x_net_proxy.go 13 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473
  1. // Code generated by golang.org/x/tools/cmd/bundle. DO NOT EDIT.
  2. //go:generate bundle -o x_net_proxy.go golang.org/x/net/proxy
  3. // Package proxy provides support for a variety of protocols to proxy network
  4. // data.
  5. //
  6. package websocket
  7. import (
  8. "errors"
  9. "io"
  10. "net"
  11. "net/url"
  12. "os"
  13. "strconv"
  14. "strings"
  15. "sync"
  16. )
  17. type proxy_direct struct{}
  18. // Direct is a direct proxy: one that makes network connections directly.
  19. var proxy_Direct = proxy_direct{}
  20. func (proxy_direct) Dial(network, addr string) (net.Conn, error) {
  21. return net.Dial(network, addr)
  22. }
  23. // A PerHost directs connections to a default Dialer unless the host name
  24. // requested matches one of a number of exceptions.
  25. type proxy_PerHost struct {
  26. def, bypass proxy_Dialer
  27. bypassNetworks []*net.IPNet
  28. bypassIPs []net.IP
  29. bypassZones []string
  30. bypassHosts []string
  31. }
  32. // NewPerHost returns a PerHost Dialer that directs connections to either
  33. // defaultDialer or bypass, depending on whether the connection matches one of
  34. // the configured rules.
  35. func proxy_NewPerHost(defaultDialer, bypass proxy_Dialer) *proxy_PerHost {
  36. return &proxy_PerHost{
  37. def: defaultDialer,
  38. bypass: bypass,
  39. }
  40. }
  41. // Dial connects to the address addr on the given network through either
  42. // defaultDialer or bypass.
  43. func (p *proxy_PerHost) Dial(network, addr string) (c net.Conn, err error) {
  44. host, _, err := net.SplitHostPort(addr)
  45. if err != nil {
  46. return nil, err
  47. }
  48. return p.dialerForRequest(host).Dial(network, addr)
  49. }
  50. func (p *proxy_PerHost) dialerForRequest(host string) proxy_Dialer {
  51. if ip := net.ParseIP(host); ip != nil {
  52. for _, net := range p.bypassNetworks {
  53. if net.Contains(ip) {
  54. return p.bypass
  55. }
  56. }
  57. for _, bypassIP := range p.bypassIPs {
  58. if bypassIP.Equal(ip) {
  59. return p.bypass
  60. }
  61. }
  62. return p.def
  63. }
  64. for _, zone := range p.bypassZones {
  65. if strings.HasSuffix(host, zone) {
  66. return p.bypass
  67. }
  68. if host == zone[1:] {
  69. // For a zone ".example.com", we match "example.com"
  70. // too.
  71. return p.bypass
  72. }
  73. }
  74. for _, bypassHost := range p.bypassHosts {
  75. if bypassHost == host {
  76. return p.bypass
  77. }
  78. }
  79. return p.def
  80. }
  81. // AddFromString parses a string that contains comma-separated values
  82. // specifying hosts that should use the bypass proxy. Each value is either an
  83. // IP address, a CIDR range, a zone (*.example.com) or a host name
  84. // (localhost). A best effort is made to parse the string and errors are
  85. // ignored.
  86. func (p *proxy_PerHost) AddFromString(s string) {
  87. hosts := strings.Split(s, ",")
  88. for _, host := range hosts {
  89. host = strings.TrimSpace(host)
  90. if len(host) == 0 {
  91. continue
  92. }
  93. if strings.Contains(host, "/") {
  94. // We assume that it's a CIDR address like 127.0.0.0/8
  95. if _, net, err := net.ParseCIDR(host); err == nil {
  96. p.AddNetwork(net)
  97. }
  98. continue
  99. }
  100. if ip := net.ParseIP(host); ip != nil {
  101. p.AddIP(ip)
  102. continue
  103. }
  104. if strings.HasPrefix(host, "*.") {
  105. p.AddZone(host[1:])
  106. continue
  107. }
  108. p.AddHost(host)
  109. }
  110. }
  111. // AddIP specifies an IP address that will use the bypass proxy. Note that
  112. // this will only take effect if a literal IP address is dialed. A connection
  113. // to a named host will never match an IP.
  114. func (p *proxy_PerHost) AddIP(ip net.IP) {
  115. p.bypassIPs = append(p.bypassIPs, ip)
  116. }
  117. // AddNetwork specifies an IP range that will use the bypass proxy. Note that
  118. // this will only take effect if a literal IP address is dialed. A connection
  119. // to a named host will never match.
  120. func (p *proxy_PerHost) AddNetwork(net *net.IPNet) {
  121. p.bypassNetworks = append(p.bypassNetworks, net)
  122. }
  123. // AddZone specifies a DNS suffix that will use the bypass proxy. A zone of
  124. // "example.com" matches "example.com" and all of its subdomains.
  125. func (p *proxy_PerHost) AddZone(zone string) {
  126. if strings.HasSuffix(zone, ".") {
  127. zone = zone[:len(zone)-1]
  128. }
  129. if !strings.HasPrefix(zone, ".") {
  130. zone = "." + zone
  131. }
  132. p.bypassZones = append(p.bypassZones, zone)
  133. }
  134. // AddHost specifies a host name that will use the bypass proxy.
  135. func (p *proxy_PerHost) AddHost(host string) {
  136. if strings.HasSuffix(host, ".") {
  137. host = host[:len(host)-1]
  138. }
  139. p.bypassHosts = append(p.bypassHosts, host)
  140. }
  141. // A Dialer is a means to establish a connection.
  142. type proxy_Dialer interface {
  143. // Dial connects to the given address via the proxy.
  144. Dial(network, addr string) (c net.Conn, err error)
  145. }
  146. // Auth contains authentication parameters that specific Dialers may require.
  147. type proxy_Auth struct {
  148. User, Password string
  149. }
  150. // FromEnvironment returns the dialer specified by the proxy related variables in
  151. // the environment.
  152. func proxy_FromEnvironment() proxy_Dialer {
  153. allProxy := proxy_allProxyEnv.Get()
  154. if len(allProxy) == 0 {
  155. return proxy_Direct
  156. }
  157. proxyURL, err := url.Parse(allProxy)
  158. if err != nil {
  159. return proxy_Direct
  160. }
  161. proxy, err := proxy_FromURL(proxyURL, proxy_Direct)
  162. if err != nil {
  163. return proxy_Direct
  164. }
  165. noProxy := proxy_noProxyEnv.Get()
  166. if len(noProxy) == 0 {
  167. return proxy
  168. }
  169. perHost := proxy_NewPerHost(proxy, proxy_Direct)
  170. perHost.AddFromString(noProxy)
  171. return perHost
  172. }
  173. // proxySchemes is a map from URL schemes to a function that creates a Dialer
  174. // from a URL with such a scheme.
  175. var proxy_proxySchemes map[string]func(*url.URL, proxy_Dialer) (proxy_Dialer, error)
  176. // RegisterDialerType takes a URL scheme and a function to generate Dialers from
  177. // a URL with that scheme and a forwarding Dialer. Registered schemes are used
  178. // by FromURL.
  179. func proxy_RegisterDialerType(scheme string, f func(*url.URL, proxy_Dialer) (proxy_Dialer, error)) {
  180. if proxy_proxySchemes == nil {
  181. proxy_proxySchemes = make(map[string]func(*url.URL, proxy_Dialer) (proxy_Dialer, error))
  182. }
  183. proxy_proxySchemes[scheme] = f
  184. }
  185. // FromURL returns a Dialer given a URL specification and an underlying
  186. // Dialer for it to make network requests.
  187. func proxy_FromURL(u *url.URL, forward proxy_Dialer) (proxy_Dialer, error) {
  188. var auth *proxy_Auth
  189. if u.User != nil {
  190. auth = new(proxy_Auth)
  191. auth.User = u.User.Username()
  192. if p, ok := u.User.Password(); ok {
  193. auth.Password = p
  194. }
  195. }
  196. switch u.Scheme {
  197. case "socks5":
  198. return proxy_SOCKS5("tcp", u.Host, auth, forward)
  199. }
  200. // If the scheme doesn't match any of the built-in schemes, see if it
  201. // was registered by another package.
  202. if proxy_proxySchemes != nil {
  203. if f, ok := proxy_proxySchemes[u.Scheme]; ok {
  204. return f(u, forward)
  205. }
  206. }
  207. return nil, errors.New("proxy: unknown scheme: " + u.Scheme)
  208. }
  209. var (
  210. proxy_allProxyEnv = &proxy_envOnce{
  211. names: []string{"ALL_PROXY", "all_proxy"},
  212. }
  213. proxy_noProxyEnv = &proxy_envOnce{
  214. names: []string{"NO_PROXY", "no_proxy"},
  215. }
  216. )
  217. // envOnce looks up an environment variable (optionally by multiple
  218. // names) once. It mitigates expensive lookups on some platforms
  219. // (e.g. Windows).
  220. // (Borrowed from net/http/transport.go)
  221. type proxy_envOnce struct {
  222. names []string
  223. once sync.Once
  224. val string
  225. }
  226. func (e *proxy_envOnce) Get() string {
  227. e.once.Do(e.init)
  228. return e.val
  229. }
  230. func (e *proxy_envOnce) init() {
  231. for _, n := range e.names {
  232. e.val = os.Getenv(n)
  233. if e.val != "" {
  234. return
  235. }
  236. }
  237. }
  238. // SOCKS5 returns a Dialer that makes SOCKSv5 connections to the given address
  239. // with an optional username and password. See RFC 1928 and RFC 1929.
  240. func proxy_SOCKS5(network, addr string, auth *proxy_Auth, forward proxy_Dialer) (proxy_Dialer, error) {
  241. s := &proxy_socks5{
  242. network: network,
  243. addr: addr,
  244. forward: forward,
  245. }
  246. if auth != nil {
  247. s.user = auth.User
  248. s.password = auth.Password
  249. }
  250. return s, nil
  251. }
  252. type proxy_socks5 struct {
  253. user, password string
  254. network, addr string
  255. forward proxy_Dialer
  256. }
  257. const proxy_socks5Version = 5
  258. const (
  259. proxy_socks5AuthNone = 0
  260. proxy_socks5AuthPassword = 2
  261. )
  262. const proxy_socks5Connect = 1
  263. const (
  264. proxy_socks5IP4 = 1
  265. proxy_socks5Domain = 3
  266. proxy_socks5IP6 = 4
  267. )
  268. var proxy_socks5Errors = []string{
  269. "",
  270. "general failure",
  271. "connection forbidden",
  272. "network unreachable",
  273. "host unreachable",
  274. "connection refused",
  275. "TTL expired",
  276. "command not supported",
  277. "address type not supported",
  278. }
  279. // Dial connects to the address addr on the given network via the SOCKS5 proxy.
  280. func (s *proxy_socks5) Dial(network, addr string) (net.Conn, error) {
  281. switch network {
  282. case "tcp", "tcp6", "tcp4":
  283. default:
  284. return nil, errors.New("proxy: no support for SOCKS5 proxy connections of type " + network)
  285. }
  286. conn, err := s.forward.Dial(s.network, s.addr)
  287. if err != nil {
  288. return nil, err
  289. }
  290. if err := s.connect(conn, addr); err != nil {
  291. conn.Close()
  292. return nil, err
  293. }
  294. return conn, nil
  295. }
  296. // connect takes an existing connection to a socks5 proxy server,
  297. // and commands the server to extend that connection to target,
  298. // which must be a canonical address with a host and port.
  299. func (s *proxy_socks5) connect(conn net.Conn, target string) error {
  300. host, portStr, err := net.SplitHostPort(target)
  301. if err != nil {
  302. return err
  303. }
  304. port, err := strconv.Atoi(portStr)
  305. if err != nil {
  306. return errors.New("proxy: failed to parse port number: " + portStr)
  307. }
  308. if port < 1 || port > 0xffff {
  309. return errors.New("proxy: port number out of range: " + portStr)
  310. }
  311. // the size here is just an estimate
  312. buf := make([]byte, 0, 6+len(host))
  313. buf = append(buf, proxy_socks5Version)
  314. if len(s.user) > 0 && len(s.user) < 256 && len(s.password) < 256 {
  315. buf = append(buf, 2 /* num auth methods */, proxy_socks5AuthNone, proxy_socks5AuthPassword)
  316. } else {
  317. buf = append(buf, 1 /* num auth methods */, proxy_socks5AuthNone)
  318. }
  319. if _, err := conn.Write(buf); err != nil {
  320. return errors.New("proxy: failed to write greeting to SOCKS5 proxy at " + s.addr + ": " + err.Error())
  321. }
  322. if _, err := io.ReadFull(conn, buf[:2]); err != nil {
  323. return errors.New("proxy: failed to read greeting from SOCKS5 proxy at " + s.addr + ": " + err.Error())
  324. }
  325. if buf[0] != 5 {
  326. return errors.New("proxy: SOCKS5 proxy at " + s.addr + " has unexpected version " + strconv.Itoa(int(buf[0])))
  327. }
  328. if buf[1] == 0xff {
  329. return errors.New("proxy: SOCKS5 proxy at " + s.addr + " requires authentication")
  330. }
  331. // See RFC 1929
  332. if buf[1] == proxy_socks5AuthPassword {
  333. buf = buf[:0]
  334. buf = append(buf, 1 /* password protocol version */)
  335. buf = append(buf, uint8(len(s.user)))
  336. buf = append(buf, s.user...)
  337. buf = append(buf, uint8(len(s.password)))
  338. buf = append(buf, s.password...)
  339. if _, err := conn.Write(buf); err != nil {
  340. return errors.New("proxy: failed to write authentication request to SOCKS5 proxy at " + s.addr + ": " + err.Error())
  341. }
  342. if _, err := io.ReadFull(conn, buf[:2]); err != nil {
  343. return errors.New("proxy: failed to read authentication reply from SOCKS5 proxy at " + s.addr + ": " + err.Error())
  344. }
  345. if buf[1] != 0 {
  346. return errors.New("proxy: SOCKS5 proxy at " + s.addr + " rejected username/password")
  347. }
  348. }
  349. buf = buf[:0]
  350. buf = append(buf, proxy_socks5Version, proxy_socks5Connect, 0 /* reserved */)
  351. if ip := net.ParseIP(host); ip != nil {
  352. if ip4 := ip.To4(); ip4 != nil {
  353. buf = append(buf, proxy_socks5IP4)
  354. ip = ip4
  355. } else {
  356. buf = append(buf, proxy_socks5IP6)
  357. }
  358. buf = append(buf, ip...)
  359. } else {
  360. if len(host) > 255 {
  361. return errors.New("proxy: destination host name too long: " + host)
  362. }
  363. buf = append(buf, proxy_socks5Domain)
  364. buf = append(buf, byte(len(host)))
  365. buf = append(buf, host...)
  366. }
  367. buf = append(buf, byte(port>>8), byte(port))
  368. if _, err := conn.Write(buf); err != nil {
  369. return errors.New("proxy: failed to write connect request to SOCKS5 proxy at " + s.addr + ": " + err.Error())
  370. }
  371. if _, err := io.ReadFull(conn, buf[:4]); err != nil {
  372. return errors.New("proxy: failed to read connect reply from SOCKS5 proxy at " + s.addr + ": " + err.Error())
  373. }
  374. failure := "unknown error"
  375. if int(buf[1]) < len(proxy_socks5Errors) {
  376. failure = proxy_socks5Errors[buf[1]]
  377. }
  378. if len(failure) > 0 {
  379. return errors.New("proxy: SOCKS5 proxy at " + s.addr + " failed to connect: " + failure)
  380. }
  381. bytesToDiscard := 0
  382. switch buf[3] {
  383. case proxy_socks5IP4:
  384. bytesToDiscard = net.IPv4len
  385. case proxy_socks5IP6:
  386. bytesToDiscard = net.IPv6len
  387. case proxy_socks5Domain:
  388. _, err := io.ReadFull(conn, buf[:1])
  389. if err != nil {
  390. return errors.New("proxy: failed to read domain length from SOCKS5 proxy at " + s.addr + ": " + err.Error())
  391. }
  392. bytesToDiscard = int(buf[0])
  393. default:
  394. return errors.New("proxy: got unknown address type " + strconv.Itoa(int(buf[3])) + " from SOCKS5 proxy at " + s.addr)
  395. }
  396. if cap(buf) < bytesToDiscard {
  397. buf = make([]byte, bytesToDiscard)
  398. } else {
  399. buf = buf[:bytesToDiscard]
  400. }
  401. if _, err := io.ReadFull(conn, buf); err != nil {
  402. return errors.New("proxy: failed to read address from SOCKS5 proxy at " + s.addr + ": " + err.Error())
  403. }
  404. // Also need to discard the port number
  405. if _, err := io.ReadFull(conn, buf[:2]); err != nil {
  406. return errors.New("proxy: failed to read port from SOCKS5 proxy at " + s.addr + ": " + err.Error())
  407. }
  408. return nil
  409. }