using tickets.