Add redlib-org#458 into the mix

Honestly not expecting it will work

Author: espacedev3019

Cargo.lock

@@ -36,6 +36,7 @@ time = { version = "0.3.31", features = ["local-offset"] }
 url = "2.5.0"
 rust-embed = { version = "8.1.0", features = ["include-exclude"] }
 libflate = "2.0.0"
+
 brotli = { version = "7.0.0", features = ["std"] }
 toml = "0.8.8"
 serde_yaml = "0.9.29"
@@ -51,7 +52,7 @@ arc-swap = "1.7.1"
 serde_json_path = "0.7.1"
 async-recursion = "1.1.1"
 pulldown-cmark = { version = "0.12.0", features = ["simd", "html"], default-features = false }
-hyper-tls = { version = "0.5.0" }
+hyper-tls = "0.5.0"
 openssl = { version = "0.10", features = ["vendored"] }
 tegen = "0.1.4"
 serde_urlencoded = "0.7.1"
@@ -60,6 +61,7 @@ htmlescape = "0.3.1"
 bincode = "1.3.3"
 base2048 = "2.0.2"
 revision = "0.10.0"
+tokio-socks = "0.5.2"
 fake_user_agent = "0.2.2"
 rustls = "0.21.12"
 

Cargo.toml

@@ -2,7 +2,6 @@ use arc_swap::ArcSwap;
 use cached::proc_macro::cached;
 use futures_lite::future::block_on;
 use futures_lite::{future::Boxed, FutureExt};
-use hyper::client::HttpConnector;
 use hyper::header::HeaderValue;
 use hyper::{body, body::Buf, header, Body, Client, Method, Request, Response, Uri};
 //use hyper_rustls::{ConfigBuilderExt, HttpsConnector};
@@ -31,7 +30,9 @@ const REDDIT_SHORT_URL_BASE_HOST: &str = "redd.it";
 const ALTERNATIVE_REDDIT_URL_BASE: &str = "https://www.reddit.com";
 const ALTERNATIVE_REDDIT_URL_BASE_HOST: &str = "www.reddit.com";
 
-pub static HTTPS_CONNECTOR: LazyLock<HttpsConnector<HttpConnector>> = LazyLock::new(HttpsConnector::new);
+pub static HTTPS_CONNECTOR: LazyLock<HttpsConnector<ProxyConnector>> = LazyLock::new(|| {
+	HttpsConnector::new_with_connector(ProxyConnector::new())
+});
 /*
 pub static HTTPS_CONNECTOR: LazyLock<HttpsConnector<HttpConnector>> = LazyLock::new(|| {
 	hyper_rustls::HttpsConnectorBuilder::new()
@@ -53,6 +54,7 @@ pub static HTTPS_CONNECTOR: LazyLock<HttpsConnector<HttpConnector>> = LazyLock::
 					rustls::cipher_suite::TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
 				])
 				// .with_safe_default_cipher_suites()
+
 				.with_safe_default_kx_groups()
 				.with_safe_default_protocol_versions()
 				.unwrap()
@@ -65,7 +67,8 @@ pub static HTTPS_CONNECTOR: LazyLock<HttpsConnector<HttpConnector>> = LazyLock::
 });
 */
 
-pub static CLIENT: LazyLock<Client<HttpsConnector<HttpConnector>>> = LazyLock::new(|| Client::builder().build::<_, Body>(HTTPS_CONNECTOR.clone()));
+//pub static CLIENT: LazyLock<Client<HttpsConnector<HttpConnector>>> = LazyLock::new(|| Client::builder().build::<_, Body>(HTTPS_CONNECTOR.clone()));
+pub static CLIENT: LazyLock<Client<HttpsConnector<ProxyConnector>>> = LazyLock::new(|| Client::builder().build::<_, Body>(HTTPS_CONNECTOR.clone()));
 
 pub static OAUTH_CLIENT: LazyLock<ArcSwap<Oauth>> = LazyLock::new(|| {
 	let client = block_on(Oauth::new());
@@ -553,6 +556,7 @@ pub async fn rate_limit_check() -> Result<(), String> {
 
 #[cfg(test)]
 use {crate::config::get_setting, sealed_test::prelude::*};
+use crate::proxy::ProxyConnector;
 
 #[tokio::test(flavor = "multi_thread")]
 async fn test_rate_limit_check() {

src/client.rs

@@ -11,3 +11,4 @@ pub mod settings;
 pub mod subreddit;
 pub mod user;
 pub mod utils;
+mod proxy;

src/lib.rs

@@ -75,7 +75,7 @@ impl Oauth {
 	pub(crate) async fn new() -> Self {
 		// Try MobileSpoofAuth first, then fall back to GenericWebAuth
 		let mut failure_count = 0;
-		let mut _backend_not_used = OauthBackendImpl::MobileSpoof(MobileSpoofAuth::new());
+		//let mut backend = OauthBackendImpl::MobileSpoof(MobileSpoofAuth::new());
 		let mut backend = OauthBackendImpl::GenericWeb(GenericWebAuth::new()); // Use generic web auth
 
 		loop {

src/oauth.rs

@@ -0,0 +1,177 @@
+use base64::engine::general_purpose;
+use base64::Engine;
+use hyper::client::HttpConnector;
+use hyper::service::Service;
+use hyper::Uri;
+use log::debug;
+use std::env;
+use std::error::Error;
+use std::fmt;
+use std::future::Future;
+use std::pin::Pin;
+use std::task::{Context, Poll};
+use tokio::net::TcpStream;
+use tokio_socks::tcp::Socks5Stream;
+
+type BoxError = Box<dyn Error + Send + Sync>;
+type BoxFuture<T> = Pin<Box<dyn Future<Output = Result<T, BoxError>> + Send>>;
+type Credentials = (String, String);
+
+#[derive(Clone)]
+pub enum ProxyConnector {
+    NoProxy(HttpConnector),
+    Socks(String),
+    Http(String),
+}
+
+#[derive(Debug)]
+pub struct ProxyError(String);
+
+impl fmt::Display for ProxyError {
+    fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
+        write!(f, "Proxy error: {}", self.0)
+    }
+}
+
+impl Error for ProxyError {}
+
+impl Service<Uri> for ProxyConnector {
+    type Response = TcpStream;
+    type Error = BoxError;
+    type Future = BoxFuture<Self::Response>;
+
+    fn poll_ready(&mut self, cx: &mut Context<'_>) -> Poll<Result<(), Self::Error>> {
+        match self {
+            ProxyConnector::NoProxy(connector) => connector.poll_ready(cx).map_err(Into::into),
+            _ => Poll::Ready(Ok(())),
+        }
+    }
+
+    fn call(&mut self, uri: Uri) -> Self::Future {
+        let this = self.clone();
+        Box::pin(async move {
+            match this {
+                ProxyConnector::NoProxy(mut connector) => {
+                    connector.call(uri).await.map_err(Into::into)
+                }
+                ProxyConnector::Socks(proxy_addr) => handle_socks_connection(&proxy_addr, &uri).await,
+                ProxyConnector::Http(proxy_addr) => handle_http_connection(&proxy_addr, &uri).await,
+            }
+        })
+    }
+}
+
+impl ProxyConnector {
+    pub fn new() -> Self {
+        if let Ok(socks_proxy) = env::var("SOCKS_PROXY") {
+            debug!("Using SOCKS proxy: {}", socks_proxy);
+            return ProxyConnector::Socks(socks_proxy);
+        }
+
+        if let Ok(http_proxy) = env::var("HTTP_PROXY").or_else(|_| env::var("HTTPS_PROXY")) {
+            debug!("Using HTTP proxy: {}", http_proxy);
+            return ProxyConnector::Http(http_proxy);
+        }
+
+        let mut connector = HttpConnector::new();
+        connector.enforce_http(false);
+        ProxyConnector::NoProxy(connector)
+    }
+}
+
+async fn handle_socks_connection(proxy_addr: &str, uri: &Uri) -> Result<TcpStream, BoxError> {
+    let (host, port, credentials) = parse_proxy_addr(proxy_addr)?;
+    let target_addr = get_target_addr(uri)?;
+
+    let stream = match credentials {
+        Some((username, password)) => {
+            Socks5Stream::connect_with_password((host.as_str(), port), target_addr, &username, &password).await
+        }
+        None => Socks5Stream::connect((host.as_str(), port), target_addr).await,
+    }?;
+
+    Ok(stream.into_inner())
+}
+
+async fn handle_http_connection(proxy_addr: &str, uri: &Uri) -> Result<TcpStream, BoxError> {
+    let (host, port, credentials) = parse_proxy_addr(proxy_addr)?;
+    let proxy_stream = TcpStream::connect((host.as_str(), port)).await?;
+    let target_addr = get_target_addr(uri)?;
+
+    let connect_req = build_connect_request(&target_addr, credentials)?;
+    write_and_verify_connection(&proxy_stream, &connect_req).await?;
+
+    Ok(proxy_stream)
+}
+
+fn build_connect_request(target_addr: &str, credentials: Option<Credentials>) -> Result<String, BoxError> {
+    let mut req = format!(
+        "CONNECT {target_addr} HTTP/1.1\r\n\
+         Host: {target_addr}\r\n\
+         Connection: keep-alive\r\n"
+    );
+
+    if let Some((username, password)) = credentials {
+        let auth = general_purpose::STANDARD.encode(format!("{}:{}", username, password));
+        req.push_str(&format!("Proxy-Authorization: Basic {}\r\n", auth));
+    }
+
+    req.push_str("\r\n");
+    Ok(req)
+}
+
+async fn write_and_verify_connection(proxy_stream: &TcpStream, connect_req: &str) -> Result<(), BoxError> {
+    proxy_stream.writable().await?;
+    proxy_stream.try_write(connect_req.as_bytes())?;
+
+    let mut response = [0u8; 1024];
+    proxy_stream.readable().await?;
+    let n = proxy_stream.try_read(&mut response)?;
+
+    let response = String::from_utf8_lossy(&response[..n]);
+    if !response.starts_with("HTTP/1.1 200") {
+        return Err(Box::new(ProxyError(format!("Proxy CONNECT failed: {}", response))));
+    }
+
+    Ok(())
+}
+
+fn parse_proxy_addr(addr: &str) -> Result<(String, u16, Option<Credentials>), BoxError> {
+    let uri: Uri = addr.parse()?;
+    let host = uri.host().ok_or("Missing proxy host")?.to_string();
+    let port = uri.port_u16().unwrap_or_else(|| {
+        if uri.scheme_str() == Some("https") { 443 } else { 80 }
+    });
+
+    let credentials = extract_credentials(uri.authority())?;
+    Ok((host, port, credentials))
+}
+
+fn extract_credentials(authority: Option<&hyper::http::uri::Authority>) -> Result<Option<Credentials>, BoxError> {
+    let Some(authority) = authority else {
+        return Ok(None);
+    };
+
+    let Some(credentials) = authority.as_str().split('@').next() else {
+        return Ok(None);
+    };
+
+    if credentials == authority.as_str() {
+        return Ok(None);
+    }
+
+    let creds: Vec<&str> = credentials.split(':').collect();
+    if creds.len() == 2 {
+        Ok(Some((creds[0].to_string(), creds[1].to_string())))
+    } else {
+        Ok(None)
+    }
+}
+
+fn get_target_addr(uri: &Uri) -> Result<String, BoxError> {
+    let host = uri.host().ok_or("Missing target host")?;
+    let port = uri.port_u16().unwrap_or_else(|| {
+        if uri.scheme_str() == Some("https") { 443 } else { 80 }
+    });
+    Ok(format!("{}:{}", host, port))
+}