Permalink
Browse files

first release

  • Loading branch information...
xxnet committed Jan 16, 2015
0 parents commit bea6fb84bab0d6edef6acca79d4574f0391a5f26
Showing 378 changed files with 124,642 additions and 0 deletions.
@@ -0,0 +1,26 @@
XX-Net
========
* Integrate GoAgent with auto search google ip
* Web UI
* Include public appid
* Auto update
Support platform
================
* XP, need tcpip.sys patch, like tcp-z
* Win7
* Win8
* Ubuntu, no systray
* Debian
## Links
| -------- | :---- |
|Download: |https://codeload.github.com/XX-net/XX-Net/zip/v1.0.0|
|Issues: |https://github.com/XX-net/XX-Net/issues|
|Discus: |https://groups.google.com/forum/#!forum/xx-net|
|Email: |xxnet.dev at gmail.com|
Known Issues:
* New Windows Chrome visit youtube, can't play video
@@ -0,0 +1,5 @@
modules:
goagent: {auto_start: 1, current_version: 3.1.30, ignore_version: 3.1.30}
launcher: {current_version: 1.0.0, ignore_version: 1.0.0}
update: {check_update: 1, last_path: /, node_id: '0',
uuid: 0}
@@ -0,0 +1,48 @@
-----BEGIN CERTIFICATE-----
MIIDUjCCAjoCAQAwDQYJKoZIhvcNAQEFBQAwbzELMAkGA1UEBhMCQ04xETAPBgNV
BAgTCEludGVybmV0MQ8wDQYDVQQHEwZDZXJuZXQxEDAOBgNVBAoTB0dvQWdlbnQx
FTATBgNVBAsTDEdvQWdlbnQgUm9vdDETMBEGA1UEAxMKR29BZ2VudCBDQTAeFw0x
NDEyMDkxMjM3NDBaFw0yNDEyMDgxMjM3NDBaMG8xCzAJBgNVBAYTAkNOMREwDwYD
VQQIEwhJbnRlcm5ldDEPMA0GA1UEBxMGQ2VybmV0MRAwDgYDVQQKEwdHb0FnZW50
MRUwEwYDVQQLEwxHb0FnZW50IFJvb3QxEzARBgNVBAMTCkdvQWdlbnQgQ0EwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9bTuUJmyvwGUYyt67p6b5fWzB
1pcvXA+Pq0GBZxc4wqnNHh77S7gkUMcwJikUzMvt8Bo57SkYNjcchRKlRlnAR2Lf
PCRB2dAD04CySlNTaRcf8ObDslp1xXVoOTCA8UzXH5O1Yi4Pfj01CLSjFc6DvsxZ
vgafH4oWjahzx+hq2rudSXhK1m7RASI+W/ezYTyFYxYbGz0V/YIZf3OCf3q9osoo
0QaORbTdU//QvYNe4SZNXtOJ0r7H4j0eLXpn5XrJxrE0NmeKGAiSCvTaEoslV1vN
23ysaKqTBSZz7y9WeQguqvK+wwqdRcgydFvc9cn6GS4Wv3bNtfbKchCqdSVLAgMB
AAEwDQYJKoZIhvcNAQEFBQADggEBAAEtkeyxkdNZAnG60NfV1d8woA2aIabo3XCB
1ENazskuYE1O3dyeQYRMz1IABAwvNTIuC5hK57BOGAzchCeHTGh15Ikc+VN+juMe
tTXqu74oY1EDb0YPREnD9fgQ31r2V/WLJMFWkmZm2aJViOVT9A2j7AOM8M00HsvY
SOyl09f+vfl2ht5p8jG/Aif/jW+JTXX4RErcb+jYFTYqafacF1xR/gn6PE0gl7SK
+jsWxPW8Itrf8ccp4YicGBl8EII1bfOj9pdoR0PM2PDp7yeEtSQBT+EOR7wu4s6E
QuDo6EZTDk1bOmyLn4fTOuye16JzM8/Z4kc07vg+sogqcrnjoik=
-----END CERTIFICATE-----
-----BEGIN PRIVATE KEY-----
MIIEvwIBADANBgkqhkiG9w0BAQEFAASCBKkwggSlAgEAAoIBAQC9bTuUJmyvwGUY
yt67p6b5fWzB1pcvXA+Pq0GBZxc4wqnNHh77S7gkUMcwJikUzMvt8Bo57SkYNjcc
hRKlRlnAR2LfPCRB2dAD04CySlNTaRcf8ObDslp1xXVoOTCA8UzXH5O1Yi4Pfj01
CLSjFc6DvsxZvgafH4oWjahzx+hq2rudSXhK1m7RASI+W/ezYTyFYxYbGz0V/YIZ
f3OCf3q9osoo0QaORbTdU//QvYNe4SZNXtOJ0r7H4j0eLXpn5XrJxrE0NmeKGAiS
CvTaEoslV1vN23ysaKqTBSZz7y9WeQguqvK+wwqdRcgydFvc9cn6GS4Wv3bNtfbK
chCqdSVLAgMBAAECggEBAJEGUynerTF1bDEqCJLFDWpPo3dYEpGYuvU0mUc4JSg4
qQW4POIKG6X6DjYH0UXycWLugzW8I808nL8CBr9weABk5wagJeYgm0iCojJeAyOF
/sVei15iay1lirjLqB3gIANHUq/4xejornWu/5Uoed6VsiA3AxzKac9Qjxptf7xl
/wrr59dj4JzUJuyOjNTDAKph1OKpHfqFkxPqwt9dR4vPNfh8EWfnjyI7dRVIfKAb
zwiwhgG7B62rTtXjx1ZmNOBY9Zh2U5DsGZ2oVzcKtj+Yw4vcFe6UZnmMvvxh62Lz
+Hg9NEjmjEGlhWUYZA9PPErAgJ0k8nTKpVDl0mQm6fkCgYEA4vj+GG1MBli0Iqgc
3UwQKTSJZfeSHlgikOFmpxZ9uN9fwsnQWERBm/WfJnstzMADv10U+LnIu+I1klDW
0ew093onrasP/ItEGuX2T6N7mtomfkhLk+Af1nB9GTb26nImGgqxfV1AmB5YZlZg
GcLT/AVBd/0EtGw9yUadnOwnuM0CgYEA1ab/s2F/sY30mZTM2AH/y8/7pYN92e5N
Z+CMzphDFzdlwpxv9tYtWRDLy/pnUfZjz+2PpLVPDSoJxL2KBS7ebkmQ1IRw8d6J
wC7HAGl+ej0fzESo4A37qy4kjqSlVHGhjVYlPhAcX3v2zPSjB9o56Ljp9bdADggT
BF5WsWsPNncCgYEAoB4ZWvAX1s5S3bQNEMytBfSLDUT2brOsRtrMCQmjzXy/WHH4
qZwVUMmY6ZOyPqQiwKgQuFqP0oOFWV/v/A2PXBpvzWNFFtrEQ9mAxrPE6fwFdcbY
kkxlCWk3x0bwL3oxiOOMTK0xeV7G7AL5LpMz6rFmexgibomBmPFZFS+/4e0CgYEA
xi1PhZ5sic+5ETR7Bepk0TKso4xikmF/H1mkgoWtxb03ANuG55knGzR/NUehyt8X
GmmrEgazuuxBf2KowcIFxJssYlQvR8s6Ty+Um4c/MDe+ZQVS9/FAfjog4sdKLBfy
2F0N0pGzH8am2Noa10/O41WSfr9qBRnsOeMf2xYJWGUCgYApqv375rQSEQ62phMr
aWAR94HOLS3l6Fn8gpjfrxHWtQopx+6HnYnns/rLacwoCNhLiQk9grgWwF2dQfeB
Qcpr8DkHo85Emzb7nMXXPN34RQyulBLs1IwLVW9eEJwjWJHWmlkF9KRENmolGPq2
L0xuvLBm1afLe9x5bUvS8K157w==
-----END PRIVATE KEY-----
@@ -0,0 +1 @@
Binary file not shown.
@@ -0,0 +1,95 @@
#!/usr/bin/env python
# coding:utf-8
from __future__ import with_statement
__version__ = '1.0'
import sys
import os
import re
import time
import ctypes
import platform
def addto_startup_linux():
filename = os.path.abspath(__file__)
dirname = os.path.dirname(filename)
#you can change it to 'start.py' if you like :)
scriptname = 'goagent-gtk.py'
DESKTOP_FILE = '''\
[Desktop Entry]
Type=Application
Categories=Network;Proxy;
Exec=/usr/bin/env python "%s/%s"
Icon=%s/goagent-logo.png
Hidden=false
NoDisplay=false
X-GNOME-Autostart-enabled=true
Name=GoAgent GTK
Comment=GoAgent GTK Launcher
''' % (dirname , scriptname , dirname)
#sometimes maybe /etc/xdg/autostart , ~/.kde/Autostart/ , ~/.config/openbox/autostart
for dirname in map(os.path.expanduser, ['~/.config/autostart']):
if os.path.isdir(dirname):
filename = os.path.join(dirname, 'goagent-gtk.desktop')
with open(filename, 'w') as fp:
fp.write(DESKTOP_FILE)
# os.chmod(filename, 0755)
def addto_startup_osx():
if os.getuid() != 0:
print 'please use sudo run this script'
sys.exit()
import plistlib
plist = dict(
GroupName = 'wheel',
Label = 'org.goagent.macos',
ProgramArguments = list([
'/usr/bin/python',
os.path.join(os.path.abspath(os.path.dirname(__file__)), 'start.py')
]),
RunAtLoad = True,
UserName = 'root',
WorkingDirectory = os.path.dirname(__file__),
StandardOutPath = 'var/log/goagent.log',
StandardErrorPath = 'var/log/goagent.log',
KeepAlive = dict(
SuccessfulExit = False,
)
)
filename = '/Library/LaunchDaemons/org.goagent.macos.plist'
print 'write plist to %s' % filename
plistlib.writePlist(plist, filename)
print 'write plist to %s done' % filename
print 'Adding CA.crt to system keychain, You may need to input your password...'
cmd = 'sudo security add-trusted-cert -d -r trustRoot -k "/Library/Keychains/System.keychain" "%s/CA.crt"' % os.path.abspath(os.path.dirname(__file__))
if os.system(cmd) != 0:
print 'Adding CA.crt to system keychain Failed!'
sys.exit(0)
print 'Adding CA.crt to system keychain Done'
print 'To start goagent right now, try this command: sudo launchctl load /Library/LaunchDaemons/org.goagent.macos.plist'
print 'To checkout log file: using Console.app to locate /var/log/goagent.log'
def addto_startup_windows():
if 1 == ctypes.windll.user32.MessageBoxW(None, u'是否将goagent.exe加入到启动项?', u'GoAgent 对话框', 1):
if 1 == ctypes.windll.user32.MessageBoxW(None, u'是否显示托盘区图标?', u'GoAgent 对话框', 1):
pass
def addto_startup_unknown():
print '*** error: Unknown system'
def main():
addto_startup_funcs = {
'Darwin' : addto_startup_osx,
'Windows' : addto_startup_windows,
'Linux' : addto_startup_linux,
}
addto_startup_funcs.get(platform.system(), addto_startup_unknown)()
if __name__ == '__main__':
try:
main()
except KeyboardInterrupt:
pass
@@ -0,0 +1,204 @@
import os
import sys
current_path = os.path.dirname(os.path.abspath(__file__))
python_path = os.path.abspath( os.path.join(current_path, os.pardir, os.pardir, os.pardir, 'python27', '1.0'))
if sys.platform == "win32":
win32_lib = os.path.abspath( os.path.join(python_path, 'lib', 'win32'))
sys.path.append(win32_lib)
elif sys.platform == "linux" or sys.platform == "linux2":
linux_lib = os.path.abspath( os.path.join(python_path, 'lib', 'linux'))
sys.path.append(linux_lib)
import threading
import hashlib
import time
import base64
import ctypes
import glob
import OpenSSL
import logging
class CertUtil(object):
"""CertUtil module, based on mitmproxy"""
ca_vendor = 'GoAgent'
ca_keyfile = 'CA.crt'
ca_certdir = 'certs'
ca_lock = threading.Lock()
@staticmethod
def create_ca():
key = OpenSSL.crypto.PKey()
key.generate_key(OpenSSL.crypto.TYPE_RSA, 2048)
ca = OpenSSL.crypto.X509()
ca.set_serial_number(0)
ca.set_version(2)
subj = ca.get_subject()
subj.countryName = 'CN'
subj.stateOrProvinceName = 'Internet'
subj.localityName = 'Cernet'
subj.organizationName = CertUtil.ca_vendor
subj.organizationalUnitName = '%s Root' % CertUtil.ca_vendor
subj.commonName = '%s CA' % CertUtil.ca_vendor
ca.gmtime_adj_notBefore(0)
ca.gmtime_adj_notAfter(24 * 60 * 60 * 3652)
ca.set_issuer(ca.get_subject())
ca.set_pubkey(key)
ca.add_extensions([
OpenSSL.crypto.X509Extension(b'basicConstraints', True, b'CA:TRUE'),
OpenSSL.crypto.X509Extension(b'nsCertType', True, b'sslCA'),
OpenSSL.crypto.X509Extension(b'extendedKeyUsage', True, b'serverAuth,clientAuth,emailProtection,timeStamping,msCodeInd,msCodeCom,msCTLSign,msSGC,msEFS,nsSGC'),
OpenSSL.crypto.X509Extension(b'keyUsage', False, b'keyCertSign, cRLSign'),
OpenSSL.crypto.X509Extension(b'subjectKeyIdentifier', False, b'hash', subject=ca), ])
ca.sign(key, 'sha1')
return key, ca
@staticmethod
def dump_ca():
key, ca = CertUtil.create_ca()
with open(CertUtil.ca_keyfile, 'wb') as fp:
fp.write(OpenSSL.crypto.dump_certificate(OpenSSL.crypto.FILETYPE_PEM, ca))
fp.write(OpenSSL.crypto.dump_privatekey(OpenSSL.crypto.FILETYPE_PEM, key))
@staticmethod
def _get_cert(commonname, sans=[]):
with open(CertUtil.ca_keyfile, 'rb') as fp:
content = fp.read()
key = OpenSSL.crypto.load_privatekey(OpenSSL.crypto.FILETYPE_PEM, content)
ca = OpenSSL.crypto.load_certificate(OpenSSL.crypto.FILETYPE_PEM, content)
pkey = OpenSSL.crypto.PKey()
pkey.generate_key(OpenSSL.crypto.TYPE_RSA, 2048)
req = OpenSSL.crypto.X509Req()
subj = req.get_subject()
subj.countryName = 'CN'
subj.stateOrProvinceName = 'Internet'
subj.localityName = 'Cernet'
subj.organizationalUnitName = '%s Branch' % CertUtil.ca_vendor
if commonname[0] == '.':
subj.commonName = '*' + commonname
subj.organizationName = '*' + commonname
sans = ['*'+commonname] + [x for x in sans if x != '*'+commonname]
else:
subj.commonName = commonname
subj.organizationName = commonname
sans = [commonname] + [x for x in sans if x != commonname]
#req.add_extensions([OpenSSL.crypto.X509Extension(b'subjectAltName', True, ', '.join('DNS: %s' % x for x in sans)).encode()])
req.set_pubkey(pkey)
req.sign(pkey, 'sha1')
cert = OpenSSL.crypto.X509()
cert.set_version(2)
try:
cert.set_serial_number(int(hashlib.md5(commonname.encode('utf-8')).hexdigest(), 16))
except OpenSSL.SSL.Error:
cert.set_serial_number(int(time.time()*1000))
cert.gmtime_adj_notBefore(0)
cert.gmtime_adj_notAfter(60 * 60 * 24 * 3652)
cert.set_issuer(ca.get_subject())
cert.set_subject(req.get_subject())
cert.set_pubkey(req.get_pubkey())
if commonname[0] == '.':
sans = ['*'+commonname] + [s for s in sans if s != '*'+commonname]
else:
sans = [commonname] + [s for s in sans if s != commonname]
#cert.add_extensions([OpenSSL.crypto.X509Extension(b'subjectAltName', True, ', '.join('DNS: %s' % x for x in sans))])
cert.sign(key, 'sha1')
certfile = os.path.join(CertUtil.ca_certdir, commonname + '.crt')
with open(certfile, 'wb') as fp:
fp.write(OpenSSL.crypto.dump_certificate(OpenSSL.crypto.FILETYPE_PEM, cert))
fp.write(OpenSSL.crypto.dump_privatekey(OpenSSL.crypto.FILETYPE_PEM, pkey))
return certfile
@staticmethod
def get_cert(commonname, sans=[]):
if commonname.count('.') >= 2 and len(commonname.split('.')[-2]) > 4:
commonname = '.'+commonname.partition('.')[-1]
certfile = os.path.join(CertUtil.ca_certdir, commonname + '.crt')
if os.path.exists(certfile):
return certfile
elif OpenSSL is None:
return CertUtil.ca_keyfile
else:
with CertUtil.ca_lock:
if os.path.exists(certfile):
return certfile
return CertUtil._get_cert(commonname, sans)
@staticmethod
def import_ca(certfile):
dirname, basename = os.path.split(certfile)
commonname = os.path.splitext(certfile)[0]
if OpenSSL:
try:
with open(certfile, 'rb') as fp:
x509 = OpenSSL.crypto.load_certificate(OpenSSL.crypto.FILETYPE_PEM, fp.read())
commonname = next(v.decode() for k, v in x509.get_subject().get_components() if k == b'O')
except Exception as e:
logging.error('load_certificate(certfile=%r) failed:%s', certfile, e)
if sys.platform.startswith('win'):
with open(certfile, 'rb') as fp:
certdata = fp.read()
if certdata.startswith(b'-----'):
begin = b'-----BEGIN CERTIFICATE-----'
end = b'-----END CERTIFICATE-----'
certdata = base64.b64decode(b''.join(certdata[certdata.find(begin)+len(begin):certdata.find(end)].strip().splitlines()))
crypt32 = ctypes.WinDLL(b'crypt32.dll'.decode())
store_handle = crypt32.CertOpenStore(10, 0, 0, 0x4000 | 0x20000, b'ROOT'.decode())
if not store_handle:
return -1
ret = crypt32.CertAddEncodedCertificateToStore(store_handle, 0x1, certdata, len(certdata), 4, None)
crypt32.CertCloseStore(store_handle, 0)
del crypt32
return 0 if ret else -1
elif sys.platform == 'darwin':
return os.system('security find-certificate -a -c "%s" | grep "%s" >/dev/null || security add-trusted-cert -d -r trustRoot -k "/Library/Keychains/System.keychain" "%s"' % (commonname, commonname, certfile))
elif sys.platform.startswith('linux'):
import platform
platform_distname = platform.dist()[0]
if platform_distname == 'Ubuntu':
pemfile = "/etc/ssl/certs/%s.pem" % commonname
new_certfile = "/usr/local/share/ca-certificates/%s.crt" % commonname
if not os.path.exists(pemfile):
return os.system('cp "%s" "%s" && update-ca-certificates' % (certfile, new_certfile))
elif any(os.path.isfile('%s/certutil' % x) for x in os.environ['PATH'].split(os.pathsep)):
return os.system('certutil -L -d sql:$HOME/.pki/nssdb | grep "%s" || certutil -d sql:$HOME/.pki/nssdb -A -t "C,," -n "%s" -i "%s"' % (commonname, commonname, certfile))
else:
logging.warning('please install *libnss3-tools* package to import GoAgent root ca')
return 0
@staticmethod
def check_ca():
#Check CA exists
capath = os.path.join(os.path.dirname(os.path.abspath(__file__)), CertUtil.ca_keyfile)
certdir = os.path.join(os.path.dirname(__file__), CertUtil.ca_certdir)
if not os.path.exists(capath):
if not OpenSSL:
logging.critical('CA.key is not exist and OpenSSL is disabled, ABORT!')
sys.exit(-1)
if os.path.exists(certdir):
if os.path.isdir(certdir):
any(os.remove(x) for x in glob.glob(certdir+'/*.crt'))
else:
os.remove(certdir)
os.mkdir(certdir)
CertUtil.dump_ca()
if glob.glob('%s/*.key' % CertUtil.ca_certdir):
for filename in glob.glob('%s/*.key' % CertUtil.ca_certdir):
try:
os.remove(filename)
os.remove(os.path.splitext(filename)[0]+'.crt')
except EnvironmentError:
pass
#Check CA imported
if CertUtil.import_ca(capath) != 0:
logging.warning('install root certificate failed, Please run as administrator/root/sudo')
#Check Certs Dir
if not os.path.exists(certdir):
os.makedirs(certdir)
Oops, something went wrong.

0 comments on commit bea6fb8

Please sign in to comment.