[ Cmii ] [ Octopus ] - add all image tag back up; add socks5 proxy

socks5_txthinking/old_tcp_tailscale/logger.go

@@ -0,0 +1,211 @@
+package old_tcp_tailscale // Copyright (c) Tailscale Inc & AUTHORS
+
+import (
+	"bufio"
+	"bytes"
+	"encoding/json"
+	"fmt"
+	"io"
+	"log"
+	"sync"
+	"time"
+
+	"context"
+)
+
+// Logf is the basic Tailscale logger type: a printf-like func.
+// Like log.Printf, the format need not end in a newline.
+// Logf functions must be safe for concurrent use.
+type Logf func(format string, args ...any)
+
+// A Context is a context.Context that should contain a custom log function, obtainable from FromContext.
+// If no log function is present, FromContext will return log.Printf.
+// To construct a Context, use Add
+//
+// Deprecated: Do not use.
+type Context context.Context
+
+// jenc is a json.Encode + bytes.Buffer pair wired up to be reused in a pool.
+type jenc struct {
+	buf bytes.Buffer
+	enc *json.Encoder
+}
+
+var jencPool = &sync.Pool{New: func() any {
+	je := new(jenc)
+	je.enc = json.NewEncoder(&je.buf)
+	return je
+}}
+
+// JSON marshals v as JSON and writes it to logf formatted with the annotation to make logtail
+// treat it as a structured log.
+//
+// The recType is the record type and becomes the key of the wrapper
+// JSON object that is logged. That is, if recType is "foo" and v is
+// 123, the value logged is {"foo":123}.
+//
+// Do not use recType "logtail", "v", "text", or "metrics", with any case.
+// Those are reserved for the logging system.
+//
+// The level can be from 0 to 9. Levels from 1 to 9 are included in
+// the logged JSON object, like {"foo":123,"v":2}.
+func (logf Logf) JSON(level int, recType string, v any) {
+	je := jencPool.Get().(*jenc)
+	defer jencPool.Put(je)
+	je.buf.Reset()
+	je.buf.WriteByte('{')
+	je.enc.Encode(recType)
+	je.buf.Truncate(je.buf.Len() - 1) // remove newline from prior Encode
+	je.buf.WriteByte(':')
+	if err := je.enc.Encode(v); err != nil {
+		logf("[unexpected]: failed to encode structured JSON log record of type %q / %T: %v", recType, v, err)
+		return
+	}
+	je.buf.Truncate(je.buf.Len() - 1) // remove newline from prior Encode
+	je.buf.WriteByte('}')
+	// Magic prefix recognized by logtail:
+	logf("[v\x00JSON]%d%s", level%10, je.buf.Bytes())
+
+}
+
+// WithPrefix wraps f, prefixing each format with the provided prefix.
+func WithPrefix(f Logf, prefix string) Logf {
+	return func(format string, args ...any) {
+		f(prefix+format, args...)
+	}
+}
+
+// FuncWriter returns an io.Writer that writes to f.
+func FuncWriter(f Logf) io.Writer {
+	return funcWriter{f}
+}
+
+// StdLogger returns a standard library logger from a Logf.
+func StdLogger(f Logf) *log.Logger {
+	return log.New(FuncWriter(f), "", 0)
+}
+
+type funcWriter struct{ f Logf }
+
+func (w funcWriter) Write(p []byte) (int, error) {
+	w.f("%s", p)
+	return len(p), nil
+}
+
+// Discard is a Logf that throws away the logs given to it.
+func Discard(string, ...any) {}
+
+// LogOnChange logs a given line only if line != lastLine, or if maxInterval has passed
+// since the last time this identical line was logged.
+func LogOnChange(logf Logf, maxInterval time.Duration, timeNow func() time.Time) Logf {
+	var (
+		mu          sync.Mutex
+		sLastLogged string
+		tLastLogged = timeNow()
+	)
+
+	return func(format string, args ...any) {
+		s := fmt.Sprintf(format, args...)
+
+		mu.Lock()
+		if s == sLastLogged && timeNow().Sub(tLastLogged) < maxInterval {
+			mu.Unlock()
+			return
+		}
+		sLastLogged = s
+		tLastLogged = timeNow()
+		mu.Unlock()
+
+		// Re-stringify it (instead of using "%s", s) so something like "%s"
+		// doesn't end up getting rate-limited. (And can't use 's' as the pattern,
+		// as it might contain formatting directives.)
+		logf(format, args...)
+	}
+}
+
+// ArgWriter is a fmt.Formatter that can be passed to any Logf func to
+// efficiently write to a %v argument without allocations.
+type ArgWriter func(*bufio.Writer)
+
+func (fn ArgWriter) Format(f fmt.State, _ rune) {
+	bw := argBufioPool.Get().(*bufio.Writer)
+	bw.Reset(f)
+	fn(bw)
+	bw.Flush()
+	argBufioPool.Put(bw)
+}
+
+var argBufioPool = &sync.Pool{New: func() any { return bufio.NewWriterSize(io.Discard, 1024) }}
+
+// Filtered returns a Logf that silently swallows some log lines.
+// Each inbound format and args is evaluated and printed to a string s.
+// The original format and args are passed to logf if and only if allow(s) returns true.
+func Filtered(logf Logf, allow func(s string) bool) Logf {
+	return func(format string, args ...any) {
+		msg := fmt.Sprintf(format, args...)
+		if !allow(msg) {
+			return
+		}
+		logf(format, args...)
+	}
+}
+
+// LogfCloser wraps logf to create a logger that can be closed.
+// Calling close makes all future calls to newLogf into no-ops.
+func LogfCloser(logf Logf) (newLogf Logf, close func()) {
+	var (
+		mu     sync.Mutex
+		closed bool
+	)
+	close = func() {
+		mu.Lock()
+		defer mu.Unlock()
+		closed = true
+	}
+	newLogf = func(msg string, args ...any) {
+		mu.Lock()
+		if closed {
+			mu.Unlock()
+			return
+		}
+		mu.Unlock()
+		logf(msg, args...)
+	}
+	return newLogf, close
+}
+
+// AsJSON returns a formatter that formats v as JSON. The value is suitable to
+// passing to a regular %v printf argument. (%s is not required)
+//
+// If json.Marshal returns an error, the output is "%%!JSON-ERROR:" followed by
+// the error string.
+func AsJSON(v any) fmt.Formatter {
+	return asJSONResult{v}
+}
+
+type asJSONResult struct{ v any }
+
+func (a asJSONResult) Format(s fmt.State, verb rune) {
+	v, err := json.Marshal(a.v)
+	if err != nil {
+		fmt.Fprintf(s, "%%!JSON-ERROR:%v", err)
+		return
+	}
+	s.Write(v)
+}
+
+// TBLogger is the testing.TB subset needed by TestLogger.
+type TBLogger interface {
+	Helper()
+	Logf(format string, args ...any)
+}
+
+// TestLogger returns a logger that logs to tb.Logf
+// with a prefix to make it easier to distinguish spam
+// from explicit test failures.
+func TestLogger(tb TBLogger) Logf {
+	return func(format string, args ...any) {
+		tb.Helper()
+		tb.Logf("    ... "+format, args...)
+	}
+}

socks5_txthinking/old_tcp_tailscale/main.go

@@ -0,0 +1,42 @@
+package main
+
+import (
+	"fmt"
+	"net"
+	"os"
+)
+
+func main() {
+
+	if len(os.Args) < 2 {
+		fmt.Println("start socks5 server error must provide listen port !")
+		return
+	}
+	if len(os.Args) > 3 {
+		fmt.Println("start socks5 server error !")
+		return
+	}
+	username := ""
+	password := ""
+	if len(os.Args) == 4 {
+		username = os.Args[2]
+		password = os.Args[3]
+	}
+
+	port := os.Args[1]
+
+	listener, err := net.Listen("tcp", ":"+port)
+	if err != nil {
+		fmt.Println("start listener error ! => " + err.Error())
+	}
+
+	server := &Server{
+		Username: username,
+		Password: password,
+	}
+
+	err = server.Serve(listener)
+	if err != nil {
+		fmt.Println("server start to server error ! => " + err.Error())
+	}
+}

socks5_txthinking/old_tcp_tailscale/socks5.go

@@ -0,0 +1,417 @@
+// Copyright (c) Tailscale Inc & AUTHORS
+// SPDX-License-Identifier: BSD-3-Clause
+
+// Package socks5 is a SOCKS5 server implementation.
+//
+// This is used for userspace networking in Tailscale. Specifically,
+// this is used for dialing out of the machine to other nodes, without
+// the host kernel's involvement, so it doesn't proper routing tables,
+// TUN, IPv6, etc. This package is meant to only handle the SOCKS5 protocol
+// details and not any integration with Tailscale internals itself.
+//
+// The glue between this package and Tailscale is in net/socks5/tssocks.
+package old_tcp_tailscale
+
+import (
+	"context"
+	"encoding/binary"
+	"fmt"
+	"io"
+	"log"
+	"net"
+	"strconv"
+	"time"
+)
+
+// Authentication METHODs described in RFC 1928, section 3.
+const (
+	noAuthRequired   byte = 0
+	passwordAuth     byte = 2
+	noAcceptableAuth byte = 255
+)
+
+// passwordAuthVersion is the auth version byte described in RFC 1929.
+const passwordAuthVersion = 1
+
+// socks5Version is the byte that represents the SOCKS version
+// in requests.
+const socks5Version byte = 5
+
+// commandType are the bytes sent in SOCKS5 packets
+// that represent the kind of connection the client needs.
+type commandType byte
+
+// The set of valid SOCKS5 commands as described in RFC 1928.
+const (
+	connect      commandType = 1
+	bind         commandType = 2
+	udpAssociate commandType = 3
+)
+
+// addrType are the bytes sent in SOCKS5 packets
+// that represent particular address types.
+type addrType byte
+
+// The set of valid SOCKS5 address types as defined in RFC 1928.
+const (
+	ipv4       addrType = 1
+	domainName addrType = 3
+	ipv6       addrType = 4
+)
+
+// replyCode are the bytes sent in SOCKS5 packets
+// that represent replies from the server to a client
+// request.
+type replyCode byte
+
+// The set of valid SOCKS5 reply types as per the RFC 1928.
+const (
+	success              replyCode = 0
+	generalFailure       replyCode = 1
+	connectionNotAllowed replyCode = 2
+	networkUnreachable   replyCode = 3
+	hostUnreachable      replyCode = 4
+	connectionRefused    replyCode = 5
+	ttlExpired           replyCode = 6
+	commandNotSupported  replyCode = 7
+	addrTypeNotSupported replyCode = 8
+)
+
+// Server is a SOCKS5 proxy server.
+type Server struct {
+	// Logf optionally specifies the logger to use.
+	// If nil, the standard logger is used.
+	Logf Logf
+
+	// Dialer optionally specifies the dialer to use for outgoing connections.
+	// If nil, the net package's standard dialer is used.
+	Dialer func(ctx context.Context, network, addr string) (net.Conn, error)
+
+	// Username and Password, if set, are the credential clients must provide.
+	Username string
+	Password string
+}
+
+func (s *Server) dial(ctx context.Context, network, addr string) (net.Conn, error) {
+	dial := s.Dialer
+	if dial == nil {
+		dialer := &net.Dialer{}
+		dial = dialer.DialContext
+	}
+	return dial(ctx, network, addr)
+}
+
+func (s *Server) logf(format string, args ...any) {
+	logf := s.Logf
+	if logf == nil {
+		logf = log.Printf
+	}
+	logf(format, args...)
+}
+
+// Serve accepts and handles incoming connections on the given listener.
+func (s *Server) Serve(l net.Listener) error {
+	defer l.Close()
+	for {
+		c, err := l.Accept()
+		if err != nil {
+			return err
+		}
+		go func() {
+			defer c.Close()
+			conn := &Conn{clientConn: c, srv: s}
+			err := conn.Run()
+			if err != nil {
+				s.logf("client connection failed: %v", err)
+			}
+		}()
+	}
+}
+
+// Conn is a SOCKS5 connection for client to reach
+// server.
+type Conn struct {
+	// The struct is filled by each of the internal
+	// methods in turn as the transaction progresses.
+
+	srv        *Server
+	clientConn net.Conn
+	request    *request
+}
+
+// Run starts the new connection.
+func (c *Conn) Run() error {
+	needAuth := c.srv.Username != "" || c.srv.Password != ""
+	authMethod := noAuthRequired
+	if needAuth {
+		authMethod = passwordAuth
+	}
+
+	err := parseClientGreeting(c.clientConn, authMethod)
+	if err != nil {
+		c.clientConn.Write([]byte{socks5Version, noAcceptableAuth})
+		return err
+	}
+	c.clientConn.Write([]byte{socks5Version, authMethod})
+	if !needAuth {
+		return c.handleRequest()
+	}
+
+	user, pwd, err := parseClientAuth(c.clientConn)
+	if err != nil || user != c.srv.Username || pwd != c.srv.Password {
+		c.clientConn.Write([]byte{1, 1}) // auth error
+		return err
+	}
+	c.clientConn.Write([]byte{1, 0}) // auth success
+
+	return c.handleRequest()
+}
+
+func (c *Conn) handleRequest() error {
+
+	req, err := parseClientRequest(c.clientConn)
+	if err != nil {
+		res := &response{reply: generalFailure}
+		buf, _ := res.marshal()
+		c.clientConn.Write(buf)
+		return err
+	}
+	if req.command != connect {
+		res := &response{reply: commandNotSupported}
+		buf, _ := res.marshal()
+		c.clientConn.Write(buf)
+		return fmt.Errorf("unsupported command %v", req.command)
+	}
+	c.request = req
+
+	ctx, cancel := context.WithTimeout(context.Background(), 5*time.Second)
+	defer cancel()
+	srv, err := c.srv.dial(
+		ctx,
+		"tcp",
+		net.JoinHostPort(c.request.destination, strconv.Itoa(int(c.request.port))),
+	)
+	if err != nil {
+		res := &response{reply: generalFailure}
+		buf, _ := res.marshal()
+		c.clientConn.Write(buf)
+		return err
+	}
+	defer srv.Close()
+	serverAddr, serverPortStr, err := net.SplitHostPort(srv.LocalAddr().String())
+	if err != nil {
+		return err
+	}
+	serverPort, _ := strconv.Atoi(serverPortStr)
+
+	var bindAddrType addrType
+	if ip := net.ParseIP(serverAddr); ip != nil {
+		if ip.To4() != nil {
+			bindAddrType = ipv4
+		} else {
+			bindAddrType = ipv6
+		}
+	} else {
+		bindAddrType = domainName
+	}
+
+	res := &response{
+		reply:        success,
+		bindAddrType: bindAddrType,
+		bindAddr:     serverAddr,
+		bindPort:     uint16(serverPort),
+	}
+	buf, err := res.marshal()
+	if err != nil {
+		res = &response{reply: generalFailure}
+		buf, _ = res.marshal()
+	}
+	c.clientConn.Write(buf)
+
+	errc := make(chan error, 2)
+	go func() {
+		_, err := io.Copy(c.clientConn, srv)
+		if err != nil {
+			err = fmt.Errorf("from backend to client: %w", err)
+		}
+		errc <- err
+	}()
+	go func() {
+		_, err := io.Copy(srv, c.clientConn)
+		if err != nil {
+			err = fmt.Errorf("from client to backend: %w", err)
+		}
+		errc <- err
+	}()
+	return <-errc
+}
+
+// parseClientGreeting parses a request initiation packet.
+func parseClientGreeting(r io.Reader, authMethod byte) error {
+	var hdr [2]byte
+	_, err := io.ReadFull(r, hdr[:])
+	if err != nil {
+		return fmt.Errorf("could not read packet header")
+	}
+	if hdr[0] != socks5Version {
+		return fmt.Errorf("incompatible SOCKS version")
+	}
+	count := int(hdr[1])
+	methods := make([]byte, count)
+	_, err = io.ReadFull(r, methods)
+	if err != nil {
+		return fmt.Errorf("could not read methods")
+	}
+	for _, m := range methods {
+		if m == authMethod {
+			return nil
+		}
+	}
+	return fmt.Errorf("no acceptable auth methods")
+}
+
+func parseClientAuth(r io.Reader) (usr, pwd string, err error) {
+	var hdr [2]byte
+	if _, err := io.ReadFull(r, hdr[:]); err != nil {
+		return "", "", fmt.Errorf("could not read auth packet header")
+	}
+	if hdr[0] != passwordAuthVersion {
+		return "", "", fmt.Errorf("bad SOCKS auth version")
+	}
+	usrLen := int(hdr[1])
+	usrBytes := make([]byte, usrLen)
+	if _, err := io.ReadFull(r, usrBytes); err != nil {
+		return "", "", fmt.Errorf("could not read auth packet username")
+	}
+	var hdrPwd [1]byte
+	if _, err := io.ReadFull(r, hdrPwd[:]); err != nil {
+		return "", "", fmt.Errorf("could not read auth packet password length")
+	}
+	pwdLen := int(hdrPwd[0])
+	pwdBytes := make([]byte, pwdLen)
+	if _, err := io.ReadFull(r, pwdBytes); err != nil {
+		return "", "", fmt.Errorf("could not read auth packet password")
+	}
+	return string(usrBytes), string(pwdBytes), nil
+}
+
+// request represents data contained within a SOCKS5
+// connection request packet.
+type request struct {
+	command      commandType
+	destination  string
+	port         uint16
+	destAddrType addrType
+}
+
+// parseClientRequest converts raw packet bytes into a
+// SOCKS5Request struct.
+func parseClientRequest(r io.Reader) (*request, error) {
+	var hdr [4]byte
+	_, err := io.ReadFull(r, hdr[:])
+	if err != nil {
+		return nil, fmt.Errorf("could not read packet header")
+	}
+	cmd := hdr[1]
+	destAddrType := addrType(hdr[3])
+
+	var destination string
+	var port uint16
+
+	if destAddrType == ipv4 {
+		var ip [4]byte
+		_, err = io.ReadFull(r, ip[:])
+		if err != nil {
+			return nil, fmt.Errorf("could not read IPv4 address")
+		}
+		destination = net.IP(ip[:]).String()
+	} else if destAddrType == domainName {
+		var dstSizeByte [1]byte
+		_, err = io.ReadFull(r, dstSizeByte[:])
+		if err != nil {
+			return nil, fmt.Errorf("could not read domain name size")
+		}
+		dstSize := int(dstSizeByte[0])
+		domainName := make([]byte, dstSize)
+		_, err = io.ReadFull(r, domainName)
+		if err != nil {
+			return nil, fmt.Errorf("could not read domain name")
+		}
+		destination = string(domainName)
+	} else if destAddrType == ipv6 {
+		var ip [16]byte
+		_, err = io.ReadFull(r, ip[:])
+		if err != nil {
+			return nil, fmt.Errorf("could not read IPv6 address")
+		}
+		destination = net.IP(ip[:]).String()
+	} else {
+		return nil, fmt.Errorf("unsupported address type")
+	}
+	var portBytes [2]byte
+	_, err = io.ReadFull(r, portBytes[:])
+	if err != nil {
+		return nil, fmt.Errorf("could not read port")
+	}
+	port = binary.BigEndian.Uint16(portBytes[:])
+
+	return &request{
+		command:      commandType(cmd),
+		destination:  destination,
+		port:         port,
+		destAddrType: destAddrType,
+	}, nil
+}
+
+// response contains the contents of
+// a response packet sent from the proxy
+// to the client.
+type response struct {
+	reply        replyCode
+	bindAddrType addrType
+	bindAddr     string
+	bindPort     uint16
+}
+
+// marshal converts a SOCKS5Response struct into
+// a packet. If res.reply == Success, it may throw an error on
+// receiving an invalid bind address. Otherwise, it will not throw.
+func (res *response) marshal() ([]byte, error) {
+	pkt := make([]byte, 4)
+	pkt[0] = socks5Version
+	pkt[1] = byte(res.reply)
+	pkt[2] = 0 // null reserved byte
+	pkt[3] = byte(res.bindAddrType)
+
+	if res.reply != success {
+		return pkt, nil
+	}
+
+	var addr []byte
+	switch res.bindAddrType {
+	case ipv4:
+		addr = net.ParseIP(res.bindAddr).To4()
+		if addr == nil {
+			return nil, fmt.Errorf("invalid IPv4 address for binding")
+		}
+	case domainName:
+		if len(res.bindAddr) > 255 {
+			return nil, fmt.Errorf("invalid domain name for binding")
+		}
+		addr = make([]byte, 0, len(res.bindAddr)+1)
+		addr = append(addr, byte(len(res.bindAddr)))
+		addr = append(addr, []byte(res.bindAddr)...)
+	case ipv6:
+		addr = net.ParseIP(res.bindAddr).To16()
+		if addr == nil {
+			return nil, fmt.Errorf("invalid IPv6 address for binding")
+		}
+	default:
+		return nil, fmt.Errorf("unsupported address type")
+	}
+
+	pkt = append(pkt, addr...)
+	pkt = binary.BigEndian.AppendUint16(pkt, uint16(res.bindPort))
+
+	return pkt, nil
+}