feat: http local proxy implementation

[GRbit]

Implementation of a local HTTP proxy that can use transport.StreamDialer interface.

This is considered useful because many applications (e.g., browsers) can use proxy servers out of the box, and local proxy servers could be used to easily wrap a secure tunnel without additional user privileges.

To demo this functionality you may run local HTTP proxy as follows:

$ KEY=ss://ENCRYPTION_KEY@HOST:PORT/
$ go run github.com/Jigsaw-Code/outline-sdk/x/local-proxy@latest -transport "$KEY" -addr localhost:54321

or, to test before merging, being in outline-sdk/x folder

KEY=ss://ENCRYPTION_KEY@HOST:PORT/
go run ./local-proxy -transport "$KEY" -addr localhost:54321

The main question to discuss is how should proxy interface look like. So far I come up with this:

type Proxy interface {
	// GetAddr returns the address of the proxy server if it is configured to listen on a specific address.
	// If address is not configured and the server is not started, it returns an empty string.
	GetAddr() string

	// StartServer starts the proxy server. If no address is specified, it will listen on a random localhost port
	StartServer(addr ...string) error

	// StopServer stops the proxy server
	StopServer() error

	// GetError returns the error that caused the proxy server to stop or nil if the server is still running or not started
	GetError() error
}

Will be happy to receive any comments

[fortuna]

Thanks a lot for your contribution. It's exciting to see the first circumvention tool by an external contributor using our sdk!

[fortuna]

Just pass the input address here. No need for all the logic above. The standard library already handles the different cases.

[GRbit]

Thank you for noticing that.
I thought that it might be a problem if the proxy is started on :54321 because it'll not be a localhost address (like localhost:54321). But it causes problem only in case it's not a localhost address in browser settings, so in fact it's ok.

The only question I have is, maybe we should enforce listening on localhost by default? In another way, a proxy will be available to other devices on the network.

[fortuna]

Remove this wait. It's a race condition, and the caller can implement it if they really want it. Also, most of the errors should happen on the Listen.

[GRbit]

Make sense, caller can just check an error after some time, so better remove it.

But can you tell me more about race condition thing? I think I'm missing something. Isn't it ok to send a message to channel from one goroutine and read from another?

[fortuna]

Imagine it takes around 100ms for the error to happen. You may or may not return the error, depending on the mood of the machine. You may get different results when running the same code multiple times.

[fortuna]

Let's make StartServer a standalone function that returns a Proxy object. (Similar how Listen returns a Listener). That way it will never be in an invalid state.

[GRbit]

Sounds nice. But I'm not sure about "never be in an invalid state" part. So, I can see StartServer (or better StartProxy) function returning a Proxy with interface like this:

type Proxy interface {
	Addr() string // removing "Get" like in Listener
	Stop() error
	GetError() error // not sure if it should be "Error()", because it will implement an "error" interface
}

I can't come up with an example when things ca go wrong, but it seems for me that they can, and the proxy can broke for some reason. Will it be what you meant or is there something else I should do about never being in invalid state?

UPD: just in case, does this StartProxy definition looks good to you?
func StartServer(d transport.StreamDialer, addr string) (Proxy, error)

[fortuna]

Yes, something like that.

[fortuna]

I figure it's taking a lot more time for me to review this a bit each day with lots of context switches. I think the code is ok, I'll merge and then send another PR with the refactorings I have in mind so we can move forward more quickly,

[fortuna]

Imagine it takes around 100ms for the error to happen. You may or may not return the error, depending on the mood of the machine. You may get different results when running the same code multiple times.

[fortuna]

This can move to x/examples/local-proxy

[fortuna]

You can now use MakeStreamDialer in x/examples/internal/config

[fortuna]

This is never used. Delete

[fortuna]

Suggested change

	if err = proxy.StopServer(); err != nil {
	log.Println("Failed to stop server: ", err.Error())
	}
	if err = listener.Close(); err != nil {
	log.Println("Failed to stop server: ", err.Error())
	}

[fortuna]

Yes, something like that.

[fortuna]

Ah, I lost the comment. I'd like to see the code like this:

Suggested change

	proxy := httpproxy.NewConnectHandler(dialer)
	proxy.OnError = httpproxy.OnError
	if err := proxy.StartServer(*addrFlag); err != nil {
	log.Fatal("Proxy server failed")
	}
	listener := net.Listen("tcp", *addrFlag)
	if err := http.Serve(listener, httpproxy.NewHandler(dialer)); err != nil {
	log.Fatal("Proxy server failed")
	}

This way it's clear what is provided by the code. Also, the caller may want to provide a different listener (e.g. using TLS).

You can stop the server by calling listener.Close()

[fortuna]

We can provide convenience functions later. But we need the http.Handler building block.

[fortuna]

Let's get this merged so we can iterate

[GRbit]

Thank you for your work on this and all the time you've put in. Indeed, it's incredibly difficult to review PR with such a difference in time zones.