customizable policy

2026-01-08 10:15:53 -05:00 · 2017-11-27 22:09:30 +01:00
parent d4f8934aa4
commit 3214a5078c
26 changed files with 554 additions and 159 deletions
--- a/proxy/http/config.pb.go
+++ b/proxy/http/config.pb.go
@@ -20,6 +20,7 @@ type ServerConfig struct {
 	Timeout          uint32            `protobuf:"varint,1,opt,name=timeout" json:"timeout,omitempty"`
 	Accounts         map[string]string `protobuf:"bytes,2,rep,name=accounts" json:"accounts,omitempty" protobuf_key:"bytes,1,opt,name=key" protobuf_val:"bytes,2,opt,name=value"`
 	AllowTransparent bool              `protobuf:"varint,3,opt,name=allow_transparent,json=allowTransparent" json:"allow_transparent,omitempty"`
+	UserLevel        uint32            `protobuf:"varint,4,opt,name=user_level,json=userLevel" json:"user_level,omitempty"`
 }

 func (m *ServerConfig) Reset()                    { *m = ServerConfig{} }
@@ -48,6 +49,13 @@ func (m *ServerConfig) GetAllowTransparent() bool {
 	return false
 }

+func (m *ServerConfig) GetUserLevel() uint32 {
+	if m != nil {
+		return m.UserLevel
+	}
+	return 0
+}
+
 // ClientConfig for HTTP proxy client.
 type ClientConfig struct {
 }
@@ -65,22 +73,24 @@ func init() {
 func init() { proto.RegisterFile("v2ray.com/core/proxy/http/config.proto", fileDescriptor0) }

 var fileDescriptor0 = []byte{
-	// 271 bytes of a gzipped FileDescriptorProto
-	0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0x6c, 0x90, 0x5d, 0x4b, 0xc3, 0x30,
-	0x14, 0x86, 0x49, 0xe7, 0xc7, 0x8c, 0x9b, 0xcc, 0xe0, 0xa0, 0x7a, 0x55, 0x76, 0x21, 0x05, 0x21,
-	0xc5, 0x7a, 0x23, 0xee, 0x4a, 0x8b, 0xe0, 0x8d, 0x30, 0xaa, 0x78, 0xe1, 0x8d, 0xc4, 0x10, 0xb5,
-	0xd8, 0xe6, 0x94, 0xb3, 0xd3, 0x6a, 0xfe, 0x92, 0xff, 0xca, 0x7f, 0x22, 0xcd, 0x9c, 0x1f, 0xb0,
-	0xab, 0xe4, 0x9c, 0xf7, 0xc9, 0xc3, 0x4b, 0xf8, 0x61, 0x9b, 0xa2, 0x72, 0x52, 0x43, 0x95, 0x68,
-	0x40, 0x93, 0xd4, 0x08, 0xef, 0x2e, 0x79, 0x21, 0xaa, 0x13, 0x0d, 0xf6, 0xa9, 0x78, 0x96, 0x35,
-	0x02, 0x81, 0x18, 0x2f, 0x39, 0x34, 0xd2, 0x33, 0xb2, 0x63, 0x26, 0x9f, 0x8c, 0x0f, 0x6e, 0x0c,
-	0xb6, 0x06, 0x33, 0x4f, 0x8b, 0x90, 0x6f, 0x52, 0x51, 0x19, 0x68, 0x28, 0x64, 0x11, 0x8b, 0x87,
-	0xf9, 0x72, 0x14, 0xd7, 0xbc, 0xaf, 0xb4, 0x86, 0xc6, 0xd2, 0x3c, 0x0c, 0xa2, 0x5e, 0xbc, 0x9d,
-	0x1e, 0xcb, 0x95, 0x52, 0xf9, 0x57, 0x28, 0xcf, 0xbf, 0xdf, 0x5c, 0x5a, 0x42, 0x97, 0xff, 0x28,
-	0xc4, 0x11, 0xdf, 0x55, 0x65, 0x09, 0x6f, 0x0f, 0x84, 0xca, 0xce, 0x6b, 0x85, 0xc6, 0x52, 0xd8,
-	0x8b, 0x58, 0xdc, 0xcf, 0x47, 0x3e, 0xb8, 0xfd, 0xdd, 0x1f, 0x4c, 0xf9, 0xf0, 0x9f, 0x47, 0x8c,
-	0x78, 0xef, 0xd5, 0x38, 0x5f, 0x71, 0x2b, 0xef, 0xae, 0x62, 0x8f, 0xaf, 0xb7, 0xaa, 0x6c, 0x4c,
-	0x18, 0xf8, 0xdd, 0x62, 0x38, 0x0b, 0x4e, 0xd9, 0x64, 0x87, 0x0f, 0xb2, 0xb2, 0x30, 0x96, 0x16,
-	0x8d, 0x2e, 0xa6, 0x7c, 0x5f, 0x43, 0xb5, 0xba, 0xfb, 0x8c, 0xdd, 0xaf, 0x75, 0xe7, 0x47, 0x30,
-	0xbe, 0x4b, 0x73, 0xe5, 0x64, 0xd6, 0xe5, 0x33, 0x9f, 0x5f, 0x11, 0xd5, 0x8f, 0x1b, 0xfe, 0x3b,
-	0x4f, 0xbe, 0x02, 0x00, 0x00, 0xff, 0xff, 0xf5, 0x08, 0xbc, 0x0a, 0x78, 0x01, 0x00, 0x00,
+	// 296 bytes of a gzipped FileDescriptorProto
+	0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0x6c, 0x90, 0xcf, 0x4a, 0x33, 0x31,
+	0x14, 0xc5, 0x99, 0x69, 0xbf, 0xcf, 0xf6, 0xda, 0x4a, 0x0d, 0x16, 0x46, 0x51, 0x28, 0x5d, 0x48,
+	0x41, 0xc8, 0x60, 0xdd, 0x88, 0x5d, 0xd9, 0x22, 0xb8, 0x50, 0x28, 0x51, 0x5c, 0xb8, 0x29, 0x31,
+	0x5c, 0xb5, 0x98, 0x26, 0x43, 0xe6, 0xce, 0xe8, 0xec, 0x7d, 0x1a, 0x9f, 0x52, 0x92, 0x5a, 0xff,
+	0x40, 0x57, 0x49, 0x7e, 0xe7, 0xe4, 0xe4, 0x9e, 0xc0, 0x61, 0x39, 0x74, 0xb2, 0xe2, 0xca, 0x2e,
+	0x52, 0x65, 0x1d, 0xa6, 0x99, 0xb3, 0x6f, 0x55, 0xfa, 0x4c, 0x94, 0xa5, 0xca, 0x9a, 0xc7, 0xf9,
+	0x13, 0xcf, 0x9c, 0x25, 0xcb, 0xba, 0x2b, 0x9f, 0x43, 0x1e, 0x3c, 0xdc, 0x7b, 0xfa, 0xef, 0x31,
+	0xb4, 0x6e, 0xd0, 0x95, 0xe8, 0x26, 0xc1, 0xcd, 0xf6, 0x61, 0x83, 0xe6, 0x0b, 0xb4, 0x05, 0x25,
+	0x51, 0x2f, 0x1a, 0xb4, 0xc7, 0x71, 0x12, 0x89, 0x15, 0x62, 0xd7, 0xd0, 0x90, 0x4a, 0xd9, 0xc2,
+	0x50, 0x9e, 0xc4, 0xbd, 0xda, 0x60, 0x73, 0x78, 0xcc, 0xd7, 0x06, 0xf3, 0xdf, 0xa1, 0xfc, 0xfc,
+	0xeb, 0xce, 0x85, 0x21, 0x57, 0x89, 0xef, 0x08, 0x76, 0x04, 0xdb, 0x52, 0x6b, 0xfb, 0x3a, 0x23,
+	0x27, 0x4d, 0x9e, 0x49, 0x87, 0x86, 0x92, 0x5a, 0x2f, 0x1a, 0x34, 0x44, 0x27, 0x08, 0xb7, 0x3f,
+	0x9c, 0x1d, 0x00, 0x14, 0x39, 0xba, 0x99, 0xc6, 0x12, 0x75, 0x52, 0xf7, 0xc3, 0x89, 0xa6, 0x27,
+	0x57, 0x1e, 0xec, 0x8d, 0xa0, 0xfd, 0xe7, 0x19, 0xd6, 0x81, 0xda, 0x0b, 0x56, 0xa1, 0x45, 0x53,
+	0xf8, 0x2d, 0xdb, 0x81, 0x7f, 0xa5, 0xd4, 0x05, 0x26, 0x71, 0x60, 0xcb, 0xc3, 0x59, 0x7c, 0x1a,
+	0xf5, 0xb7, 0xa0, 0x35, 0xd1, 0x73, 0x34, 0xb4, 0x1c, 0x78, 0x3c, 0x82, 0x5d, 0x65, 0x17, 0xeb,
+	0xab, 0x4d, 0xa3, 0xfb, 0xba, 0x5f, 0x3f, 0xe2, 0xee, 0xdd, 0x50, 0xc8, 0x8a, 0x4f, 0xbc, 0x3e,
+	0x0d, 0xfa, 0x25, 0x51, 0xf6, 0xf0, 0x3f, 0xfc, 0xf8, 0xc9, 0x67, 0x00, 0x00, 0x00, 0xff, 0xff,
+	0x69, 0x94, 0x9f, 0xa7, 0x9b, 0x01, 0x00, 0x00,
 }
--- a/proxy/http/config.proto
+++ b/proxy/http/config.proto
@@ -8,9 +8,10 @@ option java_multiple_files = true;

 // Config for HTTP proxy server.
 message ServerConfig {
-  uint32 timeout = 1;
+  uint32 timeout = 1 [deprecated = true];
  map<string, string> accounts = 2;
  bool allow_transparent = 3;
+  uint32 user_level = 4;
 }

 // ClientConfig for HTTP proxy client.
--- a/proxy/http/server.go
+++ b/proxy/http/server.go
@@ -13,6 +13,7 @@ import (
 	"v2ray.com/core/app"
 	"v2ray.com/core/app/dispatcher"
 	"v2ray.com/core/app/log"
+	"v2ray.com/core/app/policy"
 	"v2ray.com/core/common"
 	"v2ray.com/core/common/buf"
 	"v2ray.com/core/common/errors"
@@ -24,6 +25,7 @@ import (
 // Server is a HTTP proxy server.
 type Server struct {
 	config *ServerConfig
+	policy policy.Policy
 }

 // NewServer creates a new HTTP inbound handler.
@@ -35,6 +37,17 @@ func NewServer(ctx context.Context, config *ServerConfig) (*Server, error) {
 	s := &Server{
 		config: config,
 	}
+	space.OnInitialize(func() error {
+		pm := policy.PolicyFromSpace(space)
+		if pm == nil {
+			return newError("Policy not found in space.")
+		}
+		s.policy = pm.GetPolicy(config.UserLevel)
+		if config.Timeout > 0 && config.UserLevel == 0 {
+			s.policy.Timeout.ConnectionIdle.Value = config.Timeout
+		}
+		return nil
+	})
 	return s, nil
 }

@@ -94,7 +107,7 @@ func (s *Server) Process(ctx context.Context, network net.Network, conn internet
 	reader := bufio.NewReaderSize(readerOnly{conn}, buf.Size)

 Start:
-	conn.SetReadDeadline(time.Now().Add(time.Second * 16))
+	conn.SetReadDeadline(time.Now().Add(s.policy.Timeout.Handshake.Duration()))

 	request, err := http.ReadRequest(reader)
 	if err != nil {
@@ -157,12 +170,8 @@ func (s *Server) handleConnect(ctx context.Context, request *http.Request, reade
 		return newError("failed to write back OK response").Base(err)
 	}

-	timeout := time.Second * time.Duration(s.config.Timeout)
-	if timeout == 0 {
-		timeout = time.Minute * 5
-	}
 	ctx, cancel := context.WithCancel(ctx)
-	timer := signal.CancelAfterInactivity(ctx, cancel, timeout)
+	timer := signal.CancelAfterInactivity(ctx, cancel, s.policy.Timeout.ConnectionIdle.Duration())
 	ray, err := dispatcher.Dispatch(ctx, dest)
 	if err != nil {
 		return err
@@ -181,6 +190,7 @@ func (s *Server) handleConnect(ctx context.Context, request *http.Request, reade

 	requestDone := signal.ExecuteAsync(func() error {
 		defer ray.InboundInput().Close()
+		defer timer.SetTimeout(s.policy.Timeout.DownlinkOnly.Duration())

 		v2reader := buf.NewReader(conn)
 		return buf.Copy(v2reader, ray.InboundInput(), buf.UpdateActivity(timer))
@@ -191,7 +201,7 @@ func (s *Server) handleConnect(ctx context.Context, request *http.Request, reade
 		if err := buf.Copy(ray.InboundOutput(), v2writer, buf.UpdateActivity(timer)); err != nil {
 			return err
 		}
-		timer.SetTimeout(time.Second * 2)
+		timer.SetTimeout(s.policy.Timeout.UplinkOnly.Duration())
 		return nil
 	})