add client ID for plugin service

handler/socks/v4/handler.go

@@ -12,6 +12,7 @@ import (
 	md "github.com/go-gost/core/metadata"
 	"github.com/go-gost/gosocks4"
 	netpkg "github.com/go-gost/x/internal/net"
+	auth_util "github.com/go-gost/x/internal/util/auth"
 	sx "github.com/go-gost/x/internal/util/selector"
 	"github.com/go-gost/x/registry"
 )
@@ -90,11 +91,14 @@ func (h *socks4Handler) Handle(ctx context.Context, conn net.Conn, opts ...handl
 
 	conn.SetReadDeadline(time.Time{})
 
-	if h.options.Auther != nil &&
-		!h.options.Auther.Authenticate(ctx, string(req.Userid), "") {
-		resp := gosocks4.NewReply(gosocks4.RejectedUserid, nil)
-		log.Trace(resp)
-		return resp.Write(conn)
+	if h.options.Auther != nil {
+		ok, id := h.options.Auther.Authenticate(ctx, string(req.Userid), "")
+		if !ok {
+			resp := gosocks4.NewReply(gosocks4.RejectedUserid, nil)
+			log.Trace(resp)
+			return resp.Write(conn)
+		}
+		ctx = auth_util.ContextWithID(ctx, auth_util.ID(id))
 	}
 
 	switch req.Cmd {

handler/socks/v5/handler.go

@@ -10,6 +10,7 @@ import (
 	"github.com/go-gost/core/handler"
 	md "github.com/go-gost/core/metadata"
 	"github.com/go-gost/gosocks5"
+	auth_util "github.com/go-gost/x/internal/util/auth"
 	"github.com/go-gost/x/internal/util/socks"
 	"github.com/go-gost/x/registry"
 )
@@ -86,13 +87,17 @@ func (h *socks5Handler) Handle(ctx context.Context, conn net.Conn, opts ...handl
 		conn.SetReadDeadline(time.Now().Add(h.md.readTimeout))
 	}
 
-	conn = gosocks5.ServerConn(conn, h.selector)
-	req, err := gosocks5.ReadRequest(conn)
+	sc := gosocks5.ServerConn(conn, h.selector)
+	req, err := gosocks5.ReadRequest(sc)
 	if err != nil {
 		log.Error(err)
 		return err
 	}
 	log.Trace(req)
+
+	ctx = auth_util.ContextWithID(ctx, auth_util.ID(sc.ID()))
+
+	conn = sc
 	conn.SetReadDeadline(time.Time{})
 
 	address := req.Addr.String()

handler/socks/v5/selector.go

@@ -46,11 +46,12 @@ func (s *serverSelector) Select(methods ...uint8) (method uint8) {
 	return
 }
 
-func (s *serverSelector) OnSelected(method uint8, conn net.Conn) (net.Conn, error) {
+func (s *serverSelector) OnSelected(method uint8, conn net.Conn) (string, net.Conn, error) {
 	s.logger.Debugf("%d %d", gosocks5.Ver5, method)
 	switch method {
 	case socks.MethodTLS:
 		conn = tls.Server(conn, s.TLSConfig)
+		return "", conn, nil
 
 	case gosocks5.MethodUserPass, socks.MethodTLSAuth:
 		if method == socks.MethodTLSAuth {
@@ -60,32 +61,37 @@ func (s *serverSelector) OnSelected(method uint8, conn net.Conn) (net.Conn, erro
 		req, err := gosocks5.ReadUserPassRequest(conn)
 		if err != nil {
 			s.logger.Error(err)
-			return nil, err
+			return "", nil, err
 		}
 		s.logger.Trace(req)
 
-		if s.Authenticator != nil &&
-			!s.Authenticator.Authenticate(context.Background(), req.Username, req.Password) {
-			resp := gosocks5.NewUserPassResponse(gosocks5.UserPassVer, gosocks5.Failure)
-			if err := resp.Write(conn); err != nil {
-				s.logger.Error(err)
-				return nil, err
-			}
-			s.logger.Info(resp)
+		var id string
+		if s.Authenticator != nil {
+			var ok bool
+			ok, id = s.Authenticator.Authenticate(context.Background(), req.Username, req.Password)
+			if !ok {
+				resp := gosocks5.NewUserPassResponse(gosocks5.UserPassVer, gosocks5.Failure)
+				if err := resp.Write(conn); err != nil {
+					s.logger.Error(err)
+					return "", nil, err
+				}
+				s.logger.Info(resp)
 
-			return nil, gosocks5.ErrAuthFailure
+				return "", nil, gosocks5.ErrAuthFailure
+			}
 		}
 
 		resp := gosocks5.NewUserPassResponse(gosocks5.UserPassVer, gosocks5.Succeeded)
 		s.logger.Trace(resp)
 		if err := resp.Write(conn); err != nil {
 			s.logger.Error(err)
-			return nil, err
+			return "", nil, err
 		}
+		return id, conn, nil
 
 	case gosocks5.MethodNoAcceptable:
-		return nil, gosocks5.ErrBadMethod
+		return "", nil, gosocks5.ErrBadMethod
+	default:
+		return "", nil, gosocks5.ErrBadFormat
 	}
-
-	return conn, nil
 }