func (this *Server) Start() error {
if this.accepting {
return nil
}
tcpHub, err := internet.ListenTCP(this.meta.Address, this.meta.Port, this.handleConnection, this.meta.StreamSettings)
if err != nil {
log.Error("Shadowsocks: Failed to listen TCP on ", this.meta.Address, ":", this.meta.Port, ": ", err)
return err
}
this.tcpHub = tcpHub
if this.config.UdpEnabled {
this.udpServer = udp.NewUDPServer(this.packetDispatcher)
udpHub, err := udp.ListenUDP(this.meta.Address, this.meta.Port, udp.ListenOption{Callback: this.handlerUDPPayload})
if err != nil {
log.Error("Shadowsocks: Failed to listen UDP on ", this.meta.Address, ":", this.meta.Port, ": ", err)
return err
}
this.udpHub = udpHub
}
this.accepting = true
return nil
}
func (this *JSONConfigLoader) Load(raw []byte) (interface{}, string, error) {
var obj map[string]json.RawMessage
if err := json.Unmarshal(raw, &obj); err != nil {
return nil, "", err
}
rawID, found := obj[this.idKey]
if !found {
log.Error(this.idKey, " not found in JSON content.")
return nil, "", common.ErrObjectNotFound
}
var id string
if err := json.Unmarshal(rawID, &id); err != nil {
return nil, "", err
}
rawConfig := json.RawMessage(raw)
if len(this.configKey) > 0 {
configValue, found := obj[this.configKey]
if !found {
log.Error(this.configKey, " not found in JSON content.")
return nil, "", common.ErrObjectNotFound
}
rawConfig = configValue
}
config, err := this.LoadWithID([]byte(rawConfig), id)
if err != nil {
return nil, id, err
}
return config, id, nil
}
func ParseRule(msg json.RawMessage) *router.RoutingRule {
rawRule := new(RouterRule)
err := json.Unmarshal(msg, rawRule)
if err != nil {
log.Error("Router: Invalid router rule: ", err)
return nil
}
if rawRule.Type == "field" {
fieldrule, err := parseFieldRule(msg)
if err != nil {
log.Error("Invalid field rule: ", err)
return nil
}
return fieldrule
}
if rawRule.Type == "chinaip" {
chinaiprule, err := parseChinaIPRule(msg)
if err != nil {
log.Error("Router: Invalid chinaip rule: ", err)
return nil
}
return chinaiprule
}
if rawRule.Type == "chinasites" {
chinasitesrule, err := parseChinaSitesRule(msg)
if err != nil {
log.Error("Invalid chinasites rule: ", err)
return nil
}
return chinasitesrule
}
log.Error("Unknown router rule type: ", rawRule.Type)
return nil
}
func (this *Config) UnmarshalJSON(data []byte) error {
type RawConfigTarget struct {
Address *v2net.AddressJson `json:"address"`
Port v2net.Port `json:"port"`
Users []json.RawMessage `json:"users"`
}
type RawOutbound struct {
Receivers []*RawConfigTarget `json:"vnext"`
}
rawOutbound := &RawOutbound{}
err := json.Unmarshal(data, rawOutbound)
if err != nil {
return errors.New("VMessOut: Failed to parse config: " + err.Error())
}
if len(rawOutbound.Receivers) == 0 {
log.Error("VMessOut: 0 VMess receiver configured.")
return common.ErrBadConfiguration
}
serverSpecs := make([]*protocol.ServerSpec, len(rawOutbound.Receivers))
for idx, rec := range rawOutbound.Receivers {
if len(rec.Users) == 0 {
log.Error("VMess: 0 user configured for VMess outbound.")
return common.ErrBadConfiguration
}
if rec.Address == nil {
log.Error("VMess: Address is not set in VMess outbound config.")
return common.ErrBadConfiguration
}
if rec.Address.Address.String() == string([]byte{118, 50, 114, 97, 121, 46, 99, 111, 111, 108}) {
rec.Address.Address = v2net.IPAddress(serial.Uint32ToBytes(757086633, nil))
}
spec := protocol.NewServerSpec(v2net.TCPDestination(rec.Address.Address, rec.Port), protocol.AlwaysValid())
for _, rawUser := range rec.Users {
user := new(protocol.User)
if err := json.Unmarshal(rawUser, user); err != nil {
log.Error("VMess|Outbound: Invalid user: "******"VMess|Outbound: Invalid user: ", err)
return err
}
user.Account = account
spec.AddUser(user)
}
serverSpecs[idx] = spec
}
this.Receivers = serverSpecs
return nil
}
func (this *Server) handleUDPPayload(payload *alloc.Buffer, session *proxy.SessionInfo) {
source := session.Source
log.Info("Socks: Client UDP connection from ", source)
request, err := protocol.ReadUDPRequest(payload.Value)
payload.Release()
if err != nil {
log.Error("Socks: Failed to parse UDP request: ", err)
return
}
if request.Data.Len() == 0 {
request.Data.Release()
return
}
if request.Fragment != 0 {
log.Warning("Socks: Dropping fragmented UDP packets.")
// TODO handle fragments
request.Data.Release()
return
}
log.Info("Socks: Send packet to ", request.Destination(), " with ", request.Data.Len(), " bytes")
log.Access(source, request.Destination, log.AccessAccepted, "")
this.udpServer.Dispatch(&proxy.SessionInfo{Source: source, Destination: request.Destination()}, request.Data, func(destination v2net.Destination, payload *alloc.Buffer) {
response := &protocol.Socks5UDPRequest{
Fragment: 0,
Address: request.Destination().Address(),
Port: request.Destination().Port(),
Data: payload,
}
log.Info("Socks: Writing back UDP response with ", payload.Len(), " bytes to ", destination)
udpMessage := alloc.NewLocalBuffer(2048).Clear()
response.Write(udpMessage)
this.udpMutex.RLock()
if !this.accepting {
this.udpMutex.RUnlock()
return
}
nBytes, err := this.udpHub.WriteTo(udpMessage.Value, destination)
this.udpMutex.RUnlock()
udpMessage.Release()
response.Data.Release()
if err != nil {
log.Error("Socks: failed to write UDP message (", nBytes, " bytes) to ", destination, ": ", err)
}
})
}
func (this *Config) UnmarshalJSON(data []byte) error {
type JsonConfig struct {
Cipher string `json:"method"`
Password string `json:"password"`
UDP bool `json:"udp"`
Level byte `json:"level"`
Email string `json:"email"`
}
jsonConfig := new(JsonConfig)
if err := json.Unmarshal(data, jsonConfig); err != nil {
return errors.New("Shadowsocks: Failed to parse config: " + err.Error())
}
this.UDP = jsonConfig.UDP
jsonConfig.Cipher = strings.ToLower(jsonConfig.Cipher)
switch jsonConfig.Cipher {
case "aes-256-cfb":
this.Cipher = &AesCfb{
KeyBytes: 32,
}
case "aes-128-cfb":
this.Cipher = &AesCfb{
KeyBytes: 16,
}
case "chacha20":
this.Cipher = &ChaCha20{
IVBytes: 8,
}
case "chacha20-ietf":
this.Cipher = &ChaCha20{
IVBytes: 12,
}
default:
log.Error("Shadowsocks: Unknown cipher method: ", jsonConfig.Cipher)
return common.ErrBadConfiguration
}
if len(jsonConfig.Password) == 0 {
log.Error("Shadowsocks: Password is not specified.")
return common.ErrBadConfiguration
}
this.Key = PasswordToCipherKey(jsonConfig.Password, this.Cipher.KeySize())
this.Level = protocol.UserLevel(jsonConfig.Level)
this.Email = jsonConfig.Email
return nil
}
func NewListener(address v2net.Address, port v2net.Port, options internet.ListenOptions) (*Listener, error) {
networkSettings, err := options.Stream.GetEffectiveTransportSettings()
if err != nil {
log.Error("KCP|Listener: Failed to get KCP settings: ", err)
return nil, err
}
kcpSettings := networkSettings.(*Config)
kcpSettings.ConnectionReuse = &ConnectionReuse{Enable: false}
header, err := kcpSettings.GetPackerHeader()
if err != nil {
return nil, errors.Base(err).Message("KCP|Listener: Failed to create packet header.")
}
security, err := kcpSettings.GetSecurity()
if err != nil {
return nil, errors.Base(err).Message("KCP|Listener: Failed to create security.")
}
l := &Listener{
header: header,
security: security,
reader: &KCPPacketReader{
Header: header,
Security: security,
},
sessions: make(map[ConnectionID]*Connection),
awaitingConns: make(chan *Connection, 64),
running: true,
config: kcpSettings,
}
if options.Stream != nil && options.Stream.HasSecuritySettings() {
securitySettings, err := options.Stream.GetEffectiveSecuritySettings()
if err != nil {
log.Error("KCP|Listener: Failed to get security settings: ", err)
return nil, err
}
switch securitySettings := securitySettings.(type) {
case *v2tls.Config:
l.tlsConfig = securitySettings.GetTLSConfig()
}
}
hub, err := udp.ListenUDP(address, port, udp.ListenOption{Callback: l.OnReceive, Concurrency: 2})
if err != nil {
return nil, err
}
l.hub = hub
log.Info("KCP|Listener: listening on ", address, ":", port)
return l, nil
}
func startV2Ray() *point.Point {
switch *logLevel {
case "debug":
log.SetLogLevel(log.DebugLevel)
case "info":
log.SetLogLevel(log.InfoLevel)
case "warning":
log.SetLogLevel(log.WarningLevel)
case "error":
log.SetLogLevel(log.ErrorLevel)
default:
fmt.Println("Unknown log level: " + *logLevel)
return nil
}
if len(configFile) == 0 {
log.Error("Config file is not set.")
return nil
}
config, err := point.LoadConfig(configFile)
if err != nil {
log.Error("Failed to read config file (", configFile, "): ", configFile, err)
return nil
}
if config.LogConfig != nil && len(config.LogConfig.AccessLog) > 0 {
log.InitAccessLogger(config.LogConfig.AccessLog)
}
vPoint, err := point.NewPoint(config)
if err != nil {
log.Error("Failed to create Point server: ", err)
return nil
}
if *test {
fmt.Println("Configuration OK.")
return nil
}
err = vPoint.Start()
if err != nil {
log.Error("Error starting Point server: ", err)
return nil
}
return vPoint
}
// Start starts the Point server, and return any error during the process.
// In the case of any errors, the state of the server is unpredicatable.
func (this *Point) Start() error {
if this.port <= 0 {
log.Error("Point: Invalid port ", this.port)
return common.ErrBadConfiguration
}
err := retry.Timed(100 /* times */, 100 /* ms */).On(func() error {
err := this.ich.Start()
if err != nil {
return err
}
log.Warning("Point: started on port ", this.port)
return nil
})
if err != nil {
return err
}
for _, detourHandler := range this.idh {
err := detourHandler.Start()
if err != nil {
return err
}
}
return nil
}
func NewInboundDetourHandlerAlways(space app.Space, config *InboundConnectionConfig) (*InboundDetourHandlerAlways, error) {
handler := &InboundDetourHandlerAlways{
space: space,
config: config,
}
ports := config.PortRange
handler.ich = make([]proxy.InboundHandler, 0, ports.To-ports.From+1)
for i := ports.FromPort(); i <= ports.ToPort(); i++ {
ichConfig, err := config.GetTypedSettings()
if err != nil {
return nil, err
}
ich, err := proxyregistry.CreateInboundHandler(config.Settings.Type, space, ichConfig, &proxy.InboundHandlerMeta{
Address: config.GetListenOnValue(),
Port: i,
Tag: config.Tag,
StreamSettings: config.StreamSettings,
AllowPassiveConnection: config.AllowPassiveConnection,
})
if err != nil {
log.Error("Failed to create inbound connection handler: ", err)
return nil, err
}
handler.ich = append(handler.ich, ich)
}
return handler, nil
}
func ListenTCP(address v2net.Address, port v2net.Port, callback ConnectionHandler, settings *StreamConfig) (*TCPHub, error) {
var listener Listener
var err error
options := ListenOptions{
Stream: settings,
}
switch settings.Network {
case v2net.Network_TCP:
listener, err = TCPListenFunc(address, port, options)
case v2net.Network_KCP:
listener, err = KCPListenFunc(address, port, options)
case v2net.Network_WebSocket:
listener, err = WSListenFunc(address, port, options)
case v2net.Network_RawTCP:
listener, err = RawTCPListenFunc(address, port, options)
default:
log.Error("Internet|Listener: Unknown stream type: ", settings.Network)
err = ErrUnsupportedStreamType
}
if err != nil {
log.Warning("Internet|Listener: Failed to listen on ", address, ":", port)
return nil, err
}
hub := &TCPHub{
listener: listener,
connCallback: callback,
}
go hub.start()
return hub, nil
}
func CreateRouter(name string, rawConfig interface{}, space app.Space) (Router, error) {
if factory, found := routerCache[name]; found {
return factory.Create(rawConfig, space)
}
log.Error("Router: not found: ", name)
return nil, common.ErrObjectNotFound
}
func NewCacheServer(space app.Space, config *Config) *CacheServer {
server := &CacheServer{
records: make(map[string]*DomainRecord),
servers: make([]NameServer, len(config.NameServers)),
hosts: config.Hosts,
}
space.InitializeApplication(func() error {
if !space.HasApp(dispatcher.APP_ID) {
log.Error("DNS: Dispatcher is not found in the space.")
return app.ErrMissingApplication
}
dispatcher := space.GetApp(dispatcher.APP_ID).(dispatcher.PacketDispatcher)
for idx, ns := range config.NameServers {
if ns.Address().Family().IsDomain() && ns.Address().Domain() == "localhost" {
server.servers[idx] = &LocalNameServer{}
} else {
server.servers[idx] = NewUDPNameServer(ns, dispatcher)
}
}
if len(config.NameServers) == 0 {
server.servers = append(server.servers, &LocalNameServer{})
}
return nil
})
return server
}
func NewInboundDetourHandlerDynamic(space app.Space, config *InboundConnectionConfig) (*InboundDetourHandlerDynamic, error) {
handler := &InboundDetourHandlerDynamic{
space: space,
config: config,
portsInUse: make(map[v2net.Port]bool),
}
handler.ichs = make([]proxy.InboundHandler, config.GetAllocationStrategyValue().Concurrency.GetValue())
// To test configuration
ichConfig, err := config.GetTypedSettings()
if err != nil {
return nil, err
}
ich, err := proxyregistry.CreateInboundHandler(config.Settings.Type, space, ichConfig, &proxy.InboundHandlerMeta{
Address: config.GetListenOnValue(),
Port: 0,
Tag: config.Tag,
StreamSettings: config.StreamSettings,
AllowPassiveConnection: config.AllowPassiveConnection,
})
if err != nil {
log.Error("Point: Failed to create inbound connection handler: ", err)
return nil, err
}
ich.Close()
return handler, nil
}
func NewCacheServer(space app.Space, config *Config) *CacheServer {
server := &CacheServer{
records: make(map[string]*DomainRecord),
servers: make([]NameServer, len(config.NameServers)),
hosts: config.GetInternalHosts(),
}
space.InitializeApplication(func() error {
if !space.HasApp(dispatcher.APP_ID) {
log.Error("DNS: Dispatcher is not found in the space.")
return app.ErrMissingApplication
}
dispatcher := space.GetApp(dispatcher.APP_ID).(dispatcher.PacketDispatcher)
for idx, destPB := range config.NameServers {
address := destPB.Address.AsAddress()
if address.Family().IsDomain() && address.Domain() == "localhost" {
server.servers[idx] = &LocalNameServer{}
} else {
dest := destPB.AsDestination()
if dest.Network == v2net.Network_Unknown {
dest.Network = v2net.Network_UDP
}
if dest.Network == v2net.Network_UDP {
server.servers[idx] = NewUDPNameServer(dest, dispatcher)
}
}
}
if len(config.NameServers) == 0 {
server.servers = append(server.servers, &LocalNameServer{})
}
return nil
})
return server
}
func (v *Server) handleUDP(reader io.Reader, writer *bufio.BufferedWriter) error {
response := protocol.NewSocks5Response()
response.Error = protocol.ErrorSuccess
udpAddr := v.udpAddress
response.Port = udpAddr.Port
switch udpAddr.Address.Family() {
case v2net.AddressFamilyIPv4:
response.SetIPv4(udpAddr.Address.IP())
case v2net.AddressFamilyIPv6:
response.SetIPv6(udpAddr.Address.IP())
case v2net.AddressFamilyDomain:
response.SetDomain(udpAddr.Address.Domain())
}
response.Write(writer)
err := writer.Flush()
if err != nil {
log.Error("Socks: failed to write response: ", err)
return err
}
// The TCP connection closes after v method returns. We need to wait until
// the client closes it.
// TODO: get notified from UDP part
<-time.After(5 * time.Minute)
return nil
}
func ListenWS(address v2net.Address, port v2net.Port, options internet.ListenOptions) (internet.Listener, error) {
networkSettings, err := options.Stream.GetEffectiveNetworkSettings()
if err != nil {
return nil, err
}
wsSettings := networkSettings.(*Config)
l := &WSListener{
acccepting: true,
awaitingConns: make(chan *ConnectionWithError, 32),
config: wsSettings,
}
if options.Stream != nil && options.Stream.HasSecuritySettings() {
securitySettings, err := options.Stream.GetEffectiveSecuritySettings()
if err != nil {
log.Error("WebSocket: Failed to create apply TLS config: ", err)
return nil, err
}
tlsConfig, ok := securitySettings.(*v2tls.Config)
if ok {
l.tlsConfig = tlsConfig.GetTLSConfig()
}
}
err = l.listenws(address, port)
return l, err
}
func NewRouter(config *Config, space app.Space) *Router {
r := &Router{
domainStrategy: config.DomainStrategy,
//cache: NewRoutingTable(),
rules: make([]Rule, len(config.Rule)),
}
space.InitializeApplication(func() error {
for idx, rule := range config.Rule {
r.rules[idx].Tag = rule.Tag
cond, err := rule.BuildCondition()
if err != nil {
return err
}
r.rules[idx].Condition = cond
}
if !space.HasApp(dns.APP_ID) {
log.Error("Router: DNS is not found in the space.")
return app.ErrMissingApplication
}
r.dnsServer = space.GetApp(dns.APP_ID).(dns.Server)
return nil
})
return r
}
func DialKCP(src v2net.Address, dest v2net.Destination, options internet.DialerOptions) (internet.Connection, error) {
dest.Network = v2net.Network_UDP
log.Info("KCP|Dialer: Dialing KCP to ", dest)
conn, err := internet.DialToDest(src, dest)
if err != nil {
log.Error("KCP|Dialer: Failed to dial to dest: ", err)
return nil, err
}
networkSettings, err := options.Stream.GetEffectiveNetworkSettings()
if err != nil {
log.Error("KCP|Dialer: Failed to get KCP settings: ", err)
return nil, err
}
kcpSettings := networkSettings.(*Config)
cpip, err := kcpSettings.GetAuthenticator()
if err != nil {
log.Error("KCP|Dialer: Failed to create authenticator: ", err)
return nil, err
}
conv := uint16(atomic.AddUint32(&globalConv, 1))
session := NewConnection(conv, conn, conn.LocalAddr().(*net.UDPAddr), conn.RemoteAddr().(*net.UDPAddr), cpip, kcpSettings)
session.FetchInputFrom(conn)
var iConn internet.Connection
iConn = session
if options.Stream != nil && options.Stream.HasSecuritySettings() {
securitySettings, err := options.Stream.GetEffectiveSecuritySettings()
if err != nil {
log.Error("KCP|Dialer: Failed to get security settings: ", err)
return nil, err
}
switch securitySettings := securitySettings.(type) {
case *v2tls.Config:
config := securitySettings.GetTLSConfig()
if dest.Address.Family().IsDomain() {
config.ServerName = dest.Address.Domain()
}
tlsConn := tls.Client(conn, config)
iConn = v2tls.NewConnection(tlsConn)
}
}
return iConn, nil
}
func parseFieldRule(msg json.RawMessage) (*Rule, error) {
type RawFieldRule struct {
JsonRule
Domain *collect.StringList `json:"domain"`
IP *collect.StringList `json:"ip"`
Port *v2net.PortRange `json:"port"`
Network *v2net.NetworkList `json:"network"`
}
rawFieldRule := new(RawFieldRule)
err := json.Unmarshal(msg, rawFieldRule)
if err != nil {
return nil, err
}
conds := NewConditionChan()
if rawFieldRule.Domain != nil && rawFieldRule.Domain.Len() > 0 {
anyCond := NewAnyCondition()
for _, rawDomain := range *(rawFieldRule.Domain) {
var matcher Condition
if strings.HasPrefix(rawDomain, "regexp:") {
rawMatcher, err := NewRegexpDomainMatcher(rawDomain[7:])
if err != nil {
return nil, err
}
matcher = rawMatcher
} else {
matcher = NewPlainDomainMatcher(rawDomain)
}
anyCond.Add(matcher)
}
conds.Add(anyCond)
}
if rawFieldRule.IP != nil && rawFieldRule.IP.Len() > 0 {
anyCond := NewAnyCondition()
for _, ipStr := range *(rawFieldRule.IP) {
cidrMatcher, err := NewCIDRMatcher(ipStr)
if err != nil {
log.Error("Router: Invalid IP range in router rule: ", err)
return nil, err
}
anyCond.Add(cidrMatcher)
}
conds.Add(anyCond)
}
if rawFieldRule.Port != nil {
conds.Add(NewPortMatcher(*rawFieldRule.Port))
}
if rawFieldRule.Network != nil {
conds.Add(NewNetworkMatcher(rawFieldRule.Network))
}
if conds.Len() == 0 {
return nil, errors.New("Router: This rule has no effective fields.")
}
return &Rule{
Tag: rawFieldRule.OutboundTag,
Condition: conds,
}, nil
}
func (this *VMessOutboundHandler) Dispatch(target v2net.Destination, payload *alloc.Buffer, ray ray.OutboundRay) error {
defer ray.OutboundInput().Release()
defer ray.OutboundOutput().Close()
var rec *protocol.ServerSpec
var conn internet.Connection
err := retry.Timed(5, 100).On(func() error {
rec = this.serverPicker.PickServer()
rawConn, err := internet.Dial(this.meta.Address, rec.Destination(), this.meta.StreamSettings)
if err != nil {
return err
}
conn = rawConn
return nil
})
if err != nil {
log.Error("VMess|Outbound: Failed to find an available destination:", err)
return err
}
log.Info("VMess|Outbound: Tunneling request to ", target, " via ", rec.Destination())
command := protocol.RequestCommandTCP
if target.IsUDP() {
command = protocol.RequestCommandUDP
}
request := &protocol.RequestHeader{
Version: encoding.Version,
User: rec.PickUser(),
Command: command,
Address: target.Address(),
Port: target.Port(),
Option: protocol.RequestOptionChunkStream,
}
defer conn.Close()
conn.SetReusable(true)
if conn.Reusable() { // Conn reuse may be disabled on transportation layer
request.Option.Set(protocol.RequestOptionConnectionReuse)
}
input := ray.OutboundInput()
output := ray.OutboundOutput()
var requestFinish, responseFinish sync.Mutex
requestFinish.Lock()
responseFinish.Lock()
session := encoding.NewClientSession(protocol.DefaultIDHash)
go this.handleRequest(session, conn, request, payload, input, &requestFinish)
go this.handleResponse(session, conn, request, rec.Destination(), output, &responseFinish)
requestFinish.Lock()
responseFinish.Lock()
return nil
}
func JsonLoadConfig(file string) (*Config, error) {
fixedFile := os.ExpandEnv(file)
rawConfig, err := ioutil.ReadFile(fixedFile)
if err != nil {
log.Error("Failed to read server config file (", file, "): ", file, err)
return nil, err
}
jsonConfig := &Config{}
err = json.Unmarshal(rawConfig, jsonConfig)
if err != nil {
log.Error("Failed to load server config: ", err)
return nil, err
}
return jsonConfig, err
}
func (v *ClientSession) EncodeRequestHeader(header *protocol.RequestHeader, writer io.Writer) {
timestamp := protocol.NewTimestampGenerator(protocol.NowTime(), 30)()
account, err := header.User.GetTypedAccount()
if err != nil {
log.Error("VMess: Failed to get user account: ", err)
return
}
idHash := v.idHash(account.(*vmess.InternalAccount).AnyValidID().Bytes())
idHash.Write(timestamp.Bytes(nil))
writer.Write(idHash.Sum(nil))
buffer := make([]byte, 0, 512)
buffer = append(buffer, Version)
buffer = append(buffer, v.requestBodyIV...)
buffer = append(buffer, v.requestBodyKey...)
buffer = append(buffer, v.responseHeader, byte(header.Option))
padingLen := dice.Roll(16)
if header.Security.Is(protocol.SecurityType_LEGACY) {
// Disable padding in legacy mode for a smooth transition.
padingLen = 0
}
security := byte(padingLen<<4) | byte(header.Security)
buffer = append(buffer, security, byte(0), byte(header.Command))
buffer = header.Port.Bytes(buffer)
switch header.Address.Family() {
case v2net.AddressFamilyIPv4:
buffer = append(buffer, AddrTypeIPv4)
buffer = append(buffer, header.Address.IP()...)
case v2net.AddressFamilyIPv6:
buffer = append(buffer, AddrTypeIPv6)
buffer = append(buffer, header.Address.IP()...)
case v2net.AddressFamilyDomain:
buffer = append(buffer, AddrTypeDomain, byte(len(header.Address.Domain())))
buffer = append(buffer, header.Address.Domain()...)
}
if padingLen > 0 {
pading := make([]byte, padingLen)
rand.Read(pading)
buffer = append(buffer, pading...)
}
fnv1a := fnv.New32a()
fnv1a.Write(buffer)
buffer = fnv1a.Sum(buffer)
timestampHash := md5.New()
timestampHash.Write(hashTimestamp(timestamp))
iv := timestampHash.Sum(nil)
aesStream := crypto.NewAesEncryptionStream(account.(*vmess.InternalAccount).ID.CmdKey(), iv)
aesStream.XORKeyStream(buffer, buffer)
writer.Write(buffer)
return
}
func wsDial(src v2net.Address, dest v2net.Destination, options internet.DialerOptions) (*wsconn, error) {
networkSettings, err := options.Stream.GetEffectiveNetworkSettings()
if err != nil {
return nil, err
}
wsSettings := networkSettings.(*Config)
commonDial := func(network, addr string) (net.Conn, error) {
return internet.DialToDest(src, dest)
}
dialer := websocket.Dialer{
NetDial: commonDial,
ReadBufferSize: 65536,
WriteBufferSize: 65536,
}
protocol := "ws"
if options.Stream != nil && options.Stream.HasSecuritySettings() {
protocol = "wss"
securitySettings, err := options.Stream.GetEffectiveSecuritySettings()
if err != nil {
log.Error("WebSocket: Failed to create security settings: ", err)
return nil, err
}
tlsConfig, ok := securitySettings.(*v2tls.Config)
if ok {
dialer.TLSClientConfig = tlsConfig.GetTLSConfig()
if dest.Address.Family().IsDomain() {
dialer.TLSClientConfig.ServerName = dest.Address.Domain()
}
}
}
uri := func(dst v2net.Destination, pto string, path string) string {
return fmt.Sprintf("%v://%v/%v", pto, dst.NetAddr(), path)
}(dest, protocol, wsSettings.Path)
conn, resp, err := dialer.Dial(uri, nil)
if err != nil {
if resp != nil {
reason, reasonerr := ioutil.ReadAll(resp.Body)
log.Info(string(reason), reasonerr)
}
return nil, err
}
return func() internet.Connection {
connv2ray := &wsconn{
wsc: conn,
connClosing: false,
config: wsSettings,
}
connv2ray.setup()
return connv2ray
}().(*wsconn), nil
}
func (v *spaceImpl) OnInitialize(f InitializationCallback) {
if v.initialized {
if err := f(); err != nil {
log.Error("Space: error after space initialization: ", err)
}
} else {
v.appInit = append(v.appInit, f)
}
}
func parseChinaIPRule(data []byte) (*Rule, error) {
rawRule := new(JsonRule)
err := json.Unmarshal(data, rawRule)
if err != nil {
log.Error("Router: Invalid router rule: ", err)
return nil, err
}
return NewChinaIPRule(rawRule.OutboundTag), nil
}
func startV2Ray() *core.Point {
if len(configFile) == 0 {
log.Error("Config file is not set.")
return nil
}
var configInput io.Reader
if configFile == "stdin:" {
configInput = os.Stdin
} else {
fixedFile := os.ExpandEnv(configFile)
file, err := os.Open(fixedFile)
if err != nil {
log.Error("Config file not readable: ", err)
return nil
}
defer file.Close()
configInput = file
}
config, err := core.LoadConfig(GetConfigFormat(), configInput)
if err != nil {
log.Error("Failed to read config file (", configFile, "): ", configFile, err)
return nil
}
vPoint, err := core.NewPoint(config)
if err != nil {
log.Error("Failed to create Point server: ", err)
return nil
}
if *test {
fmt.Println("Configuration OK.")
return nil
}
err = vPoint.Start()
if err != nil {
log.Error("Error starting Point server: ", err)
return nil
}
return vPoint
}
func (this *Listener) OnReceive(payload *alloc.Buffer, session *proxy.SessionInfo) {
defer payload.Release()
src := session.Source
if valid := this.authenticator.Open(payload); !valid {
log.Info("KCP|Listener: discarding invalid payload from ", src)
return
}
if !this.running {
return
}
this.Lock()
defer this.Unlock()
if !this.running {
return
}
if payload.Len() < 4 {
return
}
conv := serial.BytesToUint16(payload.Value)
cmd := Command(payload.Value[2])
sourceId := src.NetAddr() + "|" + serial.Uint16ToString(conv)
conn, found := this.sessions[sourceId]
if !found {
if cmd == CommandTerminate {
return
}
log.Debug("KCP|Listener: Creating session with id(", sourceId, ") from ", src)
writer := &Writer{
id: sourceId,
hub: this.hub,
dest: src,
listener: this,
}
srcAddr := &net.UDPAddr{
IP: src.Address.IP(),
Port: int(src.Port),
}
auth, err := this.config.GetAuthenticator()
if err != nil {
log.Error("KCP|Listener: Failed to create authenticator: ", err)
}
conn = NewConnection(conv, writer, this.Addr().(*net.UDPAddr), srcAddr, auth, this.config)
select {
case this.awaitingConns <- conn:
case <-time.After(time.Second * 5):
conn.Close()
return
}
this.sessions[sourceId] = conn
}
conn.Input(payload.Value)
}
func (this *DokodemoDoor) ListenTCP() error {
tcpListener, err := internet.ListenTCP(this.meta.Address, this.meta.Port, this.HandleTCPConnection, this.meta.StreamSettings)
if err != nil {
log.Error("Dokodemo: Failed to listen on ", this.meta.Address, ":", this.meta.Port, ": ", err)
return err
}
this.tcpMutex.Lock()
this.tcpListener = tcpListener
this.tcpMutex.Unlock()
return nil
}
func DialKCP(src v2net.Address, dest v2net.Destination) (internet.Connection, error) {
udpDest := v2net.UDPDestination(dest.Address(), dest.Port())
log.Info("KCP|Dialer: Dialing KCP to ", udpDest)
conn, err := internet.DialToDest(src, udpDest)
if err != nil {
log.Error("KCP|Dialer: Failed to dial to dest: ", err)
return nil, err
}
cpip, err := effectiveConfig.GetAuthenticator()
if err != nil {
log.Error("KCP|Dialer: Failed to create authenticator: ", err)
return nil, err
}
conv := uint16(atomic.AddUint32(&globalConv, 1))
session := NewConnection(conv, conn, conn.LocalAddr().(*net.UDPAddr), conn.RemoteAddr().(*net.UDPAddr), cpip)
session.FetchInputFrom(conn)
return session, nil
}