go-gost/x
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

update sni handler

Browse Source
This commit is contained in:
ginuerzh 2022-04-14 14:53:13 +08:00
parent 7a334c173c
commit dca2a79c54
4 changed files with 102 additions and 84 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
handler/http/handler.go
View File

@ -84,7 +84,7 @@ func (h *httpHandler) Handle(ctx context.Context, conn net.Conn, opts ...handler
} }
func (h *httpHandler) handleRequest(ctx context.Context, conn net.Conn, req *http.Request, log logger.Logger) error { func (h *httpHandler) handleRequest(ctx context.Context, conn net.Conn, req *http.Request, log logger.Logger) error {
if h.md.sni && !req.URL.IsAbs() && govalidator.IsDNSName(req.Host) { if !req.URL.IsAbs() && govalidator.IsDNSName(req.Host) {
req.URL.Scheme = "http" req.URL.Scheme = "http"
} }

3
handler/http/metadata.go
View File

@ -10,7 +10,6 @@ import (
type metadata struct { type metadata struct {
probeResistance *probeResistance probeResistance *probeResistance
sni bool
enableUDP bool enableUDP bool
header http.Header header http.Header
} }
@ -20,7 +19,6 @@ func (h *httpHandler) parseMetadata(md mdata.Metadata) error {
header = "header" header = "header"
probeResistKey = "probeResistance" probeResistKey = "probeResistance"
knock = "knock" knock = "knock"
sni = "sni"
enableUDP = "udp" enableUDP = "udp"
) )
@ -41,7 +39,6 @@ func (h *httpHandler) parseMetadata(md mdata.Metadata) error {
} }
} }
} }
h.md.sni = mdx.GetBool(md, sni)
h.md.enableUDP = mdx.GetBool(md, enableUDP) h.md.enableUDP = mdx.GetBool(md, enableUDP)
return nil return nil

18
handler/sni/conn.go
View File

@ -1,20 +1,10 @@
package sni package sni
import ( import (
"net" "io"
) )
type cacheConn struct { type readWriter struct {
net.Conn io.Reader
buf []byte io.Writer
}
func (c *cacheConn) Read(b []byte) (n int, err error) {
if len(c.buf) > 0 {
n = copy(b, c.buf)
c.buf = c.buf[n:]
return
}
return c.Conn.Read(b)
} }

163
handler/sni/handler.go
View File

@ -1,19 +1,23 @@
package sni package sni
import ( import (
"bufio"
"bytes" "bytes"
"context" "context"
"crypto/tls"
"encoding/base64" "encoding/base64"
"encoding/binary" "encoding/binary"
"errors" "errors"
"hash/crc32" "hash/crc32"
"io" "io"
"net" "net"
"net/http"
"net/http/httputil"
"time" "time"
"github.com/go-gost/core/chain" "github.com/go-gost/core/chain"
"github.com/go-gost/core/common/bufpool"
"github.com/go-gost/core/handler" "github.com/go-gost/core/handler"
"github.com/go-gost/core/logger"
md "github.com/go-gost/core/metadata" md "github.com/go-gost/core/metadata"
dissector "github.com/go-gost/tls-dissector" dissector "github.com/go-gost/tls-dissector"
netpkg "github.com/go-gost/x/internal/net" netpkg "github.com/go-gost/x/internal/net"
@ -25,10 +29,9 @@ func init() {
} }
type sniHandler struct { type sniHandler struct {
httpHandler handler.Handler router *chain.Router
router *chain.Router md metadata
md metadata options handler.Options
options handler.Options
} }
func NewHandler(opts ...handler.Option) handler.Handler { func NewHandler(opts ...handler.Option) handler.Handler {
@ -41,12 +44,6 @@ func NewHandler(opts ...handler.Option) handler.Handler {
options: options, options: options,
} }
if f := registry.HandlerRegistry().Get("http"); f != nil {
v := append(opts,
handler.LoggerOption(h.options.Logger.WithFields(map[string]any{"type": "http"})))
h.httpHandler = f(v...)
}
return h return h
} }
@ -54,14 +51,6 @@ func (h *sniHandler) Init(md md.Metadata) (err error) {
if err = h.parseMetadata(md); err != nil { if err = h.parseMetadata(md); err != nil {
return return
} }
if h.httpHandler != nil {
if md != nil {
md.Set("sni", true)
}
if err = h.httpHandler.Init(md); err != nil {
return
}
}
h.router = h.options.Router h.router = h.options.Router
if h.router == nil { if h.router == nil {
@ -93,69 +82,121 @@ func (h *sniHandler) Handle(ctx context.Context, conn net.Conn, opts ...handler.
return err return err
} }
if hdr[0] != dissector.Handshake { rw := &readWriter{
// We assume it is an HTTP request Reader: io.MultiReader(bytes.NewReader(hdr[:]), conn),
conn = &cacheConn{ Writer: conn,
Conn: conn,
buf: hdr[:],
}
if h.httpHandler != nil {
return h.httpHandler.Handle(ctx, conn)
}
return nil
} }
if hdr[0] == dissector.Handshake &&
length := binary.BigEndian.Uint16(hdr[3:5]) binary.BigEndian.Uint16(hdr[1:3]) == tls.VersionTLS10 {
return h.handleHTTPS(ctx, rw, conn.RemoteAddr(), log)
buf := bufpool.Get(int(length) + dissector.RecordHeaderLen)
defer bufpool.Put(buf)
if _, err := io.ReadFull(conn, (*buf)[dissector.RecordHeaderLen:]); err != nil {
log.Error(err)
return err
} }
copy(*buf, hdr[:]) return h.handleHTTP(ctx, rw, conn.RemoteAddr(), log)
}
opaque, host, err := h.decodeHost(bytes.NewReader(*buf)) func (h *sniHandler) handleHTTP(ctx context.Context, rw io.ReadWriter, raddr net.Addr, log logger.Logger) error {
req, err := http.ReadRequest(bufio.NewReader(rw))
if err != nil { if err != nil {
log.Error(err)
return err return err
} }
target := net.JoinHostPort(host, "443")
if log.IsLevelEnabled(logger.DebugLevel) {
dump, _ := httputil.DumpRequest(req, false)
log.Debug(string(dump))
}
host := req.Host
if _, _, err := net.SplitHostPort(host); err != nil {
host = net.JoinHostPort(host, "80")
}
log = log.WithFields(map[string]any{ log = log.WithFields(map[string]any{
"dst": target, "host": host,
}) })
log.Infof("%s >> %s", conn.RemoteAddr(), target)
if h.options.Bypass != nil && h.options.Bypass.Contains(target) { if h.options.Bypass != nil && h.options.Bypass.Contains(host) {
log.Info("bypass: ", target) log.Info("bypass: ", host)
return nil return nil
} }
cc, err := h.router.Dial(ctx, "tcp", target) cc, err := h.router.Dial(ctx, "tcp", host)
if err != nil { if err != nil {
log.Error(err) log.Error(err)
return err return err
} }
defer cc.Close() defer cc.Close()
if _, err := cc.Write(opaque); err != nil { t := time.Now()
log.Infof("%s <-> %s", raddr, host)
defer func() {
log.WithFields(map[string]any{
"duration": time.Since(t),
}).Infof("%s >-< %s", raddr, host)
}()
if err := req.Write(cc); err != nil {
log.Error(err) log.Error(err)
return err return err
} }
t := time.Now() resp, err := http.ReadResponse(bufio.NewReader(cc), req)
log.Infof("%s <-> %s", conn.RemoteAddr(), target) if err != nil {
netpkg.Transport(conn, cc) log.Error(err)
log.WithFields(map[string]any{ return err
"duration": time.Since(t), }
}).Infof("%s >-< %s", conn.RemoteAddr(), target) defer resp.Body.Close()
if log.IsLevelEnabled(logger.DebugLevel) {
dump, _ := httputil.DumpResponse(resp, false)
log.Debug(string(dump))
}
return resp.Write(rw)
return nil
} }
func (h *sniHandler) decodeHost(r io.Reader) (opaque []byte, host string, err error) { func (h *sniHandler) handleHTTPS(ctx context.Context, rw io.ReadWriter, raddr net.Addr, log logger.Logger) error {
buf := new(bytes.Buffer)
host, err := h.decodeHost(io.TeeReader(rw, buf))
if err != nil {
log.Error(err)
return err
}
if _, _, err := net.SplitHostPort(host); err != nil {
host = net.JoinHostPort(host, "443")
}
log = log.WithFields(map[string]any{
"dst": host,
})
log.Infof("%s >> %s", raddr, host)
if h.options.Bypass != nil && h.options.Bypass.Contains(host) {
log.Info("bypass: ", host)
return nil
}
cc, err := h.router.Dial(ctx, "tcp", host)
if err != nil {
log.Error(err)
return err
}
defer cc.Close()
t := time.Now()
log.Infof("%s <-> %s", raddr, host)
netpkg.Transport(&readWriter{
Reader: io.MultiReader(buf, rw),
Writer: rw,
}, cc)
log.WithFields(map[string]any{
"duration": time.Since(t),
}).Infof("%s >-< %s", raddr, host)
return nil
}
func (h *sniHandler) decodeHost(r io.Reader) (host string, err error) {
record, err := dissector.ReadRecord(r) record, err := dissector.ReadRecord(r)
if err != nil { if err != nil {
return return
@ -190,16 +231,6 @@ func (h *sniHandler) decodeHost(r io.Reader) (opaque []byte, host string, err er
} }
} }
record.Opaque, err = clientHello.Encode()
if err != nil {
return
}
buf := &bytes.Buffer{}
if _, err = record.WriteTo(buf); err != nil {
return
}
opaque = buf.Bytes()
return return
} }