v2fly/proxy/vmess/encoding/server.go

package encoding

import (
	"crypto/md5"
	"hash/fnv"
	"io"
	"v2ray.com/core/common/crypto"
	"v2ray.com/core/common/errors"
	"v2ray.com/core/common/log"
	v2net "v2ray.com/core/common/net"
	"v2ray.com/core/common/protocol"
	"v2ray.com/core/common/serial"
	"v2ray.com/core/proxy/vmess"
)

type ServerSession struct {
	userValidator   protocol.UserValidator
	requestBodyKey  []byte
	requestBodyIV   []byte
	responseBodyKey []byte
	responseBodyIV  []byte
	responseHeader  byte
	responseWriter  io.Writer
}

// NewServerSession creates a new ServerSession, using the given UserValidator.
// The ServerSession instance doesn't take ownership of the validator.
func NewServerSession(validator protocol.UserValidator) *ServerSession {
	return &ServerSession{
		userValidator: validator,
	}
}

// Release implements common.Releaseable.
func (v *ServerSession) Release() {
	v.userValidator = nil
	v.requestBodyIV = nil
	v.requestBodyKey = nil
	v.responseBodyIV = nil
	v.responseBodyKey = nil
	v.responseWriter = nil
}

func (v *ServerSession) DecodeRequestHeader(reader io.Reader) (*protocol.RequestHeader, error) {
	buffer := make([]byte, 512)

	_, err := io.ReadFull(reader, buffer[:protocol.IDBytesLen])
	if err != nil {
		log.Info("VMess|Server: Failed to read request header: ", err)
		return nil, io.EOF
	}

	user, timestamp, valid := v.userValidator.Get(buffer[:protocol.IDBytesLen])
	if !valid {
		return nil, protocol.ErrInvalidUser
	}

	timestampHash := md5.New()
	timestampHash.Write(hashTimestamp(timestamp))
	iv := timestampHash.Sum(nil)
	account, err := user.GetTypedAccount()
	if err != nil {
		return nil, errors.Base(err).Message("VMess|Server: Failed to get user account.")
	}

	aesStream := crypto.NewAesDecryptionStream(account.(*vmess.InternalAccount).ID.CmdKey(), iv)
	decryptor := crypto.NewCryptionReader(aesStream, reader)

	nBytes, err := io.ReadFull(decryptor, buffer[:41])
	if err != nil {
		return nil, errors.Base(err).Message("VMess|Server: Failed to read request header.")
	}
	bufferLen := nBytes

	request := &protocol.RequestHeader{
		User:    user,
		Version: buffer[0],
	}

	if request.Version != Version {
		return nil, errors.New("VMess|Server: Invalid protocol version ", request.Version)
	}

	v.requestBodyIV = append([]byte(nil), buffer[1:17]...)   // 16 bytes
	v.requestBodyKey = append([]byte(nil), buffer[17:33]...) // 16 bytes
	v.responseHeader = buffer[33]                            // 1 byte
	request.Option = protocol.RequestOption(buffer[34])      // 1 byte + 2 bytes reserved
	request.Command = protocol.RequestCommand(buffer[37])

	request.Port = v2net.PortFromBytes(buffer[38:40])

	switch buffer[40] {
	case AddrTypeIPv4:
		_, err = io.ReadFull(decryptor, buffer[41:45]) // 4 bytes
		bufferLen += 4
		if err != nil {
			return nil, errors.Base(err).Message("VMess|Server: Failed to read IPv4.")
		}
		request.Address = v2net.IPAddress(buffer[41:45])
	case AddrTypeIPv6:
		_, err = io.ReadFull(decryptor, buffer[41:57]) // 16 bytes
		bufferLen += 16
		if err != nil {
			return nil, errors.Base(err).Message("VMess|Server: Failed to read IPv6 address.")
		}
		request.Address = v2net.IPAddress(buffer[41:57])
	case AddrTypeDomain:
		_, err = io.ReadFull(decryptor, buffer[41:42])
		if err != nil {
			return nil, errors.Base(err).Message("VMess:Server: Failed to read domain.")
		}
		domainLength := int(buffer[41])
		if domainLength == 0 {
			return nil, errors.New("VMess|Server: Zero length domain.")
		}
		_, err = io.ReadFull(decryptor, buffer[42:42+domainLength])
		if err != nil {
			return nil, errors.Base(err).Message("VMess|Server: Failed to read domain.")
		}
		bufferLen += 1 + domainLength
		request.Address = v2net.DomainAddress(string(buffer[42 : 42+domainLength]))
	}

	_, err = io.ReadFull(decryptor, buffer[bufferLen:bufferLen+4])
	if err != nil {
		return nil, errors.Base(err).Message("VMess|Server: Failed to read checksum.")
	}

	fnv1a := fnv.New32a()
	fnv1a.Write(buffer[:bufferLen])
	actualHash := fnv1a.Sum32()
	expectedHash := serial.BytesToUint32(buffer[bufferLen : bufferLen+4])

	if actualHash != expectedHash {
		return nil, errors.New("VMess|Server: Invalid auth.")
	}

	return request, nil
}

func (v *ServerSession) DecodeRequestBody(reader io.Reader) io.Reader {
	aesStream := crypto.NewAesDecryptionStream(v.requestBodyKey, v.requestBodyIV)
	return crypto.NewCryptionReader(aesStream, reader)
}

func (v *ServerSession) EncodeResponseHeader(header *protocol.ResponseHeader, writer io.Writer) {
	responseBodyKey := md5.Sum(v.requestBodyKey)
	responseBodyIV := md5.Sum(v.requestBodyIV)
	v.responseBodyKey = responseBodyKey[:]
	v.responseBodyIV = responseBodyIV[:]

	aesStream := crypto.NewAesEncryptionStream(v.responseBodyKey, v.responseBodyIV)
	encryptionWriter := crypto.NewCryptionWriter(aesStream, writer)
	v.responseWriter = encryptionWriter

	encryptionWriter.Write([]byte{v.responseHeader, byte(header.Option)})
	err := MarshalCommand(header.Command, encryptionWriter)
	if err != nil {
		encryptionWriter.Write([]byte{0x00, 0x00})
	}
}

func (v *ServerSession) EncodeResponseBody(writer io.Writer) io.Writer {
	return v.responseWriter
}
move encoding to vmess 2016-07-23 07:17:51 -04:00			`package encoding`
more protocol implementation 2016-02-26 18:05:53 -05:00
			`import (`
			`"crypto/md5"`
			`"hash/fnv"`
			`"io"`
unified import path 2016-08-20 14:55:45 -04:00			`"v2ray.com/core/common/crypto"`
rewrite error lib 2016-12-04 03:10:47 -05:00			`"v2ray.com/core/common/errors"`
unified import path 2016-08-20 14:55:45 -04:00			`"v2ray.com/core/common/log"`
			`v2net "v2ray.com/core/common/net"`
			`"v2ray.com/core/common/protocol"`
			`"v2ray.com/core/common/serial"`
			`"v2ray.com/core/proxy/vmess"`
more protocol implementation 2016-02-26 18:05:53 -05:00			`)`

			`type ServerSession struct {`
			`userValidator protocol.UserValidator`
			`requestBodyKey []byte`
			`requestBodyIV []byte`
			`responseBodyKey []byte`
			`responseBodyIV []byte`
			`responseHeader byte`
			`responseWriter io.Writer`
			`}`

comments 2016-04-28 16:31:33 -04:00			`// NewServerSession creates a new ServerSession, using the given UserValidator.`
			`// The ServerSession instance doesn't take ownership of the validator.`
Migrate VMessIn with protocol 2016-02-27 11:28:21 -05:00			`func NewServerSession(validator protocol.UserValidator) *ServerSession {`
			`return &ServerSession{`
			`userValidator: validator,`
			`}`
			`}`

comments 2016-04-28 16:31:33 -04:00			`// Release implements common.Releaseable.`
rename 'this' 2016-11-27 15:39:09 -05:00			`func (v *ServerSession) Release() {`
			`v.userValidator = nil`
			`v.requestBodyIV = nil`
			`v.requestBodyKey = nil`
			`v.responseBodyIV = nil`
			`v.responseBodyKey = nil`
			`v.responseWriter = nil`
releasble user validator 2016-04-25 12:39:30 -04:00			`}`

rename 'this' 2016-11-27 15:39:09 -05:00			`func (v ServerSession) DecodeRequestHeader(reader io.Reader) (protocol.RequestHeader, error) {`
remove unnecessary use of buffer 2016-07-16 06:11:45 -04:00			`buffer := make([]byte, 512)`
more protocol implementation 2016-02-26 18:05:53 -05:00
remove unnecessary use of buffer 2016-07-16 06:11:45 -04:00			`_, err := io.ReadFull(reader, buffer[:protocol.IDBytesLen])`
more protocol implementation 2016-02-26 18:05:53 -05:00			`if err != nil {`
reduce vmess log 2016-11-30 18:40:20 -05:00			`log.Info("VMess\|Server: Failed to read request header: ", err)`
reusable connection 2016-05-30 18:21:41 -04:00			`return nil, io.EOF`
more protocol implementation 2016-02-26 18:05:53 -05:00			`}`

rename 'this' 2016-11-27 15:39:09 -05:00			`user, timestamp, valid := v.userValidator.Get(buffer[:protocol.IDBytesLen])`
more protocol implementation 2016-02-26 18:05:53 -05:00			`if !valid {`
rename Error to Err 2016-06-27 02:53:35 -04:00			`return nil, protocol.ErrInvalidUser`
more protocol implementation 2016-02-26 18:05:53 -05:00			`}`

			`timestampHash := md5.New()`
			`timestampHash.Write(hashTimestamp(timestamp))`
			`iv := timestampHash.Sum(nil)`
remove use of any 2016-10-16 08:22:21 -04:00			`account, err := user.GetTypedAccount()`
accounts in protobuf 2016-09-17 18:41:21 -04:00			`if err != nil {`
format errors 2016-12-04 03:43:33 -05:00			`return nil, errors.Base(err).Message("VMess\|Server: Failed to get user account.")`
accounts in protobuf 2016-09-17 18:41:21 -04:00			`}`
remove use of any 2016-10-16 08:22:21 -04:00
refactor protos 2016-10-12 12:43:55 -04:00			`aesStream := crypto.NewAesDecryptionStream(account.(*vmess.InternalAccount).ID.CmdKey(), iv)`
more protocol implementation 2016-02-26 18:05:53 -05:00			`decryptor := crypto.NewCryptionReader(aesStream, reader)`

remove unnecessary use of buffer 2016-07-16 06:11:45 -04:00			`nBytes, err := io.ReadFull(decryptor, buffer[:41])`
more protocol implementation 2016-02-26 18:05:53 -05:00			`if err != nil {`
format errors 2016-12-04 03:43:33 -05:00			`return nil, errors.Base(err).Message("VMess\|Server: Failed to read request header.")`
more protocol implementation 2016-02-26 18:05:53 -05:00			`}`
			`bufferLen := nBytes`

			`request := &protocol.RequestHeader{`
			`User: user,`
remove unnecessary use of buffer 2016-07-16 06:11:45 -04:00			`Version: buffer[0],`
more protocol implementation 2016-02-26 18:05:53 -05:00			`}`

			`if request.Version != Version {`
format errors 2016-12-04 03:43:33 -05:00			`return nil, errors.New("VMess\|Server: Invalid protocol version ", request.Version)`
more protocol implementation 2016-02-26 18:05:53 -05:00			`}`

rename 'this' 2016-11-27 15:39:09 -05:00			`v.requestBodyIV = append([]byte(nil), buffer[1:17]...) // 16 bytes`
			`v.requestBodyKey = append([]byte(nil), buffer[17:33]...) // 16 bytes`
			`v.responseHeader = buffer[33] // 1 byte`
gofmt 2016-11-27 15:40:19 -05:00			`request.Option = protocol.RequestOption(buffer[34]) // 1 byte + 2 bytes reserved`
remove unnecessary use of buffer 2016-07-16 06:11:45 -04:00			`request.Command = protocol.RequestCommand(buffer[37])`
more protocol implementation 2016-02-26 18:05:53 -05:00
remove unnecessary use of buffer 2016-07-16 06:11:45 -04:00			`request.Port = v2net.PortFromBytes(buffer[38:40])`
more protocol implementation 2016-02-26 18:05:53 -05:00
remove unnecessary use of buffer 2016-07-16 06:11:45 -04:00			`switch buffer[40] {`
more protocol implementation 2016-02-26 18:05:53 -05:00			`case AddrTypeIPv4:`
remove unnecessary assign 2016-11-27 15:43:20 -05:00			`_, err = io.ReadFull(decryptor, buffer[41:45]) // 4 bytes`
more protocol implementation 2016-02-26 18:05:53 -05:00			`bufferLen += 4`
			`if err != nil {`
format errors 2016-12-04 03:43:33 -05:00			`return nil, errors.Base(err).Message("VMess\|Server: Failed to read IPv4.")`
more protocol implementation 2016-02-26 18:05:53 -05:00			`}`
remove unnecessary use of buffer 2016-07-16 06:11:45 -04:00			`request.Address = v2net.IPAddress(buffer[41:45])`
more protocol implementation 2016-02-26 18:05:53 -05:00			`case AddrTypeIPv6:`
remove unnecessary assign 2016-11-27 15:43:20 -05:00			`_, err = io.ReadFull(decryptor, buffer[41:57]) // 16 bytes`
more protocol implementation 2016-02-26 18:05:53 -05:00			`bufferLen += 16`
			`if err != nil {`
format errors 2016-12-04 03:43:33 -05:00			`return nil, errors.Base(err).Message("VMess\|Server: Failed to read IPv6 address.")`
more protocol implementation 2016-02-26 18:05:53 -05:00			`}`
remove unnecessary use of buffer 2016-07-16 06:11:45 -04:00			`request.Address = v2net.IPAddress(buffer[41:57])`
more protocol implementation 2016-02-26 18:05:53 -05:00			`case AddrTypeDomain:`
refine error message 2016-11-19 08:38:13 -05:00			`_, err = io.ReadFull(decryptor, buffer[41:42])`
more protocol implementation 2016-02-26 18:05:53 -05:00			`if err != nil {`
format errors 2016-12-04 03:43:33 -05:00			`return nil, errors.Base(err).Message("VMess:Server: Failed to read domain.")`
more protocol implementation 2016-02-26 18:05:53 -05:00			`}`
remove unnecessary use of buffer 2016-07-16 06:11:45 -04:00			`domainLength := int(buffer[41])`
more protocol implementation 2016-02-26 18:05:53 -05:00			`if domainLength == 0 {`
format errors 2016-12-04 03:43:33 -05:00			`return nil, errors.New("VMess\|Server: Zero length domain.")`
more protocol implementation 2016-02-26 18:05:53 -05:00			`}`
remove unnecessary assign 2016-11-27 15:43:20 -05:00			`_, err = io.ReadFull(decryptor, buffer[42:42+domainLength])`
more protocol implementation 2016-02-26 18:05:53 -05:00			`if err != nil {`
format errors 2016-12-04 03:43:33 -05:00			`return nil, errors.Base(err).Message("VMess\|Server: Failed to read domain.")`
more protocol implementation 2016-02-26 18:05:53 -05:00			`}`
			`bufferLen += 1 + domainLength`
remove unnecessary use of buffer 2016-07-16 06:11:45 -04:00			`request.Address = v2net.DomainAddress(string(buffer[42 : 42+domainLength]))`
more protocol implementation 2016-02-26 18:05:53 -05:00			`}`

remove unnecessary assign 2016-11-27 15:43:20 -05:00			`_, err = io.ReadFull(decryptor, buffer[bufferLen:bufferLen+4])`
more protocol implementation 2016-02-26 18:05:53 -05:00			`if err != nil {`
format errors 2016-12-04 03:43:33 -05:00			`return nil, errors.Base(err).Message("VMess\|Server: Failed to read checksum.")`
more protocol implementation 2016-02-26 18:05:53 -05:00			`}`

			`fnv1a := fnv.New32a()`
remove unnecessary use of buffer 2016-07-16 06:11:45 -04:00			`fnv1a.Write(buffer[:bufferLen])`
more protocol implementation 2016-02-26 18:05:53 -05:00			`actualHash := fnv1a.Sum32()`
remove unnecessary use of buffer 2016-07-16 06:11:45 -04:00			`expectedHash := serial.BytesToUint32(buffer[bufferLen : bufferLen+4])`
more protocol implementation 2016-02-26 18:05:53 -05:00
			`if actualHash != expectedHash {`
refine error message 2016-11-19 08:38:13 -05:00			`return nil, errors.New("VMess\|Server: Invalid auth.")`
more protocol implementation 2016-02-26 18:05:53 -05:00			`}`

			`return request, nil`
			`}`

rename 'this' 2016-11-27 15:39:09 -05:00			`func (v *ServerSession) DecodeRequestBody(reader io.Reader) io.Reader {`
			`aesStream := crypto.NewAesDecryptionStream(v.requestBodyKey, v.requestBodyIV)`
more protocol implementation 2016-02-26 18:05:53 -05:00			`return crypto.NewCryptionReader(aesStream, reader)`
			`}`

rename 'this' 2016-11-27 15:39:09 -05:00			`func (v ServerSession) EncodeResponseHeader(header protocol.ResponseHeader, writer io.Writer) {`
			`responseBodyKey := md5.Sum(v.requestBodyKey)`
			`responseBodyIV := md5.Sum(v.requestBodyIV)`
			`v.responseBodyKey = responseBodyKey[:]`
			`v.responseBodyIV = responseBodyIV[:]`
more protocol implementation 2016-02-26 18:05:53 -05:00
rename 'this' 2016-11-27 15:39:09 -05:00			`aesStream := crypto.NewAesEncryptionStream(v.responseBodyKey, v.responseBodyIV)`
more protocol implementation 2016-02-26 18:05:53 -05:00			`encryptionWriter := crypto.NewCryptionWriter(aesStream, writer)`
rename 'this' 2016-11-27 15:39:09 -05:00			`v.responseWriter = encryptionWriter`
more protocol implementation 2016-02-26 18:05:53 -05:00
rename 'this' 2016-11-27 15:39:09 -05:00			`encryptionWriter.Write([]byte{v.responseHeader, byte(header.Option)})`
Migrate VMessIn with protocol 2016-02-27 11:28:21 -05:00			`err := MarshalCommand(header.Command, encryptionWriter)`
			`if err != nil {`
			`encryptionWriter.Write([]byte{0x00, 0x00})`
			`}`
Migrate VMessOut into protocol 2016-02-27 10:41:21 -05:00			`}`

rename 'this' 2016-11-27 15:39:09 -05:00			`func (v *ServerSession) EncodeResponseBody(writer io.Writer) io.Writer {`
			`return v.responseWriter`
more protocol implementation 2016-02-26 18:05:53 -05:00			`}`