From 3042a47f9df3845e1a05a453c7542247ccc04546 Mon Sep 17 00:00:00 2001 From: gVisor bot Date: Sun, 28 Oct 2018 19:46:49 +0800 Subject: [PATCH] Improve: add tls, sni options to socks5 outbound adapter --- adapters/outbound/socks5.go | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) diff --git a/adapters/outbound/socks5.go b/adapters/outbound/socks5.go index 4fe1cfe1..a1495e90 100644 --- a/adapters/outbound/socks5.go +++ b/adapters/outbound/socks5.go @@ -2,6 +2,7 @@ package adapters import ( "bytes" + "crypto/tls" "errors" "fmt" "io" @@ -29,12 +30,16 @@ func (ss *Socks5Adapter) Conn() net.Conn { type Socks5 struct { addr string name string + tls bool + sni bool } type Socks5Option struct { Name string `proxy:"name"` Server string `proxy:"server"` Port int `proxy:"port"` + TLS bool `proxy:"tls"` + SNI bool `proxy:"sni"` } func (ss *Socks5) Name() string { @@ -47,6 +52,15 @@ func (ss *Socks5) Type() C.AdapterType { func (ss *Socks5) Generator(metadata *C.Metadata) (adapter C.ProxyAdapter, err error) { c, err := net.DialTimeout("tcp", ss.addr, tcpTimeout) + + if err == nil && ss.tls { + tlsConfig := tls.Config{ + InsecureSkipVerify: ss.sni, + MaxVersion: tls.VersionTLS12, + } + c = tls.Client(c, &tlsConfig) + } + if err != nil { return nil, fmt.Errorf("%s connect error", ss.addr) } @@ -92,5 +106,7 @@ func NewSocks5(option Socks5Option) *Socks5 { return &Socks5{ addr: fmt.Sprintf("%s:%d", option.Server, option.Port), name: option.Name, + tls: option.TLS, + sni: option.SNI, } }