2019-12-08 12:17:24 +08:00
|
|
|
package outbound
|
2018-12-03 23:27:00 +08:00
|
|
|
|
|
|
|
import (
|
|
|
|
"bufio"
|
2019-10-12 23:55:39 +08:00
|
|
|
"context"
|
2018-12-03 23:27:00 +08:00
|
|
|
"crypto/tls"
|
|
|
|
"encoding/base64"
|
|
|
|
"errors"
|
|
|
|
"fmt"
|
|
|
|
"io"
|
|
|
|
"net"
|
|
|
|
"net/http"
|
2019-12-05 18:22:07 +08:00
|
|
|
"net/url"
|
2018-12-03 23:27:00 +08:00
|
|
|
"strconv"
|
|
|
|
|
2020-02-15 21:42:46 +08:00
|
|
|
"github.com/Dreamacro/clash/component/dialer"
|
2023-04-10 11:20:28 +08:00
|
|
|
"github.com/Dreamacro/clash/component/proxydialer"
|
2023-01-13 09:55:01 +08:00
|
|
|
tlsC "github.com/Dreamacro/clash/component/tls"
|
2018-12-03 23:27:00 +08:00
|
|
|
C "github.com/Dreamacro/clash/constant"
|
|
|
|
)
|
|
|
|
|
|
|
|
type Http struct {
|
2018-12-22 23:56:42 +08:00
|
|
|
*Base
|
2019-12-05 18:22:07 +08:00
|
|
|
user string
|
|
|
|
pass string
|
|
|
|
tlsConfig *tls.Config
|
2022-04-14 13:07:39 +08:00
|
|
|
option *HttpOption
|
2018-12-03 23:27:00 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
type HttpOption struct {
|
2021-11-07 16:48:51 +08:00
|
|
|
BasicOption
|
2022-04-14 13:07:39 +08:00
|
|
|
Name string `proxy:"name"`
|
|
|
|
Server string `proxy:"server"`
|
|
|
|
Port int `proxy:"port"`
|
|
|
|
UserName string `proxy:"username,omitempty"`
|
|
|
|
Password string `proxy:"password,omitempty"`
|
|
|
|
TLS bool `proxy:"tls,omitempty"`
|
|
|
|
SNI string `proxy:"sni,omitempty"`
|
|
|
|
SkipCertVerify bool `proxy:"skip-cert-verify,omitempty"`
|
2022-07-11 13:42:28 +08:00
|
|
|
Fingerprint string `proxy:"fingerprint,omitempty"`
|
2022-04-14 13:07:39 +08:00
|
|
|
Headers map[string]string `proxy:"headers,omitempty"`
|
2018-12-03 23:27:00 +08:00
|
|
|
}
|
|
|
|
|
2021-04-29 11:23:14 +08:00
|
|
|
// StreamConn implements C.ProxyAdapter
|
2020-03-21 23:46:49 +08:00
|
|
|
func (h *Http) StreamConn(c net.Conn, metadata *C.Metadata) (net.Conn, error) {
|
|
|
|
if h.tlsConfig != nil {
|
2018-12-03 23:27:00 +08:00
|
|
|
cc := tls.Client(c, h.tlsConfig)
|
2022-08-13 12:35:39 +08:00
|
|
|
ctx, cancel := context.WithTimeout(context.Background(), C.DefaultTLSTimeout)
|
|
|
|
defer cancel()
|
|
|
|
err := cc.HandshakeContext(ctx)
|
2018-12-03 23:27:00 +08:00
|
|
|
c = cc
|
2020-03-21 23:46:49 +08:00
|
|
|
if err != nil {
|
|
|
|
return nil, fmt.Errorf("%s connect error: %w", h.addr, err)
|
|
|
|
}
|
2018-12-03 23:27:00 +08:00
|
|
|
}
|
|
|
|
|
2020-03-21 23:46:49 +08:00
|
|
|
if err := h.shakeHand(metadata, c); err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
|
|
|
return c, nil
|
|
|
|
}
|
|
|
|
|
2021-04-29 11:23:14 +08:00
|
|
|
// DialContext implements C.ProxyAdapter
|
2021-11-07 16:48:51 +08:00
|
|
|
func (h *Http) DialContext(ctx context.Context, metadata *C.Metadata, opts ...dialer.Option) (_ C.Conn, err error) {
|
2022-12-20 00:11:02 +08:00
|
|
|
return h.DialContextWithDialer(ctx, dialer.NewDialer(h.Base.DialOptions(opts...)...), metadata)
|
2022-12-19 21:34:07 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
// DialContextWithDialer implements C.ProxyAdapter
|
|
|
|
func (h *Http) DialContextWithDialer(ctx context.Context, dialer C.Dialer, metadata *C.Metadata) (_ C.Conn, err error) {
|
2023-04-10 11:20:28 +08:00
|
|
|
if len(h.option.DialerProxy) > 0 {
|
|
|
|
dialer, err = proxydialer.NewByName(h.option.DialerProxy, dialer)
|
|
|
|
if err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
|
|
|
}
|
2022-12-19 21:34:07 +08:00
|
|
|
c, err := dialer.DialContext(ctx, "tcp", h.addr)
|
2018-12-03 23:27:00 +08:00
|
|
|
if err != nil {
|
2019-12-05 17:51:21 +08:00
|
|
|
return nil, fmt.Errorf("%s connect error: %w", h.addr, err)
|
2018-12-03 23:27:00 +08:00
|
|
|
}
|
|
|
|
tcpKeepAlive(c)
|
2020-03-21 23:46:49 +08:00
|
|
|
|
2022-12-16 22:15:44 +08:00
|
|
|
defer func(c net.Conn) {
|
2022-12-13 13:20:40 +08:00
|
|
|
safeConnClose(c, err)
|
2022-12-16 22:15:44 +08:00
|
|
|
}(c)
|
2021-03-22 23:26:20 +08:00
|
|
|
|
2020-03-21 23:46:49 +08:00
|
|
|
c, err = h.StreamConn(c, metadata)
|
|
|
|
if err != nil {
|
2018-12-03 23:27:00 +08:00
|
|
|
return nil, err
|
|
|
|
}
|
|
|
|
|
2020-03-21 23:46:49 +08:00
|
|
|
return NewConn(c, h), nil
|
2018-12-03 23:27:00 +08:00
|
|
|
}
|
|
|
|
|
2022-12-19 21:34:07 +08:00
|
|
|
// SupportWithDialer implements C.ProxyAdapter
|
|
|
|
func (h *Http) SupportWithDialer() bool {
|
|
|
|
return true
|
|
|
|
}
|
|
|
|
|
2018-12-03 23:27:00 +08:00
|
|
|
func (h *Http) shakeHand(metadata *C.Metadata, rw io.ReadWriter) error {
|
2019-10-11 20:11:18 +08:00
|
|
|
addr := metadata.RemoteAddress()
|
2019-12-05 18:22:07 +08:00
|
|
|
req := &http.Request{
|
|
|
|
Method: http.MethodConnect,
|
|
|
|
URL: &url.URL{
|
|
|
|
Host: addr,
|
|
|
|
},
|
|
|
|
Host: addr,
|
|
|
|
Header: http.Header{
|
|
|
|
"Proxy-Connection": []string{"Keep-Alive"},
|
|
|
|
},
|
|
|
|
}
|
2018-12-03 23:27:00 +08:00
|
|
|
|
2022-04-14 13:07:39 +08:00
|
|
|
//增加headers
|
|
|
|
if len(h.option.Headers) != 0 {
|
|
|
|
for key, value := range h.option.Headers {
|
|
|
|
req.Header.Add(key, value)
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2018-12-03 23:27:00 +08:00
|
|
|
if h.user != "" && h.pass != "" {
|
|
|
|
auth := h.user + ":" + h.pass
|
2019-12-05 18:22:07 +08:00
|
|
|
req.Header.Add("Proxy-Authorization", "Basic "+base64.StdEncoding.EncodeToString([]byte(auth)))
|
2018-12-03 23:27:00 +08:00
|
|
|
}
|
|
|
|
|
2019-12-05 18:22:07 +08:00
|
|
|
if err := req.Write(rw); err != nil {
|
2018-12-03 23:27:00 +08:00
|
|
|
return err
|
|
|
|
}
|
|
|
|
|
2019-12-05 18:22:07 +08:00
|
|
|
resp, err := http.ReadResponse(bufio.NewReader(rw), req)
|
2018-12-03 23:27:00 +08:00
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
|
2019-10-05 09:33:40 +08:00
|
|
|
if resp.StatusCode == http.StatusOK {
|
2018-12-03 23:27:00 +08:00
|
|
|
return nil
|
|
|
|
}
|
|
|
|
|
2019-10-05 09:33:40 +08:00
|
|
|
if resp.StatusCode == http.StatusProxyAuthRequired {
|
2018-12-03 23:27:00 +08:00
|
|
|
return errors.New("HTTP need auth")
|
|
|
|
}
|
|
|
|
|
2019-10-05 09:33:40 +08:00
|
|
|
if resp.StatusCode == http.StatusMethodNotAllowed {
|
2018-12-03 23:27:00 +08:00
|
|
|
return errors.New("CONNECT method not allowed by proxy")
|
|
|
|
}
|
2019-10-05 09:33:40 +08:00
|
|
|
|
|
|
|
if resp.StatusCode >= http.StatusInternalServerError {
|
|
|
|
return errors.New(resp.Status)
|
|
|
|
}
|
2019-12-05 18:22:07 +08:00
|
|
|
|
2018-12-03 23:27:00 +08:00
|
|
|
return fmt.Errorf("can not connect remote err code: %d", resp.StatusCode)
|
|
|
|
}
|
|
|
|
|
2022-07-11 13:42:28 +08:00
|
|
|
func NewHttp(option HttpOption) (*Http, error) {
|
2018-12-03 23:27:00 +08:00
|
|
|
var tlsConfig *tls.Config
|
|
|
|
if option.TLS {
|
2020-10-02 11:34:40 +08:00
|
|
|
sni := option.Server
|
|
|
|
if option.SNI != "" {
|
|
|
|
sni = option.SNI
|
|
|
|
}
|
2022-07-11 13:42:28 +08:00
|
|
|
if len(option.Fingerprint) == 0 {
|
2023-01-14 21:08:06 +08:00
|
|
|
tlsConfig = tlsC.GetGlobalTLSConfig(&tls.Config{
|
2022-07-11 13:42:28 +08:00
|
|
|
InsecureSkipVerify: option.SkipCertVerify,
|
|
|
|
ServerName: sni,
|
|
|
|
})
|
|
|
|
} else {
|
|
|
|
var err error
|
|
|
|
if tlsConfig, err = tlsC.GetSpecifiedFingerprintTLSConfig(&tls.Config{
|
|
|
|
InsecureSkipVerify: option.SkipCertVerify,
|
|
|
|
ServerName: sni,
|
|
|
|
}, option.Fingerprint); err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
2018-12-03 23:27:00 +08:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
return &Http{
|
2018-12-22 23:56:42 +08:00
|
|
|
Base: &Base{
|
2022-08-28 13:41:19 +08:00
|
|
|
name: option.Name,
|
|
|
|
addr: net.JoinHostPort(option.Server, strconv.Itoa(option.Port)),
|
|
|
|
tp: C.Http,
|
2023-02-24 13:53:44 +08:00
|
|
|
tfo: option.TFO,
|
2022-08-28 13:41:19 +08:00
|
|
|
iface: option.Interface,
|
|
|
|
rmark: option.RoutingMark,
|
|
|
|
prefer: C.NewDNSPrefer(option.IPVersion),
|
2018-12-22 23:56:42 +08:00
|
|
|
},
|
2019-12-05 18:22:07 +08:00
|
|
|
user: option.UserName,
|
|
|
|
pass: option.Password,
|
2022-07-11 13:42:28 +08:00
|
|
|
tlsConfig: tlsConfig,
|
2022-04-14 13:07:39 +08:00
|
|
|
option: &option,
|
2022-07-11 13:42:28 +08:00
|
|
|
}, nil
|
2018-12-03 23:27:00 +08:00
|
|
|
}
|