socks5

package module
v0.0.0-...-bf325ee Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jun 4, 2021 License: MIT Imports: 17 Imported by: 0

README

socks5

Documentation

Index

Constants

View Source 
const (
	// AuthMethodNoAuth X'00' NO AUTHENTICATION REQUIRED
	AuthMethodNoAuth = uint8(0)

	// AuthMethodUserPass X'02' USERNAME/PASSWORD
	AuthMethodUserPass = uint8(2)

	// AuthMethodNoAcceptable X'FF' NO ACCEPTABLE METHODS
	AuthMethodNoAcceptable = uint8(255)
)

AuthMethods

View Source 
const (
	// AuthUserPassVersion the VER field contains the current version
	// of the subnegotiation, which is X'01'
	AuthUserPassVersion = uint8(1)
	// AuthUserPassStatusSuccess a STATUS field of X'00' indicates success
	AuthUserPassStatusSuccess = uint8(0)
	// AuthUserPassStatusFailure if the server returns a `failure'
	// (STATUS value other than X'00') status, it MUST close the connection.
	AuthUserPassStatusFailure = uint8(1)
)
View Source 
const (
	// CommandConnect CMD CONNECT X'01'
	CommandConnect = uint8(1)
	// CommandBind CMD BIND X'02'. The BIND request is used in protocols
	// which require the client to accept connections from the server.
	CommandBind = uint8(2)
	// CommandAssociate CMD UDP ASSOCIATE X'03'.  The UDP ASSOCIATE request
	// is used to establish an association within the UDP relay process to
	// handle UDP datagrams.
	CommandAssociate = uint8(3)
)

CMD declaration

View Source 
const (
	// AddressIPv4 IP V4 address: X'01'
	AddressIPv4 = uint8(1)
	// AddressDomainName DOMAINNAME: X'03'
	AddressDomainName = uint8(3)
	// AddressIPv6 IP V6 address: X'04'
	AddressIPv6 = uint8(4)
)

ATYP address type of following address declaration

View Source 
const (
	// ReplySucceeded X'00' succeeded
	ReplySucceeded uint8 = iota
	// ReplyServerFailure X'01' general SOCKS server failure
	ReplyServerFailure
	// ReplyRuleFailure X'02' connection not allowed by ruleset
	ReplyRuleFailure
	// ReplyNetworkUnreachable X'03' Network unreachable
	ReplyNetworkUnreachable
	// ReplyHostUnreachable X'04' Host unreachable
	ReplyHostUnreachable
	// ReplyConnectionRefused X'05' Connection refused
	ReplyConnectionRefused
	// ReplyTTLExpired X'06' TTL expired
	ReplyTTLExpired
	// ReplyCommandNotSupported X'07' Command not supported
	ReplyCommandNotSupported
	// ReplyAddrTypeNotSupported X'08' Address type not supported
	ReplyAddrTypeNotSupported
)

REP field declaration

Variables

View Source 
var (
	// ErrUserAuthFailed failed to authenticate
	ErrUserAuthFailed = fmt.Errorf("user authentication failed")
	// ErrNoSupportedAuth authenticate method not supported
	ErrNoSupportedAuth = fmt.Errorf("not supported authentication mechanism")
)

Functions

func DialErrorToSocksCode 

func DialErrorToSocksCode(err error) byte

Types

type AddrSpec 

type AddrSpec struct {
	FQDN string
	IP   net.IP
	Port int
}

AddrSpec is used to return the target AddrSpec which may be specified as IPv4, IPv6, or a FQDN

func ParseHostPort 

func ParseHostPort(hostPort string) (*AddrSpec, error)

func ParseUdpPacket 

func ParseUdpPacket(pkt []byte) (*AddrSpec, []byte, error)

func (*AddrSpec) Address 

func (a *AddrSpec) Address() string

Address returns a string suitable to dial; prefer returning FQDN, fallback to IP-based address

func (*AddrSpec) Host 

func (a *AddrSpec) Host() string

func (*AddrSpec) SerializeTo 

func (a *AddrSpec) SerializeTo(buf []byte) (int, error)

func (*AddrSpec) SerializedSize 

func (a *AddrSpec) SerializedSize() int

func (*AddrSpec) String 

func (a *AddrSpec) String() string

type AddressRewriter 

type AddressRewriter interface {
	Rewrite(ctx context.Context, request *Request) (context.Context, *AddrSpec)
}

AddressRewriter is used to rewrite a destination transparently

type AuthContext 

type AuthContext struct {
	// Provided auth method
	Method uint8
	// Payload provided during negotiation.
	// Keys depend on the used auth method.
	// For UserPassAuth contains Username
	Payload map[string]string
}

AuthContext A Request encapsulates authentication state provided during negotiation

type Authenticator 

type Authenticator interface {
	Authenticate(reader io.Reader, writer io.Writer) (*AuthContext, error)
	GetCode() uint8
}

Authenticator auth

type Config 

type Config struct {
	// can be provided to implement custom authentication
	// By default, "auth-less" mode is enabled.
	// For password-based auth use UserPassAuthenticator.
	AuthMethods []Authenticator

	// If provided, username/password authentication is enabled,
	// by appending a UserPassAuthenticator to AuthMethods. If not provided,
	// and AUthMethods is nil, then "auth-less" mode is enabled.
	Credentials CredentialStore

	// can be provided to do custom name resolution.
	// Defaults to NoOpResolver if not provided.
	Resolver NameResolver

	// Rules is provided to enable custom logic around permitting
	// various commands. If not provided, PermitAll is used.
	Rules RuleSet

	// can be used to transparently rewrite addresses.
	// This is invoked before the RuleSet is invoked.
	// Defaults to NoRewrite.
	Rewriter AddressRewriter

	// server queries handler
	// Defaults to SinglePortUDPHandler
	Handler Handler
}

Config is used to setup and configure a Server

type ContextGo 

type ContextGo interface {
	Ctx() context.Context
	GoNoError(f func())
	Go(f func() error)
	Cancel()
}

type CredentialStore 

type CredentialStore interface {
	Valid(user, password string) bool
}

CredentialStore is used to support user/pass authentication

type DNSResolver 

type DNSResolver struct{}

DNSResolver uses the system DNS to resolve host names

func (DNSResolver) Resolve 

func (d DNSResolver) Resolve(ctx context.Context, name string) (context.Context, net.IP, error)

Resolve ...

type ErrorLogger 

type ErrorLogger interface {
	Printf(format string, v ...interface{})
}

ErrorLogger error handler, compatible with std logger

type Handler 

type Handler interface {
	// Called, when Serve is called on socks server. Server will be really started only after returning from this func.
	// Returned error will abort socks server starting.
	OnStartServe(ctxServer ContextGo, tcp net.Listener) error

	// Must return valid non-nil ErrorLogger
	// May be called only after OnStartServe is called
	ErrLog() ErrorLogger

	// Called on every "connect" query from client. May block if needed, but must obey ctx cancellation.
	// Returned error will only abort current client's connection and will not stop server.
	OnConnect(ctx context.Context, conn net.Conn, req *Request) error

	// Called on every "associate" query from client. May block if needed, but must obey ctx cancellation
	// Returned error will only abort current client's connection and will not stop server.
	OnAssociate(ctx context.Context, conn net.Conn, req *Request) error
}

type MultiPortUDPHandler 

type MultiPortUDPHandler struct {
	// contains filtered or unexported fields
}

func (*MultiPortUDPHandler) MakeRemoteUDPConn 

func (u *MultiPortUDPHandler) MakeRemoteUDPConn(
	ctxClient ContextGo, _ ContextGo, sendBack UDPSendBack, onBroken func(),
) (RemoteUDPConn, error)

func (*MultiPortUDPHandler) MaxUDPPacketSize 

func (u *MultiPortUDPHandler) MaxUDPPacketSize() uint

func (*MultiPortUDPHandler) OnAssociate 

func (m *MultiPortUDPHandler) OnAssociate(ctx context.Context, conn net.Conn, _ *Request) error

func (*MultiPortUDPHandler) OnStartServe 

func (m *MultiPortUDPHandler) OnStartServe(ctxServer ContextGo, l net.Listener) error

type MultiUDPPortAssociate 

type MultiUDPPortAssociate struct {
	// contains filtered or unexported fields
}

func MakeMultiUDPPortAssociate 

func MakeMultiUDPPortAssociate(
	ctxServer ContextGo, listenIP net.IP, udpNet string, connFactory RemoteUDPConnFactory, log ErrorLogger,
) *MultiUDPPortAssociate

Creates new MultiUDPPortAssociate.

func (*MultiUDPPortAssociate) OnAssociate 

func (m *MultiUDPPortAssociate) OnAssociate(ctx context.Context, conn net.Conn) error

type NameResolver 

type NameResolver interface {
	Resolve(ctx context.Context, name string) (context.Context, net.IP, error)
}

NameResolver is used to implement custom name resolution

type NoAuthAuthenticator 

type NoAuthAuthenticator struct{}

NoAuthAuthenticator is used to handle the "No Authentication" mode

func (NoAuthAuthenticator) Authenticate 

func (a NoAuthAuthenticator) Authenticate(_ io.Reader, writer io.Writer) (*AuthContext, error)

Authenticate implementation of Authenticator

func (NoAuthAuthenticator) GetCode 

func (a NoAuthAuthenticator) GetCode() uint8

GetCode implementation of Authenticator

type NoOpResolver 

type NoOpResolver struct{}

func (NoOpResolver) Resolve 

func (d NoOpResolver) Resolve(ctx context.Context, _ string) (context.Context, net.IP, error)

Resolve ...

type NoUDPHandler 

type NoUDPHandler struct {
	// contains filtered or unexported fields
}

func (*NoUDPHandler) ErrLog 

func (t *NoUDPHandler) ErrLog() ErrorLogger

func (*NoUDPHandler) OnAssociate 

func (n *NoUDPHandler) OnAssociate(_ context.Context, conn net.Conn, _ *Request) error

func (*NoUDPHandler) OnConnect 

func (t *NoUDPHandler) OnConnect(ctx context.Context, conn net.Conn, req *Request) error

func (*NoUDPHandler) OnStartServe 

func (t *NoUDPHandler) OnStartServe(_ ContextGo, _ net.Listener) error

type PermitCommand 

type PermitCommand struct {
	EnableConnect   bool
	EnableBind      bool
	EnableAssociate bool
}

PermitCommand is an implementation of the RuleSet which enables filtering supported commands

func (*PermitCommand) Allow 

func (p *PermitCommand) Allow(ctx context.Context, req *Request) (context.Context, bool)

Allow ..

type RemoteUDPConn 

type RemoteUDPConn interface {
	Send(ctx context.Context, data []byte, remoteAddr *AddrSpec) error
	Close() error
}

type RemoteUDPConnFactory 

type RemoteUDPConnFactory interface {
	MakeRemoteUDPConn(ctxClient ContextGo, ctxServer ContextGo, sendBack UDPSendBack, onBroken func()) (RemoteUDPConn, error)
	MaxUDPPacketSize() uint
}

type Request 

type Request struct {
	// Protocol version
	Version uint8
	// Requested command
	Command uint8
	// AuthContext provided during negotiation
	AuthContext *AuthContext
	// AddrSpec of the the network that sent the request
	RemoteAddr *AddrSpec
	// AddrSpec of the desired destination
	DestAddr *AddrSpec
	// contains filtered or unexported fields
}

A Request represents request received by a server

func NewRequest 

func NewRequest(bufConn io.Reader) (*Request, error)

NewRequest creates a new Request from the tcp connection

func (*Request) SendAssociateSuccess 

func (r *Request) SendAssociateSuccess(w io.Writer, addr *AddrSpec) error

func (*Request) SendConnectSuccess 

func (r *Request) SendConnectSuccess(w io.Writer) error

func (*Request) SendError 

func (r *Request) SendError(w io.Writer, errCode uint8) error

type RuleSet 

type RuleSet interface {
	Allow(ctx context.Context, req *Request) (context.Context, bool)
}

RuleSet is used to provide custom rules to allow or prohibit actions

func PermitAll 

func PermitAll() RuleSet

PermitAll returns a RuleSet which allows all types of connections

func PermitNone 

func PermitNone() RuleSet

PermitNone returns a RuleSet which disallows all types of connections

type Server 

type Server struct {
	// contains filtered or unexported fields
}

Server is responsible for accepting connections and handling the details of the SOCKS5 protocol

func New 

func New(conf *Config) (*Server, error)

New creates a new Server and potentially returns an error

func (*Server) ListenAndServe 

func (s *Server) ListenAndServe(ctx context.Context, network, addr string) error

ListenAndServe is used to create a listener and serve on it

func (*Server) Serve 

func (s *Server) Serve(ctx context.Context, l net.Listener) error

Serve is used to start serve socks client connections from a listener. Serve blocks

func (*Server) ServeTCPConn 

func (s *Server) ServeTCPConn(ctx context.Context, conn net.Conn)

ServeTCPConn is used to serve a single TCP connection. If you use this function directly without Serve, then don't forget to manually call Handler.OnStartServe before it!

type SinglePortUDPHandler 

type SinglePortUDPHandler struct {

	// used for udp associate, defaults to automatically chosen free UDP port
	UDPListenPort int
	// contains filtered or unexported fields
}

func (*SinglePortUDPHandler) MakeRemoteUDPConn 

func (u *SinglePortUDPHandler) MakeRemoteUDPConn(
	ctxClient ContextGo, _ ContextGo, sendBack UDPSendBack, onBroken func(),
) (RemoteUDPConn, error)

func (*SinglePortUDPHandler) MaxUDPPacketSize 

func (u *SinglePortUDPHandler) MaxUDPPacketSize() uint

func (*SinglePortUDPHandler) OnAssociate 

func (s *SinglePortUDPHandler) OnAssociate(_ context.Context, conn net.Conn, _ *Request) error

func (*SinglePortUDPHandler) OnStartServe 

func (s *SinglePortUDPHandler) OnStartServe(ctxServer ContextGo, l net.Listener) error

type SingleUDPPortAssociate 

type SingleUDPPortAssociate struct {
	// contains filtered or unexported fields
}

func MakeSingleUDPPortAssociate 

func MakeSingleUDPPortAssociate(udpAddr *AddrSpec, connFactory RemoteUDPConnFactory, log ErrorLogger) *SingleUDPPortAssociate

Creates new SingleUDPPortAssociate. Either ListenAndServeUDPPort or ServeUDPPort MUST be called after creation to start serving UDP port. It is convenient to call ListenAndServeUDPPort from Handler.OnStartServe.

udpAddr MUST contain IP to listen UDP port on. It also MAY contain FQDN, if it should be sent to clients in associate responses. udpAddr MUST have valid Port, if is started with ServeUDPPort, otherwise it MAY have Port == 0 (then Port will be chosen automatically in ListenAndServeUDPPort)

func (*SingleUDPPortAssociate) ListenAndServeUDPPort 

func (s *SingleUDPPortAssociate) ListenAndServeUDPPort(ctxServer ContextGo, udpNet string) error

ListenAndServeUDPPort is used to create incoming UDP port and serve on it

func (*SingleUDPPortAssociate) OnAssociate 

func (s *SingleUDPPortAssociate) OnAssociate(conn net.Conn) error

func (*SingleUDPPortAssociate) ServeUDPPort 

func (s *SingleUDPPortAssociate) ServeUDPPort(ctxServer ContextGo, udpConn *net.UDPConn) error

type StaticCredentials 

type StaticCredentials map[string]string

StaticCredentials enables using a map directly as a credential store

func (StaticCredentials) Valid 

func (s StaticCredentials) Valid(user, password string) bool

Valid ...

type UDPSendBack 

type UDPSendBack func(remoteAddr *AddrSpec, data []byte) error

type UDPSendBackTo 

type UDPSendBackTo func(remoteAddr *AddrSpec, data []byte, client *net.UDPAddr) error

func MakeSendBackTo 

func MakeSendBackTo(udpConn *net.UDPConn) UDPSendBackTo

type UserPassAuthenticator 

type UserPassAuthenticator struct {
	Credentials CredentialStore
}

UserPassAuthenticator is used to handle username/password based authentication

func (UserPassAuthenticator) Authenticate 

func (a UserPassAuthenticator) Authenticate(reader io.Reader, writer io.Writer) (*AuthContext, error)

Authenticate implementation of Authenticator

func (UserPassAuthenticator) GetCode 

func (a UserPassAuthenticator) GetCode() uint8

GetCode implementation of Authenticator

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.