diff --git a/proxy/shadowsocks/ota_test.go b/proxy/shadowsocks/ota_test.go new file mode 100644 index 00000000..44564ea9 --- /dev/null +++ b/proxy/shadowsocks/ota_test.go @@ -0,0 +1,22 @@ +package shadowsocks_test + +import ( + "testing" + + "github.com/v2ray/v2ray-core/common/alloc" + . "github.com/v2ray/v2ray-core/proxy/shadowsocks" + v2testing "github.com/v2ray/v2ray-core/testing" + "github.com/v2ray/v2ray-core/testing/assert" +) + +func TestNormalChunkReading(t *testing.T) { + v2testing.Current(t) + + buffer := alloc.NewBuffer().Clear().AppendBytes( + 0, 8, 39, 228, 69, 96, 133, 39, 254, 26, 201, 70, 11, 12, 13, 14, 15, 16, 17, 18) + reader := NewChunkReader(buffer, NewAuthenticator(ChunkKeyGenerator( + []byte{21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36}))) + payload, err := reader.Read() + assert.Error(err).IsNil() + assert.Bytes(payload.Value).Equals([]byte{11, 12, 13, 14, 15, 16, 17, 18}) +} diff --git a/proxy/socks/protocol/socks.go b/proxy/socks/protocol/socks.go index 09e3fdf2..2b623252 100644 --- a/proxy/socks/protocol/socks.go +++ b/proxy/socks/protocol/socks.go @@ -2,7 +2,6 @@ package protocol import ( "io" - "net" "github.com/v2ray/v2ray-core/common/alloc" "github.com/v2ray/v2ray-core/common/log" @@ -73,13 +72,13 @@ func ReadAuthentication(reader io.Reader) (auth Socks5AuthenticationRequest, aut auth.nMethods = buffer.Value[1] if auth.nMethods <= 0 { log.Warning("Socks: Zero length of authentication methods") - err = transport.ErrorCorruptedPacket + err = proxy.ErrorInvalidAuthentication return } if nBytes-2 != int(auth.nMethods) { log.Warning("Socks: Unmatching number of auth methods, expecting ", auth.nMethods, ", but got ", nBytes) - err = transport.ErrorCorruptedPacket + err = proxy.ErrorInvalidAuthentication return } copy(auth.authMethods[:], buffer.Value[2:nBytes]) @@ -191,14 +190,11 @@ func ReadRequest(reader io.Reader) (request *Socks5Request, err error) { buffer := alloc.NewSmallBuffer() defer buffer.Release() - nBytes, err := reader.Read(buffer.Value[:4]) + _, err = io.ReadFull(reader, buffer.Value[:4]) if err != nil { return } - if nBytes < 4 { - err = transport.ErrorCorruptedPacket - return - } + request = &Socks5Request{ Version: buffer.Value[0], Command: buffer.Value[1], @@ -207,54 +203,37 @@ func ReadRequest(reader io.Reader) (request *Socks5Request, err error) { } switch request.AddrType { case AddrTypeIPv4: - nBytes, err = reader.Read(request.IPv4[:]) + _, err = io.ReadFull(reader, request.IPv4[:]) if err != nil { return } - if nBytes != 4 { - err = transport.ErrorCorruptedPacket - return - } case AddrTypeDomain: - nBytes, err = reader.Read(buffer.Value[0:1]) + _, err = io.ReadFull(reader, buffer.Value[0:1]) if err != nil { return } domainLength := buffer.Value[0] - nBytes, err = reader.Read(buffer.Value[:domainLength]) + _, err = io.ReadFull(reader, buffer.Value[:domainLength]) if err != nil { return } - if nBytes != int(domainLength) { - log.Warning("Socks: Unable to read domain with ", nBytes, " bytes, expecting ", domainLength, " bytes") - err = transport.ErrorCorruptedPacket - return - } request.Domain = string(append([]byte(nil), buffer.Value[:domainLength]...)) case AddrTypeIPv6: - nBytes, err = reader.Read(request.IPv6[:]) + _, err = io.ReadFull(reader, request.IPv6[:]) if err != nil { return } - if nBytes != 16 { - err = transport.ErrorCorruptedPacket - return - } default: log.Warning("Socks: Unexpected address type ", request.AddrType) err = transport.ErrorCorruptedPacket return } - nBytes, err = reader.Read(buffer.Value[:2]) + _, err = io.ReadFull(reader, buffer.Value[:2]) if err != nil { return } - if nBytes != 2 { - err = transport.ErrorCorruptedPacket - return - } request.Port = v2net.PortFromBytes(buffer.Value[:2]) return @@ -267,12 +246,7 @@ func (request *Socks5Request) Destination() v2net.Destination { case AddrTypeIPv6: return v2net.TCPDestination(v2net.IPAddress(request.IPv6[:]), request.Port) case AddrTypeDomain: - maybeIP := net.ParseIP(request.Domain) - if maybeIP != nil { - return v2net.TCPDestination(v2net.IPAddress(maybeIP), request.Port) - } else { - return v2net.TCPDestination(v2net.DomainAddress(request.Domain), request.Port) - } + return v2net.TCPDestination(v2net.ParseAddress(request.Domain), request.Port) default: panic("Unknown address type") } diff --git a/proxy/socks/protocol/socks_test.go b/proxy/socks/protocol/socks_test.go index d0278ab4..c361d42f 100644 --- a/proxy/socks/protocol/socks_test.go +++ b/proxy/socks/protocol/socks_test.go @@ -8,6 +8,7 @@ import ( "github.com/v2ray/v2ray-core/common/alloc" v2net "github.com/v2ray/v2ray-core/common/net" v2netassert "github.com/v2ray/v2ray-core/common/net/testing/assert" + "github.com/v2ray/v2ray-core/proxy" v2testing "github.com/v2ray/v2ray-core/testing" "github.com/v2ray/v2ray-core/testing/assert" "github.com/v2ray/v2ray-core/transport" @@ -31,12 +32,12 @@ func TestHasAuthenticationMethod(t *testing.T) { func TestAuthenticationRequestRead(t *testing.T) { v2testing.Current(t) - rawRequest := []byte{ + buffer := alloc.NewBuffer().Clear().AppendBytes( 0x05, // version 0x01, // nMethods 0x02, // methods - } - request, _, err := ReadAuthentication(bytes.NewReader(rawRequest)) + ) + request, _, err := ReadAuthentication(buffer) assert.Error(err).IsNil() assert.Byte(request.version).Named("Version").Equals(0x05) assert.Byte(request.nMethods).Named("#Methods").Equals(0x01) @@ -126,16 +127,48 @@ func TestSetDomain(t *testing.T) { socksVersion, 0, 0, AddrTypeDomain, 9, 118, 50, 114, 97, 121, 46, 99, 111, 109, 0, 0}) } -func TestEOF(t *testing.T) { +func TestEmptyAuthRequest(t *testing.T) { v2testing.Current(t) - _, _, err := ReadAuthentication(bytes.NewReader(make([]byte, 0))) + _, _, err := ReadAuthentication(alloc.NewBuffer().Clear()) assert.Error(err).Equals(io.EOF) } -func TestSignleByte(t *testing.T) { +func TestSingleByteAuthRequest(t *testing.T) { v2testing.Current(t) _, _, err := ReadAuthentication(bytes.NewReader(make([]byte, 1))) assert.Error(err).Equals(transport.ErrorCorruptedPacket) } + +func TestZeroAuthenticationMethod(t *testing.T) { + v2testing.Current(t) + + buffer := alloc.NewBuffer().Clear().AppendBytes(5, 0) + _, _, err := ReadAuthentication(buffer) + assert.Error(err).Equals(proxy.ErrorInvalidAuthentication) +} +func TestWrongProtocolVersion(t *testing.T) { + v2testing.Current(t) + + buffer := alloc.NewBuffer().Clear().AppendBytes(6, 1, 0) + _, _, err := ReadAuthentication(buffer) + assert.Error(err).Equals(proxy.ErrorInvalidProtocolVersion) +} + +func TestEmptyRequest(t *testing.T) { + v2testing.Current(t) + + _, err := ReadRequest(alloc.NewBuffer().Clear()) + assert.Error(err).Equals(io.EOF) +} + +func TestIPv6Request(t *testing.T) { + v2testing.Current(t) + + request, err := ReadRequest(alloc.NewBuffer().Clear().AppendBytes(5, 1, 0, 4, 1, 2, 3, 4, 5, 6, 7, 8, 9, 0, 1, 2, 3, 4, 5, 6, 0, 8)) + assert.Error(err).IsNil() + assert.Byte(request.Command).Equals(1) + assert.Bytes(request.IPv6[:]).Equals([]byte{1, 2, 3, 4, 5, 6, 7, 8, 9, 0, 1, 2, 3, 4, 5, 6}) + v2netassert.Port(request.Port).Equals(8) +} diff --git a/proxy/socks/protocol/udp.go b/proxy/socks/protocol/udp.go index 11cbceff..41995dfd 100644 --- a/proxy/socks/protocol/udp.go +++ b/proxy/socks/protocol/udp.go @@ -2,7 +2,6 @@ package protocol import ( "errors" - "net" "github.com/v2ray/v2ray-core/common/alloc" "github.com/v2ray/v2ray-core/common/log" @@ -75,12 +74,7 @@ func ReadUDPRequest(packet []byte) (*Socks5UDPRequest, error) { } domain := string(packet[5 : 5+domainLength]) request.Port = v2net.PortFromBytes(packet[5+domainLength : 5+domainLength+2]) - maybeIP := net.ParseIP(domain) - if maybeIP != nil { - request.Address = v2net.IPAddress(maybeIP) - } else { - request.Address = v2net.DomainAddress(domain) - } + request.Address = v2net.ParseAddress(domain) dataBegin = 5 + domainLength + 2 default: log.Warning("Unknown address type ", addrType) diff --git a/proxy/socks/protocol/udp_test.go b/proxy/socks/protocol/udp_test.go index ee377318..0b5f3f13 100644 --- a/proxy/socks/protocol/udp_test.go +++ b/proxy/socks/protocol/udp_test.go @@ -10,7 +10,7 @@ import ( "github.com/v2ray/v2ray-core/transport" ) -func TestSingleByteRequest(t *testing.T) { +func TestSingleByteUDPRequest(t *testing.T) { v2testing.Current(t) request, err := ReadUDPRequest(make([]byte, 1)) diff --git a/proxy/socks/socks.go b/proxy/socks/socks.go index 492f1037..62819965 100644 --- a/proxy/socks/socks.go +++ b/proxy/socks/socks.go @@ -118,7 +118,7 @@ func (this *SocksServer) handleSocks5(reader *v2net.TimeOutReader, writer io.Wri log.Error("Socks: failed to write authentication: ", err) return err } - log.Warning("Socks: client doesn't support allowed any auth methods.") + log.Warning("Socks: client doesn't support any allowed auth methods.") return ErrorUnsupportedAuthMethod }