github
/
v2ray-core
mirror of https://github.com/v2ray/v2ray-core
1
0
Fork 0
Code Issues Releases Wiki Activity

pass username to inbound.User.Email in http/socks server

pull/2531/head
tnextday 2019-12-17 11:59:18 +08:00 committed by kslr
parent 7f4f8091f9
commit ad3bcd2c07
3 changed files with 26 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
proxy/http/server.go
View File

@ -85,7 +85,8 @@ type readerOnly struct {
} }
func (s *Server) Process(ctx context.Context, network net.Network, conn internet.Connection, dispatcher routing.Dispatcher) error { func (s *Server) Process(ctx context.Context, network net.Network, conn internet.Connection, dispatcher routing.Dispatcher) error {
if inbound := session.InboundFromContext(ctx); inbound != nil { inbound := session.InboundFromContext(ctx)
if inbound != nil {
inbound.User = &protocol.MemoryUser{ inbound.User = &protocol.MemoryUser{
Level: s.config.UserLevel, Level: s.config.UserLevel,
} }
@ -112,6 +113,9 @@ Start:
if !ok || !s.config.HasAccount(user, pass) { if !ok || !s.config.HasAccount(user, pass) {
return common.Error2(conn.Write([]byte("HTTP/1.1 407 Proxy Authentication Required\r\nProxy-Authenticate: Basic realm=\"proxy\"\r\n\r\n"))) return common.Error2(conn.Write([]byte("HTTP/1.1 407 Proxy Authentication Required\r\nProxy-Authenticate: Basic realm=\"proxy\"\r\n\r\n")))
} }
if inbound != nil {
inbound.User.Email = user
}
} }
newError("request to Method [", request.Method, "] Host [", request.Host, "] with URL [", request.URL, "]").WriteToLog(session.ExportIDToError(ctx)) newError("request to Method [", request.Method, "] Host [", request.Host, "] with URL [", request.URL, "]").WriteToLog(session.ExportIDToError(ctx))

28
proxy/socks/protocol.go
View File

@ -94,12 +94,12 @@ func (s *ServerSession) handshake4(cmd byte, reader io.Reader, writer io.Writer)
} }
} }
func (s *ServerSession) auth5(nMethod byte, reader io.Reader, writer io.Writer) error { func (s *ServerSession) auth5(nMethod byte, reader io.Reader, writer io.Writer) (username string, err error) {
buffer := buf.StackNew() buffer := buf.StackNew()
defer buffer.Release() defer buffer.Release()
if _, err := buffer.ReadFullFrom(reader, int32(nMethod)); err != nil { if _, err = buffer.ReadFullFrom(reader, int32(nMethod)); err != nil {
return newError("failed to read auth methods").Base(err) return "", newError("failed to read auth methods").Base(err)
} }
var expectedAuth byte = authNotRequired var expectedAuth byte = authNotRequired
@ -109,34 +109,39 @@ func (s *ServerSession) auth5(nMethod byte, reader io.Reader, writer io.Writer)
if !hasAuthMethod(expectedAuth, buffer.BytesRange(0, int32(nMethod))) { if !hasAuthMethod(expectedAuth, buffer.BytesRange(0, int32(nMethod))) {
writeSocks5AuthenticationResponse(writer, socks5Version, authNoMatchingMethod) // nolint: errcheck writeSocks5AuthenticationResponse(writer, socks5Version, authNoMatchingMethod) // nolint: errcheck
return newError("no matching auth method") return "", newError("no matching auth method")
} }
if err := writeSocks5AuthenticationResponse(writer, socks5Version, expectedAuth); err != nil { if err := writeSocks5AuthenticationResponse(writer, socks5Version, expectedAuth); err != nil {
return newError("failed to write auth response").Base(err) return "", newError("failed to write auth response").Base(err)
} }
if expectedAuth == authPassword { if expectedAuth == authPassword {
username, password, err := ReadUsernamePassword(reader) username, password, err := ReadUsernamePassword(reader)
if err != nil { if err != nil {
return newError("failed to read username and password for authentication").Base(err) return "", newError("failed to read username and password for authentication").Base(err)
} }
if !s.config.HasAccount(username, password) { if !s.config.HasAccount(username, password) {
writeSocks5AuthenticationResponse(writer, 0x01, 0xFF) // nolint: errcheck writeSocks5AuthenticationResponse(writer, 0x01, 0xFF) // nolint: errcheck
return newError("invalid username or password") return "", newError("invalid username or password")
} }
if err := writeSocks5AuthenticationResponse(writer, 0x01, 0x00); err != nil { if err := writeSocks5AuthenticationResponse(writer, 0x01, 0x00); err != nil {
return newError("failed to write auth response").Base(err) return "", newError("failed to write auth response").Base(err)
} }
return username, nil
} }
return nil return "", nil
} }
func (s *ServerSession) handshake5(nMethod byte, reader io.Reader, writer io.Writer) (*protocol.RequestHeader, error) { func (s *ServerSession) handshake5(nMethod byte, reader io.Reader, writer io.Writer) (*protocol.RequestHeader, error) {
if err := s.auth5(nMethod, reader, writer); err != nil { var (
username string
err error
)
if username, err = s.auth5(nMethod, reader, writer); err != nil {
return nil, err return nil, err
} }
@ -152,6 +157,9 @@ func (s *ServerSession) handshake5(nMethod byte, reader io.Reader, writer io.Wri
} }
request := new(protocol.RequestHeader) request := new(protocol.RequestHeader)
if username != "" {
request.User = &protocol.MemoryUser{Email: username}
}
switch cmd { switch cmd {
case cmdTCPConnect, cmdTorResolve, cmdTorResolvePTR: case cmdTCPConnect, cmdTorResolve, cmdTorResolvePTR:
// We don't have a solution for Tor case now. Simply treat it as connect command. // We don't have a solution for Tor case now. Simply treat it as connect command.

3
proxy/socks/server.go
View File

@ -108,6 +108,9 @@ func (s *Server) processTCP(ctx context.Context, conn internet.Connection, dispa
} }
return newError("failed to read request").Base(err) return newError("failed to read request").Base(err)
} }
if request.User != nil {
inbound.User.Email = request.User.Email
}
if err := conn.SetReadDeadline(time.Time{}); err != nil { if err := conn.SetReadDeadline(time.Time{}); err != nil {
newError("failed to clear deadline").Base(err).WriteToLog(session.ExportIDToError(ctx)) newError("failed to clear deadline").Base(err).WriteToLog(session.ExportIDToError(ctx))