mirror of
https://github.com/SagerNet/sing-box.git
synced 2024-11-14 04:43:17 +00:00
164 lines
5 KiB
Go
164 lines
5 KiB
Go
//go:build with_quic
|
|
|
|
package inbound
|
|
|
|
import (
|
|
"context"
|
|
"net"
|
|
"net/http"
|
|
"net/http/httputil"
|
|
"net/url"
|
|
|
|
"github.com/sagernet/sing-box/adapter"
|
|
"github.com/sagernet/sing-box/common/tls"
|
|
C "github.com/sagernet/sing-box/constant"
|
|
"github.com/sagernet/sing-box/log"
|
|
"github.com/sagernet/sing-box/option"
|
|
"github.com/sagernet/sing-box/transport/hysteria"
|
|
"github.com/sagernet/sing-quic/hysteria2"
|
|
"github.com/sagernet/sing/common"
|
|
"github.com/sagernet/sing/common/auth"
|
|
E "github.com/sagernet/sing/common/exceptions"
|
|
N "github.com/sagernet/sing/common/network"
|
|
)
|
|
|
|
var _ adapter.Inbound = (*Hysteria2)(nil)
|
|
|
|
type Hysteria2 struct {
|
|
myInboundAdapter
|
|
tlsConfig tls.ServerConfig
|
|
service *hysteria2.Service[int]
|
|
userNameList []string
|
|
}
|
|
|
|
func NewHysteria2(ctx context.Context, router adapter.Router, logger log.ContextLogger, tag string, options option.Hysteria2InboundOptions) (*Hysteria2, error) {
|
|
if options.TLS == nil || !options.TLS.Enabled {
|
|
return nil, C.ErrTLSRequired
|
|
}
|
|
tlsConfig, err := tls.NewServer(ctx, logger, common.PtrValueOrDefault(options.TLS))
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
var salamanderPassword string
|
|
if options.Obfs != nil {
|
|
if options.Obfs.Password == "" {
|
|
return nil, E.New("missing obfs password")
|
|
}
|
|
switch options.Obfs.Type {
|
|
case hysteria2.ObfsTypeSalamander:
|
|
salamanderPassword = options.Obfs.Password
|
|
default:
|
|
return nil, E.New("unknown obfs type: ", options.Obfs.Type)
|
|
}
|
|
}
|
|
var masqueradeHandler http.Handler
|
|
if options.Masquerade != "" {
|
|
masqueradeURL, err := url.Parse(options.Masquerade)
|
|
if err != nil {
|
|
return nil, E.Cause(err, "parse masquerade URL")
|
|
}
|
|
switch masqueradeURL.Scheme {
|
|
case "file":
|
|
masqueradeHandler = http.FileServer(http.Dir(masqueradeURL.Path))
|
|
case "http", "https":
|
|
masqueradeHandler = &httputil.ReverseProxy{
|
|
Rewrite: func(r *httputil.ProxyRequest) {
|
|
r.SetURL(masqueradeURL)
|
|
r.Out.Host = r.In.Host
|
|
},
|
|
ErrorHandler: func(w http.ResponseWriter, r *http.Request, err error) {
|
|
w.WriteHeader(http.StatusBadGateway)
|
|
},
|
|
}
|
|
default:
|
|
return nil, E.New("unknown masquerade URL scheme: ", masqueradeURL.Scheme)
|
|
}
|
|
}
|
|
inbound := &Hysteria2{
|
|
myInboundAdapter: myInboundAdapter{
|
|
protocol: C.TypeHysteria2,
|
|
network: []string{N.NetworkUDP},
|
|
ctx: ctx,
|
|
router: router,
|
|
logger: logger,
|
|
tag: tag,
|
|
listenOptions: options.ListenOptions,
|
|
},
|
|
tlsConfig: tlsConfig,
|
|
}
|
|
service, err := hysteria2.NewService[int](hysteria2.ServiceOptions{
|
|
Context: ctx,
|
|
Logger: logger,
|
|
SendBPS: uint64(options.UpMbps * hysteria.MbpsToBps),
|
|
ReceiveBPS: uint64(options.DownMbps * hysteria.MbpsToBps),
|
|
SalamanderPassword: salamanderPassword,
|
|
TLSConfig: tlsConfig,
|
|
IgnoreClientBandwidth: options.IgnoreClientBandwidth,
|
|
Handler: adapter.NewUpstreamHandler(adapter.InboundContext{}, inbound.newConnection, inbound.newPacketConnection, nil),
|
|
MasqueradeHandler: masqueradeHandler,
|
|
})
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
userList := make([]int, 0, len(options.Users))
|
|
userNameList := make([]string, 0, len(options.Users))
|
|
userPasswordList := make([]string, 0, len(options.Users))
|
|
for index, user := range options.Users {
|
|
userList = append(userList, index)
|
|
userNameList = append(userNameList, user.Name)
|
|
userPasswordList = append(userPasswordList, user.Password)
|
|
}
|
|
service.UpdateUsers(userList, userPasswordList)
|
|
inbound.service = service
|
|
inbound.userNameList = userNameList
|
|
return inbound, nil
|
|
}
|
|
|
|
func (h *Hysteria2) newConnection(ctx context.Context, conn net.Conn, metadata adapter.InboundContext) error {
|
|
ctx = log.ContextWithNewID(ctx)
|
|
metadata = h.createMetadata(conn, metadata)
|
|
userID, _ := auth.UserFromContext[int](ctx)
|
|
if userName := h.userNameList[userID]; userName != "" {
|
|
metadata.User = userName
|
|
h.logger.InfoContext(ctx, "[", userName, "] inbound connection to ", metadata.Destination)
|
|
} else {
|
|
h.logger.InfoContext(ctx, "inbound connection to ", metadata.Destination)
|
|
}
|
|
return h.router.RouteConnection(ctx, conn, metadata)
|
|
}
|
|
|
|
func (h *Hysteria2) newPacketConnection(ctx context.Context, conn N.PacketConn, metadata adapter.InboundContext) error {
|
|
ctx = log.ContextWithNewID(ctx)
|
|
metadata = h.createPacketMetadata(conn, metadata)
|
|
userID, _ := auth.UserFromContext[int](ctx)
|
|
if userName := h.userNameList[userID]; userName != "" {
|
|
metadata.User = userName
|
|
h.logger.InfoContext(ctx, "[", userName, "] inbound packet connection to ", metadata.Destination)
|
|
} else {
|
|
h.logger.InfoContext(ctx, "inbound packet connection to ", metadata.Destination)
|
|
}
|
|
return h.router.RoutePacketConnection(ctx, conn, metadata)
|
|
}
|
|
|
|
func (h *Hysteria2) Start() error {
|
|
if h.tlsConfig != nil {
|
|
err := h.tlsConfig.Start()
|
|
if err != nil {
|
|
return err
|
|
}
|
|
}
|
|
packetConn, err := h.myInboundAdapter.ListenUDP()
|
|
if err != nil {
|
|
return err
|
|
}
|
|
return h.service.Start(packetConn)
|
|
}
|
|
|
|
func (h *Hysteria2) Close() error {
|
|
return common.Close(
|
|
&h.myInboundAdapter,
|
|
h.tlsConfig,
|
|
common.PtrOrNil(h.service),
|
|
)
|
|
}
|