Home Verkennen Help
Inloggen
joker
/
frp
spiegel van https://github.com/fatedier/frp/
1
0
Vork 0
Bestanden Issues 0 Wiki
Boom: 7dd28a14aa
Aftakkingen Labels
frp
/
vendor
/
github.com
/
armon
/
go-socks5
/
socks5.go

socks5.go 4.2 KB
Geschiedenis Ruwe

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169 
  1. package socks5
    2. 

  2. 

  3. import (
    4. 

  4. 	"bufio"
    5. 

  5. 	"fmt"
    6. 

  6. 	"log"
    7. 

  7. 	"net"
    8. 

  8. 	"os"
    9. 

  9. 

  10. 	"golang.org/x/net/context"
    11. 

  11. )
    12. 

  12. 

  13. const (
    14. 

  14. 	socks5Version = uint8(5)
    15. 

  15. )
    16. 

  16. 

  17. // Config is used to setup and configure a Server
    18. 

  18. type Config struct {
    19. 

  19. 	// AuthMethods can be provided to implement custom authentication
    20. 

  20. 	// By default, "auth-less" mode is enabled.
    21. 

  21. 	// For password-based auth use UserPassAuthenticator.
    22. 

  22. 	AuthMethods []Authenticator
    23. 

  23. 

  24. 	// If provided, username/password authentication is enabled,
    25. 

  25. 	// by appending a UserPassAuthenticator to AuthMethods. If not provided,
    26. 

  26. 	// and AUthMethods is nil, then "auth-less" mode is enabled.
    27. 

  27. 	Credentials CredentialStore
    28. 

  28. 

  29. 	// Resolver can be provided to do custom name resolution.
    30. 

  30. 	// Defaults to DNSResolver if not provided.
    31. 

  31. 	Resolver NameResolver
    32. 

  32. 

  33. 	// Rules is provided to enable custom logic around permitting
    34. 

  34. 	// various commands. If not provided, PermitAll is used.
    35. 

  35. 	Rules RuleSet
    36. 

  36. 

  37. 	// Rewriter can be used to transparently rewrite addresses.
    38. 

  38. 	// This is invoked before the RuleSet is invoked.
    39. 

  39. 	// Defaults to NoRewrite.
    40. 

  40. 	Rewriter AddressRewriter
    41. 

  41. 

  42. 	// BindIP is used for bind or udp associate
    43. 

  43. 	BindIP net.IP
    44. 

  44. 

  45. 	// Logger can be used to provide a custom log target.
    46. 

  46. 	// Defaults to stdout.
    47. 

  47. 	Logger *log.Logger
    48. 

  48. 

  49. 	// Optional function for dialing out
    50. 

  50. 	Dial func(ctx context.Context, network, addr string) (net.Conn, error)
    51. 

  51. }
    52. 

  52. 

  53. // Server is reponsible for accepting connections and handling
    54. 

  54. // the details of the SOCKS5 protocol
    55. 

  55. type Server struct {
    56. 

  56. 	config      *Config
    57. 

  57. 	authMethods map[uint8]Authenticator
    58. 

  58. }
    59. 

  59. 

  60. // New creates a new Server and potentially returns an error
    61. 

  61. func New(conf *Config) (*Server, error) {
    62. 

  62. 	// Ensure we have at least one authentication method enabled
    63. 

  63. 	if len(conf.AuthMethods) == 0 {
    64. 

  64. 		if conf.Credentials != nil {
    65. 

  65. 			conf.AuthMethods = []Authenticator{&UserPassAuthenticator{conf.Credentials}}
    66. 

  66. 		} else {
    67. 

  67. 			conf.AuthMethods = []Authenticator{&NoAuthAuthenticator{}}
    68. 

  68. 		}
    69. 

  69. 	}
    70. 

  70. 

  71. 	// Ensure we have a DNS resolver
    72. 

  72. 	if conf.Resolver == nil {
    73. 

  73. 		conf.Resolver = DNSResolver{}
    74. 

  74. 	}
    75. 

  75. 

  76. 	// Ensure we have a rule set
    77. 

  77. 	if conf.Rules == nil {
    78. 

  78. 		conf.Rules = PermitAll()
    79. 

  79. 	}
    80. 

  80. 

  81. 	// Ensure we have a log target
    82. 

  82. 	if conf.Logger == nil {
    83. 

  83. 		conf.Logger = log.New(os.Stdout, "", log.LstdFlags)
    84. 

  84. 	}
    85. 

  85. 

  86. 	server := &Server{
    87. 

  87. 		config: conf,
    88. 

  88. 	}
    89. 

  89. 

  90. 	server.authMethods = make(map[uint8]Authenticator)
    91. 

  91. 

  92. 	for _, a := range conf.AuthMethods {
    93. 

  93. 		server.authMethods[a.GetCode()] = a
    94. 

  94. 	}
    95. 

  95. 

  96. 	return server, nil
    97. 

  97. }
    98. 

  98. 

  99. // ListenAndServe is used to create a listener and serve on it
    100. 

  100. func (s *Server) ListenAndServe(network, addr string) error {
    101. 

  101. 	l, err := net.Listen(network, addr)
    102. 

  102. 	if err != nil {
    103. 

  103. 		return err
    104. 

  104. 	}
    105. 

  105. 	return s.Serve(l)
    106. 

  106. }
    107. 

  107. 

  108. // Serve is used to serve connections from a listener
    109. 

  109. func (s *Server) Serve(l net.Listener) error {
    110. 

  110. 	for {
    111. 

  111. 		conn, err := l.Accept()
    112. 

  112. 		if err != nil {
    113. 

  113. 			return err
    114. 

  114. 		}
    115. 

  115. 		go s.ServeConn(conn)
    116. 

  116. 	}
    117. 

  117. 	return nil
    118. 

  118. }
    119. 

  119. 

  120. // ServeConn is used to serve a single connection.
    121. 

  121. func (s *Server) ServeConn(conn net.Conn) error {
    122. 

  122. 	defer conn.Close()
    123. 

  123. 	bufConn := bufio.NewReader(conn)
    124. 

  124. 

  125. 	// Read the version byte
    126. 

  126. 	version := []byte{0}
    127. 

  127. 	if _, err := bufConn.Read(version); err != nil {
    128. 

  128. 		s.config.Logger.Printf("[ERR] socks: Failed to get version byte: %v", err)
    129. 

  129. 		return err
    130. 

  130. 	}
    131. 

  131. 

  132. 	// Ensure we are compatible
    133. 

  133. 	if version[0] != socks5Version {
    134. 

  134. 		err := fmt.Errorf("Unsupported SOCKS version: %v", version)
    135. 

  135. 		s.config.Logger.Printf("[ERR] socks: %v", err)
    136. 

  136. 		return err
    137. 

  137. 	}
    138. 

  138. 

  139. 	// Authenticate the connection
    140. 

  140. 	authContext, err := s.authenticate(conn, bufConn)
    141. 

  141. 	if err != nil {
    142. 

  142. 		err = fmt.Errorf("Failed to authenticate: %v", err)
    143. 

  143. 		s.config.Logger.Printf("[ERR] socks: %v", err)
    144. 

  144. 		return err
    145. 

  145. 	}
    146. 

  146. 

  147. 	request, err := NewRequest(bufConn)
    148. 

  148. 	if err != nil {
    149. 

  149. 		if err == unrecognizedAddrType {
    150. 

  150. 			if err := sendReply(conn, addrTypeNotSupported, nil); err != nil {
    151. 

  151. 				return fmt.Errorf("Failed to send reply: %v", err)
    152. 

  152. 			}
    153. 

  153. 		}
    154. 

  154. 		return fmt.Errorf("Failed to read destination address: %v", err)
    155. 

  155. 	}
    156. 

  156. 	request.AuthContext = authContext
    157. 

  157. 	if client, ok := conn.RemoteAddr().(*net.TCPAddr); ok {
    158. 

  158. 		request.RemoteAddr = &AddrSpec{IP: client.IP, Port: client.Port}
    159. 

  159. 	}
    160. 

  160. 

  161. 	// Process the client request
    162. 

  162. 	if err := s.handleRequest(request, conn); err != nil {
    163. 

  163. 		err = fmt.Errorf("Failed to handle request: %v", err)
    164. 

  164. 		s.config.Logger.Printf("[ERR] socks: %v", err)
    165. 

  165. 		return err
    166. 

  166. 	}
    167. 

  167. 

  168. 	return nil
    169. 

  169. }
    170.