forked from ARwMq9b6/dnsproxy
-
Notifications
You must be signed in to change notification settings - Fork 0
/
proxyserve.go
357 lines (314 loc) · 8.98 KB
/
proxyserve.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
package dnsproxy
import (
"bufio"
"bytes"
"io"
"net"
"net/http"
"time"
"github.com/ARwMq9b6/libgost"
"github.com/ginuerzh/gosocks5"
"github.com/golang/glog"
"github.com/miekg/dns"
"github.com/pkg/errors"
)
func ServeProxy(laddr string, proxy, direct *gost.ProxyChain) error {
if ok := _DEFAULT_GLOBALS_VALIDATOR.validate(); !ok {
return errors.New("global vars are uninitialized")
}
return serveProxy(laddr, proxy, direct)
}
func serveProxy(laddr string, proxy, direct *gost.ProxyChain) error {
serverProxy := gost.NewProxyServer(gost.ProxyNode{}, proxy, nil)
serverDirect := gost.NewProxyServer(gost.ProxyNode{}, direct, nil)
servers := map[transport]*gost.ProxyServer{
_TRANS_PROXY: serverProxy,
_TRANS_DIRECT: serverDirect,
}
l, err := net.Listen("tcp", laddr)
if err != nil {
return errors.WithStack(err)
}
for {
conn, err := l.Accept()
if err != nil {
glog.Error(err)
}
go func(conn net.Conn) {
if err := handleProxyConn(conn, serverProxy, serverDirect, servers); err != nil {
var st errors.StackTrace
type stackTracer interface {
StackTrace() errors.StackTrace
}
if e, ok := err.(stackTracer); ok {
st = e.StackTrace()
}
glog.Errorf("%s%+v\n", err, st)
}
}(conn)
}
}
func handleProxyConn(conn net.Conn, serverProxy, serverDirect *gost.ProxyServer, servers map[transport]*gost.ProxyServer) error {
defer conn.Close()
b := make([]byte, gost.MediumBufferSize)
n, err := io.ReadAtLeast(conn, b, 2)
if err != nil && err != io.EOF {
return errors.WithStack(err)
}
var reqer requester
conn = newConnLeftAppendReader(conn, bytes.NewReader(b[:n]))
if b[0] == gosocks5.Ver5 {
conn = gosocks5.ServerConn(conn, serverProxy.Selector)
req, err := gosocks5.ReadRequest(conn)
if err != nil {
return errors.WithStack(err)
}
reqer = newSocks5Request(req, conn)
} else {
req, err := http.ReadRequest(bufio.NewReader(conn))
if err != nil {
return errors.WithStack(err)
}
reqer = newHTTPRequest(req, conn)
}
// switch req.Addr.Type:
// case AddrIPv4, typ == AddrIPv6:
// -> 去 DNS 缓存里找是直连还是代理
// —> 找到
// -> 根据得到的策略执行直连或代理
// -> 未找到
// -> 中国 IP 直连,外国 IP 代理
// case AddrDomain:
// -> 尝试在缓存中找域名信息
// -> 找到 -> 根据策略进行直连或代理
// -> 未找到
// -> 判断域名是否在 gfw list 中
// -> 是
// -> 直接代理(不 DNS 解析)
// -> 否
// -> 检查域名是否在 china ip list 中
// -> 是 -> 使用 china dns sever 解析 -> 直连
// -> 否
// -> 使用 edns0 china + abroad dns server 解析
// -> 成功
// -> 判断是否返回中国 IP
// -> 是
// -> 使用 china dns sever 解析 -> 直连
// -> 否 -> 直接代理(不 DNS 解析)
// -> 失败
// —> 使用 china dns server 解析
// -> 判断是否返回中国 IP
// -> 是 -> 直连
// -> 否 -> 直接代理(不 DNS 解析)
ps, err := func() (*gost.ProxyServer, error) {
switch reqer.getAddrType() {
case AddrIPv4, AddrIPv6:
host := reqer.getHostName()
trans, ok := _DEFAULT_IPCACHE.Get(host)
if !ok {
ip := net.ParseIP(host)
if ip.To4() != nil && _IP_MATCH_CHINESE_MAINLAND(ip) {
trans = _TRANS_DIRECT
} else {
trans = _TRANS_PROXY
}
_DEFAULT_IPCACHE.Add(host, trans)
}
return servers[trans], nil
case AddrDomain:
domain := reqer.getHostName()
// try to get domain info from cache
if item, ok := _DEFAULT_DOMAINCACHE.Get(domain); ok {
if item.trans == _TRANS_DIRECT {
switch v := item.ans.(type) {
case *dns.A:
reqer.setRedirect(v.A)
case *dns.AAAA:
reqer.setRedirect(v.AAAA)
default:
return nil, errors.New("unreachable!")
}
}
return servers[item.trans], nil
}
matchGfw := _DEFAULT_DOMAIN_MATCHER.MatchGFW(domain)
matchObedient := _DEFAULT_DOMAIN_MATCHER.MatchObedient(domain)
switch {
case matchGfw:
return serverProxy, nil
case matchObedient:
resp, err := _DNSSTRANSPORT_OBEDIENT.legallySpawnQuery(domain, dns.TypeA)
if ans, ip := MsgExtractAnswer(resp); err == nil && ans != nil {
reqer.setRedirect(ip)
_DEFAULT_IPCACHE.Add(ip.String(), _TRANS_DIRECT)
_DEFAULT_DOMAINCACHE.Add(domain, ans, _TRANS_DIRECT)
}
return serverDirect, nil
default:
// abroad query with local ip
resp, err := _DNSSTRANSPORT_ABROAD.legallySpawnQuery(domain, dns.TypeA, _DNS_SUBNET_LOCAL_IP)
if ans, ip := MsgExtractAnswer(resp); err == nil && ans != nil {
// succeeded to abroad query with local ip
var trans transport
if ip.To4() != nil && _IP_MATCH_CHINESE_MAINLAND(ip) {
// is Chinese mainland ipv4
trans = _TRANS_DIRECT
// try to query obedient dns server to improve `a` quality
resp, err = _DNSSTRANSPORT_OBEDIENT.legallySpawnQuery(domain, dns.TypeA)
if _ans, _ip := MsgExtractAnswer(resp); err == nil && _ans != nil {
ans = _ans
ip = _ip
}
reqer.setRedirect(ip)
} else { // ipv6 or abroad ipv4
trans = _TRANS_PROXY
// do not change the host name or addr type
}
_DEFAULT_DOMAINCACHE.Add(domain, ans, trans)
_DEFAULT_IPCACHE.Add(ip.String(), trans)
return servers[trans], nil
} else { // failed to abroad query with local ip
// try to query with obedient dns server
resp, err = _DNSSTRANSPORT_OBEDIENT.legallySpawnQuery(domain, dns.TypeA)
if ans, ip := MsgExtractAnswer(resp); err == nil && ans != nil {
var trans transport
if ip.To4() != nil && _IP_MATCH_CHINESE_MAINLAND(ip) {
trans = _TRANS_DIRECT
reqer.setRedirect(ip)
} else { // ipv6 or abroad ipv4
trans = _TRANS_PROXY
}
_DEFAULT_IPCACHE.Add(ip.String(), trans)
_DEFAULT_DOMAINCACHE.Add(domain, ans, trans)
return servers[trans], nil
} else {
// all queries failed
return serverProxy, nil
}
}
}
}
return nil, nil
}()
if err != nil {
return err
}
reqer.setProxyServer(ps)
reqer.exec()
return nil
}
const (
AddrIPv4 uint8 = gosocks5.AddrIPv4
AddrDomain = gosocks5.AddrDomain
AddrIPv6 = gosocks5.AddrIPv6
)
type requester interface {
getHostName() string
getAddrType() uint8
setRedirect(ip net.IP)
setProxyServer(*gost.ProxyServer)
exec()
}
type socks5Request struct {
req *gosocks5.Request
conn net.Conn
proxy *gost.ProxyServer
}
func newSocks5Request(req *gosocks5.Request, conn net.Conn) *socks5Request {
return &socks5Request{req: req, conn: conn, proxy: nil}
}
func (r *socks5Request) setRedirect(ip net.IP) {
var addrType uint8
if ip.To4() != nil {
addrType = AddrIPv4
} else {
addrType = AddrIPv6
}
r.req.Addr.Type = addrType
r.req.Addr.Host = ip.String()
}
func (r *socks5Request) getHostName() string {
return r.req.Addr.Host
}
func (r *socks5Request) getAddrType() uint8 {
return r.req.Addr.Type
}
func (r *socks5Request) setProxyServer(ps *gost.ProxyServer) {
r.proxy = ps
}
func (r *socks5Request) exec() {
gost.NewSocks5Server(r.conn, r.proxy).HandleRequest(r.req)
}
type httpRequest struct {
req *http.Request
conn net.Conn
proxy *gost.ProxyServer
}
func newHTTPRequest(req *http.Request, conn net.Conn) *httpRequest {
return &httpRequest{req: req, conn: conn, proxy: nil}
}
func (r *httpRequest) setRedirect(_ net.IP) {
// TODO: make it come true
}
func (r *httpRequest) getHostName() string {
return r.req.URL.Hostname()
}
func (r *httpRequest) getAddrType() uint8 {
if ip := net.ParseIP(r.req.URL.Hostname()); ip != nil {
if ip.To4() != nil {
return AddrIPv4
}
return AddrIPv6
}
return AddrDomain
}
func (r *httpRequest) setProxyServer(ps *gost.ProxyServer) {
r.proxy = ps
}
func (r *httpRequest) exec() {
gost.NewHttpServer(r.conn, r.proxy).HandleRequest(r.req)
}
type connLeftAppendReader struct {
r io.Reader
reof bool // `r` match io.EOF
conn net.Conn
}
func newConnLeftAppendReader(conn net.Conn, r io.Reader) *connLeftAppendReader {
return &connLeftAppendReader{r: r, conn: conn}
}
// --- impl net.Conn for *connLeftAppendReader {
func (cc *connLeftAppendReader) Read(b []byte) (n int, err error) {
if !cc.reof {
n, err = cc.r.Read(b)
if err == nil {
return n, nil
}
if err == io.EOF {
cc.reof = true
return n, nil
}
return n, err
}
return cc.conn.Read(b)
}
func (cc *connLeftAppendReader) Write(b []byte) (n int, err error) {
return cc.conn.Write(b)
}
func (cc *connLeftAppendReader) Close() error {
return cc.conn.Close()
}
func (cc *connLeftAppendReader) LocalAddr() net.Addr {
return cc.conn.LocalAddr()
}
func (cc *connLeftAppendReader) RemoteAddr() net.Addr {
return cc.conn.RemoteAddr()
}
func (cc *connLeftAppendReader) SetDeadline(t time.Time) error {
return cc.conn.SetDeadline(t)
}
func (cc *connLeftAppendReader) SetReadDeadline(t time.Time) error {
return cc.conn.SetReadDeadline(t)
}
func (cc *connLeftAppendReader) SetWriteDeadline(t time.Time) error {
return cc.conn.SetWriteDeadline(t)
}