package shadowsocks_2022 import ( "context" "encoding/base64" "github.com/sagernet/sing-shadowsocks" "github.com/sagernet/sing-shadowsocks/shadowaead_2022" B "github.com/sagernet/sing/common/buf" "github.com/sagernet/sing/common/bufio" M "github.com/sagernet/sing/common/metadata" N "github.com/sagernet/sing/common/network" "github.com/xtls/xray-core/common" "github.com/xtls/xray-core/common/buf" "github.com/xtls/xray-core/common/log" "github.com/xtls/xray-core/common/net" "github.com/xtls/xray-core/common/protocol" "github.com/xtls/xray-core/common/session" "github.com/xtls/xray-core/common/uuid" "github.com/xtls/xray-core/features/routing" "github.com/xtls/xray-core/transport/internet/stat" ) func init() { common.Must(common.RegisterConfig((*MultiUserServerConfig)(nil), func(ctx context.Context, config interface{}) (interface{}, error) { return NewMultiServer(ctx, config.(*MultiUserServerConfig)) })) } type MultiUserInbound struct { networks []net.Network users []*User service *shadowaead_2022.MultiService[int] } func NewMultiServer(ctx context.Context, config *MultiUserServerConfig) (*MultiUserInbound, error) { networks := config.Network if len(networks) == 0 { networks = []net.Network{ net.Network_TCP, net.Network_UDP, } } inbound := &MultiUserInbound{ networks: networks, users: config.Users, } if config.Key == "" { return nil, newError("missing key") } psk, err := base64.StdEncoding.DecodeString(config.Key) if err != nil { return nil, newError("parse config").Base(err) } service, err := shadowaead_2022.NewMultiService[int](config.Method, psk, 500, inbound) if err != nil { return nil, newError("create service").Base(err) } for i, user := range config.Users { if user.Email == "" { u := uuid.New() user.Email = "(user with empty email - " + u.String() + ")" } uPSK, err := base64.StdEncoding.DecodeString(user.Key) if err != nil { return nil, newError("parse user key for ", user.Email).Base(err) } err = service.AddUser(i, uPSK) if err != nil { return nil, newError("add user").Base(err) } } inbound.service = service return inbound, nil } func (i *MultiUserInbound) Network() []net.Network { return i.networks } func (i *MultiUserInbound) Process(ctx context.Context, network net.Network, connection stat.Connection, dispatcher routing.Dispatcher) error { inbound := session.InboundFromContext(ctx) var metadata M.Metadata if inbound.Source.IsValid() { metadata.Source = M.ParseSocksaddr(inbound.Source.NetAddr()) } ctx = session.ContextWithDispatcher(ctx, dispatcher) if network == net.Network_TCP { return i.service.NewConnection(ctx, connection, metadata) } else { reader := buf.NewReader(connection) pc := &natPacketConn{connection} for { mb, err := reader.ReadMultiBuffer() if err != nil { return err } for _, buffer := range mb { err = i.service.NewPacket(ctx, pc, B.As(buffer.Bytes()), metadata) if err != nil { return err } } } } } func (i *MultiUserInbound) NewConnection(ctx context.Context, conn net.Conn, metadata M.Metadata) error { userCtx := ctx.(*shadowsocks.UserContext[int]) inbound := session.InboundFromContext(ctx) user := i.users[userCtx.User] inbound.User = &protocol.MemoryUser{ Email: user.Email, Level: uint32(user.Level), } ctx = log.ContextWithAccessMessage(userCtx.Context, &log.AccessMessage{ From: metadata.Source, To: metadata.Destination, Status: log.AccessAccepted, Email: user.Email, }) newError("tunnelling request to tcp:", metadata.Destination).WriteToLog(session.ExportIDToError(ctx)) dispatcher := session.DispatcherFromContext(ctx) link, err := dispatcher.Dispatch(ctx, toDestination(metadata.Destination, net.Network_TCP)) if err != nil { return err } outConn := &pipeConnWrapper{ &buf.BufferedReader{Reader: link.Reader}, link.Writer, conn, } return bufio.CopyConn(ctx, conn, outConn) } func (i *MultiUserInbound) NewPacketConnection(ctx context.Context, conn N.PacketConn, metadata M.Metadata) error { userCtx := ctx.(*shadowsocks.UserContext[int]) inbound := session.InboundFromContext(ctx) user := i.users[userCtx.User] inbound.User = &protocol.MemoryUser{ Email: user.Email, Level: uint32(user.Level), } ctx = log.ContextWithAccessMessage(userCtx.Context, &log.AccessMessage{ From: metadata.Source, To: metadata.Destination, Status: log.AccessAccepted, Email: user.Email, }) newError("tunnelling request to udp:", metadata.Destination).WriteToLog(session.ExportIDToError(ctx)) dispatcher := session.DispatcherFromContext(ctx) destination := toDestination(metadata.Destination, net.Network_UDP) link, err := dispatcher.Dispatch(ctx, destination) if err != nil { return err } outConn := &packetConnWrapper{ Reader: link.Reader, Writer: link.Writer, Dest: destination, } return bufio.CopyPacketConn(ctx, conn, outConn) } func (i *MultiUserInbound) HandleError(err error) { newError(err).AtWarning().WriteToLog() }