func (server *SocksServer) handleSocks4(reader io.Reader, writer io.Writer, auth protocol.Socks4AuthenticationRequest) error {
result := protocol.Socks4RequestGranted
if auth.Command == protocol.CmdBind {
result = protocol.Socks4RequestRejected
}
socks4Response := protocol.NewSocks4AuthenticationResponse(result, auth.Port, auth.IP[:])
responseBuffer := alloc.NewSmallBuffer().Clear()
socks4Response.Write(responseBuffer)
writer.Write(responseBuffer.Value)
responseBuffer.Release()
if result == protocol.Socks4RequestRejected {
log.Warning("Unsupported socks 4 command %d", auth.Command)
return UnsupportedSocksCommand
}
dest := v2net.NewTCPDestination(v2net.IPAddress(auth.IP[:], auth.Port))
data, err := v2net.ReadFrom(reader, nil)
if err != nil {
return err
}
packet := v2net.NewPacket(dest, data, true)
server.transport(reader, writer, packet)
return nil
}
func (this *SocksServer) handleSocks4(reader io.Reader, writer io.Writer, auth protocol.Socks4AuthenticationRequest) error {
result := protocol.Socks4RequestGranted
if auth.Command == protocol.CmdBind {
result = protocol.Socks4RequestRejected
}
socks4Response := protocol.NewSocks4AuthenticationResponse(result, auth.Port, auth.IP[:])
responseBuffer := alloc.NewSmallBuffer().Clear()
socks4Response.Write(responseBuffer)
writer.Write(responseBuffer.Value)
responseBuffer.Release()
if result == protocol.Socks4RequestRejected {
log.Warning("Socks: Unsupported socks 4 command ", auth.Command)
return ErrorUnsupportedSocksCommand
}
dest := v2net.TCPDestination(v2net.IPAddress(auth.IP[:]), auth.Port)
packet := v2net.NewPacket(dest, nil, true)
this.transport(reader, writer, packet)
return nil
}
func (server *SocksServer) handleSocks4(reader io.Reader, writer io.Writer, auth protocol.Socks4AuthenticationRequest) error {
result := protocol.Socks4RequestGranted
if auth.Command == protocol.CmdBind {
result = protocol.Socks4RequestRejected
}
socks4Response := protocol.NewSocks4AuthenticationResponse(result, auth.Port, auth.IP[:])
writer.Write(socks4Response.ToBytes(nil))
if result == protocol.Socks4RequestRejected {
return errors.NewInvalidOperationError("Socks4 command " + strconv.Itoa(int(auth.Command)))
}
dest := v2net.NewTCPDestination(v2net.IPAddress(auth.IP[:], auth.Port))
data, err := v2net.ReadFrom(reader)
if err != nil {
return err
}
packet := v2net.NewPacket(dest, data, true)
server.transport(reader, writer, packet)
return nil
}
func (this *SocksServer) handleSocks4(reader *v2io.BufferedReader, writer *v2io.BufferedWriter, auth protocol.Socks4AuthenticationRequest) error {
result := protocol.Socks4RequestGranted
if auth.Command == protocol.CmdBind {
result = protocol.Socks4RequestRejected
}
socks4Response := protocol.NewSocks4AuthenticationResponse(result, auth.Port, auth.IP[:])
socks4Response.Write(writer)
if result == protocol.Socks4RequestRejected {
log.Warning("Socks: Unsupported socks 4 command ", auth.Command)
return ErrorUnsupportedSocksCommand
}
reader.SetCached(false)
writer.SetCached(false)
dest := v2net.TCPDestination(v2net.IPAddress(auth.IP[:]), auth.Port)
packet := v2net.NewPacket(dest, nil, true)
this.transport(reader, writer, packet)
return nil
}
func (server *SocksServer) HandleConnection(connection net.Conn) error {
defer connection.Close()
reader := connection.(io.Reader)
auth, auth4, err := protocol.ReadAuthentication(reader)
if err != nil && err != protocol.ErrorSocksVersion4 {
log.Error("Error on reading authentication: %v", err)
return err
}
var dest v2net.Destination
// TODO refactor this part
if err == protocol.ErrorSocksVersion4 {
result := protocol.Socks4RequestGranted
if auth4.Command == protocol.CmdBind {
result = protocol.Socks4RequestRejected
}
socks4Response := protocol.NewSocks4AuthenticationResponse(result, auth4.Port, auth4.IP[:])
protocol.WriteSocks4AuthenticationResponse(connection, socks4Response)
if result == protocol.Socks4RequestRejected {
return ErrorCommandNotSupported
}
dest = v2net.NewTCPDestination(v2net.IPAddress(auth4.IP[:], auth4.Port))
} else {
expectedAuthMethod := protocol.AuthNotRequired
if server.config.AuthMethod == JsonAuthMethodUserPass {
expectedAuthMethod = protocol.AuthUserPass
}
if !auth.HasAuthMethod(expectedAuthMethod) {
authResponse := protocol.NewAuthenticationResponse(protocol.AuthNoMatchingMethod)
err = protocol.WriteAuthentication(connection, authResponse)
if err != nil {
log.Error("Error on socksio write authentication: %v", err)
return err
}
log.Warning("Client doesn't support allowed any auth methods.")
return ErrorAuthenticationFailed
}
authResponse := protocol.NewAuthenticationResponse(expectedAuthMethod)
err = protocol.WriteAuthentication(connection, authResponse)
if err != nil {
log.Error("Error on socksio write authentication: %v", err)
return err
}
if server.config.AuthMethod == JsonAuthMethodUserPass {
upRequest, err := protocol.ReadUserPassRequest(reader)
if err != nil {
log.Error("Failed to read username and password: %v", err)
return err
}
status := byte(0)
if !upRequest.IsValid(server.config.Username, server.config.Password) {
status = byte(0xFF)
}
upResponse := protocol.NewSocks5UserPassResponse(status)
err = protocol.WriteUserPassResponse(connection, upResponse)
if err != nil {
log.Error("Error on socksio write user pass response: %v", err)
return err
}
if status != byte(0) {
return ErrorInvalidUser
}
}
request, err := protocol.ReadRequest(reader)
if err != nil {
log.Error("Error on reading socks request: %v", err)
return err
}
response := protocol.NewSocks5Response()
if request.Command == protocol.CmdBind || request.Command == protocol.CmdUdpAssociate {
response := protocol.NewSocks5Response()
response.Error = protocol.ErrorCommandNotSupported
err = protocol.WriteResponse(connection, response)
if err != nil {
log.Error("Error on socksio write response: %v", err)
return err
}
log.Warning("Unsupported socks command %d", request.Command)
return ErrorCommandNotSupported
}
response.Error = protocol.ErrorSuccess
response.Port = request.Port
response.AddrType = request.AddrType
switch response.AddrType {
case protocol.AddrTypeIPv4:
copy(response.IPv4[:], request.IPv4[:])
case protocol.AddrTypeIPv6:
copy(response.IPv6[:], request.IPv6[:])
case protocol.AddrTypeDomain:
response.Domain = request.Domain
}
err = protocol.WriteResponse(connection, response)
if err != nil {
log.Error("Error on socksio write response: %v", err)
return err
}
dest = request.Destination()
}
ray := server.vPoint.NewInboundConnectionAccepted(dest)
input := ray.InboundInput()
output := ray.InboundOutput()
readFinish := make(chan bool)
writeFinish := make(chan bool)
go server.dumpInput(reader, input, readFinish)
go server.dumpOutput(connection, output, writeFinish)
<-writeFinish
return nil
}
func (server *SocksServer) HandleConnection(connection net.Conn) error {
defer connection.Close()
reader := v2net.NewTimeOutReader(4, connection)
auth, auth4, err := protocol.ReadAuthentication(reader)
if err != nil && !errors.HasCode(err, 1000) {
log.Error("Socks failed to read authentication: %v", err)
return err
}
var dest v2net.Destination
// TODO refactor this part
if errors.HasCode(err, 1000) {
result := protocol.Socks4RequestGranted
if auth4.Command == protocol.CmdBind {
result = protocol.Socks4RequestRejected
}
socks4Response := protocol.NewSocks4AuthenticationResponse(result, auth4.Port, auth4.IP[:])
connection.Write(socks4Response.ToBytes(nil))
if result == protocol.Socks4RequestRejected {
return errors.NewInvalidOperationError("Socks4 command " + strconv.Itoa(int(auth4.Command)))
}
dest = v2net.NewTCPDestination(v2net.IPAddress(auth4.IP[:], auth4.Port))
} else {
expectedAuthMethod := protocol.AuthNotRequired
if server.config.IsPassword() {
expectedAuthMethod = protocol.AuthUserPass
}
if !auth.HasAuthMethod(expectedAuthMethod) {
authResponse := protocol.NewAuthenticationResponse(protocol.AuthNoMatchingMethod)
err = protocol.WriteAuthentication(connection, authResponse)
if err != nil {
log.Error("Socks failed to write authentication: %v", err)
return err
}
log.Warning("Socks client doesn't support allowed any auth methods.")
return errors.NewInvalidOperationError("Unsupported auth methods.")
}
authResponse := protocol.NewAuthenticationResponse(expectedAuthMethod)
err = protocol.WriteAuthentication(connection, authResponse)
if err != nil {
log.Error("Socks failed to write authentication: %v", err)
return err
}
if server.config.IsPassword() {
upRequest, err := protocol.ReadUserPassRequest(reader)
if err != nil {
log.Error("Socks failed to read username and password: %v", err)
return err
}
status := byte(0)
if !upRequest.IsValid(server.config.Username, server.config.Password) {
status = byte(0xFF)
}
upResponse := protocol.NewSocks5UserPassResponse(status)
err = protocol.WriteUserPassResponse(connection, upResponse)
if err != nil {
log.Error("Socks failed to write user pass response: %v", err)
return err
}
if status != byte(0) {
err = errors.NewAuthenticationError(upRequest.AuthDetail())
log.Warning(err.Error())
return err
}
}
request, err := protocol.ReadRequest(reader)
if err != nil {
log.Error("Socks failed to read request: %v", err)
return err
}
response := protocol.NewSocks5Response()
if request.Command == protocol.CmdBind || request.Command == protocol.CmdUdpAssociate {
response := protocol.NewSocks5Response()
response.Error = protocol.ErrorCommandNotSupported
err = protocol.WriteResponse(connection, response)
if err != nil {
log.Error("Socks failed to write response: %v", err)
return err
}
log.Warning("Unsupported socks command %d", request.Command)
return errors.NewInvalidOperationError("Socks command " + strconv.Itoa(int(request.Command)))
}
response.Error = protocol.ErrorSuccess
response.Port = request.Port
response.AddrType = request.AddrType
switch response.AddrType {
case protocol.AddrTypeIPv4:
copy(response.IPv4[:], request.IPv4[:])
case protocol.AddrTypeIPv6:
copy(response.IPv6[:], request.IPv6[:])
case protocol.AddrTypeDomain:
response.Domain = request.Domain
}
err = protocol.WriteResponse(connection, response)
if err != nil {
log.Error("Socks failed to write response: %v", err)
return err
}
dest = request.Destination()
}
ray := server.vPoint.DispatchToOutbound(v2net.NewTCPPacket(dest))
input := ray.InboundInput()
output := ray.InboundOutput()
var readFinish, writeFinish sync.Mutex
readFinish.Lock()
writeFinish.Lock()
go dumpInput(reader, input, &readFinish)
go dumpOutput(connection, output, &writeFinish)
writeFinish.Lock()
return nil
}