2019-02-01 14:08:21 -05:00
|
|
|
// +build !confonly
|
|
|
|
|
2016-01-27 06:46:40 -05:00
|
|
|
package shadowsocks
|
|
|
|
|
|
|
|
import (
|
2017-01-12 18:56:21 -05:00
|
|
|
"context"
|
2017-02-03 16:35:09 -05:00
|
|
|
"time"
|
2017-01-12 18:56:21 -05:00
|
|
|
|
2018-01-10 06:22:37 -05:00
|
|
|
"v2ray.com/core"
|
2017-01-12 18:56:21 -05:00
|
|
|
"v2ray.com/core/common"
|
2016-12-09 05:35:27 -05:00
|
|
|
"v2ray.com/core/common/buf"
|
2017-12-19 15:28:12 -05:00
|
|
|
"v2ray.com/core/common/log"
|
2017-01-13 17:42:39 -05:00
|
|
|
"v2ray.com/core/common/net"
|
2016-08-20 14:55:45 -04:00
|
|
|
"v2ray.com/core/common/protocol"
|
2019-01-05 15:43:22 -05:00
|
|
|
udp_proto "v2ray.com/core/common/protocol/udp"
|
2018-07-31 13:33:59 -04:00
|
|
|
"v2ray.com/core/common/session"
|
2016-12-29 18:32:20 -05:00
|
|
|
"v2ray.com/core/common/signal"
|
2018-07-31 13:33:59 -04:00
|
|
|
"v2ray.com/core/common/task"
|
2018-10-11 16:34:31 -04:00
|
|
|
"v2ray.com/core/features/policy"
|
2018-10-11 14:43:37 -04:00
|
|
|
"v2ray.com/core/features/routing"
|
2016-08-20 14:55:45 -04:00
|
|
|
"v2ray.com/core/transport/internet"
|
|
|
|
"v2ray.com/core/transport/internet/udp"
|
2016-01-27 06:46:40 -05:00
|
|
|
)
|
|
|
|
|
2016-05-12 13:42:08 -04:00
|
|
|
type Server struct {
|
2018-10-21 04:27:13 -04:00
|
|
|
config ServerConfig
|
|
|
|
user *protocol.MemoryUser
|
|
|
|
policyManager policy.Manager
|
2016-01-31 11:01:28 -05:00
|
|
|
}
|
|
|
|
|
2017-04-07 16:45:07 -04:00
|
|
|
// NewServer create a new Shadowsocks server.
|
2017-01-12 18:56:21 -05:00
|
|
|
func NewServer(ctx context.Context, config *ServerConfig) (*Server, error) {
|
2016-09-17 18:41:21 -04:00
|
|
|
if config.GetUser() == nil {
|
2017-04-08 19:43:25 -04:00
|
|
|
return nil, newError("user is not specified")
|
2016-01-31 11:01:28 -05:00
|
|
|
}
|
2016-10-31 10:24:28 -04:00
|
|
|
|
2018-08-26 18:11:32 -04:00
|
|
|
mUser, err := config.User.ToMemoryUser()
|
2016-11-02 11:17:57 -04:00
|
|
|
if err != nil {
|
2018-08-26 18:11:32 -04:00
|
|
|
return nil, newError("failed to parse user account").Base(err)
|
2016-11-02 11:17:57 -04:00
|
|
|
}
|
|
|
|
|
2018-10-21 04:27:13 -04:00
|
|
|
v := core.MustFromContext(ctx)
|
2016-09-17 18:41:21 -04:00
|
|
|
s := &Server{
|
2018-10-21 04:27:13 -04:00
|
|
|
config: *config,
|
|
|
|
user: mUser,
|
|
|
|
policyManager: v.GetFeature(policy.ManagerType()).(policy.Manager),
|
2018-01-10 06:22:37 -05:00
|
|
|
}
|
2017-11-27 16:09:30 -05:00
|
|
|
|
2016-09-17 18:41:21 -04:00
|
|
|
return s, nil
|
2016-01-27 06:46:40 -05:00
|
|
|
}
|
|
|
|
|
2018-11-20 10:58:26 -05:00
|
|
|
func (s *Server) Network() []net.Network {
|
|
|
|
list := s.config.Network
|
|
|
|
if len(list) == 0 {
|
|
|
|
list = append(list, net.Network_TCP)
|
2017-01-14 18:57:06 -05:00
|
|
|
}
|
2017-01-26 14:46:44 -05:00
|
|
|
if s.config.UdpEnabled {
|
2018-11-20 10:58:26 -05:00
|
|
|
list = append(list, net.Network_UDP)
|
2017-01-14 18:57:06 -05:00
|
|
|
}
|
|
|
|
return list
|
|
|
|
}
|
|
|
|
|
2018-10-11 14:43:37 -04:00
|
|
|
func (s *Server) Process(ctx context.Context, network net.Network, conn internet.Connection, dispatcher routing.Dispatcher) error {
|
2017-01-26 14:46:44 -05:00
|
|
|
switch network {
|
|
|
|
case net.Network_TCP:
|
2017-02-03 16:35:09 -05:00
|
|
|
return s.handleConnection(ctx, conn, dispatcher)
|
2017-01-26 14:46:44 -05:00
|
|
|
case net.Network_UDP:
|
2017-02-03 16:35:09 -05:00
|
|
|
return s.handlerUDPPayload(ctx, conn, dispatcher)
|
2017-01-26 14:46:44 -05:00
|
|
|
default:
|
2017-04-08 19:43:25 -04:00
|
|
|
return newError("unknown network: ", network)
|
2016-01-29 10:43:45 -05:00
|
|
|
}
|
2016-01-27 16:11:31 -05:00
|
|
|
}
|
|
|
|
|
2018-10-11 14:43:37 -04:00
|
|
|
func (s *Server) handlerUDPPayload(ctx context.Context, conn internet.Connection, dispatcher routing.Dispatcher) error {
|
2019-01-05 15:43:22 -05:00
|
|
|
udpServer := udp.NewDispatcher(dispatcher, func(ctx context.Context, packet *udp_proto.Packet) {
|
2018-07-03 15:38:02 -04:00
|
|
|
request := protocol.RequestHeaderFromContext(ctx)
|
|
|
|
if request == nil {
|
|
|
|
return
|
|
|
|
}
|
|
|
|
|
2019-01-05 15:43:22 -05:00
|
|
|
payload := packet.Payload
|
2018-07-03 15:38:02 -04:00
|
|
|
data, err := EncodeUDPPacket(request, payload.Bytes())
|
|
|
|
payload.Release()
|
|
|
|
if err != nil {
|
|
|
|
newError("failed to encode UDP packet").Base(err).AtWarning().WriteToLog(session.ExportIDToError(ctx))
|
|
|
|
return
|
|
|
|
}
|
|
|
|
defer data.Release()
|
|
|
|
|
|
|
|
conn.Write(data.Bytes())
|
|
|
|
})
|
2016-01-28 15:30:05 -05:00
|
|
|
|
2018-08-26 18:11:32 -04:00
|
|
|
account := s.user.Account.(*MemoryAccount)
|
2018-10-15 02:36:50 -04:00
|
|
|
inbound := session.InboundFromContext(ctx)
|
|
|
|
if inbound == nil {
|
|
|
|
panic("no inbound metadata")
|
|
|
|
}
|
|
|
|
inbound.User = s.user
|
2018-08-26 18:11:32 -04:00
|
|
|
|
2019-02-07 13:14:37 -05:00
|
|
|
reader := buf.NewPacketReader(conn)
|
2017-01-26 14:46:44 -05:00
|
|
|
for {
|
2017-11-09 16:33:15 -05:00
|
|
|
mpayload, err := reader.ReadMultiBuffer()
|
2016-01-28 15:30:05 -05:00
|
|
|
if err != nil {
|
2017-01-26 14:46:44 -05:00
|
|
|
break
|
2016-01-28 15:30:05 -05:00
|
|
|
}
|
|
|
|
|
2017-04-15 15:07:23 -04:00
|
|
|
for _, payload := range mpayload {
|
2017-09-19 17:27:49 -04:00
|
|
|
request, data, err := DecodeUDPPacket(s.user, payload)
|
2017-04-15 15:07:23 -04:00
|
|
|
if err != nil {
|
2018-09-18 17:09:54 -04:00
|
|
|
if inbound := session.InboundFromContext(ctx); inbound != nil && inbound.Source.IsValid() {
|
|
|
|
newError("dropping invalid UDP packet from: ", inbound.Source).Base(err).WriteToLog(session.ExportIDToError(ctx))
|
2017-12-19 15:28:12 -05:00
|
|
|
log.Record(&log.AccessMessage{
|
2018-09-18 17:09:54 -04:00
|
|
|
From: inbound.Source,
|
2017-12-19 15:28:12 -05:00
|
|
|
To: "",
|
|
|
|
Status: log.AccessRejected,
|
|
|
|
Reason: err,
|
|
|
|
})
|
2017-04-15 15:07:23 -04:00
|
|
|
}
|
|
|
|
payload.Release()
|
|
|
|
continue
|
2017-02-09 16:49:38 -05:00
|
|
|
}
|
2016-01-27 16:11:31 -05:00
|
|
|
|
2018-08-26 18:11:32 -04:00
|
|
|
if request.Option.Has(RequestOptionOneTimeAuth) && account.OneTimeAuth == Account_Disabled {
|
2018-06-24 19:09:02 -04:00
|
|
|
newError("client payload enables OTA but server doesn't allow it").WriteToLog(session.ExportIDToError(ctx))
|
2017-04-15 15:07:23 -04:00
|
|
|
payload.Release()
|
|
|
|
continue
|
|
|
|
}
|
2016-01-28 15:30:05 -05:00
|
|
|
|
2018-08-26 18:11:32 -04:00
|
|
|
if !request.Option.Has(RequestOptionOneTimeAuth) && account.OneTimeAuth == Account_Enabled {
|
2018-06-24 19:09:02 -04:00
|
|
|
newError("client payload disables OTA but server forces it").WriteToLog(session.ExportIDToError(ctx))
|
2017-04-15 15:07:23 -04:00
|
|
|
payload.Release()
|
|
|
|
continue
|
|
|
|
}
|
2016-11-02 11:17:57 -04:00
|
|
|
|
2020-06-19 05:52:39 -04:00
|
|
|
currentPacketCtx := ctx
|
2017-04-15 15:07:23 -04:00
|
|
|
dest := request.Destination()
|
2018-10-15 02:36:50 -04:00
|
|
|
if inbound.Source.IsValid() {
|
2020-06-19 05:52:39 -04:00
|
|
|
currentPacketCtx = log.ContextWithAccessMessage(ctx, &log.AccessMessage{
|
2018-09-18 17:09:54 -04:00
|
|
|
From: inbound.Source,
|
2017-12-19 15:28:12 -05:00
|
|
|
To: dest,
|
|
|
|
Status: log.AccessAccepted,
|
|
|
|
Reason: "",
|
2019-06-18 05:47:46 -04:00
|
|
|
Email: request.User.Email,
|
2017-12-19 15:28:12 -05:00
|
|
|
})
|
2017-04-15 15:07:23 -04:00
|
|
|
}
|
2020-06-19 05:52:39 -04:00
|
|
|
newError("tunnelling request to ", dest).WriteToLog(session.ExportIDToError(currentPacketCtx))
|
2016-11-02 11:17:57 -04:00
|
|
|
|
2020-06-19 05:52:39 -04:00
|
|
|
currentPacketCtx = protocol.ContextWithRequestHeader(currentPacketCtx, request)
|
|
|
|
udpServer.Dispatch(currentPacketCtx, dest, data)
|
2017-04-15 15:07:23 -04:00
|
|
|
}
|
2017-01-26 14:46:44 -05:00
|
|
|
}
|
2016-01-28 15:30:05 -05:00
|
|
|
|
2017-01-26 14:46:44 -05:00
|
|
|
return nil
|
2016-01-28 15:30:05 -05:00
|
|
|
}
|
|
|
|
|
2018-10-11 14:43:37 -04:00
|
|
|
func (s *Server) handleConnection(ctx context.Context, conn internet.Connection, dispatcher routing.Dispatcher) error {
|
2018-10-21 04:27:13 -04:00
|
|
|
sessionPolicy := s.policyManager.ForLevel(s.user.Level)
|
2018-01-10 06:22:37 -05:00
|
|
|
conn.SetReadDeadline(time.Now().Add(sessionPolicy.Timeouts.Handshake))
|
2018-07-31 10:05:57 -04:00
|
|
|
|
2018-08-17 14:54:25 -04:00
|
|
|
bufferedReader := buf.BufferedReader{Reader: buf.NewReader(conn)}
|
2018-04-20 18:54:53 -04:00
|
|
|
request, bodyReader, err := ReadTCPSession(s.user, &bufferedReader)
|
2016-01-28 06:33:58 -05:00
|
|
|
if err != nil {
|
2017-12-19 15:28:12 -05:00
|
|
|
log.Record(&log.AccessMessage{
|
|
|
|
From: conn.RemoteAddr(),
|
|
|
|
To: "",
|
|
|
|
Status: log.AccessRejected,
|
|
|
|
Reason: err,
|
|
|
|
})
|
2017-04-08 19:43:25 -04:00
|
|
|
return newError("failed to create request from: ", conn.RemoteAddr()).Base(err)
|
2016-01-28 06:33:58 -05:00
|
|
|
}
|
2017-01-31 10:49:59 -05:00
|
|
|
conn.SetReadDeadline(time.Time{})
|
2016-10-31 10:24:28 -04:00
|
|
|
|
2018-10-15 02:36:50 -04:00
|
|
|
inbound := session.InboundFromContext(ctx)
|
|
|
|
if inbound == nil {
|
|
|
|
panic("no inbound metadata")
|
|
|
|
}
|
|
|
|
inbound.User = s.user
|
|
|
|
|
2016-10-31 10:24:28 -04:00
|
|
|
dest := request.Destination()
|
2019-06-12 01:04:34 -04:00
|
|
|
ctx = log.ContextWithAccessMessage(ctx, &log.AccessMessage{
|
2017-12-19 15:28:12 -05:00
|
|
|
From: conn.RemoteAddr(),
|
|
|
|
To: dest,
|
|
|
|
Status: log.AccessAccepted,
|
|
|
|
Reason: "",
|
2019-06-18 05:47:46 -04:00
|
|
|
Email: request.User.Email,
|
2017-12-19 15:28:12 -05:00
|
|
|
})
|
2018-06-24 19:09:02 -04:00
|
|
|
newError("tunnelling request to ", dest).WriteToLog(session.ExportIDToError(ctx))
|
2016-01-30 16:57:20 -05:00
|
|
|
|
2017-11-14 18:36:14 -05:00
|
|
|
ctx, cancel := context.WithCancel(ctx)
|
2018-01-10 06:22:37 -05:00
|
|
|
timer := signal.CancelAfterInactivity(ctx, cancel, sessionPolicy.Timeouts.ConnectionIdle)
|
2018-05-25 06:08:28 -04:00
|
|
|
|
2018-10-11 16:34:31 -04:00
|
|
|
ctx = policy.ContextWithBufferPolicy(ctx, sessionPolicy.Buffer)
|
2018-04-16 18:31:10 -04:00
|
|
|
link, err := dispatcher.Dispatch(ctx, dest)
|
2017-02-03 16:35:09 -05:00
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
2016-01-28 06:33:58 -05:00
|
|
|
|
2018-04-11 10:45:09 -04:00
|
|
|
responseDone := func() error {
|
2018-02-23 11:07:45 -05:00
|
|
|
defer timer.SetTimeout(sessionPolicy.Timeouts.UplinkOnly)
|
|
|
|
|
2017-11-09 16:33:15 -05:00
|
|
|
bufferedWriter := buf.NewBufferedWriter(buf.NewWriter(conn))
|
2016-10-31 10:24:28 -04:00
|
|
|
responseWriter, err := WriteTCPResponse(request, bufferedWriter)
|
|
|
|
if err != nil {
|
2017-04-08 19:43:25 -04:00
|
|
|
return newError("failed to write response").Base(err)
|
2016-10-31 10:24:28 -04:00
|
|
|
}
|
2016-02-23 12:16:13 -05:00
|
|
|
|
2018-03-28 16:23:24 -04:00
|
|
|
{
|
2018-04-16 18:31:10 -04:00
|
|
|
payload, err := link.Reader.ReadMultiBuffer()
|
2018-03-28 16:23:24 -04:00
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
if err := responseWriter.WriteMultiBuffer(payload); err != nil {
|
|
|
|
return err
|
|
|
|
}
|
2017-01-06 05:40:49 -05:00
|
|
|
}
|
|
|
|
|
|
|
|
if err := bufferedWriter.SetBuffered(false); err != nil {
|
|
|
|
return err
|
|
|
|
}
|
2016-04-18 13:01:24 -04:00
|
|
|
|
2018-04-16 18:31:10 -04:00
|
|
|
if err := buf.Copy(link.Reader, responseWriter, buf.UpdateActivity(timer)); err != nil {
|
2017-04-08 19:43:25 -04:00
|
|
|
return newError("failed to transport all TCP response").Base(err)
|
2016-01-28 07:40:00 -05:00
|
|
|
}
|
2016-01-28 06:33:58 -05:00
|
|
|
|
2016-12-29 18:32:20 -05:00
|
|
|
return nil
|
2018-04-11 10:45:09 -04:00
|
|
|
}
|
2016-12-29 18:32:20 -05:00
|
|
|
|
2018-04-11 10:45:09 -04:00
|
|
|
requestDone := func() error {
|
2018-02-23 11:07:45 -05:00
|
|
|
defer timer.SetTimeout(sessionPolicy.Timeouts.DownlinkOnly)
|
2016-12-29 18:32:20 -05:00
|
|
|
|
2018-04-16 18:31:10 -04:00
|
|
|
if err := buf.Copy(bodyReader, link.Writer, buf.UpdateActivity(timer)); err != nil {
|
2017-04-08 19:43:25 -04:00
|
|
|
return newError("failed to transport all TCP request").Base(err)
|
2016-12-29 18:32:20 -05:00
|
|
|
}
|
2018-02-23 11:07:45 -05:00
|
|
|
|
2016-12-29 18:32:20 -05:00
|
|
|
return nil
|
2018-04-11 10:45:09 -04:00
|
|
|
}
|
2016-01-28 06:33:58 -05:00
|
|
|
|
2018-12-06 05:35:02 -05:00
|
|
|
var requestDoneAndCloseWriter = task.OnSuccess(requestDone, task.Close(link.Writer))
|
|
|
|
if err := task.Run(ctx, requestDoneAndCloseWriter, responseDone); err != nil {
|
2018-12-31 15:25:10 -05:00
|
|
|
common.Interrupt(link.Reader)
|
|
|
|
common.Interrupt(link.Writer)
|
2017-04-08 19:43:25 -04:00
|
|
|
return newError("connection ends").Base(err)
|
2016-12-29 18:32:20 -05:00
|
|
|
}
|
2017-01-26 14:46:44 -05:00
|
|
|
|
|
|
|
return nil
|
2016-01-28 06:33:58 -05:00
|
|
|
}
|
|
|
|
|
2017-01-12 18:56:21 -05:00
|
|
|
func init() {
|
|
|
|
common.Must(common.RegisterConfig((*ServerConfig)(nil), func(ctx context.Context, config interface{}) (interface{}, error) {
|
|
|
|
return NewServer(ctx, config.(*ServerConfig))
|
|
|
|
}))
|
2016-06-14 16:54:08 -04:00
|
|
|
}
|