clash/adapter/outbound/http.go

package outbound

import (
	"bufio"
	"context"
	"crypto/tls"
	"encoding/base64"
	"errors"
	"fmt"
	"io"
	"net"
	"net/http"
	"net/url"
	"strconv"

	"github.com/Dreamacro/clash/component/dialer"
	C "github.com/Dreamacro/clash/constant"
)

type Http struct {
	*Base
	user      string
	pass      string
	tlsConfig *tls.Config
	option    *HttpOption
}

type HttpOption struct {
	BasicOption
	Name           string            `proxy:"name"`
	Server         string            `proxy:"server"`
	Port           int               `proxy:"port"`
	UserName       string            `proxy:"username,omitempty"`
	Password       string            `proxy:"password,omitempty"`
	TLS            bool              `proxy:"tls,omitempty"`
	SNI            string            `proxy:"sni,omitempty"`
	SkipCertVerify bool              `proxy:"skip-cert-verify,omitempty"`
	Headers        map[string]string `proxy:"headers,omitempty"`
}

// StreamConn implements C.ProxyAdapter
func (h *Http) StreamConn(c net.Conn, metadata *C.Metadata) (net.Conn, error) {
	if h.tlsConfig != nil {
		cc := tls.Client(c, h.tlsConfig)
		err := cc.Handshake()
		c = cc
		if err != nil {
			return nil, fmt.Errorf("%s connect error: %w", h.addr, err)
		}
	}

	if err := h.shakeHand(metadata, c); err != nil {
		return nil, err
	}
	return c, nil
}

// DialContext implements C.ProxyAdapter
func (h *Http) DialContext(ctx context.Context, metadata *C.Metadata, opts ...dialer.Option) (_ C.Conn, err error) {
	c, err := dialer.DialContext(ctx, "tcp", h.addr, h.Base.DialOptions(opts...)...)
	if err != nil {
		return nil, fmt.Errorf("%s connect error: %w", h.addr, err)
	}
	tcpKeepAlive(c)

	defer safeConnClose(c, err)

	c, err = h.StreamConn(c, metadata)
	if err != nil {
		return nil, err
	}

	return NewConn(c, h), nil
}

func (h *Http) shakeHand(metadata *C.Metadata, rw io.ReadWriter) error {
	addr := metadata.RemoteAddress()
	req := &http.Request{
		Method: http.MethodConnect,
		URL: &url.URL{
			Host: addr,
		},
		Host: addr,
		Header: http.Header{
			"Proxy-Connection": []string{"Keep-Alive"},
		},
	}

	//增加headers
	if len(h.option.Headers) != 0 {
		for key, value := range h.option.Headers {
			req.Header.Add(key, value)
		}
	}

	if h.user != "" && h.pass != "" {
		auth := h.user + ":" + h.pass
		req.Header.Add("Proxy-Authorization", "Basic "+base64.StdEncoding.EncodeToString([]byte(auth)))
	}

	if err := req.Write(rw); err != nil {
		return err
	}

	resp, err := http.ReadResponse(bufio.NewReader(rw), req)
	if err != nil {
		return err
	}

	if resp.StatusCode == http.StatusOK {
		return nil
	}

	if resp.StatusCode == http.StatusProxyAuthRequired {
		return errors.New("HTTP need auth")
	}

	if resp.StatusCode == http.StatusMethodNotAllowed {
		return errors.New("CONNECT method not allowed by proxy")
	}

	if resp.StatusCode >= http.StatusInternalServerError {
		return errors.New(resp.Status)
	}

	return fmt.Errorf("can not connect remote err code: %d", resp.StatusCode)
}

func NewHttp(option HttpOption) *Http {
	var tlsConfig *tls.Config
	if option.TLS {
		sni := option.Server
		if option.SNI != "" {
			sni = option.SNI
		}
		tlsConfig = &tls.Config{
			InsecureSkipVerify: option.SkipCertVerify,
			ServerName:         sni,
		}
	}

	return &Http{
		Base: &Base{
			name:  option.Name,
			addr:  net.JoinHostPort(option.Server, strconv.Itoa(option.Port)),
			tp:    C.Http,
			iface: option.Interface,
			rmark: option.RoutingMark,
		},
		user:      option.UserName,
		pass:      option.Password,
		tlsConfig: tlsConfig,
		option:    &option,
	}
}
Feature: add experimental provider 2019-12-08 04:17:24 +00:00			`package outbound`
Feature: add http/https [connect] proxy (#52) 2018-12-03 15:27:00 +00:00
			`import (`
			`"bufio"`
Fix: dial tcp with context to avoid margin of error 2019-10-12 15:55:39 +00:00			`"context"`
Feature: add http/https [connect] proxy (#52) 2018-12-03 15:27:00 +00:00			`"crypto/tls"`
			`"encoding/base64"`
			`"errors"`
			`"fmt"`
			`"io"`
			`"net"`
			`"net/http"`
Chore: remove unused http outbound proxy code 2019-12-05 10:22:07 +00:00			`"net/url"`
Feature: add http/https [connect] proxy (#52) 2018-12-03 15:27:00 +00:00			`"strconv"`

Feature: add default-nameserver and outbound interface 2020-02-15 13:42:46 +00:00			`"github.com/Dreamacro/clash/component/dialer"`
Feature: add http/https [connect] proxy (#52) 2018-12-03 15:27:00 +00:00			`C "github.com/Dreamacro/clash/constant"`
			`)`

			`type Http struct {`
Chore: improve outbound architecture 2018-12-22 15:56:42 +00:00			`*Base`
Chore: remove unused http outbound proxy code 2019-12-05 10:22:07 +00:00			`user string`
			`pass string`
			`tlsConfig *tls.Config`
feat: support http headers 2022-04-14 05:07:39 +00:00			`option *HttpOption`
Feature: add http/https [connect] proxy (#52) 2018-12-03 15:27:00 +00:00			`}`

			`type HttpOption struct {`
Feature: dial different NIC for all proxies (#1714) 2021-11-07 08:48:51 +00:00			`BasicOption`
feat: support http headers 2022-04-14 05:07:39 +00:00			Name string `proxy:"name"`
			Server string `proxy:"server"`
			Port int `proxy:"port"`
			UserName string `proxy:"username,omitempty"`
			Password string `proxy:"password,omitempty"`
			TLS bool `proxy:"tls,omitempty"`
			SNI string `proxy:"sni,omitempty"`
			SkipCertVerify bool `proxy:"skip-cert-verify,omitempty"`
			Headers map[string]string `proxy:"headers,omitempty"`
Feature: add http/https [connect] proxy (#52) 2018-12-03 15:27:00 +00:00			`}`

Style: code style 2021-04-29 03:23:14 +00:00			`// StreamConn implements C.ProxyAdapter`
Feature: support relay (proxy chains) (#539) 2020-03-21 15:46:49 +00:00			`func (h Http) StreamConn(c net.Conn, metadata C.Metadata) (net.Conn, error) {`
			`if h.tlsConfig != nil {`
Feature: add http/https [connect] proxy (#52) 2018-12-03 15:27:00 +00:00			`cc := tls.Client(c, h.tlsConfig)`
Feature: support relay (proxy chains) (#539) 2020-03-21 15:46:49 +00:00			`err := cc.Handshake()`
Feature: add http/https [connect] proxy (#52) 2018-12-03 15:27:00 +00:00			`c = cc`
Feature: support relay (proxy chains) (#539) 2020-03-21 15:46:49 +00:00			`if err != nil {`
			`return nil, fmt.Errorf("%s connect error: %w", h.addr, err)`
			`}`
Feature: add http/https [connect] proxy (#52) 2018-12-03 15:27:00 +00:00			`}`

Feature: support relay (proxy chains) (#539) 2020-03-21 15:46:49 +00:00			`if err := h.shakeHand(metadata, c); err != nil {`
			`return nil, err`
			`}`
			`return c, nil`
			`}`

Style: code style 2021-04-29 03:23:14 +00:00			`// DialContext implements C.ProxyAdapter`
Feature: dial different NIC for all proxies (#1714) 2021-11-07 08:48:51 +00:00			`func (h Http) DialContext(ctx context.Context, metadata C.Metadata, opts ...dialer.Option) (_ C.Conn, err error) {`
			`c, err := dialer.DialContext(ctx, "tcp", h.addr, h.Base.DialOptions(opts...)...)`
Feature: add http/https [connect] proxy (#52) 2018-12-03 15:27:00 +00:00			`if err != nil {`
Chore: throw more detail dial error 2019-12-05 09:51:21 +00:00			`return nil, fmt.Errorf("%s connect error: %w", h.addr, err)`
Feature: add http/https [connect] proxy (#52) 2018-12-03 15:27:00 +00:00			`}`
			`tcpKeepAlive(c)`
Feature: support relay (proxy chains) (#539) 2020-03-21 15:46:49 +00:00
Chore: Clarify the definition of StreamConn and DialContext 2021-03-22 15:26:20 +00:00			`defer safeConnClose(c, err)`

Feature: support relay (proxy chains) (#539) 2020-03-21 15:46:49 +00:00			`c, err = h.StreamConn(c, metadata)`
			`if err != nil {`
Feature: add http/https [connect] proxy (#52) 2018-12-03 15:27:00 +00:00			`return nil, err`
			`}`

Feature: support relay (proxy chains) (#539) 2020-03-21 15:46:49 +00:00			`return NewConn(c, h), nil`
Feature: add http/https [connect] proxy (#52) 2018-12-03 15:27:00 +00:00			`}`

			`func (h Http) shakeHand(metadata C.Metadata, rw io.ReadWriter) error {`
Fix: some UDP issues (#265) 2019-10-11 12:11:18 +00:00			`addr := metadata.RemoteAddress()`
Chore: remove unused http outbound proxy code 2019-12-05 10:22:07 +00:00			`req := &http.Request{`
			`Method: http.MethodConnect,`
			`URL: &url.URL{`
			`Host: addr,`
			`},`
			`Host: addr,`
			`Header: http.Header{`
			`"Proxy-Connection": []string{"Keep-Alive"},`
			`},`
			`}`
Feature: add http/https [connect] proxy (#52) 2018-12-03 15:27:00 +00:00
feat: support http headers 2022-04-14 05:07:39 +00:00			`//增加headers`
			`if len(h.option.Headers) != 0 {`
			`for key, value := range h.option.Headers {`
			`req.Header.Add(key, value)`
			`}`
			`}`

Feature: add http/https [connect] proxy (#52) 2018-12-03 15:27:00 +00:00			`if h.user != "" && h.pass != "" {`
			`auth := h.user + ":" + h.pass`
Chore: remove unused http outbound proxy code 2019-12-05 10:22:07 +00:00			`req.Header.Add("Proxy-Authorization", "Basic "+base64.StdEncoding.EncodeToString([]byte(auth)))`
Feature: add http/https [connect] proxy (#52) 2018-12-03 15:27:00 +00:00			`}`

Chore: remove unused http outbound proxy code 2019-12-05 10:22:07 +00:00			`if err := req.Write(rw); err != nil {`
Feature: add http/https [connect] proxy (#52) 2018-12-03 15:27:00 +00:00			`return err`
			`}`

Chore: remove unused http outbound proxy code 2019-12-05 10:22:07 +00:00			`resp, err := http.ReadResponse(bufio.NewReader(rw), req)`
Feature: add http/https [connect] proxy (#52) 2018-12-03 15:27:00 +00:00			`if err != nil {`
			`return err`
			`}`

Fix: throw error when CONNECT return 5xx 2019-10-05 01:33:40 +00:00			`if resp.StatusCode == http.StatusOK {`
Feature: add http/https [connect] proxy (#52) 2018-12-03 15:27:00 +00:00			`return nil`
			`}`

Fix: throw error when CONNECT return 5xx 2019-10-05 01:33:40 +00:00			`if resp.StatusCode == http.StatusProxyAuthRequired {`
Feature: add http/https [connect] proxy (#52) 2018-12-03 15:27:00 +00:00			`return errors.New("HTTP need auth")`
			`}`

Fix: throw error when CONNECT return 5xx 2019-10-05 01:33:40 +00:00			`if resp.StatusCode == http.StatusMethodNotAllowed {`
Feature: add http/https [connect] proxy (#52) 2018-12-03 15:27:00 +00:00			`return errors.New("CONNECT method not allowed by proxy")`
			`}`
Fix: throw error when CONNECT return 5xx 2019-10-05 01:33:40 +00:00
			`if resp.StatusCode >= http.StatusInternalServerError {`
			`return errors.New(resp.Status)`
			`}`
Chore: remove unused http outbound proxy code 2019-12-05 10:22:07 +00:00
Feature: add http/https [connect] proxy (#52) 2018-12-03 15:27:00 +00:00			`return fmt.Errorf("can not connect remote err code: %d", resp.StatusCode)`
			`}`

			`func NewHttp(option HttpOption) *Http {`
			`var tlsConfig *tls.Config`
			`if option.TLS {`
Feature: http support custom sni 2020-10-02 03:34:40 +00:00			`sni := option.Server`
			`if option.SNI != "" {`
			`sni = option.SNI`
			`}`
Feature: add http/https [connect] proxy (#52) 2018-12-03 15:27:00 +00:00			`tlsConfig = &tls.Config{`
			`InsecureSkipVerify: option.SkipCertVerify,`
Feature: http support custom sni 2020-10-02 03:34:40 +00:00			`ServerName: sni,`
Feature: add http/https [connect] proxy (#52) 2018-12-03 15:27:00 +00:00			`}`
			`}`

			`return &Http{`
Chore: improve outbound architecture 2018-12-22 15:56:42 +00:00			`Base: &Base{`
Feature: dial different NIC for all proxies (#1714) 2021-11-07 08:48:51 +00:00			`name: option.Name,`
			`addr: net.JoinHostPort(option.Server, strconv.Itoa(option.Port)),`
			`tp: C.Http,`
			`iface: option.Interface,`
Fix: routing-mark option doesn't work on proxies (#2028) 2022-03-19 05:29:30 +00:00			`rmark: option.RoutingMark,`
Chore: improve outbound architecture 2018-12-22 15:56:42 +00:00			`},`
Chore: remove unused http outbound proxy code 2019-12-05 10:22:07 +00:00			`user: option.UserName,`
			`pass: option.Password,`
			`tlsConfig: tlsConfig,`
feat: support http headers 2022-04-14 05:07:39 +00:00			`option: &option,`
Feature: add http/https [connect] proxy (#52) 2018-12-03 15:27:00 +00:00			`}`
			`}`