2019-12-08 12:17:24 +08:00
|
|
|
package outbound
|
2018-08-12 13:50:54 +08:00
|
|
|
|
|
|
|
|
import (
|
2019-10-12 23:55:39 +08:00
|
|
|
"context"
|
2018-10-28 19:46:49 +08:00
|
|
|
"crypto/tls"
|
2020-03-02 23:47:23 +08:00
|
|
|
"errors"
|
2018-08-12 13:50:54 +08:00
|
|
|
"fmt"
|
2019-07-25 17:47:39 +08:00
|
|
|
"io"
|
2018-08-12 13:50:54 +08:00
|
|
|
"net"
|
2023-10-16 09:27:55 +08:00
|
|
|
"net/netip"
|
2018-11-04 21:12:16 +08:00
|
|
|
"strconv"
|
2018-08-12 13:50:54 +08:00
|
|
|
|
2023-11-03 21:01:45 +08:00
|
|
|
N "github.com/metacubex/mihomo/common/net"
|
|
|
|
|
"github.com/metacubex/mihomo/component/ca"
|
|
|
|
|
"github.com/metacubex/mihomo/component/dialer"
|
|
|
|
|
"github.com/metacubex/mihomo/component/proxydialer"
|
|
|
|
|
C "github.com/metacubex/mihomo/constant"
|
|
|
|
|
"github.com/metacubex/mihomo/transport/socks5"
|
2018-08-12 13:50:54 +08:00
|
|
|
)
|
|
|
|
|
|
|
|
|
|
type Socks5 struct {
|
2018-12-22 23:56:42 +08:00
|
|
|
*Base
|
2023-04-10 11:20:28 +08:00
|
|
|
option *Socks5Option
|
2018-11-09 17:36:30 +08:00
|
|
|
user string
|
|
|
|
|
pass string
|
2018-10-29 20:16:43 +08:00
|
|
|
tls bool
|
|
|
|
|
skipCertVerify bool
|
2018-11-01 11:54:45 +08:00
|
|
|
tlsConfig *tls.Config
|
2018-08-12 13:50:54 +08:00
|
|
|
}
|
2022-04-22 18:55:28 +08:00
|
|
|
|
2018-10-02 15:26:36 +08:00
|
|
|
type Socks5Option struct {
|
2021-11-08 16:59:48 +08:00
|
|
|
BasicOption
|
2018-10-29 20:16:43 +08:00
|
|
|
Name string `proxy:"name"`
|
|
|
|
|
Server string `proxy:"server"`
|
|
|
|
|
Port int `proxy:"port"`
|
2018-11-09 17:36:30 +08:00
|
|
|
UserName string `proxy:"username,omitempty"`
|
|
|
|
|
Password string `proxy:"password,omitempty"`
|
2018-10-29 20:16:43 +08:00
|
|
|
TLS bool `proxy:"tls,omitempty"`
|
2019-04-23 23:29:36 +08:00
|
|
|
UDP bool `proxy:"udp,omitempty"`
|
2018-10-29 20:16:43 +08:00
|
|
|
SkipCertVerify bool `proxy:"skip-cert-verify,omitempty"`
|
2022-07-11 13:42:28 +08:00
|
|
|
Fingerprint string `proxy:"fingerprint,omitempty"`
|
2018-10-02 15:26:36 +08:00
|
|
|
}
|
|
|
|
|
|
2023-05-18 13:15:08 +08:00
|
|
|
// StreamConnContext implements C.ProxyAdapter
|
|
|
|
|
func (ss *Socks5) StreamConnContext(ctx context.Context, c net.Conn, metadata *C.Metadata) (net.Conn, error) {
|
2020-03-21 23:46:49 +08:00
|
|
|
if ss.tls {
|
2018-11-01 11:54:45 +08:00
|
|
|
cc := tls.Client(c, ss.tlsConfig)
|
2022-08-13 12:35:39 +08:00
|
|
|
err := cc.HandshakeContext(ctx)
|
2018-11-01 11:54:45 +08:00
|
|
|
c = cc
|
2020-03-21 23:46:49 +08:00
|
|
|
if err != nil {
|
|
|
|
|
return nil, fmt.Errorf("%s connect error: %w", ss.addr, err)
|
|
|
|
|
}
|
2018-10-28 19:46:49 +08:00
|
|
|
}
|
|
|
|
|
|
2019-04-25 13:48:47 +08:00
|
|
|
var user *socks5.User
|
|
|
|
|
if ss.user != "" {
|
|
|
|
|
user = &socks5.User{
|
|
|
|
|
Username: ss.user,
|
|
|
|
|
Password: ss.pass,
|
|
|
|
|
}
|
|
|
|
|
}
|
2019-07-25 17:47:39 +08:00
|
|
|
if _, err := socks5.ClientHandshake(c, serializesSocksAddr(metadata), socks5.CmdConnect, user); err != nil {
|
2018-08-12 13:50:54 +08:00
|
|
|
return nil, err
|
|
|
|
|
}
|
2020-03-21 23:46:49 +08:00
|
|
|
return c, nil
|
|
|
|
|
}
|
|
|
|
|
|
2021-04-29 11:23:14 +08:00
|
|
|
// DialContext implements C.ProxyAdapter
|
2021-11-07 16:48:51 +08:00
|
|
|
func (ss *Socks5) DialContext(ctx context.Context, metadata *C.Metadata, opts ...dialer.Option) (_ C.Conn, err error) {
|
2022-12-20 00:11:02 +08:00
|
|
|
return ss.DialContextWithDialer(ctx, dialer.NewDialer(ss.Base.DialOptions(opts...)...), metadata)
|
2022-12-19 21:34:07 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// DialContextWithDialer implements C.ProxyAdapter
|
|
|
|
|
func (ss *Socks5) DialContextWithDialer(ctx context.Context, dialer C.Dialer, metadata *C.Metadata) (_ C.Conn, err error) {
|
2023-04-10 11:20:28 +08:00
|
|
|
if len(ss.option.DialerProxy) > 0 {
|
|
|
|
|
dialer, err = proxydialer.NewByName(ss.option.DialerProxy, dialer)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return nil, err
|
|
|
|
|
}
|
|
|
|
|
}
|
2022-12-19 21:34:07 +08:00
|
|
|
c, err := dialer.DialContext(ctx, "tcp", ss.addr)
|
2020-03-21 23:46:49 +08:00
|
|
|
if err != nil {
|
|
|
|
|
return nil, fmt.Errorf("%s connect error: %w", ss.addr, err)
|
|
|
|
|
}
|
2023-09-02 16:25:55 +08:00
|
|
|
N.TCPKeepAlive(c)
|
2020-03-21 23:46:49 +08:00
|
|
|
|
2022-12-16 22:15:44 +08:00
|
|
|
defer func(c net.Conn) {
|
2022-12-13 13:20:40 +08:00
|
|
|
safeConnClose(c, err)
|
2022-12-16 22:15:44 +08:00
|
|
|
}(c)
|
2021-03-22 23:26:20 +08:00
|
|
|
|
2023-05-18 13:15:08 +08:00
|
|
|
c, err = ss.StreamConnContext(ctx, c, metadata)
|
2020-03-21 23:46:49 +08:00
|
|
|
if err != nil {
|
|
|
|
|
return nil, err
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return NewConn(c, ss), nil
|
2018-11-21 13:47:46 +08:00
|
|
|
}
|
|
|
|
|
|
2022-12-19 21:34:07 +08:00
|
|
|
// SupportWithDialer implements C.ProxyAdapter
|
2023-04-11 12:51:24 +08:00
|
|
|
func (ss *Socks5) SupportWithDialer() C.NetWork {
|
|
|
|
|
return C.TCP
|
2022-12-19 21:34:07 +08:00
|
|
|
}
|
|
|
|
|
|
2021-10-15 21:44:53 +08:00
|
|
|
// ListenPacketContext implements C.ProxyAdapter
|
2021-11-07 16:48:51 +08:00
|
|
|
func (ss *Socks5) ListenPacketContext(ctx context.Context, metadata *C.Metadata, opts ...dialer.Option) (_ C.PacketConn, err error) {
|
2023-04-10 11:20:28 +08:00
|
|
|
var cDialer C.Dialer = dialer.NewDialer(ss.Base.DialOptions(opts...)...)
|
|
|
|
|
if len(ss.option.DialerProxy) > 0 {
|
|
|
|
|
cDialer, err = proxydialer.NewByName(ss.option.DialerProxy, cDialer)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return nil, err
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
c, err := cDialer.DialContext(ctx, "tcp", ss.addr)
|
2019-07-25 17:47:39 +08:00
|
|
|
if err != nil {
|
2019-12-05 17:51:21 +08:00
|
|
|
err = fmt.Errorf("%s connect error: %w", ss.addr, err)
|
2019-07-25 17:47:39 +08:00
|
|
|
return
|
|
|
|
|
}
|
2018-08-12 13:50:54 +08:00
|
|
|
|
2019-07-25 17:47:39 +08:00
|
|
|
if ss.tls {
|
2019-04-25 13:48:47 +08:00
|
|
|
cc := tls.Client(c, ss.tlsConfig)
|
2022-08-13 12:35:39 +08:00
|
|
|
ctx, cancel := context.WithTimeout(context.Background(), C.DefaultTLSTimeout)
|
|
|
|
|
defer cancel()
|
|
|
|
|
err = cc.HandshakeContext(ctx)
|
2019-04-25 13:48:47 +08:00
|
|
|
c = cc
|
2018-08-12 13:50:54 +08:00
|
|
|
}
|
|
|
|
|
|
2022-12-16 22:15:44 +08:00
|
|
|
defer func(c net.Conn) {
|
2022-12-13 13:20:40 +08:00
|
|
|
safeConnClose(c, err)
|
2022-12-16 22:15:44 +08:00
|
|
|
}(c)
|
2019-07-25 17:47:39 +08:00
|
|
|
|
2023-09-02 16:25:55 +08:00
|
|
|
N.TCPKeepAlive(c)
|
2019-04-25 13:48:47 +08:00
|
|
|
var user *socks5.User
|
|
|
|
|
if ss.user != "" {
|
|
|
|
|
user = &socks5.User{
|
|
|
|
|
Username: ss.user,
|
|
|
|
|
Password: ss.pass,
|
2018-11-09 17:36:30 +08:00
|
|
|
}
|
2018-08-12 13:50:54 +08:00
|
|
|
}
|
|
|
|
|
|
2023-10-16 09:27:55 +08:00
|
|
|
udpAssocateAddr := socks5.AddrFromStdAddrPort(netip.AddrPortFrom(netip.IPv4Unspecified(), 0))
|
|
|
|
|
bindAddr, err := socks5.ClientHandshake(c, udpAssocateAddr, socks5.CmdUDPAssociate, user)
|
2019-07-25 17:47:39 +08:00
|
|
|
if err != nil {
|
2019-12-05 17:51:21 +08:00
|
|
|
err = fmt.Errorf("client hanshake error: %w", err)
|
2019-07-25 17:47:39 +08:00
|
|
|
return
|
2018-08-12 13:50:54 +08:00
|
|
|
}
|
2019-07-25 17:47:39 +08:00
|
|
|
|
2020-12-31 18:58:03 +08:00
|
|
|
// Support unspecified UDP bind address.
|
|
|
|
|
bindUDPAddr := bindAddr.UDPAddr()
|
|
|
|
|
if bindUDPAddr == nil {
|
|
|
|
|
err = errors.New("invalid UDP bind address")
|
|
|
|
|
return
|
|
|
|
|
} else if bindUDPAddr.IP.IsUnspecified() {
|
2022-11-12 13:18:36 +08:00
|
|
|
serverAddr, err := resolveUDPAddr(ctx, "udp", ss.Addr())
|
2020-12-31 18:58:03 +08:00
|
|
|
if err != nil {
|
|
|
|
|
return nil, err
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
bindUDPAddr.IP = serverAddr.IP
|
|
|
|
|
}
|
|
|
|
|
|
2023-09-22 23:33:24 +08:00
|
|
|
pc, err := cDialer.ListenPacket(ctx, "udp", "", bindUDPAddr.AddrPort())
|
2022-12-13 11:18:32 +08:00
|
|
|
if err != nil {
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
go func() {
|
|
|
|
|
io.Copy(io.Discard, c)
|
|
|
|
|
c.Close()
|
|
|
|
|
// A UDP association terminates when the TCP connection that the UDP
|
|
|
|
|
// ASSOCIATE request arrived on terminates. RFC1928
|
|
|
|
|
pc.Close()
|
|
|
|
|
}()
|
|
|
|
|
|
2020-12-31 18:58:03 +08:00
|
|
|
return newPacketConn(&socksPacketConn{PacketConn: pc, rAddr: bindUDPAddr, tcpConn: c}, ss), nil
|
2018-08-12 13:50:54 +08:00
|
|
|
}
|
|
|
|
|
|
2022-07-11 13:42:28 +08:00
|
|
|
func NewSocks5(option Socks5Option) (*Socks5, error) {
|
2018-11-01 11:54:45 +08:00
|
|
|
var tlsConfig *tls.Config
|
|
|
|
|
if option.TLS {
|
|
|
|
|
tlsConfig = &tls.Config{
|
|
|
|
|
InsecureSkipVerify: option.SkipCertVerify,
|
|
|
|
|
ServerName: option.Server,
|
|
|
|
|
}
|
2022-07-11 13:42:28 +08:00
|
|
|
|
2023-09-22 14:45:34 +08:00
|
|
|
var err error
|
|
|
|
|
tlsConfig, err = ca.GetSpecifiedFingerprintTLSConfig(tlsConfig, option.Fingerprint)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return nil, err
|
2022-07-11 13:42:28 +08:00
|
|
|
}
|
2018-11-01 11:54:45 +08:00
|
|
|
}
|
|
|
|
|
|
2018-08-12 13:50:54 +08:00
|
|
|
return &Socks5{
|
2018-12-22 23:56:42 +08:00
|
|
|
Base: &Base{
|
2022-08-28 13:41:19 +08:00
|
|
|
name: option.Name,
|
|
|
|
|
addr: net.JoinHostPort(option.Server, strconv.Itoa(option.Port)),
|
|
|
|
|
tp: C.Socks5,
|
|
|
|
|
udp: option.UDP,
|
2023-02-24 13:53:44 +08:00
|
|
|
tfo: option.TFO,
|
2023-08-09 16:57:39 +08:00
|
|
|
mpTcp: option.MPTCP,
|
2022-08-28 13:41:19 +08:00
|
|
|
iface: option.Interface,
|
|
|
|
|
rmark: option.RoutingMark,
|
|
|
|
|
prefer: C.NewDNSPrefer(option.IPVersion),
|
2018-12-22 23:56:42 +08:00
|
|
|
},
|
2023-04-10 11:20:28 +08:00
|
|
|
option: &option,
|
2018-11-09 17:36:30 +08:00
|
|
|
user: option.UserName,
|
|
|
|
|
pass: option.Password,
|
2018-10-29 20:16:43 +08:00
|
|
|
tls: option.TLS,
|
|
|
|
|
skipCertVerify: option.SkipCertVerify,
|
2022-07-11 13:42:28 +08:00
|
|
|
tlsConfig: tlsConfig,
|
|
|
|
|
}, nil
|
2018-08-12 13:50:54 +08:00
|
|
|
}
|
2019-07-25 17:47:39 +08:00
|
|
|
|
2020-02-17 17:34:19 +08:00
|
|
|
type socksPacketConn struct {
|
2019-07-25 17:47:39 +08:00
|
|
|
net.PacketConn
|
2020-01-31 14:43:54 +08:00
|
|
|
rAddr net.Addr
|
2019-08-12 14:01:32 +08:00
|
|
|
tcpConn net.Conn
|
2019-07-25 17:47:39 +08:00
|
|
|
}
|
|
|
|
|
|
2020-02-17 17:34:19 +08:00
|
|
|
func (uc *socksPacketConn) WriteTo(b []byte, addr net.Addr) (n int, err error) {
|
2020-01-31 14:43:54 +08:00
|
|
|
packet, err := socks5.EncodeUDPPacket(socks5.ParseAddrToSocksAddr(addr), b)
|
2019-07-25 17:47:39 +08:00
|
|
|
if err != nil {
|
|
|
|
|
return
|
|
|
|
|
}
|
2020-01-31 14:43:54 +08:00
|
|
|
return uc.PacketConn.WriteTo(packet, uc.rAddr)
|
2019-07-25 17:47:39 +08:00
|
|
|
}
|
|
|
|
|
|
2020-02-17 17:34:19 +08:00
|
|
|
func (uc *socksPacketConn) ReadFrom(b []byte) (int, net.Addr, error) {
|
2020-03-01 01:46:02 +08:00
|
|
|
n, _, e := uc.PacketConn.ReadFrom(b)
|
2019-10-11 20:11:18 +08:00
|
|
|
if e != nil {
|
|
|
|
|
return 0, nil, e
|
|
|
|
|
}
|
2019-07-25 17:47:39 +08:00
|
|
|
addr, payload, err := socks5.DecodeUDPPacket(b)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return 0, nil, err
|
|
|
|
|
}
|
2020-03-02 23:47:23 +08:00
|
|
|
|
|
|
|
|
udpAddr := addr.UDPAddr()
|
|
|
|
|
if udpAddr == nil {
|
|
|
|
|
return 0, nil, errors.New("parse udp addr error")
|
|
|
|
|
}
|
|
|
|
|
|
2019-10-11 20:11:18 +08:00
|
|
|
// due to DecodeUDPPacket is mutable, record addr length
|
2019-07-25 17:47:39 +08:00
|
|
|
copy(b, payload)
|
2020-03-02 23:47:23 +08:00
|
|
|
return n - len(addr) - 3, udpAddr, nil
|
2019-07-25 17:47:39 +08:00
|
|
|
}
|
2019-08-12 14:01:32 +08:00
|
|
|
|
2020-02-17 17:34:19 +08:00
|
|
|
func (uc *socksPacketConn) Close() error {
|
2019-08-12 14:01:32 +08:00
|
|
|
uc.tcpConn.Close()
|
|
|
|
|
return uc.PacketConn.Close()
|
|
|
|
|
}
|
