Add shadowtls v2 support
This commit is contained in:
世界
40
transport/shadowtls/client.go
Normal file
40
transport/shadowtls/client.go
Normal file
@@ -0,0 +1,40 @@
|
||||
package shadowtls
|
||||
|
||||
import (
|
||||
"github.com/sagernet/sing/common/buf"
|
||||
"github.com/sagernet/sing/common/bufio"
|
||||
N "github.com/sagernet/sing/common/network"
|
||||
)
|
||||
|
||||
var _ N.VectorisedWriter = (*ClientConn)(nil)
|
||||
|
||||
type ClientConn struct {
|
||||
*Conn
|
||||
hashConn *HashReadConn
|
||||
}
|
||||
|
||||
func NewClientConn(hashConn *HashReadConn) *ClientConn {
|
||||
return &ClientConn{NewConn(hashConn.Conn), hashConn}
|
||||
}
|
||||
|
||||
func (c *ClientConn) Write(p []byte) (n int, err error) {
|
||||
if c.hashConn != nil {
|
||||
sum := c.hashConn.Sum()
|
||||
c.hashConn = nil
|
||||
_, err = bufio.WriteVectorised(c.Conn, [][]byte{sum, p})
|
||||
if err == nil {
|
||||
n = len(p)
|
||||
}
|
||||
return
|
||||
}
|
||||
return c.Conn.Write(p)
|
||||
}
|
||||
|
||||
func (c *ClientConn) WriteVectorised(buffers []*buf.Buffer) error {
|
||||
if c.hashConn != nil {
|
||||
sum := c.hashConn.Sum()
|
||||
c.hashConn = nil
|
||||
return c.Conn.WriteVectorised(append([]*buf.Buffer{buf.As(sum)}, buffers...))
|
||||
}
|
||||
return c.Conn.WriteVectorised(buffers)
|
||||
}
|
||||
96
transport/shadowtls/conn.go
Normal file
96
transport/shadowtls/conn.go
Normal file
@@ -0,0 +1,96 @@
|
||||
package shadowtls
|
||||
|
||||
import (
|
||||
"encoding/binary"
|
||||
"io"
|
||||
"net"
|
||||
|
||||
"github.com/sagernet/sing-box/common/tls"
|
||||
"github.com/sagernet/sing/common"
|
||||
"github.com/sagernet/sing/common/buf"
|
||||
"github.com/sagernet/sing/common/bufio"
|
||||
N "github.com/sagernet/sing/common/network"
|
||||
)
|
||||
|
||||
var (
|
||||
_ N.ExtendedConn = (*Conn)(nil)
|
||||
_ N.VectorisedWriter = (*Conn)(nil)
|
||||
)
|
||||
|
||||
type Conn struct {
|
||||
N.ExtendedConn
|
||||
writer N.VectorisedWriter
|
||||
readRemaining int
|
||||
}
|
||||
|
||||
func NewConn(conn net.Conn) *Conn {
|
||||
return &Conn{
|
||||
ExtendedConn: bufio.NewExtendedConn(conn),
|
||||
writer: bufio.NewVectorisedWriter(conn),
|
||||
}
|
||||
}
|
||||
|
||||
func (c *Conn) Read(p []byte) (n int, err error) {
|
||||
if c.readRemaining > 0 {
|
||||
if len(p) > c.readRemaining {
|
||||
p = p[:c.readRemaining]
|
||||
}
|
||||
n, err = c.ExtendedConn.Read(p)
|
||||
c.readRemaining -= n
|
||||
return
|
||||
}
|
||||
var tlsHeader [5]byte
|
||||
_, err = io.ReadFull(c.ExtendedConn, common.Dup(tlsHeader[:]))
|
||||
if err != nil {
|
||||
return
|
||||
}
|
||||
length := int(binary.BigEndian.Uint16(tlsHeader[3:5]))
|
||||
readLen := len(p)
|
||||
if readLen > length {
|
||||
readLen = length
|
||||
}
|
||||
n, err = c.ExtendedConn.Read(p[:readLen])
|
||||
if err != nil {
|
||||
return
|
||||
}
|
||||
c.readRemaining = length - n
|
||||
return
|
||||
}
|
||||
|
||||
func (c *Conn) Write(p []byte) (n int, err error) {
|
||||
var header [5]byte
|
||||
defer common.KeepAlive(header)
|
||||
header[0] = 23
|
||||
for len(p) > 16384 {
|
||||
binary.BigEndian.PutUint16(header[1:3], tls.VersionTLS12)
|
||||
binary.BigEndian.PutUint16(header[3:5], uint16(16384))
|
||||
_, err = bufio.WriteVectorised(c.writer, [][]byte{common.Dup(header[:]), p[:16384]})
|
||||
common.KeepAlive(header)
|
||||
if err != nil {
|
||||
return
|
||||
}
|
||||
n += 16384
|
||||
p = p[16384:]
|
||||
}
|
||||
binary.BigEndian.PutUint16(header[1:3], tls.VersionTLS12)
|
||||
binary.BigEndian.PutUint16(header[3:5], uint16(len(p)))
|
||||
_, err = bufio.WriteVectorised(c.writer, [][]byte{common.Dup(header[:]), p})
|
||||
if err == nil {
|
||||
n += len(p)
|
||||
}
|
||||
return
|
||||
}
|
||||
|
||||
func (c *Conn) WriteVectorised(buffers []*buf.Buffer) error {
|
||||
var header [5]byte
|
||||
defer common.KeepAlive(header)
|
||||
header[0] = 23
|
||||
dataLen := buf.LenMulti(buffers)
|
||||
binary.BigEndian.PutUint16(header[1:3], tls.VersionTLS12)
|
||||
binary.BigEndian.PutUint16(header[3:5], uint16(dataLen))
|
||||
return c.writer.WriteVectorised(append([]*buf.Buffer{buf.As(header[:])}, buffers...))
|
||||
}
|
||||
|
||||
func (c *Conn) Upstream() any {
|
||||
return c.ExtendedConn
|
||||
}
|
||||
60
transport/shadowtls/hash.go
Normal file
60
transport/shadowtls/hash.go
Normal file
@@ -0,0 +1,60 @@
|
||||
package shadowtls
|
||||
|
||||
import (
|
||||
"crypto/hmac"
|
||||
"crypto/sha1"
|
||||
"hash"
|
||||
"net"
|
||||
)
|
||||
|
||||
type HashReadConn struct {
|
||||
net.Conn
|
||||
hmac hash.Hash
|
||||
}
|
||||
|
||||
func NewHashReadConn(conn net.Conn, password string) *HashReadConn {
|
||||
return &HashReadConn{
|
||||
conn,
|
||||
hmac.New(sha1.New, []byte(password)),
|
||||
}
|
||||
}
|
||||
|
||||
func (c *HashReadConn) Read(b []byte) (n int, err error) {
|
||||
n, err = c.Conn.Read(b)
|
||||
if err != nil {
|
||||
return
|
||||
}
|
||||
_, err = c.hmac.Write(b[:n])
|
||||
return
|
||||
}
|
||||
|
||||
func (c *HashReadConn) Sum() []byte {
|
||||
return c.hmac.Sum(nil)[:8]
|
||||
}
|
||||
|
||||
type HashWriteConn struct {
|
||||
net.Conn
|
||||
hmac hash.Hash
|
||||
}
|
||||
|
||||
func NewHashWriteConn(conn net.Conn, password string) *HashWriteConn {
|
||||
return &HashWriteConn{
|
||||
conn,
|
||||
hmac.New(sha1.New, []byte(password)),
|
||||
}
|
||||
}
|
||||
|
||||
func (c *HashWriteConn) Write(p []byte) (n int, err error) {
|
||||
if c.hmac != nil {
|
||||
c.hmac.Write(p)
|
||||
}
|
||||
return c.Conn.Write(p)
|
||||
}
|
||||
|
||||
func (c *HashWriteConn) Sum() []byte {
|
||||
return c.hmac.Sum(nil)[:8]
|
||||
}
|
||||
|
||||
func (c *HashWriteConn) Fallback() {
|
||||
c.hmac = nil
|
||||
}
|
||||
Reference in New Issue
Block a user