-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathauth.go
More file actions
74 lines (59 loc) · 1.34 KB
/
auth.go
File metadata and controls
74 lines (59 loc) · 1.34 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
package sockit
import (
"errors"
"fmt"
"net"
)
type User struct {
Username string
Password string
}
type UserPassMethod struct {
users []User
}
var (
userPassAuthVersion byte = 0x01
errUnauthorised = errors.New("unauthorised user")
errInvalidUsers = errors.New("invalid user auth config")
)
func WithUserPassAuth(users ...User) ProxyOption {
return func(p *Proxy) error {
if len(users) == 0 {
return errInvalidUsers
}
if p.methods == nil {
p.methods = map[byte]MethodNegotiator{}
}
p.methods[methodAuth] = &UserPassMethod{users: users}
return nil
}
}
func (u *UserPassMethod) Negotiate(conn net.Conn) error {
version, err := readBytes(conn, 1)
if err != nil {
return err
}
if version[0] != 0x01 {
return errInvalidVersion
}
username, err := readBytesFromLength(conn)
if err != nil {
return err
}
password, err := readBytesFromLength(conn)
if err != nil {
return err
}
for _, user := range u.users {
if user.Username == string(username) && user.Password == string(password) {
if _, err := conn.Write([]byte{userPassAuthVersion, 0x00}); err != nil {
return fmt.Errorf("failed to write auth success: %w", err)
}
return nil
}
}
if _, err = conn.Write([]byte{userPassAuthVersion, 0x01}); err != nil {
return fmt.Errorf("failed to write auth failure: %w", err)
}
return errUnauthorised
}