1
0
mirror of https://github.com/v2fly/v2ray-core.git synced 2024-11-17 09:56:18 -05:00
v2fly/proxy/shadowsocks/shadowsocks.go

257 lines
7.0 KiB
Go
Raw Normal View History

2016-01-27 06:46:40 -05:00
// R.I.P Shadowsocks
package shadowsocks
import (
2016-01-28 07:40:00 -05:00
"crypto/rand"
"io"
2016-01-28 06:33:58 -05:00
"sync"
"github.com/v2ray/v2ray-core/app"
2016-01-31 11:01:28 -05:00
"github.com/v2ray/v2ray-core/app/dispatcher"
2016-01-28 06:33:58 -05:00
"github.com/v2ray/v2ray-core/common/alloc"
2016-02-23 12:16:13 -05:00
"github.com/v2ray/v2ray-core/common/crypto"
2016-01-29 08:39:55 -05:00
v2io "github.com/v2ray/v2ray-core/common/io"
"github.com/v2ray/v2ray-core/common/log"
2016-01-27 06:46:40 -05:00
v2net "github.com/v2ray/v2ray-core/common/net"
2016-02-03 06:18:28 -05:00
"github.com/v2ray/v2ray-core/common/protocol"
2016-01-30 16:57:20 -05:00
"github.com/v2ray/v2ray-core/common/serial"
"github.com/v2ray/v2ray-core/proxy"
2016-01-28 06:33:58 -05:00
"github.com/v2ray/v2ray-core/proxy/internal"
2016-01-28 11:08:32 -05:00
"github.com/v2ray/v2ray-core/transport/hub"
2016-01-27 06:46:40 -05:00
)
type Shadowsocks struct {
2016-01-31 11:01:28 -05:00
packetDispatcher dispatcher.PacketDispatcher
config *Config
port v2net.Port
accepting bool
tcpHub *hub.TCPHub
udpHub *hub.UDPHub
2016-02-01 15:34:07 -05:00
udpServer *hub.UDPServer
2016-01-31 11:01:28 -05:00
}
func NewShadowsocks(config *Config, packetDispatcher dispatcher.PacketDispatcher) *Shadowsocks {
return &Shadowsocks{
config: config,
packetDispatcher: packetDispatcher,
}
2016-01-27 06:46:40 -05:00
}
func (this *Shadowsocks) Port() v2net.Port {
return this.port
}
func (this *Shadowsocks) Close() {
this.accepting = false
2016-01-30 16:50:36 -05:00
// TODO: synchronization
if this.tcpHub != nil {
this.tcpHub.Close()
this.tcpHub = nil
}
if this.udpHub != nil {
this.udpHub.Close()
this.udpHub = nil
}
2016-01-28 15:30:46 -05:00
}
2016-01-27 06:46:40 -05:00
func (this *Shadowsocks) Listen(port v2net.Port) error {
if this.accepting {
if this.port == port {
return nil
} else {
return proxy.ErrorAlreadyListening
}
}
2016-01-28 15:30:05 -05:00
tcpHub, err := hub.ListenTCP(port, this.handleConnection)
if err != nil {
2016-01-28 15:30:05 -05:00
log.Error("Shadowsocks: Failed to listen TCP on port ", port, ": ", err)
return err
}
2016-01-28 15:30:05 -05:00
this.tcpHub = tcpHub
if this.config.UDP {
2016-02-03 16:42:58 -05:00
this.udpServer = hub.NewUDPServer(this.packetDispatcher)
2016-01-28 15:30:05 -05:00
udpHub, err := hub.ListenUDP(port, this.handlerUDPPayload)
if err != nil {
log.Error("Shadowsocks: Failed to listen UDP on port ", port, ": ", err)
2016-02-03 15:44:20 -05:00
return err
2016-01-28 15:30:05 -05:00
}
this.udpHub = udpHub
}
2016-02-16 08:35:24 -05:00
this.port = port
this.accepting = true
2016-01-27 06:46:40 -05:00
return nil
}
2016-01-30 16:36:28 -05:00
func (this *Shadowsocks) handlerUDPPayload(payload *alloc.Buffer, source v2net.Destination) {
2016-01-28 15:30:05 -05:00
defer payload.Release()
2016-02-23 12:16:13 -05:00
ivLen := this.config.Cipher.IVSize()
iv := payload.Value[:ivLen]
2016-01-28 15:30:05 -05:00
key := this.config.Key
2016-02-23 12:16:13 -05:00
payload.SliceFrom(ivLen)
2016-01-28 15:30:05 -05:00
2016-02-23 12:16:13 -05:00
stream, err := this.config.Cipher.NewDecodingStream(key, iv)
2016-01-28 15:30:05 -05:00
if err != nil {
log.Error("Shadowsocks: Failed to create decoding stream: ", err)
return
}
2016-02-23 12:16:13 -05:00
reader := crypto.NewCryptionReader(stream, payload)
2016-01-29 15:55:42 -05:00
request, err := ReadRequest(reader, NewAuthenticator(HeaderKeyGenerator(key, iv)), true)
2016-01-28 15:30:05 -05:00
if err != nil {
2016-01-30 16:57:20 -05:00
log.Access(source, serial.StringLiteral(""), log.AccessRejected, serial.StringLiteral(err.Error()))
log.Warning("Shadowsocks: Invalid request from ", source, ": ", err)
2016-01-28 15:30:05 -05:00
return
}
2016-01-30 16:36:28 -05:00
dest := v2net.UDPDestination(request.Address, request.Port)
2016-01-30 16:57:20 -05:00
log.Access(source, dest, log.AccessAccepted, serial.StringLiteral(""))
2016-01-30 16:36:28 -05:00
log.Info("Shadowsocks: Tunnelling request to ", dest)
2016-01-30 16:57:20 -05:00
2016-01-30 16:36:28 -05:00
packet := v2net.NewPacket(dest, request.UDPPayload, false)
2016-02-01 15:34:07 -05:00
this.udpServer.Dispatch(source, packet, func(packet v2net.Packet) {
defer packet.Chunk().Release()
2016-01-28 15:30:05 -05:00
2016-02-23 12:16:13 -05:00
response := alloc.NewBuffer().Slice(0, ivLen)
2016-02-01 15:34:07 -05:00
defer response.Release()
2016-01-28 15:30:05 -05:00
rand.Read(response.Value)
respIv := response.Value
2016-01-28 15:30:05 -05:00
2016-02-23 12:16:13 -05:00
stream, err := this.config.Cipher.NewEncodingStream(key, respIv)
2016-01-28 15:30:05 -05:00
if err != nil {
log.Error("Shadowsocks: Failed to create encoding stream: ", err)
return
}
2016-02-23 12:16:13 -05:00
writer := crypto.NewCryptionWriter(stream, response)
2016-01-28 15:30:05 -05:00
switch {
case request.Address.IsIPv4():
writer.Write([]byte{AddrTypeIPv4})
writer.Write(request.Address.IP())
case request.Address.IsIPv6():
writer.Write([]byte{AddrTypeIPv6})
writer.Write(request.Address.IP())
case request.Address.IsDomain():
writer.Write([]byte{AddrTypeDomain, byte(len(request.Address.Domain()))})
writer.Write([]byte(request.Address.Domain()))
}
writer.Write(request.Port.Bytes())
2016-02-01 15:34:07 -05:00
writer.Write(packet.Chunk().Value)
2016-01-28 15:30:05 -05:00
if request.OTA {
respAuth := NewAuthenticator(HeaderKeyGenerator(key, respIv))
2016-02-23 12:16:13 -05:00
respAuth.Authenticate(response.Value, response.Value[ivLen:])
}
2016-01-30 16:36:28 -05:00
this.udpHub.WriteTo(response.Value, source)
2016-02-01 15:34:07 -05:00
})
2016-01-28 15:30:05 -05:00
}
2016-01-28 11:08:32 -05:00
func (this *Shadowsocks) handleConnection(conn *hub.TCPConn) {
defer conn.Close()
2016-01-28 06:33:58 -05:00
buffer := alloc.NewSmallBuffer()
defer buffer.Release()
timedReader := v2net.NewTimeOutReader(16, conn)
2016-02-23 12:16:13 -05:00
ivLen := this.config.Cipher.IVSize()
_, err := io.ReadFull(timedReader, buffer.Value[:ivLen])
2016-01-28 06:33:58 -05:00
if err != nil {
2016-01-30 16:57:20 -05:00
log.Access(conn.RemoteAddr(), serial.StringLiteral(""), log.AccessRejected, serial.StringLiteral(err.Error()))
2016-01-28 06:33:58 -05:00
log.Error("Shadowsocks: Failed to read IV: ", err)
return
}
2016-02-23 12:16:13 -05:00
iv := buffer.Value[:ivLen]
2016-01-28 06:33:58 -05:00
key := this.config.Key
2016-02-23 12:16:13 -05:00
stream, err := this.config.Cipher.NewDecodingStream(key, iv)
2016-01-28 06:33:58 -05:00
if err != nil {
log.Error("Shadowsocks: Failed to create decoding stream: ", err)
return
}
2016-02-23 12:16:13 -05:00
reader := crypto.NewCryptionReader(stream, timedReader)
2016-02-28 15:11:50 -05:00
request, err := ReadRequest(reader, NewAuthenticator(HeaderKeyGenerator(key, iv)), false)
2016-01-28 06:33:58 -05:00
if err != nil {
2016-01-30 16:57:20 -05:00
log.Access(conn.RemoteAddr(), serial.StringLiteral(""), log.AccessRejected, serial.StringLiteral(err.Error()))
log.Warning("Shadowsocks: Invalid request from ", conn.RemoteAddr(), ": ", err)
2016-01-28 06:33:58 -05:00
return
}
2016-02-03 06:18:28 -05:00
userSettings := protocol.GetUserSettings(this.config.Level)
timedReader.SetTimeOut(userSettings.PayloadReadTimeout)
2016-01-30 16:57:20 -05:00
dest := v2net.TCPDestination(request.Address, request.Port)
log.Access(conn.RemoteAddr(), dest, log.AccessAccepted, serial.StringLiteral(""))
log.Info("Shadowsocks: Tunnelling request to ", dest)
packet := v2net.NewPacket(dest, nil, true)
2016-01-31 11:01:28 -05:00
ray := this.packetDispatcher.DispatchToOutbound(packet)
2016-01-28 06:33:58 -05:00
var writeFinish sync.Mutex
writeFinish.Lock()
go func() {
2016-04-18 12:44:10 -04:00
if payload, err := ray.InboundOutput().Read(); err == nil {
2016-02-23 12:16:13 -05:00
payload.SliceBack(ivLen)
rand.Read(payload.Value[:ivLen])
2016-01-28 07:40:00 -05:00
2016-02-23 12:16:13 -05:00
stream, err := this.config.Cipher.NewEncodingStream(key, payload.Value[:ivLen])
2016-01-31 15:37:00 -05:00
if err != nil {
log.Error("Shadowsocks: Failed to create encoding stream: ", err)
return
}
2016-02-23 12:16:13 -05:00
stream.XORKeyStream(payload.Value[ivLen:], payload.Value[ivLen:])
2016-01-28 07:40:00 -05:00
2016-02-23 12:16:13 -05:00
conn.Write(payload.Value)
2016-01-28 07:40:00 -05:00
payload.Release()
2016-02-23 12:16:13 -05:00
writer := crypto.NewCryptionWriter(stream, conn)
v2writer := v2io.NewAdaptiveWriter(writer)
defer writer.Release()
v2io.Pipe(ray.InboundOutput(), v2writer)
2016-04-18 12:44:10 -04:00
ray.InboundOutput().Release()
2016-01-28 07:40:00 -05:00
}
2016-01-28 06:33:58 -05:00
writeFinish.Unlock()
}()
var payloadReader v2io.Reader
if request.OTA {
payloadAuth := NewAuthenticator(ChunkKeyGenerator(iv))
2016-01-29 14:54:06 -05:00
payloadReader = NewChunkReader(reader, payloadAuth)
} else {
payloadReader = v2io.NewAdaptiveReader(reader)
}
2016-04-18 12:44:10 -04:00
v2io.Pipe(payloadReader, ray.InboundInput())
ray.InboundInput().Close()
2016-04-12 15:43:13 -04:00
payloadReader.Release()
2016-01-28 06:33:58 -05:00
writeFinish.Lock()
}
func init() {
internal.MustRegisterInboundHandlerCreator("shadowsocks",
func(space app.Space, rawConfig interface{}) (proxy.InboundHandler, error) {
2016-01-31 11:01:28 -05:00
if !space.HasApp(dispatcher.APP_ID) {
return nil, internal.ErrorBadConfiguration
}
return NewShadowsocks(
rawConfig.(*Config),
space.GetApp(dispatcher.APP_ID).(dispatcher.PacketDispatcher)), nil
2016-01-28 06:33:58 -05:00
})
}