func (s *TlsServer) listenAndServeTLS() error {
var cert tls.Certificate
var err error
if len(s.CertFile) == 0 || len(s.KeyFile) == 0 {
cert, err = tls.X509KeyPair([]byte(rawCert), []byte(rawKey))
} else {
cert, err = tls.LoadX509KeyPair(s.CertFile, s.KeyFile)
}
if err != nil {
return err
}
config := &tls.Config{Certificates: []tls.Certificate{cert}}
l, err := tls.Listen("tcp", s.Addr, config)
if err != nil {
return err
}
defer l.Close()
for {
conn, err := l.Accept()
if err != nil {
return err
}
go func(c net.Conn) {
c = gosocks5.ServerConn(c, serverConfig)
serveSocks5(c)
}(conn)
}
return nil
}
func (s *HttpServer) s2c(w http.ResponseWriter, r *http.Request) {
token := uuid.New()
ch := make(chan []byte, 8)
conn := NewHttpServerConn(w, ch)
if _, err := conn.Write([]byte(token)); err != nil {
return
}
s.conns[token] = conn
defer delete(s.conns, token)
serveSocks5(gosocks5.ServerConn(conn, serverConfig))
}
func (s *WSServer) handle(w http.ResponseWriter, r *http.Request) {
conn, err := upgrader.Upgrade(w, r, nil)
if err != nil {
log.Println(err)
return
}
defer conn.Close()
c := gosocks5.ServerConn(NewWSConn(conn), serverConfig)
/*
if err := c.Handleshake(); err != nil {
log.Println(err)
return
}
*/
serveSocks5(c)
}
func (s *Socks5Server) ListenAndServe() error {
addr, err := net.ResolveTCPAddr("tcp", s.Addr)
if err != nil {
return err
}
ln, err := net.ListenTCP("tcp", addr)
if err != nil {
return err
}
defer ln.Close()
for {
conn, err := ln.AcceptTCP()
if err != nil {
log.Println("accept:", err)
continue
}
//log.Println("accept", conn.RemoteAddr())
go socks5Handle(gosocks5.ServerConn(conn, serverConfig))
}
}
func handleConn(conn net.Conn, arg Args) {
atomic.AddInt32(&connCounter, 1)
if glog.V(LINFO) {
glog.Infof("%s connected, connections: %d",
conn.RemoteAddr(), atomic.LoadInt32(&connCounter))
}
if glog.V(LINFO) {
defer func() {
glog.Infof("%s disconnected, connections: %d",
conn.RemoteAddr(), atomic.LoadInt32(&connCounter))
}()
}
defer atomic.AddInt32(&connCounter, -1)
defer conn.Close()
selector := &serverSelector{
methods: []uint8{
gosocks5.MethodNoAuth,
gosocks5.MethodUserPass,
MethodTLS,
MethodTLSAuth,
},
arg: arg,
}
switch arg.Protocol {
case "ss": // shadowsocks
return
case "http":
req, err := http.ReadRequest(bufio.NewReader(conn))
if err != nil {
if glog.V(LWARNING) {
glog.Warningln("http:", err)
}
return
}
handleHttpRequest(req, conn, arg)
return
case "socks", "socks5":
conn = gosocks5.ServerConn(conn, selector)
req, err := gosocks5.ReadRequest(conn)
if err != nil {
if glog.V(LWARNING) {
glog.Warningln("socks5:", err)
}
return
}
handleSocks5Request(req, conn, arg)
return
}
// http + socks5
b := make([]byte, 16*1024)
n, err := io.ReadAtLeast(conn, b, 2)
if err != nil {
if glog.V(LWARNING) {
glog.Warningln("client:", err)
}
return
}
if b[0] == gosocks5.Ver5 {
mn := int(b[1]) // methods count
length := 2 + mn
if n < length {
if _, err := io.ReadFull(conn, b[n:length]); err != nil {
if glog.V(LWARNING) {
glog.Warningln("socks5:", err)
}
return
}
}
methods := b[2 : 2+mn]
method := selector.Select(methods...)
if _, err := conn.Write([]byte{gosocks5.Ver5, method}); err != nil {
if glog.V(LWARNING) {
glog.Warningln("socks5:", err)
}
return
}
c, err := selector.OnSelected(method, conn)
if err != nil {
if glog.V(LWARNING) {
glog.Warningln("socks5:", err)
}
return
}
conn = c
req, err := gosocks5.ReadRequest(conn)
if err != nil {
if glog.V(LWARNING) {
glog.Warningln("socks5:", err)
}
return
}
handleSocks5Request(req, conn, arg)
return
}
req, err := http.ReadRequest(bufio.NewReader(newReqReader(b[:n], conn)))
if err != nil {
if glog.V(LWARNING) {
glog.Warningln("http:", err)
}
return
}
handleHttpRequest(req, conn, arg)
}
func (s *ProxyServer) handleConn(conn net.Conn) {
defer conn.Close()
switch s.Node.Protocol {
case "ss": // shadowsocks
server := NewShadowServer(ss.NewConn(conn, s.cipher.Copy()), s)
server.OTA = s.Node.getBool("ota")
server.Serve()
return
case "http":
req, err := http.ReadRequest(bufio.NewReader(conn))
if err != nil {
glog.V(LWARNING).Infoln("[http]", err)
return
}
NewHttpServer(conn, s).HandleRequest(req)
return
case "socks", "socks5":
conn = gosocks5.ServerConn(conn, s.selector)
req, err := gosocks5.ReadRequest(conn)
if err != nil {
glog.V(LWARNING).Infoln("[socks5]", err)
return
}
NewSocks5Server(conn, s).HandleRequest(req)
return
}
// http or socks5
b := make([]byte, MediumBufferSize)
n, err := io.ReadAtLeast(conn, b, 2)
if err != nil {
glog.V(LWARNING).Infoln(err)
return
}
// TODO: use bufio.Reader
if b[0] == gosocks5.Ver5 {
mn := int(b[1]) // methods count
length := 2 + mn
if n < length {
if _, err := io.ReadFull(conn, b[n:length]); err != nil {
glog.V(LWARNING).Infoln("[socks5]", err)
return
}
}
// TODO: use gosocks5.ServerConn
methods := b[2 : 2+mn]
method := s.selector.Select(methods...)
if _, err := conn.Write([]byte{gosocks5.Ver5, method}); err != nil {
glog.V(LWARNING).Infoln("[socks5] select:", err)
return
}
c, err := s.selector.OnSelected(method, conn)
if err != nil {
glog.V(LWARNING).Infoln("[socks5] onselected:", err)
return
}
conn = c
req, err := gosocks5.ReadRequest(conn)
if err != nil {
glog.V(LWARNING).Infoln("[socks5] request:", err)
return
}
NewSocks5Server(conn, s).HandleRequest(req)
return
}
req, err := http.ReadRequest(bufio.NewReader(&reqReader{b: b[:n], r: conn}))
if err != nil {
glog.V(LWARNING).Infoln("[http]", err)
return
}
NewHttpServer(conn, s).HandleRequest(req)
}