osbzr
/
com
项目红包剩余9514,下一贡献奖励5%,即 476个红包
Watch 15
Star 7
Wiki 捐赠
本站源代码
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
Tree: 4f0cac5ea6
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '4f0cac5ea6'
${ noResults }
com/vendor/golang.org/x/net/internal/socks/socks.go

318 lines
9.0KB
Raw Blame History 

  1. // Copyright 2018 The Go Authors. All rights reserved.

  2. // Use of this source code is governed by a BSD-style

  3. // license that can be found in the LICENSE file.

  4. 

  5. // Package socks provides a SOCKS version 5 client implementation.

  6. //

  7. // SOCKS protocol version 5 is defined in RFC 1928.

  8. // Username/Password authentication for SOCKS version 5 is defined in

  9. // RFC 1929.

  10. package socks

  11. 

  12. import (

  13. 	"context"

  14. 	"errors"

  15. 	"io"

  16. 	"net"

  17. 	"strconv"

  18. )

  19. 

  20. // A Command represents a SOCKS command.

  21. type Command int

  22. 

  23. func (cmd Command) String() string {

  24. 	switch cmd {

  25. 	case CmdConnect:

  26. 		return "socks connect"

  27. 	case cmdBind:

  28. 		return "socks bind"

  29. 	default:

  30. 		return "socks " + strconv.Itoa(int(cmd))

  31. 	}

  32. }

  33. 

  34. // An AuthMethod represents a SOCKS authentication method.

  35. type AuthMethod int

  36. 

  37. // A Reply represents a SOCKS command reply code.

  38. type Reply int

  39. 

  40. func (code Reply) String() string {

  41. 	switch code {

  42. 	case StatusSucceeded:

  43. 		return "succeeded"

  44. 	case 0x01:

  45. 		return "general SOCKS server failure"

  46. 	case 0x02:

  47. 		return "connection not allowed by ruleset"

  48. 	case 0x03:

  49. 		return "network unreachable"

  50. 	case 0x04:

  51. 		return "host unreachable"

  52. 	case 0x05:

  53. 		return "connection refused"

  54. 	case 0x06:

  55. 		return "TTL expired"

  56. 	case 0x07:

  57. 		return "command not supported"

  58. 	case 0x08:

  59. 		return "address type not supported"

  60. 	default:

  61. 		return "unknown code: " + strconv.Itoa(int(code))

  62. 	}

  63. }

  64. 

  65. // Wire protocol constants.

  66. const (

  67. 	Version5 = 0x05

  68. 

  69. 	AddrTypeIPv4 = 0x01

  70. 	AddrTypeFQDN = 0x03

  71. 	AddrTypeIPv6 = 0x04

  72. 

  73. 	CmdConnect Command = 0x01 // establishes an active-open forward proxy connection

  74. 	cmdBind    Command = 0x02 // establishes a passive-open forward proxy connection

  75. 

  76. 	AuthMethodNotRequired         AuthMethod = 0x00 // no authentication required

  77. 	AuthMethodUsernamePassword    AuthMethod = 0x02 // use username/password

  78. 	AuthMethodNoAcceptableMethods AuthMethod = 0xff // no acceptable authentication methods

  79. 

  80. 	StatusSucceeded Reply = 0x00

  81. )

  82. 

  83. // An Addr represents a SOCKS-specific address.

  84. // Either Name or IP is used exclusively.

  85. type Addr struct {

  86. 	Name string // fully-qualified domain name

  87. 	IP   net.IP

  88. 	Port int

  89. }

  90. 

  91. func (a *Addr) Network() string { return "socks" }

  92. 

  93. func (a *Addr) String() string {

  94. 	if a == nil {

  95. 		return "<nil>"

  96. 	}

  97. 	port := strconv.Itoa(a.Port)

  98. 	if a.IP == nil {

  99. 		return net.JoinHostPort(a.Name, port)

  100. 	}

  101. 	return net.JoinHostPort(a.IP.String(), port)

  102. }

  103. 

  104. // A Conn represents a forward proxy connection.

  105. type Conn struct {

  106. 	net.Conn

  107. 

  108. 	boundAddr net.Addr

  109. }

  110. 

  111. // BoundAddr returns the address assigned by the proxy server for

  112. // connecting to the command target address from the proxy server.

  113. func (c *Conn) BoundAddr() net.Addr {

  114. 	if c == nil {

  115. 		return nil

  116. 	}

  117. 	return c.boundAddr

  118. }

  119. 

  120. // A Dialer holds SOCKS-specific options.

  121. type Dialer struct {

  122. 	cmd          Command // either CmdConnect or cmdBind

  123. 	proxyNetwork string  // network between a proxy server and a client

  124. 	proxyAddress string  // proxy server address

  125. 

  126. 	// ProxyDial specifies the optional dial function for

  127. 	// establishing the transport connection.

  128. 	ProxyDial func(context.Context, string, string) (net.Conn, error)

  129. 

  130. 	// AuthMethods specifies the list of request authentication

  131. 	// methods.

  132. 	// If empty, SOCKS client requests only AuthMethodNotRequired.

  133. 	AuthMethods []AuthMethod

  134. 

  135. 	// Authenticate specifies the optional authentication

  136. 	// function. It must be non-nil when AuthMethods is not empty.

  137. 	// It must return an error when the authentication is failed.

  138. 	Authenticate func(context.Context, io.ReadWriter, AuthMethod) error

  139. }

  140. 

  141. // DialContext connects to the provided address on the provided

  142. // network.

  143. //

  144. // The returned error value may be a net.OpError. When the Op field of

  145. // net.OpError contains "socks", the Source field contains a proxy

  146. // server address and the Addr field contains a command target

  147. // address.

  148. //

  149. // See func Dial of the net package of standard library for a

  150. // description of the network and address parameters.

  151. func (d *Dialer) DialContext(ctx context.Context, network, address string) (net.Conn, error) {

  152. 	if err := d.validateTarget(network, address); err != nil {

  153. 		proxy, dst, _ := d.pathAddrs(address)

  154. 		return nil, &net.OpError{Op: d.cmd.String(), Net: network, Source: proxy, Addr: dst, Err: err}

  155. 	}

  156. 	if ctx == nil {

  157. 		proxy, dst, _ := d.pathAddrs(address)

  158. 		return nil, &net.OpError{Op: d.cmd.String(), Net: network, Source: proxy, Addr: dst, Err: errors.New("nil context")}

  159. 	}

  160. 	var err error

  161. 	var c net.Conn

  162. 	if d.ProxyDial != nil {

  163. 		c, err = d.ProxyDial(ctx, d.proxyNetwork, d.proxyAddress)

  164. 	} else {

  165. 		var dd net.Dialer

  166. 		c, err = dd.DialContext(ctx, d.proxyNetwork, d.proxyAddress)

  167. 	}

  168. 	if err != nil {

  169. 		proxy, dst, _ := d.pathAddrs(address)

  170. 		return nil, &net.OpError{Op: d.cmd.String(), Net: network, Source: proxy, Addr: dst, Err: err}

  171. 	}

  172. 	a, err := d.connect(ctx, c, address)

  173. 	if err != nil {

  174. 		c.Close()

  175. 		proxy, dst, _ := d.pathAddrs(address)

  176. 		return nil, &net.OpError{Op: d.cmd.String(), Net: network, Source: proxy, Addr: dst, Err: err}

  177. 	}

  178. 	return &Conn{Conn: c, boundAddr: a}, nil

  179. }

  180. 

  181. // DialWithConn initiates a connection from SOCKS server to the target

  182. // network and address using the connection c that is already

  183. // connected to the SOCKS server.

  184. //

  185. // It returns the connection's local address assigned by the SOCKS

  186. // server.

  187. func (d *Dialer) DialWithConn(ctx context.Context, c net.Conn, network, address string) (net.Addr, error) {

  188. 	if err := d.validateTarget(network, address); err != nil {

  189. 		proxy, dst, _ := d.pathAddrs(address)

  190. 		return nil, &net.OpError{Op: d.cmd.String(), Net: network, Source: proxy, Addr: dst, Err: err}

  191. 	}

  192. 	if ctx == nil {

  193. 		proxy, dst, _ := d.pathAddrs(address)

  194. 		return nil, &net.OpError{Op: d.cmd.String(), Net: network, Source: proxy, Addr: dst, Err: errors.New("nil context")}

  195. 	}

  196. 	a, err := d.connect(ctx, c, address)

  197. 	if err != nil {

  198. 		proxy, dst, _ := d.pathAddrs(address)

  199. 		return nil, &net.OpError{Op: d.cmd.String(), Net: network, Source: proxy, Addr: dst, Err: err}

  200. 	}

  201. 	return a, nil

  202. }

  203. 

  204. // Dial connects to the provided address on the provided network.

  205. //

  206. // Unlike DialContext, it returns a raw transport connection instead

  207. // of a forward proxy connection.

  208. //

  209. // Deprecated: Use DialContext or DialWithConn instead.

  210. func (d *Dialer) Dial(network, address string) (net.Conn, error) {

  211. 	if err := d.validateTarget(network, address); err != nil {

  212. 		proxy, dst, _ := d.pathAddrs(address)

  213. 		return nil, &net.OpError{Op: d.cmd.String(), Net: network, Source: proxy, Addr: dst, Err: err}

  214. 	}

  215. 	var err error

  216. 	var c net.Conn

  217. 	if d.ProxyDial != nil {

  218. 		c, err = d.ProxyDial(context.Background(), d.proxyNetwork, d.proxyAddress)

  219. 	} else {

  220. 		c, err = net.Dial(d.proxyNetwork, d.proxyAddress)

  221. 	}

  222. 	if err != nil {

  223. 		proxy, dst, _ := d.pathAddrs(address)

  224. 		return nil, &net.OpError{Op: d.cmd.String(), Net: network, Source: proxy, Addr: dst, Err: err}

  225. 	}

  226. 	if _, err := d.DialWithConn(context.Background(), c, network, address); err != nil {

  227. 		c.Close()

  228. 		return nil, err

  229. 	}

  230. 	return c, nil

  231. }

  232. 

  233. func (d *Dialer) validateTarget(network, address string) error {

  234. 	switch network {

  235. 	case "tcp", "tcp6", "tcp4":

  236. 	default:

  237. 		return errors.New("network not implemented")

  238. 	}

  239. 	switch d.cmd {

  240. 	case CmdConnect, cmdBind:

  241. 	default:

  242. 		return errors.New("command not implemented")

  243. 	}

  244. 	return nil

  245. }

  246. 

  247. func (d *Dialer) pathAddrs(address string) (proxy, dst net.Addr, err error) {

  248. 	for i, s := range []string{d.proxyAddress, address} {

  249. 		host, port, err := splitHostPort(s)

  250. 		if err != nil {

  251. 			return nil, nil, err

  252. 		}

  253. 		a := &Addr{Port: port}

  254. 		a.IP = net.ParseIP(host)

  255. 		if a.IP == nil {

  256. 			a.Name = host

  257. 		}

  258. 		if i == 0 {

  259. 			proxy = a

  260. 		} else {

  261. 			dst = a

  262. 		}

  263. 	}

  264. 	return

  265. }

  266. 

  267. // NewDialer returns a new Dialer that dials through the provided

  268. // proxy server's network and address.

  269. func NewDialer(network, address string) *Dialer {

  270. 	return &Dialer{proxyNetwork: network, proxyAddress: address, cmd: CmdConnect}

  271. }

  272. 

  273. const (

  274. 	authUsernamePasswordVersion = 0x01

  275. 	authStatusSucceeded         = 0x00

  276. )

  277. 

  278. // UsernamePassword are the credentials for the username/password

  279. // authentication method.

  280. type UsernamePassword struct {

  281. 	Username string

  282. 	Password string

  283. }

  284. 

  285. // Authenticate authenticates a pair of username and password with the

  286. // proxy server.

  287. func (up *UsernamePassword) Authenticate(ctx context.Context, rw io.ReadWriter, auth AuthMethod) error {

  288. 	switch auth {

  289. 	case AuthMethodNotRequired:

  290. 		return nil

  291. 	case AuthMethodUsernamePassword:

  292. 		if len(up.Username) == 0 || len(up.Username) > 255 || len(up.Password) == 0 || len(up.Password) > 255 {

  293. 			return errors.New("invalid username/password")

  294. 		}

  295. 		b := []byte{authUsernamePasswordVersion}

  296. 		b = append(b, byte(len(up.Username)))

  297. 		b = append(b, up.Username...)

  298. 		b = append(b, byte(len(up.Password)))

  299. 		b = append(b, up.Password...)

  300. 		// TODO(mikio): handle IO deadlines and cancelation if

  301. 		// necessary

  302. 		if _, err := rw.Write(b); err != nil {

  303. 			return err

  304. 		}

  305. 		if _, err := io.ReadFull(rw, b[:2]); err != nil {

  306. 			return err

  307. 		}

  308. 		if b[0] != authUsernamePasswordVersion {

  309. 			return errors.New("invalid username/password version")

  310. 		}

  311. 		if b[1] != authStatusSucceeded {

  312. 			return errors.New("username/password authentication failed")

  313. 		}

  314. 		return nil

  315. 	}

  316. 	return errors.New("unsupported authentication method " + strconv.Itoa(int(auth)))

  317. }
上海开阖软件有限公司 沪ICP备12045867号-1