func handleResponse(conn *net.TCPConn, request *vmessio.VMessRequest, output chan<- []byte, finish chan<- bool) { defer close(finish) defer close(output) responseKey := md5.Sum(request.RequestKey[:]) responseIV := md5.Sum(request.RequestIV[:]) decryptResponseReader, err := v2io.NewAesDecryptReader(responseKey[:], responseIV[:], conn) if err != nil { log.Error("VMessOut: Failed to create decrypt reader: %v", err) return } response := vmessio.VMessResponse{} nBytes, err := decryptResponseReader.Read(response[:]) if err != nil { log.Error("VMessOut: Failed to read VMess response (%d bytes): %v", nBytes, err) return } if !bytes.Equal(response[:], request.ResponseHeader[:]) { log.Warning("VMessOut: unexepcted response header. The connection is probably hijacked.") return } v2net.ReaderToChan(output, decryptResponseReader) return }
func (handler *VMessInboundHandler) HandleConnection(connection net.Conn) error { defer connection.Close() reader := vmessio.NewVMessRequestReader(handler.clients) request, err := reader.Read(connection) if err != nil { log.Warning("VMessIn: Invalid request from (%s): %v", connection.RemoteAddr().String(), err) return err } log.Debug("VMessIn: Received request for %s", request.Address.String()) ray := handler.vPoint.NewInboundConnectionAccepted(request.Address) input := ray.InboundInput() output := ray.InboundOutput() readFinish := make(chan bool) writeFinish := make(chan bool) go handleInput(request, connection, input, readFinish) responseKey := md5.Sum(request.RequestKey[:]) responseIV := md5.Sum(request.RequestIV[:]) response := vmessio.NewVMessResponse(request) responseWriter, err := v2io.NewAesEncryptWriter(responseKey[:], responseIV[:], connection) if err != nil { return log.Error("VMessIn: Failed to create encrypt writer: %v", err) } // Optimize for small response packet buffer := make([]byte, 0, 1024) buffer = append(buffer, response[:]...) if data, open := <-output; open { buffer = append(buffer, data...) responseWriter.Write(buffer) go handleOutput(request, responseWriter, output, writeFinish) <-writeFinish } if tcpConn, ok := connection.(*net.TCPConn); ok { tcpConn.CloseWrite() } <-readFinish return nil }
func (server *SocksServer) HandleConnection(connection net.Conn) error { defer connection.Close() reader := bufio.NewReader(connection) auth, err := socksio.ReadAuthentication(reader) if err != nil { log.Error("Error on reading authentication: %v", err) return err } expectedAuthMethod := socksio.AuthNotRequired if server.config.AuthMethod == JsonAuthMethodUserPass { expectedAuthMethod = socksio.AuthUserPass } if !auth.HasAuthMethod(expectedAuthMethod) { authResponse := socksio.NewAuthenticationResponse(socksio.AuthNoMatchingMethod) socksio.WriteAuthentication(connection, authResponse) log.Warning("Client doesn't support allowed any auth methods.") return ErrorAuthenticationFailed } authResponse := socksio.NewAuthenticationResponse(expectedAuthMethod) socksio.WriteAuthentication(connection, authResponse) if server.config.AuthMethod == JsonAuthMethodUserPass { upRequest, err := socksio.ReadUserPassRequest(reader) if err != nil { log.Error("Failed to read username and password: %v", err) return err } status := byte(0) if !upRequest.IsValid(server.config.Username, server.config.Password) { status = byte(0xFF) } upResponse := socksio.NewSocks5UserPassResponse(status) socksio.WriteUserPassResponse(connection, upResponse) if status != byte(0) { return ErrorInvalidUser } } request, err := socksio.ReadRequest(reader) if err != nil { log.Error("Error on reading socks request: %v", err) return err } response := socksio.NewSocks5Response() if request.Command == socksio.CmdBind || request.Command == socksio.CmdUdpAssociate { response := socksio.NewSocks5Response() response.Error = socksio.ErrorCommandNotSupported socksio.WriteResponse(connection, response) log.Warning("Unsupported socks command %d", request.Command) return ErrorCommandNotSupported } response.Error = socksio.ErrorSuccess response.Port = request.Port response.AddrType = request.AddrType switch response.AddrType { case socksio.AddrTypeIPv4: copy(response.IPv4[:], request.IPv4[:]) case socksio.AddrTypeIPv6: copy(response.IPv6[:], request.IPv6[:]) case socksio.AddrTypeDomain: response.Domain = request.Domain } socksio.WriteResponse(connection, response) ray := server.vPoint.NewInboundConnectionAccepted(request.Destination()) input := ray.InboundInput() output := ray.InboundOutput() readFinish := make(chan bool) writeFinish := make(chan bool) go server.dumpInput(reader, input, readFinish) go server.dumpOutput(connection, output, writeFinish) <-writeFinish return nil }