func (this *SocksServer) handleSocks5(reader *v2net.TimeOutReader, writer io.Writer, auth protocol.Socks5AuthenticationRequest) error { expectedAuthMethod := protocol.AuthNotRequired if this.config.AuthType == AuthTypePassword { expectedAuthMethod = protocol.AuthUserPass } if !auth.HasAuthMethod(expectedAuthMethod) { authResponse := protocol.NewAuthenticationResponse(protocol.AuthNoMatchingMethod) err := protocol.WriteAuthentication(writer, authResponse) if err != nil { log.Error("Socks: failed to write authentication: ", err) return err } log.Warning("Socks: client doesn't support allowed any auth methods.") return ErrorUnsupportedAuthMethod } authResponse := protocol.NewAuthenticationResponse(expectedAuthMethod) err := protocol.WriteAuthentication(writer, authResponse) if err != nil { log.Error("Socks: failed to write authentication: ", err) return err } if this.config.AuthType == AuthTypePassword { upRequest, err := protocol.ReadUserPassRequest(reader) if err != nil { log.Error("Socks: failed to read username and password: "******"Socks: failed to write user pass response: ", err) return err } if status != byte(0) { log.Warning("Socks: Invalid user account: ", upRequest.AuthDetail()) return proxy.ErrorInvalidAuthentication } } request, err := protocol.ReadRequest(reader) if err != nil { log.Error("Socks: failed to read request: ", err) return err } if request.Command == protocol.CmdUdpAssociate && this.config.UDPEnabled { return this.handleUDP(reader, writer) } if request.Command == protocol.CmdBind || request.Command == protocol.CmdUdpAssociate { response := protocol.NewSocks5Response() response.Error = protocol.ErrorCommandNotSupported response.Port = v2net.Port(0) response.SetIPv4([]byte{0, 0, 0, 0}) responseBuffer := alloc.NewSmallBuffer().Clear() response.Write(responseBuffer) _, err = writer.Write(responseBuffer.Value) responseBuffer.Release() if err != nil { log.Error("Socks: failed to write response: ", err) return err } log.Warning("Socks: Unsupported socks command ", request.Command) return ErrorUnsupportedSocksCommand } response := protocol.NewSocks5Response() response.Error = protocol.ErrorSuccess // Some SOCKS software requires a value other than dest. Let's fake one: response.Port = v2net.Port(1717) response.SetIPv4([]byte{0, 0, 0, 0}) responseBuffer := alloc.NewSmallBuffer().Clear() response.Write(responseBuffer) _, err = writer.Write(responseBuffer.Value) responseBuffer.Release() if err != nil { log.Error("Socks: failed to write response: ", err) return err } dest := request.Destination() log.Info("Socks: TCP Connect request to ", dest) packet := v2net.NewPacket(dest, nil, true) this.transport(reader, writer, packet) return nil }
func (server *SocksServer) handleSocks5(reader *v2net.TimeOutReader, writer io.Writer, auth protocol.Socks5AuthenticationRequest) error { expectedAuthMethod := protocol.AuthNotRequired if server.config.IsPassword() { expectedAuthMethod = protocol.AuthUserPass } if !auth.HasAuthMethod(expectedAuthMethod) { authResponse := protocol.NewAuthenticationResponse(protocol.AuthNoMatchingMethod) err := protocol.WriteAuthentication(writer, authResponse) if err != nil { log.Error("Socks failed to write authentication: %v", err) return err } log.Warning("Socks client doesn't support allowed any auth methods.") return UnsupportedAuthMethod } authResponse := protocol.NewAuthenticationResponse(expectedAuthMethod) err := protocol.WriteAuthentication(writer, authResponse) if err != nil { log.Error("Socks failed to write authentication: %v", err) return err } if server.config.IsPassword() { upRequest, err := protocol.ReadUserPassRequest(reader) if err != nil { log.Error("Socks failed to read username and password: %v", err) return err } status := byte(0) if !server.config.HasAccount(upRequest.Username(), upRequest.Password()) { status = byte(0xFF) } upResponse := protocol.NewSocks5UserPassResponse(status) err = protocol.WriteUserPassResponse(writer, upResponse) if err != nil { log.Error("Socks failed to write user pass response: %v", err) return err } if status != byte(0) { log.Warning("Invalid user account: %s", upRequest.AuthDetail()) return proxyerrors.InvalidAuthentication } } request, err := protocol.ReadRequest(reader) if err != nil { log.Error("Socks failed to read request: %v", err) return err } if request.Command == protocol.CmdUdpAssociate && server.config.UDPEnabled { return server.handleUDP(reader, writer) } if request.Command == protocol.CmdBind || request.Command == protocol.CmdUdpAssociate { response := protocol.NewSocks5Response() response.Error = protocol.ErrorCommandNotSupported responseBuffer := alloc.NewSmallBuffer().Clear() response.Write(responseBuffer) _, err = writer.Write(responseBuffer.Value) responseBuffer.Release() if err != nil { log.Error("Socks failed to write response: %v", err) return err } log.Warning("Unsupported socks command %d", request.Command) return UnsupportedSocksCommand } response := protocol.NewSocks5Response() response.Error = protocol.ErrorSuccess // Some SOCKS software requires a value other than dest. Let's fake one: response.Port = uint16(1717) response.AddrType = protocol.AddrTypeIPv4 response.IPv4[0] = 0 response.IPv4[1] = 0 response.IPv4[2] = 0 response.IPv4[3] = 0 responseBuffer := alloc.NewSmallBuffer().Clear() response.Write(responseBuffer) _, err = writer.Write(responseBuffer.Value) responseBuffer.Release() if err != nil { log.Error("Socks failed to write response: %v", err) return err } dest := request.Destination() data, err := v2net.ReadFrom(reader, nil) if err != nil { return err } packet := v2net.NewPacket(dest, data, true) server.transport(reader, writer, packet) return nil }
func (server *SocksServer) handleSocks5(reader *v2net.TimeOutReader, writer io.Writer, auth protocol.Socks5AuthenticationRequest) error { expectedAuthMethod := protocol.AuthNotRequired if server.config.IsPassword() { expectedAuthMethod = protocol.AuthUserPass } if !auth.HasAuthMethod(expectedAuthMethod) { authResponse := protocol.NewAuthenticationResponse(protocol.AuthNoMatchingMethod) err := protocol.WriteAuthentication(writer, authResponse) if err != nil { log.Error("Socks failed to write authentication: %v", err) return err } log.Warning("Socks client doesn't support allowed any auth methods.") return errors.NewInvalidOperationError("Unsupported auth methods.") } authResponse := protocol.NewAuthenticationResponse(expectedAuthMethod) err := protocol.WriteAuthentication(writer, authResponse) if err != nil { log.Error("Socks failed to write authentication: %v", err) return err } if server.config.IsPassword() { upRequest, err := protocol.ReadUserPassRequest(reader) if err != nil { log.Error("Socks failed to read username and password: %v", err) return err } status := byte(0) if !upRequest.IsValid(server.config.Username, server.config.Password) { status = byte(0xFF) } upResponse := protocol.NewSocks5UserPassResponse(status) err = protocol.WriteUserPassResponse(writer, upResponse) if err != nil { log.Error("Socks failed to write user pass response: %v", err) return err } if status != byte(0) { err = errors.NewAuthenticationError(upRequest.AuthDetail()) log.Warning(err.Error()) return err } } request, err := protocol.ReadRequest(reader) if err != nil { log.Error("Socks failed to read request: %v", err) return err } response := protocol.NewSocks5Response() if request.Command == protocol.CmdUdpAssociate && server.config.UDPEnabled { return server.handleUDP(reader, writer) } if request.Command == protocol.CmdBind || request.Command == protocol.CmdUdpAssociate { response := protocol.NewSocks5Response() response.Error = protocol.ErrorCommandNotSupported err = protocol.WriteResponse(writer, response) if err != nil { log.Error("Socks failed to write response: %v", err) return err } log.Warning("Unsupported socks command %d", request.Command) return errors.NewInvalidOperationError("Socks command " + strconv.Itoa(int(request.Command))) } response.Error = protocol.ErrorSuccess response.Port = request.Port response.AddrType = request.AddrType switch response.AddrType { case protocol.AddrTypeIPv4: copy(response.IPv4[:], request.IPv4[:]) case protocol.AddrTypeIPv6: copy(response.IPv6[:], request.IPv6[:]) case protocol.AddrTypeDomain: response.Domain = request.Domain } err = protocol.WriteResponse(writer, response) if err != nil { log.Error("Socks failed to write response: %v", err) return err } dest := request.Destination() data, err := v2net.ReadFrom(reader) if err != nil { return err } packet := v2net.NewPacket(dest, data, true) server.transport(reader, writer, packet) return nil }