initial commit

2022-03-16 19:40:29 +08:00
commit 7db81fcfeb
109 changed files with 8782 additions and 0 deletions
--- a/admission/admission.go
+++ b/admission/admission.go
@ -0,0 +1,89 @@
+package admission
+
+import (
+	"net"
+	"strconv"
+
+	"github.com/go-gost/core/common/matcher"
+	"github.com/go-gost/core/logger"
+)
+
+type Admission interface {
+	Admit(addr string) bool
+}
+
+type options struct {
+	logger logger.Logger
+}
+
+type Option func(opts *options)
+
+func LoggerOption(logger logger.Logger) Option {
+	return func(opts *options) {
+		opts.logger = logger
+	}
+}
+
+type admission struct {
+	matchers []matcher.Matcher
+	reversed bool
+	options  options
+}
+
+// NewAdmission creates and initializes a new Admission using matchers as its match rules.
+// The rules will be reversed if the reversed is true.
+func NewAdmission(reversed bool, matchers []matcher.Matcher, opts ...Option) Admission {
+	options := options{}
+	for _, opt := range opts {
+		opt(&options)
+	}
+	return &admission{
+		matchers: matchers,
+		reversed: reversed,
+		options:  options,
+	}
+}
+
+// NewAdmissionPatterns creates and initializes a new Admission using matcher patterns as its match rules.
+// The rules will be reversed if the reverse is true.
+func NewAdmissionPatterns(reversed bool, patterns []string, opts ...Option) Admission {
+	var matchers []matcher.Matcher
+	for _, pattern := range patterns {
+		if m := matcher.NewMatcher(pattern); m != nil {
+			matchers = append(matchers, m)
+		}
+	}
+	return NewAdmission(reversed, matchers, opts...)
+}
+
+func (p *admission) Admit(addr string) bool {
+	if addr == "" || p == nil || len(p.matchers) == 0 {
+		p.options.logger.Debugf("admission: %v is denied", addr)
+		return false
+	}
+
+	// try to strip the port
+	if host, port, _ := net.SplitHostPort(addr); host != "" && port != "" {
+		if p, _ := strconv.Atoi(port); p > 0 { // port is valid
+			addr = host
+		}
+	}
+
+	var matched bool
+	for _, matcher := range p.matchers {
+		if matcher == nil {
+			continue
+		}
+		if matcher.Match(addr) {
+			matched = true
+			break
+		}
+	}
+
+	b := !p.reversed && matched ||
+		p.reversed && !matched
+	if !b {
+		p.options.logger.Debugf("admission: %v is denied", addr)
+	}
+	return b
+}
--- a/admission/wrapper/conn.go
+++ b/admission/wrapper/conn.go
@ -0,0 +1,223 @@
+package wrapper
+
+import (
+	"errors"
+	"io"
+	"net"
+	"syscall"
+
+	"github.com/go-gost/core/admission"
+)
+
+var (
+	errUnsupport = errors.New("unsupported operation")
+)
+
+type packetConn struct {
+	net.PacketConn
+	admission admission.Admission
+}
+
+func WrapPacketConn(admission admission.Admission, pc net.PacketConn) net.PacketConn {
+	if admission == nil {
+		return pc
+	}
+	return &packetConn{
+		PacketConn: pc,
+		admission:  admission,
+	}
+}
+
+func (c *packetConn) ReadFrom(p []byte) (n int, addr net.Addr, err error) {
+	for {
+		n, addr, err = c.PacketConn.ReadFrom(p)
+		if err != nil {
+			return
+		}
+
+		if c.admission != nil &&
+			!c.admission.Admit(addr.String()) {
+			continue
+		}
+
+		return
+	}
+}
+
+type udpConn struct {
+	net.PacketConn
+	admission admission.Admission
+}
+
+func WrapUDPConn(admission admission.Admission, pc net.PacketConn) UDPConn {
+	return &udpConn{
+		PacketConn: pc,
+		admission:  admission,
+	}
+}
+
+func (c *udpConn) RemoteAddr() net.Addr {
+	if nc, ok := c.PacketConn.(remoteAddr); ok {
+		return nc.RemoteAddr()
+	}
+	return nil
+}
+
+func (c *udpConn) SetReadBuffer(n int) error {
+	if nc, ok := c.PacketConn.(setBuffer); ok {
+		return nc.SetReadBuffer(n)
+	}
+	return errUnsupport
+}
+
+func (c *udpConn) SetWriteBuffer(n int) error {
+	if nc, ok := c.PacketConn.(setBuffer); ok {
+		return nc.SetWriteBuffer(n)
+	}
+	return errUnsupport
+}
+
+func (c *udpConn) Read(b []byte) (n int, err error) {
+	if nc, ok := c.PacketConn.(io.Reader); ok {
+		n, err = nc.Read(b)
+		return
+	}
+	err = errUnsupport
+	return
+}
+
+func (c *udpConn) ReadFrom(p []byte) (n int, addr net.Addr, err error) {
+	for {
+		n, addr, err = c.PacketConn.ReadFrom(p)
+		if err != nil {
+			return
+		}
+		if c.admission != nil &&
+			!c.admission.Admit(addr.String()) {
+			continue
+		}
+		return
+	}
+}
+
+func (c *udpConn) ReadFromUDP(b []byte) (n int, addr *net.UDPAddr, err error) {
+	if nc, ok := c.PacketConn.(readUDP); ok {
+		for {
+			n, addr, err = nc.ReadFromUDP(b)
+			if err != nil {
+				return
+			}
+			if c.admission != nil &&
+				!c.admission.Admit(addr.String()) {
+				continue
+			}
+			return
+		}
+	}
+	err = errUnsupport
+	return
+}
+
+func (c *udpConn) ReadMsgUDP(b, oob []byte) (n, oobn, flags int, addr *net.UDPAddr, err error) {
+	if nc, ok := c.PacketConn.(readUDP); ok {
+		for {
+			n, oobn, flags, addr, err = nc.ReadMsgUDP(b, oob)
+			if err != nil {
+				return
+			}
+			if c.admission != nil &&
+				!c.admission.Admit(addr.String()) {
+				continue
+			}
+			return
+		}
+	}
+	err = errUnsupport
+	return
+}
+
+func (c *udpConn) Write(b []byte) (n int, err error) {
+	if nc, ok := c.PacketConn.(io.Writer); ok {
+		n, err = nc.Write(b)
+		return
+	}
+	err = errUnsupport
+	return
+}
+
+func (c *udpConn) WriteTo(p []byte, addr net.Addr) (n int, err error) {
+	n, err = c.PacketConn.WriteTo(p, addr)
+	return
+}
+
+func (c *udpConn) WriteToUDP(b []byte, addr *net.UDPAddr) (n int, err error) {
+	if nc, ok := c.PacketConn.(writeUDP); ok {
+		n, err = nc.WriteToUDP(b, addr)
+		return
+	}
+	err = errUnsupport
+	return
+}
+
+func (c *udpConn) WriteMsgUDP(b, oob []byte, addr *net.UDPAddr) (n, oobn int, err error) {
+	if nc, ok := c.PacketConn.(writeUDP); ok {
+		n, oobn, err = nc.WriteMsgUDP(b, oob, addr)
+		return
+	}
+	err = errUnsupport
+	return
+}
+
+func (c *udpConn) SyscallConn() (rc syscall.RawConn, err error) {
+	if nc, ok := c.PacketConn.(syscallConn); ok {
+		return nc.SyscallConn()
+	}
+	err = errUnsupport
+	return
+}
+
+func (c *udpConn) SetDSCP(n int) error {
+	if nc, ok := c.PacketConn.(setDSCP); ok {
+		return nc.SetDSCP(n)
+	}
+	return nil
+}
+
+type UDPConn interface {
+	net.PacketConn
+	io.Reader
+	io.Writer
+	readUDP
+	writeUDP
+	setBuffer
+	syscallConn
+	remoteAddr
+}
+
+type setBuffer interface {
+	SetReadBuffer(bytes int) error
+	SetWriteBuffer(bytes int) error
+}
+
+type readUDP interface {
+	ReadFromUDP(b []byte) (n int, addr *net.UDPAddr, err error)
+	ReadMsgUDP(b, oob []byte) (n, oobn, flags int, addr *net.UDPAddr, err error)
+}
+
+type writeUDP interface {
+	WriteToUDP(b []byte, addr *net.UDPAddr) (int, error)
+	WriteMsgUDP(b, oob []byte, addr *net.UDPAddr) (n, oobn int, err error)
+}
+
+type syscallConn interface {
+	SyscallConn() (syscall.RawConn, error)
+}
+
+type remoteAddr interface {
+	RemoteAddr() net.Addr
+}
+
+// tcpraw.TCPConn
+type setDSCP interface {
+	SetDSCP(int) error
+}
--- a/admission/wrapper/listener.go
+++ b/admission/wrapper/listener.go
@ -0,0 +1,37 @@
+package wrapper
+
+import (
+	"net"
+
+	"github.com/go-gost/core/admission"
+)
+
+type listener struct {
+	net.Listener
+	admission admission.Admission
+}
+
+func WrapListener(admission admission.Admission, ln net.Listener) net.Listener {
+	if admission == nil {
+		return ln
+	}
+	return &listener{
+		Listener:  ln,
+		admission: admission,
+	}
+}
+
+func (ln *listener) Accept() (net.Conn, error) {
+	for {
+		c, err := ln.Listener.Accept()
+		if err != nil {
+			return nil, err
+		}
+		if ln.admission != nil &&
+			!ln.admission.Admit(c.RemoteAddr().String()) {
+			c.Close()
+			continue
+		}
+		return c, err
+	}
+}