mihomo/adapter/outbound/trojan.go

301 lines
8.1 KiB
Go
Raw Normal View History

2020-03-19 20:26:53 +08:00
package outbound
import (
"context"
"crypto/tls"
2020-03-19 20:26:53 +08:00
"fmt"
"net"
2021-10-16 20:19:59 +08:00
"net/http"
2020-03-19 20:26:53 +08:00
"strconv"
N "github.com/Dreamacro/clash/common/net"
2023-09-22 14:45:34 +08:00
"github.com/Dreamacro/clash/component/ca"
2020-03-19 20:26:53 +08:00
"github.com/Dreamacro/clash/component/dialer"
"github.com/Dreamacro/clash/component/proxydialer"
tlsC "github.com/Dreamacro/clash/component/tls"
2020-03-19 20:26:53 +08:00
C "github.com/Dreamacro/clash/constant"
2021-05-13 22:18:49 +08:00
"github.com/Dreamacro/clash/transport/gun"
"github.com/Dreamacro/clash/transport/trojan"
2020-03-19 20:26:53 +08:00
)
type Trojan struct {
*Base
instance *trojan.Trojan
2021-10-16 20:19:59 +08:00
option *TrojanOption
// for gun mux
gunTLSConfig *tls.Config
gunConfig *gun.Config
transport *gun.TransportWrap
2023-03-10 10:01:05 +08:00
realityConfig *tlsC.RealityConfig
2020-03-19 20:26:53 +08:00
}
2020-03-19 20:26:53 +08:00
type TrojanOption struct {
BasicOption
2023-03-08 17:18:46 +08:00
Name string `proxy:"name"`
Server string `proxy:"server"`
Port int `proxy:"port"`
Password string `proxy:"password"`
ALPN []string `proxy:"alpn,omitempty"`
SNI string `proxy:"sni,omitempty"`
SkipCertVerify bool `proxy:"skip-cert-verify,omitempty"`
Fingerprint string `proxy:"fingerprint,omitempty"`
UDP bool `proxy:"udp,omitempty"`
Network string `proxy:"network,omitempty"`
RealityOpts RealityOptions `proxy:"reality-opts,omitempty"`
GrpcOpts GrpcOptions `proxy:"grpc-opts,omitempty"`
WSOpts WSOptions `proxy:"ws-opts,omitempty"`
ClientFingerprint string `proxy:"client-fingerprint,omitempty"`
2021-10-16 20:19:59 +08:00
}
func (t *Trojan) plainStream(ctx context.Context, c net.Conn) (net.Conn, error) {
2021-10-16 20:19:59 +08:00
if t.option.Network == "ws" {
host, port, _ := net.SplitHostPort(t.addr)
wsOpts := &trojan.WebsocketOption{
Host: host,
Port: port,
Path: t.option.WSOpts.Path,
}
if t.option.SNI != "" {
wsOpts.Host = t.option.SNI
}
if len(t.option.WSOpts.Headers) != 0 {
header := http.Header{}
for key, value := range t.option.WSOpts.Headers {
header.Add(key, value)
}
wsOpts.Headers = header
}
return t.instance.StreamWebsocketConn(ctx, c, wsOpts)
2021-10-16 20:19:59 +08:00
}
return t.instance.StreamConn(ctx, c)
2020-03-19 20:26:53 +08:00
}
// StreamConnContext implements C.ProxyAdapter
func (t *Trojan) StreamConnContext(ctx context.Context, c net.Conn, metadata *C.Metadata) (net.Conn, error) {
var err error
if tlsC.HaveGlobalFingerprint() && len(t.option.ClientFingerprint) == 0 {
t.option.ClientFingerprint = tlsC.GetGlobalFingerprint()
}
if t.transport != nil {
2023-03-10 10:01:05 +08:00
c, err = gun.StreamGunWithConn(c, t.gunTLSConfig, t.gunConfig, t.realityConfig)
} else {
c, err = t.plainStream(ctx, c)
}
if err != nil {
return nil, fmt.Errorf("%s connect error: %w", t.addr, err)
}
2022-04-30 22:26:38 +08:00
if metadata.NetWork == C.UDP {
err = t.instance.WriteHeader(c, trojan.CommandUDP, serializesSocksAddr(metadata))
return c, err
}
err = t.instance.WriteHeader(c, trojan.CommandTCP, serializesSocksAddr(metadata))
return c, err
}
2021-04-29 11:23:14 +08:00
// DialContext implements C.ProxyAdapter
func (t *Trojan) DialContext(ctx context.Context, metadata *C.Metadata, opts ...dialer.Option) (_ C.Conn, err error) {
// gun transport
if t.transport != nil && len(opts) == 0 {
c, err := gun.StreamGunWithTransport(t.transport, t.gunConfig)
if err != nil {
return nil, err
}
if err = t.instance.WriteHeader(c, trojan.CommandTCP, serializesSocksAddr(metadata)); err != nil {
c.Close()
return nil, err
}
return NewConn(c, t), nil
}
2022-12-20 00:11:02 +08:00
return t.DialContextWithDialer(ctx, dialer.NewDialer(t.Base.DialOptions(opts...)...), metadata)
2022-12-19 21:34:07 +08:00
}
2022-12-19 21:34:07 +08:00
// DialContextWithDialer implements C.ProxyAdapter
func (t *Trojan) DialContextWithDialer(ctx context.Context, dialer C.Dialer, metadata *C.Metadata) (_ C.Conn, err error) {
if len(t.option.DialerProxy) > 0 {
dialer, err = proxydialer.NewByName(t.option.DialerProxy, dialer)
if err != nil {
return nil, err
}
}
2022-12-19 21:34:07 +08:00
c, err := dialer.DialContext(ctx, "tcp", t.addr)
2020-03-19 20:26:53 +08:00
if err != nil {
return nil, fmt.Errorf("%s connect error: %w", t.addr, err)
2020-03-19 20:26:53 +08:00
}
N.TCPKeepAlive(c)
2022-12-16 22:15:44 +08:00
defer func(c net.Conn) {
2022-12-13 13:20:40 +08:00
safeConnClose(c, err)
2022-12-16 22:15:44 +08:00
}(c)
c, err = t.StreamConnContext(ctx, c, metadata)
2020-03-19 20:26:53 +08:00
if err != nil {
return nil, err
2020-03-19 20:26:53 +08:00
}
return NewConn(c, t), err
2020-03-19 20:26:53 +08:00
}
// ListenPacketContext implements C.ProxyAdapter
func (t *Trojan) ListenPacketContext(ctx context.Context, metadata *C.Metadata, opts ...dialer.Option) (_ C.PacketConn, err error) {
var c net.Conn
// grpc transport
if t.transport != nil && len(opts) == 0 {
c, err = gun.StreamGunWithTransport(t.transport, t.gunConfig)
if err != nil {
return nil, fmt.Errorf("%s connect error: %w", t.addr, err)
}
defer func(c net.Conn) {
2022-12-13 13:20:40 +08:00
safeConnClose(c, err)
}(c)
2022-12-19 21:34:07 +08:00
err = t.instance.WriteHeader(c, trojan.CommandUDP, serializesSocksAddr(metadata))
2021-04-05 23:26:13 +08:00
if err != nil {
2022-12-19 21:34:07 +08:00
return nil, err
2021-04-05 23:26:13 +08:00
}
2022-12-19 21:34:07 +08:00
pc := t.instance.PacketConn(c)
return newPacketConn(pc, t), err
}
2022-12-20 00:11:02 +08:00
return t.ListenPacketWithDialer(ctx, dialer.NewDialer(t.Base.DialOptions(opts...)...), metadata)
2022-12-19 21:34:07 +08:00
}
// ListenPacketWithDialer implements C.ProxyAdapter
func (t *Trojan) ListenPacketWithDialer(ctx context.Context, dialer C.Dialer, metadata *C.Metadata) (_ C.PacketConn, err error) {
if len(t.option.DialerProxy) > 0 {
dialer, err = proxydialer.NewByName(t.option.DialerProxy, dialer)
if err != nil {
return nil, err
}
}
2022-12-19 21:34:07 +08:00
c, err := dialer.DialContext(ctx, "tcp", t.addr)
if err != nil {
return nil, fmt.Errorf("%s connect error: %w", t.addr, err)
}
defer func(c net.Conn) {
2022-12-19 21:34:07 +08:00
safeConnClose(c, err)
}(c)
N.TCPKeepAlive(c)
c, err = t.plainStream(ctx, c)
2022-12-19 21:34:07 +08:00
if err != nil {
return nil, fmt.Errorf("%s connect error: %w", t.addr, err)
}
2022-05-02 06:27:45 +08:00
err = t.instance.WriteHeader(c, trojan.CommandUDP, serializesSocksAddr(metadata))
if err != nil {
return nil, err
}
pc := t.instance.PacketConn(c)
return newPacketConn(pc, t), err
}
2022-12-19 21:34:07 +08:00
// SupportWithDialer implements C.ProxyAdapter
func (t *Trojan) SupportWithDialer() C.NetWork {
return C.ALLNet
2022-12-19 21:34:07 +08:00
}
// ListenPacketOnStreamConn implements C.ProxyAdapter
func (t *Trojan) ListenPacketOnStreamConn(c net.Conn, metadata *C.Metadata) (_ C.PacketConn, err error) {
2020-03-19 20:26:53 +08:00
pc := t.instance.PacketConn(c)
return newPacketConn(pc, t), err
2020-03-19 20:26:53 +08:00
}
// SupportUOT implements C.ProxyAdapter
func (t *Trojan) SupportUOT() bool {
return true
}
2020-03-19 20:26:53 +08:00
func NewTrojan(option TrojanOption) (*Trojan, error) {
addr := net.JoinHostPort(option.Server, strconv.Itoa(option.Port))
2020-03-19 20:26:53 +08:00
tOption := &trojan.Option{
Password: option.Password,
ALPN: option.ALPN,
ServerName: option.Server,
SkipCertVerify: option.SkipCertVerify,
Fingerprint: option.Fingerprint,
ClientFingerprint: option.ClientFingerprint,
2022-03-30 00:15:39 +08:00
}
2020-03-19 20:26:53 +08:00
if option.SNI != "" {
tOption.ServerName = option.SNI
}
t := &Trojan{
2020-03-19 20:26:53 +08:00
Base: &Base{
2022-08-28 13:41:19 +08:00
name: option.Name,
addr: addr,
tp: C.Trojan,
udp: option.UDP,
2023-02-24 13:53:44 +08:00
tfo: option.TFO,
2023-08-09 16:57:39 +08:00
mpTcp: option.MPTCP,
2022-08-28 13:41:19 +08:00
iface: option.Interface,
rmark: option.RoutingMark,
prefer: C.NewDNSPrefer(option.IPVersion),
2020-03-19 20:26:53 +08:00
},
instance: trojan.New(tOption),
2021-10-16 20:19:59 +08:00
option: &option,
}
2023-03-10 10:01:05 +08:00
var err error
t.realityConfig, err = option.RealityOpts.Parse()
if err != nil {
return nil, err
}
tOption.Reality = t.realityConfig
if option.Network == "grpc" {
dialFn := func(network, addr string) (net.Conn, error) {
var err error
var cDialer C.Dialer = dialer.NewDialer(t.Base.DialOptions()...)
if len(t.option.DialerProxy) > 0 {
cDialer, err = proxydialer.NewByName(t.option.DialerProxy, cDialer)
if err != nil {
return nil, err
}
}
c, err := cDialer.DialContext(context.Background(), "tcp", t.addr)
if err != nil {
return nil, fmt.Errorf("%s connect error: %s", t.addr, err.Error())
}
N.TCPKeepAlive(c)
return c, nil
}
2022-07-11 13:42:28 +08:00
tlsConfig := &tls.Config{
NextProtos: option.ALPN,
MinVersion: tls.VersionTLS12,
InsecureSkipVerify: tOption.SkipCertVerify,
ServerName: tOption.ServerName,
2022-07-11 13:42:28 +08:00
}
2023-09-22 14:45:34 +08:00
var err error
tlsConfig, err = ca.GetSpecifiedFingerprintTLSConfig(tlsConfig, option.Fingerprint)
if err != nil {
return nil, err
2022-07-11 13:42:28 +08:00
}
2023-03-10 10:01:05 +08:00
t.transport = gun.NewHTTP2Client(dialFn, tlsConfig, tOption.ClientFingerprint, t.realityConfig)
2022-03-30 00:15:39 +08:00
t.gunTLSConfig = tlsConfig
t.gunConfig = &gun.Config{
ServiceName: option.GrpcOpts.GrpcServiceName,
Host: tOption.ServerName,
}
}
return t, nil
2020-03-19 20:26:53 +08:00
}