2018-06-14 01:00:58 +08:00
|
|
|
package http
|
2018-06-10 22:50:03 +08:00
|
|
|
|
|
|
|
import (
|
2018-08-11 22:51:30 +08:00
|
|
|
"bufio"
|
2019-06-27 17:04:25 +08:00
|
|
|
"encoding/base64"
|
2018-06-10 22:50:03 +08:00
|
|
|
"net"
|
|
|
|
"net/http"
|
2019-06-27 17:04:25 +08:00
|
|
|
"strings"
|
|
|
|
"time"
|
2018-06-10 22:50:03 +08:00
|
|
|
|
2019-02-18 20:14:18 +08:00
|
|
|
adapters "github.com/Dreamacro/clash/adapters/inbound"
|
2019-06-27 17:04:25 +08:00
|
|
|
"github.com/Dreamacro/clash/common/cache"
|
|
|
|
"github.com/Dreamacro/clash/component/auth"
|
2018-11-21 13:47:46 +08:00
|
|
|
"github.com/Dreamacro/clash/log"
|
2019-06-27 17:04:25 +08:00
|
|
|
authStore "github.com/Dreamacro/clash/proxy/auth"
|
2018-06-14 01:00:58 +08:00
|
|
|
"github.com/Dreamacro/clash/tunnel"
|
2018-06-10 22:50:03 +08:00
|
|
|
)
|
|
|
|
|
2021-03-24 01:00:21 +08:00
|
|
|
type HTTPListener struct {
|
2018-11-22 11:54:01 +08:00
|
|
|
net.Listener
|
|
|
|
address string
|
|
|
|
closed bool
|
2019-06-27 17:04:25 +08:00
|
|
|
cache *cache.Cache
|
2018-11-22 11:54:01 +08:00
|
|
|
}
|
|
|
|
|
2021-03-24 01:00:21 +08:00
|
|
|
func NewHTTPProxy(addr string) (*HTTPListener, error) {
|
2018-07-15 22:23:20 +08:00
|
|
|
l, err := net.Listen("tcp", addr)
|
|
|
|
if err != nil {
|
2018-11-22 11:54:01 +08:00
|
|
|
return nil, err
|
2018-07-15 22:23:20 +08:00
|
|
|
}
|
2021-03-24 01:00:21 +08:00
|
|
|
hl := &HTTPListener{l, addr, false, cache.New(30 * time.Second)}
|
2018-07-15 22:23:20 +08:00
|
|
|
|
|
|
|
go func() {
|
2018-11-21 13:47:46 +08:00
|
|
|
log.Infoln("HTTP proxy listening at: %s", addr)
|
2019-06-27 17:04:25 +08:00
|
|
|
|
2018-08-11 22:51:30 +08:00
|
|
|
for {
|
2018-11-22 11:54:01 +08:00
|
|
|
c, err := hl.Accept()
|
2018-08-11 22:51:30 +08:00
|
|
|
if err != nil {
|
2018-11-22 11:54:01 +08:00
|
|
|
if hl.closed {
|
2018-08-11 22:51:30 +08:00
|
|
|
break
|
|
|
|
}
|
|
|
|
continue
|
|
|
|
}
|
2020-05-12 11:29:53 +08:00
|
|
|
go HandleConn(c, hl.cache)
|
2018-08-11 22:51:30 +08:00
|
|
|
}
|
2018-07-15 22:23:20 +08:00
|
|
|
}()
|
|
|
|
|
2018-11-22 11:54:01 +08:00
|
|
|
return hl, nil
|
|
|
|
}
|
|
|
|
|
2021-03-24 01:00:21 +08:00
|
|
|
func (l *HTTPListener) Close() {
|
2018-11-22 11:54:01 +08:00
|
|
|
l.closed = true
|
|
|
|
l.Listener.Close()
|
|
|
|
}
|
2018-07-15 22:23:20 +08:00
|
|
|
|
2021-03-24 01:00:21 +08:00
|
|
|
func (l *HTTPListener) Address() string {
|
2018-11-22 11:54:01 +08:00
|
|
|
return l.address
|
2018-06-10 22:50:03 +08:00
|
|
|
}
|
|
|
|
|
2019-06-27 17:04:25 +08:00
|
|
|
func canActivate(loginStr string, authenticator auth.Authenticator, cache *cache.Cache) (ret bool) {
|
|
|
|
if result := cache.Get(loginStr); result != nil {
|
|
|
|
ret = result.(bool)
|
2020-08-25 22:19:59 +08:00
|
|
|
return
|
2019-06-27 17:04:25 +08:00
|
|
|
}
|
|
|
|
loginData, err := base64.StdEncoding.DecodeString(loginStr)
|
|
|
|
login := strings.Split(string(loginData), ":")
|
|
|
|
ret = err == nil && len(login) == 2 && authenticator.Verify(login[0], login[1])
|
|
|
|
|
|
|
|
cache.Put(loginStr, ret, time.Minute)
|
|
|
|
return
|
|
|
|
}
|
|
|
|
|
2020-05-12 11:29:53 +08:00
|
|
|
func HandleConn(conn net.Conn, cache *cache.Cache) {
|
2018-08-11 22:51:30 +08:00
|
|
|
br := bufio.NewReader(conn)
|
2020-12-24 14:54:48 +08:00
|
|
|
|
|
|
|
keepAlive:
|
2018-08-27 00:06:40 +08:00
|
|
|
request, err := http.ReadRequest(br)
|
2019-02-21 16:16:49 +08:00
|
|
|
if err != nil || request.URL.Host == "" {
|
2018-08-27 00:06:40 +08:00
|
|
|
conn.Close()
|
2018-08-11 22:51:30 +08:00
|
|
|
return
|
2018-06-10 22:50:03 +08:00
|
|
|
}
|
|
|
|
|
2020-12-24 14:54:48 +08:00
|
|
|
keepAlive := strings.TrimSpace(strings.ToLower(request.Header.Get("Proxy-Connection"))) == "keep-alive"
|
2019-06-27 17:04:25 +08:00
|
|
|
authenticator := authStore.Authenticator()
|
|
|
|
if authenticator != nil {
|
|
|
|
if authStrings := strings.Split(request.Header.Get("Proxy-Authorization"), " "); len(authStrings) != 2 {
|
2020-08-25 22:19:59 +08:00
|
|
|
conn.Write([]byte("HTTP/1.1 407 Proxy Authentication Required\r\nProxy-Authenticate: Basic\r\n\r\n"))
|
2020-12-24 14:54:48 +08:00
|
|
|
if keepAlive {
|
|
|
|
goto keepAlive
|
|
|
|
}
|
2019-06-27 17:04:25 +08:00
|
|
|
return
|
|
|
|
} else if !canActivate(authStrings[1], authenticator, cache) {
|
|
|
|
conn.Write([]byte("HTTP/1.1 403 Forbidden\r\n\r\n"))
|
|
|
|
log.Infoln("Auth failed from %s", conn.RemoteAddr().String())
|
2020-12-24 14:54:48 +08:00
|
|
|
if keepAlive {
|
|
|
|
goto keepAlive
|
|
|
|
}
|
2019-06-27 17:04:25 +08:00
|
|
|
conn.Close()
|
|
|
|
return
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2018-08-27 00:06:40 +08:00
|
|
|
if request.Method == http.MethodConnect {
|
2018-08-11 22:51:30 +08:00
|
|
|
_, err := conn.Write([]byte("HTTP/1.1 200 Connection established\r\n\r\n"))
|
|
|
|
if err != nil {
|
2020-12-24 14:54:48 +08:00
|
|
|
conn.Close()
|
2018-08-11 22:51:30 +08:00
|
|
|
return
|
|
|
|
}
|
2020-02-15 21:42:46 +08:00
|
|
|
tunnel.Add(adapters.NewHTTPS(request, conn))
|
2018-08-27 00:06:40 +08:00
|
|
|
return
|
2018-06-10 22:50:03 +08:00
|
|
|
}
|
2018-08-11 22:51:30 +08:00
|
|
|
|
2020-02-15 21:42:46 +08:00
|
|
|
tunnel.Add(adapters.NewHTTP(request, conn))
|
2018-06-10 22:50:03 +08:00
|
|
|
}
|