http proxy

luyuhuang · luyuhuang · commit 2359f3a057c8 · 2020-12-26T18:29:16.000+08:00
diff --git a/client/client.go b/client/client.go
@@ -1,6 +1,7 @@
 package client
 
 import (
+	"bufio"
 	"crypto/tls"
 	"errors"
 	"io"
@@ -37,6 +38,7 @@ func (c *Client) Serve() error {
 		return err
 	}
 	log.Printf("Client starts to listen socks5://%s", listener.Addr().String())
+	log.Printf("Client starts to listen http://%s", listener.Addr().String())
 
 	for {
 		conn, err := listener.Accept()
@@ -45,8 +47,41 @@ func (c *Client) Serve() error {
 			continue
 		}
 
-		go c.handler(conn)
+		go func() {
+			br := bufio.NewReader(conn)
+			handler, err := probeProtocol(br)
+			if err != nil {
+				conn.Close()
+				log.Printf("Probe protocol failed: %s", err)
+				return
+			}
+
+			handler(c, &bufferedConn{conn, br})
+		}()
+	}
+}
+
+func probeProtocol(br *bufio.Reader) (func(*Client, net.Conn), error) {
+	b, err := br.Peek(1)
+	if err != nil {
+		return nil, err
 	}
+
+	switch b[0] {
+	case socks.Version:
+		return (*Client).socks5Handler, nil
+	default:
+		return (*Client).httpHandler, nil
+	}
+}
+
+type bufferedConn struct {
+	net.Conn
+	br *bufio.Reader
+}
+
+func (c *bufferedConn) Read(b []byte) (int, error) {
+	return c.br.Read(b)
 }
 
 var protocol2wrapper = map[string]func(*Client, net.Conn) net.Conn{
diff --git a/client/http.go b/client/http.go
@@ -8,9 +8,13 @@ import (
 	"fmt"
 	"io"
 	"io/ioutil"
+	"log"
 	"net"
 	"net/http"
 	"net/url"
+
+	"github.com/luyuhuang/subsocks/socks"
+	"github.com/luyuhuang/subsocks/utils"
 )
 
 func (c *Client) wrapHTTPS(conn net.Conn) net.Conn {
@@ -21,6 +25,130 @@ func (c *Client) wrapHTTP(conn net.Conn) net.Conn {
 	return newHTTPWrapper(conn, c)
 }
 
+func isValidHTTPProxyRequest(req *http.Request) bool {
+	if req.URL.Host == "" {
+		return false
+	}
+	if req.Method != http.MethodConnect && req.URL.Scheme != "http" {
+		return false
+	}
+	return true
+}
+
+func httpReply(statusCode int, status string) *http.Response {
+	return &http.Response{
+		ProtoMajor: 1,
+		ProtoMinor: 1,
+		StatusCode: statusCode,
+		Status:     status,
+	}
+}
+
+func (c *Client) httpHandler(conn net.Conn) {
+	defer conn.Close()
+
+	req, err := http.ReadRequest(bufio.NewReader(conn))
+	if err != nil {
+		log.Printf("[http] read HTTP request failed: %s", err)
+		return
+	}
+	defer req.Body.Close()
+
+	if !isValidHTTPProxyRequest(req) {
+		log.Printf("[http] invalid http proxy request: %v", req)
+		httpReply(http.StatusBadRequest, "").Write(conn)
+		return
+	}
+
+	host := req.URL.Hostname()
+	addr := req.URL.Host
+	if req.URL.Port() == "" {
+		addr = net.JoinHostPort(addr, "80")
+	}
+
+	var nextHop net.Conn
+	var isProxy bool
+	if rule := c.Rules.getRule(host); rule == ruleProxy {
+		log.Printf(`[http] dial server to connect %s for %s`, addr, conn.RemoteAddr())
+
+		isProxy = true
+		nextHop, err = c.dialServer()
+		if err != nil {
+			log.Printf(`[http] dial server failed: %s`, err)
+			httpReply(http.StatusServiceUnavailable, "").Write(conn)
+			return
+		}
+
+	} else {
+		log.Printf(`[http] dial %s for %s`, addr, conn.RemoteAddr())
+
+		nextHop, err = net.Dial("tcp", addr)
+		if err != nil {
+			if rule == ruleAuto {
+				log.Printf(`[http] dial %s failed, dial server for %s`, addr, conn.RemoteAddr())
+
+				isProxy = true
+				nextHop, err = c.dialServer()
+				if err != nil {
+					log.Printf(`[http] dial server failed: %s`, err)
+					httpReply(http.StatusServiceUnavailable, "").Write(conn)
+					return
+				}
+				c.Rules.setAsProxy(host)
+
+			} else {
+				log.Printf(`[http] dial remote failed: %s`, err)
+				httpReply(http.StatusServiceUnavailable, "").Write(conn)
+				return
+			}
+		}
+
+	}
+	defer nextHop.Close()
+
+	var dash rune
+	if isProxy {
+		socksAddr, _ := socks.NewAddr(addr)
+		if err = socks.NewRequest(socks.CmdConnect, socksAddr).Write(nextHop); err != nil {
+			log.Printf(`[http] send request failed: %s`, err)
+			httpReply(http.StatusServiceUnavailable, "").Write(conn)
+			return
+		}
+		if r, e := socks.ReadReply(nextHop); e != nil {
+			log.Printf(`[http] read reply failed: %s`, err)
+			httpReply(http.StatusServiceUnavailable, "").Write(conn)
+			return
+		} else if r.Rep != socks.Succeeded {
+			log.Printf(`[http] server connect failed: %q`, r)
+			httpReply(http.StatusServiceUnavailable, "").Write(conn)
+			return
+		}
+
+		dash = '-'
+	} else {
+		dash = '='
+	}
+
+	if req.Method == http.MethodConnect {
+		if err = httpReply(http.StatusOK, "200 Connection Established").Write(conn); err != nil {
+			log.Printf(`[http] write reply failed: %s`, err)
+			return
+		}
+	} else {
+		req.Header.Del("Proxy-Connection")
+		if err = req.Write(nextHop); err != nil {
+			log.Printf(`[http] relay request failed: %s`, err)
+			return
+		}
+	}
+
+	log.Printf(`[http] tunnel established %s <%c> %s`, conn.RemoteAddr(), dash, addr)
+	if err := utils.Transport(conn, nextHop); err != nil {
+		log.Printf(`[http] transport failed: %s`, err)
+	}
+	log.Printf(`[http] tunnel disconnected %s >%c< %s`, conn.RemoteAddr(), dash, addr)
+}
+
 type httpWrapper struct {
 	net.Conn
 	client *Client
diff --git a/client/socks.go b/client/socks.go
@@ -15,7 +15,7 @@ func (c *Client) wrapSocks(conn net.Conn) net.Conn {
 	return conn
 }
 
-func (c *Client) handler(conn net.Conn) {
+func (c *Client) socks5Handler(conn net.Conn) {
 	defer conn.Close()
 
 	// select method
diff --git a/subsocks.go b/subsocks.go
@@ -1,7 +1,7 @@
 package main
 
 // Version of subsocks
-const Version = "0.2.2"
+const Version = "0.3.0"
 
 var needsTLS = map[string]bool{
 	"https": true,

Original file line number	Diff line number	Diff line change
`@@ -15,7 +15,7 @@ func (c *Client) wrapSocks(conn net.Conn) net.Conn {`
`15`	`15`	`return conn`
`16`	`16`	`}`
`17`	`17`
`18`		`-func (c *Client) handler(conn net.Conn) {`
	`18`	`+func (c *Client) socks5Handler(conn net.Conn) {`
`19`	`19`	`defer conn.Close()`
`20`	`20`
`21`	`21`	`// select method`