Merge from remote branch

2024-11-14 21:31:16 +08:00 · 2021-09-17 15:07:27 +08:00 · 2021-09-17 15:07:27 +08:00 · fbda82218e
commit fbda82218e
parent 85dc0b5527 b3cd4ebbd3
8 changed files with 41 additions and 26 deletions
--- a/.github/workflows/go.yml
+++ b/.github/workflows/go.yml
@ -9,7 +9,7 @@ jobs:
      - name: Setup Go
        uses: actions/setup-go@v2
        with:
-          go-version: 1.17
+          go-version: 1.17.x

      - name: Check out code into the Go module directory
        uses: actions/checkout@v2
--- a/adapter/inbound/http.go
+++ b/adapter/inbound/http.go
@ -9,8 +9,8 @@ import (
 )

 // NewHTTP receive normal http request and return HTTPContext
-func NewHTTP(target string, source net.Addr, conn net.Conn) *context.ConnContext {
-	metadata := parseSocksAddr(socks5.ParseAddr(target))
+func NewHTTP(target socks5.Addr, source net.Addr, conn net.Conn) *context.ConnContext {
+	metadata := parseSocksAddr(target)
 	metadata.NetWork = C.TCP
 	metadata.Type = C.HTTP
 	if ip, port, err := parseAddr(source.String()); err == nil {
--- a/config/config.go
+++ b/config/config.go
@ -23,7 +23,7 @@ import (
 	R "github.com/Dreamacro/clash/rule"
 	T "github.com/Dreamacro/clash/tunnel"

-	yaml "gopkg.in/yaml.v2"
+	"gopkg.in/yaml.v2"
 )

 // General config
@ -206,7 +206,7 @@ func UnmarshalRawConfig(buf []byte) (*RawConfig, error) {
 		},
 	}

-	if err := yaml.Unmarshal(buf, &rawCfg); err != nil {
+	if err := yaml.Unmarshal(buf, rawCfg); err != nil {
 		return nil, err
 	}

--- a/dns/client.go
+++ b/dns/client.go
@ -20,15 +20,20 @@ type client struct {
 	host string
 }

-func (c *client) Exchange(m *D.Msg) (msg *D.Msg, err error) {
+func (c *client) Exchange(m *D.Msg) (*D.Msg, error) {
 	return c.ExchangeContext(context.Background(), m)
 }

-func (c *client) ExchangeContext(ctx context.Context, m *D.Msg) (msg *D.Msg, err error) {
-	var ip net.IP
+func (c *client) ExchangeContext(ctx context.Context, m *D.Msg) (*D.Msg, error) {
+	var (
+		ip  net.IP
+		err error
+	)
 	if c.r == nil {
 		// a default ip dns
-		ip = net.ParseIP(c.host)
+		if ip = net.ParseIP(c.host); ip == nil {
+			return nil, fmt.Errorf("dns %s not a valid ip", c.host)
+		}
 	} else {
 		if ip, err = resolver.ResolveIPWithResolver(c.host, c.r); err != nil {
 			return nil, fmt.Errorf("use default dns resolve failed: %w", err)
@ -58,7 +63,7 @@ func (c *client) ExchangeContext(ctx context.Context, m *D.Msg) (msg *D.Msg, err
 			conn = tls.Client(conn, c.Client.TLSConfig)
 		}

-		msg, _, err = c.Client.ExchangeWithConn(m, &D.Conn{
+		msg, _, err := c.Client.ExchangeWithConn(m, &D.Conn{
 			Conn:         conn,
 			UDPSize:      c.Client.UDPSize,
 			TsigSecret:   c.Client.TsigSecret,
--- a/listener/http/client.go
+++ b/listener/http/client.go
@ -9,6 +9,7 @@ import (

 	"github.com/Dreamacro/clash/adapter/inbound"
 	C "github.com/Dreamacro/clash/constant"
+	"github.com/Dreamacro/clash/transport/socks5"
 )

 func newClient(source net.Addr, in chan<- C.ConnContext) *http.Client {
@ -25,9 +26,14 @@ func newClient(source net.Addr, in chan<- C.ConnContext) *http.Client {
 					return nil, errors.New("unsupported network " + network)
 				}

+				dstAddr := socks5.ParseAddr(address)
+				if dstAddr == nil {
+					return nil, socks5.ErrAddressNotSupported
+				}
+
 				left, right := net.Pipe()

-				in <- inbound.NewHTTP(address, source, right)
+				in <- inbound.NewHTTP(dstAddr, source, right)

 				return left, nil
 			},
--- a/listener/http/proxy.go
+++ b/listener/http/proxy.go
@ -63,8 +63,8 @@ func HandleConn(c net.Conn, in chan<- C.ConnContext, cache *cache.Cache) {

 			request.RequestURI = ""

-			RemoveHopByHopHeaders(request.Header)
-			RemoveExtraHTTPHostPort(request)
+			removeHopByHopHeaders(request.Header)
+			removeExtraHTTPHostPort(request)

 			if request.URL.Scheme == "" || request.URL.Host == "" {
 				resp = responseWith(http.StatusBadRequest)
@ -74,9 +74,9 @@ func HandleConn(c net.Conn, in chan<- C.ConnContext, cache *cache.Cache) {
 					resp = responseWith(http.StatusBadGateway)
 				}
 			}
-		}

-		RemoveHopByHopHeaders(resp.Header)
+			removeHopByHopHeaders(resp.Header)
+		}

 		if keepAlive {
 			resp.Header.Set("Proxy-Connection", "keep-alive")
@ -98,7 +98,7 @@ func HandleConn(c net.Conn, in chan<- C.ConnContext, cache *cache.Cache) {
 func authenticate(request *http.Request, cache *cache.Cache) *http.Response {
 	authenticator := authStore.Authenticator()
 	if authenticator != nil {
-		credential := ParseBasicProxyAuthorization(request)
+		credential := parseBasicProxyAuthorization(request)
 		if credential == "" {
 			resp := responseWith(http.StatusProxyAuthRequired)
 			resp.Header.Set("Proxy-Authenticate", "Basic")
@ -107,7 +107,7 @@ func authenticate(request *http.Request, cache *cache.Cache) *http.Response {

 		var authed interface{}
 		if authed = cache.Get(credential); authed == nil {
-			user, pass, err := DecodeBasicProxyAuthorization(credential)
+			user, pass, err := decodeBasicProxyAuthorization(credential)
 			authed = err == nil && authenticator.Verify(user, pass)
 			cache.Put(credential, authed, time.Minute)
 		}
--- a/listener/http/utils.go
+++ b/listener/http/utils.go
@ -8,8 +8,8 @@ import (
 	"strings"
 )

-// RemoveHopByHopHeaders remove hop-by-hop header
-func RemoveHopByHopHeaders(header http.Header) {
+// removeHopByHopHeaders remove hop-by-hop header
+func removeHopByHopHeaders(header http.Header) {
 	// Strip hop-by-hop header based on RFC:
 	// http://www.w3.org/Protocols/rfc2616/rfc2616-sec13.html#sec13.5.1
 	// https://www.mnot.net/blog/2011/07/11/what_proxies_must_do
@ -32,9 +32,9 @@ func RemoveHopByHopHeaders(header http.Header) {
 	}
 }

-// RemoveExtraHTTPHostPort remove extra host port (example.com:80 --> example.com)
+// removeExtraHTTPHostPort remove extra host port (example.com:80 --> example.com)
 // It resolves the behavior of some HTTP servers that do not handle host:80 (e.g. baidu.com)
-func RemoveExtraHTTPHostPort(req *http.Request) {
+func removeExtraHTTPHostPort(req *http.Request) {
 	host := req.Host
 	if host == "" {
 		host = req.URL.Host
@ -48,8 +48,8 @@ func RemoveExtraHTTPHostPort(req *http.Request) {
 	req.URL.Host = host
 }

-// ParseBasicProxyAuthorization parse header Proxy-Authorization and return base64-encoded credential
-func ParseBasicProxyAuthorization(request *http.Request) string {
+// parseBasicProxyAuthorization parse header Proxy-Authorization and return base64-encoded credential
+func parseBasicProxyAuthorization(request *http.Request) string {
 	value := request.Header.Get("Proxy-Authorization")
 	if !strings.HasPrefix(value, "Basic ") {
 		return ""
@ -58,8 +58,8 @@ func ParseBasicProxyAuthorization(request *http.Request) string {
 	return value[6:] // value[len("Basic "):]
 }

-// DecodeBasicProxyAuthorization decode base64-encoded credential
-func DecodeBasicProxyAuthorization(credential string) (string, string, error) {
+// decodeBasicProxyAuthorization decode base64-encoded credential
+func decodeBasicProxyAuthorization(credential string) (string, string, error) {
 	plain, err := base64.StdEncoding.DecodeString(credential)
 	if err != nil {
 		return "", "", err
--- a/transport/socks4/socks4.go
+++ b/transport/socks4/socks4.go
@ -91,6 +91,7 @@ func ServerHandshake(rw io.ReadWriter, authenticator auth.Authenticator) (addr s
 		code = RequestGranted
 	} else {
 		code = RequestIdentdMismatched
+		err = ErrRequestIdentdMismatched
 	}

 	var reply [8]byte
@ -99,7 +100,10 @@ func ServerHandshake(rw io.ReadWriter, authenticator auth.Authenticator) (addr s
 	copy(reply[4:8], dstIP)
 	copy(reply[2:4], dstPort)

-	_, err = rw.Write(reply[:])
+	_, wErr := rw.Write(reply[:])
+	if err == nil {
+		err = wErr
+	}
 	return
 }