Documentation ¶
Index ¶
Constants ¶
const ( NoAuth = uint8(0) UserPassAuth = uint8(2) )
const ( ConnectCommand = uint8(1) BindCommand = uint8(2) AssociateCommand = uint8(3) )
Variables ¶
var ( UserAuthFailed = fmt.Errorf("User authentication failed") NoSupportedAuth = fmt.Errorf("No supported authentication mechanism") )
Functions ¶
This section is empty.
Types ¶
type AddrSpec ¶
AddrSpec is used to return the target AddrSpec which may be specified as IPv4, IPv6, or a FQDN
type AddressRewriter ¶
type AddressRewriter interface {
Rewrite(ctx context.Context, request *Request) (context.Context, *AddrSpec)
}
AddressRewriter is used to rewrite a destination transparently
type AuthContext ¶
type AuthContext struct { // Provided auth method Method uint8 // Payload provided during negotiation. // Keys depend on the used auth method. // For UserPassauth contains Username Payload map[string]string }
A Request encapsulates authentication state provided during negotiation
type Authenticator ¶
type Config ¶
type Config struct { // AuthMethods can be provided to implement custom authentication // By default, "auth-less" mode is enabled. // For password-based auth use UserPassAuthenticator. AuthMethods []Authenticator // If provided, username/password authentication is enabled, // by appending a UserPassAuthenticator to AuthMethods. If not provided, // and AUthMethods is nil, then "auth-less" mode is enabled. Credentials CredentialStore // Resolver can be provided to do custom name resolution. // Defaults to DNSResolver if not provided. Resolver NameResolver // Rules is provided to enable custom logic around permitting // various commands. If not provided, PermitAll is used. Rules RuleSet // Rewriter can be used to transparently rewrite addresses. // This is invoked before the RuleSet is invoked. // Defaults to NoRewrite. Rewriter AddressRewriter // BindIP is used for bind or udp associate BindIP net.IP // Dial is an optional function for dialing out Dial func(ctx context.Context, network, addr string) (net.Conn, error) // HandleConnect is an optional function for handling SOCKS connect requests HandleConnect func(ctx context.Context, conn net.Conn, req *Request, replySuccess func(boundAddr net.Addr) error, replyError func(err error) error) error }
Config is used to setup and configure a Server
type CredentialStore ¶
CredentialStore is used to support user/pass authentication
type NameResolver ¶
type NameResolver interface {
Resolve(ctx context.Context, name string) (context.Context, net.IP, error)
}
NameResolver is used to implement custom name resolution
type NoAuthAuthenticator ¶
type NoAuthAuthenticator struct{}
NoAuthAuthenticator is used to handle the "No Authentication" mode
func (NoAuthAuthenticator) Authenticate ¶
func (a NoAuthAuthenticator) Authenticate(reader io.Reader, writer io.Writer) (*AuthContext, error)
func (NoAuthAuthenticator) GetCode ¶
func (a NoAuthAuthenticator) GetCode() uint8
type PermitCommand ¶
PermitCommand is an implementation of the RuleSet which enables filtering supported commands
type Request ¶
type Request struct { // Protocol version Version uint8 // Requested command Command uint8 // AuthContext provided during negotiation AuthContext *AuthContext // AddrSpec of the the network that sent the request RemoteAddr *AddrSpec // AddrSpec of the desired destination DestAddr *AddrSpec BufConn io.Reader // contains filtered or unexported fields }
A Request represents request received by a server
type RuleSet ¶
RuleSet is used to provide custom rules to allow or prohibit actions
func PermitAll ¶
func PermitAll() RuleSet
PermitAll returns a RuleSet which allows all types of connections
func PermitNone ¶
func PermitNone() RuleSet
PermitNone returns a RuleSet which disallows all types of connections
type Server ¶
type Server struct {
// contains filtered or unexported fields
}
Server is reponsible for accepting connections and handling the details of the SOCKS5 protocol
func (*Server) ListenAndServe ¶
ListenAndServe is used to create a listener and serve on it
type StaticCredentials ¶
StaticCredentials enables using a map directly as a credential store
func (StaticCredentials) Valid ¶
func (s StaticCredentials) Valid(user, password string) bool
type UserPassAuthenticator ¶
type UserPassAuthenticator struct {
Credentials CredentialStore
}
UserPassAuthenticator is used to handle username/password based authentication
func (UserPassAuthenticator) Authenticate ¶
func (a UserPassAuthenticator) Authenticate(reader io.Reader, writer io.Writer) (*AuthContext, error)
func (UserPassAuthenticator) GetCode ¶
func (a UserPassAuthenticator) GetCode() uint8