Merge branch 'master' into dev

# Conflicts: # go.mod # go.sum
2024-06-19 10:10:55 +08:00
parent 63ad7f2354 15f28c667a
commit 423dd1e35d
79 changed files with 2085 additions and 631 deletions
--- a/dialer/http2/dialer.go
+++ b/dialer/http2/dialer.go
@ -70,6 +70,19 @@ func (d *http2Dialer) Dial(ctx context.Context, address string, opts ...dialer.D
 			opt(&options)
 		}

+		{
+			// Check whether the connection is established properly
+			netd := options.NetDialer
+			if netd == nil {
+				netd = net_dialer.DefaultNetDialer
+			}
+			conn, err := netd.Dial(ctx, "tcp", address)
+			if err != nil {
+				return nil, err
+			}
+			conn.Close()
+		}
+
 		client = &http.Client{
 			Transport: &http.Transport{
 				TLSClientConfig: d.options.TLSConfig,
@ -81,17 +94,16 @@ func (d *http2Dialer) Dial(ctx context.Context, address string, opts ...dialer.D
 					return netd.Dial(ctx, network, addr)
 				},
 				ForceAttemptHTTP2:     true,
-				MaxIdleConns:          100,
-				IdleConnTimeout:       90 * time.Second,
-				TLSHandshakeTimeout:   10 * time.Second,
-				ExpectContinueTimeout: 1 * time.Second,
+				MaxIdleConns:          16,
+				IdleConnTimeout:       30 * time.Second,
+				TLSHandshakeTimeout:   30 * time.Second,
+				ExpectContinueTimeout: 15 * time.Second,
 			},
 		}
 		d.clients[address] = client
 	}

-	var c net.Conn
-	c = &conn{
+	var c net.Conn = &conn{
 		localAddr:  &net.TCPAddr{},
 		remoteAddr: raddr,
 		onClose: func() {
--- a/dialer/http3/dialer.go
+++ b/dialer/http3/dialer.go
@ -86,7 +86,7 @@ func (d *http3Dialer) Dial(ctx context.Context, addr string, opts ...dialer.Dial

 						return quic.DialEarly(context.Background(), udpConn.(net.PacketConn), udpAddr, tlsCfg, cfg)
 					},
-					QuicConfig: &quic.Config{
+					QUICConfig: &quic.Config{
 						KeepAlivePeriod:      d.md.keepAlivePeriod,
 						HandshakeIdleTimeout: d.md.handshakeTimeout,
 						MaxIdleTimeout:       d.md.maxIdleTimeout,
--- a/dialer/http3/wt/dialer.go
+++ b/dialer/http3/wt/dialer.go
@ -10,7 +10,6 @@ import (
 	md "github.com/go-gost/core/metadata"
 	"github.com/go-gost/x/registry"
 	"github.com/quic-go/quic-go"
-	"github.com/quic-go/quic-go/http3"
 	wt "github.com/quic-go/webtransport-go"
 )

@ -74,33 +73,32 @@ func (d *wtDialer) Dial(ctx context.Context, addr string, opts ...dialer.DialOpt
 			path:   d.md.path,
 			header: d.md.header,
 			dialer: &wt.Dialer{
-				RoundTripper: &http3.RoundTripper{
-					TLSClientConfig: d.options.TLSConfig,
-					Dial: func(ctx context.Context, adr string, tlsCfg *tls.Config, cfg *quic.Config) (quic.EarlyConnection, error) {
-						// d.options.Logger.Infof("dial: %s, %s, %s", addr, adr, host)
-						udpAddr, err := net.ResolveUDPAddr("udp", addr)
-						if err != nil {
-							return nil, err
-						}
+				TLSClientConfig: d.options.TLSConfig,
+				DialAddr: func(ctx context.Context, adr string, tlsCfg *tls.Config, cfg *quic.Config) (quic.EarlyConnection, error) {
+					// d.options.Logger.Infof("dial: %s, %s, %s", addr, adr, host)
+					udpAddr, err := net.ResolveUDPAddr("udp", addr)
+					if err != nil {
+						return nil, err
+					}

-						udpConn, err := options.NetDialer.Dial(ctx, "udp", "")
-						if err != nil {
-							return nil, err
-						}
+					udpConn, err := options.NetDialer.Dial(ctx, "udp", "")
+					if err != nil {
+						return nil, err
+					}

-						return quic.DialEarly(ctx, udpConn.(net.PacketConn), udpAddr, tlsCfg, cfg)
-					},
-					QuicConfig: &quic.Config{
-						KeepAlivePeriod:      d.md.keepAlivePeriod,
-						HandshakeIdleTimeout: d.md.handshakeTimeout,
-						MaxIdleTimeout:       d.md.maxIdleTimeout,
-						/*
-							Versions: []quic.VersionNumber{
-								quic.Version1,
-							},
-						*/
-						MaxIncomingStreams: int64(d.md.maxStreams),
-					},
+					return quic.DialEarly(ctx, udpConn.(net.PacketConn), udpAddr, tlsCfg, cfg)
+				},
+				QUICConfig: &quic.Config{
+					KeepAlivePeriod:      d.md.keepAlivePeriod,
+					HandshakeIdleTimeout: d.md.handshakeTimeout,
+					MaxIdleTimeout:       d.md.maxIdleTimeout,
+					/*
+						Versions: []quic.VersionNumber{
+							quic.Version1,
+						},
+					*/
+					MaxIncomingStreams: int64(d.md.maxStreams),
+					EnableDatagrams:    true,
 				},
 			},
 		}
--- a/dialer/kcp/metadata.go
+++ b/dialer/kcp/metadata.go
@ -49,7 +49,12 @@ func (d *kcpDialer) parseMetadata(md mdata.Metadata) (err error) {
 	d.md.config.KeepAlive = mdutil.GetInt(md, "kcp.keepalive")
 	d.md.config.Interval = mdutil.GetInt(md, "kcp.interval")
 	d.md.config.MTU = mdutil.GetInt(md, "kcp.mtu")
+	d.md.config.RcvWnd = mdutil.GetInt(md, "kcp.rcvwnd")
+	d.md.config.SndWnd = mdutil.GetInt(md, "kcp.sndwnd")
 	d.md.config.SmuxVer = mdutil.GetInt(md, "kcp.smuxver")
+	d.md.config.SmuxBuf = mdutil.GetInt(md, "kcp.smuxbuf")
+	d.md.config.StreamBuf = mdutil.GetInt(md, "kcp.streambuf")
+	d.md.config.NoComp = mdutil.GetBool(md, "kcp.nocomp")

 	d.md.handshakeTimeout = mdutil.GetDuration(md, handshakeTimeout)
 	return
--- a/dialer/obfs/http/conn.go
+++ b/dialer/obfs/http/conn.go
@ -18,6 +18,7 @@ import (
 type obfsHTTPConn struct {
 	net.Conn
 	host           string
+	path           string
 	rbuf           bytes.Buffer
 	wbuf           bytes.Buffer
 	headerDrained  bool
--- a/dialer/obfs/http/dialer.go
+++ b/dialer/obfs/http/dialer.go
@ -2,6 +2,7 @@ package http

 import (
 	"context"
+	"crypto/tls"
 	"net"

 	"github.com/go-gost/core/dialer"
@ -12,11 +13,13 @@ import (

 func init() {
 	registry.DialerRegistry().Register("ohttp", NewDialer)
+	registry.DialerRegistry().Register("ohttps", NewDialer)
 }

 type obfsHTTPDialer struct {
-	md     metadata
-	logger logger.Logger
+	tlsEnabled bool
+	md         metadata
+	logger     logger.Logger
 }

 func NewDialer(opts ...dialer.Option) dialer.Dialer {
@ -30,6 +33,18 @@ func NewDialer(opts ...dialer.Option) dialer.Dialer {
 	}
 }

+func NewTLSDialer(opts ...dialer.Option) dialer.Dialer {
+	options := &dialer.Options{}
+	for _, opt := range opts {
+		opt(options)
+	}
+
+	return &obfsHTTPDialer{
+		tlsEnabled: true,
+		logger:     options.Logger,
+	}
+}
+
 func (d *obfsHTTPDialer) Init(md md.Metadata) (err error) {
 	return d.parseMetadata(md)
 }
@ -59,9 +74,16 @@ func (d *obfsHTTPDialer) Handshake(ctx context.Context, conn net.Conn, options .
 		host = opts.Addr
 	}

+	if d.tlsEnabled {
+		conn = tls.Client(conn, &tls.Config{
+			ServerName: host,
+		})
+	}
+
 	return &obfsHTTPConn{
 		Conn:   conn,
 		host:   host,
+		path:   d.md.path,
 		header: d.md.header,
 		logger: d.logger,
 	}, nil
--- a/dialer/obfs/http/metadata.go
+++ b/dialer/obfs/http/metadata.go
@ -7,24 +7,29 @@ import (
 	mdutil "github.com/go-gost/core/metadata/util"
 )

+const (
+	defaultPath = "/"
+)
+
 type metadata struct {
 	host   string
+	path   string
 	header http.Header
 }

 func (d *obfsHTTPDialer) parseMetadata(md mdata.Metadata) (err error) {
-	const (
-		header = "header"
-		host   = "host"
-	)
+	d.md.host = mdutil.GetString(md, "obfs.host", "host")
+	d.md.path = mdutil.GetString(md, "obfs.path", "path")
+	if d.md.path == "" {
+		d.md.path = defaultPath
+	}

-	if m := mdutil.GetStringMapString(md, header); len(m) > 0 {
+	if m := mdutil.GetStringMapString(md, "obfs.header", "header"); len(m) > 0 {
 		h := http.Header{}
 		for k, v := range m {
 			h.Add(k, v)
 		}
 		d.md.header = h
 	}
-	d.md.host = mdutil.GetString(md, host)
 	return
 }
--- a/dialer/ssh/metadata.go
+++ b/dialer/ssh/metadata.go
@ -1,11 +1,14 @@
 package ssh

 import (
+	"fmt"
 	"os"
 	"time"

 	mdata "github.com/go-gost/core/metadata"
 	mdutil "github.com/go-gost/core/metadata/util"
+	"github.com/mitchellh/go-homedir"
+	"github.com/zalando/go-keyring"
 	"golang.org/x/crypto/ssh"
 )

@ -20,21 +23,35 @@ type metadata struct {

 func (d *sshDialer) parseMetadata(md mdata.Metadata) (err error) {
 	const (
-		handshakeTimeout = "handshakeTimeout"
-		privateKeyFile   = "privateKeyFile"
-		passphrase       = "passphrase"
+		handshakeTimeout      = "handshakeTimeout"
+		privateKeyFile        = "privateKeyFile"
+		passphrase            = "passphrase"
+		passphraseFromKeyring = "passphraseFromKeyring"
 	)

 	if key := mdutil.GetString(md, privateKeyFile); key != "" {
+		key, err = homedir.Expand(key)
+		if err != nil {
+			return err
+		}
 		data, err := os.ReadFile(key)
 		if err != nil {
 			return err
 		}

-		if pp := mdutil.GetString(md, passphrase); pp != "" {
-			d.md.signer, err = ssh.ParsePrivateKeyWithPassphrase(data, []byte(pp))
+		var pp string
+		if mdutil.GetBool(md, passphraseFromKeyring) {
+			pp, err = keyring.Get(fmt.Sprintf("SSH %s", key), d.options.Auth.Username())
+			if err != nil {
+				return fmt.Errorf("unable to get secret(%s) from keyring: %w", key, err)
+			}
 		} else {
+			pp = mdutil.GetString(md, passphrase)
+		}
+		if pp == "" {
 			d.md.signer, err = ssh.ParsePrivateKey(data)
+		} else {
+			d.md.signer, err = ssh.ParsePrivateKeyWithPassphrase(data, []byte(pp))
 		}
 		if err != nil {
 			return err
--- a/dialer/sshd/metadata.go
+++ b/dialer/sshd/metadata.go
@ -1,11 +1,14 @@
 package sshd

 import (
+	"fmt"
 	"os"
 	"time"

 	mdata "github.com/go-gost/core/metadata"
 	mdutil "github.com/go-gost/core/metadata/util"
+	"github.com/mitchellh/go-homedir"
+	"github.com/zalando/go-keyring"
 	"golang.org/x/crypto/ssh"
 )

@ -26,12 +29,24 @@ func (d *sshdDialer) parseMetadata(md mdata.Metadata) (err error) {
 	)

 	if key := mdutil.GetString(md, privateKeyFile); key != "" {
+		key, err = homedir.Expand(key)
+		if err != nil {
+			return err
+		}
 		data, err := os.ReadFile(key)
 		if err != nil {
 			return err
 		}

-		pp := mdutil.GetString(md, passphrase)
+		var pp string
+		if mdutil.GetBool(md, "passphraseFromKeyring") {
+			pp, err = keyring.Get(fmt.Sprintf("SSH %s", key), key)
+			if err != nil {
+				return fmt.Errorf("unable to get secret(%s) from keyring: %w", key, err)
+			}
+		} else {
+			pp = mdutil.GetString(md, passphrase)
+		}
 		if pp == "" {
 			d.md.signer, err = ssh.ParsePrivateKey(data)
 		} else {