Merge branch 'dev'

CHANGELOG

@@ -1,5 +1,10 @@
 proxy更新日志
 
+v6.2
+1.修复encrypt.Conn释放内存,导致的潜在panic问题.
+2.修复了basic认证,处理认证文件没有正确处理注释的bug.
+3.修正了ssh中转手册参数-A调整为-D.
+
 v6.1
 1.黑白名单支持设置顶级域了,比如:com,匹配所有的.com域名
 2.优化TCPS内存释放.

README_ZH.md

@@ -183,7 +183,7 @@ curl -L https://raw.githubusercontent.com/snail007/goproxy/master/install_auto.s
 下载地址:https://github.com/snail007/goproxy/releases  
 ```shell  
 cd /root/proxy/  
-wget https://github.com/snail007/goproxy/releases/download/v6.1/proxy-linux-amd64.tar.gz  
+wget https://github.com/snail007/goproxy/releases/download/v6.2/proxy-linux-amd64.tar.gz  
 ```  
 #### **2.下载自动安装脚本**  
 ```shell  
@@ -380,7 +380,7 @@ target:用户访问的URL,比如:http://demo.com:80/1.html或https://www.baidu.c
 
 ##### ***1.7.1 ssh用户名和密码的方式***   
 本地HTTP(S)代理28080端口,执行:  
-`./proxy http -T ssh -P "2.2.2.2:22" -u user -A demo -t tcp -p ":28080"`  
+`./proxy http -T ssh -P "2.2.2.2:22" -u user -D demo -t tcp -p ":28080"`  
 ##### ***1.7.2 ssh用户名和密钥的方式***   
 本地HTTP(S)代理28080端口,执行:  
 `./proxy http -T ssh -P "2.2.2.2:22" -u user -S user.key -t tcp -p ":28080"`  
@@ -879,7 +879,7 @@ SOCKS5代理,支持CONNECT,UDP协议,不支持BIND,支持用户名密码认证.
 
 ##### ***5.6.1 ssh用户名和密码的方式***  
 本地SOCKS5代理28080端口,执行:  
-`./proxy socks -T ssh -P "2.2.2.2:22" -u user -A demo -t tcp -p ":28080"`  
+`./proxy socks -T ssh -P "2.2.2.2:22" -u user -D demo -t tcp -p ":28080"`  
 ##### ***5.6.2 ssh用户名和密钥的方式***  
 本地SOCKS5代理28080端口,执行:  
 `./proxy socks -T ssh -P "2.2.2.2:22" -u user -S user.key -t tcp -p ":28080"`  

VERSION

@@ -1 +1 @@
-6.1
+6.2

core/lib/transport/encrypt/conn.go

@@ -2,6 +2,7 @@ package encrypt
 
 import (
 	"crypto/cipher"
+	"fmt"
 	"io"
 	"net"
 
@@ -33,15 +34,23 @@ func NewConn(c net.Conn, method, password string) (conn net.Conn, err error) {
 	return
 }
 func (s *Conn) Read(b []byte) (n int, err error) {
+	if s.r == nil {
+		return 0, fmt.Errorf("use of closed network connection")
+	}
 	return s.r.Read(b)
 }
 func (s *Conn) Write(b []byte) (n int, err error) {
+	if s.w == nil {
+		return 0, fmt.Errorf("use of closed network connection")
+	}
 	return s.w.Write(b)
 }
 func (s *Conn) Close() (err error) {
-	err = s.Conn.Close()
-	s.Cipher = nil
-	s.r = nil
-	s.w = nil
-	return err
+	if s.Cipher != nil {
+		err = s.Conn.Close()
+		s.Cipher = nil
+		s.r = nil
+		s.w = nil
+	}
+	return
 }

install_auto.sh

@@ -5,7 +5,7 @@ if [ -e /tmp/proxy ]; then
 fi
 mkdir /tmp/proxy
 cd /tmp/proxy
-wget https://github.com/snail007/goproxy/releases/download/v6.1/proxy-linux-amd64.tar.gz
+wget https://github.com/snail007/goproxy/releases/download/v6.2/proxy-linux-amd64.tar.gz
 
 # #install proxy
 tar zxvf proxy-linux-amd64.tar.gz

utils/functions.go

@@ -371,11 +371,20 @@ func RandInt(strLen int) int64 {
 	return i
 }
 func ReadBytes(r io.Reader) (data []byte, err error) {
+	defer func() {
+		if e := recover(); e != nil {
+			err = fmt.Errorf("read bytes fail ,err : %s", e)
+		}
+	}()
 	var len uint64
 	err = binary.Read(r, binary.LittleEndian, &len)
 	if err != nil {
 		return
 	}
+	if len == 0 || len > ^uint64(0) {
+		err = fmt.Errorf("data len out of range, %d", len)
+		return
+	}
 	var n int
 	data = make([]byte, len)
 	n, err = r.Read(data)

utils/structs.go

@@ -235,7 +235,7 @@ func (ba *BasicAuth) AddFromFile(file string) (n int, err error) {
 	}
 	userpassArr := strings.Split(strings.Replace(string(_content), "\r", "", -1), "\n")
 	for _, userpass := range userpassArr {
-		if strings.HasPrefix("#", userpass) {
+		if strings.HasPrefix(userpass, "#") {
 			continue
 		}
 		u := strings.Split(strings.Trim(userpass, " "), ":")