v2fly/proxy/vmess/outbound/outbound.go

// +build !confonly

package outbound

//go:generate go run github.com/v2fly/v2ray-core/v4/common/errors/errorgen

import (
	"context"
	"time"

	core "github.com/v2fly/v2ray-core/v4"
	"github.com/v2fly/v2ray-core/v4/common"
	"github.com/v2fly/v2ray-core/v4/common/buf"
	"github.com/v2fly/v2ray-core/v4/common/net"
	"github.com/v2fly/v2ray-core/v4/common/platform"
	"github.com/v2fly/v2ray-core/v4/common/protocol"
	"github.com/v2fly/v2ray-core/v4/common/retry"
	"github.com/v2fly/v2ray-core/v4/common/session"
	"github.com/v2fly/v2ray-core/v4/common/signal"
	"github.com/v2fly/v2ray-core/v4/common/task"
	"github.com/v2fly/v2ray-core/v4/features/policy"
	"github.com/v2fly/v2ray-core/v4/proxy/vmess"
	"github.com/v2fly/v2ray-core/v4/proxy/vmess/encoding"
	"github.com/v2fly/v2ray-core/v4/transport"
	"github.com/v2fly/v2ray-core/v4/transport/internet"
)

// Handler is an outbound connection handler for VMess protocol.
type Handler struct {
	serverList    *protocol.ServerList
	serverPicker  protocol.ServerPicker
	policyManager policy.Manager
}

// New creates a new VMess outbound handler.
func New(ctx context.Context, config *Config) (*Handler, error) {
	serverList := protocol.NewServerList()
	for _, rec := range config.Receiver {
		s, err := protocol.NewServerSpecFromPB(rec)
		if err != nil {
			return nil, newError("failed to parse server spec").Base(err)
		}
		serverList.AddServer(s)
	}

	v := core.MustFromContext(ctx)
	handler := &Handler{
		serverList:    serverList,
		serverPicker:  protocol.NewRoundRobinServerPicker(serverList),
		policyManager: v.GetFeature(policy.ManagerType()).(policy.Manager),
	}

	return handler, nil
}

// Process implements proxy.Outbound.Process().
func (h *Handler) Process(ctx context.Context, link *transport.Link, dialer internet.Dialer) error {
	var rec *protocol.ServerSpec
	var conn internet.Connection

	err := retry.ExponentialBackoff(5, 200).On(func() error {
		rec = h.serverPicker.PickServer()
		rawConn, err := dialer.Dial(ctx, rec.Destination())
		if err != nil {
			return err
		}
		conn = rawConn

		return nil
	})
	if err != nil {
		return newError("failed to find an available destination").Base(err).AtWarning()
	}
	defer conn.Close()

	outbound := session.OutboundFromContext(ctx)
	if outbound == nil || !outbound.Target.IsValid() {
		return newError("target not specified").AtError()
	}

	target := outbound.Target
	newError("tunneling request to ", target, " via ", rec.Destination()).WriteToLog(session.ExportIDToError(ctx))

	command := protocol.RequestCommandTCP
	if target.Network == net.Network_UDP {
		command = protocol.RequestCommandUDP
	}
	if target.Address.Family().IsDomain() && target.Address.Domain() == "v1.mux.cool" {
		command = protocol.RequestCommandMux
	}

	user := rec.PickUser()
	request := &protocol.RequestHeader{
		Version: encoding.Version,
		User:    user,
		Command: command,
		Address: target.Address,
		Port:    target.Port,
		Option:  protocol.RequestOptionChunkStream,
	}

	account := request.User.Account.(*vmess.MemoryAccount)
	request.Security = account.Security

	if request.Security == protocol.SecurityType_AES128_GCM || request.Security == protocol.SecurityType_NONE || request.Security == protocol.SecurityType_CHACHA20_POLY1305 {
		request.Option.Set(protocol.RequestOptionChunkMasking)
	}

	if shouldEnablePadding(request.Security) && request.Option.Has(protocol.RequestOptionChunkMasking) {
		request.Option.Set(protocol.RequestOptionGlobalPadding)
	}

	if request.Security == protocol.SecurityType_ZERO {
		request.Security = protocol.SecurityType_NONE
		request.Option.Clear(protocol.RequestOptionChunkStream)
		request.Option.Clear(protocol.RequestOptionChunkMasking)
	}

	input := link.Reader
	output := link.Writer

	isAEAD := false
	if !aeadDisabled && len(account.AlterIDs) == 0 {
		isAEAD = true
	}

	session := encoding.NewClientSession(ctx, isAEAD, protocol.DefaultIDHash)
	sessionPolicy := h.policyManager.ForLevel(request.User.Level)

	ctx, cancel := context.WithCancel(ctx)
	timer := signal.CancelAfterInactivity(ctx, cancel, sessionPolicy.Timeouts.ConnectionIdle)

	requestDone := func() error {
		defer timer.SetTimeout(sessionPolicy.Timeouts.DownlinkOnly)

		writer := buf.NewBufferedWriter(buf.NewWriter(conn))
		if err := session.EncodeRequestHeader(request, writer); err != nil {
			return newError("failed to encode request").Base(err).AtWarning()
		}

		bodyWriter := session.EncodeRequestBody(request, writer)
		if err := buf.CopyOnceTimeout(input, bodyWriter, time.Millisecond*100); err != nil && err != buf.ErrNotTimeoutReader && err != buf.ErrReadTimeout {
			return newError("failed to write first payload").Base(err)
		}

		if err := writer.SetBuffered(false); err != nil {
			return err
		}

		if err := buf.Copy(input, bodyWriter, buf.UpdateActivity(timer)); err != nil {
			return err
		}

		if request.Option.Has(protocol.RequestOptionChunkStream) {
			if err := bodyWriter.WriteMultiBuffer(buf.MultiBuffer{}); err != nil {
				return err
			}
		}

		return nil
	}

	responseDone := func() error {
		defer timer.SetTimeout(sessionPolicy.Timeouts.UplinkOnly)

		reader := &buf.BufferedReader{Reader: buf.NewReader(conn)}
		header, err := session.DecodeResponseHeader(reader)
		if err != nil {
			return newError("failed to read header").Base(err)
		}
		h.handleCommand(rec.Destination(), header.Command)

		bodyReader := session.DecodeResponseBody(request, reader)

		return buf.Copy(bodyReader, output, buf.UpdateActivity(timer))
	}

	responseDonePost := task.OnSuccess(responseDone, task.Close(output))
	if err := task.Run(ctx, requestDone, responseDonePost); err != nil {
		return newError("connection ends").Base(err)
	}

	return nil
}

var (
	enablePadding = false
	aeadDisabled  = false
)

func shouldEnablePadding(s protocol.SecurityType) bool {
	return enablePadding || s == protocol.SecurityType_AES128_GCM || s == protocol.SecurityType_CHACHA20_POLY1305 || s == protocol.SecurityType_AUTO
}

func init() {
	common.Must(common.RegisterConfig((*Config)(nil), func(ctx context.Context, config interface{}) (interface{}, error) {
		return New(ctx, config.(*Config))
	}))

	const defaultFlagValue = "NOT_DEFINED_AT_ALL"

	paddingValue := platform.NewEnvFlag("v2ray.vmess.padding").GetValue(func() string { return defaultFlagValue })
	if paddingValue != defaultFlagValue {
		enablePadding = true
	}

	isAeadDisabled := platform.NewEnvFlag("v2ray.vmess.aead.disabled").GetValue(func() string { return defaultFlagValue })
	if isAeadDisabled == "true" {
		aeadDisabled = true
	}
}
optimize v2ctl size 2019-02-01 19:08:21 +00:00			`// +build !confonly`

split vmess inbound and outbound 2015-12-04 11:07:32 +00:00			`package outbound`
connecting dots 2015-09-10 22:24:18 +00:00
Chore: change module name (#677) 2021-02-16 20:31:50 +00:00			`//go:generate go run github.com/v2fly/v2ray-core/v4/common/errors/errorgen`
refactor error messages 2017-04-08 23:43:25 +00:00
connecting dots 2015-09-10 22:24:18 +00:00			`import (`
leverage global object creator in proxies. 2017-01-12 23:56:21 +00:00			`"context"`
simplify import 2017-01-13 22:42:39 +00:00			`"time"`
leverage global object creator in proxies. 2017-01-12 23:56:21 +00:00
Chore: change module name (#677) 2021-02-16 20:31:50 +00:00			`core "github.com/v2fly/v2ray-core/v4"`
			`"github.com/v2fly/v2ray-core/v4/common"`
			`"github.com/v2fly/v2ray-core/v4/common/buf"`
			`"github.com/v2fly/v2ray-core/v4/common/net"`
			`"github.com/v2fly/v2ray-core/v4/common/platform"`
			`"github.com/v2fly/v2ray-core/v4/common/protocol"`
			`"github.com/v2fly/v2ray-core/v4/common/retry"`
			`"github.com/v2fly/v2ray-core/v4/common/session"`
			`"github.com/v2fly/v2ray-core/v4/common/signal"`
			`"github.com/v2fly/v2ray-core/v4/common/task"`
			`"github.com/v2fly/v2ray-core/v4/features/policy"`
			`"github.com/v2fly/v2ray-core/v4/proxy/vmess"`
			`"github.com/v2fly/v2ray-core/v4/proxy/vmess/encoding"`
			`"github.com/v2fly/v2ray-core/v4/transport"`
			`"github.com/v2fly/v2ray-core/v4/transport/internet"`
connecting dots 2015-09-10 22:24:18 +00:00			`)`

naming refactoring 2017-02-13 12:16:37 +00:00			`// Handler is an outbound connection handler for VMess protocol.`
			`type Handler struct {`
refactor dependency resolution 2018-10-21 08:27:13 +00:00			`serverList *protocol.ServerList`
			`serverPicker protocol.ServerPicker`
			`policyManager policy.Manager`
connecting dots 2015-09-10 22:24:18 +00:00			`}`

fix lint errors 2018-05-25 21:20:24 +00:00			`// New creates a new VMess outbound handler.`
naming refactoring 2017-02-13 12:16:37 +00:00			`func New(ctx context.Context, config Config) (Handler, error) {`
leverage global object creator in proxies. 2017-01-12 23:56:21 +00:00			`serverList := protocol.NewServerList()`
			`for _, rec := range config.Receiver {`
Fix according to go vet results 2020-08-26 11:35:33 +00:00			`s, err := protocol.NewServerSpecFromPB(rec)`
introduce in-memory user 2018-08-26 22:11:32 +00:00			`if err != nil {`
			`return nil, newError("failed to parse server spec").Base(err)`
			`}`
			`serverList.AddServer(s)`
leverage global object creator in proxies. 2017-01-12 23:56:21 +00:00			`}`
refactor dependency resolution 2018-10-21 08:27:13 +00:00
			`v := core.MustFromContext(ctx)`
naming refactoring 2017-02-13 12:16:37 +00:00			`handler := &Handler{`
refactor dependency resolution 2018-10-21 08:27:13 +00:00			`serverList: serverList,`
			`serverPicker: protocol.NewRoundRobinServerPicker(serverList),`
			`policyManager: v.GetFeature(policy.ManagerType()).(policy.Manager),`
massive refactoring for interoperability 2018-01-10 11:22:37 +00:00			`}`
customizable policy 2017-11-27 21:09:30 +00:00
leverage global object creator in proxies. 2017-01-12 23:56:21 +00:00			`return handler, nil`
			`}`

naming refactoring 2017-02-13 12:16:37 +00:00			`// Process implements proxy.Outbound.Process().`
Make isAEAD more efficient 2020-09-21 01:10:56 +00:00			`func (h Handler) Process(ctx context.Context, link transport.Link, dialer internet.Dialer) error {`
use server spec in vmess 2016-07-25 14:48:09 +00:00			`var rec *protocol.ServerSpec`
massive refactoring for kcp 2016-06-14 20:54:08 +00:00			`var conn internet.Connection`
retry if vmess conn fails 2016-06-05 22:10:51 +00:00
refine error handling in retry logic 2017-02-10 10:41:50 +00:00			`err := retry.ExponentialBackoff(5, 200).On(func() error {`
Make isAEAD more efficient 2020-09-21 01:10:56 +00:00			`rec = h.serverPicker.PickServer()`
split listening settings from inbound proxies and apply context 2017-01-26 19:46:44 +00:00			`rawConn, err := dialer.Dial(ctx, rec.Destination())`
retry if vmess conn fails 2016-06-05 22:10:51 +00:00			`if err != nil {`
			`return err`
			`}`
			`conn = rawConn`

			`return nil`
			`})`
			`if err != nil {`
refactor error messages 2017-04-08 23:43:25 +00:00			`return newError("failed to find an available destination").Base(err).AtWarning()`
retry if vmess conn fails 2016-06-05 22:10:51 +00:00			`}`
Refine code according to golangci-lint results 2020-10-11 11:22:46 +00:00			`defer conn.Close()`
split listening settings from inbound proxies and apply context 2017-01-26 19:46:44 +00:00
move session based info into session package 2018-09-18 21:09:54 +00:00			`outbound := session.OutboundFromContext(ctx)`
			`if outbound == nil \|\| !outbound.Target.IsValid() {`
refactor error messages 2017-04-08 23:43:25 +00:00			`return newError("target not specified").AtError()`
update context functions 2017-02-09 21:49:38 +00:00			`}`
move session based info into session package 2018-09-18 21:09:54 +00:00
			`target := outbound.Target`
remove dependency from errors to session 2018-06-24 23:09:02 +00:00			`newError("tunneling request to ", target, " via ", rec.Destination()).WriteToLog(session.ExportIDToError(ctx))`
connecting dots 2015-09-10 22:24:18 +00:00
remove unnecessary package alias 2016-05-07 18:26:29 +00:00			`command := protocol.RequestCommandTCP`
simplify import 2017-01-13 22:42:39 +00:00			`if target.Network == net.Network_UDP {`
remove unnecessary package alias 2016-05-07 18:26:29 +00:00			`command = protocol.RequestCommandUDP`
prefer interface over struct 2015-09-20 16:22:29 +00:00			`}`
enable mux command for next version 2018-02-11 23:06:51 +00:00			`if target.Address.Family().IsDomain() && target.Address.Domain() == "v1.mux.cool" {`
			`command = protocol.RequestCommandMux`
			`}`

Added TestsEnabled Settings to enable VMessAEAD test 2020-06-08 08:50:50 +00:00			`user := rec.PickUser()`
remove unnecessary package alias 2016-05-07 18:26:29 +00:00			`request := &protocol.RequestHeader{`
move encoding to vmess 2016-07-23 11:17:51 +00:00			`Version: encoding.Version,`
Added TestsEnabled Settings to enable VMessAEAD test 2020-06-08 08:50:50 +00:00			`User: user,`
prefer interface over struct 2015-09-20 16:22:29 +00:00			`Command: command,`
proto for destination 2016-09-20 09:53:05 +00:00			`Address: target.Address,`
			`Port: target.Port,`
remove unnecessary package alias 2016-05-07 18:26:29 +00:00			`Option: protocol.RequestOptionChunkStream,`
chunk stream in vmess 2016-02-01 11:22:29 +00:00			`}`
Remove unnecessary copy in VMess protocol 2015-10-07 12:50:17 +00:00
comments 2018-10-18 07:25:58 +00:00			`account := request.User.Account.(*vmess.MemoryAccount)`
security options in vmess 2016-12-07 20:43:41 +00:00			`request.Security = account.Security`

settings for forcing secure encryption in vmess server 2018-02-23 11:13:02 +00:00			`if request.Security == protocol.SecurityType_AES128_GCM \|\| request.Security == protocol.SecurityType_NONE \|\| request.Security == protocol.SecurityType_CHACHA20_POLY1305 {`
update frame header masking strategy 2017-02-14 13:16:43 +00:00			`request.Option.Set(protocol.RequestOptionChunkMasking)`
			`}`

enable global padding for aead by default 2018-11-02 08:15:35 +00:00			`if shouldEnablePadding(request.Security) && request.Option.Has(protocol.RequestOptionChunkMasking) {`
padding must be enabled when chunk masking is enabled 2018-07-30 07:49:00 +00:00			`request.Option.Set(protocol.RequestOptionGlobalPadding)`
			`}`

Imaginary Security Lever: zero: turn off all security on payload data 2021-03-01 15:39:52 +00:00			`if request.Security == protocol.SecurityType_ZERO {`
			`request.Security = protocol.SecurityType_NONE`
			`request.Option.Clear(protocol.RequestOptionChunkStream)`
			`request.Option.Clear(protocol.RequestOptionChunkMasking)`
			`}`

rewrite ray -> pipe 2018-04-16 22:31:10 +00:00			`input := link.Reader`
			`output := link.Writer`
Fix for empty packets 2016-01-05 11:08:16 +00:00
Make isAEAD more efficient 2020-09-21 01:10:56 +00:00			`isAEAD := false`
Refine code according to golangci-lint results 2020-10-11 11:22:46 +00:00			`if !aeadDisabled && len(account.AlterIDs) == 0 {`
Make isAEAD more efficient 2020-09-21 01:10:56 +00:00			`isAEAD = true`
			`}`
Added TestsEnabled Settings to enable VMessAEAD test 2020-06-08 08:50:50 +00:00
Refine code according to golangci-lint results 2020-10-11 11:22:46 +00:00			`session := encoding.NewClientSession(ctx, isAEAD, protocol.DefaultIDHash)`
Make isAEAD more efficient 2020-09-21 01:10:56 +00:00			`sessionPolicy := h.policyManager.ForLevel(request.User.Level)`
Migrate VMessOut into protocol 2016-02-27 15:41:21 +00:00
clean up dns package 2017-11-14 23:36:14 +00:00			`ctx, cancel := context.WithCancel(ctx)`
massive refactoring for interoperability 2018-01-10 11:22:37 +00:00			`timer := signal.CancelAfterInactivity(ctx, cancel, sessionPolicy.Timeouts.ConnectionIdle)`
cancel sessions after inactivity 2017-01-31 11:42:05 +00:00
better way to run tasks in parallel 2018-04-11 14:45:09 +00:00			`requestDone := func() error {`
fix error handling in vmess outbound 2018-02-19 16:50:21 +00:00			`defer timer.SetTimeout(sessionPolicy.Timeouts.DownlinkOnly)`

cleanup buffer usage 2017-11-09 21:33:15 +00:00			`writer := buf.NewBufferedWriter(buf.NewWriter(conn))`
fix domain length issue for all proxies 2017-10-22 18:17:06 +00:00			`if err := session.EncodeRequestHeader(request, writer); err != nil {`
			`return newError("failed to encode request").Base(err).AtWarning()`
			`}`
format code 2015-09-15 22:06:22 +00:00
task engine for all proxies 2016-12-29 23:32:20 +00:00			`bodyWriter := session.EncodeRequestBody(request, writer)`
reduce delay on passive connections 2018-08-21 21:09:45 +00:00			`if err := buf.CopyOnceTimeout(input, bodyWriter, time.Millisecond*100); err != nil && err != buf.ErrNotTimeoutReader && err != buf.ErrReadTimeout {`
fix passive connection in mux. fix #1167 2018-06-27 10:21:22 +00:00			`return newError("failed to write first payload").Base(err)`
task engine for all proxies 2016-12-29 23:32:20 +00:00			`}`
refine stream handling 2017-01-04 11:34:01 +00:00
merge buf stream 2017-03-27 09:26:44 +00:00			`if err := writer.SetBuffered(false); err != nil {`
			`return err`
			`}`

update activity 2017-04-27 20:30:48 +00:00			`if err := buf.Copy(input, bodyWriter, buf.UpdateActivity(timer)); err != nil {`
task engine for all proxies 2016-12-29 23:32:20 +00:00			`return err`
handle empty payload in freedom and outbound 2016-08-15 10:23:35 +00:00			`}`
Massive fixes 2016-05-13 00:20:07 +00:00
task engine for all proxies 2016-12-29 23:32:20 +00:00			`if request.Option.Has(protocol.RequestOptionChunkStream) {`
cleanup buffer usage 2017-11-09 21:33:15 +00:00			`if err := bodyWriter.WriteMultiBuffer(buf.MultiBuffer{}); err != nil {`
task engine for all proxies 2016-12-29 23:32:20 +00:00			`return err`
			`}`
			`}`
fix error handling in vmess outbound 2018-02-19 16:50:21 +00:00
task engine for all proxies 2016-12-29 23:32:20 +00:00			`return nil`
better way to run tasks in parallel 2018-04-11 14:45:09 +00:00			`}`
task engine for all proxies 2016-12-29 23:32:20 +00:00
better way to run tasks in parallel 2018-04-11 14:45:09 +00:00			`responseDone := func() error {`
massive refactoring for interoperability 2018-01-10 11:22:37 +00:00			`defer timer.SetTimeout(sessionPolicy.Timeouts.UplinkOnly)`
task engine for all proxies 2016-12-29 23:32:20 +00:00
revert reader creation based on per-connection buffer 2018-08-17 18:54:25 +00:00			`reader := &buf.BufferedReader{Reader: buf.NewReader(conn)}`
task engine for all proxies 2016-12-29 23:32:20 +00:00			`header, err := session.DecodeResponseHeader(reader)`
send reuse option in header 2016-06-02 19:34:25 +00:00			`if err != nil {`
fix error handling in vmess outbound 2018-02-19 16:50:21 +00:00			`return newError("failed to read header").Base(err)`
send reuse option in header 2016-06-02 19:34:25 +00:00			`}`
Make isAEAD more efficient 2020-09-21 01:10:56 +00:00			`h.handleCommand(rec.Destination(), header.Command)`
connecting dots 2015-09-10 22:24:18 +00:00
task engine for all proxies 2016-12-29 23:32:20 +00:00			`bodyReader := session.DecodeResponseBody(request, reader)`
fix error handling in vmess outbound 2018-02-19 16:50:21 +00:00
fix lint warnings 2017-11-23 22:46:46 +00:00			`return buf.Copy(bodyReader, output, buf.UpdateActivity(timer))`
better way to run tasks in parallel 2018-04-11 14:45:09 +00:00			`}`
UDP support 2015-10-03 09:34:01 +00:00
Style: format code by gofumpt (#1022) 2021-05-19 21:28:52 +00:00			`responseDonePost := task.OnSuccess(responseDone, task.Close(output))`
simplify task execution 2018-12-06 10:35:02 +00:00			`if err := task.Run(ctx, requestDone, responseDonePost); err != nil {`
refactor error messages 2017-04-08 23:43:25 +00:00			`return newError("connection ends").Base(err)`
discard bad connections 2016-06-01 20:09:34 +00:00			`}`

split listening settings from inbound proxies and apply context 2017-01-26 19:46:44 +00:00			`return nil`
connecting dots 2015-09-10 22:24:18 +00:00			`}`
massive refactoring for kcp 2016-06-14 20:54:08 +00:00
env flag controlled global padding 2018-07-18 08:40:28 +00:00			`var (`
			`enablePadding = false`
Refine code according to golangci-lint results 2020-10-11 11:22:46 +00:00			`aeadDisabled = false`
env flag controlled global padding 2018-07-18 08:40:28 +00:00			`)`

enable global padding for aead by default 2018-11-02 08:15:35 +00:00			`func shouldEnablePadding(s protocol.SecurityType) bool {`
			`return enablePadding \|\| s == protocol.SecurityType_AES128_GCM \|\| s == protocol.SecurityType_CHACHA20_POLY1305 \|\| s == protocol.SecurityType_AUTO`
			`}`

massive refactoring for kcp 2016-06-14 20:54:08 +00:00			`func init() {`
leverage global object creator in proxies. 2017-01-12 23:56:21 +00:00			`common.Must(common.RegisterConfig((*Config)(nil), func(ctx context.Context, config interface{}) (interface{}, error) {`
			`return New(ctx, config.(*Config))`
			`}))`
env flag controlled global padding 2018-07-18 08:40:28 +00:00
			`const defaultFlagValue = "NOT_DEFINED_AT_ALL"`
Make isAEAD more efficient 2020-09-21 03:20:04 +00:00
env flag controlled global padding 2018-07-18 08:40:28 +00:00			`paddingValue := platform.NewEnvFlag("v2ray.vmess.padding").GetValue(func() string { return defaultFlagValue })`
			`if paddingValue != defaultFlagValue {`
			`enablePadding = true`
			`}`
Make isAEAD more efficient 2020-09-21 03:20:04 +00:00
Refine code according to golangci-lint results 2020-10-11 11:22:46 +00:00			`isAeadDisabled := platform.NewEnvFlag("v2ray.vmess.aead.disabled").GetValue(func() string { return defaultFlagValue })`
			`if isAeadDisabled == "true" {`
			`aeadDisabled = true`
Make isAEAD more efficient 2020-09-21 03:20:04 +00:00			`}`
connecting dots 2015-09-10 22:24:18 +00:00			`}`