diff --git a/http.go b/http.go index fb352e4..0612f50 100644 --- a/http.go +++ b/http.go @@ -94,16 +94,28 @@ func (h *httpHandler) Handle(conn net.Conn) { } if Debug { - log.Logf("[http] %s %s - %s %s", req.Method, conn.RemoteAddr(), req.Host, req.Proto) dump, _ := httputil.DumpRequest(req, false) - log.Logf(string(dump)) + log.Logf("[http] %s -> %s\n%s", conn.RemoteAddr(), req.Host, string(dump)) } - if req.Method == "PRI" && req.ProtoMajor == 2 { - log.Logf("[http] %s <- %s : Not an HTTP2 server", conn.RemoteAddr(), req.Host) + if req.Method == "PRI" || (req.Method != http.MethodConnect && req.URL.Scheme != "http") { resp := "HTTP/1.1 400 Bad Request\r\n" + "Proxy-Agent: gost/" + Version + "\r\n\r\n" conn.Write([]byte(resp)) + if Debug { + log.Logf("[http] %s <- %s\n%s", conn.RemoteAddr(), req.Host, resp) + } + return + } + + if !Can("tcp", req.Host, h.options.Whitelist, h.options.Blacklist) { + log.Logf("[http] Unauthorized to tcp connect to %s", req.Host) + b := []byte("HTTP/1.1 403 Forbidden\r\n" + + "Proxy-Agent: gost/" + Version + "\r\n\r\n") + conn.Write(b) + if Debug { + log.Logf("[http] %s <- %s\n%s", conn.RemoteAddr(), req.Host, string(b)) + } return } @@ -121,18 +133,7 @@ func (h *httpHandler) Handle(conn net.Conn) { } req.Header.Del("Proxy-Authorization") - req.Header.Del("Proxy-Connection") - - if !Can("tcp", req.Host, h.options.Whitelist, h.options.Blacklist) { - log.Logf("[http] Unauthorized to tcp connect to %s", req.Host) - b := []byte("HTTP/1.1 403 Forbidden\r\n" + - "Proxy-Agent: gost/" + Version + "\r\n\r\n") - conn.Write(b) - if Debug { - log.Logf("[http] %s <- %s\n%s", conn.RemoteAddr(), req.Host, string(b)) - } - return - } + // req.Header.Del("Proxy-Connection") // try to get the actual host. if v := req.Header.Get("Gost-Target"); v != "" { diff --git a/socks.go b/socks.go index 858e725..1bb4533 100644 --- a/socks.go +++ b/socks.go @@ -261,6 +261,9 @@ func (c *socks4Connector) Connect(conn net.Conn, addr string) (net.Conn, error) if err != nil { return nil, err } + if len(taddr.IP) == 0 { + taddr.IP = net.IPv4(0, 0, 0, 0) + } req := gosocks4.NewRequest(gosocks4.CmdConnect, &gosocks4.Addr{ diff --git a/ss.go b/ss.go index e66a1d0..3cc702d 100644 --- a/ss.go +++ b/ss.go @@ -172,10 +172,12 @@ func (h *shadowHandler) getRequest(conn net.Conn) (host string, err error) { buf := make([]byte, smallBufferSize) // read till we get possible domain length field - conn.SetReadDeadline(time.Now().Add(30 * time.Second)) + conn.SetReadDeadline(time.Now().Add(ReadTimeout)) if _, err = io.ReadFull(conn, buf[:idType+1]); err != nil { return } + // clear timer + conn.SetReadDeadline(time.Time{}) var reqStart, reqEnd int addrType := buf[idType] diff --git a/vendor/github.com/ginuerzh/gosocks4/socks4.go b/vendor/github.com/ginuerzh/gosocks4/socks4.go index 52b32e4..2377ac5 100644 --- a/vendor/github.com/ginuerzh/gosocks4/socks4.go +++ b/vendor/github.com/ginuerzh/gosocks4/socks4.go @@ -56,7 +56,7 @@ func (addr *Addr) Decode(b []byte) error { addr.Port = binary.BigEndian.Uint16(b[0:2]) addr.Host = net.IP(b[2 : 2+net.IPv4len]).String() - if b[2]|b[3]|b[4] == 0 { + if b[2]|b[3]|b[4] == 0 && b[5] != 0 { addr.Type = AddrDomain } diff --git a/vendor/vendor.json b/vendor/vendor.json index 1569af6..354683e 100644 --- a/vendor/vendor.json +++ b/vendor/vendor.json @@ -81,10 +81,10 @@ "revisionTime": "2016-08-31T15:17:26Z" }, { - "checksumSHA1": "aIhLeVAIrsjs63CwqmU3+GU8yT4=", + "checksumSHA1": "AqX1ZPaQtMCpfiTiA2zGmWadYl0=", "path": "github.com/ginuerzh/gosocks4", - "revision": "fc196f9d34e35f19a813bff2f092a275131c23bc", - "revisionTime": "2017-02-09T14:09:51Z" + "revision": "c3a6700bad67bd29718fd19212b3dd934aea89b3", + "revisionTime": "2017-09-04T03:46:09Z" }, { "checksumSHA1": "Onmjh8hT6pjAixkuGJN4KKAaTT4=",