1
0
mirror of https://github.com/v2fly/v2ray-core.git synced 2024-12-22 18:17:52 -05:00
v2fly/proxy/socks/protocol/socks.go

310 lines
6.9 KiB
Go
Raw Normal View History

package protocol
2015-09-07 11:12:31 -04:00
import (
2015-09-07 11:16:30 -04:00
"io"
2015-09-10 18:24:18 -04:00
2016-08-20 14:55:45 -04:00
"v2ray.com/core/common/alloc"
"v2ray.com/core/common/log"
v2net "v2ray.com/core/common/net"
"v2ray.com/core/proxy"
"v2ray.com/core/transport"
2015-09-07 11:12:31 -04:00
)
const (
2015-09-17 11:37:04 -04:00
socksVersion = byte(0x05)
socks4Version = byte(0x04)
2015-09-09 06:13:52 -04:00
2015-09-12 05:51:42 -04:00
AuthNotRequired = byte(0x00)
AuthGssApi = byte(0x01)
AuthUserPass = byte(0x02)
AuthNoMatchingMethod = byte(0xFF)
2015-09-17 11:37:04 -04:00
Socks4RequestGranted = byte(90)
Socks4RequestRejected = byte(91)
)
2015-09-07 11:12:31 -04:00
// Authentication request header of Socks5 protocol
type Socks5AuthenticationRequest struct {
2015-09-07 11:16:30 -04:00
version byte
2015-09-07 16:26:37 -04:00
nMethods byte
2015-09-07 11:16:30 -04:00
authMethods [256]byte
2015-09-07 11:12:31 -04:00
}
2015-09-09 06:13:52 -04:00
func (request *Socks5AuthenticationRequest) HasAuthMethod(method byte) bool {
2015-09-11 08:12:26 -04:00
for i := 0; i < int(request.nMethods); i++ {
2015-09-09 06:13:52 -04:00
if request.authMethods[i] == method {
return true
}
}
return false
}
2015-09-17 11:37:04 -04:00
func ReadAuthentication(reader io.Reader) (auth Socks5AuthenticationRequest, auth4 Socks4AuthenticationRequest, err error) {
2016-08-01 11:47:20 -04:00
buffer := make([]byte, 256)
2015-10-08 17:06:12 -04:00
2016-08-01 11:47:20 -04:00
nBytes, err := reader.Read(buffer)
2015-09-07 11:16:30 -04:00
if err != nil {
return
}
if nBytes < 2 {
2016-01-18 06:24:33 -05:00
log.Warning("Socks: expected 2 bytes read, but only ", nBytes, " bytes read")
2016-06-27 02:53:35 -04:00
err = transport.ErrCorruptedPacket
2015-09-07 11:16:30 -04:00
return
}
2016-08-01 11:47:20 -04:00
if buffer[0] == socks4Version {
auth4.Version = buffer[0]
auth4.Command = buffer[1]
auth4.Port = v2net.PortFromBytes(buffer[2:4])
copy(auth4.IP[:], buffer[4:8])
2015-10-13 07:55:06 -04:00
err = Socks4Downgrade
2015-09-17 11:37:04 -04:00
return
}
2016-08-01 11:47:20 -04:00
auth.version = buffer[0]
2015-09-07 11:16:30 -04:00
if auth.version != socksVersion {
2016-01-18 06:24:33 -05:00
log.Warning("Socks: Unknown protocol version ", auth.version)
2016-06-27 02:53:35 -04:00
err = proxy.ErrInvalidProtocolVersion
2015-09-07 11:16:30 -04:00
return
}
2016-08-01 11:47:20 -04:00
auth.nMethods = buffer[1]
2015-09-07 16:26:37 -04:00
if auth.nMethods <= 0 {
2016-01-18 06:24:33 -05:00
log.Warning("Socks: Zero length of authentication methods")
2016-06-27 02:53:35 -04:00
err = proxy.ErrInvalidAuthentication
2015-09-07 11:16:30 -04:00
return
}
2015-09-15 18:06:22 -04:00
if nBytes-2 != int(auth.nMethods) {
2016-01-18 06:24:33 -05:00
log.Warning("Socks: Unmatching number of auth methods, expecting ", auth.nMethods, ", but got ", nBytes)
2016-06-27 02:53:35 -04:00
err = proxy.ErrInvalidAuthentication
2015-09-07 16:26:37 -04:00
return
}
2016-08-01 11:47:20 -04:00
copy(auth.authMethods[:], buffer[2:nBytes])
2015-09-07 11:16:30 -04:00
return
2015-09-07 11:12:31 -04:00
}
type Socks5AuthenticationResponse struct {
2015-09-07 11:16:30 -04:00
version byte
authMethod byte
2015-09-07 11:12:31 -04:00
}
2015-09-09 06:13:52 -04:00
func NewAuthenticationResponse(authMethod byte) *Socks5AuthenticationResponse {
2015-09-16 10:27:36 -04:00
return &Socks5AuthenticationResponse{
version: socksVersion,
authMethod: authMethod,
}
2015-09-09 06:13:52 -04:00
}
2015-09-16 10:06:16 -04:00
func WriteAuthentication(writer io.Writer, r *Socks5AuthenticationResponse) error {
_, err := writer.Write([]byte{r.version, r.authMethod})
return err
2015-09-17 11:37:04 -04:00
}
type Socks5UserPassRequest struct {
2015-09-15 18:06:22 -04:00
version byte
username string
password string
}
2015-10-10 09:51:35 -04:00
func (request Socks5UserPassRequest) Username() string {
return request.username
}
func (request Socks5UserPassRequest) Password() string {
return request.password
}
2015-09-25 11:59:45 -04:00
func (request Socks5UserPassRequest) AuthDetail() string {
return request.username + ":" + request.password
}
func ReadUserPassRequest(reader io.Reader) (request Socks5UserPassRequest, err error) {
2015-10-08 17:06:12 -04:00
buffer := alloc.NewSmallBuffer()
defer buffer.Release()
_, err = reader.Read(buffer.Value[0:2])
2015-09-15 18:06:22 -04:00
if err != nil {
return
}
2015-10-08 17:06:12 -04:00
request.version = buffer.Value[0]
nUsername := buffer.Value[1]
nBytes, err := reader.Read(buffer.Value[:nUsername])
2015-09-15 18:06:22 -04:00
if err != nil {
return
}
2015-10-08 17:06:12 -04:00
request.username = string(buffer.Value[:nBytes])
2015-09-15 18:06:22 -04:00
2015-10-08 17:06:12 -04:00
_, err = reader.Read(buffer.Value[0:1])
2015-09-15 18:06:22 -04:00
if err != nil {
return
}
2015-10-08 17:06:12 -04:00
nPassword := buffer.Value[0]
nBytes, err = reader.Read(buffer.Value[:nPassword])
2015-09-15 18:06:22 -04:00
if err != nil {
return
}
2015-10-08 17:06:12 -04:00
request.password = string(buffer.Value[:nBytes])
2015-09-15 18:06:22 -04:00
return
}
type Socks5UserPassResponse struct {
2015-09-15 18:06:22 -04:00
version byte
status byte
}
func NewSocks5UserPassResponse(status byte) Socks5UserPassResponse {
return Socks5UserPassResponse{
version: socksVersion,
status: status,
}
}
func WriteUserPassResponse(writer io.Writer, response Socks5UserPassResponse) error {
2015-09-15 18:06:22 -04:00
_, err := writer.Write([]byte{response.version, response.status})
return err
}
const (
AddrTypeIPv4 = byte(0x01)
AddrTypeIPv6 = byte(0x04)
AddrTypeDomain = byte(0x03)
2015-09-09 06:13:52 -04:00
CmdConnect = byte(0x01)
CmdBind = byte(0x02)
CmdUdpAssociate = byte(0x03)
)
2015-09-07 16:26:37 -04:00
type Socks5Request struct {
2015-09-09 06:13:52 -04:00
Version byte
Command byte
AddrType byte
IPv4 [4]byte
Domain string
IPv6 [16]byte
2015-12-02 15:44:01 -05:00
Port v2net.Port
2015-09-07 16:26:37 -04:00
}
func ReadRequest(reader io.Reader) (request *Socks5Request, err error) {
2015-10-08 17:06:12 -04:00
buffer := alloc.NewSmallBuffer()
defer buffer.Release()
2016-02-05 05:21:13 -05:00
_, err = io.ReadFull(reader, buffer.Value[:4])
2015-09-07 16:26:37 -04:00
if err != nil {
return
}
2016-02-05 05:21:13 -05:00
2015-09-16 10:27:36 -04:00
request = &Socks5Request{
2015-10-08 17:06:12 -04:00
Version: buffer.Value[0],
Command: buffer.Value[1],
2015-09-16 10:27:36 -04:00
// buffer[2] is a reserved field
2015-10-08 17:06:12 -04:00
AddrType: buffer.Value[3],
2015-09-16 10:27:36 -04:00
}
2015-09-09 06:13:52 -04:00
switch request.AddrType {
2015-09-10 18:24:18 -04:00
case AddrTypeIPv4:
2016-02-05 05:21:13 -05:00
_, err = io.ReadFull(reader, request.IPv4[:])
2015-09-07 16:26:37 -04:00
if err != nil {
return
}
2015-09-10 18:24:18 -04:00
case AddrTypeDomain:
2016-02-05 05:21:13 -05:00
_, err = io.ReadFull(reader, buffer.Value[0:1])
2015-09-11 08:12:26 -04:00
if err != nil {
return
}
2015-10-08 17:06:12 -04:00
domainLength := buffer.Value[0]
2016-02-05 05:21:13 -05:00
_, err = io.ReadFull(reader, buffer.Value[:domainLength])
2015-09-07 16:26:37 -04:00
if err != nil {
return
}
2015-09-11 08:12:26 -04:00
2016-01-04 09:16:52 -05:00
request.Domain = string(append([]byte(nil), buffer.Value[:domainLength]...))
2015-09-10 18:24:18 -04:00
case AddrTypeIPv6:
2016-02-05 05:21:13 -05:00
_, err = io.ReadFull(reader, request.IPv6[:])
2015-09-07 16:26:37 -04:00
if err != nil {
return
}
default:
2016-01-18 06:24:33 -05:00
log.Warning("Socks: Unexpected address type ", request.AddrType)
2016-06-27 02:53:35 -04:00
err = transport.ErrCorruptedPacket
2015-09-07 16:26:37 -04:00
return
}
2016-02-05 05:21:13 -05:00
_, err = io.ReadFull(reader, buffer.Value[:2])
2015-09-07 16:26:37 -04:00
if err != nil {
return
}
2015-12-02 15:44:01 -05:00
request.Port = v2net.PortFromBytes(buffer.Value[:2])
2015-09-07 16:26:37 -04:00
return
}
2015-09-20 12:22:29 -04:00
func (request *Socks5Request) Destination() v2net.Destination {
2015-09-10 18:24:18 -04:00
switch request.AddrType {
case AddrTypeIPv4:
2015-12-16 17:53:38 -05:00
return v2net.TCPDestination(v2net.IPAddress(request.IPv4[:]), request.Port)
2015-09-10 18:24:18 -04:00
case AddrTypeIPv6:
2015-12-16 17:53:38 -05:00
return v2net.TCPDestination(v2net.IPAddress(request.IPv6[:]), request.Port)
2015-09-10 18:24:18 -04:00
case AddrTypeDomain:
2016-02-05 05:21:13 -05:00
return v2net.TCPDestination(v2net.ParseAddress(request.Domain), request.Port)
2015-09-10 18:24:18 -04:00
default:
panic("Unknown address type")
}
}
const (
ErrorSuccess = byte(0x00)
ErrorGeneralFailure = byte(0x01)
ErrorConnectionNotAllowed = byte(0x02)
ErrorNetworkUnreachable = byte(0x03)
ErrorHostUnUnreachable = byte(0x04)
ErrorConnectionRefused = byte(0x05)
ErrorTTLExpired = byte(0x06)
ErrorCommandNotSupported = byte(0x07)
ErrorAddressTypeNotSupported = byte(0x08)
)
type Socks5Response struct {
Version byte
Error byte
AddrType byte
IPv4 [4]byte
Domain string
IPv6 [16]byte
2015-12-02 15:44:01 -05:00
Port v2net.Port
}
2015-09-09 06:13:52 -04:00
func NewSocks5Response() *Socks5Response {
2015-09-16 10:27:36 -04:00
return &Socks5Response{
Version: socksVersion,
}
2015-09-09 06:13:52 -04:00
}
func (r *Socks5Response) SetIPv4(ipv4 []byte) {
r.AddrType = AddrTypeIPv4
copy(r.IPv4[:], ipv4)
}
func (r *Socks5Response) SetIPv6(ipv6 []byte) {
r.AddrType = AddrTypeIPv6
copy(r.IPv6[:], ipv6)
}
func (r *Socks5Response) SetDomain(domain string) {
r.AddrType = AddrTypeDomain
r.Domain = domain
}
func (r *Socks5Response) Write(writer io.Writer) {
writer.Write([]byte{r.Version, r.Error, 0x00 /* reserved */, r.AddrType})
switch r.AddrType {
case 0x01:
writer.Write(r.IPv4[:])
case 0x03:
writer.Write([]byte{byte(len(r.Domain))})
writer.Write([]byte(r.Domain))
case 0x04:
writer.Write(r.IPv6[:])
}
2016-06-26 16:34:48 -04:00
writer.Write(r.Port.Bytes(nil))
}