arnaucube
/
derosuite
mirror of https://github.com/arnaucube/derosuite.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
14 Commits
1 Branch
0 Tags
68 MiB
Tree: 1306ecda41
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '1306ecda41'
${ noResults }
derosuite/vendor/golang.org/x/net/proxy/socks5.go

214 lines
5.7 KiB
Raw Normal View History

Status update release 1
6 years ago
  1. // Copyright 2011 The Go Authors. All rights reserved.
  2. // Use of this source code is governed by a BSD-style
  3. // license that can be found in the LICENSE file.
  5. package proxy
  7. import (
  8. "errors"
  9. "io"
  10. "net"
  11. "strconv"
  12. )
  14. // SOCKS5 returns a Dialer that makes SOCKSv5 connections to the given address
  15. // with an optional username and password. See RFC 1928 and RFC 1929.
  16. func SOCKS5(network, addr string, auth *Auth, forward Dialer) (Dialer, error) {
  17. s := &socks5{
  18. network: network,
  19. addr: addr,
  20. forward: forward,
  21. }
  22. if auth != nil {
  23. s.user = auth.User
  24. s.password = auth.Password
  25. }
  27. return s, nil
  28. }
  30. type socks5 struct {
  31. user, password string
  32. network, addr string
  33. forward Dialer
  34. }
  36. const socks5Version = 5
  38. const (
  39. socks5AuthNone = 0
  40. socks5AuthPassword = 2
  41. )
  43. const socks5Connect = 1
  45. const (
  46. socks5IP4 = 1
  47. socks5Domain = 3
  48. socks5IP6 = 4
  49. )
  51. var socks5Errors = []string{
  52. "",
  53. "general failure",
  54. "connection forbidden",
  55. "network unreachable",
  56. "host unreachable",
  57. "connection refused",
  58. "TTL expired",
  59. "command not supported",
  60. "address type not supported",
  61. }
  63. // Dial connects to the address addr on the given network via the SOCKS5 proxy.
  64. func (s *socks5) Dial(network, addr string) (net.Conn, error) {
  65. switch network {
  66. case "tcp", "tcp6", "tcp4":
  67. default:
  68. return nil, errors.New("proxy: no support for SOCKS5 proxy connections of type " + network)
  69. }
  71. conn, err := s.forward.Dial(s.network, s.addr)
  72. if err != nil {
  73. return nil, err
  74. }
  75. if err := s.connect(conn, addr); err != nil {
  76. conn.Close()
  77. return nil, err
  78. }
  79. return conn, nil
  80. }
  82. // connect takes an existing connection to a socks5 proxy server,
  83. // and commands the server to extend that connection to target,
  84. // which must be a canonical address with a host and port.
  85. func (s *socks5) connect(conn net.Conn, target string) error {
  86. host, portStr, err := net.SplitHostPort(target)
  87. if err != nil {
  88. return err
  89. }
  91. port, err := strconv.Atoi(portStr)
  92. if err != nil {
  93. return errors.New("proxy: failed to parse port number: " + portStr)
  94. }
  95. if port < 1 || port > 0xffff {
  96. return errors.New("proxy: port number out of range: " + portStr)
  97. }
  99. // the size here is just an estimate
  100. buf := make([]byte, 0, 6+len(host))
  102. buf = append(buf, socks5Version)
  103. if len(s.user) > 0 && len(s.user) < 256 && len(s.password) < 256 {
  104. buf = append(buf, 2 /* num auth methods */, socks5AuthNone, socks5AuthPassword)
  105. } else {
  106. buf = append(buf, 1 /* num auth methods */, socks5AuthNone)
  107. }
  109. if _, err := conn.Write(buf); err != nil {
  110. return errors.New("proxy: failed to write greeting to SOCKS5 proxy at " + s.addr + ": " + err.Error())
  111. }
  113. if _, err := io.ReadFull(conn, buf[:2]); err != nil {
  114. return errors.New("proxy: failed to read greeting from SOCKS5 proxy at " + s.addr + ": " + err.Error())
  115. }
  116. if buf[0] != 5 {
  117. return errors.New("proxy: SOCKS5 proxy at " + s.addr + " has unexpected version " + strconv.Itoa(int(buf[0])))
  118. }
  119. if buf[1] == 0xff {
  120. return errors.New("proxy: SOCKS5 proxy at " + s.addr + " requires authentication")
  121. }
  123. // See RFC 1929
  124. if buf[1] == socks5AuthPassword {
  125. buf = buf[:0]
  126. buf = append(buf, 1 /* password protocol version */)
  127. buf = append(buf, uint8(len(s.user)))
  128. buf = append(buf, s.user...)
  129. buf = append(buf, uint8(len(s.password)))
  130. buf = append(buf, s.password...)
  132. if _, err := conn.Write(buf); err != nil {
  133. return errors.New("proxy: failed to write authentication request to SOCKS5 proxy at " + s.addr + ": " + err.Error())
  134. }
  136. if _, err := io.ReadFull(conn, buf[:2]); err != nil {
  137. return errors.New("proxy: failed to read authentication reply from SOCKS5 proxy at " + s.addr + ": " + err.Error())
  138. }
  140. if buf[1] != 0 {
  141. return errors.New("proxy: SOCKS5 proxy at " + s.addr + " rejected username/password")
  142. }
  143. }
  145. buf = buf[:0]
  146. buf = append(buf, socks5Version, socks5Connect, 0 /* reserved */)
  148. if ip := net.ParseIP(host); ip != nil {
  149. if ip4 := ip.To4(); ip4 != nil {
  150. buf = append(buf, socks5IP4)
  151. ip = ip4
  152. } else {
  153. buf = append(buf, socks5IP6)
  154. }
  155. buf = append(buf, ip...)
  156. } else {
  157. if len(host) > 255 {
  158. return errors.New("proxy: destination host name too long: " + host)
  159. }
  160. buf = append(buf, socks5Domain)
  161. buf = append(buf, byte(len(host)))
  162. buf = append(buf, host...)
  163. }
  164. buf = append(buf, byte(port>>8), byte(port))
  166. if _, err := conn.Write(buf); err != nil {
  167. return errors.New("proxy: failed to write connect request to SOCKS5 proxy at " + s.addr + ": " + err.Error())
  168. }
  170. if _, err := io.ReadFull(conn, buf[:4]); err != nil {
  171. return errors.New("proxy: failed to read connect reply from SOCKS5 proxy at " + s.addr + ": " + err.Error())
  172. }
  174. failure := "unknown error"
  175. if int(buf[1]) < len(socks5Errors) {
  176. failure = socks5Errors[buf[1]]
  177. }
  179. if len(failure) > 0 {
  180. return errors.New("proxy: SOCKS5 proxy at " + s.addr + " failed to connect: " + failure)
  181. }
  183. bytesToDiscard := 0
  184. switch buf[3] {
  185. case socks5IP4:
  186. bytesToDiscard = net.IPv4len
  187. case socks5IP6:
  188. bytesToDiscard = net.IPv6len
  189. case socks5Domain:
  190. _, err := io.ReadFull(conn, buf[:1])
  191. if err != nil {
  192. return errors.New("proxy: failed to read domain length from SOCKS5 proxy at " + s.addr + ": " + err.Error())
  193. }
  194. bytesToDiscard = int(buf[0])
  195. default:
  196. return errors.New("proxy: got unknown address type " + strconv.Itoa(int(buf[3])) + " from SOCKS5 proxy at " + s.addr)
  197. }
  199. if cap(buf) < bytesToDiscard {
  200. buf = make([]byte, bytesToDiscard)
  201. } else {
  202. buf = buf[:bytesToDiscard]
  203. }
  204. if _, err := io.ReadFull(conn, buf); err != nil {
  205. return errors.New("proxy: failed to read address from SOCKS5 proxy at " + s.addr + ": " + err.Error())
  206. }
  208. // Also need to discard the port number
  209. if _, err := io.ReadFull(conn, buf[:2]); err != nil {
  210. return errors.New("proxy: failed to read port from SOCKS5 proxy at " + s.addr + ": " + err.Error())
  211. }
  213. return nil
  214. }