Project 17: SOCKS5 Proxy Server

A SOCKS5 proxy server that accepts client connections, performs the SOCKS handshake, connects to target servers, and bidirectionally forwards traffic. Supports username/password authentication.

Quick Reference

Attribute Value
Primary Language C++
Alternative Languages Go, Rust
Difficulty Level 3: Advanced
Time Estimate 2 weeks
Knowledge Area Proxying, SOCKS Protocol, Traffic Forwarding
Tooling SSH alternative / privacy tool
Prerequisites Projects 3, 9

What You Will Build

A SOCKS5 proxy server that accepts client connections, performs the SOCKS handshake, connects to target servers, and bidirectionally forwards traffic. Supports username/password authentication.

Why It Matters

This project builds core skills that appear repeatedly in real-world systems and tooling.

Core Challenges

  • SOCKS5 handshake → maps to version negotiation, auth methods
  • Connection establishment → maps to parsing connect requests, making outbound connections
  • Bidirectional forwarding → maps to two connections per client, epoll on both
  • Authentication → maps to username/password checking

Key Concepts

  • SOCKS5 Protocol: RFC 1928
  • Username/Password Auth: RFC 1929
  • Proxy Patterns: Man-in-the-middle architecture
  • Connection Pairing: Managing related file descriptors

Real-World Outcome

$ ./socks5_proxy -p 1080 --auth users.txt
SOCKS5 proxy listening on port 1080
Authentication: username/password required

# Configure browser to use SOCKS5 proxy at localhost:1080
# Or use curl:
$ curl --socks5-hostname localhost:1080 -U user:pass https://ifconfig.me
203.0.113.45  # Traffic goes through proxy

$ curl --socks5-hostname localhost:1080 https://example.com
HTTP/1.1 200 OK
...

# Proxy logs:
[12:00:01] Client 127.0.0.1:54321 authenticated as 'user'
[12:00:01] CONNECT example.com:443
[12:00:02] Connection established, forwarding
[12:00:03] Transferred: 15.2 KB up, 45.6 KB down
[12:00:05] Connection closed

Implementation Guide

  1. Reproduce the simplest happy-path scenario.
  2. Build the smallest working version of the core feature.
  3. Add input validation and error handling.
  4. Add instrumentation/logging to confirm behavior.
  5. Refactor into clean modules with tests.

Milestones

  • Milestone 1: Minimal working program that runs end-to-end.
  • Milestone 2: Correct outputs for typical inputs.
  • Milestone 3: Robust handling of edge cases.
  • Milestone 4: Clean structure and documented usage.

Validation Checklist

  • Output matches the real-world outcome example
  • Handles invalid inputs safely
  • Provides clear errors and exit codes
  • Repeatable results across runs

References

  • Main guide: LEARN_CPP_NETWORK_PROGRAMMING.md
  • “TCP/IP Illustrated, Volume 1” by W. Richard Stevens