add auther config
This commit is contained in:
ginuerzh
@ -16,9 +16,7 @@ import (
|
||||
"time"
|
||||
|
||||
"github.com/asaskevich/govalidator"
|
||||
"github.com/go-gost/gost/pkg/auth"
|
||||
"github.com/go-gost/gost/pkg/chain"
|
||||
auth_util "github.com/go-gost/gost/pkg/common/util/auth"
|
||||
"github.com/go-gost/gost/pkg/handler"
|
||||
"github.com/go-gost/gost/pkg/logger"
|
||||
md "github.com/go-gost/gost/pkg/metadata"
|
||||
@ -30,10 +28,9 @@ func init() {
|
||||
}
|
||||
|
||||
type httpHandler struct {
|
||||
router *chain.Router
|
||||
authenticator auth.Authenticator
|
||||
md metadata
|
||||
options handler.Options
|
||||
router *chain.Router
|
||||
md metadata
|
||||
options handler.Options
|
||||
}
|
||||
|
||||
func NewHandler(opts ...handler.Option) handler.Handler {
|
||||
@ -52,7 +49,6 @@ func (h *httpHandler) Init(md md.Metadata) error {
|
||||
return err
|
||||
}
|
||||
|
||||
h.authenticator = auth_util.AuthFromUsers(h.options.Auths...)
|
||||
h.router = &chain.Router{
|
||||
Retries: h.options.Retries,
|
||||
Chain: h.options.Chain,
|
||||
@ -266,7 +262,7 @@ func (h *httpHandler) basicProxyAuth(proxyAuth string, log logger.Logger) (usern
|
||||
|
||||
func (h *httpHandler) authenticate(conn net.Conn, req *http.Request, resp *http.Response, log logger.Logger) (ok bool) {
|
||||
u, p, _ := h.basicProxyAuth(req.Header.Get("Proxy-Authorization"), log)
|
||||
if h.authenticator == nil || h.authenticator.Authenticate(u, p) {
|
||||
if h.options.Auther == nil || h.options.Auther.Authenticate(u, p) {
|
||||
return true
|
||||
}
|
||||
|
||||
|
||||
@ -18,9 +18,7 @@ import (
|
||||
"strings"
|
||||
"time"
|
||||
|
||||
"github.com/go-gost/gost/pkg/auth"
|
||||
"github.com/go-gost/gost/pkg/chain"
|
||||
auth_util "github.com/go-gost/gost/pkg/common/util/auth"
|
||||
"github.com/go-gost/gost/pkg/handler"
|
||||
http2_util "github.com/go-gost/gost/pkg/internal/util/http2"
|
||||
"github.com/go-gost/gost/pkg/logger"
|
||||
@ -33,10 +31,9 @@ func init() {
|
||||
}
|
||||
|
||||
type http2Handler struct {
|
||||
router *chain.Router
|
||||
authenticator auth.Authenticator
|
||||
md metadata
|
||||
options handler.Options
|
||||
router *chain.Router
|
||||
md metadata
|
||||
options handler.Options
|
||||
}
|
||||
|
||||
func NewHandler(opts ...handler.Option) handler.Handler {
|
||||
@ -55,7 +52,6 @@ func (h *http2Handler) Init(md md.Metadata) error {
|
||||
return err
|
||||
}
|
||||
|
||||
h.authenticator = auth_util.AuthFromUsers(h.options.Auths...)
|
||||
h.router = &chain.Router{
|
||||
Retries: h.options.Retries,
|
||||
Chain: h.options.Chain,
|
||||
@ -239,7 +235,7 @@ func (h *http2Handler) basicProxyAuth(proxyAuth string) (username, password stri
|
||||
|
||||
func (h *http2Handler) authenticate(w http.ResponseWriter, r *http.Request, resp *http.Response, log logger.Logger) (ok bool) {
|
||||
u, p, _ := h.basicProxyAuth(r.Header.Get("Proxy-Authorization"))
|
||||
if h.authenticator == nil || h.authenticator.Authenticate(u, p) {
|
||||
if h.options.Auther == nil || h.options.Auther.Authenticate(u, p) {
|
||||
return true
|
||||
}
|
||||
|
||||
|
||||
@ -4,6 +4,7 @@ import (
|
||||
"crypto/tls"
|
||||
"net/url"
|
||||
|
||||
"github.com/go-gost/gost/pkg/auth"
|
||||
"github.com/go-gost/gost/pkg/bypass"
|
||||
"github.com/go-gost/gost/pkg/chain"
|
||||
"github.com/go-gost/gost/pkg/hosts"
|
||||
@ -17,7 +18,8 @@ type Options struct {
|
||||
Resolver resolver.Resolver
|
||||
Hosts hosts.HostMapper
|
||||
Bypass bypass.Bypass
|
||||
Auths []*url.Userinfo
|
||||
Auth *url.Userinfo
|
||||
Auther auth.Authenticator
|
||||
TLSConfig *tls.Config
|
||||
Logger logger.Logger
|
||||
}
|
||||
@ -54,9 +56,14 @@ func BypassOption(bypass bypass.Bypass) Option {
|
||||
}
|
||||
}
|
||||
|
||||
func AuthsOption(auths ...*url.Userinfo) Option {
|
||||
func AuthOption(auth *url.Userinfo) Option {
|
||||
return func(opts *Options) {
|
||||
opts.Auths = auths
|
||||
opts.Auth = auth
|
||||
}
|
||||
}
|
||||
func AutherOption(auther auth.Authenticator) Option {
|
||||
return func(opts *Options) {
|
||||
opts.Auther = auther
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@ -6,9 +6,7 @@ import (
|
||||
"strconv"
|
||||
"time"
|
||||
|
||||
"github.com/go-gost/gost/pkg/auth"
|
||||
"github.com/go-gost/gost/pkg/chain"
|
||||
auth_util "github.com/go-gost/gost/pkg/common/util/auth"
|
||||
"github.com/go-gost/gost/pkg/handler"
|
||||
md "github.com/go-gost/gost/pkg/metadata"
|
||||
"github.com/go-gost/gost/pkg/registry"
|
||||
@ -20,11 +18,10 @@ func init() {
|
||||
}
|
||||
|
||||
type relayHandler struct {
|
||||
group *chain.NodeGroup
|
||||
router *chain.Router
|
||||
authenticator auth.Authenticator
|
||||
md metadata
|
||||
options handler.Options
|
||||
group *chain.NodeGroup
|
||||
router *chain.Router
|
||||
md metadata
|
||||
options handler.Options
|
||||
}
|
||||
|
||||
func NewHandler(opts ...handler.Option) handler.Handler {
|
||||
@ -43,7 +40,6 @@ func (h *relayHandler) Init(md md.Metadata) (err error) {
|
||||
return err
|
||||
}
|
||||
|
||||
h.authenticator = auth_util.AuthFromUsers(h.options.Auths...)
|
||||
h.router = &chain.Router{
|
||||
Retries: h.options.Retries,
|
||||
Chain: h.options.Chain,
|
||||
@ -113,7 +109,7 @@ func (h *relayHandler) Handle(ctx context.Context, conn net.Conn) {
|
||||
Version: relay.Version1,
|
||||
Status: relay.StatusOK,
|
||||
}
|
||||
if h.authenticator != nil && !h.authenticator.Authenticate(user, pass) {
|
||||
if h.options.Auther != nil && !h.options.Auther.Authenticate(user, pass) {
|
||||
resp.Status = relay.StatusUnauthorized
|
||||
resp.WriteTo(conn)
|
||||
log.Error("unauthorized")
|
||||
|
||||
@ -6,9 +6,7 @@ import (
|
||||
"time"
|
||||
|
||||
"github.com/go-gost/gosocks4"
|
||||
"github.com/go-gost/gost/pkg/auth"
|
||||
"github.com/go-gost/gost/pkg/chain"
|
||||
auth_util "github.com/go-gost/gost/pkg/common/util/auth"
|
||||
"github.com/go-gost/gost/pkg/handler"
|
||||
"github.com/go-gost/gost/pkg/logger"
|
||||
md "github.com/go-gost/gost/pkg/metadata"
|
||||
@ -21,10 +19,9 @@ func init() {
|
||||
}
|
||||
|
||||
type socks4Handler struct {
|
||||
router *chain.Router
|
||||
authenticator auth.Authenticator
|
||||
md metadata
|
||||
options handler.Options
|
||||
router *chain.Router
|
||||
md metadata
|
||||
options handler.Options
|
||||
}
|
||||
|
||||
func NewHandler(opts ...handler.Option) handler.Handler {
|
||||
@ -43,7 +40,6 @@ func (h *socks4Handler) Init(md md.Metadata) (err error) {
|
||||
return err
|
||||
}
|
||||
|
||||
h.authenticator = auth_util.AuthFromUsers(h.options.Auths...)
|
||||
h.router = &chain.Router{
|
||||
Retries: h.options.Retries,
|
||||
Chain: h.options.Chain,
|
||||
@ -85,8 +81,8 @@ func (h *socks4Handler) Handle(ctx context.Context, conn net.Conn) {
|
||||
|
||||
conn.SetReadDeadline(time.Time{})
|
||||
|
||||
if h.authenticator != nil &&
|
||||
!h.authenticator.Authenticate(string(req.Userid), "") {
|
||||
if h.options.Auther != nil &&
|
||||
!h.options.Auther.Authenticate(string(req.Userid), "") {
|
||||
resp := gosocks4.NewReply(gosocks4.RejectedUserid, nil)
|
||||
resp.Write(conn)
|
||||
log.Debug(resp)
|
||||
|
||||
@ -7,7 +7,6 @@ import (
|
||||
|
||||
"github.com/go-gost/gosocks5"
|
||||
"github.com/go-gost/gost/pkg/chain"
|
||||
auth_util "github.com/go-gost/gost/pkg/common/util/auth"
|
||||
"github.com/go-gost/gost/pkg/common/util/socks"
|
||||
"github.com/go-gost/gost/pkg/handler"
|
||||
md "github.com/go-gost/gost/pkg/metadata"
|
||||
@ -51,7 +50,7 @@ func (h *socks5Handler) Init(md md.Metadata) (err error) {
|
||||
}
|
||||
|
||||
h.selector = &serverSelector{
|
||||
Authenticator: auth_util.AuthFromUsers(h.options.Auths...),
|
||||
Authenticator: h.options.Auther,
|
||||
TLSConfig: h.options.TLSConfig,
|
||||
logger: h.options.Logger,
|
||||
noTLS: h.md.noTLS,
|
||||
|
||||
@ -42,9 +42,9 @@ func (h *ssHandler) Init(md md.Metadata) (err error) {
|
||||
if err = h.parseMetadata(md); err != nil {
|
||||
return
|
||||
}
|
||||
if len(h.options.Auths) > 0 {
|
||||
method := h.options.Auths[0].Username()
|
||||
password, _ := h.options.Auths[0].Password()
|
||||
if h.options.Auth != nil {
|
||||
method := h.options.Auth.Username()
|
||||
password, _ := h.options.Auth.Password()
|
||||
h.cipher, err = ss.ShadowCipher(method, password, h.md.key)
|
||||
if err != nil {
|
||||
return
|
||||
|
||||
@ -43,9 +43,9 @@ func (h *ssuHandler) Init(md md.Metadata) (err error) {
|
||||
return
|
||||
}
|
||||
|
||||
if len(h.options.Auths) > 0 {
|
||||
method := h.options.Auths[0].Username()
|
||||
password, _ := h.options.Auths[0].Password()
|
||||
if h.options.Auth != nil {
|
||||
method := h.options.Auth.Username()
|
||||
password, _ := h.options.Auth.Password()
|
||||
h.cipher, err = ss.ShadowCipher(method, password, h.md.key)
|
||||
if err != nil {
|
||||
return
|
||||
|
||||
@ -54,9 +54,9 @@ func (h *tapHandler) Init(md md.Metadata) (err error) {
|
||||
return
|
||||
}
|
||||
|
||||
if len(h.options.Auths) > 0 {
|
||||
method := h.options.Auths[0].Username()
|
||||
password, _ := h.options.Auths[0].Password()
|
||||
if h.options.Auth != nil {
|
||||
method := h.options.Auth.Username()
|
||||
password, _ := h.options.Auth.Password()
|
||||
h.cipher, err = ss.ShadowCipher(method, password, h.md.key)
|
||||
if err != nil {
|
||||
return
|
||||
|
||||
@ -56,9 +56,9 @@ func (h *tunHandler) Init(md md.Metadata) (err error) {
|
||||
return
|
||||
}
|
||||
|
||||
if len(h.options.Auths) > 0 {
|
||||
method := h.options.Auths[0].Username()
|
||||
password, _ := h.options.Auths[0].Password()
|
||||
if h.options.Auth != nil {
|
||||
method := h.options.Auth.Username()
|
||||
password, _ := h.options.Auth.Password()
|
||||
h.cipher, err = ss.ShadowCipher(method, password, h.md.key)
|
||||
if err != nil {
|
||||
return
|
||||
|
||||
Reference in New Issue
Block a user