Exemplo n.º 1
0
func (selector *serverSelector) OnSelected(method uint8, conn net.Conn) (net.Conn, error) {
	glog.V(LDEBUG).Infof("%d %d", gosocks5.Ver5, method)

	switch method {
	case MethodTLS:
		conn = tls.Server(conn, &tls.Config{Certificates: []tls.Certificate{selector.arg.Cert}})

	case gosocks5.MethodUserPass, MethodTLSAuth:
		if method == MethodTLSAuth {
			conn = tls.Server(conn, &tls.Config{Certificates: []tls.Certificate{selector.arg.Cert}})
		}

		req, err := gosocks5.ReadUserPassRequest(conn)
		if err != nil {
			glog.V(LWARNING).Infoln("socks5 auth:", err)
			return nil, err
		}
		glog.V(LDEBUG).Infoln(req.String())

		var username, password string
		if selector.arg.User != nil {
			username = selector.arg.User.Username()
			password, _ = selector.arg.User.Password()
		}

		if (username != "" && req.Username != username) || (password != "" && req.Password != password) {
			resp := gosocks5.NewUserPassResponse(gosocks5.UserPassVer, gosocks5.Failure)
			if err := resp.Write(conn); err != nil {
				glog.V(LWARNING).Infoln("socks5 auth:", err)
				return nil, err
			}
			glog.V(LDEBUG).Infoln(resp)
			glog.V(LWARNING).Infoln("socks5: proxy authentication required")

			return nil, gosocks5.ErrAuthFailure
		}

		resp := gosocks5.NewUserPassResponse(gosocks5.UserPassVer, gosocks5.Succeeded)
		if err := resp.Write(conn); err != nil {
			glog.V(LWARNING).Infoln("socks5 auth:", err)
			return nil, err
		}
		glog.V(LDEBUG).Infoln(resp)

	case gosocks5.MethodNoAcceptable:
		return nil, gosocks5.ErrBadMethod
	}

	return conn, nil
}
Exemplo n.º 2
0
func svrTLSAuth(conn net.Conn) error {
	req, err := gosocks5.ReadUserPassRequest(conn)
	if err != nil {
		return err
	}

	if len(Password) > 0 && req.Password != Password {
		if err := gosocks5.NewUserPassResponse(
			gosocks5.UserPassVer, gosocks5.Failure).Write(conn); err != nil {
			return err
		}
		return gosocks5.ErrAuthFailure
	}

	if err := gosocks5.NewUserPassResponse(
		gosocks5.UserPassVer, gosocks5.Succeeded).Write(conn); err != nil {
		return err
	}

	return nil
}
Exemplo n.º 3
0
func serverSocksAuth(conn net.Conn, username, password string) error {
	req, err := gosocks5.ReadUserPassRequest(conn)
	if err != nil {
		return err
	}

	if (len(username) > 0 && req.Username != username) ||
		(len(password) > 0 && req.Password != password) {
		if err := gosocks5.NewUserPassResponse(
			gosocks5.UserPassVer, gosocks5.Failure).Write(conn); err != nil {
			return err
		}
		return gosocks5.ErrAuthFailure
	}

	if err := gosocks5.NewUserPassResponse(
		gosocks5.UserPassVer, gosocks5.Succeeded).Write(conn); err != nil {
		return err
	}

	return nil
}