1
0
mirror of https://github.com/v2fly/v2ray-core.git synced 2024-12-23 02:26:49 -05:00
v2fly/proxy/socks/server.go

332 lines
9.0 KiB
Go
Raw Normal View History

package socks
2015-09-07 08:49:40 -04:00
import (
2015-10-13 07:55:06 -04:00
"errors"
2015-09-15 18:06:22 -04:00
"io"
2015-09-23 08:14:53 -04:00
"sync"
2015-10-06 11:24:57 -04:00
"time"
2015-09-09 06:13:52 -04:00
2016-08-20 14:55:45 -04:00
"v2ray.com/core/app"
"v2ray.com/core/app/dispatcher"
v2io "v2ray.com/core/common/io"
2016-10-16 08:22:21 -04:00
"v2ray.com/core/common/loader"
2016-08-20 14:55:45 -04:00
"v2ray.com/core/common/log"
v2net "v2ray.com/core/common/net"
"v2ray.com/core/proxy"
"v2ray.com/core/proxy/registry"
"v2ray.com/core/proxy/socks/protocol"
"v2ray.com/core/transport/internet"
"v2ray.com/core/transport/internet/udp"
2015-09-09 06:13:52 -04:00
)
2015-10-13 07:55:06 -04:00
var (
2016-08-07 09:32:41 -04:00
ErrUnsupportedSocksCommand = errors.New("Unsupported socks command.")
ErrUnsupportedAuthMethod = errors.New("Unsupported auth method.")
2015-10-13 07:55:06 -04:00
)
2016-04-25 18:33:16 -04:00
// Server is a SOCKS 5 proxy server
type Server struct {
2016-01-31 11:01:28 -05:00
tcpMutex sync.RWMutex
udpMutex sync.RWMutex
accepting bool
packetDispatcher dispatcher.PacketDispatcher
2016-08-28 17:46:50 -04:00
config *ServerConfig
2016-06-14 16:54:08 -04:00
tcpListener *internet.TCPHub
udpHub *udp.UDPHub
2016-01-31 11:01:28 -05:00
udpAddress v2net.Destination
2016-06-14 16:54:08 -04:00
udpServer *udp.UDPServer
2016-06-04 08:25:13 -04:00
meta *proxy.InboundHandlerMeta
2015-09-10 18:24:18 -04:00
}
2016-04-25 18:33:16 -04:00
// NewServer creates a new Server object.
2016-08-28 17:46:50 -04:00
func NewServer(config *ServerConfig, space app.Space, meta *proxy.InboundHandlerMeta) *Server {
2016-07-23 05:09:49 -04:00
s := &Server{
config: config,
meta: meta,
2015-09-16 10:27:36 -04:00
}
2016-07-23 05:09:49 -04:00
space.InitializeApplication(func() error {
if !space.HasApp(dispatcher.APP_ID) {
log.Error("Socks|Server: Dispatcher is not found in the space.")
return app.ErrMissingApplication
}
s.packetDispatcher = space.GetApp(dispatcher.APP_ID).(dispatcher.PacketDispatcher)
return nil
})
return s
2015-09-07 08:49:40 -04:00
}
2016-02-06 12:01:27 -05:00
// Port implements InboundHandler.Port().
2016-04-25 18:33:16 -04:00
func (this *Server) Port() v2net.Port {
2016-06-04 08:25:13 -04:00
return this.meta.Port
2016-01-19 17:41:40 -05:00
}
2016-02-06 12:01:27 -05:00
// Close implements InboundHandler.Close().
2016-04-25 18:33:16 -04:00
func (this *Server) Close() {
this.accepting = false
if this.tcpListener != nil {
2016-01-03 18:33:25 -05:00
this.tcpMutex.Lock()
this.tcpListener.Close()
2016-01-03 18:33:25 -05:00
this.tcpListener = nil
this.tcpMutex.Unlock()
}
2016-02-03 16:43:09 -05:00
if this.udpHub != nil {
2016-01-03 18:33:25 -05:00
this.udpMutex.Lock()
2016-02-03 16:43:09 -05:00
this.udpHub.Close()
this.udpHub = nil
2016-01-03 18:33:25 -05:00
this.udpMutex.Unlock()
}
}
2016-02-06 12:01:27 -05:00
// Listen implements InboundHandler.Listen().
2016-06-03 18:38:22 -04:00
func (this *Server) Start() error {
2016-01-19 17:41:40 -05:00
if this.accepting {
2016-06-03 18:38:22 -04:00
return nil
2016-01-19 17:41:40 -05:00
}
2016-06-14 16:54:08 -04:00
listener, err := internet.ListenTCP(
2016-06-04 08:25:13 -04:00
this.meta.Address,
this.meta.Port,
2016-06-03 18:38:22 -04:00
this.handleConnection,
2016-06-14 16:54:08 -04:00
this.meta.StreamSettings)
2015-09-07 08:49:40 -04:00
if err != nil {
2016-06-04 08:25:13 -04:00
log.Error("Socks: failed to listen on ", this.meta.Address, ":", this.meta.Port, ": ", err)
2015-09-12 14:36:21 -04:00
return err
2015-09-07 08:49:40 -04:00
}
2015-11-27 15:50:28 -05:00
this.accepting = true
2016-01-04 02:40:24 -05:00
this.tcpMutex.Lock()
this.tcpListener = listener
2016-01-04 02:40:24 -05:00
this.tcpMutex.Unlock()
2016-08-28 17:46:50 -04:00
if this.config.UdpEnabled {
2016-06-04 08:25:13 -04:00
this.listenUDP()
2015-10-03 15:42:03 -04:00
}
2015-09-07 08:49:40 -04:00
return nil
}
2016-06-14 16:54:08 -04:00
func (this *Server) handleConnection(connection internet.Connection) {
2015-09-09 06:13:52 -04:00
defer connection.Close()
2015-09-15 18:06:22 -04:00
timedReader := v2net.NewTimeOutReader(this.config.Timeout, connection)
reader := v2io.NewBufferedReader(timedReader)
2016-04-12 15:56:36 -04:00
defer reader.Release()
writer := v2io.NewBufferedWriter(connection)
2016-04-12 15:56:36 -04:00
defer writer.Release()
2015-09-09 06:13:52 -04:00
auth, auth4, err := protocol.ReadAuthentication(reader)
2015-10-13 07:55:06 -04:00
if err != nil && err != protocol.Socks4Downgrade {
2016-06-03 14:21:46 -04:00
if err != io.EOF {
log.Warning("Socks: failed to read authentication: ", err)
}
return
2015-09-09 06:13:52 -04:00
}
2016-08-14 17:20:23 -04:00
clientAddr := v2net.DestinationFromAddr(connection.RemoteAddr())
2015-10-13 07:55:06 -04:00
if err != nil && err == protocol.Socks4Downgrade {
2016-06-05 09:02:15 -04:00
this.handleSocks4(clientAddr, reader, writer, auth4)
2015-09-17 11:37:04 -04:00
} else {
2016-06-05 09:02:15 -04:00
this.handleSocks5(clientAddr, reader, writer, auth)
2015-10-03 15:42:03 -04:00
}
}
2015-09-17 11:37:04 -04:00
2016-08-14 11:08:01 -04:00
func (this *Server) handleSocks5(clientAddr v2net.Destination, reader *v2io.BufferedReader, writer *v2io.BufferedWriter, auth protocol.Socks5AuthenticationRequest) error {
2015-10-03 15:42:03 -04:00
expectedAuthMethod := protocol.AuthNotRequired
2016-09-25 16:54:18 -04:00
if this.config.AuthType == AuthType_PASSWORD {
2015-10-03 15:42:03 -04:00
expectedAuthMethod = protocol.AuthUserPass
}
2015-09-17 11:37:04 -04:00
2015-10-03 15:42:03 -04:00
if !auth.HasAuthMethod(expectedAuthMethod) {
authResponse := protocol.NewAuthenticationResponse(protocol.AuthNoMatchingMethod)
err := protocol.WriteAuthentication(writer, authResponse)
writer.Flush()
2015-09-15 18:06:22 -04:00
if err != nil {
2016-06-03 14:21:46 -04:00
log.Warning("Socks: failed to write authentication: ", err)
2015-09-15 18:06:22 -04:00
return err
}
2016-02-05 06:45:31 -05:00
log.Warning("Socks: client doesn't support any allowed auth methods.")
2016-08-07 09:32:41 -04:00
return ErrUnsupportedAuthMethod
2015-10-03 15:42:03 -04:00
}
2015-09-17 11:37:04 -04:00
2015-10-03 15:42:03 -04:00
authResponse := protocol.NewAuthenticationResponse(expectedAuthMethod)
2016-06-03 14:21:46 -04:00
protocol.WriteAuthentication(writer, authResponse)
err := writer.Flush()
2015-10-03 15:42:03 -04:00
if err != nil {
2016-01-18 06:24:33 -05:00
log.Error("Socks: failed to write authentication: ", err)
2015-10-03 15:42:03 -04:00
return err
}
2016-09-25 16:54:18 -04:00
if this.config.AuthType == AuthType_PASSWORD {
2015-10-03 15:42:03 -04:00
upRequest, err := protocol.ReadUserPassRequest(reader)
if err != nil {
2016-06-03 14:21:46 -04:00
log.Warning("Socks: failed to read username and password: ", err)
return err
}
2015-10-03 15:42:03 -04:00
status := byte(0)
2015-11-27 15:50:28 -05:00
if !this.config.HasAccount(upRequest.Username(), upRequest.Password()) {
2015-10-03 15:42:03 -04:00
status = byte(0xFF)
}
upResponse := protocol.NewSocks5UserPassResponse(status)
err = protocol.WriteUserPassResponse(writer, upResponse)
writer.Flush()
2015-10-03 15:42:03 -04:00
if err != nil {
2016-01-18 06:24:33 -05:00
log.Error("Socks: failed to write user pass response: ", err)
2015-10-03 15:42:03 -04:00
return err
}
if status != byte(0) {
2016-01-18 06:24:33 -05:00
log.Warning("Socks: Invalid user account: ", upRequest.AuthDetail())
2016-06-27 02:53:35 -04:00
log.Access(clientAddr, "", log.AccessRejected, proxy.ErrInvalidAuthentication)
return proxy.ErrInvalidAuthentication
2015-10-03 15:42:03 -04:00
}
}
2015-09-09 06:13:52 -04:00
2015-10-03 15:42:03 -04:00
request, err := protocol.ReadRequest(reader)
if err != nil {
2016-06-03 14:21:46 -04:00
log.Warning("Socks: failed to read request: ", err)
2015-10-03 15:42:03 -04:00
return err
}
2015-09-11 08:12:26 -04:00
2016-08-28 17:46:50 -04:00
if request.Command == protocol.CmdUdpAssociate && this.config.UdpEnabled {
2015-11-27 15:50:28 -05:00
return this.handleUDP(reader, writer)
2015-10-03 18:21:06 -04:00
}
if request.Command == protocol.CmdBind || request.Command == protocol.CmdUdpAssociate {
2015-10-03 15:42:03 -04:00
response := protocol.NewSocks5Response()
response.Error = protocol.ErrorCommandNotSupported
2015-12-02 15:44:01 -05:00
response.Port = v2net.Port(0)
2015-11-06 07:08:20 -05:00
response.SetIPv4([]byte{0, 0, 0, 0})
2015-10-08 17:06:12 -04:00
response.Write(writer)
writer.Flush()
if err != nil {
2016-01-18 06:24:33 -05:00
log.Error("Socks: failed to write response: ", err)
return err
}
2016-01-18 06:24:33 -05:00
log.Warning("Socks: Unsupported socks command ", request.Command)
2016-08-07 09:32:41 -04:00
return ErrUnsupportedSocksCommand
2015-10-03 15:42:03 -04:00
}
2015-10-13 16:00:12 -04:00
response := protocol.NewSocks5Response()
2015-10-03 15:42:03 -04:00
response.Error = protocol.ErrorSuccess
2015-10-03 18:21:06 -04:00
2015-10-05 11:09:57 -04:00
// Some SOCKS software requires a value other than dest. Let's fake one:
2015-12-02 15:44:01 -05:00
response.Port = v2net.Port(1717)
2015-11-02 18:07:19 -05:00
response.SetIPv4([]byte{0, 0, 0, 0})
2015-10-05 11:09:44 -04:00
response.Write(writer)
2015-10-03 15:42:03 -04:00
if err != nil {
2016-01-18 06:24:33 -05:00
log.Error("Socks: failed to write response: ", err)
2015-10-03 15:42:03 -04:00
return err
}
reader.SetCached(false)
writer.SetCached(false)
2015-10-03 15:42:03 -04:00
dest := request.Destination()
2016-08-14 11:08:01 -04:00
session := &proxy.SessionInfo{
Source: clientAddr,
Destination: dest,
}
2016-01-18 06:24:33 -05:00
log.Info("Socks: TCP Connect request to ", dest)
2016-06-05 09:02:15 -04:00
log.Access(clientAddr, dest, log.AccessAccepted, "")
2015-12-12 14:57:47 -05:00
2016-08-14 11:08:01 -04:00
this.transport(reader, writer, session)
2015-10-03 15:42:03 -04:00
return nil
}
2016-04-25 18:33:16 -04:00
func (this *Server) handleUDP(reader io.Reader, writer *v2io.BufferedWriter) error {
2015-10-03 18:21:06 -04:00
response := protocol.NewSocks5Response()
response.Error = protocol.ErrorSuccess
udpAddr := this.udpAddress
2015-10-03 18:21:06 -04:00
2016-09-20 05:53:05 -04:00
response.Port = udpAddr.Port
switch udpAddr.Address.Family() {
2016-08-14 12:14:12 -04:00
case v2net.AddressFamilyIPv4:
2016-09-20 05:53:05 -04:00
response.SetIPv4(udpAddr.Address.IP())
2016-08-14 12:14:12 -04:00
case v2net.AddressFamilyIPv6:
2016-09-20 05:53:05 -04:00
response.SetIPv6(udpAddr.Address.IP())
2016-08-14 12:14:12 -04:00
case v2net.AddressFamilyDomain:
2016-09-20 05:53:05 -04:00
response.SetDomain(udpAddr.Address.Domain())
2015-10-03 18:21:06 -04:00
}
2015-10-08 17:06:12 -04:00
response.Write(writer)
err := writer.Flush()
2015-10-08 17:06:12 -04:00
2015-10-03 18:21:06 -04:00
if err != nil {
2016-01-18 06:24:33 -05:00
log.Error("Socks: failed to write response: ", err)
2015-10-03 18:21:06 -04:00
return err
}
2015-10-06 11:24:57 -04:00
// The TCP connection closes after this method returns. We need to wait until
// the client closes it.
// TODO: get notified from UDP part
2015-10-06 05:57:26 -04:00
<-time.After(5 * time.Minute)
2015-10-03 18:21:06 -04:00
return nil
}
2016-08-14 11:08:01 -04:00
func (this *Server) handleSocks4(clientAddr v2net.Destination, reader *v2io.BufferedReader, writer *v2io.BufferedWriter, auth protocol.Socks4AuthenticationRequest) error {
2015-10-03 15:42:03 -04:00
result := protocol.Socks4RequestGranted
if auth.Command == protocol.CmdBind {
result = protocol.Socks4RequestRejected
2015-09-11 08:12:26 -04:00
}
2015-10-03 15:42:03 -04:00
socks4Response := protocol.NewSocks4AuthenticationResponse(result, auth.Port, auth.IP[:])
2015-10-08 17:06:12 -04:00
socks4Response.Write(writer)
2015-09-17 11:37:04 -04:00
2015-10-03 15:42:03 -04:00
if result == protocol.Socks4RequestRejected {
2016-01-18 06:24:33 -05:00
log.Warning("Socks: Unsupported socks 4 command ", auth.Command)
2016-08-07 09:32:41 -04:00
log.Access(clientAddr, "", log.AccessRejected, ErrUnsupportedSocksCommand)
return ErrUnsupportedSocksCommand
2015-10-03 15:42:03 -04:00
}
reader.SetCached(false)
writer.SetCached(false)
2015-12-16 17:53:38 -05:00
dest := v2net.TCPDestination(v2net.IPAddress(auth.IP[:]), auth.Port)
2016-08-14 11:08:01 -04:00
session := &proxy.SessionInfo{
Source: clientAddr,
Destination: dest,
}
2016-06-05 09:02:15 -04:00
log.Access(clientAddr, dest, log.AccessAccepted, "")
2016-08-14 11:08:01 -04:00
this.transport(reader, writer, session)
2015-10-03 15:42:03 -04:00
return nil
}
2016-08-14 11:08:01 -04:00
func (this *Server) transport(reader io.Reader, writer io.Writer, session *proxy.SessionInfo) {
ray := this.packetDispatcher.DispatchToOutbound(this.meta, session)
2015-09-10 18:24:18 -04:00
input := ray.InboundInput()
output := ray.InboundOutput()
2016-08-28 05:59:03 -04:00
defer input.Close()
defer output.Release()
2015-09-09 06:13:52 -04:00
2015-11-27 15:50:28 -05:00
go func() {
v2reader := v2io.NewAdaptiveReader(reader)
defer v2reader.Release()
v2io.Pipe(v2reader, input)
2016-08-28 06:01:37 -04:00
input.Close()
2015-11-27 15:50:28 -05:00
}()
2015-09-10 18:24:18 -04:00
2016-08-28 05:59:03 -04:00
v2writer := v2io.NewAdaptiveWriter(writer)
defer v2writer.Release()
2016-08-28 05:59:03 -04:00
v2io.Pipe(output, v2writer)
output.Release()
2015-09-10 18:24:18 -04:00
}
2016-04-25 18:35:42 -04:00
2016-06-14 16:54:08 -04:00
type ServerFactory struct{}
2016-10-02 17:43:58 -04:00
func (this *ServerFactory) StreamCapability() v2net.NetworkList {
return v2net.NetworkList{
Network: []v2net.Network{v2net.Network_RawTCP},
}
2016-06-14 16:54:08 -04:00
}
func (this *ServerFactory) Create(space app.Space, rawConfig interface{}, meta *proxy.InboundHandlerMeta) (proxy.InboundHandler, error) {
2016-08-28 17:46:50 -04:00
return NewServer(rawConfig.(*ServerConfig), space, meta), nil
2016-06-14 16:54:08 -04:00
}
2016-04-25 18:35:42 -04:00
func init() {
2016-10-16 08:22:21 -04:00
registry.MustRegisterInboundHandlerCreator(loader.GetType(new(ServerConfig)), new(ServerFactory))
2016-04-25 18:35:42 -04:00
}