1
0
mirror of https://github.com/v2fly/v2ray-core.git synced 2024-10-30 15:57:35 -04:00
v2fly/proxy/shadowsocks/ota.go

131 lines
2.8 KiB
Go
Raw Normal View History

package shadowsocks
import (
2016-05-24 16:09:22 -04:00
"bytes"
"crypto/hmac"
"crypto/sha1"
2016-11-19 08:38:13 -05:00
"errors"
2016-01-29 14:54:06 -05:00
"io"
2016-08-20 14:55:45 -04:00
"v2ray.com/core/common/alloc"
"v2ray.com/core/common/serial"
)
const (
AuthSize = 10
)
type KeyGenerator func() []byte
type Authenticator struct {
key KeyGenerator
}
func NewAuthenticator(keygen KeyGenerator) *Authenticator {
return &Authenticator{
key: keygen,
}
}
2016-11-27 15:39:09 -05:00
func (v *Authenticator) Authenticate(auth []byte, data []byte) []byte {
hasher := hmac.New(sha1.New, v.key())
hasher.Write(data)
res := hasher.Sum(nil)
return append(auth, res[:AuthSize]...)
}
func HeaderKeyGenerator(key []byte, iv []byte) func() []byte {
return func() []byte {
newKey := make([]byte, 0, len(key)+len(iv))
newKey = append(newKey, iv...)
2016-02-28 15:00:53 -05:00
newKey = append(newKey, key...)
return newKey
}
}
func ChunkKeyGenerator(iv []byte) func() []byte {
chunkId := 0
return func() []byte {
newKey := make([]byte, 0, len(iv)+4)
newKey = append(newKey, iv...)
2016-07-04 03:47:14 -04:00
newKey = serial.IntToBytes(chunkId, newKey)
chunkId++
return newKey
}
}
2016-01-29 14:54:06 -05:00
type ChunkReader struct {
reader io.Reader
auth *Authenticator
}
func NewChunkReader(reader io.Reader, auth *Authenticator) *ChunkReader {
return &ChunkReader{
reader: reader,
auth: auth,
}
}
2016-11-27 15:39:09 -05:00
func (v *ChunkReader) Release() {
v.reader = nil
v.auth = nil
2016-04-12 15:43:13 -04:00
}
2016-11-27 15:39:09 -05:00
func (v *ChunkReader) Read() (*alloc.Buffer, error) {
2016-11-18 19:50:09 -05:00
buffer := alloc.NewBuffer()
2016-11-27 15:39:09 -05:00
if _, err := io.ReadFull(v.reader, buffer.Value[:2]); err != nil {
2016-02-01 06:22:29 -05:00
buffer.Release()
2016-01-29 14:54:06 -05:00
return nil, err
}
// There is a potential buffer overflow here. Large buffer is 64K bytes,
// while uin16 + 10 will be more than that
2016-05-24 16:09:22 -04:00
length := serial.BytesToUint16(buffer.Value[:2]) + AuthSize
2016-11-19 04:57:00 -05:00
if length > alloc.BufferSize {
// Theoretically the size of a chunk is 64K, but most Shadowsocks implementations used <4K buffer.
buffer.Release()
buffer = alloc.NewLocalBuffer(int(length) + 128)
}
2016-11-27 15:39:09 -05:00
if _, err := io.ReadFull(v.reader, buffer.Value[:length]); err != nil {
2016-02-01 06:22:29 -05:00
buffer.Release()
2016-01-29 14:54:06 -05:00
return nil, err
}
buffer.Slice(0, int(length))
authBytes := buffer.Value[:AuthSize]
payload := buffer.Value[AuthSize:]
2016-11-27 15:39:09 -05:00
actualAuthBytes := v.auth.Authenticate(nil, payload)
2016-05-24 16:09:22 -04:00
if !bytes.Equal(authBytes, actualAuthBytes) {
2016-02-01 06:22:29 -05:00
buffer.Release()
2016-11-19 08:38:13 -05:00
return nil, errors.New("Shadowsocks|AuthenticationReader: Invalid auth.")
2016-01-29 14:54:06 -05:00
}
2016-07-13 05:38:14 -04:00
buffer.SliceFrom(AuthSize)
2016-01-29 14:54:06 -05:00
return buffer, nil
}
2016-10-20 18:33:23 -04:00
type ChunkWriter struct {
writer io.Writer
auth *Authenticator
}
func NewChunkWriter(writer io.Writer, auth *Authenticator) *ChunkWriter {
return &ChunkWriter{
writer: writer,
auth: auth,
}
}
2016-11-27 15:39:09 -05:00
func (v *ChunkWriter) Release() {
v.writer = nil
v.auth = nil
2016-10-20 18:33:23 -04:00
}
2016-11-27 15:39:09 -05:00
func (v *ChunkWriter) Write(payload *alloc.Buffer) error {
2016-10-20 18:33:23 -04:00
totalLength := payload.Len()
2016-10-31 10:24:28 -04:00
payload.SliceBack(AuthSize)
2016-11-27 15:39:09 -05:00
v.auth.Authenticate(payload.Value[:0], payload.Value[AuthSize:])
2016-10-20 18:33:23 -04:00
payload.PrependUint16(uint16(totalLength))
2016-11-27 15:39:09 -05:00
_, err := v.writer.Write(payload.Bytes())
2016-10-31 10:24:28 -04:00
return err
2016-10-20 18:33:23 -04:00
}