func (this *FreedomConnection) Dispatch(destination v2net.Destination, payload *alloc.Buffer, ray ray.OutboundRay) error {
log.Info("Freedom: Opening connection to ", destination)
defer payload.Release()
defer ray.OutboundInput().Release()
defer ray.OutboundOutput().Close()
var conn internet.Connection
if this.domainStrategy == Config_USE_IP && destination.Address.Family().IsDomain() {
destination = this.ResolveIP(destination)
}
err := retry.ExponentialBackoff(5, 100).On(func() error {
rawConn, err := internet.Dial(this.meta.Address, destination, this.meta.GetDialerOptions())
if err != nil {
return err
}
conn = rawConn
return nil
})
if err != nil {
log.Warning("Freedom: Failed to open connection to ", destination, ": ", err)
return err
}
defer conn.Close()
input := ray.OutboundInput()
output := ray.OutboundOutput()
if !payload.IsEmpty() {
conn.Write(payload.Value)
}
go func() {
v2writer := v2io.NewAdaptiveWriter(conn)
defer v2writer.Release()
v2io.Pipe(input, v2writer)
if tcpConn, ok := conn.(*tcp.RawConnection); ok {
tcpConn.CloseWrite()
}
}()
var reader io.Reader = conn
timeout := this.timeout
if destination.Network == v2net.Network_UDP {
timeout = 16
}
if timeout > 0 {
reader = v2net.NewTimeOutReader(timeout /* seconds */, conn)
}
v2reader := v2io.NewAdaptiveReader(reader)
v2io.Pipe(v2reader, output)
v2reader.Release()
ray.OutboundOutput().Close()
return nil
}
func (v *Server) handlerUDPPayload(ctx context.Context, conn internet.Connection) error {
source := proxy.SourceFromContext(ctx)
reader := buf.NewReader(conn)
for {
payload, err := reader.Read()
if err != nil {
break
}
request, data, err := DecodeUDPPacket(v.user, payload)
if err != nil {
log.Info("Shadowsocks|Server: Skipping invalid UDP packet from: ", source, ": ", err)
log.Access(source, "", log.AccessRejected, err)
payload.Release()
continue
}
if request.Option.Has(RequestOptionOneTimeAuth) && v.account.OneTimeAuth == Account_Disabled {
log.Info("Shadowsocks|Server: Client payload enables OTA but server doesn't allow it.")
payload.Release()
continue
}
if !request.Option.Has(RequestOptionOneTimeAuth) && v.account.OneTimeAuth == Account_Enabled {
log.Info("Shadowsocks|Server: Client payload disables OTA but server forces it.")
payload.Release()
continue
}
dest := request.Destination()
log.Access(source, dest, log.AccessAccepted, "")
log.Info("Shadowsocks|Server: Tunnelling request to ", dest)
ctx = protocol.ContextWithUser(ctx, request.User)
v.udpServer.Dispatch(ctx, dest, data, func(payload *buf.Buffer) {
defer payload.Release()
data, err := EncodeUDPPacket(request, payload)
if err != nil {
log.Warning("Shadowsocks|Server: Failed to encode UDP packet: ", err)
return
}
defer data.Release()
conn.Write(data.Bytes())
})
}
return nil
}
func (v *Server) handleUDPPayload(ctx context.Context, conn internet.Connection) error {
source := proxy.SourceFromContext(ctx)
log.Info("Socks|Server: Client UDP connection from ", source)
reader := buf.NewReader(conn)
for {
payload, err := reader.Read()
if err != nil {
return err
}
request, data, err := DecodeUDPPacket(payload.Bytes())
if err != nil {
log.Info("Socks|Server: Failed to parse UDP request: ", err)
continue
}
if len(data) == 0 {
continue
}
log.Info("Socks: Send packet to ", request.Destination(), " with ", len(data), " bytes")
log.Access(source, request.Destination, log.AccessAccepted, "")
dataBuf := buf.NewSmall()
dataBuf.Append(data)
v.udpServer.Dispatch(ctx, request.Destination(), dataBuf, func(payload *buf.Buffer) {
defer payload.Release()
log.Info("Socks|Server: Writing back UDP response with ", payload.Len(), " bytes")
udpMessage := EncodeUDPPacket(request, payload.Bytes())
defer udpMessage.Release()
conn.Write(udpMessage.Bytes())
})
}
}
func (this *Server) handleConnection(conn internet.Connection) {
defer conn.Close()
buffer := alloc.NewSmallBuffer()
defer buffer.Release()
timedReader := v2net.NewTimeOutReader(16, conn)
defer timedReader.Release()
bufferedReader := v2io.NewBufferedReader(timedReader)
defer bufferedReader.Release()
ivLen := this.config.Cipher.IVSize()
_, err := io.ReadFull(bufferedReader, buffer.Value[:ivLen])
if err != nil {
if err != io.EOF {
log.Access(conn.RemoteAddr(), "", log.AccessRejected, err)
log.Warning("Shadowsocks: Failed to read IV: ", err)
}
return
}
iv := buffer.Value[:ivLen]
key := this.config.Key
stream, err := this.config.Cipher.NewDecodingStream(key, iv)
if err != nil {
log.Error("Shadowsocks: Failed to create decoding stream: ", err)
return
}
reader := crypto.NewCryptionReader(stream, bufferedReader)
request, err := ReadRequest(reader, NewAuthenticator(HeaderKeyGenerator(key, iv)), false)
if err != nil {
log.Access(conn.RemoteAddr(), "", log.AccessRejected, err)
log.Warning("Shadowsocks: Invalid request from ", conn.RemoteAddr(), ": ", err)
return
}
defer request.Release()
bufferedReader.SetCached(false)
userSettings := protocol.GetUserSettings(this.config.Level)
timedReader.SetTimeOut(userSettings.PayloadReadTimeout)
dest := v2net.TCPDestination(request.Address, request.Port)
log.Access(conn.RemoteAddr(), dest, log.AccessAccepted, "")
log.Info("Shadowsocks: Tunnelling request to ", dest)
ray := this.packetDispatcher.DispatchToOutbound(this.meta, &proxy.SessionInfo{
Source: v2net.DestinationFromAddr(conn.RemoteAddr()),
Destination: dest,
})
defer ray.InboundOutput().Release()
var writeFinish sync.Mutex
writeFinish.Lock()
go func() {
if payload, err := ray.InboundOutput().Read(); err == nil {
payload.SliceBack(ivLen)
rand.Read(payload.Value[:ivLen])
stream, err := this.config.Cipher.NewEncodingStream(key, payload.Value[:ivLen])
if err != nil {
log.Error("Shadowsocks: Failed to create encoding stream: ", err)
return
}
stream.XORKeyStream(payload.Value[ivLen:], payload.Value[ivLen:])
conn.Write(payload.Value)
payload.Release()
writer := crypto.NewCryptionWriter(stream, conn)
v2writer := v2io.NewAdaptiveWriter(writer)
v2io.Pipe(ray.InboundOutput(), v2writer)
writer.Release()
v2writer.Release()
}
writeFinish.Unlock()
}()
var payloadReader v2io.Reader
if request.OTA {
payloadAuth := NewAuthenticator(ChunkKeyGenerator(iv))
payloadReader = NewChunkReader(reader, payloadAuth)
} else {
payloadReader = v2io.NewAdaptiveReader(reader)
}
v2io.Pipe(payloadReader, ray.InboundInput())
ray.InboundInput().Close()
payloadReader.Release()
writeFinish.Lock()
}