add bypass
This commit is contained in:
ginuerzh
@ -21,7 +21,7 @@ func init() {
|
||||
registry.RegiserConnector("http", NewConnector)
|
||||
}
|
||||
|
||||
type Connector struct {
|
||||
type httpConnector struct {
|
||||
md metadata
|
||||
logger logger.Logger
|
||||
}
|
||||
@ -32,16 +32,16 @@ func NewConnector(opts ...connector.Option) connector.Connector {
|
||||
opt(options)
|
||||
}
|
||||
|
||||
return &Connector{
|
||||
return &httpConnector{
|
||||
logger: options.Logger,
|
||||
}
|
||||
}
|
||||
|
||||
func (c *Connector) Init(md md.Metadata) (err error) {
|
||||
func (c *httpConnector) Init(md md.Metadata) (err error) {
|
||||
return c.parseMetadata(md)
|
||||
}
|
||||
|
||||
func (c *Connector) Connect(ctx context.Context, conn net.Conn, network, address string, opts ...connector.ConnectOption) (net.Conn, error) {
|
||||
func (c *httpConnector) Connect(ctx context.Context, conn net.Conn, network, address string, opts ...connector.ConnectOption) (net.Conn, error) {
|
||||
req := &http.Request{
|
||||
Method: http.MethodConnect,
|
||||
URL: &url.URL{Host: address},
|
||||
@ -95,7 +95,7 @@ func (c *Connector) Connect(ctx context.Context, conn net.Conn, network, address
|
||||
return conn, nil
|
||||
}
|
||||
|
||||
func (c *Connector) parseMetadata(md md.Metadata) (err error) {
|
||||
func (c *httpConnector) parseMetadata(md md.Metadata) (err error) {
|
||||
c.md.UserAgent, _ = md.Get(userAgent).(string)
|
||||
if c.md.UserAgent == "" {
|
||||
c.md.UserAgent = defaultUserAgent
|
||||
|
||||
@ -14,7 +14,7 @@ func init() {
|
||||
registry.RegisterDialer("tcp", NewDialer)
|
||||
}
|
||||
|
||||
type Dialer struct {
|
||||
type tcpDialer struct {
|
||||
md metadata
|
||||
logger logger.Logger
|
||||
}
|
||||
@ -25,16 +25,16 @@ func NewDialer(opts ...dialer.Option) dialer.Dialer {
|
||||
opt(options)
|
||||
}
|
||||
|
||||
return &Dialer{
|
||||
return &tcpDialer{
|
||||
logger: options.Logger,
|
||||
}
|
||||
}
|
||||
|
||||
func (d *Dialer) Init(md md.Metadata) (err error) {
|
||||
func (d *tcpDialer) Init(md md.Metadata) (err error) {
|
||||
return d.parseMetadata(md)
|
||||
}
|
||||
|
||||
func (d *Dialer) Dial(ctx context.Context, addr string, opts ...dialer.DialOption) (net.Conn, error) {
|
||||
func (d *tcpDialer) Dial(ctx context.Context, addr string, opts ...dialer.DialOption) (net.Conn, error) {
|
||||
var options dialer.DialOptions
|
||||
for _, opt := range opts {
|
||||
opt(&options)
|
||||
@ -71,6 +71,6 @@ func (d *Dialer) Dial(ctx context.Context, addr string, opts ...dialer.DialOptio
|
||||
return conn, err
|
||||
}
|
||||
|
||||
func (d *Dialer) parseMetadata(md md.Metadata) (err error) {
|
||||
func (d *tcpDialer) parseMetadata(md md.Metadata) (err error) {
|
||||
return
|
||||
}
|
||||
|
||||
@ -2,10 +2,12 @@ package http
|
||||
|
||||
import (
|
||||
"bufio"
|
||||
"bytes"
|
||||
"context"
|
||||
"encoding/base64"
|
||||
"encoding/binary"
|
||||
"errors"
|
||||
"fmt"
|
||||
"hash/crc32"
|
||||
"net"
|
||||
"net/http"
|
||||
@ -16,6 +18,7 @@ import (
|
||||
"time"
|
||||
|
||||
"github.com/go-gost/gost/pkg/auth"
|
||||
"github.com/go-gost/gost/pkg/bypass"
|
||||
"github.com/go-gost/gost/pkg/chain"
|
||||
"github.com/go-gost/gost/pkg/components/handler"
|
||||
md "github.com/go-gost/gost/pkg/components/metadata"
|
||||
@ -27,8 +30,9 @@ func init() {
|
||||
registry.RegisterHandler("http", NewHandler)
|
||||
}
|
||||
|
||||
type Handler struct {
|
||||
type httpHandler struct {
|
||||
chain *chain.Chain
|
||||
bypass bypass.Bypass
|
||||
logger logger.Logger
|
||||
md metadata
|
||||
}
|
||||
@ -39,17 +43,18 @@ func NewHandler(opts ...handler.Option) handler.Handler {
|
||||
opt(options)
|
||||
}
|
||||
|
||||
return &Handler{
|
||||
return &httpHandler{
|
||||
chain: options.Chain,
|
||||
bypass: options.Bypass,
|
||||
logger: options.Logger,
|
||||
}
|
||||
}
|
||||
|
||||
func (h *Handler) Init(md md.Metadata) error {
|
||||
func (h *httpHandler) Init(md md.Metadata) error {
|
||||
return h.parseMetadata(md)
|
||||
}
|
||||
|
||||
func (h *Handler) parseMetadata(md md.Metadata) error {
|
||||
func (h *httpHandler) parseMetadata(md md.Metadata) error {
|
||||
h.md.proxyAgent = md.GetString(proxyAgentKey)
|
||||
|
||||
if v, _ := md.Get(authsKey).([]interface{}); len(v) > 0 {
|
||||
@ -81,7 +86,7 @@ func (h *Handler) parseMetadata(md md.Metadata) error {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (h *Handler) Handle(ctx context.Context, conn net.Conn) {
|
||||
func (h *httpHandler) Handle(ctx context.Context, conn net.Conn) {
|
||||
defer conn.Close()
|
||||
|
||||
h.logger = h.logger.WithFields(map[string]interface{}{
|
||||
@ -99,7 +104,7 @@ func (h *Handler) Handle(ctx context.Context, conn net.Conn) {
|
||||
h.handleRequest(ctx, conn, req)
|
||||
}
|
||||
|
||||
func (h *Handler) handleRequest(ctx context.Context, conn net.Conn, req *http.Request) {
|
||||
func (h *httpHandler) handleRequest(ctx context.Context, conn net.Conn, req *http.Request) {
|
||||
if req == nil {
|
||||
return
|
||||
}
|
||||
@ -156,21 +161,18 @@ func (h *Handler) handleRequest(ctx context.Context, conn net.Conn, req *http.Re
|
||||
}
|
||||
*/
|
||||
|
||||
/*
|
||||
if h.options.Bypass.Contains(host) {
|
||||
resp.StatusCode = http.StatusForbidden
|
||||
if h.bypass != nil && h.bypass.Contains(host) {
|
||||
resp.StatusCode = http.StatusForbidden
|
||||
|
||||
log.Logf("[http] %s - %s bypass %s",
|
||||
conn.RemoteAddr(), conn.LocalAddr(), host)
|
||||
if Debug {
|
||||
dump, _ := httputil.DumpResponse(resp, false)
|
||||
log.Logf("[http] %s <- %s\n%s", conn.RemoteAddr(), conn.LocalAddr(), string(dump))
|
||||
}
|
||||
|
||||
resp.Write(conn)
|
||||
return
|
||||
if h.logger.IsLevelEnabled(logger.DebugLevel) {
|
||||
dump, _ := httputil.DumpResponse(resp, false)
|
||||
h.logger.Debug(string(dump))
|
||||
}
|
||||
*/
|
||||
h.logger.Info("bypass: ", host)
|
||||
|
||||
resp.Write(conn)
|
||||
return
|
||||
}
|
||||
|
||||
if !h.authenticate(conn, req, resp) {
|
||||
return
|
||||
@ -200,6 +202,7 @@ func (h *Handler) handleRequest(ctx context.Context, conn net.Conn, req *http.Re
|
||||
dump, _ := httputil.DumpResponse(resp, false)
|
||||
h.logger.Debug(string(dump))
|
||||
}
|
||||
h.logger.Error(err)
|
||||
return
|
||||
}
|
||||
defer cc.Close()
|
||||
@ -227,25 +230,21 @@ func (h *Handler) handleRequest(ctx context.Context, conn net.Conn, req *http.Re
|
||||
handler.Transport(conn, cc)
|
||||
}
|
||||
|
||||
func (h *Handler) dial(ctx context.Context, addr string) (conn net.Conn, err error) {
|
||||
func (h *httpHandler) dial(ctx context.Context, addr string) (conn net.Conn, err error) {
|
||||
count := h.md.retryCount + 1
|
||||
if count <= 0 {
|
||||
count = 1
|
||||
}
|
||||
|
||||
for i := 0; i < count; i++ {
|
||||
route := h.chain.GetRoute()
|
||||
route := h.chain.GetRouteFor(addr)
|
||||
|
||||
/*
|
||||
buf := bytes.Buffer{}
|
||||
fmt.Fprintf(&buf, "%s -> %s -> ",
|
||||
conn.RemoteAddr(), h.options.Node.String())
|
||||
for _, nd := range route.route {
|
||||
fmt.Fprintf(&buf, "%d@%s -> ", nd.ID, nd.String())
|
||||
}
|
||||
fmt.Fprintf(&buf, "%s", host)
|
||||
log.Log("[route]", buf.String())
|
||||
*/
|
||||
buf := bytes.Buffer{}
|
||||
for _, node := range route.Path() {
|
||||
fmt.Fprintf(&buf, "%s@%s -> ", node.Name(), node.Addr())
|
||||
}
|
||||
fmt.Fprintf(&buf, "%s", addr)
|
||||
h.logger.Infof("route(retry=%d): %s", i, buf.String())
|
||||
|
||||
/*
|
||||
// forward http request
|
||||
@ -270,7 +269,7 @@ func (h *Handler) dial(ctx context.Context, addr string) (conn net.Conn, err err
|
||||
return
|
||||
}
|
||||
|
||||
func (h *Handler) decodeServerName(s string) (string, error) {
|
||||
func (h *httpHandler) decodeServerName(s string) (string, error) {
|
||||
b, err := base64.RawURLEncoding.DecodeString(s)
|
||||
if err != nil {
|
||||
return "", err
|
||||
@ -288,7 +287,7 @@ func (h *Handler) decodeServerName(s string) (string, error) {
|
||||
return string(v), nil
|
||||
}
|
||||
|
||||
func (h *Handler) basicProxyAuth(proxyAuth string) (username, password string, ok bool) {
|
||||
func (h *httpHandler) basicProxyAuth(proxyAuth string) (username, password string, ok bool) {
|
||||
if proxyAuth == "" {
|
||||
return
|
||||
}
|
||||
@ -309,7 +308,7 @@ func (h *Handler) basicProxyAuth(proxyAuth string) (username, password string, o
|
||||
return cs[:s], cs[s+1:], true
|
||||
}
|
||||
|
||||
func (h *Handler) authenticate(conn net.Conn, req *http.Request, resp *http.Response) (ok bool) {
|
||||
func (h *httpHandler) authenticate(conn net.Conn, req *http.Request, resp *http.Response) (ok bool) {
|
||||
u, p, _ := h.basicProxyAuth(req.Header.Get("Proxy-Authorization"))
|
||||
if h.md.authenticator == nil || h.md.authenticator.Authenticate(u, p) {
|
||||
return true
|
||||
|
||||
@ -1 +0,0 @@
|
||||
package http
|
||||
@ -1,12 +1,14 @@
|
||||
package handler
|
||||
|
||||
import (
|
||||
"github.com/go-gost/gost/pkg/bypass"
|
||||
"github.com/go-gost/gost/pkg/chain"
|
||||
"github.com/go-gost/gost/pkg/logger"
|
||||
)
|
||||
|
||||
type Options struct {
|
||||
Chain *chain.Chain
|
||||
Bypass bypass.Bypass
|
||||
Logger logger.Logger
|
||||
}
|
||||
|
||||
@ -23,3 +25,9 @@ func ChainOption(chain *chain.Chain) Option {
|
||||
opts.Chain = chain
|
||||
}
|
||||
}
|
||||
|
||||
func BypassOption(bypass bypass.Bypass) Option {
|
||||
return func(opts *Options) {
|
||||
opts.Bypass = bypass
|
||||
}
|
||||
}
|
||||
|
||||
@ -7,6 +7,8 @@ import (
|
||||
"time"
|
||||
|
||||
"github.com/go-gost/gosocks5"
|
||||
"github.com/go-gost/gost/pkg/bypass"
|
||||
"github.com/go-gost/gost/pkg/chain"
|
||||
"github.com/go-gost/gost/pkg/components/handler"
|
||||
md "github.com/go-gost/gost/pkg/components/metadata"
|
||||
"github.com/go-gost/gost/pkg/logger"
|
||||
@ -19,7 +21,9 @@ func init() {
|
||||
registry.RegisterHandler("ss", NewHandler)
|
||||
}
|
||||
|
||||
type Handler struct {
|
||||
type ssHandler struct {
|
||||
chain *chain.Chain
|
||||
bypass bypass.Bypass
|
||||
logger logger.Logger
|
||||
md metadata
|
||||
}
|
||||
@ -30,18 +34,25 @@ func NewHandler(opts ...handler.Option) handler.Handler {
|
||||
opt(options)
|
||||
}
|
||||
|
||||
return &Handler{
|
||||
return &ssHandler{
|
||||
chain: options.Chain,
|
||||
bypass: options.Bypass,
|
||||
logger: options.Logger,
|
||||
}
|
||||
}
|
||||
|
||||
func (h *Handler) Init(md md.Metadata) (err error) {
|
||||
func (h *ssHandler) Init(md md.Metadata) (err error) {
|
||||
return h.parseMetadata(md)
|
||||
}
|
||||
|
||||
func (h *Handler) Handle(ctx context.Context, conn net.Conn) {
|
||||
func (h *ssHandler) Handle(ctx context.Context, conn net.Conn) {
|
||||
defer conn.Close()
|
||||
|
||||
h.logger = h.logger.WithFields(map[string]interface{}{
|
||||
"src": conn.RemoteAddr().String(),
|
||||
"local": conn.LocalAddr().String(),
|
||||
})
|
||||
|
||||
if h.md.cipher != nil {
|
||||
conn = &shadowConn{
|
||||
Conn: h.md.cipher.StreamConn(conn),
|
||||
@ -61,9 +72,18 @@ func (h *Handler) Handle(ctx context.Context, conn net.Conn) {
|
||||
|
||||
conn.SetReadDeadline(time.Time{})
|
||||
|
||||
host := addr.String()
|
||||
cc, err := net.Dial("tcp", host)
|
||||
h.logger = h.logger.WithFields(map[string]interface{}{
|
||||
"dst": addr.String(),
|
||||
})
|
||||
|
||||
if h.bypass != nil && h.bypass.Contains(addr.String()) {
|
||||
h.logger.Info("bypass: ", addr.String())
|
||||
return
|
||||
}
|
||||
|
||||
cc, err := h.dial(ctx, addr.String())
|
||||
if err != nil {
|
||||
h.logger.Error(err)
|
||||
return
|
||||
}
|
||||
defer cc.Close()
|
||||
@ -71,7 +91,7 @@ func (h *Handler) Handle(ctx context.Context, conn net.Conn) {
|
||||
handler.Transport(conn, cc)
|
||||
}
|
||||
|
||||
func (h *Handler) parseMetadata(md md.Metadata) (err error) {
|
||||
func (h *ssHandler) parseMetadata(md md.Metadata) (err error) {
|
||||
h.md.cipher, err = h.initCipher(
|
||||
md.GetString(method),
|
||||
md.GetString(password),
|
||||
@ -82,10 +102,41 @@ func (h *Handler) parseMetadata(md md.Metadata) (err error) {
|
||||
}
|
||||
|
||||
h.md.readTimeout = md.GetDuration(readTimeout)
|
||||
h.md.retryCount = md.GetInt(retryCount)
|
||||
return
|
||||
}
|
||||
|
||||
func (h *Handler) initCipher(method, password string, key string) (core.Cipher, error) {
|
||||
func (h *ssHandler) dial(ctx context.Context, addr string) (conn net.Conn, err error) {
|
||||
count := h.md.retryCount + 1
|
||||
if count <= 0 {
|
||||
count = 1
|
||||
}
|
||||
|
||||
for i := 0; i < count; i++ {
|
||||
route := h.chain.GetRouteFor(addr)
|
||||
|
||||
/*
|
||||
buf := bytes.Buffer{}
|
||||
fmt.Fprintf(&buf, "%s -> %s -> ",
|
||||
conn.RemoteAddr(), h.options.Node.String())
|
||||
for _, nd := range route.route {
|
||||
fmt.Fprintf(&buf, "%d@%s -> ", nd.ID, nd.String())
|
||||
}
|
||||
fmt.Fprintf(&buf, "%s", host)
|
||||
log.Log("[route]", buf.String())
|
||||
*/
|
||||
|
||||
conn, err = route.Dial(ctx, "tcp", addr)
|
||||
if err == nil {
|
||||
break
|
||||
}
|
||||
h.logger.Errorf("route(retry=%d): %s", i, err)
|
||||
}
|
||||
|
||||
return
|
||||
}
|
||||
|
||||
func (h *ssHandler) initCipher(method, password string, key string) (core.Cipher, error) {
|
||||
if method == "" && password == "" {
|
||||
return nil, nil
|
||||
}
|
||||
|
||||
@ -11,9 +11,11 @@ const (
|
||||
password = "password"
|
||||
key = "key"
|
||||
readTimeout = "readTimeout"
|
||||
retryCount = "retry"
|
||||
)
|
||||
|
||||
type metadata struct {
|
||||
cipher core.Cipher
|
||||
readTimeout time.Duration
|
||||
retryCount int
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user