bitreq: add SOCKS5 proxy support

Add SOCKS5 proxy support (RFC 1928) alongside existing HTTP CONNECT.
Uses domain-based addressing (ATYP 0x03) so DNS resolution happens at
the proxy, enabling .onion routing through Tor.

New public API: Proxy::new_socks5(addr) creates a SOCKS5 proxy config.
Both sync and async handshake paths implemented.

Motivation: ldk-node needs to route HTTP calls (RGS, scoring) through
Tor's SOCKS proxy. See lightningdevkit/ldk-node#834.

Tests: 5 parsing tests + 5 mock handshake tests covering success, .onion
domains, server rejection, port encoding, and domain length validation.

Author: heyjoe127

bitreq/README.md

@@ -7,10 +7,29 @@ This crate is a fork for the very nice
 rename it because I wanted to totally gut it and provide a crate with
 different goals. Many thanks to the original author.
 
-Simple, minimal-dependency HTTP client. Optional features for http
-proxies (`proxy`), async support (`async`, `async-https`), and https
-with various TLS implementations (`https-rustls`, `https-rustls-probe`,
-and `https` which is an alias for `https-rustls`).
+Simple, minimal-dependency HTTP client. Optional features for HTTP
+proxies and SOCKS5 proxies (`proxy`), async support (`async`,
+`async-https`), and https with various TLS implementations
+(`https-rustls`, `https-rustls-probe`, and `https` which is an alias
+for `https-rustls`).
+
+### Proxy Support
+
+The `proxy` feature enables both HTTP CONNECT and SOCKS5 proxies:
+
+```rust
+// HTTP CONNECT proxy
+let proxy = bitreq::Proxy::new_http("http://proxy.example.com:8080").unwrap();
+let response = bitreq::get("http://example.com").with_proxy(proxy).send();
+
+// SOCKS5 proxy (e.g., Tor)
+let proxy = bitreq::Proxy::new_socks5("127.0.0.1:9050").unwrap();
+let response = bitreq::get("http://example.com").with_proxy(proxy).send();
+```
+
+SOCKS5 proxies use domain-based addressing (RFC 1928 ATYP 0x03), so
+DNS resolution happens at the proxy. This is required for `.onion`
+routing through Tor.
 
 Without any optional features, my casual testing indicates about 100
 KB additional executable size for stripped release builds using this

bitreq/src/connection.rs

@@ -336,8 +336,14 @@ impl AsyncConnection {
     async fn connect(params: ConnectionParams<'_>) -> Result<AsyncTcpStream, Error> {
         #[cfg(feature = "proxy")]
         match &params.proxy {
+            Some(proxy) if proxy.is_socks5() => {
+                // SOCKS5 proxy
+                let mut tcp = Self::tcp_connect(&proxy.server, proxy.port).await?;
+                proxy.socks5_handshake_async(&mut tcp, params.host, params.port).await?;
+                Ok(tcp)
+            }
             Some(proxy) => {
-                // do proxy things
+                // HTTP CONNECT proxy
                 let mut tcp = Self::tcp_connect(&proxy.server, proxy.port).await?;
 
                 let proxy_request = proxy.connect(params.host, params.port);
@@ -709,8 +715,14 @@ impl Connection {
     ) -> Result<TcpStream, Error> {
         #[cfg(feature = "proxy")]
         match &params.proxy {
+            Some(proxy) if proxy.is_socks5() => {
+                // SOCKS5 proxy
+                let mut tcp = Self::tcp_connect(&proxy.server, proxy.port, timeout_at)?;
+                proxy.socks5_handshake_sync(&mut tcp, params.host, params.port)?;
+                Ok(tcp)
+            }
             Some(proxy) => {
-                // do proxy things
+                // HTTP CONNECT proxy
                 let mut tcp = Self::tcp_connect(&proxy.server, proxy.port, timeout_at)?;
 
                 write!(tcp, "{}", proxy.connect(params.host, params.port))?;