Browse Source

add tls tunnel

1.x
rui.zheng 11 years ago
parent
commit
90e17c84e9
  1. 2
      README.md
  2. 8
      client.go
  3. 80
      log.go
  4. 19
      main.go
  5. 6
      socks5.go
  6. 51
      tls.go
  7. 2
      version.go
  8. 2
      ws.go

2
README.md

@ -11,7 +11,7 @@ gost - GO Simple Tunnel
5. 多种加密方式(tls,aes-256-cfb,des-cfb,rc4-md5等)。
6. 客户端兼容shadowsocks协议,可作为shadowsocks服务器。
二进制文件下载:https://bintray.com/ginuerzh/gost/gost/view
二进制文件下载:https://github.com/ginuerzh/gost/releases
Google讨论组: https://groups.google.com/d/forum/go-gost

8
client.go

@ -6,6 +6,7 @@ import (
"crypto/tls"
"encoding/base64"
"encoding/binary"
//"encoding/hex"
"errors"
"fmt"
"github.com/ginuerzh/gosocks5"
@ -103,7 +104,11 @@ func makeTunnel() (c net.Conn, err error) {
if err != nil {
return
}
if UseWebsocket {
if UseTLS {
config := &tls.Config{InsecureSkipVerify: true}
c = tls.Client(c, config)
} else if UseWebsocket {
ws, resp, err := websocket.NewClient(c, &url.URL{Host: Saddr}, nil, 8192, 8192)
if err != nil {
c.Close()
@ -166,6 +171,7 @@ func cliHandle(conn net.Conn) {
req, err := http.ReadRequest(bufio.NewReader(newReqReader(b[:n], conn)))
if err != nil {
//log.Println(hex.Dump(b[:n]))
log.Println(err)
return
}

80
log.go

@ -1,80 +0,0 @@
package main
import (
"bytes"
"fmt"
"io"
"os"
)
var (
Debug bool
)
type BufferedLog struct {
buffer *bytes.Buffer
w io.WriteCloser
}
func NewLog(buffered bool) *BufferedLog {
log := &BufferedLog{
w: os.Stdout,
}
if buffered {
log.buffer = &bytes.Buffer{}
}
return log
}
func NewFileLog(file *os.File) *BufferedLog {
return &BufferedLog{
buffer: &bytes.Buffer{},
w: file,
}
}
func (log *BufferedLog) Log(a ...interface{}) (int, error) {
if !Debug {
return 0, nil
}
if log.buffer != nil {
return fmt.Fprint(log.buffer, a...)
}
return fmt.Fprint(log.w, a...)
}
func (log *BufferedLog) Logln(a ...interface{}) (int, error) {
if !Debug {
return 0, nil
}
if log.buffer != nil {
return fmt.Fprintln(log.buffer, a...)
}
return fmt.Fprintln(log.w, a...)
}
func (log *BufferedLog) Logf(format string, a ...interface{}) (int, error) {
if !Debug {
return 0, nil
}
if log.buffer != nil {
return fmt.Fprintf(log.buffer, format, a...)
}
return fmt.Fprintf(log.w, format, a...)
}
func (log *BufferedLog) Flush() error {
defer func() {
if log.w != os.Stdout {
log.w.Close()
}
}()
if !Debug || log.buffer == nil {
return nil
}
_, err := log.buffer.WriteTo(log.w)
return err
}

19
main.go

@ -9,13 +9,13 @@ import (
)
var (
Laddr, Saddr, Proxy string
UseWebsocket, UseHttp bool
Shadows bool
SMethod, SPassword string
Method, Password string
CertFile, KeyFile string
PrintVersion bool
Laddr, Saddr, Proxy string
UseWebsocket, UseHttp, UseTLS bool
Shadows bool
SMethod, SPassword string
Method, Password string
CertFile, KeyFile string
PrintVersion bool
proxyURL *url.URL
listenUrl *url.URL
@ -30,6 +30,7 @@ func init() {
flag.StringVar(&CertFile, "cert", "", "tls cert file")
flag.StringVar(&KeyFile, "key", "", "tls key file")
flag.BoolVar(&Shadows, "ss", false, "run as shadowsocks server")
flag.BoolVar(&UseTLS, "tls", false, "use ssl/tls tunnel")
flag.BoolVar(&UseWebsocket, "ws", false, "use websocket tunnel")
flag.BoolVar(&UseHttp, "http", false, "use http tunnel")
flag.StringVar(&SMethod, "sm", "rc4-md5", "shadowsocks cipher method")
@ -59,7 +60,9 @@ func main() {
if len(Saddr) == 0 {
var server Server
if UseWebsocket {
if UseTLS {
server = &TlsServer{Addr: laddr, CertFile: CertFile, KeyFile: KeyFile}
} else if UseWebsocket {
server = &WSServer{Addr: laddr}
} else if UseHttp {
server = &HttpServer{Addr: laddr}

6
socks5.go

@ -180,7 +180,7 @@ func serveSocks5(conn net.Conn) {
//log.Println("connect", req.Addr.String())
tconn, err := connect(req.Addr.String())
if err != nil {
log.Println(err)
log.Println("connect", req.Addr.String(), err)
gosocks5.NewReply(gosocks5.HostUnreachable, nil).Write(conn)
return
}
@ -198,6 +198,7 @@ func serveSocks5(conn net.Conn) {
l, err := net.ListenTCP("tcp", nil)
if err != nil {
gosocks5.NewReply(gosocks5.Failure, nil).Write(conn)
log.Println("bind listen", err)
return
}
@ -207,6 +208,7 @@ func serveSocks5(conn net.Conn) {
rep := gosocks5.NewReply(gosocks5.Succeeded, addr)
if err := rep.Write(conn); err != nil {
log.Println(err)
l.Close()
return
}
@ -233,7 +235,7 @@ func serveSocks5(conn net.Conn) {
case gosocks5.CmdUdp:
uconn, err := net.ListenUDP("udp", nil)
if err != nil {
log.Println(err)
log.Println("udp listen", err)
gosocks5.NewReply(gosocks5.Failure, nil).Write(conn)
return
}

51
tls.go

@ -0,0 +1,51 @@
package main
import (
"crypto/tls"
"github.com/ginuerzh/gosocks5"
"net"
)
type TlsServer struct {
Addr string
CertFile, KeyFile string
}
func (s *TlsServer) ListenAndServe() error {
return s.listenAndServeTLS()
}
func (s *TlsServer) listenAndServeTLS() error {
var cert tls.Certificate
var err error
if len(s.CertFile) == 0 || len(s.KeyFile) == 0 {
cert, err = tls.X509KeyPair([]byte(rawCert), []byte(rawKey))
} else {
cert, err = tls.LoadX509KeyPair(s.CertFile, s.KeyFile)
}
if err != nil {
return err
}
config := &tls.Config{Certificates: []tls.Certificate{cert}}
l, err := tls.Listen("tcp", s.Addr, config)
if err != nil {
return err
}
defer l.Close()
for {
conn, err := l.Accept()
if err != nil {
return err
}
go func(c net.Conn) {
c = gosocks5.ServerConn(c, serverConfig)
serveSocks5(c)
}(conn)
}
return nil
}

2
version.go

@ -5,7 +5,7 @@ import (
)
const (
Version = "1.7"
Version = "1.8"
)
func printVersion() {

2
ws.go

@ -64,7 +64,7 @@ func (s *WSServer) handle(w http.ResponseWriter, r *http.Request) {
log.Println(err)
return
}
defer conn.Close()
//defer conn.Close()
c := gosocks5.ServerConn(NewWSConn(conn), serverConfig)
/*

Loading…
Cancel
Save