Keep ssr type outbound

SagerNet · Dec 30, 2023 · 1f56df4 · 1f56df4
1 parent 6372629
commit 1f56df4
Show file tree

Hide file tree

Showing 25 changed files with 2,170 additions and 5 deletions.
diff --git a/go.mod b/go.mod
@@ -4,6 +4,7 @@ go 1.20
 
 require (
 	berty.tech/go-libtor v1.0.385
+	github.com/Dreamacro/clash v1.17.0
 	github.com/caddyserver/certmagic v0.20.0
 	github.com/cloudflare/circl v1.3.6
 	github.com/cretz/bine v0.2.0
@@ -56,6 +57,7 @@ require (
 //replace github.com/sagernet/sing => ../sing
 
 require (
+	github.com/Dreamacro/protobytes v0.0.0-20230617041236-6500a9f4f158 // indirect
 	github.com/ajg/form v1.5.1 // indirect
 	github.com/andybalholm/brotli v1.0.6 // indirect
 	github.com/davecgh/go-spew v1.1.1 // indirect

diff --git a/go.sum b/go.sum
@@ -1,5 +1,9 @@
 berty.tech/go-libtor v1.0.385 h1:RWK94C3hZj6Z2GdvePpHJLnWYobFr3bY/OdUJ5aoEXw=
 berty.tech/go-libtor v1.0.385/go.mod h1:9swOOQVb+kmvuAlsgWUK/4c52pm69AdbJsxLzk+fJEw=
+github.com/Dreamacro/clash v1.17.0 h1:LWtp6KcnrCiujY58ufI8pylI+hbCBgSCsLI90EWhpi4=
+github.com/Dreamacro/clash v1.17.0/go.mod h1:PtcAft7sdsK325BD6uwm8wvhOkMV3TCeED6dfZ/lnfE=
+github.com/Dreamacro/protobytes v0.0.0-20230617041236-6500a9f4f158 h1:JFnwKplz9hj8ubqYjm8HkgZS1Rvz9yW+u/XCNNTxr0k=
+github.com/Dreamacro/protobytes v0.0.0-20230617041236-6500a9f4f158/go.mod h1:QvmEZ/h6KXszPOr2wUFl7Zn3hfFNYdfbXwPVDTyZs6k=
 github.com/ajg/form v1.5.1 h1:t9c7v8JUKu/XxOGBU0yjNpaMloxGEJhUkqFRq0ibGeU=
 github.com/ajg/form v1.5.1/go.mod h1:uL1WgH+h2mgNtvBq0339dVnzXdBETtL2LeUXaIv25UY=
 github.com/andybalholm/brotli v1.0.6 h1:Yf9fFpf49Zrxb9NlQaluyE92/+X7UVHlhMNJN2sxfOI=

diff --git a/outbound/shadowsocksr.go b/outbound/shadowsocksr.go
@@ -4,15 +4,191 @@ package outbound
 
 import (
 	"context"
-	"os"
+	"errors"
+	"fmt"
+	"net"
 
 	"github.com/sagernet/sing-box/adapter"
+	"github.com/sagernet/sing-box/common/dialer"
+	C "github.com/sagernet/sing-box/constant"
 	"github.com/sagernet/sing-box/log"
 	"github.com/sagernet/sing-box/option"
+	"github.com/sagernet/sing-box/transport/clashssr/obfs"
+	"github.com/sagernet/sing-box/transport/clashssr/protocol"
+	"github.com/sagernet/sing/common/bufio"
+	E "github.com/sagernet/sing/common/exceptions"
+	M "github.com/sagernet/sing/common/metadata"
+	N "github.com/sagernet/sing/common/network"
+
+	"github.com/Dreamacro/clash/transport/shadowsocks/core"
+	"github.com/Dreamacro/clash/transport/shadowsocks/shadowstream"
+	"github.com/Dreamacro/clash/transport/socks5"
 )
 
-var _ int = "ShadowsocksR is deprecated and removed in sing-box 1.6.0"
+var _ adapter.Outbound = (*ShadowsocksR)(nil)
+
+type ShadowsocksR struct {
+	myOutboundAdapter
+	dialer     N.Dialer
+	serverAddr M.Socksaddr
+	cipher     core.Cipher
+	obfs       obfs.Obfs
+	protocol   protocol.Protocol
+}
+
+func NewShadowsocksR(ctx context.Context, router adapter.Router, logger log.ContextLogger, tag string, options option.ShadowsocksROutboundOptions) (*ShadowsocksR, error) {
+	outboundDialer, err := dialer.New(router, options.DialerOptions)
+	if err != nil {
+		return nil, err
+	}
+	outbound := &ShadowsocksR{
+		myOutboundAdapter: myOutboundAdapter{
+			protocol:     C.TypeShadowsocksR,
+			network:      options.Network.Build(),
+			router:       router,
+			logger:       logger,
+			tag:          tag,
+			dependencies: withDialerDependency(options.DialerOptions),
+		},
+		dialer:     outboundDialer,
+		serverAddr: options.ServerOptions.Build(),
+	}
+	var cipher string
+	switch options.Method {
+	case "none":
+		cipher = "dummy"
+	default:
+		cipher = options.Method
+	}
+	outbound.cipher, err = core.PickCipher(cipher, nil, options.Password)
+	if err != nil {
+		return nil, err
+	}
+	var (
+		ivSize int
+		key    []byte
+	)
+	if cipher == "dummy" {
+		ivSize = 0
+		key = core.Kdf(options.Password, 16)
+	} else {
+		streamCipher, ok := outbound.cipher.(*core.StreamCipher)
+		if !ok {
+			return nil, fmt.Errorf("%s is not none or a supported stream cipher in ssr", cipher)
+		}
+		ivSize = streamCipher.IVSize()
+		key = streamCipher.Key
+	}
+	obfs, obfsOverhead, err := obfs.PickObfs(options.Obfs, &obfs.Base{
+		Host:   options.Server,
+		Port:   int(options.ServerPort),
+		Key:    key,
+		IVSize: ivSize,
+		Param:  options.ObfsParam,
+	})
+	if err != nil {
+		return nil, E.Cause(err, "initialize obfs")
+	}
+	protocol, err := protocol.PickProtocol(options.Protocol, &protocol.Base{
+		Key:      key,
+		Overhead: obfsOverhead,
+		Param:    options.ProtocolParam,
+	})
+	if err != nil {
+		return nil, E.Cause(err, "initialize protocol")
+	}
+	outbound.obfs = obfs
+	outbound.protocol = protocol
+	return outbound, nil
+}
+
+func (h *ShadowsocksR) DialContext(ctx context.Context, network string, destination M.Socksaddr) (net.Conn, error) {
+	ctx, metadata := adapter.AppendContext(ctx)
+	metadata.Outbound = h.tag
+	metadata.Destination = destination
+	switch network {
+	case N.NetworkTCP:
+		h.logger.InfoContext(ctx, "outbound connection to ", destination)
+		conn, err := h.dialer.DialContext(ctx, network, h.serverAddr)
+		if err != nil {
+			return nil, err
+		}
+		conn = h.cipher.StreamConn(h.obfs.StreamConn(conn))
+		writeIv, err := conn.(*shadowstream.Conn).ObtainWriteIV()
+		if err != nil {
+			conn.Close()
+			return nil, err
+		}
+		conn = h.protocol.StreamConn(conn, writeIv)
+		err = M.SocksaddrSerializer.WriteAddrPort(conn, destination)
+		if err != nil {
+			conn.Close()
+			return nil, E.Cause(err, "write request")
+		}
+		return conn, nil
+	case N.NetworkUDP:
+		conn, err := h.ListenPacket(ctx, destination)
+		if err != nil {
+			return nil, err
+		}
+		return bufio.NewBindPacketConn(conn, destination), nil
+	default:
+		return nil, E.Extend(N.ErrUnknownNetwork, network)
+	}
+}
+
+func (h *ShadowsocksR) ListenPacket(ctx context.Context, destination M.Socksaddr) (net.PacketConn, error) {
+	ctx, metadata := adapter.AppendContext(ctx)
+	metadata.Outbound = h.tag
+	metadata.Destination = destination
+	h.logger.InfoContext(ctx, "outbound packet connection to ", destination)
+	outConn, err := h.dialer.DialContext(ctx, N.NetworkUDP, h.serverAddr)
+	if err != nil {
+		return nil, err
+	}
+	packetConn := h.cipher.PacketConn(bufio.NewUnbindPacketConn(outConn))
+	packetConn = h.protocol.PacketConn(packetConn)
+	packetConn = &ssPacketConn{packetConn, outConn.RemoteAddr()}
+	return packetConn, nil
+}
+
+func (h *ShadowsocksR) NewConnection(ctx context.Context, conn net.Conn, metadata adapter.InboundContext) error {
+	return NewConnection(ctx, h, conn, metadata)
+}
+
+func (h *ShadowsocksR) NewPacketConnection(ctx context.Context, conn N.PacketConn, metadata adapter.InboundContext) error {
+	return NewPacketConnection(ctx, h, conn, metadata)
+}
+
+type ssPacketConn struct {
+	net.PacketConn
+	rAddr net.Addr
+}
+
+func (spc *ssPacketConn) WriteTo(b []byte, addr net.Addr) (n int, err error) {
+	packet, err := socks5.EncodeUDPPacket(socks5.ParseAddrToSocksAddr(addr), b)
+	if err != nil {
+		return
+	}
+	return spc.PacketConn.WriteTo(packet[3:], spc.rAddr)
+}
+
+func (spc *ssPacketConn) ReadFrom(b []byte) (int, net.Addr, error) {
+	n, _, e := spc.PacketConn.ReadFrom(b)
+	if e != nil {
+		return 0, nil, e
+	}
+
+	addr := socks5.SplitAddr(b[:n])
+	if addr == nil {
+		return 0, nil, errors.New("parse addr error")
+	}
+
+	udpAddr := addr.UDPAddr()
+	if udpAddr == nil {
+		return 0, nil, errors.New("parse addr error")
+	}
 
-func NewShadowsocksR(ctx context.Context, router adapter.Router, logger log.ContextLogger, tag string, options option.ShadowsocksROutboundOptions) (adapter.Outbound, error) {
-	return nil, os.ErrInvalid
+	copy(b, b[len(addr):])
+	return n - len(addr), udpAddr, e
 }
diff --git a/outbound/shadowsocksr_stub.go b/outbound/shadowsocksr_stub.go
@@ -12,5 +12,5 @@ import (
 )
 
 func NewShadowsocksR(ctx context.Context, router adapter.Router, logger log.ContextLogger, tag string, options option.ShadowsocksROutboundOptions) (adapter.Outbound, error) {
-	return nil, E.New("ShadowsocksR is deprecated and removed in sing-box 1.6.0")
+	return nil, E.New(`ShadowsocksR is not included in this build, rebuild with -tags with_shadowsocksr`)
 }
diff --git a/test/clash_test.go b/test/clash_test.go
@@ -36,6 +36,7 @@ const (
 	ImageHysteria2             = "tobyxdd/hysteria:v2"
 	ImageNginx                 = "nginx:stable"
 	ImageShadowTLS             = "ghcr.io/ihciah/shadow-tls:latest"
+	ImageShadowsocksR          = "teddysun/shadowsocks-r:latest"
 	ImageXRayCore              = "teddysun/xray:latest"
 	ImageShadowsocksLegacy     = "mritd/shadowsocks:latest"
 	ImageTUICServer            = "kilvn/tuic-server:latest"
@@ -53,6 +54,7 @@ var allImages = []string{
 	ImageHysteria2,
 	ImageNginx,
 	ImageShadowTLS,
+	ImageShadowsocksR,
 	ImageXRayCore,
 	ImageShadowsocksLegacy,
 	ImageTUICServer,

diff --git a/test/go.mod b/test/go.mod
@@ -24,6 +24,8 @@ require (
 
 require (
 	berty.tech/go-libtor v1.0.385 // indirect
+	github.com/Dreamacro/clash v1.17.0 // indirect
+	github.com/Dreamacro/protobytes v0.0.0-20230617041236-6500a9f4f158 // indirect
 	github.com/Microsoft/go-winio v0.6.1 // indirect
 	github.com/ajg/form v1.5.1 // indirect
 	github.com/andybalholm/brotli v1.0.6 // indirect

diff --git a/test/go.sum b/test/go.sum
@@ -1,6 +1,10 @@
 berty.tech/go-libtor v1.0.385 h1:RWK94C3hZj6Z2GdvePpHJLnWYobFr3bY/OdUJ5aoEXw=
 berty.tech/go-libtor v1.0.385/go.mod h1:9swOOQVb+kmvuAlsgWUK/4c52pm69AdbJsxLzk+fJEw=
 github.com/Azure/go-ansiterm v0.0.0-20210617225240-d185dfc1b5a1 h1:UQHMgLO+TxOElx5B5HZ4hJQsoJ/PvUvKRhJHDQXO8P8=
+github.com/Dreamacro/clash v1.17.0 h1:LWtp6KcnrCiujY58ufI8pylI+hbCBgSCsLI90EWhpi4=
+github.com/Dreamacro/clash v1.17.0/go.mod h1:PtcAft7sdsK325BD6uwm8wvhOkMV3TCeED6dfZ/lnfE=
+github.com/Dreamacro/protobytes v0.0.0-20230617041236-6500a9f4f158 h1:JFnwKplz9hj8ubqYjm8HkgZS1Rvz9yW+u/XCNNTxr0k=
+github.com/Dreamacro/protobytes v0.0.0-20230617041236-6500a9f4f158/go.mod h1:QvmEZ/h6KXszPOr2wUFl7Zn3hfFNYdfbXwPVDTyZs6k=
 github.com/Microsoft/go-winio v0.6.1 h1:9/kr64B9VUZrLm5YYwbGtUJnMgqWVOdUAXu6Migciow=
 github.com/Microsoft/go-winio v0.6.1/go.mod h1:LRdKpFKfdobln8UmuiYcKPot9D2v6svN5+sAH+4kjUM=
 github.com/ajg/form v1.5.1 h1:t9c7v8JUKu/XxOGBU0yjNpaMloxGEJhUkqFRq0ibGeU=

diff --git a/test/shadowsocksr_test.go b/test/shadowsocksr_test.go
@@ -0,0 +1,48 @@
+package main
+
+import (
+	"net/netip"
+	"testing"
+
+	C "github.com/sagernet/sing-box/constant"
+	"github.com/sagernet/sing-box/option"
+)
+
+func TestShadowsocksR(t *testing.T) {
+	startDockerContainer(t, DockerOptions{
+		Image: ImageShadowsocksR,
+		Ports: []uint16{serverPort, testPort},
+		Bind: map[string]string{
+			"shadowsocksr.json": "/etc/shadowsocks-r/config.json",
+		},
+	})
+	startInstance(t, option.Options{
+		Inbounds: []option.Inbound{
+			{
+				Type: C.TypeMixed,
+				MixedOptions: option.HTTPMixedInboundOptions{
+					ListenOptions: option.ListenOptions{
+						Listen:     option.NewListenAddress(netip.IPv4Unspecified()),
+						ListenPort: clientPort,
+					},
+				},
+			},
+		},
+		Outbounds: []option.Outbound{
+			{
+				Type: C.TypeShadowsocksR,
+				ShadowsocksROptions: option.ShadowsocksROutboundOptions{
+					ServerOptions: option.ServerOptions{
+						Server:     "127.0.0.1",
+						ServerPort: serverPort,
+					},
+					Method:   "aes-256-cfb",
+					Password: "password0",
+					Obfs:     "plain",
+					Protocol: "origin",
+				},
+			},
+		},
+	})
+	testSuit(t, clientPort, testPort)
+}
diff --git a/transport/clashssr/obfs/base.go b/transport/clashssr/obfs/base.go
@@ -0,0 +1,9 @@
+package obfs
+
+type Base struct {
+	Host   string
+	Port   int
+	Key    []byte
+	IVSize int
+	Param  string
+}
diff --git a/transport/clashssr/obfs/http_post.go b/transport/clashssr/obfs/http_post.go
@@ -0,0 +1,9 @@
+package obfs
+
+func init() {
+	register("http_post", newHTTPPost, 0)
+}
+
+func newHTTPPost(b *Base) Obfs {
+	return &httpObfs{Base: b, post: true}
+}