Skip to content

deps: update

deps: update #489

Workflow file for this run

name: CI
on: [push]
jobs:
build_multi_platform:
runs-on: ubuntu-22.04
steps:
- uses: actions/checkout@v4
- name: Set up Go 1.x
uses: actions/setup-go@v5
with:
go-version: '1.20'
- name: Build for multi-platform
run: |
set -xeu
DIST=dist
mkdir $DIST
# (from: https://www.digitalocean.com/community/tutorials/how-to-build-go-executables-for-multiple-platforms-on-ubuntu-16-04)
platforms=("linux/amd64" "darwin/amd64" "windows/amd64" "linux/arm")
for platform in "${platforms[@]}"
do
platform_split=(${platform//\// })
export GOOS=${platform_split[0]}
export GOARCH=${platform_split[1]}
[ $GOOS = "windows" ] && EXTENSION='.exe' || EXTENSION=''
BUILD_PATH=piping-tunnel-$GOOS-$GOARCH
mkdir $BUILD_PATH
# Build
CGO_ENABLED=0 go build -o "${BUILD_PATH}/piping-tunnel${EXTENSION}" main/main.go
done
operational_test:
runs-on: ubuntu-22.04
defaults:
run:
shell: bash
steps:
- name: Build SSH server Dockerfile
run: |
docker build -t ssh-server - <<'EOS'
FROM ubuntu:20.04
RUN apt update
RUN apt install -y openssh-server
RUN mkdir /var/run/sshd
# (base(ja): https://qiita.com/FGtatsuro/items/4893dfb138f70d972904)
RUN useradd -m guest
RUN passwd -d guest
RUN sed -ri 's/^#?PermitEmptyPasswords\s+.*/PermitEmptyPasswords yes/' /etc/ssh/sshd_config
RUN sed -ri 's/^#?UsePAM\s+.*/UsePAM no/' /etc/ssh/sshd_config
# SSH login fix. Otherwise user is kicked off after login
RUN sed 's@session\s*required\s*pam_loginuid.so@session optional pam_loginuid.so@g' -i /etc/pam.d/sshd
ENV NOTVISIBLE "in users profile"
RUN echo "export VISIBLE=now" >> /etc/profile
ENTRYPOINT [ "/usr/sbin/sshd", "-D" ]
EOS
- run: sudo apt install -y socat
- name: Run SSH Server
run: docker run -d -p 2022:22 --init ssh-server
- name: Run Nginx
run: docker run -d -p 8888:80 nginx:alpine
- name: Run Piping Server
run: docker run -d -p 8080:8080 nwtgck/piping-server:v1.2.0
- uses: actions/checkout@v4
- name: Set up Go 1.x
uses: actions/setup-go@v5
with:
go-version: '1.20'
- run: CGO_ENABLED=0 go build -o piping-tunnel main/main.go
- name: Normal tunnel
run: |
set -eux
./piping-tunnel -s http://localhost:8080 server -p 2022 aaa bbb &
./piping-tunnel -s http://localhost:8080 client -p 3322 aaa bbb &
sleep 1
# (base: -o option: https://www.cyberithub.com/ssh-host-key-verification-failed-error-in-linux/)
ssh -p 3322 -o 'StrictHostKeyChecking no' guest@localhost hostname
- name: Unix socket on server host side
run: |
set -eux
socat UNIX-LISTEN:/tmp/my_nginx_socat TCP:localhost:8888 &
sleep 1
./piping-tunnel -s http://localhost:8080 server --unix-socket=/tmp/my_nginx_socat aaa bbb &
./piping-tunnel -s http://localhost:8080 client -p 8889 aaa bbb &
sleep 1
curl localhost:8889
- name: Unix socket on client host side
run: |
set -eux
./piping-tunnel -s http://localhost:8080 server -p 8888 aaa bbb &
./piping-tunnel -s http://localhost:8080 client --unix-socket=/tmp/my_unginx aaa bbb &
sleep 1
curl --unix-socket /tmp/my_unginx http:/index.html
- name: Encrypt with AES-CTR
run: |
set -eux
./piping-tunnel -s http://localhost:8080 server -p 2022 --symmetric --cipher-type=aes-ctr --pass=mypass aesctraaa aesctrbbb &
./piping-tunnel -s http://localhost:8080 client -p 3322 --symmetric --cipher-type=aes-ctr --pass=mypass aesctraaa aesctrbbb &
sleep 1
# (base: -o option: https://www.cyberithub.com/ssh-host-key-verification-failed-error-in-linux/)
ssh -p 3322 -o 'StrictHostKeyChecking no' guest@localhost hostname
- name: Encrypt with OpenSSL-compabile AES-CTR
run: |
set -eux
./piping-tunnel -s http://localhost:8080 server -p 2022 --symmetric --cipher-type=openssl-aes-256-ctr --pbkdf2='{"iter":100000,"hash":"sha256"}' --pass=mypass openssl1aaa openssl1bbb & echo $! > pid1
./piping-tunnel -s http://localhost:8080 client -p 3322 --symmetric --cipher-type=openssl-aes-256-ctr --pbkdf2='{"iter":100000,"hash":"sha256"}' --pass=mypass openssl1aaa openssl1bbb & echo $! > pid2
sleep 1
# (base: -o option: https://www.cyberithub.com/ssh-host-key-verification-failed-error-in-linux/)
ssh -p 3322 -o 'StrictHostKeyChecking no' guest@localhost hostname
- name: Encrypt with OpenSSL-compabile AES-CTR using real openssl in server host
run: |
set -eux
curl -sSN http://localhost:8080/openssl2aaa | stdbuf -i0 -o0 openssl aes-256-ctr -d -pass "pass:mypass" -bufsize 1 -pbkdf2 -iter 100000 -md sha256 | nc localhost 2022 | stdbuf -i0 -o0 openssl aes-256-ctr -pass "pass:mypass" -bufsize 1 -pbkdf2 -iter 100000 -md sha256 | curl -sSNT - http://localhost:8080/openssl2bbb &
./piping-tunnel -s http://localhost:8080 client -p 3322 --symmetric --cipher-type=openssl-aes-256-ctr --pbkdf2='{"iter":100000,"hash":"sha256"}' --pass=mypass openssl2aaa openssl2bbb &
sleep 1
# (base: -o option: https://www.cyberithub.com/ssh-host-key-verification-failed-error-in-linux/)
ssh -p 3322 -o 'StrictHostKeyChecking no' guest@localhost hostname
- name: Encrypt with OpenSSL-compabile AES-CTR using real openssl in client host
run: |
set -eux
./piping-tunnel -s http://localhost:8080 server -p 2022 --symmetric --cipher-type=openssl-aes-256-ctr --pbkdf2='{"iter":100000,"hash":"sha256"}' --pass=mypass openssl3aaa openssl3bbb &
curl -NsS http://localhost:8080/openssl3bbb | stdbuf -i0 -o0 openssl aes-256-ctr -d -pass "pass:mypass" -bufsize 1 -pbkdf2 -iter 100000 -md sha256 | nc -l -p 3322 | stdbuf -i0 -o0 openssl aes-256-ctr -pass "pass:mypass" -bufsize 1 -pbkdf2 -iter 100000 -md sha256 | curl -NsST - http://localhost:8080/openssl3aaa &
sleep 1
# (base: -o option: https://www.cyberithub.com/ssh-host-key-verification-failed-error-in-linux/)
ssh -p 3322 -o 'StrictHostKeyChecking no' guest@localhost hostname
- name: yamux
run: |
set -eux
# Run server-host with yamux
./piping-tunnel -s http://localhost:8080 server -p 2022 --yamux aaa-yamux bbb-yamux & echo $! > pid1
# Run client-host with yamux
./piping-tunnel -s http://localhost:8080 client -p 4422 --yamux aaa-yamux bbb-yamux & echo $! > pid2
sleep 1
# Check whether ssh multiple times
# (base: -o option: https://www.cyberithub.com/ssh-host-key-verification-failed-error-in-linux/)
ssh -p 4422 -o 'StrictHostKeyChecking no' guest@localhost hostname
ssh -p 4422 -o 'StrictHostKeyChecking no' guest@localhost ls -l /
kill $(cat pid1) && kill $(cat pid2)
- name: yamux (encrypt with AES-CTR)
run: |
set -eux
# Run server-host with yamux (encrypt with AES-CTR)
./piping-tunnel -s http://localhost:8080 server -p 2022 --yamux --symmetric --cipher-type=aes-ctr --pass=mypass aaa-yamux bbb-yamux & echo $! > pid1
# Run client-host with yamux (encrypt with AES-CTR)
./piping-tunnel -s http://localhost:8080 client -p 4422 --yamux --symmetric --cipher-type=aes-ctr --pass=mypass aaa-yamux bbb-yamux & echo $! > pid2
sleep 1
# Check whether ssh multiple times
# (base: -o option: https://www.cyberithub.com/ssh-host-key-verification-failed-error-in-linux/)
ssh -p 4422 -o 'StrictHostKeyChecking no' guest@localhost hostname
ssh -p 4422 -o 'StrictHostKeyChecking no' guest@localhost ls -l /
kill $(cat pid1) && kill $(cat pid2)
- name: yamux SOCKS
run: |
set -eux
# Run socks with yamux
./piping-tunnel -s http://localhost:8080 socks --yamux aaa-socks bbb-socks & echo $! > pid1
# Run client-host with yamux
./piping-tunnel -s http://localhost:8080 client -p 1081 --yamux aaa-socks bbb-socks & echo $! > pid2
sleep 1
# NOTE: Depends on external resource: example.com
curl -x socks5h://localhost:1081 https://example.com
kill $(cat pid1) && kill $(cat pid2)
- name: yamux SOCKS (encrypt with AES-CTR)
run: |
set -eux
# Run socks with yamux (encrypt with AES-CTR)
./piping-tunnel -s http://localhost:8080 socks --yamux --symmetric --cipher-type=aes-ctr --pass=mypass aaa-socks bbb-socks & echo $! > pid1
# Run client-host with yamux (encrypt with AES-CTR)
./piping-tunnel -s http://localhost:8080 client -p 1081 --yamux --symmetric --cipher-type=aes-ctr --pass=mypass aaa-socks bbb-socks & echo $! > pid2
sleep 1
# NOTE: Depends on external resource: example.com
curl -x socks5h://localhost:1081 https://example.com
kill $(cat pid1) && kill $(cat pid2)
- name: pmux
run: |
set -eux
# Run server-host1 with pmux
./piping-tunnel -s http://localhost:8080 server -p 2022 --pmux aaa-pmux bbb-pmux & echo $! > pid1
sleep 1
# pmux allows multiple clients in one set of paths
# Run client-host1 with pmux
./piping-tunnel -s http://localhost:8080 client -p 5522 --pmux aaa-pmux bbb-pmux & echo $! > pid2
# Run client-host2 with pmux
./piping-tunnel -s http://localhost:8080 client -p 6622 --pmux aaa-pmux bbb-pmux & echo $! > pid3
sleep 2
# Check whether ssh multiple times
# (base: -o option: https://www.cyberithub.com/ssh-host-key-verification-failed-error-in-linux/)
ssh -p 5522 -o 'StrictHostKeyChecking no' guest@localhost hostname
ssh -p 5522 -o 'StrictHostKeyChecking no' guest@localhost ls -l /
ssh -p 6622 -o 'StrictHostKeyChecking no' guest@localhost ls -l /
kill $(cat pid1) && kill $(cat pid2) && kill $(cat pid3)