iartamonov/mautrix-telegram
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity
Files
b00e2d89558def8bf71c9f7e56e59d63d7627999
mautrix-telegram/pkg/connector/proxy.go
T
Igor Artamonov b00e2d8955
Go / Lint (old) (push) Failing after 5m14s
Details
Go / Lint (latest) (push) Failing after 5m19s
Details
Go / Lint (old) (pull_request) Failing after 5m14s
Details
Go / Lint (latest) (pull_request) Failing after 4m40s
Details
connector: hex-decode mtproxy secret 
dcs.MTProxy expects raw secret bytes. Carrying them verbatim through a
YAML string field is impossible: real secrets contain bytes >= 0x80
(faketls starts with 0xee, secured with 0xdd) which cannot survive a
unicode string round-trip, so the value reached the bridge corrupted or
empty (gotd then logged "invalid secret").

Accept the standard hex form printed by mtg/MTProxy tooling
(e.g. "ee" + 16-byte secret + cloak domain hex) and decode it before
handing the bytes to gotd.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-05-01 10:14:58 +03:00

84 lines
2.6 KiB
Go
Raw Blame History

// mautrix-telegram - A Matrix-Telegram puppeting bridge.
// Copyright (C) 2026 Vladislav Agarkov
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU Affero General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU Affero General Public License
// along with this program. If not, see <https://www.gnu.org/licenses/>.
package connector
import (
"encoding/hex"
"fmt"
"strings"
"golang.org/x/net/proxy"
"go.mau.fi/mautrix-telegram/pkg/gotd/telegram/dcs"
)
// decodeMTProxySecret parses an MTProxy secret string into raw bytes.
// MTProxy secrets are binary (faketls secrets begin with 0xEE, secured with 0xDD)
// and cannot be carried verbatim in a YAML string field, so we accept the standard
// hex encoding (optionally prefixed with "ee"/"dd") used by mtg/MTProxy tooling.
func decodeMTProxySecret(s string) ([]byte, error) {
s = strings.TrimSpace(s)
if s == "" {
return nil, fmt.Errorf("mtproxy secret is empty")
}
b, err := hex.DecodeString(s)
if err != nil {
return nil, fmt.Errorf("mtproxy secret must be hex-encoded: %w", err)
}
return b, nil
}
func GetProxyDialFunc(cfg ProxyConfig) (dcs.DialFunc, error) {
switch cfg.Type {
// we can't proxy HTTP through mtproxy
case "disabled", "mtproxy":
return nil, nil
case "socks5":
var auth *proxy.Auth
if cfg.Username != "" && cfg.Password != "" {
auth = &proxy.Auth{User: cfg.Username, Password: cfg.Password}
}
sock5, err := proxy.SOCKS5("tcp", cfg.Address, auth, proxy.Direct)
if err != nil {
return nil, err
}
return sock5.(proxy.ContextDialer).DialContext, nil
default:
return nil, fmt.Errorf("unsupported proxy type %s", cfg.Type)
}
}
func GetProxyResolver(cfg ProxyConfig) (dcs.Resolver, error) {
switch cfg.Type {
case "disabled", "socks5":
dialer, err := GetProxyDialFunc(cfg)
if err != nil {
return nil, err
}
resolver := dcs.Plain(dcs.PlainOptions{Dial: dialer})
return resolver, nil
case "mtproxy":
secret, err := decodeMTProxySecret(cfg.Password)
if err != nil {
return nil, err
}
return dcs.MTProxy(cfg.Address, secret, dcs.MTProxyOptions{})
default:
return nil, fmt.Errorf("unsupported proxy type %s", cfg.Type)
}
}
Reference in New Issue View Git Blame Copy Permalink