Merge pull request #353 from 9seconds/domain-fronting-native

Use native dialer to communicate with fronting domain

internal/cli/run_proxy.go

@@ -52,7 +52,7 @@ func makeNetwork(conf *config.Config, version string) (mtglib.Network, error) {
 		conf.Network.Timeout.Idle.Get(0),
 	)
 
-	proxyDialers := make([]network.Network, len(conf.Network.Proxies))
+	proxyDialers := make([]mtglib.Network, len(conf.Network.Proxies))
 	for idx, v := range conf.Network.Proxies {
 		value, err := network.NewProxyNetwork(base, v.Get(nil))
 		if err != nil {

internal/testlib/mtglib_network_mock.go

@@ -2,6 +2,7 @@ package testlib
 
 import (
 	"context"
+	"net"
 	"net/http"
 
 	"github.com/9seconds/mtg/v2/essentials"
@@ -24,6 +25,10 @@ func (m *MtglibNetworkMock) DialContext(ctx context.Context, network, address st
 	return args.Get(0).(essentials.Conn), args.Error(1) //nolint: wrapcheck, forcetypeassert
 }
 
+func (m *MtglibNetworkMock) NativeDialer() *net.Dialer {
+	return m.Called().Get(0).(*net.Dialer)
+}
+
 func (m *MtglibNetworkMock) MakeHTTPClient(dialFunc func(ctx context.Context,
 	network, address string) (essentials.Conn, error),
 ) *http.Client {

mtglib/init.go

@@ -124,13 +124,17 @@ type Network interface {
 	// Dial establishes context-free TCP connections.
 	Dial(network, address string) (essentials.Conn, error)
 
-	// DialContext dials using a context. This is a preferrable way of
+	// DialContext dials using a context. This is a preferable way of
 	// establishing TCP connections.
 	DialContext(ctx context.Context, network, address string) (essentials.Conn, error)
 
 	// MakeHTTPClient build an HTTP client with given dial function. If nothing is
 	// provided, then DialContext of this interface is going to be used.
 	MakeHTTPClient(func(ctx context.Context, network, address string) (essentials.Conn, error)) *http.Client
+
+	// NativeDialer returns a configured instance of native dialer that
+	// skips proxy connections or any other irrelevant settings.
+	NativeDialer() *net.Dialer
 }
 
 // AntiReplayCache is an interface that is used to detect replay attacks based

mtglib/proxy.go

@@ -279,13 +279,16 @@ func (p *Proxy) doDomainFronting(ctx *streamContext, conn *connRewind) {
 	p.eventStream.Send(p.ctx, NewEventDomainFronting(ctx.streamID))
 	conn.Rewind()
 
-	frontConn, err := p.network.DialContext(ctx, "tcp", p.DomainFrontingAddress())
+	nativeDialer := p.network.NativeDialer()
+	fConn, err := nativeDialer.DialContext(ctx, "tcp", p.DomainFrontingAddress())
 	if err != nil {
 		p.logger.WarningError("cannot dial to the fronting domain", err)
 
 		return
 	}
 
+	frontConn := essentials.WrapNetConn(fConn)
+
 	if p.domainFrontingProxyProtocol {
 		frontConn = newConnProxyProtocol(ctx.clientConn, frontConn)
 	}

network/network.go

@@ -60,6 +60,10 @@ func (n *network) DialContext(ctx context.Context, protocol, address string) (es
 	return nil, fmt.Errorf("cannot dial to %s:%s: %w", protocol, address, err)
 }
 
+func (n *network) NativeDialer() *net.Dialer {
+	return &net.Dialer{}
+}
+
 func (n *network) MakeHTTPClient(dialFunc func(ctx context.Context,
 	network, address string) (essentials.Conn, error),
 ) *http.Client {

network/v2/base_network_test.go

@@ -4,6 +4,7 @@ import (
 	"context"
 	"testing"
 
+	"github.com/9seconds/mtg/v2/mtglib"
 	"github.com/9seconds/mtg/v2/network/v2"
 	"github.com/stretchr/testify/assert"
 	"github.com/stretchr/testify/suite"
@@ -12,7 +13,7 @@ import (
 type BaseNetworkTestSuite struct {
 	EchoServerTestSuite
 
-	net network.Network
+	net mtglib.Network
 }
 
 func (suite *BaseNetworkTestSuite) SetupSuite() {

network/v2/init.go

@@ -11,10 +11,7 @@ package network
 
 import (
 	"errors"
-	"net"
 	"time"
-
-	"github.com/9seconds/mtg/v2/mtglib"
 )
 
 const (
@@ -37,9 +34,3 @@ const (
 )
 
 var ErrCannotDial = errors.New("cannot dial to any address")
-
-type Network interface {
-	mtglib.Network
-
-	NativeDialer() *net.Dialer
-}

network/v2/multi_network.go

@@ -8,10 +8,11 @@ import (
 	"net/http"
 
 	"github.com/9seconds/mtg/v2/essentials"
+	"github.com/9seconds/mtg/v2/mtglib"
 )
 
 type multiNetwork struct {
-	networks []Network
+	networks []mtglib.Network
 }
 
 func (m multiNetwork) Dial(network, address string) (essentials.Conn, error) {
@@ -22,7 +23,7 @@ func (m multiNetwork) DialContext(ctx context.Context, network, address string)
 	networks := m.networks
 
 	if len(networks) > 1 {
-		networks = make([]Network, len(m.networks))
+		networks = make([]mtglib.Network, len(m.networks))
 		copy(networks, m.networks)
 
 		rand.Shuffle(len(m.networks), func(i, j int) {
@@ -59,7 +60,7 @@ func (m multiNetwork) MakeHTTPClient(
 	return m.networks[0].MakeHTTPClient(dialFunc)
 }
 
-func Join(networks ...Network) (Network, error) {
+func Join(networks ...mtglib.Network) (mtglib.Network, error) {
 	if len(networks) == 0 {
 		return nil, errors.New("cannot join no networks")
 	}

network/v2/network.go

@@ -8,6 +8,7 @@ import (
 	"time"
 
 	"github.com/9seconds/mtg/v2/essentials"
+	"github.com/9seconds/mtg/v2/mtglib"
 )
 
 type network struct {
@@ -70,7 +71,7 @@ func New(
 	tcpTimeout,
 	httpTimeout,
 	idleTimeout time.Duration,
-) Network {
+) mtglib.Network {
 	if dnsResolver == nil {
 		dnsResolver = net.DefaultResolver
 	}

network/v2/proxy_network.go

@@ -6,11 +6,12 @@ import (
 	"net/url"
 
 	"github.com/9seconds/mtg/v2/essentials"
+	"github.com/9seconds/mtg/v2/mtglib"
 	"golang.org/x/net/proxy"
 )
 
 type proxyNetwork struct {
-	Network
+	mtglib.Network
 	client proxy.ContextDialer
 }
 
@@ -23,7 +24,7 @@ func (p proxyNetwork) DialContext(ctx context.Context, network, address string)
 	return essentials.WrapNetConn(conn), nil
 }
 
-func NewProxyNetwork(base Network, proxyURL *url.URL) (*proxyNetwork, error) {
+func NewProxyNetwork(base mtglib.Network, proxyURL *url.URL) (*proxyNetwork, error) {
 	socks, err := proxy.FromURL(proxyURL, base.NativeDialer())
 	if err != nil {
 		return nil, fmt.Errorf("cannot build proxy dialer: %w", err)

network/v2/socks_proxy_test.go

@@ -6,6 +6,7 @@ import (
 	"sync"
 	"testing"
 
+	"github.com/9seconds/mtg/v2/mtglib"
 	"github.com/9seconds/mtg/v2/network/v2"
 	"github.com/stretchr/testify/assert"
 	"github.com/stretchr/testify/require"
@@ -17,7 +18,7 @@ type SocksProxyTestSuite struct {
 	EchoServerTestSuite
 
 	wg          sync.WaitGroup
-	baseNetwork network.Network
+	baseNetwork mtglib.Network
 
 	noAuthURL *url.URL
 	authURL   *url.URL
@@ -85,7 +86,7 @@ func (suite *SocksProxyTestSuite) TestRead() {
 
 	for name, proxies := range testData {
 		suite.T().Run(name, func(t *testing.T) {
-			proxyNetworks := []network.Network{}
+			proxyNetworks := []mtglib.Network{}
 
 			for _, u := range proxies {
 				value, err := network.NewProxyNetwork(suite.baseNetwork, u)