more protocol implementation

9 years ago · cba26dabe8
parent be09847bbd
commit cba26dabe8
7 changed files with 369 additions and 2 deletions
--- a/common/protocol/encoding.go
+++ b/common/protocol/encoding.go
@ -10,7 +10,7 @@ type RequestEncoder interface {
 }

 type RequestDecoder interface {
-	DecodeRequestHeader(io.Reader) *RequestHeader
+	DecodeRequestHeader(io.Reader) (*RequestHeader, error)
 	DecodeRequestBody(io.Reader) io.Reader
 }

@ -20,6 +20,6 @@ type ResponseEncoder interface {
 }

 type ResponseDecoder interface {
-	DecodeResponseHeader(io.Reader) *ResponseHeader
+	DecodeResponseHeader(io.Reader) (*ResponseHeader, error)
 	DecodeResponseBody(io.Reader) io.Reader
 }
--- a/common/protocol/errors.go
+++ b/common/protocol/errors.go
@ -0,0 +1,10 @@
+package protocol
+
+import (
+	"errors"
+)
+
+var (
+	ErrorInvalidUser    = errors.New("Invalid user.")
+	ErrorInvalidVersion = errors.New("Invalid version.")
+)
--- a/common/protocol/headers.go
+++ b/common/protocol/headers.go
@ -2,6 +2,8 @@ package protocol

 import (
 	v2net "github.com/v2ray/v2ray-core/common/net"
+	"github.com/v2ray/v2ray-core/common/serial"
+	"github.com/v2ray/v2ray-core/common/uuid"
 )

 type RequestCommand byte
@ -31,3 +33,12 @@ type ResponseCommand interface{}
 type ResponseHeader struct {
 	Command ResponseCommand
 }
+
+type CommandSwitchAccount struct {
+	Host     v2net.Address
+	Port     v2net.Port
+	ID       *uuid.UUID
+	AlterIds serial.Uint16Literal
+	Level    UserLevel
+	ValidMin byte
+}
--- a/common/protocol/raw/client.go
+++ b/common/protocol/raw/client.go
@ -8,7 +8,9 @@ import (

 	"github.com/v2ray/v2ray-core/common/alloc"
 	"github.com/v2ray/v2ray-core/common/crypto"
+	"github.com/v2ray/v2ray-core/common/log"
 	"github.com/v2ray/v2ray-core/common/protocol"
+	"github.com/v2ray/v2ray-core/transport"
 )

 func hashTimestamp(t protocol.Timestamp) []byte {
@ -27,6 +29,7 @@ type ClientSession struct {
 	responseHeader  byte
 	responseBodyKey []byte
 	responseBodyIV  []byte
+	responseReader  io.Reader
 	idHash          protocol.IDHash
 }

@ -38,6 +41,10 @@ func NewClientSession(idHash protocol.IDHash) *ClientSession {
 	session.requestBodyKey = randomBytes[:16]
 	session.requestBodyIV = randomBytes[16:32]
 	session.responseHeader = randomBytes[32]
+	responseBodyKey := md5.Sum(session.requestBodyKey)
+	responseBodyIV := md5.Sum(session.requestBodyIV)
+	session.responseBodyKey = responseBodyKey[:]
+	session.responseBodyIV = responseBodyIV[:]
 	session.idHash = idHash

 	return session
@ -97,3 +104,42 @@ func (this *ClientSession) EncodeRequestBody(writer io.Writer) io.Writer {
 	return crypto.NewCryptionWriter(aesStream, writer)
 }

+func (this *ClientSession) DecodeResponseHeader(reader io.Reader) (*protocol.ResponseHeader, error) {
+	aesStream := crypto.NewAesDecryptionStream(this.responseBodyKey, this.responseBodyIV)
+	this.responseReader = crypto.NewCryptionReader(aesStream, reader)
+
+	buffer := alloc.NewSmallBuffer()
+	defer buffer.Release()
+
+	_, err := io.ReadFull(this.responseReader, buffer.Value[:4])
+	if err != nil {
+		log.Error("Raw: Failed to read response header: ", err)
+		return nil, err
+	}
+
+	if buffer.Value[0] != this.responseHeader {
+		log.Warning("Raw: Unexpected response header. Expecting %d, but actually %d", this.responseHeader, buffer.Value[0])
+		return nil, transport.ErrorCorruptedPacket
+	}
+
+	header := new(protocol.ResponseHeader)
+
+	if buffer.Value[2] != 0 {
+		cmdId := buffer.Value[2]
+		dataLen := int(buffer.Value[3])
+		_, err := io.ReadFull(this.responseReader, buffer.Value[:dataLen])
+		if err != nil {
+			log.Error("Raw: Failed to read response command: ", err)
+			return nil, err
+		}
+		data := buffer.Value[:dataLen]
+		command, err := UnmarshalCommand(cmdId, data)
+		header.Command = command
+	}
+
+	return header, nil
+}
+
+func (this *ClientSession) DecodeResponseBody(reader io.Reader) io.Reader {
+	return this.responseReader
+}
--- a/common/protocol/raw/commands.go
+++ b/common/protocol/raw/commands.go
@ -0,0 +1,115 @@
+package raw
+
+import (
+	"errors"
+	"io"
+
+	v2net "github.com/v2ray/v2ray-core/common/net"
+	"github.com/v2ray/v2ray-core/common/protocol"
+	"github.com/v2ray/v2ray-core/common/serial"
+	"github.com/v2ray/v2ray-core/common/uuid"
+	"github.com/v2ray/v2ray-core/transport"
+)
+
+var (
+	ErrorCommandTypeMismatch = errors.New("Command type mismatch.")
+	ErrorUnknownCommand      = errors.New("Unknown command.")
+)
+
+func MarshalCommand(command interface{}, writer io.Writer) error {
+	var factory CommandFactory
+	switch command.(type) {
+	case *protocol.CommandSwitchAccount:
+		factory = new(CommandSwitchAccountFactory)
+	default:
+		return ErrorUnknownCommand
+	}
+	return factory.Marshal(command, writer)
+}
+
+func UnmarshalCommand(cmdId byte, data []byte) (protocol.ResponseCommand, error) {
+	var factory CommandFactory
+	switch cmdId {
+	case 1:
+		factory = new(CommandSwitchAccountFactory)
+	default:
+		return nil, ErrorUnknownCommand
+	}
+	return factory.Unmarshal(data)
+}
+
+type CommandFactory interface {
+	Marshal(command interface{}, writer io.Writer) error
+	Unmarshal(data []byte) (interface{}, error)
+}
+
+type CommandSwitchAccountFactory struct {
+}
+
+func (this *CommandSwitchAccountFactory) Marshal(command interface{}, writer io.Writer) error {
+	cmd, ok := command.(*protocol.CommandSwitchAccount)
+	if !ok {
+		return ErrorCommandTypeMismatch
+	}
+
+	hostStr := ""
+	if cmd.Host != nil {
+		hostStr = cmd.Host.String()
+	}
+	writer.Write([]byte{byte(len(hostStr))})
+
+	if len(hostStr) > 0 {
+		writer.Write([]byte(hostStr))
+	}
+
+	writer.Write(cmd.Port.Bytes())
+
+	idBytes := cmd.ID.Bytes()
+	writer.Write(idBytes)
+
+	writer.Write(cmd.AlterIds.Bytes())
+	writer.Write([]byte{byte(cmd.Level)})
+
+	writer.Write([]byte{cmd.ValidMin})
+	return nil
+}
+
+func (this *CommandSwitchAccountFactory) Unmarshal(data []byte) (interface{}, error) {
+	cmd := new(protocol.CommandSwitchAccount)
+	if len(data) == 0 {
+		return nil, transport.ErrorCorruptedPacket
+	}
+	lenHost := int(data[0])
+	if len(data) < lenHost+1 {
+		return nil, transport.ErrorCorruptedPacket
+	}
+	if lenHost > 0 {
+		cmd.Host = v2net.ParseAddress(string(data[1 : 1+lenHost]))
+	}
+	portStart := 1 + lenHost
+	if len(data) < portStart+2 {
+		return nil, transport.ErrorCorruptedPacket
+	}
+	cmd.Port = v2net.PortFromBytes(data[portStart : portStart+2])
+	idStart := portStart + 2
+	if len(data) < idStart+16 {
+		return nil, transport.ErrorCorruptedPacket
+	}
+	cmd.ID, _ = uuid.ParseBytes(data[idStart : idStart+16])
+	alterIdStart := idStart + 16
+	if len(data) < alterIdStart+2 {
+		return nil, transport.ErrorCorruptedPacket
+	}
+	cmd.AlterIds = serial.BytesLiteral(data[alterIdStart : alterIdStart+2]).Uint16()
+	levelStart := alterIdStart + 2
+	if len(data) < levelStart+1 {
+		return nil, transport.ErrorCorruptedPacket
+	}
+	cmd.Level = protocol.UserLevel(data[levelStart])
+	timeStart := levelStart + 1
+	if len(data) < timeStart {
+		return nil, transport.ErrorCorruptedPacket
+	}
+	cmd.ValidMin = data[timeStart]
+	return cmd, nil
+}
--- a/common/protocol/raw/commands_test.go
+++ b/common/protocol/raw/commands_test.go
@ -0,0 +1,42 @@
+package raw_test
+
+import (
+	"bytes"
+	"testing"
+
+	netassert "github.com/v2ray/v2ray-core/common/net/testing/assert"
+	"github.com/v2ray/v2ray-core/common/protocol"
+	. "github.com/v2ray/v2ray-core/common/protocol/raw"
+	"github.com/v2ray/v2ray-core/common/uuid"
+	v2testing "github.com/v2ray/v2ray-core/testing"
+	"github.com/v2ray/v2ray-core/testing/assert"
+)
+
+func TestSwitchAccount(t *testing.T) {
+	v2testing.Current(t)
+
+	sa := &protocol.CommandSwitchAccount{
+		Port:     1234,
+		ID:       uuid.New(),
+		AlterIds: 1024,
+		Level:    128,
+		ValidMin: 16,
+	}
+
+	buffer := bytes.NewBuffer(make([]byte, 0, 1024))
+	err := MarshalCommand(sa, buffer)
+	assert.Error(err).IsNil()
+
+	cmd, err := UnmarshalCommand(1, buffer.Bytes())
+	assert.Error(err).IsNil()
+
+	sa2, ok := cmd.(*protocol.CommandSwitchAccount)
+	assert.Bool(ok).IsTrue()
+	assert.Pointer(sa.Host).IsNil()
+	assert.Pointer(sa2.Host).IsNil()
+	netassert.Port(sa.Port).Equals(sa2.Port)
+	assert.String(sa.ID).Equals(sa2.ID.String())
+	assert.Uint16(sa.AlterIds.Value()).Equals(sa2.AlterIds.Value())
+	assert.Byte(byte(sa.Level)).Equals(byte(sa2.Level))
+	assert.Byte(sa.ValidMin).Equals(sa2.ValidMin)
+}
--- a/common/protocol/raw/server.go
+++ b/common/protocol/raw/server.go
@ -0,0 +1,143 @@
+package raw
+
+import (
+	"crypto/md5"
+	"hash/fnv"
+	"io"
+
+	"github.com/v2ray/v2ray-core/common/alloc"
+	"github.com/v2ray/v2ray-core/common/crypto"
+	"github.com/v2ray/v2ray-core/common/log"
+	v2net "github.com/v2ray/v2ray-core/common/net"
+	"github.com/v2ray/v2ray-core/common/protocol"
+	"github.com/v2ray/v2ray-core/common/serial"
+	"github.com/v2ray/v2ray-core/transport"
+)
+
+type ServerSession struct {
+	userValidator   protocol.UserValidator
+	requestBodyKey  []byte
+	requestBodyIV   []byte
+	responseBodyKey []byte
+	responseBodyIV  []byte
+	responseHeader  byte
+	responseWriter  io.Writer
+}
+
+func (this *ServerSession) DecodeRequestHeader(reader io.Reader) (*protocol.RequestHeader, error) {
+	buffer := alloc.NewSmallBuffer()
+	defer buffer.Release()
+
+	_, err := io.ReadFull(reader, buffer.Value[:protocol.IDBytesLen])
+	if err != nil {
+		log.Error("Raw: Failed to read request header: ", err)
+		return nil, err
+	}
+
+	user, timestamp, valid := this.userValidator.Get(buffer.Value[:protocol.IDBytesLen])
+	if !valid {
+		return nil, protocol.ErrorInvalidUser
+	}
+
+	timestampHash := md5.New()
+	timestampHash.Write(hashTimestamp(timestamp))
+	iv := timestampHash.Sum(nil)
+	aesStream := crypto.NewAesDecryptionStream(user.ID.CmdKey(), iv)
+	decryptor := crypto.NewCryptionReader(aesStream, reader)
+
+	nBytes, err := io.ReadFull(decryptor, buffer.Value[:41])
+	if err != nil {
+		log.Debug("Raw: Failed to read request header (", nBytes, " bytes): ", err)
+		return nil, err
+	}
+	bufferLen := nBytes
+
+	request := &protocol.RequestHeader{
+		User:    user,
+		Version: buffer.Value[0],
+	}
+
+	if request.Version != Version {
+		log.Warning("Raw: Invalid protocol version ", request.Version)
+		return nil, protocol.ErrorInvalidVersion
+	}
+
+	this.requestBodyIV = append([]byte(nil), buffer.Value[1:17]...)   // 16 bytes
+	this.requestBodyKey = append([]byte(nil), buffer.Value[17:33]...) // 16 bytes
+	this.responseHeader = buffer.Value[33]                            // 1 byte
+	request.Option = protocol.RequestOption(buffer.Value[34])         // 1 byte + 2 bytes reserved
+	request.Command = protocol.RequestCommand(buffer.Value[37])
+
+	request.Port = v2net.PortFromBytes(buffer.Value[38:40])
+
+	switch buffer.Value[40] {
+	case AddrTypeIPv4:
+		nBytes, err = io.ReadFull(decryptor, buffer.Value[41:45]) // 4 bytes
+		bufferLen += 4
+		if err != nil {
+			log.Debug("VMess: Failed to read target IPv4 (", nBytes, " bytes): ", err)
+			return nil, err
+		}
+		request.Address = v2net.IPAddress(buffer.Value[41:45])
+	case AddrTypeIPv6:
+		nBytes, err = io.ReadFull(decryptor, buffer.Value[41:57]) // 16 bytes
+		bufferLen += 16
+		if err != nil {
+			log.Debug("VMess: Failed to read target IPv6 (", nBytes, " bytes): ", nBytes, err)
+			return nil, err
+		}
+		request.Address = v2net.IPAddress(buffer.Value[41:57])
+	case AddrTypeDomain:
+		nBytes, err = io.ReadFull(decryptor, buffer.Value[41:42])
+		if err != nil {
+			log.Debug("VMess: Failed to read target domain (", nBytes, " bytes): ", nBytes, err)
+			return nil, err
+		}
+		domainLength := int(buffer.Value[41])
+		if domainLength == 0 {
+			return nil, transport.ErrorCorruptedPacket
+		}
+		nBytes, err = io.ReadFull(decryptor, buffer.Value[42:42+domainLength])
+		if err != nil {
+			log.Debug("VMess: Failed to read target domain (", nBytes, " bytes): ", nBytes, err)
+			return nil, err
+		}
+		bufferLen += 1 + domainLength
+		domainBytes := append([]byte(nil), buffer.Value[42:42+domainLength]...)
+		request.Address = v2net.DomainAddress(string(domainBytes))
+	}
+
+	nBytes, err = io.ReadFull(decryptor, buffer.Value[bufferLen:bufferLen+4])
+	if err != nil {
+		log.Debug("VMess: Failed to read checksum (", nBytes, " bytes): ", nBytes, err)
+		return nil, err
+	}
+
+	fnv1a := fnv.New32a()
+	fnv1a.Write(buffer.Value[:bufferLen])
+	actualHash := fnv1a.Sum32()
+	expectedHash := serial.BytesLiteral(buffer.Value[bufferLen : bufferLen+4]).Uint32Value()
+
+	if actualHash != expectedHash {
+		return nil, transport.ErrorCorruptedPacket
+	}
+
+	return request, nil
+}
+
+func (this *ServerSession) DecodeRequestBody(reader io.Reader) io.Reader {
+	aesStream := crypto.NewAesDecryptionStream(this.requestBodyKey, this.requestBodyIV)
+	return crypto.NewCryptionReader(aesStream, reader)
+}
+
+func (this *ServerSession) EncodeResponseHeader(header *protocol.ResponseHeader, writer io.Writer) {
+	responseBodyKey := md5.Sum(this.requestBodyKey)
+	responseBodyIV := md5.Sum(this.requestBodyIV)
+	this.responseBodyKey = responseBodyKey[:]
+	this.requestBodyIV = responseBodyIV[:]
+
+	aesStream := crypto.NewAesEncryptionStream(this.responseBodyKey, this.responseBodyIV)
+	encryptionWriter := crypto.NewCryptionWriter(aesStream, writer)
+	this.responseWriter = encryptionWriter
+
+}