fix issue #65

a6c43e86 · rui.zheng · cc241c84 · a6c43e86 · a6c43e86 · a6c43e86
Commit a6c43e86 authored Jan 14, 2017 by rui.zheng
8 changed files
--- a/cmd/gost/vendor/github.com/ginuerzh/gosocks5/socks5.go
+++ b/cmd/gost/vendor/github.com/ginuerzh/gosocks5/socks5.go
@@ -4,12 +4,10 @@
 package gosocks5

 import (
-	//"bytes"
 	"encoding/binary"
 	"errors"
 	"fmt"
 	"io"
-	//"log"
 	"net"
 	"strconv"
 	"sync"
@@ -597,7 +595,10 @@ func ReadUDPDatagram(r io.Reader) (*UDPDatagram, error) {
 	b := lPool.Get().([]byte)
 	defer lPool.Put(b)

-	n, err := io.ReadAtLeast(r, b, 5)
+	// when r is a streaming (such as TCP connection), we may read more than the required data,
+	// but we don't know how to handle it. So we use io.ReadFull to instead of io.ReadAtLeast
+	// to make sure that no redundant data will be discarded.
+	n, err := io.ReadFull(r, b[:5])
 	if err != nil {
 		return nil, err
 	}

--- a/cmd/gost/vendor/github.com/ginuerzh/gost/README.md
+++ b/cmd/gost/vendor/github.com/ginuerzh/gost/README.md
@@ -191,6 +191,17 @@ gost的HTTP2支持两种模式并自适应：
 * 作为标准的HTTP2代理，并向下兼容HTTPS代理。
 * 作为transport(类似于wss)，传输其他协议。

+服务端:
+```bash
+gost -L=http2://:443
+```
+客户端:
+```bash
+gost -L=:8080 -F=http2://server_ip:443?ping=30
+```
+
+客户端支持`ping`参数开启心跳检测(默认不开启)，参数值代表心跳间隔秒数。
+
 **注：** gost的代理链仅支持一个HTTP2代理节点，采用就近原则，会将第一个遇到的HTTP2代理节点视为HTTP2代理，其他HTTP2代理节点则被视为HTTPS代理。

 #### QUIC
@@ -265,14 +276,6 @@ gost -L=:8080 -F=http+tls://server_ip:443
 #### HTTP2
 gost仅支持使用TLS加密的HTTP2协议，不支持明文HTTP2传输。

-服务端:
-```bash
-gost -L=http2://:443
-```
-客户端:
-```bash
-gost -L=:8080 -F=http2://server_ip:443
-```

 #### SOCKS5
 gost支持标准SOCKS5协议的no-auth(0x00)和user/pass(0x02)方法，并在此基础上扩展了两个：tls(0x80)和tls-auth(0x82)，用于数据加密。
@@ -293,13 +296,13 @@ gost -L=:8080 -F=socks://server_ip:1080
 #### Shadowsocks
 gost对shadowsocks的支持是基于[shadowsocks-go](https://github.com/shadowsocks/shadowsocks-go)库。

-服务端(可以通过ota参数开启OTA模式):
+服务端(可以通过ota参数开启OTA强制模式，开启后客户端必须使用OTA模式):
 ```bash
 gost -L=ss://aes-128-cfb:123456@:8338?ota=1
 ```
-客户端:
+客户端(可以通过ota参数开启OTA模式):
 ```bash
-gost -L=:8080 -F=ss://aes-128-cfb:123456@server_ip:8338
+gost -L=:8080 -F=ss://aes-128-cfb:123456@server_ip:8338?ota=1
 ```

 #### TLS

--- a/cmd/gost/vendor/github.com/ginuerzh/gost/README_en.md
+++ b/cmd/gost/vendor/github.com/ginuerzh/gost/README_en.md
@@ -192,6 +192,18 @@ Gost HTTP2 supports two modes and self-adapting:
 * As a standard HTTP2 proxy, and backwards-compatible with the HTTPS proxy.
 * As transport (similar to wss), tunnel other protocol.

+Server:
+```bash
+gost -L=http2://:443
+```
+Client:
+```bash
+gost -L=:8080 -F=http2://server_ip:443?ping=30
+```
+
+The client supports the `ping` parameter to enable heartbeat detection (which is disabled by default). 
+Parameter value represents heartbeat interval seconds.
+
 **NOTE:** The proxy chain of gost supports only one HTTP2 proxy node and the nearest rule applies, 
 the first HTTP2 proxy node is treated as an HTTP2 proxy, and the other HTTP2 proxy nodes are treated as HTTPS proxies.

@@ -266,14 +278,6 @@ gost -L=:8080 -F=http+tls://server_ip:443
 #### HTTP2
 Gost supports only the HTTP2 protocol that uses TLS encryption (h2) and does not support plaintext HTTP2 (h2c) transport.

-Server:
-```bash
-gost -L=http2://:443
-```
-Client:
-```bash
-gost -L=:8080 -F=http2://server_ip:443
-```

 #### SOCKS5
 Gost supports the standard SOCKS5 protocol methods: no-auth (0x00) and user/pass (0x02), 
@@ -296,13 +300,13 @@ Otherwise, use standard SOCKS5 for communication (no-auth or user/pass).
 #### Shadowsocks
 Support for shadowsocks is based on library [shadowsocks-go](https://github.com/shadowsocks/shadowsocks-go).

-Server (The OTA mode can be enabled by the ota parameter):
+Server (The OTA mode can be enabled by the ota parameter. When enabled, the client must use OTA mode):
 ```bash
 gost -L=ss://aes-128-cfb:123456@:8338?ota=1
 ```
-Client:
+Client (The OTA mode can be enabled by the ota parameter):
 ```bash
-gost -L=:8080 -F=ss://aes-128-cfb:123456@server_ip:8338
+gost -L=:8080 -F=ss://aes-128-cfb:123456@server_ip:8338?ota=1
 ```

 #### TLS

--- a/cmd/gost/vendor/github.com/ginuerzh/gost/forward.go
+++ b/cmd/gost/vendor/github.com/ginuerzh/gost/forward.go
@@ -185,7 +185,6 @@ func (node *cnode) run() {

 	go func() {
 		for pkt := range node.wChan {
-			glog.V(LDEBUG).Infof("[udp] %s >>> %s : length %d", pkt.srcAddr, pkt.dstAddr, len(pkt.data))
 			timer.Reset(node.ttl)

 			switch c := node.conn.(type) {
@@ -196,6 +195,7 @@ func (node *cnode) run() {
 					errChan <- err
 					return
 				}
+				glog.V(LDEBUG).Infof("[udp] %s >>> %s : length %d", pkt.srcAddr, pkt.dstAddr, len(pkt.data))

 			default:
 				dgram := gosocks5.NewUDPDatagram(gosocks5.NewUDPHeader(uint16(len(pkt.data)), 0, ToSocksAddr(pkt.dstAddr)), pkt.data)
@@ -205,6 +205,7 @@ func (node *cnode) run() {
 					errChan <- err
 					return
 				}
+				glog.V(LDEBUG).Infof("[udp-tun] %s >>> %s : length %d", pkt.srcAddr, pkt.dstAddr, len(pkt.data))
 			}
 		}
 	}()

--- a/cmd/gost/vendor/github.com/ginuerzh/gost/http.go
+++ b/cmd/gost/vendor/github.com/ginuerzh/gost/http.go
@@ -295,8 +295,6 @@ func (s *Http2Server) HandleRequest(w http.ResponseWriter, req *http.Request) {

 // Upgrade upgrade an HTTP2 request to a bidirectional connection that preparing for tunneling other protocol, just like a websocket connection.
 func (s *Http2Server) Upgrade(w http.ResponseWriter, r *http.Request) (net.Conn, error) {
-	w.Header().Set("Proxy-Agent", "gost/"+Version)
-
 	if r.Method != http.MethodConnect {
 		w.WriteHeader(http.StatusMethodNotAllowed)
 		return nil, errors.New("Method not allowed")

--- a/cmd/gost/vendor/vendor.json
+++ b/cmd/gost/vendor/vendor.json
@@ -9,16 +9,16 @@
 			"revisionTime": "2015-11-07T02:50:05Z"
 		},
 		{
-			"checksumSHA1": "rcgVHpPL/iNmph28KP67c1UVmuM=",
+			"checksumSHA1": "8MJEwmyaAHcaQs6QdWRaNxPMeVU=",
 			"path": "github.com/ginuerzh/gosocks5",
-			"revision": "bc931b305d59cdf3d068eacff3c8d81536d3a39f",
-			"revisionTime": "2016-09-03T01:06:34Z"
+			"revision": "3d7715d71db0b8717afd7f07c326d6c88f2c3922",
+			"revisionTime": "2017-01-14T09:14:19Z"
 		},
 		{
-			"checksumSHA1": "wtL+WhNEsHwdX16Gqu8hyGpV/vY=",
+			"checksumSHA1": "v717b3fIhWDBx/Q4TQjkQ/qk+dg=",
 			"path": "github.com/ginuerzh/gost",
-			"revision": "14561f9ee2ac16c9bdded50281e0c86997183da9",
-			"revisionTime": "2017-01-14T05:51:16Z"
+			"revision": "cc241c845085694e0b75afaab9763c65a077e6df",
+			"revisionTime": "2017-01-14T06:13:31Z"
 		},
 		{
 			"checksumSHA1": "URsJa4y/sUUw/STmbeYx9EKqaYE=",

--- a/forward.go
+++ b/forward.go
@@ -185,7 +185,6 @@ func (node *cnode) run() {

 	go func() {
 		for pkt := range node.wChan {
-			glog.V(LDEBUG).Infof("[udp] %s >>> %s : length %d", pkt.srcAddr, pkt.dstAddr, len(pkt.data))
 			timer.Reset(node.ttl)

 			switch c := node.conn.(type) {
@@ -196,6 +195,7 @@ func (node *cnode) run() {
 					errChan <- err
 					return
 				}
+				glog.V(LDEBUG).Infof("[udp] %s >>> %s : length %d", pkt.srcAddr, pkt.dstAddr, len(pkt.data))

 			default:
 				dgram := gosocks5.NewUDPDatagram(gosocks5.NewUDPHeader(uint16(len(pkt.data)), 0, ToSocksAddr(pkt.dstAddr)), pkt.data)
@@ -205,6 +205,7 @@ func (node *cnode) run() {
 					errChan <- err
 					return
 				}
+				glog.V(LDEBUG).Infof("[udp-tun] %s >>> %s : length %d", pkt.srcAddr, pkt.dstAddr, len(pkt.data))
 			}
 		}
 	}()

--- a/http.go
+++ b/http.go
@@ -295,8 +295,6 @@ func (s *Http2Server) HandleRequest(w http.ResponseWriter, req *http.Request) {

 // Upgrade upgrade an HTTP2 request to a bidirectional connection that preparing for tunneling other protocol, just like a websocket connection.
 func (s *Http2Server) Upgrade(w http.ResponseWriter, r *http.Request) (net.Conn, error) {
-	w.Header().Set("Proxy-Agent", "gost/"+Version)
-
 	if r.Method != http.MethodConnect {
 		w.WriteHeader(http.StatusMethodNotAllowed)
 		return nil, errors.New("Method not allowed")