bughz/3proxy
1
0
Fork 0
mirror of https://github.com/3proxy/3proxy.git synced 2026-05-01 08:20:12 +08:00
Code Issues Actions 4 Packages Projects Releases Wiki Activity
931 Commits 5 Branches 31 Tags 3.4 MiB
d674d1d51b
Commit Graph

100 Commits

Author SHA1 Message Date
Vladimir Dubrovin
b1ac46da79 Remove linux futext implementation
Some checks failed
Build Win32 3proxy-lite with Watcom / ${{ matrix.target }} (windows-2022) (push) Has been cancelled
Details
Build Win32 3proxy with MSVC / ${{ matrix.target }} (windows-2022) (push) Has been cancelled
Details
Build Win64 3proxy with MSVC / ${{ matrix.target }} (windows-2022) (push) Has been cancelled
Details
Build Win-arm64 3proxy with MSVC / ${{ matrix.target }} (windows-2022) (push) Has been cancelled
Details
C/C++ CI Linux / ${{ matrix.target }} (ubuntu-24.04-arm) (push) Has been cancelled
Details
C/C++ CI Linux / ${{ matrix.target }} (ubuntu-latest) (push) Has been cancelled
Details
C/C++ CI MacOS / ${{ matrix.target }} (macos-15) (push) Has been cancelled
Details
C/C++ CI Windows / ${{ matrix.target }} (windows-2022) (push) Has been cancelled
Details
C/C++ CI cmake / ${{ matrix.target }} (macos-15) (push) Has been cancelled
Details
C/C++ CI cmake / ${{ matrix.target }} (ubuntu-24.04-arm) (push) Has been cancelled
Details
C/C++ CI cmake / ${{ matrix.target }} (ubuntu-latest) (push) Has been cancelled
Details
C/C++ CI cmake / ${{ matrix.target }} (windows-2022) (push) Has been cancelled
Details
2026-04-28 18:06:54 +03:00
Vladimir Dubrovin
ada24a98ec Use semaphore/mutex insted of pipe for threads sync 2026-04-28 14:00:15 +03:00
Vladimir Dubrovin
d52701518d udppm switched to hashtable and supports multiple connections; no standalone udppm 2026-04-27 15:12:39 +03:00
Vladimir Dubrovin
62ceb36157 Use hashtables for password lists 2026-04-26 20:38:58 +03:00
Vladimir Dubrovin
62be3c7b5b cash the hash for auth cache 2026-04-26 19:56:38 +03:00
Vladimir Dubrovin
4f0f3c81e1 add 'cacheacl' auth type, dstaddr, dstport, dsthost, dstoper, srvaddr and srvport authcache types; allow to configure authcache by service 
'auth cacheacl ...' is identical to 'auth cache ...' except ACL is not checked for cached authentication. dstaddr, dstport, dsthost and dstoper (operation) are intended to be used with cacheacl. For example

authcache user,ip,password,dstaddr 600
auth cacheacl iponly strong

allows user to access destination ip without ACL/password revalidation if he has cached attempt to the same ip from the same ip with the same username and password.

srvaddr, srvport are useful to only match with cached attempts to the same `internal` address / service port.
 2026-04-21 21:49:52 +03:00
Vladimir Dubrovin
68ef9dcc59 Fix Windows compilation 2026-04-21 16:10:17 +03:00
Vladimir Dubrovin
3957210609 Allow different hash lengths; fix bug on hashtable grow 2026-04-20 18:49:53 +03:00
Vladimir Dubrovin
083a70393f Minor hashtable refactor 2026-04-20 10:40:38 +03:00
Vladimir Dubrovin
7102afe856 authcache switched to hashtables, overflow fixed 
- authcache switched to use hashtables, size parameter added
- overflow fixed on hashinit
- hashtable prefers new values on insert if table is full
- hashtable is able to compact/grow
 2026-04-19 19:16:33 +03:00
Vladimir Dubrovin
a3729354b8 Allow hashtable to grow
Some checks are pending
C/C++ CI Linux / ${{ matrix.target }} (ubuntu-24.04-arm) (push) Waiting to run
Details
C/C++ CI Linux / ${{ matrix.target }} (ubuntu-latest) (push) Waiting to run
Details
C/C++ CI MacOS / ${{ matrix.target }} (macos-15) (push) Waiting to run
Details
C/C++ CI Windows / ${{ matrix.target }} (windows-2022) (push) Waiting to run
Details
C/C++ CI cmake / ${{ matrix.target }} (macos-15) (push) Waiting to run
Details
C/C++ CI cmake / ${{ matrix.target }} (ubuntu-24.04-arm) (push) Waiting to run
Details
C/C++ CI cmake / ${{ matrix.target }} (ubuntu-latest) (push) Waiting to run
Details
C/C++ CI cmake / ${{ matrix.target }} (windows-2022) (push) Waiting to run
Details
2026-04-18 17:24:01 +03:00
Vladimir Dubrovin
260cbf7a3d Use uint32_t for hashtable indicies 2026-04-18 15:36:14 +03:00
Vladimir Dubrovin
f1af44f3a9 Refactor hashtables to use indices instead of pointers, use blake2 as a hash, mycrypt renamed to 3proxy_crypt 2026-04-18 15:12:43 +03:00
Vladimir Dubrovin
4ee7f71fb9 Использовать tablesize в хештаблице 2026-04-17 21:15:21 +03:00
Vladimir Dubrovin
98604b5421 Add hashcompact 2026-04-17 20:40:27 +03:00
Vladimir Dubrovin
a0d580b36d move hashtable/resolve/sql functions to separate files 2026-04-17 19:29:50 +03:00
Vladimir Dubrovin
a1a65c3fd5 ssl_client_mode = 3 added, allow 'secure' parent types ending with 's': https, tcps, socks5s, connect+s, etc. 
example:

plugin SSLPlugin.ld.so ssl_plugin

allow user1
parent 1000 http 1.1.1.1 1111
allow user2
parent 1000 https 2.2.2.2 2222
ssl_client_mode 3
ssl_client
proxy

With ssl_client_mode 3 TLS is only handshaked for https parent type and is not handshaked for http parent.
 2026-04-13 20:53:38 +03:00
Vladimir Dubrovin
878a432481 Support unix socket for parent and tcppm; abstract (fileless) unix sockets for linux support
Some checks are pending
C/C++ CI Linux / ${{ matrix.target }} (ubuntu-24.04-arm) (push) Waiting to run
Details
C/C++ CI Linux / ${{ matrix.target }} (ubuntu-latest) (push) Waiting to run
Details
C/C++ CI MacOS / ${{ matrix.target }} (macos-15) (push) Waiting to run
Details
C/C++ CI Windows / ${{ matrix.target }} (windows-2022) (push) Waiting to run
Details
C/C++ CI cmake / ${{ matrix.target }} (macos-15) (push) Waiting to run
Details
C/C++ CI cmake / ${{ matrix.target }} (ubuntu-24.04-arm) (push) Waiting to run
Details
C/C++ CI cmake / ${{ matrix.target }} (ubuntu-latest) (push) Waiting to run
Details
C/C++ CI cmake / ${{ matrix.target }} (windows-2022) (push) Waiting to run
Details 
Use unix:/path/to/socket, e.g.

tcppm 1234 unix:/path/to/socket 1234

Under linux abstract sockets are supported with '@' prefix, e.g.

parent 1000 http unix:@virtual.3proxy.socket 1111

Destination port numbers are not used in tcppm/parent, but you must specify any positive value to match the syntaxis.
 2026-04-12 19:18:15 +03:00
Vladimir Dubrovin
2d6eeff5f3 FIx typos, update documentation 2026-04-12 13:58:42 +03:00
Vladimir Dubrovin
c206349ee2 Support unix sockets for internal and -i 
Example configuration:

log
auto -iunix:/path/to/3proxy.sock

test with

curl --unix-socket /path/to/3proxy.sock https://3proxy.ru
 2026-04-12 00:30:35 +03:00
Vladimir Dubrovin
0c8be907e9 -Ne / -Ni options added to specify external / internal NAT address
Some checks are pending
C/C++ CI Linux / ${{ matrix.target }} (ubuntu-24.04-arm) (push) Waiting to run
Details
C/C++ CI Linux / ${{ matrix.target }} (ubuntu-latest) (push) Waiting to run
Details
C/C++ CI MacOS / ${{ matrix.target }} (macos-15) (push) Waiting to run
Details
C/C++ CI Windows / ${{ matrix.target }} (windows-2022) (push) Waiting to run
Details
C/C++ CI cmake / ${{ matrix.target }} (macos-15) (push) Waiting to run
Details
C/C++ CI cmake / ${{ matrix.target }} (ubuntu-24.04-arm) (push) Waiting to run
Details
C/C++ CI cmake / ${{ matrix.target }} (ubuntu-latest) (push) Waiting to run
Details
C/C++ CI cmake / ${{ matrix.target }} (windows-2022) (push) Waiting to run
Details
2026-04-10 15:01:43 +03:00
Vladimir Dubrovin
0381461495 Use PRI/SCN modifiers where possible 2026-04-08 21:13:31 +03:00
Vladimir Dubrovin
483542b914 Use uint32_t/uint16_t instead of unsigned long / unsigned short where required 2026-04-08 21:13:18 +03:00
Vladimir Dubrovin
7299bcc0e2 Move timeouts from conf 2026-04-08 19:21:29 +03:00
Vladimir Dubrovin
8d8ee23385 ssl_client_mode added, code cleanup 
ssl_client_mode
0 (default) - handshake immediately after connect() (with first parent or with destination if there is no parent)
1 - handshake with destination server (handshake after connection via parents is established)
2 - handshake after data channel is established (e.g. after CONNECT)
 2026-04-08 19:21:26 +03:00
Vladimir Dubrovin
d67a052aa8 Fixed: invalid config value initializers 2026-04-08 19:21:26 +03:00
Vladimir Dubrovin
af25cb460f Fixed service name detection for auto / tlspr 2026-04-08 19:21:25 +03:00
Vladimir Dubrovin
2508b89d96 Avoid sleep on service thread sync 2026-04-08 19:21:25 +03:00
Vladimir Dubrovin
b624da443a ssl_noserv fixed, ssl_cli/ssl_nocli/ssl_client_cert/ssl_client_key added 2026-04-08 19:21:25 +03:00
Vladimir Dubrovin
7e7a0d4336 Support HAProxy proxy v1 protocol 
Added:
-H option - expect HAProxy proxy v1 header, e.g. `proxy -H`

parent ha type - send HAProxy proxy v1 header (must be last in redirection), e.g.

allow *
parent 1000 ha
parent 1000 proxy 1.2.3.4 3128
socks
 2026-04-08 19:21:25 +03:00
Vladimir Dubrovin
013d4bc333 tlspr (SNI proxy) implemented 
Options -cN - level of TLS check
default - allow non-TLS traffic
1 - require TLS, only check client HELLO packet
2 - require TLS, check both client and server HELLO
3 - require TLS, check server send certificate (not compatible with TLS 1.3)
4 - require mutual TLS, check server send certificate request and client sends certificate (not compatible with TLS 1.3)
-P - default port

examples:

1.
tlspr -p1443 -P443 -c1
(port 1443 may be used to redirect traffic to destination port 143). SNI is used to find destination host

2.
allow * * * 80
parent 1000 http 0.0.0.0 0
allow * * * * CONNECT
parent 1000 tls 0.0.0.0 0
deny * * some.not.allowed.host
allow *
socks

attempts to take destination hostname from SNI in SOCKS
 2024-05-20 13:01:38 +03:00
Vladimir Dubrovin
8198db8617 adding state to socket functions 2024-02-17 17:31:25 +03:00
Vladimir Dubrovin
d83c1f47f8 Rollback commit in the wrong branch 2024-02-17 13:18:14 +03:00
Vladimir Dubrovin
20a929ca53 Add per-service sockfuncs 2024-02-17 12:57:36 +03:00
Michael Tautschnig
687ebafb1b Fix plugin declarations of hashindex and nametohash 
Plugins using these would fail to provide the required arguments.
 2023-10-11 10:00:47 +00:00
Vladimir Dubrovin
5e2b2a399e clean up warnings 2023-07-13 15:29:26 +03:00
Vladimir Dubrovin
6532163f01 Fix connlim issues 2023-04-26 15:04:00 +03:00
Daniel Winzen
9a6908e623
Add backlog config option 2022-11-08 15:04:19 +01:00
Vladimir Dubrovin
fb56b7d307 "auto" command added 2022-10-18 17:58:52 +03:00
Vladimir Dubrovin
3dc698eccd Fix compilation issues 2022-06-29 10:18:36 +03:00
Vladimir Dubrovin
c1beceb24b Support IP_BOUND_IF on MacOS 2022-06-28 12:50:48 +03:00
Vladimir Dubrovin
55d1bbe155 Grace delay feature added 
`proxy -g8000,3,10`

First parameter is average read size we want to keep, second parameter is
minimal number of packets in the same direction to apply algorythm,
last value is delay added after polling and prior to reading data.
An example above adds 10 millisecond delay before reading data if average
polling size is below 8000 bytes and 3 read operations are made in the same
direction. It's specially usefule with splice. `logdump 1 1` is useful
to see how grace delays work, choose delay value to avoid filling the read
pipe/buffer (typically 64K) but keep the request sizes close to chosen average
on large file upload/download.
 2022-05-19 18:51:02 +03:00
z3apa3a
e1b4e50242 Copyright update 2021-07-02 11:50:33 +03:00
z3apa3a
bad85a3d51 Support IPv6 subnets in parent extip 2021-04-21 20:39:57 +03:00
z3APA3A
cbe0c2f511 parentretries command added 2021-01-19 14:40:18 +03:00
z3APA3A
c1c5875356 better memory allocation errors handling, countall/nocountall corrected 2020-11-03 02:05:18 +03:00
z3APA3A
eb829b062b Major code refactoring 
- sockmapping rewritten from stratch to minimilse polling. poll() is now
only called if blocking is actually expected, splice pipes are now
polled if splice fails, buffers flushing is much more accurate.
- logging code moved to separate files
- signal masks added to client threads to prevent unneeded interruptions
- bandwidth limitation will not delay the thread after client or server
shutdown
 2020-10-09 15:42:34 +03:00
z3APA3A
ebd7b34159 -N(NAT_address) option added for socks 2020-10-07 11:21:01 +03:00
z3APA3A
d0725163d1 countall / nocountall ssupport added 2020-10-06 14:29:08 +03:00
z3APA3A
22cf9254c5 rename memory functions in pluginlink 2019-09-03 20:46:47 +03:00