add bypass

2021-10-31 22:26:27 +08:00
parent 64736585ee
commit e2995ece96
18 changed files with 433 additions and 132 deletions
--- a/pkg/components/handler/http/handler.go
+++ b/pkg/components/handler/http/handler.go
@ -2,10 +2,12 @@ package http

 import (
 	"bufio"
+	"bytes"
 	"context"
 	"encoding/base64"
 	"encoding/binary"
 	"errors"
+	"fmt"
 	"hash/crc32"
 	"net"
 	"net/http"
@ -16,6 +18,7 @@ import (
 	"time"

 	"github.com/go-gost/gost/pkg/auth"
+	"github.com/go-gost/gost/pkg/bypass"
 	"github.com/go-gost/gost/pkg/chain"
 	"github.com/go-gost/gost/pkg/components/handler"
 	md "github.com/go-gost/gost/pkg/components/metadata"
@ -27,8 +30,9 @@ func init() {
 	registry.RegisterHandler("http", NewHandler)
 }

-type Handler struct {
+type httpHandler struct {
 	chain  *chain.Chain
+	bypass bypass.Bypass
 	logger logger.Logger
 	md     metadata
 }
@ -39,17 +43,18 @@ func NewHandler(opts ...handler.Option) handler.Handler {
 		opt(options)
 	}

-	return &Handler{
+	return &httpHandler{
 		chain:  options.Chain,
+		bypass: options.Bypass,
 		logger: options.Logger,
 	}
 }

-func (h *Handler) Init(md md.Metadata) error {
+func (h *httpHandler) Init(md md.Metadata) error {
 	return h.parseMetadata(md)
 }

-func (h *Handler) parseMetadata(md md.Metadata) error {
+func (h *httpHandler) parseMetadata(md md.Metadata) error {
 	h.md.proxyAgent = md.GetString(proxyAgentKey)

 	if v, _ := md.Get(authsKey).([]interface{}); len(v) > 0 {
@ -81,7 +86,7 @@ func (h *Handler) parseMetadata(md md.Metadata) error {
 	return nil
 }

-func (h *Handler) Handle(ctx context.Context, conn net.Conn) {
+func (h *httpHandler) Handle(ctx context.Context, conn net.Conn) {
 	defer conn.Close()

 	h.logger = h.logger.WithFields(map[string]interface{}{
@ -99,7 +104,7 @@ func (h *Handler) Handle(ctx context.Context, conn net.Conn) {
 	h.handleRequest(ctx, conn, req)
 }

-func (h *Handler) handleRequest(ctx context.Context, conn net.Conn, req *http.Request) {
+func (h *httpHandler) handleRequest(ctx context.Context, conn net.Conn, req *http.Request) {
 	if req == nil {
 		return
 	}
@ -156,21 +161,18 @@ func (h *Handler) handleRequest(ctx context.Context, conn net.Conn, req *http.Re
 		}
 	*/

-	/*
-		if h.options.Bypass.Contains(host) {
-			resp.StatusCode = http.StatusForbidden
+	if h.bypass != nil && h.bypass.Contains(host) {
+		resp.StatusCode = http.StatusForbidden

-			log.Logf("[http] %s - %s bypass %s",
-				conn.RemoteAddr(), conn.LocalAddr(), host)
-			if Debug {
-				dump, _ := httputil.DumpResponse(resp, false)
-				log.Logf("[http] %s <- %s\n%s", conn.RemoteAddr(), conn.LocalAddr(), string(dump))
-			}
-
-			resp.Write(conn)
-			return
+		if h.logger.IsLevelEnabled(logger.DebugLevel) {
+			dump, _ := httputil.DumpResponse(resp, false)
+			h.logger.Debug(string(dump))
 		}
-	*/
+		h.logger.Info("bypass: ", host)
+
+		resp.Write(conn)
+		return
+	}

 	if !h.authenticate(conn, req, resp) {
 		return
@ -200,6 +202,7 @@ func (h *Handler) handleRequest(ctx context.Context, conn net.Conn, req *http.Re
 			dump, _ := httputil.DumpResponse(resp, false)
 			h.logger.Debug(string(dump))
 		}
+		h.logger.Error(err)
 		return
 	}
 	defer cc.Close()
@ -227,25 +230,21 @@ func (h *Handler) handleRequest(ctx context.Context, conn net.Conn, req *http.Re
 	handler.Transport(conn, cc)
 }

-func (h *Handler) dial(ctx context.Context, addr string) (conn net.Conn, err error) {
+func (h *httpHandler) dial(ctx context.Context, addr string) (conn net.Conn, err error) {
 	count := h.md.retryCount + 1
 	if count <= 0 {
 		count = 1
 	}

 	for i := 0; i < count; i++ {
-		route := h.chain.GetRoute()
+		route := h.chain.GetRouteFor(addr)

-		/*
-			buf := bytes.Buffer{}
-			fmt.Fprintf(&buf, "%s -> %s -> ",
-				conn.RemoteAddr(), h.options.Node.String())
-			for _, nd := range route.route {
-				fmt.Fprintf(&buf, "%d@%s -> ", nd.ID, nd.String())
-			}
-			fmt.Fprintf(&buf, "%s", host)
-			log.Log("[route]", buf.String())
-		*/
+		buf := bytes.Buffer{}
+		for _, node := range route.Path() {
+			fmt.Fprintf(&buf, "%s@%s -> ", node.Name(), node.Addr())
+		}
+		fmt.Fprintf(&buf, "%s", addr)
+		h.logger.Infof("route(retry=%d): %s", i, buf.String())

 		/*
 			// forward http request
@ -270,7 +269,7 @@ func (h *Handler) dial(ctx context.Context, addr string) (conn net.Conn, err err
 	return
 }

-func (h *Handler) decodeServerName(s string) (string, error) {
+func (h *httpHandler) decodeServerName(s string) (string, error) {
 	b, err := base64.RawURLEncoding.DecodeString(s)
 	if err != nil {
 		return "", err
@ -288,7 +287,7 @@ func (h *Handler) decodeServerName(s string) (string, error) {
 	return string(v), nil
 }

-func (h *Handler) basicProxyAuth(proxyAuth string) (username, password string, ok bool) {
+func (h *httpHandler) basicProxyAuth(proxyAuth string) (username, password string, ok bool) {
 	if proxyAuth == "" {
 		return
 	}
@ -309,7 +308,7 @@ func (h *Handler) basicProxyAuth(proxyAuth string) (username, password string, o
 	return cs[:s], cs[s+1:], true
 }

-func (h *Handler) authenticate(conn net.Conn, req *http.Request, resp *http.Response) (ok bool) {
+func (h *httpHandler) authenticate(conn net.Conn, req *http.Request, resp *http.Response) (ok bool) {
 	u, p, _ := h.basicProxyAuth(req.Header.Get("Proxy-Authorization"))
 	if h.md.authenticator == nil || h.md.authenticator.Authenticate(u, p) {
 		return true
--- a/pkg/components/handler/http/middleware.go
+++ b/pkg/components/handler/http/middleware.go
@ -1 +0,0 @@
-package http
--- a/pkg/components/handler/option.go
+++ b/pkg/components/handler/option.go
@ -1,12 +1,14 @@
 package handler

 import (
+	"github.com/go-gost/gost/pkg/bypass"
 	"github.com/go-gost/gost/pkg/chain"
 	"github.com/go-gost/gost/pkg/logger"
 )

 type Options struct {
 	Chain  *chain.Chain
+	Bypass bypass.Bypass
 	Logger logger.Logger
 }

@ -23,3 +25,9 @@ func ChainOption(chain *chain.Chain) Option {
 		opts.Chain = chain
 	}
 }
+
+func BypassOption(bypass bypass.Bypass) Option {
+	return func(opts *Options) {
+		opts.Bypass = bypass
+	}
+}
--- a/pkg/components/handler/ss/handler.go
+++ b/pkg/components/handler/ss/handler.go
@ -7,6 +7,8 @@ import (
 	"time"

 	"github.com/go-gost/gosocks5"
+	"github.com/go-gost/gost/pkg/bypass"
+	"github.com/go-gost/gost/pkg/chain"
 	"github.com/go-gost/gost/pkg/components/handler"
 	md "github.com/go-gost/gost/pkg/components/metadata"
 	"github.com/go-gost/gost/pkg/logger"
@ -19,7 +21,9 @@ func init() {
 	registry.RegisterHandler("ss", NewHandler)
 }

-type Handler struct {
+type ssHandler struct {
+	chain  *chain.Chain
+	bypass bypass.Bypass
 	logger logger.Logger
 	md     metadata
 }
@ -30,18 +34,25 @@ func NewHandler(opts ...handler.Option) handler.Handler {
 		opt(options)
 	}

-	return &Handler{
+	return &ssHandler{
+		chain:  options.Chain,
+		bypass: options.Bypass,
 		logger: options.Logger,
 	}
 }

-func (h *Handler) Init(md md.Metadata) (err error) {
+func (h *ssHandler) Init(md md.Metadata) (err error) {
 	return h.parseMetadata(md)
 }

-func (h *Handler) Handle(ctx context.Context, conn net.Conn) {
+func (h *ssHandler) Handle(ctx context.Context, conn net.Conn) {
 	defer conn.Close()

+	h.logger = h.logger.WithFields(map[string]interface{}{
+		"src":   conn.RemoteAddr().String(),
+		"local": conn.LocalAddr().String(),
+	})
+
 	if h.md.cipher != nil {
 		conn = &shadowConn{
 			Conn: h.md.cipher.StreamConn(conn),
@ -61,9 +72,18 @@ func (h *Handler) Handle(ctx context.Context, conn net.Conn) {

 	conn.SetReadDeadline(time.Time{})

-	host := addr.String()
-	cc, err := net.Dial("tcp", host)
+	h.logger = h.logger.WithFields(map[string]interface{}{
+		"dst": addr.String(),
+	})
+
+	if h.bypass != nil && h.bypass.Contains(addr.String()) {
+		h.logger.Info("bypass: ", addr.String())
+		return
+	}
+
+	cc, err := h.dial(ctx, addr.String())
 	if err != nil {
+		h.logger.Error(err)
 		return
 	}
 	defer cc.Close()
@ -71,7 +91,7 @@ func (h *Handler) Handle(ctx context.Context, conn net.Conn) {
 	handler.Transport(conn, cc)
 }

-func (h *Handler) parseMetadata(md md.Metadata) (err error) {
+func (h *ssHandler) parseMetadata(md md.Metadata) (err error) {
 	h.md.cipher, err = h.initCipher(
 		md.GetString(method),
 		md.GetString(password),
@ -82,10 +102,41 @@ func (h *Handler) parseMetadata(md md.Metadata) (err error) {
 	}

 	h.md.readTimeout = md.GetDuration(readTimeout)
+	h.md.retryCount = md.GetInt(retryCount)
 	return
 }

-func (h *Handler) initCipher(method, password string, key string) (core.Cipher, error) {
+func (h *ssHandler) dial(ctx context.Context, addr string) (conn net.Conn, err error) {
+	count := h.md.retryCount + 1
+	if count <= 0 {
+		count = 1
+	}
+
+	for i := 0; i < count; i++ {
+		route := h.chain.GetRouteFor(addr)
+
+		/*
+			buf := bytes.Buffer{}
+			fmt.Fprintf(&buf, "%s -> %s -> ",
+				conn.RemoteAddr(), h.options.Node.String())
+			for _, nd := range route.route {
+				fmt.Fprintf(&buf, "%d@%s -> ", nd.ID, nd.String())
+			}
+			fmt.Fprintf(&buf, "%s", host)
+			log.Log("[route]", buf.String())
+		*/
+
+		conn, err = route.Dial(ctx, "tcp", addr)
+		if err == nil {
+			break
+		}
+		h.logger.Errorf("route(retry=%d): %s", i, err)
+	}
+
+	return
+}
+
+func (h *ssHandler) initCipher(method, password string, key string) (core.Cipher, error) {
 	if method == "" && password == "" {
 		return nil, nil
 	}
--- a/pkg/components/handler/ss/metadata.go
+++ b/pkg/components/handler/ss/metadata.go
@ -11,9 +11,11 @@ const (
 	password    = "password"
 	key         = "key"
 	readTimeout = "readTimeout"
+	retryCount  = "retry"
 )

 type metadata struct {
 	cipher      core.Cipher
 	readTimeout time.Duration
+	retryCount  int
 }