func (tc *tcpChannel) Open() error { dailTimeout := tc.conf.DialTimeout if 0 == dailTimeout { dailTimeout = 5 } var tlscfg *tls.Config hostport := tc.rurl.Host vpsHost, vpsPort, _ := net.SplitHostPort(hostport) if strings.EqualFold(tc.rurl.Scheme, "tls") { tlscfg = &tls.Config{} tlscfg.ServerName = vpsHost if len(tc.conf.SNIProxy) > 0 && vpsPort == "443" && hosts.InHosts(tc.conf.SNIProxy) { hostport = hosts.GetAddr(tc.conf.SNIProxy, "443") vpsHost, _, _ = net.SplitHostPort(hostport) tc.useSNIProxy = true log.Printf("VPS channel select SNIProxy %s to connect", hostport) } } if net.ParseIP(vpsHost) == nil { iphost, err := proxy.DnsGetDoaminIP(vpsHost) if nil != err { return err } hostport = net.JoinHostPort(iphost, vpsPort) } //log.Printf("######%s %s", vpsHost, tc.hostport) timeout := time.Duration(dailTimeout) * time.Second var c net.Conn var err error if len(tc.conf.Proxy) > 0 { c, err = helper.HTTPProxyDial(tc.conf.Proxy, hostport, timeout) } else { c, err = netx.DialTimeout("tcp", hostport, timeout) } if nil != tlscfg && nil == err { c = tls.Client(c, tlscfg) } if err != nil { if tc.rurl.String() != tc.originAddr { tc.rurl, _ = url.Parse(tc.originAddr) tc.proxyChannel.Addr = tc.rurl.String() } log.Printf("###Failed to connect %s with err:%v", hostport, err) return err } tc.conn = c return nil }
func newDirectChannel(ev event.Event, conf *proxy.ProxyChannelConfig) (*directChannel, error) { host := "" port := "" network := "tcp" needHttpsConnect := false switch ev.(type) { case *event.UDPEvent: network = "udp" host = ev.(*event.UDPEvent).Addr case *event.TCPOpenEvent: host = ev.(*event.TCPOpenEvent).Addr needHttpsConnect = true case *event.HTTPRequestEvent: req := ev.(*event.HTTPRequestEvent) host = req.Headers.Get("Host") needHttpsConnect = strings.EqualFold(req.Method, "Connect") default: return nil, fmt.Errorf("Can NOT create direct channel by event:%T", ev) } //log.Printf("Session:%d enter direct with host %s & event:%T", ev.GetId(), host, ev) if len(host) == 0 { return nil, fmt.Errorf("Empty remote addr in event") } if strings.Contains(host, ":") { host, port, _ = net.SplitHostPort(host) } else { if needHttpsConnect { port = "443" } else { port = "80" } } if len(conf.SNIProxy) > 0 && port == "443" && network == "tcp" && hosts.InHosts(conf.SNIProxy) { host = conf.SNIProxy } isIP := net.ParseIP(host) != nil useTLS := false if conf.ForceTLS && port == "80" && hosts.InHosts(host) { useTLS = true } else { useTLS = false } if !isIP { host = hosts.GetHost(host) } //log.Printf("Session:%d get host:%s", ev.GetId(), host) addr := "" if nil == conf.ProxyURL() { if useTLS { addr = host + ":443" } else { if len(port) > 0 { addr = host + ":" + port } else { if needHttpsConnect { addr = host + ":443" } else { addr = host + ":80" } } } } else { addr = conf.ProxyURL().Host } connectHost, connectPort, _ := net.SplitHostPort(addr) if net.ParseIP(connectHost) == nil { iphost, err := proxy.DnsGetDoaminIP(connectHost) if nil != err { return nil, err } addr = net.JoinHostPort(iphost, connectPort) } dailTimeout := conf.DialTimeout if 0 == dailTimeout { dailTimeout = 5 } //log.Printf("Session:%d connect %s:%s for %s %T %v %v %s", ev.GetId(), network, addr, host, ev, needHttpsConnect, conf.ProxyURL(), net.JoinHostPort(host, port)) c, err := netx.DialTimeout(network, addr, time.Duration(dailTimeout)*time.Second) if nil != conf.ProxyURL() && nil == err { if strings.HasPrefix(conf.ProxyURL().Scheme, "socks") { err = helper.Socks5ProxyConnect(conf.ProxyURL(), c, net.JoinHostPort(host, port)) } else { if needHttpsConnect { err = helper.HTTPProxyConnect(conf.ProxyURL(), c, "https://"+net.JoinHostPort(host, port)) } } } if nil != err { log.Printf("Failed to connect %s for %s with error:%v", addr, host, err) return nil, err } d := &directChannel{ev.GetId(), c, needHttpsConnect, network == "udp", conf, addr} //d := &directChannel{ev.GetId(), c, fromHttpsConnect, network == "udp", toReplaceSNI, false, nil} if useTLS { tlcfg := &tls.Config{} tlcfg.InsecureSkipVerify = true sniLen := len(conf.SNI) if sniLen > 0 { tlcfg.ServerName = conf.SNI[rand.Intn(sniLen)] } tlsconn := tls.Client(c, tlcfg) err = tlsconn.Handshake() if nil != err { log.Printf("Failed to handshake with %s", addr) } d.conn = tlsconn } go d.read() return d, nil }