func (this *VMessInboundHandler) HandleConnection(connection *net.TCPConn) error { defer connection.Close() connReader := v2net.NewTimeOutReader(16, connection) requestReader := protocol.NewVMessRequestReader(this.clients) request, err := requestReader.Read(connReader) if err != nil { log.Access(connection.RemoteAddr().String(), "", log.AccessRejected, err.Error()) log.Warning("VMessIn: Invalid request from (%s): %v", connection.RemoteAddr().String(), err) return err } log.Access(connection.RemoteAddr().String(), request.Address.String(), log.AccessAccepted, "") log.Debug("VMessIn: Received request for %s", request.Address.String()) ray := this.space.PacketDispatcher().DispatchToOutbound(v2net.NewPacket(request.Destination(), nil, true)) input := ray.InboundInput() output := ray.InboundOutput() var readFinish, writeFinish sync.Mutex readFinish.Lock() writeFinish.Lock() userSettings := vmess.GetUserSettings(request.User.Level) connReader.SetTimeOut(userSettings.PayloadReadTimeout) go handleInput(request, connReader, input, &readFinish) responseKey := md5.Sum(request.RequestKey) responseIV := md5.Sum(request.RequestIV) aesStream, err := v2crypto.NewAesEncryptionStream(responseKey[:], responseIV[:]) if err != nil { log.Error("VMessIn: Failed to create AES decryption stream: %v", err) close(input) return err } responseWriter := v2crypto.NewCryptionWriter(aesStream, connection) // Optimize for small response packet buffer := alloc.NewLargeBuffer().Clear() defer buffer.Release() buffer.AppendBytes(request.ResponseHeader[0] ^ request.ResponseHeader[1]) buffer.AppendBytes(request.ResponseHeader[2] ^ request.ResponseHeader[3]) buffer.AppendBytes(byte(0), byte(0)) if data, open := <-output; open { buffer.Append(data.Value) data.Release() responseWriter.Write(buffer.Value) go handleOutput(request, responseWriter, output, &writeFinish) writeFinish.Lock() } connection.CloseWrite() readFinish.Lock() return nil }
func (handler *VMessInboundHandler) HandleConnection(connection *net.TCPConn) error { defer connection.Close() connReader := v2net.NewTimeOutReader(16, connection) requestReader := protocol.NewVMessRequestReader(handler.clients) request, err := requestReader.Read(connReader) if err != nil { log.Access(connection.RemoteAddr().String(), "", log.AccessRejected, err.Error()) log.Warning("VMessIn: Invalid request from (%s): %v", connection.RemoteAddr().String(), err) return err } log.Access(connection.RemoteAddr().String(), request.Address.String(), log.AccessAccepted, "") log.Debug("VMessIn: Received request for %s", request.Address.String()) ray := handler.dispatcher.DispatchToOutbound(v2net.NewPacket(request.Destination(), nil, true)) input := ray.InboundInput() output := ray.InboundOutput() var readFinish, writeFinish sync.Mutex readFinish.Lock() writeFinish.Lock() connReader.SetTimeOut(120) go handleInput(request, connReader, input, &readFinish) responseKey := md5.Sum(request.RequestKey) responseIV := md5.Sum(request.RequestIV) responseWriter, err := v2io.NewAesEncryptWriter(responseKey[:], responseIV[:], connection) if err != nil { log.Error("VMessIn: Failed to create encrypt writer: %v", err) return err } // Optimize for small response packet buffer := alloc.NewLargeBuffer().Clear() buffer.Append(request.ResponseHeader) if data, open := <-output; open { buffer.Append(data.Value) data.Release() responseWriter.Write(buffer.Value) buffer.Release() go handleOutput(request, responseWriter, output, &writeFinish) writeFinish.Lock() } connection.CloseWrite() readFinish.Lock() return nil }
func (this *Server) handleConnection(conn internet.Connection) { defer conn.Close() timedReader := v2net.NewTimeOutReader(this.config.Timeout, conn) reader := bufio.NewReaderSize(timedReader, 2048) request, err := http.ReadRequest(reader) if err != nil { if err != io.EOF { log.Warning("HTTP: Failed to read http request: ", err) } return } log.Info("HTTP: Request to Method [", request.Method, "] Host [", request.Host, "] with URL [", request.URL, "]") defaultPort := v2net.Port(80) if strings.ToLower(request.URL.Scheme) == "https" { defaultPort = v2net.Port(443) } host := request.Host if len(host) == 0 { host = request.URL.Host } dest, err := parseHost(host, defaultPort) if err != nil { log.Warning("HTTP: Malformed proxy host (", host, "): ", err) return } log.Access(conn.RemoteAddr(), request.URL, log.AccessAccepted, "") if strings.ToUpper(request.Method) == "CONNECT" { this.handleConnect(request, dest, reader, conn) } else { this.handlePlainHTTP(request, dest, reader, conn) } }
func (handler *VMessInboundHandler) AcceptPackets(conn *net.UDPConn) { for { buffer := alloc.NewBuffer() nBytes, addr, err := conn.ReadFromUDP(buffer.Value) if err != nil { log.Error("VMessIn failed to read UDP packets: %v", err) buffer.Release() continue } reader := bytes.NewReader(buffer.Value[:nBytes]) requestReader := protocol.NewVMessRequestReader(handler.clients) request, err := requestReader.Read(reader) if err != nil { log.Access(addr.String(), "", log.AccessRejected, err.Error()) log.Warning("VMessIn: Invalid request from (%s): %v", addr.String(), err) buffer.Release() continue } log.Access(addr.String(), request.Address.String(), log.AccessAccepted, "") cryptReader, err := v2io.NewAesDecryptReader(request.RequestKey, request.RequestIV, reader) if err != nil { log.Error("VMessIn: Failed to create decrypt reader: %v", err) buffer.Release() continue } data := alloc.NewBuffer() nBytes, err = cryptReader.Read(data.Value) buffer.Release() if err != nil { log.Warning("VMessIn: Unable to decrypt data: %v", err) data.Release() continue } data.Slice(0, nBytes) packet := v2net.NewPacket(request.Destination(), data, false) go handler.handlePacket(conn, request, packet, addr) } }
func (this *Server) handleSocks4(clientAddr string, reader *v2io.BufferedReader, writer *v2io.BufferedWriter, auth protocol.Socks4AuthenticationRequest) error { result := protocol.Socks4RequestGranted if auth.Command == protocol.CmdBind { result = protocol.Socks4RequestRejected } socks4Response := protocol.NewSocks4AuthenticationResponse(result, auth.Port, auth.IP[:]) socks4Response.Write(writer) if result == protocol.Socks4RequestRejected { log.Warning("Socks: Unsupported socks 4 command ", auth.Command) log.Access(clientAddr, "", log.AccessRejected, ErrorUnsupportedSocksCommand) return ErrorUnsupportedSocksCommand } reader.SetCached(false) writer.SetCached(false) dest := v2net.TCPDestination(v2net.IPAddress(auth.IP[:]), auth.Port) log.Access(clientAddr, dest, log.AccessAccepted, "") this.transport(reader, writer, dest) return nil }
func (this *Server) handlerUDPPayload(payload *alloc.Buffer, source v2net.Destination) { defer payload.Release() ivLen := this.config.Cipher.IVSize() iv := payload.Value[:ivLen] key := this.config.Key payload.SliceFrom(ivLen) stream, err := this.config.Cipher.NewDecodingStream(key, iv) if err != nil { log.Error("Shadowsocks: Failed to create decoding stream: ", err) return } reader := crypto.NewCryptionReader(stream, payload) request, err := ReadRequest(reader, NewAuthenticator(HeaderKeyGenerator(key, iv)), true) if err != nil { if err != io.EOF { log.Access(source, "", log.AccessRejected, err) log.Warning("Shadowsocks: Invalid request from ", source, ": ", err) } return } //defer request.Release() dest := v2net.UDPDestination(request.Address, request.Port) log.Access(source, dest, log.AccessAccepted, "") log.Info("Shadowsocks: Tunnelling request to ", dest) this.udpServer.Dispatch(source, dest, request.DetachUDPPayload(), func(destination v2net.Destination, payload *alloc.Buffer) { defer payload.Release() response := alloc.NewBuffer().Slice(0, ivLen) defer response.Release() rand.Read(response.Value) respIv := response.Value stream, err := this.config.Cipher.NewEncodingStream(key, respIv) if err != nil { log.Error("Shadowsocks: Failed to create encoding stream: ", err) return } writer := crypto.NewCryptionWriter(stream, response) switch { case request.Address.IsIPv4(): writer.Write([]byte{AddrTypeIPv4}) writer.Write(request.Address.IP()) case request.Address.IsIPv6(): writer.Write([]byte{AddrTypeIPv6}) writer.Write(request.Address.IP()) case request.Address.IsDomain(): writer.Write([]byte{AddrTypeDomain, byte(len(request.Address.Domain()))}) writer.Write([]byte(request.Address.Domain())) } writer.Write(request.Port.Bytes()) writer.Write(payload.Value) if request.OTA { respAuth := NewAuthenticator(HeaderKeyGenerator(key, respIv)) respAuth.Authenticate(response.Value, response.Value[ivLen:]) } this.udpHub.WriteTo(response.Value, source) }) }
func (this *Server) handleConnection(conn internet.Connection) { defer conn.Close() buffer := alloc.NewSmallBuffer() defer buffer.Release() timedReader := v2net.NewTimeOutReader(16, conn) defer timedReader.Release() bufferedReader := v2io.NewBufferedReader(timedReader) defer bufferedReader.Release() ivLen := this.config.Cipher.IVSize() _, err := io.ReadFull(bufferedReader, buffer.Value[:ivLen]) if err != nil { if err != io.EOF { log.Access(conn.RemoteAddr(), "", log.AccessRejected, err) log.Warning("Shadowsocks: Failed to read IV: ", err) } return } iv := buffer.Value[:ivLen] key := this.config.Key stream, err := this.config.Cipher.NewDecodingStream(key, iv) if err != nil { log.Error("Shadowsocks: Failed to create decoding stream: ", err) return } reader := crypto.NewCryptionReader(stream, bufferedReader) request, err := ReadRequest(reader, NewAuthenticator(HeaderKeyGenerator(key, iv)), false) if err != nil { log.Access(conn.RemoteAddr(), "", log.AccessRejected, err) log.Warning("Shadowsocks: Invalid request from ", conn.RemoteAddr(), ": ", err) return } defer request.Release() bufferedReader.SetCached(false) userSettings := protocol.GetUserSettings(this.config.Level) timedReader.SetTimeOut(userSettings.PayloadReadTimeout) dest := v2net.TCPDestination(request.Address, request.Port) log.Access(conn.RemoteAddr(), dest, log.AccessAccepted, "") log.Info("Shadowsocks: Tunnelling request to ", dest) ray := this.packetDispatcher.DispatchToOutbound(dest) defer ray.InboundOutput().Release() var writeFinish sync.Mutex writeFinish.Lock() go func() { if payload, err := ray.InboundOutput().Read(); err == nil { payload.SliceBack(ivLen) rand.Read(payload.Value[:ivLen]) stream, err := this.config.Cipher.NewEncodingStream(key, payload.Value[:ivLen]) if err != nil { log.Error("Shadowsocks: Failed to create encoding stream: ", err) return } stream.XORKeyStream(payload.Value[ivLen:], payload.Value[ivLen:]) conn.Write(payload.Value) payload.Release() writer := crypto.NewCryptionWriter(stream, conn) v2writer := v2io.NewAdaptiveWriter(writer) v2io.Pipe(ray.InboundOutput(), v2writer) writer.Release() v2writer.Release() } writeFinish.Unlock() }() var payloadReader v2io.Reader if request.OTA { payloadAuth := NewAuthenticator(ChunkKeyGenerator(iv)) payloadReader = NewChunkReader(reader, payloadAuth) } else { payloadReader = v2io.NewAdaptiveReader(reader) } v2io.Pipe(payloadReader, ray.InboundInput()) ray.InboundInput().Close() payloadReader.Release() writeFinish.Lock() }
func (this *Shadowsocks) handlerUDPPayload(payload *alloc.Buffer, source v2net.Destination) { defer payload.Release() iv := payload.Value[:this.config.Cipher.IVSize()] key := this.config.Key payload.SliceFrom(this.config.Cipher.IVSize()) reader, err := this.config.Cipher.NewDecodingStream(key, iv, payload) if err != nil { log.Error("Shadowsocks: Failed to create decoding stream: ", err) return } request, err := ReadRequest(reader, NewAuthenticator(HeaderKeyGenerator(key, iv)), true) if err != nil { log.Access(source, serial.StringLiteral(""), log.AccessRejected, serial.StringLiteral(err.Error())) log.Warning("Shadowsocks: Invalid request from ", source, ": ", err) return } dest := v2net.UDPDestination(request.Address, request.Port) log.Access(source, dest, log.AccessAccepted, serial.StringLiteral("")) log.Info("Shadowsocks: Tunnelling request to ", dest) packet := v2net.NewPacket(dest, request.UDPPayload, false) this.udpServer.Dispatch(source, packet, func(packet v2net.Packet) { defer packet.Chunk().Release() response := alloc.NewBuffer().Slice(0, this.config.Cipher.IVSize()) defer response.Release() rand.Read(response.Value) respIv := response.Value writer, err := this.config.Cipher.NewEncodingStream(key, respIv, response) if err != nil { log.Error("Shadowsocks: Failed to create encoding stream: ", err) return } switch { case request.Address.IsIPv4(): writer.Write([]byte{AddrTypeIPv4}) writer.Write(request.Address.IP()) case request.Address.IsIPv6(): writer.Write([]byte{AddrTypeIPv6}) writer.Write(request.Address.IP()) case request.Address.IsDomain(): writer.Write([]byte{AddrTypeDomain, byte(len(request.Address.Domain()))}) writer.Write([]byte(request.Address.Domain())) } writer.Write(request.Port.Bytes()) writer.Write(packet.Chunk().Value) if request.OTA { respAuth := NewAuthenticator(HeaderKeyGenerator(key, respIv)) respAuth.Authenticate(response.Value, response.Value[this.config.Cipher.IVSize():]) } this.udpHub.WriteTo(response.Value, source) }) }
func (this *Shadowsocks) handleConnection(conn *hub.TCPConn) { defer conn.Close() buffer := alloc.NewSmallBuffer() defer buffer.Release() _, err := io.ReadFull(conn, buffer.Value[:this.config.Cipher.IVSize()]) if err != nil { log.Access(conn.RemoteAddr(), serial.StringLiteral(""), log.AccessRejected, serial.StringLiteral(err.Error())) log.Error("Shadowsocks: Failed to read IV: ", err) return } iv := buffer.Value[:this.config.Cipher.IVSize()] key := this.config.Key reader, err := this.config.Cipher.NewDecodingStream(key, iv, conn) if err != nil { log.Error("Shadowsocks: Failed to create decoding stream: ", err) return } request, err := ReadRequest(reader, NewAuthenticator(HeaderKeyGenerator(iv, key)), false) if err != nil { log.Access(conn.RemoteAddr(), serial.StringLiteral(""), log.AccessRejected, serial.StringLiteral(err.Error())) log.Warning("Shadowsocks: Invalid request from ", conn.RemoteAddr(), ": ", err) return } dest := v2net.TCPDestination(request.Address, request.Port) log.Access(conn.RemoteAddr(), dest, log.AccessAccepted, serial.StringLiteral("")) log.Info("Shadowsocks: Tunnelling request to ", dest) packet := v2net.NewPacket(dest, nil, true) ray := this.packetDispatcher.DispatchToOutbound(packet) var writeFinish sync.Mutex writeFinish.Lock() go func() { if payload, ok := <-ray.InboundOutput(); ok { payload.SliceBack(16) rand.Read(payload.Value[:16]) writer, err := this.config.Cipher.NewEncodingStream(key, payload.Value[:16], conn) if err != nil { log.Error("Shadowsocks: Failed to create encoding stream: ", err) return } writer.Write(payload.Value) payload.Release() v2io.ChanToRawWriter(writer, ray.InboundOutput()) } writeFinish.Unlock() }() var payloadReader v2io.Reader if request.OTA { payloadAuth := NewAuthenticator(ChunkKeyGenerator(iv)) payloadReader = NewChunkReader(reader, payloadAuth) } else { payloadReader = v2io.NewAdaptiveReader(reader) } v2io.ReaderToChan(ray.InboundInput(), payloadReader) close(ray.InboundInput()) writeFinish.Lock() }
func (this *Server) handleSocks5(clientAddr string, reader *v2io.BufferedReader, writer *v2io.BufferedWriter, auth protocol.Socks5AuthenticationRequest) error { expectedAuthMethod := protocol.AuthNotRequired if this.config.AuthType == AuthTypePassword { expectedAuthMethod = protocol.AuthUserPass } if !auth.HasAuthMethod(expectedAuthMethod) { authResponse := protocol.NewAuthenticationResponse(protocol.AuthNoMatchingMethod) err := protocol.WriteAuthentication(writer, authResponse) writer.Flush() if err != nil { log.Warning("Socks: failed to write authentication: ", err) return err } log.Warning("Socks: client doesn't support any allowed auth methods.") return ErrorUnsupportedAuthMethod } authResponse := protocol.NewAuthenticationResponse(expectedAuthMethod) protocol.WriteAuthentication(writer, authResponse) err := writer.Flush() if err != nil { log.Error("Socks: failed to write authentication: ", err) return err } if this.config.AuthType == AuthTypePassword { upRequest, err := protocol.ReadUserPassRequest(reader) if err != nil { log.Warning("Socks: failed to read username and password: "******"Socks: failed to write user pass response: ", err) return err } if status != byte(0) { log.Warning("Socks: Invalid user account: ", upRequest.AuthDetail()) log.Access(clientAddr, "", log.AccessRejected, proxy.ErrInvalidAuthentication) return proxy.ErrInvalidAuthentication } } request, err := protocol.ReadRequest(reader) if err != nil { log.Warning("Socks: failed to read request: ", err) return err } if request.Command == protocol.CmdUdpAssociate && this.config.UDPEnabled { return this.handleUDP(reader, writer) } if request.Command == protocol.CmdBind || request.Command == protocol.CmdUdpAssociate { response := protocol.NewSocks5Response() response.Error = protocol.ErrorCommandNotSupported response.Port = v2net.Port(0) response.SetIPv4([]byte{0, 0, 0, 0}) response.Write(writer) writer.Flush() if err != nil { log.Error("Socks: failed to write response: ", err) return err } log.Warning("Socks: Unsupported socks command ", request.Command) return ErrorUnsupportedSocksCommand } response := protocol.NewSocks5Response() response.Error = protocol.ErrorSuccess // Some SOCKS software requires a value other than dest. Let's fake one: response.Port = v2net.Port(1717) response.SetIPv4([]byte{0, 0, 0, 0}) response.Write(writer) if err != nil { log.Error("Socks: failed to write response: ", err) return err } reader.SetCached(false) writer.SetCached(false) dest := request.Destination() log.Info("Socks: TCP Connect request to ", dest) log.Access(clientAddr, dest, log.AccessAccepted, "") this.transport(reader, writer, dest) return nil }
func (this *VMessInboundHandler) HandleConnection(connection internet.Connection) { defer connection.Close() if !this.accepting { return } connReader := v2net.NewTimeOutReader(8, connection) defer connReader.Release() reader := v2io.NewBufferedReader(connReader) defer reader.Release() this.RLock() if !this.accepting { this.RUnlock() return } session := raw.NewServerSession(this.clients) defer session.Release() request, err := session.DecodeRequestHeader(reader) this.RUnlock() if err != nil { if err != io.EOF { log.Access(connection.RemoteAddr(), "", log.AccessRejected, err) log.Warning("VMessIn: Invalid request from ", connection.RemoteAddr(), ": ", err) } connection.SetReusable(false) return } log.Access(connection.RemoteAddr(), request.Destination(), log.AccessAccepted, "") log.Info("VMessIn: Received request for ", request.Destination()) connection.SetReusable(request.Option.Has(protocol.RequestOptionConnectionReuse)) ray := this.packetDispatcher.DispatchToOutbound(request.Destination()) input := ray.InboundInput() output := ray.InboundOutput() defer input.Close() defer output.Release() var readFinish sync.Mutex readFinish.Lock() userSettings := protocol.GetUserSettings(request.User.Level) connReader.SetTimeOut(userSettings.PayloadReadTimeout) reader.SetCached(false) go func() { bodyReader := session.DecodeRequestBody(reader) var requestReader v2io.Reader if request.Option.Has(protocol.RequestOptionChunkStream) { requestReader = vmessio.NewAuthChunkReader(bodyReader) } else { requestReader = v2io.NewAdaptiveReader(bodyReader) } err := v2io.Pipe(requestReader, input) if err != io.EOF { connection.SetReusable(false) } requestReader.Release() input.Close() readFinish.Unlock() }() writer := v2io.NewBufferedWriter(connection) defer writer.Release() response := &protocol.ResponseHeader{ Command: this.generateCommand(request), } if connection.Reusable() { response.Option.Set(protocol.ResponseOptionConnectionReuse) } session.EncodeResponseHeader(response, writer) bodyWriter := session.EncodeResponseBody(writer) var v2writer v2io.Writer = v2io.NewAdaptiveWriter(bodyWriter) if request.Option.Has(protocol.RequestOptionChunkStream) { v2writer = vmessio.NewAuthChunkWriter(v2writer) } // Optimize for small response packet if data, err := output.Read(); err == nil { if err := v2writer.Write(data); err != nil { connection.SetReusable(false) } writer.SetCached(false) err = v2io.Pipe(output, v2writer) if err != io.EOF { connection.SetReusable(false) } } output.Release() if request.Option.Has(protocol.RequestOptionChunkStream) { if err := v2writer.Write(alloc.NewSmallBuffer().Clear()); err != nil { connection.SetReusable(false) } } v2writer.Release() readFinish.Lock() }
func (this *VMessInboundHandler) HandleConnection(connection *hub.TCPConn) { defer connection.Close() connReader := v2net.NewTimeOutReader(16, connection) reader := v2io.NewBufferedReader(connReader) session := raw.NewServerSession(this.clients) request, err := session.DecodeRequestHeader(reader) if err != nil { log.Access(connection.RemoteAddr(), serial.StringLiteral(""), log.AccessRejected, serial.StringLiteral(err.Error())) log.Warning("VMessIn: Invalid request from ", connection.RemoteAddr(), ": ", err) return } log.Access(connection.RemoteAddr(), request.Destination(), log.AccessAccepted, serial.StringLiteral("")) log.Debug("VMessIn: Received request for ", request.Destination()) ray := this.packetDispatcher.DispatchToOutbound(v2net.NewPacket(request.Destination(), nil, true)) input := ray.InboundInput() output := ray.InboundOutput() var readFinish, writeFinish sync.Mutex readFinish.Lock() writeFinish.Lock() userSettings := proto.GetUserSettings(request.User.Level) connReader.SetTimeOut(userSettings.PayloadReadTimeout) reader.SetCached(false) go func() { defer close(input) defer readFinish.Unlock() bodyReader := session.DecodeRequestBody(reader) var requestReader v2io.Reader if request.Option.IsChunkStream() { requestReader = vmessio.NewAuthChunkReader(bodyReader) } else { requestReader = v2io.NewAdaptiveReader(bodyReader) } v2io.ReaderToChan(input, requestReader) }() writer := v2io.NewBufferedWriter(connection) response := &proto.ResponseHeader{ Command: this.generateCommand(request), } session.EncodeResponseHeader(response, writer) bodyWriter := session.EncodeResponseBody(writer) // Optimize for small response packet if data, open := <-output; open { if request.Option.IsChunkStream() { vmessio.Authenticate(data) } bodyWriter.Write(data.Value) data.Release() writer.SetCached(false) go func(finish *sync.Mutex) { var writer v2io.Writer = v2io.NewAdaptiveWriter(bodyWriter) if request.Option.IsChunkStream() { writer = vmessio.NewAuthChunkWriter(writer) } v2io.ChanToWriter(writer, output) finish.Unlock() }(&writeFinish) writeFinish.Lock() } connection.CloseWrite() readFinish.Lock() }
func (this *VMessInboundHandler) HandleConnection(connection *hub.TCPConn) { defer connection.Close() connReader := v2net.NewTimeOutReader(16, connection) requestReader := protocol.NewVMessRequestReader(this.clients) request, err := requestReader.Read(connReader) if err != nil { log.Access(connection.RemoteAddr(), serial.StringLiteral(""), log.AccessRejected, serial.StringLiteral(err.Error())) log.Warning("VMessIn: Invalid request from ", connection.RemoteAddr(), ": ", err) return } log.Access(connection.RemoteAddr(), request.Address, log.AccessAccepted, serial.StringLiteral("")) log.Debug("VMessIn: Received request for ", request.Address) ray := this.packetDispatcher.DispatchToOutbound(v2net.NewPacket(request.Destination(), nil, true)) input := ray.InboundInput() output := ray.InboundOutput() var readFinish, writeFinish sync.Mutex readFinish.Lock() writeFinish.Lock() userSettings := vmess.GetUserSettings(request.User.Level) connReader.SetTimeOut(userSettings.PayloadReadTimeout) go handleInput(request, connReader, input, &readFinish) responseKey := md5.Sum(request.RequestKey) responseIV := md5.Sum(request.RequestIV) aesStream, err := v2crypto.NewAesEncryptionStream(responseKey[:], responseIV[:]) if err != nil { log.Error("VMessIn: Failed to create AES decryption stream: ", err) close(input) return } responseWriter := v2crypto.NewCryptionWriter(aesStream, connection) // Optimize for small response packet buffer := alloc.NewLargeBuffer().Clear() defer buffer.Release() buffer.AppendBytes(request.ResponseHeader, byte(0)) this.generateCommand(buffer) if data, open := <-output; open { if request.IsChunkStream() { vmessio.Authenticate(data) } buffer.Append(data.Value) data.Release() responseWriter.Write(buffer.Value) go func(finish *sync.Mutex) { var writer v2io.Writer writer = v2io.NewAdaptiveWriter(responseWriter) if request.IsChunkStream() { writer = vmessio.NewAuthChunkWriter(writer) } v2io.ChanToWriter(writer, output) finish.Unlock() }(&writeFinish) writeFinish.Lock() } connection.CloseWrite() readFinish.Lock() }