func (this *VMessOutboundHandler) handleResponse(session *raw.ClientSession, conn net.Conn, request *proto.RequestHeader, dest v2net.Destination, output chan<- *alloc.Buffer, finish *sync.Mutex) { defer finish.Unlock() defer close(output) reader := v2io.NewBufferedReader(conn) header, err := session.DecodeResponseHeader(reader) if err != nil { log.Warning("VMessOut: Failed to read response: ", err) return } go this.handleCommand(dest, header.Command) reader.SetCached(false) decryptReader := session.DecodeResponseBody(conn) var bodyReader v2io.Reader if request.Option.IsChunkStream() { bodyReader = vmessio.NewAuthChunkReader(decryptReader) } else { bodyReader = v2io.NewAdaptiveReader(decryptReader) } v2io.ReaderToChan(output, bodyReader) return }
func (this *VMessOutboundHandler) handleResponse(conn net.Conn, request *protocol.VMessRequest, dest v2net.Destination, output chan<- *alloc.Buffer, finish *sync.Mutex) { defer finish.Unlock() defer close(output) responseKey := md5.Sum(request.RequestKey[:]) responseIV := md5.Sum(request.RequestIV[:]) aesStream, err := v2crypto.NewAesDecryptionStream(responseKey[:], responseIV[:]) if err != nil { log.Error("VMessOut: Failed to create AES encryption stream: ", err) return } decryptResponseReader := v2crypto.NewCryptionReader(aesStream, conn) buffer := alloc.NewSmallBuffer() defer buffer.Release() _, err = io.ReadFull(decryptResponseReader, buffer.Value[:4]) if err != nil { log.Error("VMessOut: Failed to read VMess response (", buffer.Len(), " bytes): ", err) return } if !headerMatch(request, buffer.Value[0]) { log.Warning("VMessOut: unexepcted response header. The connection is probably hijacked.") return } if buffer.Value[2] != 0 { command := buffer.Value[2] dataLen := int(buffer.Value[3]) _, err := io.ReadFull(decryptResponseReader, buffer.Value[:dataLen]) if err != nil { log.Error("VMessOut: Failed to read response command: ", err) return } data := buffer.Value[:dataLen] go this.handleCommand(dest, command, data) } var reader v2io.Reader if request.IsChunkStream() { reader = vmessio.NewAuthChunkReader(decryptResponseReader) } else { reader = v2io.NewAdaptiveReader(decryptResponseReader) } v2io.ReaderToChan(output, reader) return }
func handleInput(request *protocol.VMessRequest, reader io.Reader, input chan<- *alloc.Buffer, finish *sync.Mutex) { defer close(input) defer finish.Unlock() aesStream, err := v2crypto.NewAesDecryptionStream(request.RequestKey, request.RequestIV) if err != nil { log.Error("VMessIn: Failed to create AES decryption stream: ", err) return } descriptionReader := v2crypto.NewCryptionReader(aesStream, reader) var requestReader v2io.Reader if request.IsChunkStream() { requestReader = vmessio.NewAuthChunkReader(descriptionReader) } else { requestReader = v2io.NewAdaptiveReader(descriptionReader) } v2io.ReaderToChan(input, requestReader) }
func (this *Shadowsocks) handleConnection(conn *hub.TCPConn) { defer conn.Close() buffer := alloc.NewSmallBuffer() defer buffer.Release() _, err := io.ReadFull(conn, buffer.Value[:this.config.Cipher.IVSize()]) if err != nil { log.Access(conn.RemoteAddr(), serial.StringLiteral(""), log.AccessRejected, serial.StringLiteral(err.Error())) log.Error("Shadowsocks: Failed to read IV: ", err) return } iv := buffer.Value[:this.config.Cipher.IVSize()] key := this.config.Key reader, err := this.config.Cipher.NewDecodingStream(key, iv, conn) if err != nil { log.Error("Shadowsocks: Failed to create decoding stream: ", err) return } request, err := ReadRequest(reader, NewAuthenticator(HeaderKeyGenerator(iv, key)), false) if err != nil { log.Access(conn.RemoteAddr(), serial.StringLiteral(""), log.AccessRejected, serial.StringLiteral(err.Error())) log.Warning("Shadowsocks: Invalid request from ", conn.RemoteAddr(), ": ", err) return } dest := v2net.TCPDestination(request.Address, request.Port) log.Access(conn.RemoteAddr(), dest, log.AccessAccepted, serial.StringLiteral("")) log.Info("Shadowsocks: Tunnelling request to ", dest) packet := v2net.NewPacket(dest, nil, true) ray := this.packetDispatcher.DispatchToOutbound(packet) var writeFinish sync.Mutex writeFinish.Lock() go func() { if payload, ok := <-ray.InboundOutput(); ok { payload.SliceBack(16) rand.Read(payload.Value[:16]) writer, err := this.config.Cipher.NewEncodingStream(key, payload.Value[:16], conn) if err != nil { log.Error("Shadowsocks: Failed to create encoding stream: ", err) return } writer.Write(payload.Value) payload.Release() v2io.ChanToRawWriter(writer, ray.InboundOutput()) } writeFinish.Unlock() }() var payloadReader v2io.Reader if request.OTA { payloadAuth := NewAuthenticator(ChunkKeyGenerator(iv)) payloadReader = NewChunkReader(reader, payloadAuth) } else { payloadReader = v2io.NewAdaptiveReader(reader) } v2io.ReaderToChan(ray.InboundInput(), payloadReader) close(ray.InboundInput()) writeFinish.Lock() }
func (this *VMessInboundHandler) HandleConnection(connection *hub.TCPConn) { defer connection.Close() connReader := v2net.NewTimeOutReader(16, connection) reader := v2io.NewBufferedReader(connReader) session := raw.NewServerSession(this.clients) request, err := session.DecodeRequestHeader(reader) if err != nil { log.Access(connection.RemoteAddr(), serial.StringLiteral(""), log.AccessRejected, serial.StringLiteral(err.Error())) log.Warning("VMessIn: Invalid request from ", connection.RemoteAddr(), ": ", err) return } log.Access(connection.RemoteAddr(), request.Destination(), log.AccessAccepted, serial.StringLiteral("")) log.Debug("VMessIn: Received request for ", request.Destination()) ray := this.packetDispatcher.DispatchToOutbound(v2net.NewPacket(request.Destination(), nil, true)) input := ray.InboundInput() output := ray.InboundOutput() var readFinish, writeFinish sync.Mutex readFinish.Lock() writeFinish.Lock() userSettings := proto.GetUserSettings(request.User.Level) connReader.SetTimeOut(userSettings.PayloadReadTimeout) reader.SetCached(false) go func() { defer close(input) defer readFinish.Unlock() bodyReader := session.DecodeRequestBody(reader) var requestReader v2io.Reader if request.Option.IsChunkStream() { requestReader = vmessio.NewAuthChunkReader(bodyReader) } else { requestReader = v2io.NewAdaptiveReader(bodyReader) } v2io.ReaderToChan(input, requestReader) }() writer := v2io.NewBufferedWriter(connection) response := &proto.ResponseHeader{ Command: this.generateCommand(request), } session.EncodeResponseHeader(response, writer) bodyWriter := session.EncodeResponseBody(writer) // Optimize for small response packet if data, open := <-output; open { if request.Option.IsChunkStream() { vmessio.Authenticate(data) } bodyWriter.Write(data.Value) data.Release() writer.SetCached(false) go func(finish *sync.Mutex) { var writer v2io.Writer = v2io.NewAdaptiveWriter(bodyWriter) if request.Option.IsChunkStream() { writer = vmessio.NewAuthChunkWriter(writer) } v2io.ChanToWriter(writer, output) finish.Unlock() }(&writeFinish) writeFinish.Lock() } connection.CloseWrite() readFinish.Lock() }