socks5

package module
v0.0.0-...-7026647 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: May 2, 2018 License: MIT Imports: 14 Imported by: 1

README

Golang SOCKS5

  • Tested on Go 1.10
  • A naive server is included in cmd/server
  • net/http's client can do SOCKS5 when HTTP_PROXY environment variable is set. An example is given in cmd/testclient

Example

// Create a SOCKS5 server
conf := &socks5.Config{}
server, err := socks5.New(conf)
if err != nil {
  panic(err)
}

// Create SOCKS5 proxy on localhost port 8000
if err := server.ListenAndServe("tcp", "127.0.0.1:8000"); err != nil {
  panic(err)
}

Credits

  • Modified from github.com/armon/go-socks5

Documentation

Index

Constants

View Source 
const (
	NoAuth = uint8(0)

	UserPassAuth = uint8(2)
)
View Source 
const (
	ConnectCommand   = uint8(1)
	BindCommand      = uint8(2)
	AssociateCommand = uint8(3)
)

Variables

View Source 
var (
	UserAuthFailed  = fmt.Errorf("User authentication failed")
	NoSupportedAuth = fmt.Errorf("No supported authentication mechanism")
)

Functions

This section is empty.

Types

type AddrSpec 

type AddrSpec struct {
	FQDN string
	IP   net.IP
	Port int
}

AddrSpec is used to return the target AddrSpec which may be specified as IPv4, IPv6, or a FQDN

func (AddrSpec) Address 

func (a AddrSpec) Address() string

Address returns a string suitable to dial; prefer returning IP-based address, fallback to FQDN

func (*AddrSpec) String 

func (a *AddrSpec) String() string

type AddressRewriter 

type AddressRewriter interface {
	Rewrite(ctx context.Context, request *Request) (context.Context, *AddrSpec)
}

AddressRewriter is used to rewrite a destination transparently

type AuthContext 

type AuthContext struct {
	// Provided auth method
	Method uint8
	// Payload provided during negotiation.
	// Keys depend on the used auth method.
	// For UserPassauth contains Username
	Payload map[string]string
}

A Request encapsulates authentication state provided during negotiation

type Authenticator 

type Authenticator interface {
	Authenticate(reader io.Reader, writer io.Writer) (*AuthContext, error)
	GetCode() uint8
}

type Config 

type Config struct {
	// AuthMethods can be provided to implement custom authentication
	// By default, "auth-less" mode is enabled.
	// For password-based auth use UserPassAuthenticator.
	AuthMethods []Authenticator

	// If provided, username/password authentication is enabled,
	// by appending a UserPassAuthenticator to AuthMethods. If not provided,
	// and AUthMethods is nil, then "auth-less" mode is enabled.
	Credentials CredentialStore

	// Resolver can be provided to do custom name resolution.
	// Defaults to DNSResolver if not provided.
	Resolver NameResolver

	// Rules is provided to enable custom logic around permitting
	// various commands. If not provided, PermitAll is used.
	Rules RuleSet

	// Rewriter can be used to transparently rewrite addresses.
	// This is invoked before the RuleSet is invoked.
	// Defaults to NoRewrite.
	Rewriter AddressRewriter

	// BindIP is used for bind or udp associate
	BindIP net.IP

	// Logger can be used to provide a custom log target.
	// Defaults to stdout.
	Logger *log.Logger

	// Optional function for dialing out
	Dial func(ctx context.Context, network, addr string) (net.Conn, error)
}

Config is used to setup and configure a Server

type CredentialStore 

type CredentialStore interface {
	Valid(user, password string) bool
}

CredentialStore is used to support user/pass authentication

type DNSResolver 

type DNSResolver struct{}

DNSResolver uses the system DNS to resolve host names

func (DNSResolver) Resolve 

func (d DNSResolver) Resolve(ctx context.Context, name string) (context.Context, net.IP, error)

type MyData 

type MyData struct {
	Ato     time.Duration `json:"ato"`
	CongCtl struct {
		SSthresh          uint `json:"snd_ssthresh"`
		RcvThresh         uint `json:"rcv_ssthresh"`
		SenderWindowBytes uint `json:"snd_cwnd_bytes"`
		SenderWindowSegs  uint `json:"snd_cwnd_segs"`
	} `json:"cong_ctl"`
	FlowControl struct {
		ReceiverWindow uint `json:"rcv_wnd"`
	} `json:"flow_ctl"`
	LastDataReceived time.Duration `json:"last_data_rcvd"` // since last data received [FreeBSD and Linux]
	LastAckReceived  time.Duration `json:"last_ack_rcvd"`  // since last ack received [Linux only]
	LastDataSent     time.Duration `json:"last_data_sent"` // since last data sent [Linux only]
	Opts             struct {
		SACKPermitted bool `json:"sack"`
		Timestamps    bool `json:"tmstamps"`
		WindowScale   int  `json:"wscale"`
	} `json:"opts"`
	PeerOpts struct {
		SACKPermitted bool `json:"sack"`
		Timestamps    bool `json:"tmstamps"`
		WindowScale   int  `json:"wscale"`
	} `json:"peer_opts"`
	ReceiverMSS uint          `json:"rcv_mss"`
	RTO         time.Duration `json:"rto"`
	RTT         time.Duration `json:"rtt"`
	RTTVar      time.Duration `json:"rttvar"`
	SenderMSS   uint          `json:"snd_mss"`
	State       string        `json:"state"`
	System      struct {
		PathMTU                 uint          `json:"path_mtu"`           // path maximum transmission unit
		AdvertisedMSS           uint          `json:"adv_mss"`            // advertised maximum segment size
		CAState                 int           `json:"ca_state"`           // state of congestion avoidance
		Retransmissions         uint          `json:"rexmits"`            // # of retranmissions on timeout invoked
		Backoffs                uint          `json:"backoffs"`           // # of times retransmission backoff timer invoked
		WindowOrKeepAliveProbes uint          `json:"wnd_ka_probes"`      // # of window or keep alive probes sent
		UnackedSegs             uint          `json:"unacked_segs"`       // # of unack'd segments
		SackedSegs              uint          `json:"sacked_segs"`        // # of sack'd segments
		LostSegs                uint          `json:"lost_segs"`          // # of lost segments
		RetransSegs             uint          `json:"retrans_segs"`       // # of retransmitting segments in transmission queue
		ForwardAckSegs          uint          `json:"fack_segs"`          // # of forward ack segments in transmission queue
		ReorderedSegs           uint          `json:"reord_segs"`         // # of reordered segments allowed
		ReceiverRTT             time.Duration `json:"rcv_rtt"`            // current RTT for receiver
		TotalRetransSegs        uint          `json:"total_retrans_segs"` // # of retransmitted segments
		PacingRate              uint64        `json:"pacing_rate"`        // pacing rate
		ThruBytesAcked          uint64        `json:"thru_bytes_acked"`   // # of bytes for which cumulative acknowledgments have been received
		ThruBytesReceived       uint64        `json:"thru_bytes_rcvd"`    // # of bytes for which cumulative acknowledgments have been sent
		SegsOut                 uint          `json:"segs_out"`           // # of segments sent
		SegsIn                  uint          `json:"segs_in"`            // # of segments received
		NotSentBytes            uint          `json:"not_sent_bytes"`     // # of bytes not sent yet
		MinRTT                  time.Duration `json:"min_rtt"`            // current measured minimum RTT; zero means not available
		DataSegsOut             uint          `json:"data_segs_out"`      // # of segments sent containing a positive length data segment
		DataSegsIn              uint          `json:"data_segs_in"`       // # of segments received containing a positive length data segment
	} `json:"sys"`
}

MyData is OutPut Data Structure

type NameResolver 

type NameResolver interface {
	Resolve(ctx context.Context, name string) (context.Context, net.IP, error)
}

NameResolver is used to implement custom name resolution

type NoAuthAuthenticator 

type NoAuthAuthenticator struct{}

NoAuthAuthenticator is used to handle the "No Authentication" mode

func (NoAuthAuthenticator) Authenticate 

func (a NoAuthAuthenticator) Authenticate(reader io.Reader, writer io.Writer) (*AuthContext, error)

func (NoAuthAuthenticator) GetCode 

func (a NoAuthAuthenticator) GetCode() uint8

type PermitCommand 

type PermitCommand struct {
	EnableConnect   bool
	EnableBind      bool
	EnableAssociate bool
}

PermitCommand is an implementation of the RuleSet which enables filtering supported commands

func (*PermitCommand) Allow 

func (p *PermitCommand) Allow(ctx context.Context, req *Request) (context.Context, bool)

type Request 

type Request struct {
	// Protocol version
	Version uint8
	// Requested command
	Command uint8
	// AuthContext provided during negotiation
	AuthContext *AuthContext
	// AddrSpec of the the network that sent the request
	RemoteAddr *AddrSpec
	// AddrSpec of the desired destination
	DestAddr *AddrSpec
	// contains filtered or unexported fields
}

A Request represents request received by a server

func NewRequest 

func NewRequest(bufConn io.Reader) (*Request, error)

NewRequest creates a new Request from the tcp connection

type RuleSet 

type RuleSet interface {
	Allow(ctx context.Context, req *Request) (context.Context, bool)
}

RuleSet is used to provide custom rules to allow or prohibit actions

func PermitAll 

func PermitAll() RuleSet

PermitAll returns a RuleSet which allows all types of connections

func PermitNone 

func PermitNone() RuleSet

PermitNone returns a RuleSet which disallows all types of connections

type Server 

type Server struct {
	// contains filtered or unexported fields
}

Server is reponsible for accepting connections and handling the details of the SOCKS5 protocol

func New 

func New(conf *Config) (*Server, error)

New creates a new Server and potentially returns an error

func (*Server) ListenAndServe 

func (s *Server) ListenAndServe(network, addr string) error

ListenAndServe is used to create a listener and serve on it

func (*Server) Monitor 

func (s *Server) Monitor(tc *tcp.Conn)

Monitor monitors net.conn and shows tcp.infos

func (*Server) Serve 

func (s *Server) Serve(l net.Listener) error

Serve is used to serve connections from a listener

func (*Server) ServeConn 

func (s *Server) ServeConn(conn net.Conn) error

ServeConn is used to serve a single connection.

type StaticCredentials 

type StaticCredentials map[string]string

StaticCredentials enables using a map directly as a credential store

func (StaticCredentials) Valid 

func (s StaticCredentials) Valid(user, password string) bool

type UserPassAuthenticator 

type UserPassAuthenticator struct {
	Credentials CredentialStore
}

UserPassAuthenticator is used to handle username/password based authentication

func (UserPassAuthenticator) Authenticate 

func (a UserPassAuthenticator) Authenticate(reader io.Reader, writer io.Writer) (*AuthContext, error)

func (UserPassAuthenticator) GetCode 

func (a UserPassAuthenticator) GetCode() uint8

Source Files

View all Source files

Directories

Path Synopsis
cmd
server command
testclient command
testjson command

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.