Documentation
¶
Overview ¶
Package socksproxy implements a limited subset of the SOCKS 5 (RFC1928) protocol in the form of a pluggable Proxy object. However, this implementation is _not_ RFC1928 compliant, as it does not implement GSSAPI (which is mandated by the spec). It currently only implements CONNECT requests to IPv4/IPv6 addresses. It also doesn't implement any timeout/keepalive system for killing inactive connections.
The intended use of the library is internally within Metropolis development environments for contacting test clusters. The code is simple and robust, but not really productionized (as noted above - no timeouts and no authentication make it a bad idea to ever expose this proxy server publicly).
There are multiple other, existing Go SOCKS4/5 server implementations, but many of them are either not context aware, part of a larger project (and thus difficult to extract) or are brand new/untested/bleeding edge code.
Index ¶
Constants ¶
This section is empty.
Variables ¶
var ( // HostHandler is an unsafe SOCKS5 proxy Handler which passes all incoming // connections into the local network stack. The incoming addresses/ports are // not sanitized, and as the proxy does not perform authentication, this handler // is an open proxy. This handler should never be used in cases where the proxy // server is publicly available. HostHandler = &hostHandler{} )
Functions ¶
Types ¶
type ConnectRequest ¶
type ConnectRequest struct {
// Address is an IPv4 or IPv6 address that the client requested to connect to.
// This address might be invalid/malformed/internal, and the Connect method
// should sanitize it before using it.
Address net.IP
// Hostname is a string that the client requested to connect to. Only set if
// Address is empty. Format and resolution rules are up to the implementer,
// a lot of clients only allow valid DNS labels.
Hostname string
// Port is the TCP port number that the client requested to connect to.
Port uint16
}
ConnectRequest represents a pending CONNECT request from a client.
type ConnectResponse ¶
type ConnectResponse struct {
// Error will cause an error to be returned if it is anything else than the
// default value (ReplySucceeded).
Error Reply
// Backend is the ReadWriteCloser that will be bridged over to the connecting
// client if no Error is set.
Backend io.ReadWriteCloser
// LocalAddress is the IP address that is returned to the client as the local
// address of the newly established backend connection.
LocalAddress net.IP
// LocalPort is the local TCP port number that is returned to the client as the
// local port of the newly established backend connection.
LocalPort uint16
}
ConnectResponse indicates a 'backend' connection that the proxy should expose to the client, or an error if the connection cannot be made.
func ConnectResponseFromConn ¶
func ConnectResponseFromConn(c net.Conn) (*ConnectResponse, error)
ConnectResponseFromConn builds a ConnectResponse from a net.Conn. This can be used by custom Handlers to easily return a ConnectResponse for a newly established net.Conn, eg. from a Dial call.
An error is returned if the given net.Conn does not carry a properly formed LocalAddr.
type Handler ¶
type Handler interface {
// Connect is called by the server any time a SOCKS client sends a CONNECT
// request. The function should return a ConnectResponse describing some
// 'backend' connection, ie. the connection that will then be exposed to the
// SOCKS client.
//
// Connect should return with Error set to a non-default value to abort/deny the
// connection request.
//
// The underlying incoming socket is managed by the proxy server and is not
// visible to the client. However, any sockets/connections/files opened by the
// Handler should be cleaned up by tying them to the given context, which will
// be canceled whenever the connection is closed.
Connect(context.Context, *ConnectRequest) *ConnectResponse
}
Handler should be implemented by socksproxy users to allow SOCKS connections to be proxied in any other way than via the HostHandler.
Source Files