black-internet-days-ahead/sing-box
1
0
Fork 0
mirror of https://github.com/SagerNet/sing-box.git synced 2025-02-16 14:24:31 +00:00
Code Issues Packages Projects Releases Wiki Activity

Fix auth_user route for naive inbound

Browse source
This commit is contained in:
世界 2023-01-19 10:47:22 +08:00
parent 168253b851
commit fe492904e9
No known key found for this signature in database
GPG key ID: CD109927C34A63C4
1 changed files with 18 additions and 7 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

25
inbound/naive.go
View file

@ -137,14 +137,13 @@ func (n *Naive) ServeHTTP(writer http.ResponseWriter, request *http.Request) {
return return
} }
var authOk bool var authOk bool
var userName string
authorization := request.Header.Get("Proxy-Authorization") authorization := request.Header.Get("Proxy-Authorization")
if strings.HasPrefix(authorization, "BASIC ") || strings.HasPrefix(authorization, "Basic ") { if strings.HasPrefix(authorization, "BASIC ") || strings.HasPrefix(authorization, "Basic ") {
userPassword, _ := base64.URLEncoding.DecodeString(authorization[6:]) userPassword, _ := base64.URLEncoding.DecodeString(authorization[6:])
userPswdArr := strings.SplitN(string(userPassword), ":", 2) userPswdArr := strings.SplitN(string(userPassword), ":", 2)
userName = userPswdArr[0]
authOk = n.authenticator.Verify(userPswdArr[0], userPswdArr[1]) authOk = n.authenticator.Verify(userPswdArr[0], userPswdArr[1])
if authOk {
ctx = auth.ContextWithUser(ctx, userPswdArr[0])
}
} }
if !authOk { if !authOk {
rejectHTTP(writer, http.StatusProxyAuthRequired) rejectHTTP(writer, http.StatusProxyAuthRequired)
@ -168,17 +167,29 @@ func (n *Naive) ServeHTTP(writer http.ResponseWriter, request *http.Request) {
n.badRequest(ctx, request, E.New("hijack failed")) n.badRequest(ctx, request, E.New("hijack failed"))
return return
} }
n.newConnection(ctx, &naiveH1Conn{Conn: conn}, source, destination) n.newConnection(ctx, &naiveH1Conn{Conn: conn}, userName, source, destination)
} else { } else {
n.newConnection(ctx, &naiveH2Conn{reader: request.Body, writer: writer, flusher: writer.(http.Flusher)}, source, destination) n.newConnection(ctx, &naiveH2Conn{reader: request.Body, writer: writer, flusher: writer.(http.Flusher)}, userName, source, destination)
} }
} }
func (n *Naive) newConnection(ctx context.Context, conn net.Conn, source, destination M.Socksaddr) { func (n *Naive) newConnection(ctx context.Context, conn net.Conn, userName string, source, destination M.Socksaddr) {
n.routeTCP(ctx, conn, n.createMetadata(conn, adapter.InboundContext{ if userName != "" {
n.logger.InfoContext(ctx, "[", userName, "] inbound connection from ", source)
n.logger.InfoContext(ctx, "[", userName, "] inbound connection to ", destination)
} else {
n.logger.InfoContext(ctx, "inbound connection from ", source)
n.logger.InfoContext(ctx, "inbound connection to ", destination)
}
hErr := n.router.RouteConnection(ctx, conn, n.createMetadata(conn, adapter.InboundContext{
Source: source, Source: source,
Destination: destination, Destination: destination,
User: userName,
})) }))
if hErr != nil {
conn.Close()
n.NewError(ctx, E.Cause(hErr, "process connection from ", source))
}
} }
func (n *Naive) badRequest(ctx context.Context, request *http.Request, err error) { func (n *Naive) badRequest(ctx context.Context, request *http.Request, err error) {