Clash.Meta/adapters/outbound/socks5.go

138 lines
2.9 KiB
Go
Raw Normal View History

2018-08-12 13:50:54 +08:00
package adapters
import (
"bytes"
"crypto/tls"
2018-08-12 13:50:54 +08:00
"errors"
"fmt"
"io"
"net"
2018-11-04 21:12:16 +08:00
"strconv"
2018-08-12 13:50:54 +08:00
C "github.com/Dreamacro/clash/constant"
"github.com/Dreamacro/go-shadowsocks2/socks"
2018-08-12 13:50:54 +08:00
)
type Socks5 struct {
2018-12-22 23:56:42 +08:00
*Base
addr string
user string
pass string
tls bool
skipCertVerify bool
tlsConfig *tls.Config
2018-08-12 13:50:54 +08:00
}
type Socks5Option struct {
Name string `proxy:"name"`
Server string `proxy:"server"`
Port int `proxy:"port"`
UserName string `proxy:"username,omitempty"`
Password string `proxy:"password,omitempty"`
TLS bool `proxy:"tls,omitempty"`
SkipCertVerify bool `proxy:"skip-cert-verify,omitempty"`
}
2019-03-03 11:59:07 +08:00
func (ss *Socks5) Dial(metadata *C.Metadata) (net.Conn, error) {
2018-10-22 21:14:22 +08:00
c, err := net.DialTimeout("tcp", ss.addr, tcpTimeout)
if err == nil && ss.tls {
cc := tls.Client(c, ss.tlsConfig)
err = cc.Handshake()
c = cc
}
2018-08-12 13:50:54 +08:00
if err != nil {
return nil, fmt.Errorf("%s connect error", ss.addr)
}
tcpKeepAlive(c)
2018-09-30 12:25:52 +08:00
if err := ss.shakeHand(metadata, c); err != nil {
2018-08-12 13:50:54 +08:00
return nil, err
}
2018-12-22 23:56:42 +08:00
return c, nil
2018-11-21 13:47:46 +08:00
}
2018-09-30 12:25:52 +08:00
func (ss *Socks5) shakeHand(metadata *C.Metadata, rw io.ReadWriter) error {
2018-08-12 13:50:54 +08:00
buf := make([]byte, socks.MaxAddrLen)
var err error
2018-08-12 13:50:54 +08:00
// VER, NMETHODS, METHODS
if len(ss.user) > 0 {
_, err = rw.Write([]byte{5, 1, 2})
} else {
_, err = rw.Write([]byte{5, 1, 0})
}
2018-08-12 13:50:54 +08:00
if err != nil {
return err
}
// VER, METHOD
2018-08-12 13:50:54 +08:00
if _, err := io.ReadFull(rw, buf[:2]); err != nil {
return err
}
if buf[0] != 5 {
return errors.New("SOCKS version error")
}
if buf[1] == 2 {
// password protocol version
authMsg := &bytes.Buffer{}
authMsg.WriteByte(1)
authMsg.WriteByte(uint8(len(ss.user)))
authMsg.WriteString(ss.user)
authMsg.WriteByte(uint8(len(ss.pass)))
authMsg.WriteString(ss.pass)
if _, err := rw.Write(authMsg.Bytes()); err != nil {
return err
}
if _, err := io.ReadFull(rw, buf[:2]); err != nil {
return err
}
if buf[1] != 0 {
return errors.New("rejected username/password")
}
2018-08-12 13:50:54 +08:00
} else if buf[1] != 0 {
return errors.New("SOCKS need auth")
}
// VER, CMD, RSV, ADDR
2018-09-30 12:25:52 +08:00
if _, err := rw.Write(bytes.Join([][]byte{{5, 1, 0}, serializesSocksAddr(metadata)}, []byte(""))); err != nil {
2018-08-12 13:50:54 +08:00
return err
}
if _, err := io.ReadFull(rw, buf[:10]); err != nil {
return err
}
return nil
}
func NewSocks5(option Socks5Option) *Socks5 {
var tlsConfig *tls.Config
if option.TLS {
tlsConfig = &tls.Config{
InsecureSkipVerify: option.SkipCertVerify,
ClientSessionCache: getClientSessionCache(),
ServerName: option.Server,
}
}
2018-08-12 13:50:54 +08:00
return &Socks5{
2018-12-22 23:56:42 +08:00
Base: &Base{
name: option.Name,
tp: C.Socks5,
},
2018-11-04 21:12:16 +08:00
addr: net.JoinHostPort(option.Server, strconv.Itoa(option.Port)),
user: option.UserName,
pass: option.Password,
tls: option.TLS,
skipCertVerify: option.SkipCertVerify,
tlsConfig: tlsConfig,
2018-08-12 13:50:54 +08:00
}
}