diff --git a/config/examples/8.transparent_proxy_with_dnsmasq/README.md b/config/examples/8.transparent_proxy_with_dnsmasq/README.md index 9f4aeef..56e8118 100644 --- a/config/examples/8.transparent_proxy_with_dnsmasq/README.md +++ b/config/examples/8.transparent_proxy_with_dnsmasq/README.md @@ -33,7 +33,7 @@ ipset=/example4.com/myset #### Config iptables on your linux gateway ```bash iptables -t nat -I PREROUTING -p tcp -m set --match-set myset dst -j REDIRECT --to-ports 1081 -iptables -t nat -I OUTPUT -p tcp -m set --match-set myset dst -j REDIRECT --to-ports 1081 +#iptables -t nat -I OUTPUT -p tcp -m set --match-set myset dst -j REDIRECT --to-ports 1081 ``` #### When client requests network, the whole process: diff --git a/config/examples/9.transparent_proxy_without_dnsmasq/README.md b/config/examples/9.transparent_proxy_without_dnsmasq/README.md index e7b337c..6304119 100644 --- a/config/examples/9.transparent_proxy_without_dnsmasq/README.md +++ b/config/examples/9.transparent_proxy_without_dnsmasq/README.md @@ -73,7 +73,7 @@ cidr=172.16.102.0/24 #### Configure iptables on your linux gateway ```bash iptables -t nat -I PREROUTING -p tcp -m set --match-set glider dst -j REDIRECT --to-ports 1081 -iptables -t nat -I OUTPUT -p tcp -m set --match-set glider dst -j REDIRECT --to-ports 1081 +#iptables -t nat -I OUTPUT -p tcp -m set --match-set glider dst -j REDIRECT --to-ports 1081 ``` #### Client DNS settings diff --git a/main.go b/main.go index 34865c1..8634a86 100644 --- a/main.go +++ b/main.go @@ -81,7 +81,7 @@ func main() { log.Fatal(err) } - go local.ListenAndServe(nil) + go local.ListenAndServe() } sigCh := make(chan os.Signal, 1) diff --git a/proxy/http/http.go b/proxy/http/http.go index 871a76a..76095ce 100644 --- a/proxy/http/http.go +++ b/proxy/http/http.go @@ -35,7 +35,7 @@ func init() { proxy.RegisterServer("http", NewHTTPServer) } -// NewHTTP returns a http proxy. +// NewHTTP returns a http proxy func NewHTTP(s string, dialer proxy.Dialer) (*HTTP, error) { u, err := url.Parse(s) if err != nil { @@ -63,38 +63,34 @@ func NewHTTP(s string, dialer proxy.Dialer) (*HTTP, error) { return h, nil } -// NewHTTPDialer returns a http proxy dialer. +// NewHTTPDialer returns a http proxy dialer func NewHTTPDialer(s string, dialer proxy.Dialer) (proxy.Dialer, error) { return NewHTTP(s, dialer) } -// NewHTTPServer returns a http proxy server. +// NewHTTPServer returns a http proxy server func NewHTTPServer(s string, dialer proxy.Dialer) (proxy.Server, error) { return NewHTTP(s, dialer) } // ListenAndServe . -func (s *HTTP) ListenAndServe(c net.Conn) { - if c == nil { - l, err := net.Listen("tcp", s.addr) +func (s *HTTP) ListenAndServe() { + l, err := net.Listen("tcp", s.addr) + if err != nil { + log.F("[http] failed to listen on %s: %v", s.addr, err) + return + } + defer l.Close() + + log.F("[http] listening TCP on %s", s.addr) + + for { + c, err := l.Accept() if err != nil { - log.F("failed to listen on %s: %v", s.addr, err) - return + log.F("[http] failed to accept: %v", err) + continue } - defer l.Close() - log.F("listening TCP on %s", s.addr) - - for { - c, err := l.Accept() - if err != nil { - log.F("[http] failed to accept: %v", err) - continue - } - - go s.Serve(c) - } - } else { go s.Serve(c) } } @@ -115,20 +111,19 @@ func (s *HTTP) Serve(c net.Conn) { } if s.pretendAsWebServer { - fmt.Fprintf(c, "%s 404 Not Found\r\nServer: nginx\r\n\r\n", proto) + fmt.Fprintf(c, "%s 404 Not Found\r\nServer: nginx\r\n\r\n404 Not Found\r\n", proto) log.F("[http pretender] being accessed as web server from %s", c.RemoteAddr().String()) return } if method == "CONNECT" { s.servHTTPS(method, requestURI, proto, c) - //c.Write([]byte("HTTP/1.1 405\nAllow: GET, POST, HEAD, OPTION, PATCH\nServer: vsps/1.2\nContent-Type: \n\n")) return } reqHeader, err := reqTP.ReadMIMEHeader() if err != nil { - log.F("read header error:%s", err) + log.F("[http] read header error:%s", err) return } cleanHeaders(reqHeader) @@ -237,7 +232,7 @@ func (s *HTTP) Addr() string { // NextDialer returns the next dialer func (s *HTTP) NextDialer(dstAddr string) proxy.Dialer { return s.dialer.NextDialer(dstAddr) } -// Dial connects to the address addr on the network net via the proxy. +// Dial connects to the address addr on the network net via the proxy func (s *HTTP) Dial(network, addr string) (net.Conn, error) { rc, err := s.dialer.Dial(network, s.addr) if err != nil { @@ -274,12 +269,12 @@ func (s *HTTP) Dial(network, addr string) (net.Conn, error) { return nil, errors.New("[http] can not connect remote address: " + addr + ". error code: " + code) } -// DialUDP connects to the given address via the proxy. +// DialUDP connects to the given address via the proxy func (s *HTTP) DialUDP(network, addr string) (pc net.PacketConn, writeTo net.Addr, err error) { return nil, nil, errors.New("http client does not support udp") } -// parseFirstLine parses "GET /foo HTTP/1.1" OR "HTTP/1.1 200 OK" into its three parts. +// parseFirstLine parses "GET /foo HTTP/1.1" OR "HTTP/1.1 200 OK" into its three parts func parseFirstLine(tp *textproto.Reader) (r1, r2, r3 string, ok bool) { line, err := tp.ReadLine() // log.F("first line: %s", line) @@ -327,7 +322,5 @@ func writeHeaders(buf *bytes.Buffer, header textproto.MIMEHeader) { buf.Write([]byte("\r\n")) } } - - //header ended buf.Write([]byte("\r\n")) } diff --git a/proxy/mixed/mixed.go b/proxy/mixed/mixed.go index a809340..dfc9ba8 100644 --- a/proxy/mixed/mixed.go +++ b/proxy/mixed/mixed.go @@ -12,7 +12,7 @@ import ( "github.com/nadoo/glider/proxy/socks5" ) -// https://www.ietf.org/rfc/rfc2616.txt, http methods must be uppercase. +// https://www.ietf.org/rfc/rfc2616.txt, http methods must be uppercase var httpMethods = [...][]byte{ []byte("GET"), []byte("POST"), @@ -31,15 +31,13 @@ type MixedProxy struct { http *http.HTTP socks5 *socks5.SOCKS5 - - pretendAsWebServer bool } func init() { proxy.RegisterServer("mixed", NewMixedProxyServer) } -// NewMixedProxy returns a mixed proxy. +// NewMixedProxy returns a mixed proxy func NewMixedProxy(s string, dialer proxy.Dialer) (*MixedProxy, error) { u, err := url.Parse(s) if err != nil { @@ -47,16 +45,9 @@ func NewMixedProxy(s string, dialer proxy.Dialer) (*MixedProxy, error) { return nil, err } - pretend := u.Query().Get("pretend") - p := &MixedProxy{ - dialer: dialer, - addr: u.Host, - pretendAsWebServer: false, - } - - if pretend == "true" { - p.pretendAsWebServer = true + dialer: dialer, + addr: u.Host, } p.http, _ = http.NewHTTP(s, dialer) @@ -65,33 +56,30 @@ func NewMixedProxy(s string, dialer proxy.Dialer) (*MixedProxy, error) { return p, nil } -// NewMixedProxyServer returns a mixed proxy server. +// NewMixedProxyServer returns a mixed proxy server func NewMixedProxyServer(s string, dialer proxy.Dialer) (proxy.Server, error) { return NewMixedProxy(s, dialer) } // ListenAndServe . -func (p *MixedProxy) ListenAndServe(c net.Conn) { +func (p *MixedProxy) ListenAndServe() { + go p.socks5.ListenAndServeUDP() - if c == nil { - go p.socks5.ListenAndServeUDP() + l, err := net.Listen("tcp", p.addr) + if err != nil { + log.F("[mixed] failed to listen on %s: %v", p.addr, err) + return + } - l, err := net.Listen("tcp", p.addr) + log.F("[mixed] listening TCP on %s", p.addr) + + for { + c, err := l.Accept() if err != nil { - log.F("[mixed] failed to listen on %s: %v", p.addr, err) - return + log.F("[mixed] failed to accept: %v", err) + continue } - for { - c, err := l.Accept() - if err != nil { - log.F("[mixed] failed to accept: %v", err) - continue - } - - go p.Serve(c) - } - } else { go p.Serve(c) } } @@ -115,7 +103,7 @@ func (p *MixedProxy) Serve(c net.Conn) { // check socks5, client send socksversion: 5 as the first byte if head[0] == socks5.Version { - p.socks5.ServeTCP(cc) + p.socks5.Serve(cc) return } } diff --git a/proxy/redir/redir_linux.go b/proxy/redir/redir_linux.go index b99ddc2..d84707b 100644 --- a/proxy/redir/redir_linux.go +++ b/proxy/redir/redir_linux.go @@ -64,7 +64,7 @@ func NewRedir6Server(s string, dialer proxy.Dialer) (proxy.Server, error) { } // ListenAndServe . -func (s *RedirProxy) ListenAndServe(_ net.Conn) { +func (s *RedirProxy) ListenAndServe() { l, err := net.Listen("tcp", s.addr) if err != nil { log.F("[redir] failed to listen on %s: %v", s.addr, err) @@ -114,6 +114,11 @@ func (s *RedirProxy) ListenAndServe(_ net.Conn) { } } +// Serve . +func (s *RedirProxy) Serve(c net.Conn) { + +} + // Get the original destination of a TCP connection. func getOrigDst(conn net.Conn, ipv6 bool) (socks.Addr, error) { c, ok := conn.(*net.TCPConn) diff --git a/proxy/server.go b/proxy/server.go index e9ff2bc..3e1c91a 100644 --- a/proxy/server.go +++ b/proxy/server.go @@ -11,11 +11,14 @@ import ( // Server interface type Server interface { - // ListenAndServe as proxy server, use only in server mode. - ListenAndServe(net.Conn) + // ListenAndServe sets up a listener and serve on it + ListenAndServe() + + // Serve serves a connection + Serve(c net.Conn) } -// ServerCreator is a function to create proxy servers. +// ServerCreator is a function to create proxy servers type ServerCreator func(s string, dialer Dialer) (Server, error) var ( @@ -27,8 +30,8 @@ func RegisterServer(name string, c ServerCreator) { serverMap[name] = c } -// ServerFromURL calls the registered creator to create proxy servers. -// dialer is the default upstream dialer so cannot be nil, we can use Default when calling this function. +// ServerFromURL calls the registered creator to create proxy servers +// dialer is the default upstream dialer so cannot be nil, we can use Default when calling this function func ServerFromURL(s string, dialer Dialer) (Server, error) { if dialer == nil { return nil, errors.New("ServerFromURL: dialer cannot be nil") diff --git a/proxy/socks5/socks5.go b/proxy/socks5/socks5.go index 8eb2912..f3e8573 100644 --- a/proxy/socks5/socks5.go +++ b/proxy/socks5/socks5.go @@ -43,7 +43,7 @@ func init() { } // NewSOCKS5 returns a Proxy that makes SOCKS v5 connections to the given address -// with an optional username and password. See RFC 1928. +// with an optional username and password. See RFC 1928 func NewSOCKS5(s string, dialer proxy.Dialer) (*SOCKS5, error) { u, err := url.Parse(s) if err != nil { @@ -65,49 +65,45 @@ func NewSOCKS5(s string, dialer proxy.Dialer) (*SOCKS5, error) { return h, nil } -// NewSocks5Dialer returns a socks5 proxy dialer. +// NewSocks5Dialer returns a socks5 proxy dialer func NewSocks5Dialer(s string, dialer proxy.Dialer) (proxy.Dialer, error) { return NewSOCKS5(s, dialer) } -// NewSocks5Server returns a socks5 proxy server. +// NewSocks5Server returns a socks5 proxy server func NewSocks5Server(s string, dialer proxy.Dialer) (proxy.Server, error) { return NewSOCKS5(s, dialer) } -// ListenAndServe serves socks5 requests. -func (s *SOCKS5) ListenAndServe(c net.Conn) { +// ListenAndServe serves socks5 requests +func (s *SOCKS5) ListenAndServe() { go s.ListenAndServeUDP() - s.ListenAndServeTCP(c) + s.ListenAndServeTCP() } // ListenAndServeTCP . -func (s *SOCKS5) ListenAndServeTCP(c net.Conn) { - if c == nil { - l, err := net.Listen("tcp", s.addr) +func (s *SOCKS5) ListenAndServeTCP() { + l, err := net.Listen("tcp", s.addr) + if err != nil { + log.F("[socks5] failed to listen on %s: %v", s.addr, err) + return + } + + log.F("[socks5] listening TCP on %s", s.addr) + + for { + c, err := l.Accept() if err != nil { - log.F("[socks5] failed to listen on %s: %v", s.addr, err) - return + log.F("[socks5] failed to accept: %v", err) + continue } - log.F("[socks5] listening TCP on %s", s.addr) - - for { - c, err := l.Accept() - if err != nil { - log.F("[socks5] failed to accept: %v", err) - continue - } - - go s.ServeTCP(c) - } - } else { - go s.ServeTCP(c) + go s.Serve(c) } } -// ServeTCP . -func (s *SOCKS5) ServeTCP(c net.Conn) { +// Serve . +func (s *SOCKS5) Serve(c net.Conn) { defer c.Close() if c, ok := c.(*net.TCPConn); ok { @@ -152,7 +148,7 @@ func (s *SOCKS5) ServeTCP(c net.Conn) { } } -// ListenAndServeUDP serves udp requests. +// ListenAndServeUDP serves udp requests func (s *SOCKS5) ListenAndServeUDP() { lc, err := net.ListenPacket("udp", s.addr) if err != nil { @@ -248,7 +244,7 @@ func (s *SOCKS5) Dial(network, addr string) (net.Conn, error) { return c, nil } -// DialUDP connects to the given address via the proxy. +// DialUDP connects to the given address via the proxy func (s *SOCKS5) DialUDP(network, addr string) (pc net.PacketConn, writeTo net.Addr, err error) { c, err := s.dialer.Dial("tcp", s.addr) if err != nil { @@ -297,7 +293,7 @@ func (s *SOCKS5) DialUDP(network, addr string) (pc net.PacketConn, writeTo net.A // connect takes an existing connection to a socks5 proxy server, // and commands the server to extend that connection to target, -// which must be a canonical address with a host and port. +// which must be a canonical address with a host and port func (s *SOCKS5) connect(conn net.Conn, target string) error { host, portStr, err := net.SplitHostPort(target) if err != nil { @@ -428,9 +424,9 @@ func (s *SOCKS5) connect(conn net.Conn, target string) error { return nil } -// Handshake fast-tracks SOCKS initialization to get target address to connect. +// Handshake fast-tracks SOCKS initialization to get target address to connect func (s *SOCKS5) handshake(rw io.ReadWriter) (socks.Addr, error) { - // Read RFC 1928 for request and reply structure and sizes. + // Read RFC 1928 for request and reply structure and sizes buf := make([]byte, socks.MaxAddrLen) // read VER, NMETHODS, METHODS if _, err := io.ReadFull(rw, buf[:2]); err != nil { diff --git a/proxy/ss/ss.go b/proxy/ss/ss.go index 75491d2..5cacb8b 100644 --- a/proxy/ss/ss.go +++ b/proxy/ss/ss.go @@ -29,7 +29,7 @@ func init() { proxy.RegisterServer("ss", NewSSServer) } -// NewSS returns a shadowsocks proxy. +// NewSS returns a shadowsocks proxy func NewSS(s string, dialer proxy.Dialer) (*SS, error) { u, err := url.Parse(s) if err != nil { @@ -55,48 +55,45 @@ func NewSS(s string, dialer proxy.Dialer) (*SS, error) { return p, nil } -// NewSSDialer returns a ss proxy dialer. +// NewSSDialer returns a ss proxy dialer func NewSSDialer(s string, dialer proxy.Dialer) (proxy.Dialer, error) { return NewSS(s, dialer) } -// NewSSServer returns a ss proxy server. +// NewSSServer returns a ss proxy server func NewSSServer(s string, dialer proxy.Dialer) (proxy.Server, error) { return NewSS(s, dialer) } -// ListenAndServe serves ss requests. -func (s *SS) ListenAndServe(c net.Conn) { +// ListenAndServe serves ss requests +func (s *SS) ListenAndServe() { go s.ListenAndServeUDP() - s.ListenAndServeTCP(c) + s.ListenAndServeTCP() } -// ListenAndServeTCP serves tcp ss requests. -func (s *SS) ListenAndServeTCP(c net.Conn) { - if c == nil { - l, err := net.Listen("tcp", s.addr) - if err != nil { - log.F("[ss] failed to listen on %s: %v", s.addr, err) - return - } - - log.F("[ss] listening TCP on %s", s.addr) - - for { - c, err := l.Accept() - if err != nil { - log.F("[ss] failed to accept: %v", err) - continue - } - go s.ServeTCP(c) - } - } else { - go s.ServeTCP(c) +// ListenAndServeTCP serves tcp ss requests +func (s *SS) ListenAndServeTCP() { + l, err := net.Listen("tcp", s.addr) + if err != nil { + log.F("[ss] failed to listen on %s: %v", s.addr, err) + return } + + log.F("[ss] listening TCP on %s", s.addr) + + for { + c, err := l.Accept() + if err != nil { + log.F("[ss] failed to accept: %v", err) + continue + } + go s.Serve(c) + } + } -// ServeTCP serves tcp ss requests. -func (s *SS) ServeTCP(c net.Conn) { +// Serve serves tcp ss requests +func (s *SS) Serve(c net.Conn) { defer c.Close() if c, ok := c.(*net.TCPConn); ok { @@ -169,7 +166,7 @@ func (s *SS) ServeTCP(c net.Conn) { } -// ListenAndServeUDP serves udp ss requests. +// ListenAndServeUDP serves udp ss requests func (s *SS) ListenAndServeUDP() { lc, err := net.ListenPacket("udp", s.addr) if err != nil { @@ -271,7 +268,7 @@ func (s *SS) Dial(network, addr string) (net.Conn, error) { } -// DialUDP connects to the given address via the proxy. +// DialUDP connects to the given address via the proxy func (s *SS) DialUDP(network, addr string) (net.PacketConn, net.Addr, error) { pc, nextHop, err := s.dialer.DialUDP(network, s.addr) if err != nil { diff --git a/proxy/tcptun/tcptun.go b/proxy/tcptun/tcptun.go index 5dd9adf..e04b191 100644 --- a/proxy/tcptun/tcptun.go +++ b/proxy/tcptun/tcptun.go @@ -22,7 +22,7 @@ func init() { proxy.RegisterServer("tcptun", NewTCPTunServer) } -// NewTCPTun returns a tcptun proxy. +// NewTCPTun returns a tcptun proxy func NewTCPTun(s string, dialer proxy.Dialer) (*TCPTun, error) { u, err := url.Parse(s) if err != nil { @@ -42,13 +42,13 @@ func NewTCPTun(s string, dialer proxy.Dialer) (*TCPTun, error) { return p, nil } -// NewTCPTunServer returns a udp tunnel server. +// NewTCPTunServer returns a udp tunnel server func NewTCPTunServer(s string, dialer proxy.Dialer) (proxy.Server, error) { return NewTCPTun(s, dialer) } // ListenAndServe . -func (s *TCPTun) ListenAndServe(_ net.Conn) { +func (s *TCPTun) ListenAndServe() { l, err := net.Listen("tcp", s.addr) if err != nil { log.F("failed to listen on %s: %v", s.addr, err) @@ -64,31 +64,33 @@ func (s *TCPTun) ListenAndServe(_ net.Conn) { continue } - go func() { - defer c.Close() - - if c, ok := c.(*net.TCPConn); ok { - c.SetKeepAlive(true) - } - - rc, err := s.dialer.Dial("tcp", s.raddr) - if err != nil { - - log.F("failed to connect to target: %v", err) - return - } - defer rc.Close() - - log.F("[tcptun] %s <-> %s", c.RemoteAddr(), s.raddr) - - _, _, err = conn.Relay(c, rc) - if err != nil { - if err, ok := err.(net.Error); ok && err.Timeout() { - return // ignore i/o timeout - } - log.F("relay error: %v", err) - } - - }() + go s.Serve(c) + } +} + +// Serve . +func (s *TCPTun) Serve(c net.Conn) { + defer c.Close() + + if c, ok := c.(*net.TCPConn); ok { + c.SetKeepAlive(true) + } + + rc, err := s.dialer.Dial("tcp", s.raddr) + if err != nil { + + log.F("failed to connect to target: %v", err) + return + } + defer rc.Close() + + log.F("[tcptun] %s <-> %s", c.RemoteAddr(), s.raddr) + + _, _, err = conn.Relay(c, rc) + if err != nil { + if err, ok := err.(net.Error); ok && err.Timeout() { + return // ignore i/o timeout + } + log.F("relay error: %v", err) } } diff --git a/proxy/tls/tls.go b/proxy/tls/tls.go index 3cc9e46..f166239 100644 --- a/proxy/tls/tls.go +++ b/proxy/tls/tls.go @@ -12,7 +12,7 @@ import ( "github.com/nadoo/glider/proxy" ) -// TLS . +// TLS struct type TLS struct { dialer proxy.Dialer addr string @@ -23,16 +23,15 @@ type TLS struct { certFile string keyFile string - server proxy.Server - serverProto string + server proxy.Server } func init() { proxy.RegisterDialer("tls", NewTLSDialer) - proxy.RegisterServer("tls", NewTLSTransport) + proxy.RegisterServer("tls", NewTLSServer) } -// NewTLS returns a tls proxy. +// NewTLS returns a tls proxy func NewTLS(s string, dialer proxy.Dialer) (*TLS, error) { u, err := url.Parse(s) if err != nil { @@ -41,23 +40,24 @@ func NewTLS(s string, dialer proxy.Dialer) (*TLS, error) { } addr := u.Host - - query := u.Query() - skipVerify := query.Get("skipVerify") - colonPos := strings.LastIndex(addr, ":") if colonPos == -1 { colonPos = len(addr) } serverName := addr[:colonPos] + query := u.Query() + skipVerify := query.Get("skipVerify") + certFile := query.Get("cert") + keyFile := query.Get("key") + p := &TLS{ dialer: dialer, addr: addr, serverName: serverName, skipVerify: false, - certFile: "", - keyFile: "", + certFile: certFile, + keyFile: keyFile, } if skipVerify == "true" { @@ -67,102 +67,71 @@ func NewTLS(s string, dialer proxy.Dialer) (*TLS, error) { return p, nil } -// NewTLSServerTransport returns a tls transport layer before the real server -func NewTLSTransport(s string, dialer proxy.Dialer) (proxy.Server, error) { +// NewTLSDialer returns a tls proxy dialer. +func NewTLSDialer(s string, dialer proxy.Dialer) (proxy.Dialer, error) { + return NewTLS(s, dialer) +} + +// NewTLSServer returns a tls transport layer before the real server +func NewTLSServer(s string, dialer proxy.Dialer) (proxy.Server, error) { transport := strings.Split(s, ",") // prepare transport listener - if len(transport) != 2 { - err := fmt.Errorf("malformd listener: %s", s) + // TODO: check here + if len(transport) < 2 { + err := fmt.Errorf("[tls] malformd listener: %s", s) log.F(err.Error()) return nil, err } - u, err := url.Parse(transport[0]) + p, err := NewTLS(transport[0], dialer) if err != nil { - log.F("parse url err: %s", err) return nil, err } - // TODO: cert=&key= - query := u.Query() - - certFile := query.Get("cert") - keyFile := query.Get("key") - - addr := u.Host - colonPos := strings.LastIndex(addr, ":") - if colonPos == -1 { - colonPos = len(addr) - } - serverName := addr[:colonPos] - - p := &TLS{ - dialer: dialer, - addr: addr, - serverName: serverName, - skipVerify: false, - certFile: certFile, - keyFile: keyFile, - serverProto: transport[1], - } - - // prepare layer 7 server p.server, err = proxy.ServerFromURL(transport[1], dialer) - return p, nil + return p, err } -func (s *TLS) ListenAndServe(c net.Conn) { - // c for TCP_FAST_OPEN +// ListenAndServe . +func (s *TLS) ListenAndServe() { + cert, err := stdtls.LoadX509KeyPair(s.certFile, s.keyFile) + if err != nil { + log.F("[tls] unabled load cert: %s, key %s", s.certFile, s.keyFile) + return + } - var tlsConfig *stdtls.Config - - var ticketKey [32]byte - copy(ticketKey[:], "f8710951c1f6d0d95a95eed5e99b51f1") - - if s.certFile != "" && s.keyFile != "" { - cert, err := stdtls.LoadX509KeyPair(s.certFile, s.keyFile) - if err != nil { - log.F("unabled load cert: %s, key %s", s.certFile, s.keyFile) - return - } - - tlsConfig = &stdtls.Config{ - Certificates: []stdtls.Certificate{cert}, - MinVersion: stdtls.VersionTLS10, - MaxVersion: stdtls.VersionTLS12, - SessionTicketKey: ticketKey, - } - } else { - tlsConfig = nil + tlsConfig := &stdtls.Config{ + Certificates: []stdtls.Certificate{cert}, + MinVersion: stdtls.VersionTLS10, + MaxVersion: stdtls.VersionTLS12, } l, err := stdtls.Listen("tcp", s.addr, tlsConfig) if err != nil { - log.F("failed to listen on tls %s: %v", s.addr, err) + log.F("[tls] failed to listen on tls %s: %v", s.addr, err) return } - defer l.Close() - log.F("listening TCP on %s with TLS", s.addr) + log.F("[tls] listening TCP on %s with TLS", s.addr) for { c, err := l.Accept() if err != nil { - log.F("[https] failed to accept: %v", err) + log.F("[tls] failed to accept: %v", err) continue } - // it's callee's response to decide process request in sync/async mode. - s.server.ListenAndServe(c) + go s.Serve(c) } } -// NewTLSDialer returns a tls proxy dialer. -func NewTLSDialer(s string, dialer proxy.Dialer) (proxy.Dialer, error) { - return NewTLS(s, dialer) +// Serve . +func (s *TLS) Serve(c net.Conn) { + // TODO: check here + s.server.Serve(c) } // Addr returns forwarder's address diff --git a/proxy/tproxy/tproxy_linux.go b/proxy/tproxy/tproxy_linux.go index 3d96600..64c723c 100644 --- a/proxy/tproxy/tproxy_linux.go +++ b/proxy/tproxy/tproxy_linux.go @@ -51,7 +51,7 @@ func NewTProxyServer(s string, dialer proxy.Dialer) (proxy.Server, error) { } // ListenAndServe . -func (s *TProxy) ListenAndServe(_ net.Conn) { +func (s *TProxy) ListenAndServe() { // go s.ListenAndServeTCP() s.ListenAndServeUDP() } @@ -114,6 +114,9 @@ func (s *TProxy) ListenAndServeUDP() { } +// Serve . +func (s *TProxy) Serve(c net.Conn) {} + // ReadFromUDP reads a UDP packet from c, copying the payload into b. // It returns the number of bytes copied into b and the return address // that was on the packet. diff --git a/proxy/udptun/udptun.go b/proxy/udptun/udptun.go index 8ce8e9f..3018c15 100644 --- a/proxy/udptun/udptun.go +++ b/proxy/udptun/udptun.go @@ -24,7 +24,7 @@ func init() { proxy.RegisterServer("udptun", NewUDPTunServer) } -// NewUDPTun returns a UDPTun proxy. +// NewUDPTun returns a UDPTun proxy func NewUDPTun(s string, dialer proxy.Dialer) (*UDPTun, error) { u, err := url.Parse(s) if err != nil { @@ -44,13 +44,13 @@ func NewUDPTun(s string, dialer proxy.Dialer) (*UDPTun, error) { return p, nil } -// NewUDPTunServer returns a udp tunnel server. +// NewUDPTunServer returns a udp tunnel server func NewUDPTunServer(s string, dialer proxy.Dialer) (proxy.Server, error) { return NewUDPTun(s, dialer) } // ListenAndServe . -func (s *UDPTun) ListenAndServe(_ net.Conn) { +func (s *UDPTun) ListenAndServe() { c, err := net.ListenPacket("udp", s.addr) if err != nil { log.F("[udptun] failed to listen on %s: %v", s.addr, err) @@ -104,3 +104,8 @@ func (s *UDPTun) ListenAndServe(_ net.Conn) { } } + +// Serve . +func (s *UDPTun) Serve(c net.Conn) { + +} diff --git a/proxy/uottun/uottun.go b/proxy/uottun/uottun.go index 0da69a1..d66a075 100644 --- a/proxy/uottun/uottun.go +++ b/proxy/uottun/uottun.go @@ -24,7 +24,7 @@ func init() { proxy.RegisterServer("uottun", NewUoTTunServer) } -// NewUoTTun returns a UoTTun proxy. +// NewUoTTun returns a UoTTun proxy func NewUoTTun(s string, dialer proxy.Dialer) (*UoTTun, error) { u, err := url.Parse(s) if err != nil { @@ -44,13 +44,13 @@ func NewUoTTun(s string, dialer proxy.Dialer) (*UoTTun, error) { return p, nil } -// NewUoTTunServer returns a uot tunnel server. +// NewUoTTunServer returns a uot tunnel server func NewUoTTunServer(s string, dialer proxy.Dialer) (proxy.Server, error) { return NewUoTTun(s, dialer) } // ListenAndServe . -func (s *UoTTun) ListenAndServe(_ net.Conn) { +func (s *UoTTun) ListenAndServe() { c, err := net.ListenPacket("udp", s.addr) if err != nil { log.F("[uottun] failed to listen on %s: %v", s.addr, err) @@ -102,3 +102,9 @@ func (s *UoTTun) ListenAndServe(_ net.Conn) { log.F("[uottun] %s <-> %s", clientAddr, s.raddr) } } + +// Serve . +func (s *UoTTun) Serve(c net.Conn) { + // TODO + +}