v2fly/proxy/socks/protocol.go

package socks

import (
	"io"

	"v2ray.com/core/common"
	"v2ray.com/core/common/buf"
	"v2ray.com/core/common/net"
	"v2ray.com/core/common/protocol"
	"v2ray.com/core/common/serial"
)

const (
	socks5Version = 0x05
	socks4Version = 0x04

	cmdTCPConnect = 0x01
	cmdTCPBind    = 0x02
	cmdUDPPort    = 0x03

	socks4RequestGranted  = 90
	socks4RequestRejected = 91

	authNotRequired = 0x00
	//authGssAPI           = 0x01
	authPassword         = 0x02
	authNoMatchingMethod = 0xFF

	addrTypeIPv4   = 0x01
	addrTypeIPv6   = 0x04
	addrTypeDomain = 0x03

	statusSuccess       = 0x00
	statusCmdNotSupport = 0x07
)

var addrParser = protocol.NewAddressParser(
	protocol.AddressFamilyByte(0x01, net.AddressFamilyIPv4),
	protocol.AddressFamilyByte(0x04, net.AddressFamilyIPv6),
	protocol.AddressFamilyByte(0x03, net.AddressFamilyDomain),
)

type ServerSession struct {
	config *ServerConfig
	port   net.Port
}

func (s *ServerSession) Handshake(reader io.Reader, writer io.Writer) (*protocol.RequestHeader, error) {
	buffer := buf.New()
	defer buffer.Release()

	request := new(protocol.RequestHeader)

	if err := buffer.AppendSupplier(buf.ReadFullFrom(reader, 2)); err != nil {
		return nil, newError("insufficient header").Base(err)
	}

	version := buffer.Byte(0)
	if version == socks4Version {
		if s.config.AuthType == AuthType_PASSWORD {
			writeSocks4Response(writer, socks4RequestRejected, net.AnyIP, net.Port(0))
			return nil, newError("socks 4 is not allowed when auth is required.")
		}

		if err := buffer.AppendSupplier(buf.ReadFullFrom(reader, 6)); err != nil {
			return nil, newError("insufficient header").Base(err)
		}
		port := net.PortFromBytes(buffer.BytesRange(2, 4))
		address := net.IPAddress(buffer.BytesRange(4, 8))
		_, err := readUntilNull(reader) // user id
		if err != nil {
			return nil, err
		}
		if address.IP()[0] == 0x00 {
			domain, err := readUntilNull(reader)
			if err != nil {
				return nil, newError("failed to read domain for socks 4a").Base(err)
			}
			address = net.DomainAddress(domain)
		}

		switch buffer.Byte(1) {
		case cmdTCPConnect:
			request.Command = protocol.RequestCommandTCP
			request.Address = address
			request.Port = port
			request.Version = socks4Version
			if err := writeSocks4Response(writer, socks4RequestGranted, net.AnyIP, net.Port(0)); err != nil {
				return nil, err
			}
			return request, nil
		default:
			writeSocks4Response(writer, socks4RequestRejected, net.AnyIP, net.Port(0))
			return nil, newError("unsupported command: ", buffer.Byte(1))
		}
	}

	if version == socks5Version {
		nMethod := int(buffer.Byte(1))
		if err := buffer.AppendSupplier(buf.ReadFullFrom(reader, nMethod)); err != nil {
			return nil, newError("failed to read auth methods").Base(err)
		}

		var expectedAuth byte = authNotRequired
		if s.config.AuthType == AuthType_PASSWORD {
			expectedAuth = authPassword
		}

		if !hasAuthMethod(expectedAuth, buffer.BytesRange(2, 2+nMethod)) {
			writeSocks5AuthenticationResponse(writer, socks5Version, authNoMatchingMethod)
			return nil, newError("no matching auth method")
		}

		if err := writeSocks5AuthenticationResponse(writer, socks5Version, expectedAuth); err != nil {
			return nil, newError("failed to write auth response").Base(err)
		}

		if expectedAuth == authPassword {
			username, password, err := readUsernamePassword(reader)
			if err != nil {
				return nil, newError("failed to read username and password for authentication").Base(err)
			}

			if !s.config.HasAccount(username, password) {
				writeSocks5AuthenticationResponse(writer, 0x01, 0xFF)
				return nil, newError("invalid username or password")
			}

			if err := writeSocks5AuthenticationResponse(writer, 0x01, 0x00); err != nil {
				return nil, newError("failed to write auth response").Base(err)
			}
		}
		if err := buffer.Reset(buf.ReadFullFrom(reader, 3)); err != nil {
			return nil, newError("failed to read request").Base(err)
		}

		cmd := buffer.Byte(1)
		switch cmd {
		case cmdTCPConnect:
			request.Command = protocol.RequestCommandTCP
		case cmdUDPPort:
			if !s.config.UdpEnabled {
				writeSocks5Response(writer, statusCmdNotSupport, net.AnyIP, net.Port(0))
				return nil, newError("UDP is not enabled.")
			}
			request.Command = protocol.RequestCommandUDP
		case cmdTCPBind:
			writeSocks5Response(writer, statusCmdNotSupport, net.AnyIP, net.Port(0))
			return nil, newError("TCP bind is not supported.")
		default:
			writeSocks5Response(writer, statusCmdNotSupport, net.AnyIP, net.Port(0))
			return nil, newError("unknown command ", cmd)
		}

		buffer.Clear()

		request.Version = socks5Version

		addr, port, err := addrParser.ReadAddressPort(buffer, reader)
		if err != nil {
			return nil, newError("failed to read address").Base(err)
		}
		request.Address = addr
		request.Port = port

		responseAddress := net.AnyIP
		responsePort := net.Port(1717)
		if request.Command == protocol.RequestCommandUDP {
			addr := s.config.Address.AsAddress()
			if addr == nil {
				addr = net.LocalHostIP
			}
			responseAddress = addr
			responsePort = s.port
		}
		if err := writeSocks5Response(writer, statusSuccess, responseAddress, responsePort); err != nil {
			return nil, err
		}

		return request, nil
	}

	return nil, newError("unknown Socks version: ", version)
}

func readUsernamePassword(reader io.Reader) (string, string, error) {
	buffer := buf.New()
	defer buffer.Release()

	if err := buffer.Reset(buf.ReadFullFrom(reader, 2)); err != nil {
		return "", "", err
	}
	nUsername := int(buffer.Byte(1))

	if err := buffer.Reset(buf.ReadFullFrom(reader, nUsername)); err != nil {
		return "", "", err
	}
	username := buffer.String()

	if err := buffer.Reset(buf.ReadFullFrom(reader, 1)); err != nil {
		return "", "", err
	}
	nPassword := int(buffer.Byte(0))
	if err := buffer.Reset(buf.ReadFullFrom(reader, nPassword)); err != nil {
		return "", "", err
	}
	password := buffer.String()
	return username, password, nil
}

func readUntilNull(reader io.Reader) (string, error) {
	var b [256]byte
	size := 0
	for {
		_, err := reader.Read(b[size : size+1])
		if err != nil {
			return "", err
		}
		if b[size] == 0x00 {
			return string(b[:size]), nil
		}
		size++
		if size == 256 {
			return "", newError("buffer overrun")
		}
	}
}

func hasAuthMethod(expectedAuth byte, authCandidates []byte) bool {
	for _, a := range authCandidates {
		if a == expectedAuth {
			return true
		}
	}
	return false
}

func writeSocks5AuthenticationResponse(writer io.Writer, version byte, auth byte) error {
	_, err := writer.Write([]byte{version, auth})
	return err
}

func writeSocks5Response(writer io.Writer, errCode byte, address net.Address, port net.Port) error {
	buffer := buf.New()
	defer buffer.Release()

	buffer.AppendBytes(socks5Version, errCode, 0x00 /* reserved */)
	if err := addrParser.WriteAddressPort(buffer, address, port); err != nil {
		return err
	}

	_, err := writer.Write(buffer.Bytes())
	return err
}

func writeSocks4Response(writer io.Writer, errCode byte, address net.Address, port net.Port) error {
	buffer := buf.New()
	defer buffer.Release()

	buffer.AppendBytes(0x00, errCode)
	common.Must(buffer.AppendSupplier(serial.WriteUint16(port.Value())))
	buffer.Append(address.IP())
	_, err := writer.Write(buffer.Bytes())
	return err
}

func DecodeUDPPacket(packet *buf.Buffer) (*protocol.RequestHeader, error) {
	if packet.Len() < 5 {
		return nil, newError("insufficient length of packet.")
	}
	request := &protocol.RequestHeader{
		Version: socks5Version,
		Command: protocol.RequestCommandUDP,
	}

	// packet[0] and packet[1] are reserved
	if packet.Byte(2) != 0 /* fragments */ {
		return nil, newError("discarding fragmented payload.")
	}

	packet.SliceFrom(3)

	addr, port, err := addrParser.ReadAddressPort(nil, packet)
	if err != nil {
		return nil, newError("failed to read UDP header").Base(err)
	}
	request.Address = addr
	request.Port = port
	return request, nil
}

func EncodeUDPPacket(request *protocol.RequestHeader, data []byte) (*buf.Buffer, error) {
	b := buf.New()
	b.AppendBytes(0, 0, 0 /* Fragment */)
	if err := addrParser.WriteAddressPort(b, request.Address, request.Port); err != nil {
		b.Release()
		return nil, err
	}
	b.Append(data)
	return b, nil
}

type UDPReader struct {
	reader io.Reader
}

func NewUDPReader(reader io.Reader) *UDPReader {
	return &UDPReader{reader: reader}
}

func (r *UDPReader) ReadMultiBuffer() (buf.MultiBuffer, error) {
	b := buf.New()
	if err := b.AppendSupplier(buf.ReadFrom(r.reader)); err != nil {
		return nil, err
	}
	if _, err := DecodeUDPPacket(b); err != nil {
		return nil, err
	}
	return buf.NewMultiBufferValue(b), nil
}

type UDPWriter struct {
	request *protocol.RequestHeader
	writer  io.Writer
}

func NewUDPWriter(request *protocol.RequestHeader, writer io.Writer) *UDPWriter {
	return &UDPWriter{
		request: request,
		writer:  writer,
	}
}

// Write implements io.Writer.
func (w *UDPWriter) Write(b []byte) (int, error) {
	eb, err := EncodeUDPPacket(w.request, b)
	if err != nil {
		return 0, err
	}
	defer eb.Release()
	if _, err := w.writer.Write(eb.Bytes()); err != nil {
		return 0, err
	}
	return len(b), nil
}

func ClientHandshake(request *protocol.RequestHeader, reader io.Reader, writer io.Writer) (*protocol.RequestHeader, error) {
	authByte := byte(authNotRequired)
	if request.User != nil {
		authByte = byte(authPassword)
	}

	b := buf.New()
	defer b.Release()

	b.AppendBytes(socks5Version, 0x01, authByte)
	if authByte == authPassword {
		rawAccount, err := request.User.GetTypedAccount()
		if err != nil {
			return nil, err
		}
		account := rawAccount.(*Account)

		b.AppendBytes(0x01, byte(len(account.Username)))
		b.Append([]byte(account.Username))
		b.AppendBytes(byte(len(account.Password)))
		b.Append([]byte(account.Password))
	}

	if _, err := writer.Write(b.Bytes()); err != nil {
		return nil, err
	}

	if err := b.Reset(buf.ReadFullFrom(reader, 2)); err != nil {
		return nil, err
	}

	if b.Byte(0) != socks5Version {
		return nil, newError("unexpected server version: ", b.Byte(0)).AtWarning()
	}
	if b.Byte(1) != authByte {
		return nil, newError("auth method not supported.").AtWarning()
	}

	if authByte == authPassword {
		if err := b.Reset(buf.ReadFullFrom(reader, 2)); err != nil {
			return nil, err
		}
		if b.Byte(1) != 0x00 {
			return nil, newError("server rejects account: ", b.Byte(1))
		}
	}

	b.Clear()

	command := byte(cmdTCPConnect)
	if request.Command == protocol.RequestCommandUDP {
		command = byte(cmdUDPPort)
	}
	b.AppendBytes(socks5Version, command, 0x00 /* reserved */)
	if err := addrParser.WriteAddressPort(b, request.Address, request.Port); err != nil {
		return nil, err
	}

	if _, err := writer.Write(b.Bytes()); err != nil {
		return nil, err
	}

	b.Clear()
	if err := b.AppendSupplier(buf.ReadFullFrom(reader, 3)); err != nil {
		return nil, err
	}

	resp := b.Byte(1)
	if resp != 0x00 {
		return nil, newError("server rejects request: ", resp)
	}

	b.Clear()

	address, port, err := addrParser.ReadAddressPort(b, reader)
	if err != nil {
		return nil, err
	}

	if request.Command == protocol.RequestCommandUDP {
		udpRequest := &protocol.RequestHeader{
			Version: socks5Version,
			Command: protocol.RequestCommandUDP,
			Address: address,
			Port:    port,
		}
		return udpRequest, nil
	}

	return nil, nil
}
refine socks tcp handling 2017-01-03 18:43:13 -05:00			`package socks`

			`import (`
			`"io"`

fix domain length issue for all proxies 2017-10-22 14:17:06 -04:00			`"v2ray.com/core/common"`
refine socks tcp handling 2017-01-03 18:43:13 -05:00			`"v2ray.com/core/common/buf"`
step 1 to remove reference to net package 2017-08-29 06:56:57 -04:00			`"v2ray.com/core/common/net"`
refine socks tcp handling 2017-01-03 18:43:13 -05:00			`"v2ray.com/core/common/protocol"`
			`"v2ray.com/core/common/serial"`
			`)`

			`const (`
			`socks5Version = 0x05`
			`socks4Version = 0x04`

			`cmdTCPConnect = 0x01`
			`cmdTCPBind = 0x02`
			`cmdUDPPort = 0x03`

			`socks4RequestGranted = 90`
			`socks4RequestRejected = 91`

comment out unused const 2017-01-08 17:31:45 -05:00			`authNotRequired = 0x00`
			`//authGssAPI = 0x01`
refine socks tcp handling 2017-01-03 18:43:13 -05:00			`authPassword = 0x02`
			`authNoMatchingMethod = 0xFF`

			`addrTypeIPv4 = 0x01`
			`addrTypeIPv6 = 0x04`
			`addrTypeDomain = 0x03`

			`statusSuccess = 0x00`
			`statusCmdNotSupport = 0x07`
			`)`

unify all address reading and writing 2018-02-23 17:42:01 -05:00			`var addrParser = protocol.NewAddressParser(`
			`protocol.AddressFamilyByte(0x01, net.AddressFamilyIPv4),`
			`protocol.AddressFamilyByte(0x04, net.AddressFamilyIPv6),`
			`protocol.AddressFamilyByte(0x03, net.AddressFamilyDomain),`
			`)`

refine socks tcp handling 2017-01-03 18:43:13 -05:00			`type ServerSession struct {`
			`config *ServerConfig`
step 1 to remove reference to net package 2017-08-29 06:56:57 -04:00			`port net.Port`
refine socks tcp handling 2017-01-03 18:43:13 -05:00			`}`

			`func (s ServerSession) Handshake(reader io.Reader, writer io.Writer) (protocol.RequestHeader, error) {`
reuse buffer 2018-03-09 05:26:00 -05:00			`buffer := buf.New()`
			`defer buffer.Release()`

refine socks tcp handling 2017-01-03 18:43:13 -05:00			`request := new(protocol.RequestHeader)`

			`if err := buffer.AppendSupplier(buf.ReadFullFrom(reader, 2)); err != nil {`
refactor error messages 2017-04-08 19:43:25 -04:00			`return nil, newError("insufficient header").Base(err)`
refine socks tcp handling 2017-01-03 18:43:13 -05:00			`}`

			`version := buffer.Byte(0)`
			`if version == socks4Version {`
disable socks 4 when auth is required. 2018-02-23 07:55:56 -05:00			`if s.config.AuthType == AuthType_PASSWORD {`
			`writeSocks4Response(writer, socks4RequestRejected, net.AnyIP, net.Port(0))`
			`return nil, newError("socks 4 is not allowed when auth is required.")`
			`}`

refine socks tcp handling 2017-01-03 18:43:13 -05:00			`if err := buffer.AppendSupplier(buf.ReadFullFrom(reader, 6)); err != nil {`
refactor error messages 2017-04-08 19:43:25 -04:00			`return nil, newError("insufficient header").Base(err)`
refine socks tcp handling 2017-01-03 18:43:13 -05:00			`}`
step 1 to remove reference to net package 2017-08-29 06:56:57 -04:00			`port := net.PortFromBytes(buffer.BytesRange(2, 4))`
			`address := net.IPAddress(buffer.BytesRange(4, 8))`
refine socks tcp handling 2017-01-03 18:43:13 -05:00			`_, err := readUntilNull(reader) // user id`
			`if err != nil {`
			`return nil, err`
			`}`
			`if address.IP()[0] == 0x00 {`
			`domain, err := readUntilNull(reader)`
			`if err != nil {`
refactor error messages 2017-04-08 19:43:25 -04:00			`return nil, newError("failed to read domain for socks 4a").Base(err)`
refine socks tcp handling 2017-01-03 18:43:13 -05:00			`}`
step 1 to remove reference to net package 2017-08-29 06:56:57 -04:00			`address = net.DomainAddress(domain)`
refine socks tcp handling 2017-01-03 18:43:13 -05:00			`}`

			`switch buffer.Byte(1) {`
			`case cmdTCPConnect:`
			`request.Command = protocol.RequestCommandTCP`
			`request.Address = address`
			`request.Port = port`
			`request.Version = socks4Version`
step 1 to remove reference to net package 2017-08-29 06:56:57 -04:00			`if err := writeSocks4Response(writer, socks4RequestGranted, net.AnyIP, net.Port(0)); err != nil {`
refine socks tcp handling 2017-01-03 18:43:13 -05:00			`return nil, err`
			`}`
			`return request, nil`
			`default:`
step 1 to remove reference to net package 2017-08-29 06:56:57 -04:00			`writeSocks4Response(writer, socks4RequestRejected, net.AnyIP, net.Port(0))`
cleanup error messages 2017-04-09 07:30:46 -04:00			`return nil, newError("unsupported command: ", buffer.Byte(1))`
refine socks tcp handling 2017-01-03 18:43:13 -05:00			`}`
			`}`

			`if version == socks5Version {`
			`nMethod := int(buffer.Byte(1))`
			`if err := buffer.AppendSupplier(buf.ReadFullFrom(reader, nMethod)); err != nil {`
refactor error messages 2017-04-08 19:43:25 -04:00			`return nil, newError("failed to read auth methods").Base(err)`
refine socks tcp handling 2017-01-03 18:43:13 -05:00			`}`

			`var expectedAuth byte = authNotRequired`
socks client 2017-01-07 19:06:35 -05:00			`if s.config.AuthType == AuthType_PASSWORD {`
refine socks tcp handling 2017-01-03 18:43:13 -05:00			`expectedAuth = authPassword`
			`}`

			`if !hasAuthMethod(expectedAuth, buffer.BytesRange(2, 2+nMethod)) {`
fix socks password authentication 2017-01-29 02:25:01 -05:00			`writeSocks5AuthenticationResponse(writer, socks5Version, authNoMatchingMethod)`
refactor error messages 2017-04-08 19:43:25 -04:00			`return nil, newError("no matching auth method")`
refine socks tcp handling 2017-01-03 18:43:13 -05:00			`}`

fix socks password authentication 2017-01-29 02:25:01 -05:00			`if err := writeSocks5AuthenticationResponse(writer, socks5Version, expectedAuth); err != nil {`
refactor error messages 2017-04-08 19:43:25 -04:00			`return nil, newError("failed to write auth response").Base(err)`
socks client 2017-01-07 19:06:35 -05:00			`}`

refine socks tcp handling 2017-01-03 18:43:13 -05:00			`if expectedAuth == authPassword {`
			`username, password, err := readUsernamePassword(reader)`
handle nil error 2017-01-17 04:22:18 -05:00			`if err != nil {`
refactor error messages 2017-04-08 19:43:25 -04:00			`return nil, newError("failed to read username and password for authentication").Base(err)`
handle nil error 2017-01-17 04:22:18 -05:00			`}`

			`if !s.config.HasAccount(username, password) {`
fix socks password authentication 2017-01-29 02:25:01 -05:00			`writeSocks5AuthenticationResponse(writer, 0x01, 0xFF)`
refactor error messages 2017-04-08 19:43:25 -04:00			`return nil, newError("invalid username or password")`
refine socks tcp handling 2017-01-03 18:43:13 -05:00			`}`

fix socks password authentication 2017-01-29 02:25:01 -05:00			`if err := writeSocks5AuthenticationResponse(writer, 0x01, 0x00); err != nil {`
refactor error messages 2017-04-08 19:43:25 -04:00			`return nil, newError("failed to write auth response").Base(err)`
socks client 2017-01-07 19:06:35 -05:00			`}`
refine socks tcp handling 2017-01-03 18:43:13 -05:00			`}`
unify all address reading and writing 2018-02-23 17:42:01 -05:00			`if err := buffer.Reset(buf.ReadFullFrom(reader, 3)); err != nil {`
refactor error messages 2017-04-08 19:43:25 -04:00			`return nil, newError("failed to read request").Base(err)`
refine socks tcp handling 2017-01-03 18:43:13 -05:00			`}`

			`cmd := buffer.Byte(1)`
			`switch cmd {`
			`case cmdTCPConnect:`
			`request.Command = protocol.RequestCommandTCP`
			`case cmdUDPPort:`
more informational error 2018-03-26 10:56:19 -04:00			`if !s.config.UdpEnabled {`
			`writeSocks5Response(writer, statusCmdNotSupport, net.AnyIP, net.Port(0))`
			`return nil, newError("UDP is not enabled.")`
			`}`
refine socks tcp handling 2017-01-03 18:43:13 -05:00			`request.Command = protocol.RequestCommandUDP`
more informational error 2018-03-26 10:56:19 -04:00			`case cmdTCPBind:`
			`writeSocks5Response(writer, statusCmdNotSupport, net.AnyIP, net.Port(0))`
			`return nil, newError("TCP bind is not supported.")`
			`default:`
			`writeSocks5Response(writer, statusCmdNotSupport, net.AnyIP, net.Port(0))`
			`return nil, newError("unknown command ", cmd)`
refine socks tcp handling 2017-01-03 18:43:13 -05:00			`}`

			`buffer.Clear()`

			`request.Version = socks5Version`

unify all address reading and writing 2018-02-23 17:42:01 -05:00			`addr, port, err := addrParser.ReadAddressPort(buffer, reader)`
remove redundent code 2018-02-22 04:49:06 -05:00			`if err != nil {`
			`return nil, newError("failed to read address").Base(err)`
refine socks tcp handling 2017-01-03 18:43:13 -05:00			`}`
remove redundent code 2018-02-22 04:49:06 -05:00			`request.Address = addr`
			`request.Port = port`
refine socks tcp handling 2017-01-03 18:43:13 -05:00
step 1 to remove reference to net package 2017-08-29 06:56:57 -04:00			`responseAddress := net.AnyIP`
			`responsePort := net.Port(1717)`
refine socks tcp handling 2017-01-03 18:43:13 -05:00			`if request.Command == protocol.RequestCommandUDP {`
			`addr := s.config.Address.AsAddress()`
			`if addr == nil {`
step 1 to remove reference to net package 2017-08-29 06:56:57 -04:00			`addr = net.LocalHostIP`
refine socks tcp handling 2017-01-03 18:43:13 -05:00			`}`
			`responseAddress = addr`
split listening settings from inbound proxies and apply context 2017-01-26 14:46:44 -05:00			`responsePort = s.port`
refine socks tcp handling 2017-01-03 18:43:13 -05:00			`}`
			`if err := writeSocks5Response(writer, statusSuccess, responseAddress, responsePort); err != nil {`
			`return nil, err`
			`}`

			`return request, nil`
			`}`

refactor error messages 2017-04-08 19:43:25 -04:00			`return nil, newError("unknown Socks version: ", version)`
refine socks tcp handling 2017-01-03 18:43:13 -05:00			`}`

			`func readUsernamePassword(reader io.Reader) (string, string, error) {`
reuse buffer 2018-03-09 05:26:00 -05:00			`buffer := buf.New()`
refine socks tcp handling 2017-01-03 18:43:13 -05:00			`defer buffer.Release()`

refactor 2017-04-18 16:36:43 -04:00			`if err := buffer.Reset(buf.ReadFullFrom(reader, 2)); err != nil {`
refine socks tcp handling 2017-01-03 18:43:13 -05:00			`return "", "", err`
			`}`
			`nUsername := int(buffer.Byte(1))`

refactor 2017-04-18 16:36:43 -04:00			`if err := buffer.Reset(buf.ReadFullFrom(reader, nUsername)); err != nil {`
refine socks tcp handling 2017-01-03 18:43:13 -05:00			`return "", "", err`
			`}`
			`username := buffer.String()`

refactor 2017-04-18 16:36:43 -04:00			`if err := buffer.Reset(buf.ReadFullFrom(reader, 1)); err != nil {`
refine socks tcp handling 2017-01-03 18:43:13 -05:00			`return "", "", err`
			`}`
			`nPassword := int(buffer.Byte(0))`
refactor 2017-04-18 16:36:43 -04:00			`if err := buffer.Reset(buf.ReadFullFrom(reader, nPassword)); err != nil {`
refine socks tcp handling 2017-01-03 18:43:13 -05:00			`return "", "", err`
			`}`
			`password := buffer.String()`
			`return username, password, nil`
			`}`

			`func readUntilNull(reader io.Reader) (string, error) {`
			`var b [256]byte`
			`size := 0`
			`for {`
			`_, err := reader.Read(b[size : size+1])`
			`if err != nil {`
			`return "", err`
			`}`
			`if b[size] == 0x00 {`
			`return string(b[:size]), nil`
			`}`
			`size++`
			`if size == 256 {`
refactor error messages 2017-04-08 19:43:25 -04:00			`return "", newError("buffer overrun")`
refine socks tcp handling 2017-01-03 18:43:13 -05:00			`}`
			`}`
			`}`

			`func hasAuthMethod(expectedAuth byte, authCandidates []byte) bool {`
			`for _, a := range authCandidates {`
			`if a == expectedAuth {`
			`return true`
			`}`
			`}`
			`return false`
			`}`

fix socks password authentication 2017-01-29 02:25:01 -05:00			`func writeSocks5AuthenticationResponse(writer io.Writer, version byte, auth byte) error {`
			`_, err := writer.Write([]byte{version, auth})`
refine socks tcp handling 2017-01-03 18:43:13 -05:00			`return err`
			`}`

step 1 to remove reference to net package 2017-08-29 06:56:57 -04:00			`func writeSocks5Response(writer io.Writer, errCode byte, address net.Address, port net.Port) error {`
reuse buffer 2018-03-09 05:26:00 -05:00			`buffer := buf.New()`
			`defer buffer.Release()`

socks client 2017-01-07 19:06:35 -05:00			`buffer.AppendBytes(socks5Version, errCode, 0x00 /* reserved */)`
unify all address reading and writing 2018-02-23 17:42:01 -05:00			`if err := addrParser.WriteAddressPort(buffer, address, port); err != nil {`
fix socks client for super long domain 2017-09-18 19:39:33 -04:00			`return err`
			`}`
refine socks tcp handling 2017-01-03 18:43:13 -05:00
			`_, err := writer.Write(buffer.Bytes())`
			`return err`
			`}`

step 1 to remove reference to net package 2017-08-29 06:56:57 -04:00			`func writeSocks4Response(writer io.Writer, errCode byte, address net.Address, port net.Port) error {`
reuse buffer 2018-03-09 05:26:00 -05:00			`buffer := buf.New()`
			`defer buffer.Release()`

refine socks tcp handling 2017-01-03 18:43:13 -05:00			`buffer.AppendBytes(0x00, errCode)`
unify address reading in socks and shadowsocks 2018-02-22 04:31:08 -05:00			`common.Must(buffer.AppendSupplier(serial.WriteUint16(port.Value())))`
refine socks tcp handling 2017-01-03 18:43:13 -05:00			`buffer.Append(address.IP())`
			`_, err := writer.Write(buffer.Bytes())`
			`return err`
			`}`
refine socks udp handling 2017-01-07 15:57:24 -05:00
unify all address reading and writing 2018-02-23 17:42:01 -05:00			`func DecodeUDPPacket(packet buf.Buffer) (protocol.RequestHeader, error) {`
			`if packet.Len() < 5 {`
			`return nil, newError("insufficient length of packet.")`
refine socks udp handling 2017-01-07 15:57:24 -05:00			`}`
			`request := &protocol.RequestHeader{`
			`Version: socks5Version,`
			`Command: protocol.RequestCommandUDP,`
			`}`

			`// packet[0] and packet[1] are reserved`
unify all address reading and writing 2018-02-23 17:42:01 -05:00			`if packet.Byte(2) != 0 /* fragments */ {`
			`return nil, newError("discarding fragmented payload.")`
refine socks udp handling 2017-01-07 15:57:24 -05:00			`}`

unify all address reading and writing 2018-02-23 17:42:01 -05:00			`packet.SliceFrom(3)`
refine socks udp handling 2017-01-07 15:57:24 -05:00
unify all address reading and writing 2018-02-23 17:42:01 -05:00			`addr, port, err := addrParser.ReadAddressPort(nil, packet)`
			`if err != nil {`
			`return nil, newError("failed to read UDP header").Base(err)`
refine socks udp handling 2017-01-07 15:57:24 -05:00			`}`
unify all address reading and writing 2018-02-23 17:42:01 -05:00			`request.Address = addr`
			`request.Port = port`
			`return request, nil`
refine socks udp handling 2017-01-07 15:57:24 -05:00			`}`

fix socks client for super long domain 2017-09-18 19:39:33 -04:00			`func EncodeUDPPacket(request protocol.RequestHeader, data []byte) (buf.Buffer, error) {`
remove 8k buffer pool 2017-04-15 15:19:21 -04:00			`b := buf.New()`
refine socks udp handling 2017-01-07 15:57:24 -05:00			`b.AppendBytes(0, 0, 0 /* Fragment */)`
unify all address reading and writing 2018-02-23 17:42:01 -05:00			`if err := addrParser.WriteAddressPort(b, request.Address, request.Port); err != nil {`
reuse buffer 2018-03-09 05:26:00 -05:00			`b.Release()`
fix socks client for super long domain 2017-09-18 19:39:33 -04:00			`return nil, err`
			`}`
refine socks udp handling 2017-01-07 15:57:24 -05:00			`b.Append(data)`
fix socks client for super long domain 2017-09-18 19:39:33 -04:00			`return b, nil`
refine socks udp handling 2017-01-07 15:57:24 -05:00			`}`
socks client 2017-01-07 19:06:35 -05:00
			`type UDPReader struct {`
			`reader io.Reader`
			`}`

test case for socks udp 2017-01-08 10:31:28 -05:00			`func NewUDPReader(reader io.Reader) *UDPReader {`
			`return &UDPReader{reader: reader}`
			`}`

cleanup buffer usage 2017-11-09 16:33:15 -05:00			`func (r *UDPReader) ReadMultiBuffer() (buf.MultiBuffer, error) {`
remove 8k buffer pool 2017-04-15 15:19:21 -04:00			`b := buf.New()`
socks client 2017-01-07 19:06:35 -05:00			`if err := b.AppendSupplier(buf.ReadFrom(r.reader)); err != nil {`
			`return nil, err`
			`}`
unify all address reading and writing 2018-02-23 17:42:01 -05:00			`if _, err := DecodeUDPPacket(b); err != nil {`
socks client 2017-01-07 19:06:35 -05:00			`return nil, err`
			`}`
simplify code 2017-04-16 07:17:35 -04:00			`return buf.NewMultiBufferValue(b), nil`
socks client 2017-01-07 19:06:35 -05:00			`}`

			`type UDPWriter struct {`
			`request *protocol.RequestHeader`
			`writer io.Writer`
			`}`

test case for socks udp 2017-01-08 10:31:28 -05:00			`func NewUDPWriter(request protocol.RequestHeader, writer io.Writer) UDPWriter {`
			`return &UDPWriter{`
			`request: request,`
			`writer: writer,`
			`}`
			`}`

comments 2017-04-21 09:36:05 -04:00			`// Write implements io.Writer.`
clean udp writer 2017-04-21 08:51:09 -04:00			`func (w *UDPWriter) Write(b []byte) (int, error) {`
fix socks client for super long domain 2017-09-18 19:39:33 -04:00			`eb, err := EncodeUDPPacket(w.request, b)`
			`if err != nil {`
			`return 0, err`
			`}`
clean udp writer 2017-04-21 08:51:09 -04:00			`defer eb.Release()`
			`if _, err := w.writer.Write(eb.Bytes()); err != nil {`
			`return 0, err`
socks client 2017-01-07 19:06:35 -05:00			`}`
clean udp writer 2017-04-21 08:51:09 -04:00			`return len(b), nil`
socks client 2017-01-07 19:06:35 -05:00			`}`

			`func ClientHandshake(request protocol.RequestHeader, reader io.Reader, writer io.Writer) (protocol.RequestHeader, error) {`
			`authByte := byte(authNotRequired)`
			`if request.User != nil {`
			`authByte = byte(authPassword)`
			`}`
send username/password together with initial handshake data in socks client. Fix #785 2017-12-26 17:33:25 -05:00
reuse buffer 2018-03-09 05:26:00 -05:00			`b := buf.New()`
			`defer b.Release()`

send username/password together with initial handshake data in socks client. Fix #785 2017-12-26 17:33:25 -05:00			`b.AppendBytes(socks5Version, 0x01, authByte)`
			`if authByte == authPassword {`
			`rawAccount, err := request.User.GetTypedAccount()`
			`if err != nil {`
			`return nil, err`
			`}`
			`account := rawAccount.(*Account)`

			`b.AppendBytes(0x01, byte(len(account.Username)))`
			`b.Append([]byte(account.Username))`
			`b.AppendBytes(byte(len(account.Password)))`
			`b.Append([]byte(account.Password))`
			`}`

			`if _, err := writer.Write(b.Bytes()); err != nil {`
socks client 2017-01-07 19:06:35 -05:00			`return nil, err`
			`}`

send username/password together with initial handshake data in socks client. Fix #785 2017-12-26 17:33:25 -05:00			`if err := b.Reset(buf.ReadFullFrom(reader, 2)); err != nil {`
socks client 2017-01-07 19:06:35 -05:00			`return nil, err`
			`}`

			`if b.Byte(0) != socks5Version {`
cleanup error messages 2017-04-09 07:30:46 -04:00			`return nil, newError("unexpected server version: ", b.Byte(0)).AtWarning()`
socks client 2017-01-07 19:06:35 -05:00			`}`
			`if b.Byte(1) != authByte {`
cleanup error messages 2017-04-09 07:30:46 -04:00			`return nil, newError("auth method not supported.").AtWarning()`
socks client 2017-01-07 19:06:35 -05:00			`}`

			`if authByte == authPassword {`
send username/password together with initial handshake data in socks client. Fix #785 2017-12-26 17:33:25 -05:00			`if err := b.Reset(buf.ReadFullFrom(reader, 2)); err != nil {`
socks client 2017-01-07 19:06:35 -05:00			`return nil, err`
			`}`
			`if b.Byte(1) != 0x00 {`
cleanup error messages 2017-04-09 07:30:46 -04:00			`return nil, newError("server rejects account: ", b.Byte(1))`
socks client 2017-01-07 19:06:35 -05:00			`}`
			`}`

			`b.Clear()`

			`command := byte(cmdTCPConnect)`
			`if request.Command == protocol.RequestCommandUDP {`
			`command = byte(cmdUDPPort)`
			`}`
			`b.AppendBytes(socks5Version, command, 0x00 /* reserved */)`
unify all address reading and writing 2018-02-23 17:42:01 -05:00			`if err := addrParser.WriteAddressPort(b, request.Address, request.Port); err != nil {`
unify address reading in socks and shadowsocks 2018-02-22 04:31:08 -05:00			`return nil, err`
			`}`

socks client 2017-01-07 19:06:35 -05:00			`if _, err := writer.Write(b.Bytes()); err != nil {`
			`return nil, err`
			`}`

			`b.Clear()`
unify all address reading and writing 2018-02-23 17:42:01 -05:00			`if err := b.AppendSupplier(buf.ReadFullFrom(reader, 3)); err != nil {`
socks client 2017-01-07 19:06:35 -05:00			`return nil, err`
			`}`

			`resp := b.Byte(1)`
			`if resp != 0x00 {`
cleanup error messages 2017-04-09 07:30:46 -04:00			`return nil, newError("server rejects request: ", resp)`
socks client 2017-01-07 19:06:35 -05:00			`}`

			`b.Clear()`

unify all address reading and writing 2018-02-23 17:42:01 -05:00			`address, port, err := addrParser.ReadAddressPort(b, reader)`
unify address reading in socks and shadowsocks 2018-02-22 04:31:08 -05:00			`if err != nil {`
socks client 2017-01-07 19:06:35 -05:00			`return nil, err`
			`}`

			`if request.Command == protocol.RequestCommandUDP {`
			`udpRequest := &protocol.RequestHeader{`
			`Version: socks5Version,`
			`Command: protocol.RequestCommandUDP,`
			`Address: address,`
			`Port: port,`
			`}`
			`return udpRequest, nil`
			`}`

			`return nil, nil`
			`}`