Socks4 Support with userId, connect and bind

sticnarf · Jun 16, 2024 · 4bda88a · 4bda88a
1 parent 9fdcccc
commit 4bda88a
Show file tree

Hide file tree

Showing 15 changed files with 712 additions and 33 deletions.
diff --git a/.gitignore b/.gitignore
@@ -29,4 +29,7 @@ Cargo.lock
 out/
 
 # Vscode files
-.vscode/**
+.vscode/**
+
+docker-compose.yml
+Dockerfile
diff --git a/rustfmt.toml b/rustfmt.toml
@@ -1,4 +1,4 @@
-use_small_heuristics = "default"
+use_small_heuristics = "Default"
 hard_tabs = false
 imports_layout = "HorizontalVertical"
 merge_imports = true

diff --git a/src/error.rs b/src/error.rs
@@ -65,6 +65,12 @@ pub enum Error {
 
     #[error("Authorization required")]
     AuthorizationRequired,
+
+    #[error("Request rejected because SOCKS server cannot connect to identd on the client")]
+    IdentdAuthFailure,
+
+    #[error("Request rejected because the client program and identd report different user-ids")]
+    InvalidUserIdAuthFailure,
 }
 
 ///// Result type of `tokio-socks`

diff --git a/src/lib.rs b/src/lib.rs
@@ -235,7 +235,8 @@ impl IntoTargetAddr<'static> for (String, u16) {
 }
 
 impl<'a, T> IntoTargetAddr<'a> for &'a T
-where T: IntoTargetAddr<'a> + Copy
+where
+    T: IntoTargetAddr<'a> + Copy,
 {
     fn into_target_addr(self) -> Result<TargetAddr<'a>> {
         (*self).into_target_addr()
@@ -260,6 +261,7 @@ impl<'a> Authentication<'a> {
 
 mod error;
 pub mod tcp;
+pub mod tcp_socks4;
 
 #[cfg(test)]
 mod tests {
@@ -299,7 +301,9 @@ mod tests {
     }
 
     fn into_target_addr<'a, T>(t: T) -> Result<TargetAddr<'a>>
-    where T: IntoTargetAddr<'a> {
+    where
+        T: IntoTargetAddr<'a>,
+    {
         t.into_target_addr()
     }
 

diff --git a/src/tcp.rs b/src/tcp.rs
@@ -139,7 +139,8 @@ impl Socks5Stream<TcpStream> {
 }
 
 impl<S> Socks5Stream<S>
-where S: AsyncRead + AsyncWrite + Unpin
+where
+    S: AsyncRead + AsyncWrite + Unpin,
 {
     /// Connects to a target server through a SOCKS5 proxy given a socket to it.
     ///
@@ -148,7 +149,9 @@ where S: AsyncRead + AsyncWrite + Unpin
     /// It propagates the error that occurs in the conversion from `T` to
     /// `TargetAddr`.
     pub async fn connect_with_socket<'t, T>(socket: S, target: T) -> Result<Socks5Stream<S>>
-    where T: IntoTargetAddr<'t> {
+    where
+        T: IntoTargetAddr<'t>,
+    {
         Self::execute_command_with_socket(socket, target, Authentication::None, Command::Connect).await
     }
 
@@ -198,7 +201,9 @@ where S: AsyncRead + AsyncWrite + Unpin
     /// Resolve the domain name to an ip using special Tor Resolve command, by
     /// connecting to a Tor compatible proxy given a socket to it.
     pub async fn tor_resolve_with_socket<'t, T>(socket: S, target: T) -> Result<TargetAddr<'static>>
-    where T: IntoTargetAddr<'t> {
+    where
+        T: IntoTargetAddr<'t>,
+    {
         let sock = Self::execute_command_with_socket(socket, target, Authentication::None, Command::TorResolve).await?;
 
         Ok(sock.target_addr().to_owned())
@@ -209,7 +214,9 @@ where S: AsyncRead + AsyncWrite + Unpin
     /// PTR command, by connecting to a Tor compatible proxy given a socket
     /// to it.
     pub async fn tor_resolve_ptr_with_socket<'t, T>(socket: S, target: T) -> Result<TargetAddr<'static>>
-    where T: IntoTargetAddr<'t> {
+    where
+        T: IntoTargetAddr<'t>,
+    {
         let sock =
             Self::execute_command_with_socket(socket, target, Authentication::None, Command::TorResolvePtr).await?;
 
@@ -263,7 +270,8 @@ pub struct SocksConnector<'a, 't, S> {
 }
 
 impl<'a, 't, S> SocksConnector<'a, 't, S>
-where S: Stream<Item = Result<SocketAddr>> + Unpin
+where
+    S: Stream<Item = Result<SocketAddr>> + Unpin,
 {
     fn new(auth: Authentication<'a>, command: Command, proxy: Fuse<S>, target: TargetAddr<'t>) -> Self {
         SocksConnector {
@@ -290,8 +298,7 @@ where S: Stream<Item = Result<SocketAddr>> + Unpin
     pub async fn execute_with_socket<T: AsyncRead + AsyncWrite + Unpin>(
         &mut self,
         mut socket: T,
-    ) -> Result<Socks5Stream<T>>
-    {
+    ) -> Result<Socks5Stream<T>> {
         self.authenticate(&mut socket).await?;
 
         // Send request address that should be proxied
@@ -334,7 +341,7 @@ where S: Stream<Item = Result<SocketAddr>> + Unpin
             let password_bytes = password.as_bytes();
             let password_len = password_bytes.len();
             self.len = 3 + username_len + password_len;
-            self.buf[(2 + username_len)] = password_len as u8;
+            self.buf[2 + username_len] = password_len as u8;
             self.buf[(3 + username_len)..self.len].copy_from_slice(password_bytes);
         } else {
             unreachable!()
@@ -576,7 +583,8 @@ impl Socks5Listener<TcpStream> {
 }
 
 impl<S> Socks5Listener<S>
-where S: AsyncRead + AsyncWrite + Unpin
+where
+    S: AsyncRead + AsyncWrite + Unpin,
 {
     /// Initiates a BIND request to the specified proxy using the given socket
     /// to it.
@@ -589,7 +597,9 @@ where S: AsyncRead + AsyncWrite + Unpin
     /// It propagates the error that occurs in the conversion from `T` to
     /// `TargetAddr`.
     pub async fn bind_with_socket<'t, T>(socket: S, target: T) -> Result<Socks5Listener<S>>
-    where T: IntoTargetAddr<'t> {
+    where
+        T: IntoTargetAddr<'t>,
+    {
         Self::bind_with_auth_and_socket(Authentication::None, socket, target).await
     }
 
@@ -664,15 +674,17 @@ where S: AsyncRead + AsyncWrite + Unpin
 }
 
 impl<T> AsyncRead for Socks5Stream<T>
-where T: AsyncRead + Unpin
+where
+    T: AsyncRead + Unpin,
 {
     fn poll_read(mut self: Pin<&mut Self>, cx: &mut Context<'_>, buf: &mut ReadBuf<'_>) -> Poll<io::Result<()>> {
         AsyncRead::poll_read(Pin::new(&mut self.socket), cx, buf)
     }
 }
 
 impl<T> AsyncWrite for Socks5Stream<T>
-where T: AsyncWrite + Unpin
+where
+    T: AsyncWrite + Unpin,
 {
     fn poll_write(mut self: Pin<&mut Self>, cx: &mut Context<'_>, buf: &[u8]) -> Poll<io::Result<usize>> {
         AsyncWrite::poll_write(Pin::new(&mut self.socket), cx, buf)