2024-11-02 00:39:02 +08:00
|
|
|
package trojan
|
2022-08-08 08:56:04 +08:00
|
|
|
|
|
|
|
import (
|
|
|
|
"context"
|
|
|
|
"net"
|
|
|
|
"os"
|
|
|
|
|
|
|
|
"github.com/sagernet/sing-box/adapter"
|
2024-11-02 00:39:02 +08:00
|
|
|
"github.com/sagernet/sing-box/adapter/inbound"
|
|
|
|
"github.com/sagernet/sing-box/common/listener"
|
2023-11-08 12:09:22 +08:00
|
|
|
"github.com/sagernet/sing-box/common/mux"
|
2022-09-09 18:45:10 +08:00
|
|
|
"github.com/sagernet/sing-box/common/tls"
|
2022-08-08 08:56:04 +08:00
|
|
|
C "github.com/sagernet/sing-box/constant"
|
|
|
|
"github.com/sagernet/sing-box/log"
|
|
|
|
"github.com/sagernet/sing-box/option"
|
2022-11-25 22:30:37 +08:00
|
|
|
"github.com/sagernet/sing-box/transport/trojan"
|
2022-08-23 12:11:56 +08:00
|
|
|
"github.com/sagernet/sing-box/transport/v2ray"
|
2022-08-08 08:56:04 +08:00
|
|
|
"github.com/sagernet/sing/common"
|
|
|
|
"github.com/sagernet/sing/common/auth"
|
|
|
|
E "github.com/sagernet/sing/common/exceptions"
|
|
|
|
F "github.com/sagernet/sing/common/format"
|
2022-08-20 20:54:20 +08:00
|
|
|
M "github.com/sagernet/sing/common/metadata"
|
2022-08-08 08:56:04 +08:00
|
|
|
N "github.com/sagernet/sing/common/network"
|
|
|
|
)
|
|
|
|
|
2024-11-02 00:39:02 +08:00
|
|
|
func RegisterInbound(registry *inbound.Registry) {
|
|
|
|
inbound.Register[option.TrojanInboundOptions](registry, C.TypeTrojan, NewInbound)
|
|
|
|
}
|
|
|
|
|
|
|
|
var _ adapter.TCPInjectableInbound = (*Inbound)(nil)
|
2022-08-08 08:56:04 +08:00
|
|
|
|
2024-11-02 00:39:02 +08:00
|
|
|
type Inbound struct {
|
|
|
|
inbound.Adapter
|
|
|
|
router adapter.ConnectionRouterEx
|
|
|
|
logger log.ContextLogger
|
|
|
|
listener *listener.Listener
|
2022-08-25 13:35:48 +08:00
|
|
|
service *trojan.Service[int]
|
|
|
|
users []option.TrojanUser
|
2022-09-09 18:45:10 +08:00
|
|
|
tlsConfig tls.ServerConfig
|
2022-08-25 13:35:48 +08:00
|
|
|
fallbackAddr M.Socksaddr
|
|
|
|
fallbackAddrTLSNextProto map[string]M.Socksaddr
|
|
|
|
transport adapter.V2RayServerTransport
|
2022-08-08 08:56:04 +08:00
|
|
|
}
|
|
|
|
|
2024-11-02 00:39:02 +08:00
|
|
|
func NewInbound(ctx context.Context, router adapter.Router, logger log.ContextLogger, tag string, options option.TrojanInboundOptions) (adapter.Inbound, error) {
|
|
|
|
inbound := &Inbound{
|
|
|
|
Adapter: inbound.NewAdapter(C.TypeTrojan, tag),
|
|
|
|
router: router,
|
|
|
|
logger: logger,
|
|
|
|
users: options.Users,
|
2022-08-08 08:56:04 +08:00
|
|
|
}
|
2022-08-25 13:35:48 +08:00
|
|
|
if options.TLS != nil {
|
2023-08-29 13:43:42 +08:00
|
|
|
tlsConfig, err := tls.NewServer(ctx, logger, common.PtrValueOrDefault(options.TLS))
|
2022-08-25 13:35:48 +08:00
|
|
|
if err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
|
|
|
inbound.tlsConfig = tlsConfig
|
|
|
|
}
|
2022-08-20 20:54:20 +08:00
|
|
|
var fallbackHandler N.TCPConnectionHandler
|
2022-08-25 13:35:48 +08:00
|
|
|
if options.Fallback != nil && options.Fallback.Server != "" || len(options.FallbackForALPN) > 0 {
|
|
|
|
if options.Fallback != nil && options.Fallback.Server != "" {
|
|
|
|
inbound.fallbackAddr = options.Fallback.Build()
|
|
|
|
if !inbound.fallbackAddr.IsValid() {
|
|
|
|
return nil, E.New("invalid fallback address: ", inbound.fallbackAddr)
|
|
|
|
}
|
|
|
|
}
|
|
|
|
if len(options.FallbackForALPN) > 0 {
|
|
|
|
if inbound.tlsConfig == nil {
|
|
|
|
return nil, E.New("fallback for ALPN is not supported without TLS")
|
|
|
|
}
|
|
|
|
fallbackAddrNextProto := make(map[string]M.Socksaddr)
|
|
|
|
for nextProto, destination := range options.FallbackForALPN {
|
|
|
|
fallbackAddr := destination.Build()
|
|
|
|
if !fallbackAddr.IsValid() {
|
|
|
|
return nil, E.New("invalid fallback address for ALPN ", nextProto, ": ", fallbackAddr)
|
|
|
|
}
|
|
|
|
fallbackAddrNextProto[nextProto] = fallbackAddr
|
|
|
|
}
|
|
|
|
inbound.fallbackAddrTLSNextProto = fallbackAddrNextProto
|
|
|
|
}
|
2022-08-20 20:54:20 +08:00
|
|
|
fallbackHandler = adapter.NewUpstreamContextHandler(inbound.fallbackConnection, nil, nil)
|
|
|
|
}
|
2024-11-02 00:39:02 +08:00
|
|
|
service := trojan.NewService[int](adapter.NewUpstreamContextHandler(inbound.newConnection, inbound.newPacketConnection, nil), fallbackHandler, logger)
|
2022-08-08 08:56:04 +08:00
|
|
|
err := service.UpdateUsers(common.MapIndexed(options.Users, func(index int, it option.TrojanUser) int {
|
|
|
|
return index
|
|
|
|
}), common.Map(options.Users, func(it option.TrojanUser) string {
|
|
|
|
return it.Password
|
|
|
|
}))
|
|
|
|
if err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
2022-08-23 12:11:56 +08:00
|
|
|
if options.Transport != nil {
|
2024-11-02 00:39:02 +08:00
|
|
|
inbound.transport, err = v2ray.NewServerTransport(ctx, logger, common.PtrValueOrDefault(options.Transport), inbound.tlsConfig, (*inboundTransportHandler)(inbound))
|
2022-08-23 12:11:56 +08:00
|
|
|
if err != nil {
|
|
|
|
return nil, E.Cause(err, "create server transport: ", options.Transport.Type)
|
|
|
|
}
|
|
|
|
}
|
2023-11-08 12:09:22 +08:00
|
|
|
inbound.router, err = mux.NewRouterWithOptions(inbound.router, logger, common.PtrValueOrDefault(options.Multiplex))
|
|
|
|
if err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
2022-08-08 08:56:04 +08:00
|
|
|
inbound.service = service
|
2024-11-02 00:39:02 +08:00
|
|
|
inbound.listener = listener.New(listener.Options{
|
|
|
|
Context: ctx,
|
|
|
|
Logger: logger,
|
|
|
|
Network: []string{N.NetworkTCP},
|
|
|
|
Listen: options.ListenOptions,
|
|
|
|
ConnectionHandler: inbound,
|
|
|
|
})
|
2022-08-08 08:56:04 +08:00
|
|
|
return inbound, nil
|
|
|
|
}
|
|
|
|
|
2024-11-02 00:39:02 +08:00
|
|
|
func (h *Inbound) Start() error {
|
2022-08-08 08:56:04 +08:00
|
|
|
if h.tlsConfig != nil {
|
|
|
|
err := h.tlsConfig.Start()
|
|
|
|
if err != nil {
|
|
|
|
return E.Cause(err, "create TLS config")
|
|
|
|
}
|
|
|
|
}
|
2022-08-23 12:11:56 +08:00
|
|
|
if h.transport == nil {
|
2024-11-02 00:39:02 +08:00
|
|
|
return h.listener.Start()
|
2022-08-23 12:11:56 +08:00
|
|
|
}
|
|
|
|
if common.Contains(h.transport.Network(), N.NetworkTCP) {
|
2024-11-02 00:39:02 +08:00
|
|
|
tcpListener, err := h.listener.ListenTCP()
|
2022-08-23 12:11:56 +08:00
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
go func() {
|
|
|
|
sErr := h.transport.Serve(tcpListener)
|
|
|
|
if sErr != nil && !E.IsClosed(sErr) {
|
|
|
|
h.logger.Error("transport serve error: ", sErr)
|
|
|
|
}
|
|
|
|
}()
|
|
|
|
}
|
|
|
|
if common.Contains(h.transport.Network(), N.NetworkUDP) {
|
2024-11-02 00:39:02 +08:00
|
|
|
udpConn, err := h.listener.ListenUDP()
|
2022-08-23 12:11:56 +08:00
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
go func() {
|
|
|
|
sErr := h.transport.ServePacket(udpConn)
|
|
|
|
if sErr != nil && !E.IsClosed(sErr) {
|
|
|
|
h.logger.Error("transport serve error: ", sErr)
|
|
|
|
}
|
|
|
|
}()
|
|
|
|
}
|
|
|
|
return nil
|
2022-08-08 08:56:04 +08:00
|
|
|
}
|
|
|
|
|
2024-11-02 00:39:02 +08:00
|
|
|
func (h *Inbound) Close() error {
|
2022-08-08 08:56:04 +08:00
|
|
|
return common.Close(
|
2024-11-02 00:39:02 +08:00
|
|
|
&h.listener,
|
2022-09-09 18:45:10 +08:00
|
|
|
h.tlsConfig,
|
2022-08-23 12:11:56 +08:00
|
|
|
h.transport,
|
2022-08-08 08:56:04 +08:00
|
|
|
)
|
|
|
|
}
|
|
|
|
|
2024-11-02 00:39:02 +08:00
|
|
|
func (h *Inbound) NewConnection(ctx context.Context, conn net.Conn, metadata adapter.InboundContext) error {
|
2022-09-30 11:27:18 +08:00
|
|
|
var err error
|
2022-08-29 10:10:41 +08:00
|
|
|
if h.tlsConfig != nil && h.transport == nil {
|
2022-09-30 11:27:18 +08:00
|
|
|
conn, err = tls.ServerHandshake(ctx, conn, h.tlsConfig)
|
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
2022-08-08 08:56:04 +08:00
|
|
|
}
|
2022-11-25 22:30:37 +08:00
|
|
|
return h.service.NewConnection(adapter.WithContext(ctx, &metadata), conn, adapter.UpstreamMetadata(metadata))
|
2022-08-08 08:56:04 +08:00
|
|
|
}
|
|
|
|
|
2024-11-02 00:39:02 +08:00
|
|
|
func (h *Inbound) NewConnectionEx(ctx context.Context, conn net.Conn, metadata adapter.InboundContext, onClose N.CloseHandlerFunc) {
|
2024-10-21 23:38:34 +08:00
|
|
|
err := h.NewConnection(ctx, conn, metadata)
|
|
|
|
N.CloseOnHandshakeFailure(conn, onClose, err)
|
|
|
|
if err != nil {
|
|
|
|
h.logger.ErrorContext(ctx, E.Cause(err, "process connection from ", metadata.Source))
|
|
|
|
}
|
2022-08-29 19:43:13 +08:00
|
|
|
}
|
|
|
|
|
2024-11-02 00:39:02 +08:00
|
|
|
func (h *Inbound) newConnection(ctx context.Context, conn net.Conn, metadata adapter.InboundContext) error {
|
2022-08-08 08:56:04 +08:00
|
|
|
userIndex, loaded := auth.UserFromContext[int](ctx)
|
|
|
|
if !loaded {
|
|
|
|
return os.ErrInvalid
|
|
|
|
}
|
|
|
|
user := h.users[userIndex].Name
|
|
|
|
if user == "" {
|
|
|
|
user = F.ToString(userIndex)
|
|
|
|
} else {
|
|
|
|
metadata.User = user
|
|
|
|
}
|
|
|
|
h.logger.InfoContext(ctx, "[", user, "] inbound connection to ", metadata.Destination)
|
|
|
|
return h.router.RouteConnection(ctx, conn, metadata)
|
|
|
|
}
|
|
|
|
|
2024-11-02 00:39:02 +08:00
|
|
|
func (h *Inbound) fallbackConnection(ctx context.Context, conn net.Conn, metadata adapter.InboundContext) error {
|
2022-08-25 13:35:48 +08:00
|
|
|
var fallbackAddr M.Socksaddr
|
|
|
|
if len(h.fallbackAddrTLSNextProto) > 0 {
|
2022-10-01 11:41:15 +08:00
|
|
|
if tlsConn, loaded := common.Cast[tls.Conn](conn); loaded {
|
2022-08-25 13:35:48 +08:00
|
|
|
connectionState := tlsConn.ConnectionState()
|
|
|
|
if connectionState.NegotiatedProtocol != "" {
|
|
|
|
if fallbackAddr, loaded = h.fallbackAddrTLSNextProto[connectionState.NegotiatedProtocol]; !loaded {
|
|
|
|
return E.New("fallback disabled for ALPN: ", connectionState.NegotiatedProtocol)
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
if !fallbackAddr.IsValid() {
|
2022-10-01 11:41:15 +08:00
|
|
|
if !h.fallbackAddr.IsValid() {
|
|
|
|
return E.New("fallback disabled by default")
|
|
|
|
}
|
2022-08-25 13:35:48 +08:00
|
|
|
fallbackAddr = h.fallbackAddr
|
|
|
|
}
|
|
|
|
h.logger.InfoContext(ctx, "fallback connection to ", fallbackAddr)
|
|
|
|
metadata.Destination = fallbackAddr
|
2022-08-20 20:54:20 +08:00
|
|
|
return h.router.RouteConnection(ctx, conn, metadata)
|
|
|
|
}
|
|
|
|
|
2024-11-02 00:39:02 +08:00
|
|
|
func (h *Inbound) newPacketConnection(ctx context.Context, conn N.PacketConn, metadata adapter.InboundContext) error {
|
2022-08-08 08:56:04 +08:00
|
|
|
userIndex, loaded := auth.UserFromContext[int](ctx)
|
|
|
|
if !loaded {
|
|
|
|
return os.ErrInvalid
|
|
|
|
}
|
|
|
|
user := h.users[userIndex].Name
|
|
|
|
if user == "" {
|
|
|
|
user = F.ToString(userIndex)
|
|
|
|
} else {
|
|
|
|
metadata.User = user
|
|
|
|
}
|
|
|
|
h.logger.InfoContext(ctx, "[", user, "] inbound packet connection to ", metadata.Destination)
|
|
|
|
return h.router.RoutePacketConnection(ctx, conn, metadata)
|
|
|
|
}
|
2023-02-13 05:53:03 +08:00
|
|
|
|
2024-11-02 00:39:02 +08:00
|
|
|
var _ adapter.V2RayServerTransportHandler = (*inboundTransportHandler)(nil)
|
2023-02-13 05:53:03 +08:00
|
|
|
|
2024-11-02 00:39:02 +08:00
|
|
|
type inboundTransportHandler Inbound
|
2023-02-13 05:53:03 +08:00
|
|
|
|
2024-11-02 00:39:02 +08:00
|
|
|
func (h *inboundTransportHandler) NewConnectionEx(ctx context.Context, conn net.Conn, source M.Socksaddr, destination M.Socksaddr, onClose N.CloseHandlerFunc) {
|
|
|
|
var metadata adapter.InboundContext
|
|
|
|
metadata.Inbound = h.Tag()
|
|
|
|
metadata.InboundType = h.Type()
|
|
|
|
metadata.InboundDetour = h.listener.ListenOptions().Detour
|
|
|
|
metadata.InboundOptions = h.listener.ListenOptions().InboundOptions
|
|
|
|
metadata.Source = source
|
|
|
|
metadata.Destination = destination
|
|
|
|
h.logger.InfoContext(ctx, "inbound connection from ", metadata.Source)
|
|
|
|
(*Inbound)(h).NewConnectionEx(ctx, conn, metadata, onClose)
|
2023-02-13 05:53:03 +08:00
|
|
|
}
|