mirror of
https://github.com/SagerNet/sing-box.git
synced 2024-12-11 23:58:48 +00:00
89c723e3e4
Refactor Authenticator interface to struct & Update smux & Update gVisor to 20231204.0 & Update quic-go to v0.40.1 & Update wireguard-go & Add GSO support for TUN/WireGuard & Fix router pre-start & Fix bind forwarder to interface for systems stack
314 lines
7.4 KiB
Go
314 lines
7.4 KiB
Go
package trojan
|
|
|
|
import (
|
|
"crypto/sha256"
|
|
"encoding/binary"
|
|
"encoding/hex"
|
|
"net"
|
|
"os"
|
|
"sync"
|
|
|
|
"github.com/sagernet/sing/common"
|
|
"github.com/sagernet/sing/common/buf"
|
|
"github.com/sagernet/sing/common/bufio"
|
|
E "github.com/sagernet/sing/common/exceptions"
|
|
M "github.com/sagernet/sing/common/metadata"
|
|
N "github.com/sagernet/sing/common/network"
|
|
"github.com/sagernet/sing/common/rw"
|
|
)
|
|
|
|
const (
|
|
KeyLength = 56
|
|
CommandTCP = 1
|
|
CommandUDP = 3
|
|
CommandMux = 0x7f
|
|
)
|
|
|
|
var CRLF = []byte{'\r', '\n'}
|
|
|
|
var _ N.EarlyConn = (*ClientConn)(nil)
|
|
|
|
type ClientConn struct {
|
|
N.ExtendedConn
|
|
key [KeyLength]byte
|
|
destination M.Socksaddr
|
|
headerWritten bool
|
|
}
|
|
|
|
func NewClientConn(conn net.Conn, key [KeyLength]byte, destination M.Socksaddr) *ClientConn {
|
|
return &ClientConn{
|
|
ExtendedConn: bufio.NewExtendedConn(conn),
|
|
key: key,
|
|
destination: destination,
|
|
}
|
|
}
|
|
|
|
func (c *ClientConn) NeedHandshake() bool {
|
|
return !c.headerWritten
|
|
}
|
|
|
|
func (c *ClientConn) Write(p []byte) (n int, err error) {
|
|
if c.headerWritten {
|
|
return c.ExtendedConn.Write(p)
|
|
}
|
|
err = ClientHandshake(c.ExtendedConn, c.key, c.destination, p)
|
|
if err != nil {
|
|
return
|
|
}
|
|
n = len(p)
|
|
c.headerWritten = true
|
|
return
|
|
}
|
|
|
|
func (c *ClientConn) WriteBuffer(buffer *buf.Buffer) error {
|
|
if c.headerWritten {
|
|
return c.ExtendedConn.WriteBuffer(buffer)
|
|
}
|
|
err := ClientHandshakeBuffer(c.ExtendedConn, c.key, c.destination, buffer)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
c.headerWritten = true
|
|
return nil
|
|
}
|
|
|
|
func (c *ClientConn) FrontHeadroom() int {
|
|
if !c.headerWritten {
|
|
return KeyLength + 5 + M.MaxSocksaddrLength
|
|
}
|
|
return 0
|
|
}
|
|
|
|
func (c *ClientConn) Upstream() any {
|
|
return c.ExtendedConn
|
|
}
|
|
|
|
type ClientPacketConn struct {
|
|
net.Conn
|
|
access sync.Mutex
|
|
key [KeyLength]byte
|
|
headerWritten bool
|
|
readWaitOptions N.ReadWaitOptions
|
|
}
|
|
|
|
func NewClientPacketConn(conn net.Conn, key [KeyLength]byte) *ClientPacketConn {
|
|
return &ClientPacketConn{
|
|
Conn: conn,
|
|
key: key,
|
|
}
|
|
}
|
|
|
|
func (c *ClientPacketConn) NeedHandshake() bool {
|
|
return !c.headerWritten
|
|
}
|
|
|
|
func (c *ClientPacketConn) ReadPacket(buffer *buf.Buffer) (M.Socksaddr, error) {
|
|
return ReadPacket(c.Conn, buffer)
|
|
}
|
|
|
|
func (c *ClientPacketConn) WritePacket(buffer *buf.Buffer, destination M.Socksaddr) error {
|
|
if !c.headerWritten {
|
|
c.access.Lock()
|
|
if c.headerWritten {
|
|
c.access.Unlock()
|
|
} else {
|
|
err := ClientHandshakePacket(c.Conn, c.key, destination, buffer)
|
|
c.headerWritten = true
|
|
c.access.Unlock()
|
|
return err
|
|
}
|
|
}
|
|
return WritePacket(c.Conn, buffer, destination)
|
|
}
|
|
|
|
func (c *ClientPacketConn) ReadFrom(p []byte) (n int, addr net.Addr, err error) {
|
|
buffer := buf.With(p)
|
|
destination, err := c.ReadPacket(buffer)
|
|
if err != nil {
|
|
return
|
|
}
|
|
n = buffer.Len()
|
|
if destination.IsFqdn() {
|
|
addr = destination
|
|
} else {
|
|
addr = destination.UDPAddr()
|
|
}
|
|
return
|
|
}
|
|
|
|
func (c *ClientPacketConn) WriteTo(p []byte, addr net.Addr) (n int, err error) {
|
|
return bufio.WritePacket(c, p, addr)
|
|
}
|
|
|
|
func (c *ClientPacketConn) Read(p []byte) (n int, err error) {
|
|
n, _, err = c.ReadFrom(p)
|
|
return
|
|
}
|
|
|
|
func (c *ClientPacketConn) Write(p []byte) (n int, err error) {
|
|
return 0, os.ErrInvalid
|
|
}
|
|
|
|
func (c *ClientPacketConn) FrontHeadroom() int {
|
|
if !c.headerWritten {
|
|
return KeyLength + 2*M.MaxSocksaddrLength + 9
|
|
}
|
|
return M.MaxSocksaddrLength + 4
|
|
}
|
|
|
|
func (c *ClientPacketConn) Upstream() any {
|
|
return c.Conn
|
|
}
|
|
|
|
func Key(password string) [KeyLength]byte {
|
|
var key [KeyLength]byte
|
|
hash := sha256.New224()
|
|
common.Must1(hash.Write([]byte(password)))
|
|
hex.Encode(key[:], hash.Sum(nil))
|
|
return key
|
|
}
|
|
|
|
func ClientHandshakeRaw(conn net.Conn, key [KeyLength]byte, command byte, destination M.Socksaddr, payload []byte) error {
|
|
_, err := conn.Write(key[:])
|
|
if err != nil {
|
|
return err
|
|
}
|
|
_, err = conn.Write(CRLF)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
_, err = conn.Write([]byte{command})
|
|
if err != nil {
|
|
return err
|
|
}
|
|
err = M.SocksaddrSerializer.WriteAddrPort(conn, destination)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
_, err = conn.Write(CRLF)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
if len(payload) > 0 {
|
|
_, err = conn.Write(payload)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
}
|
|
return nil
|
|
}
|
|
|
|
func ClientHandshake(conn net.Conn, key [KeyLength]byte, destination M.Socksaddr, payload []byte) error {
|
|
headerLen := KeyLength + M.SocksaddrSerializer.AddrPortLen(destination) + 5
|
|
header := buf.NewSize(headerLen + len(payload))
|
|
defer header.Release()
|
|
common.Must1(header.Write(key[:]))
|
|
common.Must1(header.Write(CRLF))
|
|
common.Must(header.WriteByte(CommandTCP))
|
|
err := M.SocksaddrSerializer.WriteAddrPort(header, destination)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
common.Must1(header.Write(CRLF))
|
|
common.Must1(header.Write(payload))
|
|
_, err = conn.Write(header.Bytes())
|
|
if err != nil {
|
|
return E.Cause(err, "write request")
|
|
}
|
|
return nil
|
|
}
|
|
|
|
func ClientHandshakeBuffer(conn net.Conn, key [KeyLength]byte, destination M.Socksaddr, payload *buf.Buffer) error {
|
|
header := buf.With(payload.ExtendHeader(KeyLength + M.SocksaddrSerializer.AddrPortLen(destination) + 5))
|
|
common.Must1(header.Write(key[:]))
|
|
common.Must1(header.Write(CRLF))
|
|
common.Must(header.WriteByte(CommandTCP))
|
|
err := M.SocksaddrSerializer.WriteAddrPort(header, destination)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
common.Must1(header.Write(CRLF))
|
|
|
|
_, err = conn.Write(payload.Bytes())
|
|
if err != nil {
|
|
return E.Cause(err, "write request")
|
|
}
|
|
return nil
|
|
}
|
|
|
|
func ClientHandshakePacket(conn net.Conn, key [KeyLength]byte, destination M.Socksaddr, payload *buf.Buffer) error {
|
|
headerLen := KeyLength + 2*M.SocksaddrSerializer.AddrPortLen(destination) + 9
|
|
payloadLen := payload.Len()
|
|
var header *buf.Buffer
|
|
var writeHeader bool
|
|
if payload.Start() >= headerLen {
|
|
header = buf.With(payload.ExtendHeader(headerLen))
|
|
} else {
|
|
header = buf.NewSize(headerLen)
|
|
defer header.Release()
|
|
writeHeader = true
|
|
}
|
|
common.Must1(header.Write(key[:]))
|
|
common.Must1(header.Write(CRLF))
|
|
common.Must(header.WriteByte(CommandUDP))
|
|
err := M.SocksaddrSerializer.WriteAddrPort(header, destination)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
common.Must1(header.Write(CRLF))
|
|
common.Must(M.SocksaddrSerializer.WriteAddrPort(header, destination))
|
|
common.Must(binary.Write(header, binary.BigEndian, uint16(payloadLen)))
|
|
common.Must1(header.Write(CRLF))
|
|
|
|
if writeHeader {
|
|
_, err := conn.Write(header.Bytes())
|
|
if err != nil {
|
|
return E.Cause(err, "write request")
|
|
}
|
|
}
|
|
|
|
_, err = conn.Write(payload.Bytes())
|
|
if err != nil {
|
|
return E.Cause(err, "write payload")
|
|
}
|
|
return nil
|
|
}
|
|
|
|
func ReadPacket(conn net.Conn, buffer *buf.Buffer) (M.Socksaddr, error) {
|
|
destination, err := M.SocksaddrSerializer.ReadAddrPort(conn)
|
|
if err != nil {
|
|
return M.Socksaddr{}, E.Cause(err, "read destination")
|
|
}
|
|
|
|
var length uint16
|
|
err = binary.Read(conn, binary.BigEndian, &length)
|
|
if err != nil {
|
|
return M.Socksaddr{}, E.Cause(err, "read chunk length")
|
|
}
|
|
|
|
err = rw.SkipN(conn, 2)
|
|
if err != nil {
|
|
return M.Socksaddr{}, E.Cause(err, "skip crlf")
|
|
}
|
|
|
|
_, err = buffer.ReadFullFrom(conn, int(length))
|
|
return destination.Unwrap(), err
|
|
}
|
|
|
|
func WritePacket(conn net.Conn, buffer *buf.Buffer, destination M.Socksaddr) error {
|
|
defer buffer.Release()
|
|
bufferLen := buffer.Len()
|
|
header := buf.With(buffer.ExtendHeader(M.SocksaddrSerializer.AddrPortLen(destination) + 4))
|
|
err := M.SocksaddrSerializer.WriteAddrPort(header, destination)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
common.Must(binary.Write(header, binary.BigEndian, uint16(bufferLen)))
|
|
common.Must1(header.Write(CRLF))
|
|
_, err = conn.Write(buffer.Bytes())
|
|
if err != nil {
|
|
return E.Cause(err, "write packet")
|
|
}
|
|
return nil
|
|
}
|