Documentation ¶
Index ¶
- Constants
- Variables
- func DialErrorToSocksCode(err error) byte
- type AddrSpec
- type AddressRewriter
- type AuthContext
- type Authenticator
- type Config
- type ContextGo
- type CredentialStore
- type DNSResolver
- type ErrorLogger
- type Handler
- type MultiPortUDPHandler
- func (u *MultiPortUDPHandler) MakeRemoteUDPConn(ctxClient ContextGo, _ ContextGo, sendBack UDPSendBack, onBroken func()) (RemoteUDPConn, error)
- func (u *MultiPortUDPHandler) MaxUDPPacketSize() uint
- func (m *MultiPortUDPHandler) OnAssociate(ctx context.Context, conn net.Conn, _ *Request) error
- func (m *MultiPortUDPHandler) OnStartServe(ctxServer ContextGo, l net.Listener) error
- type MultiUDPPortAssociate
- type NameResolver
- type NoAuthAuthenticator
- type NoOpResolver
- type NoUDPHandler
- type PermitCommand
- type RemoteUDPConn
- type RemoteUDPConnFactory
- type Request
- type RuleSet
- type Server
- type SinglePortUDPHandler
- func (u *SinglePortUDPHandler) MakeRemoteUDPConn(ctxClient ContextGo, _ ContextGo, sendBack UDPSendBack, onBroken func()) (RemoteUDPConn, error)
- func (u *SinglePortUDPHandler) MaxUDPPacketSize() uint
- func (s *SinglePortUDPHandler) OnAssociate(_ context.Context, conn net.Conn, _ *Request) error
- func (s *SinglePortUDPHandler) OnStartServe(ctxServer ContextGo, l net.Listener) error
- type SingleUDPPortAssociate
- type StaticCredentials
- type UDPSendBack
- type UDPSendBackTo
- type UserPassAuthenticator
Constants ¶
const ( // AuthMethodNoAuth X'00' NO AUTHENTICATION REQUIRED AuthMethodNoAuth = uint8(0) // AuthMethodUserPass X'02' USERNAME/PASSWORD AuthMethodUserPass = uint8(2) // AuthMethodNoAcceptable X'FF' NO ACCEPTABLE METHODS AuthMethodNoAcceptable = uint8(255) )
AuthMethods
const ( // AuthUserPassVersion the VER field contains the current version // of the subnegotiation, which is X'01' AuthUserPassVersion = uint8(1) // AuthUserPassStatusSuccess a STATUS field of X'00' indicates success AuthUserPassStatusSuccess = uint8(0) // AuthUserPassStatusFailure if the server returns a `failure' // (STATUS value other than X'00') status, it MUST close the connection. AuthUserPassStatusFailure = uint8(1) )
const ( // CommandConnect CMD CONNECT X'01' CommandConnect = uint8(1) // CommandBind CMD BIND X'02'. The BIND request is used in protocols // which require the client to accept connections from the server. CommandBind = uint8(2) // CommandAssociate CMD UDP ASSOCIATE X'03'. The UDP ASSOCIATE request // is used to establish an association within the UDP relay process to // handle UDP datagrams. CommandAssociate = uint8(3) )
CMD declaration
const ( // AddressIPv4 IP V4 address: X'01' AddressIPv4 = uint8(1) // AddressDomainName DOMAINNAME: X'03' AddressDomainName = uint8(3) // AddressIPv6 IP V6 address: X'04' AddressIPv6 = uint8(4) )
ATYP address type of following address declaration
const ( // ReplySucceeded X'00' succeeded ReplySucceeded uint8 = iota // ReplyServerFailure X'01' general SOCKS server failure ReplyServerFailure // ReplyRuleFailure X'02' connection not allowed by ruleset ReplyRuleFailure // ReplyNetworkUnreachable X'03' Network unreachable ReplyNetworkUnreachable // ReplyHostUnreachable X'04' Host unreachable ReplyHostUnreachable // ReplyConnectionRefused X'05' Connection refused ReplyConnectionRefused // ReplyTTLExpired X'06' TTL expired ReplyTTLExpired // ReplyCommandNotSupported X'07' Command not supported ReplyCommandNotSupported // ReplyAddrTypeNotSupported X'08' Address type not supported ReplyAddrTypeNotSupported )
REP field declaration
Variables ¶
var ( // ErrUserAuthFailed failed to authenticate ErrUserAuthFailed = fmt.Errorf("user authentication failed") // ErrNoSupportedAuth authenticate method not supported ErrNoSupportedAuth = fmt.Errorf("not supported authentication mechanism") )
Functions ¶
func DialErrorToSocksCode ¶
Types ¶
type AddrSpec ¶
AddrSpec is used to return the target AddrSpec which may be specified as IPv4, IPv6, or a FQDN
func ParseHostPort ¶
func (*AddrSpec) Address ¶
Address returns a string suitable to dial; prefer returning FQDN, fallback to IP-based address
func (*AddrSpec) SerializedSize ¶
type AddressRewriter ¶
type AddressRewriter interface {
Rewrite(ctx context.Context, request *Request) (context.Context, *AddrSpec)
}
AddressRewriter is used to rewrite a destination transparently
type AuthContext ¶
type AuthContext struct { // Provided auth method Method uint8 // Payload provided during negotiation. // Keys depend on the used auth method. // For UserPassAuth contains Username Payload map[string]string }
AuthContext A Request encapsulates authentication state provided during negotiation
type Authenticator ¶
type Authenticator interface { Authenticate(reader io.Reader, writer io.Writer) (*AuthContext, error) GetCode() uint8 }
Authenticator auth
type Config ¶
type Config struct { // can be provided to implement custom authentication // By default, "auth-less" mode is enabled. // For password-based auth use UserPassAuthenticator. AuthMethods []Authenticator // If provided, username/password authentication is enabled, // by appending a UserPassAuthenticator to AuthMethods. If not provided, // and AUthMethods is nil, then "auth-less" mode is enabled. Credentials CredentialStore // can be provided to do custom name resolution. // Defaults to NoOpResolver if not provided. Resolver NameResolver // Rules is provided to enable custom logic around permitting // various commands. If not provided, PermitAll is used. Rules RuleSet // can be used to transparently rewrite addresses. // This is invoked before the RuleSet is invoked. // Defaults to NoRewrite. Rewriter AddressRewriter // server queries handler // Defaults to SinglePortUDPHandler Handler Handler }
Config is used to setup and configure a Server
type CredentialStore ¶
CredentialStore is used to support user/pass authentication
type ErrorLogger ¶
type ErrorLogger interface {
Printf(format string, v ...interface{})
}
ErrorLogger error handler, compatible with std logger
type Handler ¶
type Handler interface { // Called, when Serve is called on socks server. Server will be really started only after returning from this func. // Returned error will abort socks server starting. OnStartServe(ctxServer ContextGo, tcp net.Listener) error // Must return valid non-nil ErrorLogger // May be called only after OnStartServe is called ErrLog() ErrorLogger // Called on every "connect" query from client. May block if needed, but must obey ctx cancellation. // Returned error will only abort current client's connection and will not stop server. OnConnect(ctx context.Context, conn net.Conn, req *Request) error // Called on every "associate" query from client. May block if needed, but must obey ctx cancellation // Returned error will only abort current client's connection and will not stop server. OnAssociate(ctx context.Context, conn net.Conn, req *Request) error }
type MultiPortUDPHandler ¶
type MultiPortUDPHandler struct {
// contains filtered or unexported fields
}
func (*MultiPortUDPHandler) MakeRemoteUDPConn ¶
func (u *MultiPortUDPHandler) MakeRemoteUDPConn( ctxClient ContextGo, _ ContextGo, sendBack UDPSendBack, onBroken func(), ) (RemoteUDPConn, error)
func (*MultiPortUDPHandler) MaxUDPPacketSize ¶
func (u *MultiPortUDPHandler) MaxUDPPacketSize() uint
func (*MultiPortUDPHandler) OnAssociate ¶
func (*MultiPortUDPHandler) OnStartServe ¶
func (m *MultiPortUDPHandler) OnStartServe(ctxServer ContextGo, l net.Listener) error
type MultiUDPPortAssociate ¶
type MultiUDPPortAssociate struct {
// contains filtered or unexported fields
}
func MakeMultiUDPPortAssociate ¶
func MakeMultiUDPPortAssociate( ctxServer ContextGo, listenIP net.IP, udpNet string, connFactory RemoteUDPConnFactory, log ErrorLogger, ) *MultiUDPPortAssociate
Creates new MultiUDPPortAssociate.
func (*MultiUDPPortAssociate) OnAssociate ¶
type NameResolver ¶
type NameResolver interface {
Resolve(ctx context.Context, name string) (context.Context, net.IP, error)
}
NameResolver is used to implement custom name resolution
type NoAuthAuthenticator ¶
type NoAuthAuthenticator struct{}
NoAuthAuthenticator is used to handle the "No Authentication" mode
func (NoAuthAuthenticator) Authenticate ¶
func (a NoAuthAuthenticator) Authenticate(_ io.Reader, writer io.Writer) (*AuthContext, error)
Authenticate implementation of Authenticator
func (NoAuthAuthenticator) GetCode ¶
func (a NoAuthAuthenticator) GetCode() uint8
GetCode implementation of Authenticator
type NoOpResolver ¶
type NoOpResolver struct{}
type NoUDPHandler ¶
type NoUDPHandler struct {
// contains filtered or unexported fields
}
func (*NoUDPHandler) ErrLog ¶
func (t *NoUDPHandler) ErrLog() ErrorLogger
func (*NoUDPHandler) OnAssociate ¶
type PermitCommand ¶
PermitCommand is an implementation of the RuleSet which enables filtering supported commands
type RemoteUDPConn ¶
type RemoteUDPConnFactory ¶
type RemoteUDPConnFactory interface { MakeRemoteUDPConn(ctxClient ContextGo, ctxServer ContextGo, sendBack UDPSendBack, onBroken func()) (RemoteUDPConn, error) MaxUDPPacketSize() uint }
type Request ¶
type Request struct { // Protocol version Version uint8 // Requested command Command uint8 // AuthContext provided during negotiation AuthContext *AuthContext // AddrSpec of the the network that sent the request RemoteAddr *AddrSpec // AddrSpec of the desired destination DestAddr *AddrSpec // contains filtered or unexported fields }
A Request represents request received by a server
func NewRequest ¶
NewRequest creates a new Request from the tcp connection
func (*Request) SendAssociateSuccess ¶
type RuleSet ¶
RuleSet is used to provide custom rules to allow or prohibit actions
func PermitAll ¶
func PermitAll() RuleSet
PermitAll returns a RuleSet which allows all types of connections
func PermitNone ¶
func PermitNone() RuleSet
PermitNone returns a RuleSet which disallows all types of connections
type Server ¶
type Server struct {
// contains filtered or unexported fields
}
Server is responsible for accepting connections and handling the details of the SOCKS5 protocol
func (*Server) ListenAndServe ¶
ListenAndServe is used to create a listener and serve on it
type SinglePortUDPHandler ¶
type SinglePortUDPHandler struct { // used for udp associate, defaults to automatically chosen free UDP port UDPListenPort int // contains filtered or unexported fields }
func (*SinglePortUDPHandler) MakeRemoteUDPConn ¶
func (u *SinglePortUDPHandler) MakeRemoteUDPConn( ctxClient ContextGo, _ ContextGo, sendBack UDPSendBack, onBroken func(), ) (RemoteUDPConn, error)
func (*SinglePortUDPHandler) MaxUDPPacketSize ¶
func (u *SinglePortUDPHandler) MaxUDPPacketSize() uint
func (*SinglePortUDPHandler) OnAssociate ¶
func (*SinglePortUDPHandler) OnStartServe ¶
func (s *SinglePortUDPHandler) OnStartServe(ctxServer ContextGo, l net.Listener) error
type SingleUDPPortAssociate ¶
type SingleUDPPortAssociate struct {
// contains filtered or unexported fields
}
func MakeSingleUDPPortAssociate ¶
func MakeSingleUDPPortAssociate(udpAddr *AddrSpec, connFactory RemoteUDPConnFactory, log ErrorLogger) *SingleUDPPortAssociate
Creates new SingleUDPPortAssociate. Either ListenAndServeUDPPort or ServeUDPPort MUST be called after creation to start serving UDP port. It is convenient to call ListenAndServeUDPPort from Handler.OnStartServe.
udpAddr MUST contain IP to listen UDP port on. It also MAY contain FQDN, if it should be sent to clients in associate responses. udpAddr MUST have valid Port, if is started with ServeUDPPort, otherwise it MAY have Port == 0 (then Port will be chosen automatically in ListenAndServeUDPPort)
func (*SingleUDPPortAssociate) ListenAndServeUDPPort ¶
func (s *SingleUDPPortAssociate) ListenAndServeUDPPort(ctxServer ContextGo, udpNet string) error
ListenAndServeUDPPort is used to create incoming UDP port and serve on it
func (*SingleUDPPortAssociate) OnAssociate ¶
func (s *SingleUDPPortAssociate) OnAssociate(conn net.Conn) error
func (*SingleUDPPortAssociate) ServeUDPPort ¶
func (s *SingleUDPPortAssociate) ServeUDPPort(ctxServer ContextGo, udpConn *net.UDPConn) error
type StaticCredentials ¶
StaticCredentials enables using a map directly as a credential store
func (StaticCredentials) Valid ¶
func (s StaticCredentials) Valid(user, password string) bool
Valid ...
type UDPSendBack ¶
type UDPSendBackTo ¶
func MakeSendBackTo ¶
func MakeSendBackTo(udpConn *net.UDPConn) UDPSendBackTo
type UserPassAuthenticator ¶
type UserPassAuthenticator struct {
Credentials CredentialStore
}
UserPassAuthenticator is used to handle username/password based authentication
func (UserPassAuthenticator) Authenticate ¶
func (a UserPassAuthenticator) Authenticate(reader io.Reader, writer io.Writer) (*AuthContext, error)
Authenticate implementation of Authenticator
func (UserPassAuthenticator) GetCode ¶
func (a UserPassAuthenticator) GetCode() uint8
GetCode implementation of Authenticator