added username/password authentication according to RFC 1929
This commit is contained in:
Marek Rost
parent
88c62c8a31
commit
8a317800ef
3
config.php
Normal file
3
config.php
Normal file
@ -0,0 +1,3 @@
|
|||||||
|
$AUTH_ENABLED = 0;
|
||||||
|
$USERNAME = 'changeme';
|
||||||
|
$PASSWORD = '1234';
|
||||||
61
start.php
61
start.php
@ -7,14 +7,16 @@ use \Workerman\Connection\AsyncTcpConnection;
|
|||||||
// 自动加载类
|
// 自动加载类
|
||||||
require_once __DIR__ . '/vendor/autoload.php';
|
require_once __DIR__ . '/vendor/autoload.php';
|
||||||
|
|
||||||
define('STAGE_INIT', 0);
|
require_once __DIR__ . '/config.php';
|
||||||
define('STAGE_ADDR', 1);
|
|
||||||
define('STAGE_UDP_ASSOC', 2);
|
|
||||||
define('STAGE_DNS', 3);
|
|
||||||
define('STAGE_CONNECTING', 4);
|
|
||||||
define('STAGE_STREAM', 5);
|
|
||||||
define('STAGE_DESTROYED', -1);
|
|
||||||
|
|
||||||
|
define('STAGE_INIT', 0);
|
||||||
|
define('STAGE_AUTH', 1);
|
||||||
|
define('STAGE_ADDR', 2);
|
||||||
|
define('STAGE_UDP_ASSOC', 3);
|
||||||
|
define('STAGE_DNS', 4);
|
||||||
|
define('STAGE_CONNECTING', 5);
|
||||||
|
define('STAGE_STREAM', 6);
|
||||||
|
define('STAGE_DESTROYED', -1);
|
||||||
|
|
||||||
define('CMD_CONNECT', 1);
|
define('CMD_CONNECT', 1);
|
||||||
define('CMD_BIND', 2);
|
define('CMD_BIND', 2);
|
||||||
@ -24,6 +26,9 @@ define('ADDRTYPE_IPV4', 1);
|
|||||||
define('ADDRTYPE_IPV6', 4);
|
define('ADDRTYPE_IPV6', 4);
|
||||||
define('ADDRTYPE_HOST', 3);
|
define('ADDRTYPE_HOST', 3);
|
||||||
|
|
||||||
|
define('METHOD_NO_AUTH', 0);
|
||||||
|
define('METHOD_GSSAPI', 1);
|
||||||
|
define('METHOD_USER_PASS', 2);
|
||||||
|
|
||||||
$worker = new Worker('tcp://0.0.0.0:1080');
|
$worker = new Worker('tcp://0.0.0.0:1080');
|
||||||
$worker->onConnect = function($connection)
|
$worker->onConnect = function($connection)
|
||||||
@ -35,16 +40,52 @@ $worker->onMessage = function($connection, $buffer)
|
|||||||
switch($connection->stage)
|
switch($connection->stage)
|
||||||
{
|
{
|
||||||
case STAGE_INIT:
|
case STAGE_INIT:
|
||||||
|
if ($AUTH_ENABLED)
|
||||||
|
{
|
||||||
|
$methodslen = ord($buffer[1]);
|
||||||
|
$methods = array();
|
||||||
|
for ($i = 0; $i < strlen($buffer)-3; $i++)
|
||||||
|
{
|
||||||
|
array_push($methods, ord($buffer[$i+3]));
|
||||||
|
}
|
||||||
|
if (in_array(METHOD_USER_PASS, $methods))
|
||||||
|
{
|
||||||
|
$connection->send("\x05\x02");
|
||||||
|
$connection->stage = STAGE_AUTH;
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
echo "client does not support user/pass auth\n";
|
||||||
|
$connection->send("\x05\xff");
|
||||||
|
$connection->stage = STAGE_DESTROYED;
|
||||||
|
$connection->close();
|
||||||
|
return;
|
||||||
|
}
|
||||||
$connection->send("\x05\x00");
|
$connection->send("\x05\x00");
|
||||||
$connection->stage = STAGE_ADDR;
|
$connection->stage = STAGE_ADDR;
|
||||||
return;
|
return;
|
||||||
|
case STAGE_AUTH:
|
||||||
|
$userlen = ord($buffer[1]);
|
||||||
|
$user = substr($buffer, 2, $userlen);
|
||||||
|
$passlen = ord($buffer[2 + $userlen]);
|
||||||
|
$pass = substr($buffer, 3 + $userlen, $passlen);
|
||||||
|
if ($user == $USERNAME && $pass == $PASSWORD)
|
||||||
|
{
|
||||||
|
$connection->send("\x05\x00");
|
||||||
|
$connection->stage = STAGE_ADDR;
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
echo "auth failed\n";
|
||||||
|
$connection->send("\x05\x01");
|
||||||
|
$connection->stage = STAGE_DESTROYED;
|
||||||
|
$connection->close();
|
||||||
|
return;
|
||||||
case STAGE_ADDR:
|
case STAGE_ADDR:
|
||||||
$cmd = ord($buffer[1]);
|
$cmd = ord($buffer[1]);
|
||||||
if($cmd != CMD_CONNECT)
|
if($cmd != CMD_CONNECT)
|
||||||
{
|
{
|
||||||
echo "bad cmd $cmd\n";
|
echo "bad cmd $cmd\n";
|
||||||
$connection->close();
|
$connection->close();
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
$header_data = parse_socket5_header($buffer);
|
$header_data = parse_socket5_header($buffer);
|
||||||
if(!$header_data)
|
if(!$header_data)
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user