Add shadowsocks 2022 multi-user inbound

2025-04-30 17:38:41 +00:00 · 2022-05-24 07:25:12 +08:00 · 2022-05-24 07:25:12 +08:00 · cf7e675c45
commit cf7e675c45
parent b6391cbbe1
6 changed files with 427 additions and 50 deletions
--- a/proxy/shadowsocks_2022/inbound_multi.go
+++ b/proxy/shadowsocks_2022/inbound_multi.go
@ -0,0 +1,161 @@
+package shadowsocks_2022
+
+import (
+	"context"
+	"encoding/base64"
+
+	B "github.com/sagernet/sing/common/buf"
+	"github.com/sagernet/sing/common/bufio"
+	M "github.com/sagernet/sing/common/metadata"
+	N "github.com/sagernet/sing/common/network"
+	"github.com/sagernet/sing/common/random"
+	"github.com/sagernet/sing/protocol/shadowsocks"
+	"github.com/sagernet/sing/protocol/shadowsocks/shadowaead_2022"
+	"github.com/xtls/xray-core/common"
+	"github.com/xtls/xray-core/common/buf"
+	"github.com/xtls/xray-core/common/log"
+	"github.com/xtls/xray-core/common/net"
+	"github.com/xtls/xray-core/common/session"
+	"github.com/xtls/xray-core/common/uuid"
+	"github.com/xtls/xray-core/features/routing"
+	"github.com/xtls/xray-core/transport/internet/stat"
+)
+
+func init() {
+	common.Must(common.RegisterConfig((*MultiUserServerConfig)(nil), func(ctx context.Context, config interface{}) (interface{}, error) {
+		return NewMultiServer(ctx, config.(*MultiUserServerConfig))
+	}))
+}
+
+type MultiUserInbound struct {
+	networks []net.Network
+	service  *shadowaead_2022.MultiService[string]
+}
+
+func NewMultiServer(ctx context.Context, config *MultiUserServerConfig) (*MultiUserInbound, error) {
+	networks := config.Network
+	if len(networks) == 0 {
+		networks = []net.Network{
+			net.Network_TCP,
+			net.Network_UDP,
+		}
+	}
+	inbound := &MultiUserInbound{
+		networks: networks,
+	}
+	if config.Key == "" {
+		return nil, newError("missing key")
+	}
+	psk, err := base64.StdEncoding.DecodeString(config.Key)
+	if err != nil {
+		return nil, newError("parse config").Base(err)
+	}
+	service, err := shadowaead_2022.NewMultiService[string](config.Method, psk, random.Default, 500, inbound)
+	if err != nil {
+		return nil, newError("create service").Base(err)
+	}
+
+	for _, user := range config.Users {
+		if user.Email == "" {
+			u := uuid.New()
+			user.Email = "(user with empty email - " + u.String() + ")"
+		}
+		uPsk, err := base64.StdEncoding.DecodeString(user.Key)
+		if err != nil {
+			return nil, newError("parse user key for ", user.Email).Base(err)
+		}
+		err = service.AddUser(user.Email, uPsk)
+		if err != nil {
+			return nil, newError("add user").Base(err)
+		}
+	}
+
+	inbound.service = service
+	return inbound, nil
+}
+
+func (i *MultiUserInbound) Network() []net.Network {
+	return i.networks
+}
+
+func (i *MultiUserInbound) Process(ctx context.Context, network net.Network, connection stat.Connection, dispatcher routing.Dispatcher) error {
+	inbound := session.InboundFromContext(ctx)
+	if inbound == nil {
+		panic("no inbound metadata")
+	}
+
+	var metadata M.Metadata
+	if inbound.Source.IsValid() {
+		metadata.Source = M.ParseSocksaddr(inbound.Source.NetAddr())
+	}
+
+	ctx = session.ContextWithDispatcher(ctx, dispatcher)
+
+	if network == net.Network_TCP {
+		return i.service.NewConnection(ctx, connection, metadata)
+	} else {
+		reader := buf.NewReader(connection)
+		pc := &natPacketConn{connection}
+		for {
+			mb, err := reader.ReadMultiBuffer()
+			if err != nil {
+				return err
+			}
+			for _, buffer := range mb {
+				err = i.service.NewPacket(ctx, pc, B.As(buffer.Bytes()), metadata)
+				if err != nil {
+					return err
+				}
+			}
+		}
+	}
+}
+
+func (i *MultiUserInbound) NewConnection(ctx context.Context, conn net.Conn, metadata M.Metadata) error {
+	userCtx := ctx.(*shadowsocks.UserContext[string])
+	ctx = log.ContextWithAccessMessage(userCtx.Context, &log.AccessMessage{
+		From:   metadata.Source,
+		To:     metadata.Destination,
+		Status: log.AccessAccepted,
+		Email:  userCtx.User,
+	})
+	newError("tunnelling request to tcp:", metadata.Destination).WriteToLog(session.ExportIDToError(ctx))
+	dispatcher := session.DispatcherFromContext(ctx)
+	link, err := dispatcher.Dispatch(ctx, toDestination(metadata.Destination, net.Network_TCP))
+	if err != nil {
+		return err
+	}
+	outConn := &pipeConnWrapper{
+		&buf.BufferedReader{Reader: link.Reader},
+		link.Writer,
+		conn,
+	}
+	return bufio.CopyConn(ctx, conn, outConn)
+}
+
+func (i *MultiUserInbound) NewPacketConnection(ctx context.Context, conn N.PacketConn, metadata M.Metadata) error {
+	userCtx := ctx.(*shadowsocks.UserContext[string])
+	ctx = log.ContextWithAccessMessage(userCtx.Context, &log.AccessMessage{
+		From:   metadata.Source,
+		To:     metadata.Destination,
+		Status: log.AccessAccepted,
+		Email:  userCtx.User,
+	})
+	newError("tunnelling request to udp:", metadata.Destination).WriteToLog(session.ExportIDToError(ctx))
+	dispatcher := session.DispatcherFromContext(ctx)
+	destination := toDestination(metadata.Destination, net.Network_UDP)
+	link, err := dispatcher.Dispatch(ctx, destination)
+	if err != nil {
+		return err
+	}
+	outConn := &packetConnWrapper{
+		Reader: link.Reader,
+		Writer: link.Writer,
+		Dest:   destination,
+	}
+	return bufio.CopyPacketConn(ctx, conn, outConn)
+}
+
+func (i *MultiUserInbound) HandleError(err error) {
+	newError(err).AtWarning().WriteToLog()
+}