andre/mihomo
1
0
Fork 0
mirror of https://github.com/MetaCubeX/mihomo.git synced 2026-02-26 16:57:08 +00:00
Code Issues Packages Projects Releases Wiki Activity

chore: Add InUser for http/socks/mixed

Browse Source
This commit is contained in:
xishang0128
2024-04-25 11:48:53 +08:00
parent 2f8f139f7c
commit 8ff56b5bb8
4 changed files with 16 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
listener/http/proxy.go
View File

@@ -51,8 +51,8 @@ func HandleConn(c net.Conn, tunnel C.Tunnel, cache *lru.LruCache[string, bool],
var resp *http.Response
if !trusted {
resp = authenticate(request, cache)
resp, user := authenticate(request, cache)
additions = append(additions, inbound.WithInUser(user))
trusted = resp == nil
}
@@ -130,7 +130,7 @@ func HandleConn(c net.Conn, tunnel C.Tunnel, cache *lru.LruCache[string, bool],
_ = conn.Close()
}
func authenticate(request *http.Request, cache *lru.LruCache[string, bool]) *http.Response {
func authenticate(request *http.Request, cache *lru.LruCache[string, bool]) (resp *http.Response, u string) {
authenticator := authStore.Authenticator()
if inbound.SkipAuthRemoteAddress(request.RemoteAddr) {
authenticator = nil
@@ -140,23 +140,24 @@ func authenticate(request *http.Request, cache *lru.LruCache[string, bool]) *htt
if credential == "" {
resp := responseWith(request, http.StatusProxyAuthRequired)
resp.Header.Set("Proxy-Authenticate", "Basic")
return resp
return resp, ""
}
authed, exist := cache.Get(credential)
if !exist {
user, pass, err := decodeBasicProxyAuthorization(credential)
authed = err == nil && authenticator.Verify(user, pass)
u = user
cache.Set(credential, authed)
}
if !authed {
log.Infoln("Auth failed from %s", request.RemoteAddr)
return responseWith(request, http.StatusForbidden)
return responseWith(request, http.StatusForbidden), u
}
}
return nil
return nil, u
}
func responseWith(request *http.Request, statusCode int) *http.Response {

6
listener/socks/tcp.go
View File

@@ -98,11 +98,12 @@ func HandleSocks4(conn net.Conn, tunnel C.Tunnel, additions ...inbound.Addition)
if inbound.SkipAuthRemoteAddr(conn.RemoteAddr()) {
authenticator = nil
}
addr, _, err := socks4.ServerHandshake(conn, authenticator)
addr, _, user, err := socks4.ServerHandshake(conn, authenticator)
if err != nil {
conn.Close()
return
}
additions = append(additions, inbound.WithInUser(user))
tunnel.HandleTCPConn(inbound.NewSocket(socks5.ParseAddr(addr), conn, C.SOCKS4, additions...))
}
@@ -111,7 +112,7 @@ func HandleSocks5(conn net.Conn, tunnel C.Tunnel, additions ...inbound.Addition)
if inbound.SkipAuthRemoteAddr(conn.RemoteAddr()) {
authenticator = nil
}
target, command, err := socks5.ServerHandshake(conn, authenticator)
target, command, user, err := socks5.ServerHandshake(conn, authenticator)
if err != nil {
conn.Close()
return
@@ -121,5 +122,6 @@ func HandleSocks5(conn net.Conn, tunnel C.Tunnel, additions ...inbound.Addition)
io.Copy(io.Discard, conn)
return
}
additions = append(additions, inbound.WithInUser(user))
tunnel.HandleTCPConn(inbound.NewSocket(target, conn, C.SOCKS5, additions...))
}