mirror of
https://github.com/v2fly/v2ray-core.git
synced 2024-12-21 09:36:34 -05:00
remove shadowsosks ota (#238)
* remove shadowsosks ota * remove unused buf.Reader
This commit is contained in:
parent
dcf368bd93
commit
9f344fa1c9
@ -39,7 +39,6 @@ type ShadowsocksServerConfig struct {
|
|||||||
UDP bool `json:"udp"`
|
UDP bool `json:"udp"`
|
||||||
Level byte `json:"level"`
|
Level byte `json:"level"`
|
||||||
Email string `json:"email"`
|
Email string `json:"email"`
|
||||||
OTA *bool `json:"ota"`
|
|
||||||
NetworkList *NetworkList `json:"network"`
|
NetworkList *NetworkList `json:"network"`
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -53,14 +52,6 @@ func (v *ShadowsocksServerConfig) Build() (proto.Message, error) {
|
|||||||
}
|
}
|
||||||
account := &shadowsocks.Account{
|
account := &shadowsocks.Account{
|
||||||
Password: v.Password,
|
Password: v.Password,
|
||||||
Ota: shadowsocks.Account_Auto,
|
|
||||||
}
|
|
||||||
if v.OTA != nil {
|
|
||||||
if *v.OTA {
|
|
||||||
account.Ota = shadowsocks.Account_Enabled
|
|
||||||
} else {
|
|
||||||
account.Ota = shadowsocks.Account_Disabled
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
account.CipherType = cipherFromString(v.Cipher)
|
account.CipherType = cipherFromString(v.Cipher)
|
||||||
if account.CipherType == shadowsocks.CipherType_UNKNOWN {
|
if account.CipherType == shadowsocks.CipherType_UNKNOWN {
|
||||||
@ -110,10 +101,6 @@ func (v *ShadowsocksClientConfig) Build() (proto.Message, error) {
|
|||||||
}
|
}
|
||||||
account := &shadowsocks.Account{
|
account := &shadowsocks.Account{
|
||||||
Password: server.Password,
|
Password: server.Password,
|
||||||
Ota: shadowsocks.Account_Enabled,
|
|
||||||
}
|
|
||||||
if !server.Ota {
|
|
||||||
account.Ota = shadowsocks.Account_Disabled
|
|
||||||
}
|
}
|
||||||
account.CipherType = cipherFromString(server.Cipher)
|
account.CipherType = cipherFromString(server.Cipher)
|
||||||
if account.CipherType == shadowsocks.CipherType_UNKNOWN {
|
if account.CipherType == shadowsocks.CipherType_UNKNOWN {
|
||||||
|
@ -90,16 +90,12 @@ func (c *Client) Process(ctx context.Context, link *transport.Link, dialer inter
|
|||||||
}
|
}
|
||||||
|
|
||||||
user := server.PickUser()
|
user := server.PickUser()
|
||||||
account, ok := user.Account.(*MemoryAccount)
|
_, ok := user.Account.(*MemoryAccount)
|
||||||
if !ok {
|
if !ok {
|
||||||
return newError("user account is not valid")
|
return newError("user account is not valid")
|
||||||
}
|
}
|
||||||
request.User = user
|
request.User = user
|
||||||
|
|
||||||
if account.OneTimeAuth == Account_Auto || account.OneTimeAuth == Account_Enabled {
|
|
||||||
request.Option |= RequestOptionOneTimeAuth
|
|
||||||
}
|
|
||||||
|
|
||||||
sessionPolicy := c.policyManager.ForLevel(user.Level)
|
sessionPolicy := c.policyManager.ForLevel(user.Level)
|
||||||
ctx, cancel := context.WithCancel(ctx)
|
ctx, cancel := context.WithCancel(ctx)
|
||||||
timer := signal.CancelAfterInactivity(ctx, cancel, sessionPolicy.Timeouts.ConnectionIdle)
|
timer := signal.CancelAfterInactivity(ctx, cancel, sessionPolicy.Timeouts.ConnectionIdle)
|
||||||
|
@ -21,7 +21,6 @@ import (
|
|||||||
type MemoryAccount struct {
|
type MemoryAccount struct {
|
||||||
Cipher Cipher
|
Cipher Cipher
|
||||||
Key []byte
|
Key []byte
|
||||||
OneTimeAuth Account_OneTimeAuth
|
|
||||||
}
|
}
|
||||||
|
|
||||||
// Equals implements protocol.Account.Equals().
|
// Equals implements protocol.Account.Equals().
|
||||||
@ -90,7 +89,6 @@ func (a *Account) AsAccount() (protocol.Account, error) {
|
|||||||
return &MemoryAccount{
|
return &MemoryAccount{
|
||||||
Cipher: cipher,
|
Cipher: cipher,
|
||||||
Key: passwordToCipherKey([]byte(a.Password), cipher.KeySize()),
|
Key: passwordToCipherKey([]byte(a.Password), cipher.KeySize()),
|
||||||
OneTimeAuth: a.Ota,
|
|
||||||
}, nil
|
}, nil
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -94,63 +94,13 @@ func (CipherType) EnumDescriptor() ([]byte, []int) {
|
|||||||
return file_proxy_shadowsocks_config_proto_rawDescGZIP(), []int{0}
|
return file_proxy_shadowsocks_config_proto_rawDescGZIP(), []int{0}
|
||||||
}
|
}
|
||||||
|
|
||||||
type Account_OneTimeAuth int32
|
|
||||||
|
|
||||||
const (
|
|
||||||
Account_Auto Account_OneTimeAuth = 0
|
|
||||||
Account_Disabled Account_OneTimeAuth = 1
|
|
||||||
Account_Enabled Account_OneTimeAuth = 2
|
|
||||||
)
|
|
||||||
|
|
||||||
// Enum value maps for Account_OneTimeAuth.
|
|
||||||
var (
|
|
||||||
Account_OneTimeAuth_name = map[int32]string{
|
|
||||||
0: "Auto",
|
|
||||||
1: "Disabled",
|
|
||||||
2: "Enabled",
|
|
||||||
}
|
|
||||||
Account_OneTimeAuth_value = map[string]int32{
|
|
||||||
"Auto": 0,
|
|
||||||
"Disabled": 1,
|
|
||||||
"Enabled": 2,
|
|
||||||
}
|
|
||||||
)
|
|
||||||
|
|
||||||
func (x Account_OneTimeAuth) Enum() *Account_OneTimeAuth {
|
|
||||||
p := new(Account_OneTimeAuth)
|
|
||||||
*p = x
|
|
||||||
return p
|
|
||||||
}
|
|
||||||
|
|
||||||
func (x Account_OneTimeAuth) String() string {
|
|
||||||
return protoimpl.X.EnumStringOf(x.Descriptor(), protoreflect.EnumNumber(x))
|
|
||||||
}
|
|
||||||
|
|
||||||
func (Account_OneTimeAuth) Descriptor() protoreflect.EnumDescriptor {
|
|
||||||
return file_proxy_shadowsocks_config_proto_enumTypes[1].Descriptor()
|
|
||||||
}
|
|
||||||
|
|
||||||
func (Account_OneTimeAuth) Type() protoreflect.EnumType {
|
|
||||||
return &file_proxy_shadowsocks_config_proto_enumTypes[1]
|
|
||||||
}
|
|
||||||
|
|
||||||
func (x Account_OneTimeAuth) Number() protoreflect.EnumNumber {
|
|
||||||
return protoreflect.EnumNumber(x)
|
|
||||||
}
|
|
||||||
|
|
||||||
// Deprecated: Use Account_OneTimeAuth.Descriptor instead.
|
|
||||||
func (Account_OneTimeAuth) EnumDescriptor() ([]byte, []int) {
|
|
||||||
return file_proxy_shadowsocks_config_proto_rawDescGZIP(), []int{0, 0}
|
|
||||||
}
|
|
||||||
|
|
||||||
type Account struct {
|
type Account struct {
|
||||||
state protoimpl.MessageState
|
state protoimpl.MessageState
|
||||||
sizeCache protoimpl.SizeCache
|
sizeCache protoimpl.SizeCache
|
||||||
unknownFields protoimpl.UnknownFields
|
unknownFields protoimpl.UnknownFields
|
||||||
|
|
||||||
Password string `protobuf:"bytes,1,opt,name=password,proto3" json:"password,omitempty"`
|
Password string `protobuf:"bytes,1,opt,name=password,proto3" json:"password,omitempty"`
|
||||||
CipherType CipherType `protobuf:"varint,2,opt,name=cipher_type,json=cipherType,proto3,enum=v2ray.core.proxy.shadowsocks.CipherType" json:"cipher_type,omitempty"`
|
CipherType CipherType `protobuf:"varint,2,opt,name=cipher_type,json=cipherType,proto3,enum=v2ray.core.proxy.shadowsocks.CipherType" json:"cipher_type,omitempty"`
|
||||||
Ota Account_OneTimeAuth `protobuf:"varint,3,opt,name=ota,proto3,enum=v2ray.core.proxy.shadowsocks.Account_OneTimeAuth" json:"ota,omitempty"`
|
|
||||||
}
|
}
|
||||||
|
|
||||||
func (x *Account) Reset() {
|
func (x *Account) Reset() {
|
||||||
@ -199,13 +149,6 @@ func (x *Account) GetCipherType() CipherType {
|
|||||||
return CipherType_UNKNOWN
|
return CipherType_UNKNOWN
|
||||||
}
|
}
|
||||||
|
|
||||||
func (x *Account) GetOta() Account_OneTimeAuth {
|
|
||||||
if x != nil {
|
|
||||||
return x.Ota
|
|
||||||
}
|
|
||||||
return Account_Auto
|
|
||||||
}
|
|
||||||
|
|
||||||
type ServerConfig struct {
|
type ServerConfig struct {
|
||||||
state protoimpl.MessageState
|
state protoimpl.MessageState
|
||||||
sizeCache protoimpl.SizeCache
|
sizeCache protoimpl.SizeCache
|
||||||
@ -333,54 +276,47 @@ var file_proxy_shadowsocks_config_proto_rawDesc = []byte{
|
|||||||
0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x63, 0x6f, 0x6c, 0x2f, 0x75, 0x73, 0x65, 0x72, 0x2e, 0x70,
|
0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x63, 0x6f, 0x6c, 0x2f, 0x75, 0x73, 0x65, 0x72, 0x2e, 0x70,
|
||||||
0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x21, 0x63, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x2f, 0x70, 0x72, 0x6f,
|
0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x21, 0x63, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x2f, 0x70, 0x72, 0x6f,
|
||||||
0x74, 0x6f, 0x63, 0x6f, 0x6c, 0x2f, 0x73, 0x65, 0x72, 0x76, 0x65, 0x72, 0x5f, 0x73, 0x70, 0x65,
|
0x74, 0x6f, 0x63, 0x6f, 0x6c, 0x2f, 0x73, 0x65, 0x72, 0x76, 0x65, 0x72, 0x5f, 0x73, 0x70, 0x65,
|
||||||
0x63, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x22, 0xe9, 0x01, 0x0a, 0x07, 0x41, 0x63, 0x63, 0x6f,
|
0x63, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x22, 0x70, 0x0a, 0x07, 0x41, 0x63, 0x63, 0x6f, 0x75,
|
||||||
0x75, 0x6e, 0x74, 0x12, 0x1a, 0x0a, 0x08, 0x70, 0x61, 0x73, 0x73, 0x77, 0x6f, 0x72, 0x64, 0x18,
|
0x6e, 0x74, 0x12, 0x1a, 0x0a, 0x08, 0x70, 0x61, 0x73, 0x73, 0x77, 0x6f, 0x72, 0x64, 0x18, 0x01,
|
||||||
0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x08, 0x70, 0x61, 0x73, 0x73, 0x77, 0x6f, 0x72, 0x64, 0x12,
|
0x20, 0x01, 0x28, 0x09, 0x52, 0x08, 0x70, 0x61, 0x73, 0x73, 0x77, 0x6f, 0x72, 0x64, 0x12, 0x49,
|
||||||
0x49, 0x0a, 0x0b, 0x63, 0x69, 0x70, 0x68, 0x65, 0x72, 0x5f, 0x74, 0x79, 0x70, 0x65, 0x18, 0x02,
|
0x0a, 0x0b, 0x63, 0x69, 0x70, 0x68, 0x65, 0x72, 0x5f, 0x74, 0x79, 0x70, 0x65, 0x18, 0x02, 0x20,
|
||||||
0x20, 0x01, 0x28, 0x0e, 0x32, 0x28, 0x2e, 0x76, 0x32, 0x72, 0x61, 0x79, 0x2e, 0x63, 0x6f, 0x72,
|
0x01, 0x28, 0x0e, 0x32, 0x28, 0x2e, 0x76, 0x32, 0x72, 0x61, 0x79, 0x2e, 0x63, 0x6f, 0x72, 0x65,
|
||||||
0x65, 0x2e, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x2e, 0x73, 0x68, 0x61, 0x64, 0x6f, 0x77, 0x73, 0x6f,
|
0x2e, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x2e, 0x73, 0x68, 0x61, 0x64, 0x6f, 0x77, 0x73, 0x6f, 0x63,
|
||||||
0x63, 0x6b, 0x73, 0x2e, 0x43, 0x69, 0x70, 0x68, 0x65, 0x72, 0x54, 0x79, 0x70, 0x65, 0x52, 0x0a,
|
0x6b, 0x73, 0x2e, 0x43, 0x69, 0x70, 0x68, 0x65, 0x72, 0x54, 0x79, 0x70, 0x65, 0x52, 0x0a, 0x63,
|
||||||
0x63, 0x69, 0x70, 0x68, 0x65, 0x72, 0x54, 0x79, 0x70, 0x65, 0x12, 0x43, 0x0a, 0x03, 0x6f, 0x74,
|
0x69, 0x70, 0x68, 0x65, 0x72, 0x54, 0x79, 0x70, 0x65, 0x22, 0xa3, 0x01, 0x0a, 0x0c, 0x53, 0x65,
|
||||||
0x61, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0e, 0x32, 0x31, 0x2e, 0x76, 0x32, 0x72, 0x61, 0x79, 0x2e,
|
0x72, 0x76, 0x65, 0x72, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x23, 0x0a, 0x0b, 0x75, 0x64,
|
||||||
0x63, 0x6f, 0x72, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x2e, 0x73, 0x68, 0x61, 0x64, 0x6f,
|
0x70, 0x5f, 0x65, 0x6e, 0x61, 0x62, 0x6c, 0x65, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x08, 0x42,
|
||||||
0x77, 0x73, 0x6f, 0x63, 0x6b, 0x73, 0x2e, 0x41, 0x63, 0x63, 0x6f, 0x75, 0x6e, 0x74, 0x2e, 0x4f,
|
0x02, 0x18, 0x01, 0x52, 0x0a, 0x75, 0x64, 0x70, 0x45, 0x6e, 0x61, 0x62, 0x6c, 0x65, 0x64, 0x12,
|
||||||
0x6e, 0x65, 0x54, 0x69, 0x6d, 0x65, 0x41, 0x75, 0x74, 0x68, 0x52, 0x03, 0x6f, 0x74, 0x61, 0x22,
|
0x34, 0x0a, 0x04, 0x75, 0x73, 0x65, 0x72, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x20, 0x2e,
|
||||||
0x32, 0x0a, 0x0b, 0x4f, 0x6e, 0x65, 0x54, 0x69, 0x6d, 0x65, 0x41, 0x75, 0x74, 0x68, 0x12, 0x08,
|
0x76, 0x32, 0x72, 0x61, 0x79, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x63, 0x6f, 0x6d, 0x6d, 0x6f,
|
||||||
0x0a, 0x04, 0x41, 0x75, 0x74, 0x6f, 0x10, 0x00, 0x12, 0x0c, 0x0a, 0x08, 0x44, 0x69, 0x73, 0x61,
|
0x6e, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x63, 0x6f, 0x6c, 0x2e, 0x55, 0x73, 0x65, 0x72, 0x52,
|
||||||
0x62, 0x6c, 0x65, 0x64, 0x10, 0x01, 0x12, 0x0b, 0x0a, 0x07, 0x45, 0x6e, 0x61, 0x62, 0x6c, 0x65,
|
0x04, 0x75, 0x73, 0x65, 0x72, 0x12, 0x38, 0x0a, 0x07, 0x6e, 0x65, 0x74, 0x77, 0x6f, 0x72, 0x6b,
|
||||||
0x64, 0x10, 0x02, 0x22, 0xa3, 0x01, 0x0a, 0x0c, 0x53, 0x65, 0x72, 0x76, 0x65, 0x72, 0x43, 0x6f,
|
0x18, 0x03, 0x20, 0x03, 0x28, 0x0e, 0x32, 0x1e, 0x2e, 0x76, 0x32, 0x72, 0x61, 0x79, 0x2e, 0x63,
|
||||||
0x6e, 0x66, 0x69, 0x67, 0x12, 0x23, 0x0a, 0x0b, 0x75, 0x64, 0x70, 0x5f, 0x65, 0x6e, 0x61, 0x62,
|
0x6f, 0x72, 0x65, 0x2e, 0x63, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x2e, 0x6e, 0x65, 0x74, 0x2e, 0x4e,
|
||||||
0x6c, 0x65, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x08, 0x42, 0x02, 0x18, 0x01, 0x52, 0x0a, 0x75,
|
0x65, 0x74, 0x77, 0x6f, 0x72, 0x6b, 0x52, 0x07, 0x6e, 0x65, 0x74, 0x77, 0x6f, 0x72, 0x6b, 0x22,
|
||||||
0x64, 0x70, 0x45, 0x6e, 0x61, 0x62, 0x6c, 0x65, 0x64, 0x12, 0x34, 0x0a, 0x04, 0x75, 0x73, 0x65,
|
0x52, 0x0a, 0x0c, 0x43, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12,
|
||||||
0x72, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x20, 0x2e, 0x76, 0x32, 0x72, 0x61, 0x79, 0x2e,
|
0x42, 0x0a, 0x06, 0x73, 0x65, 0x72, 0x76, 0x65, 0x72, 0x18, 0x01, 0x20, 0x03, 0x28, 0x0b, 0x32,
|
||||||
0x63, 0x6f, 0x72, 0x65, 0x2e, 0x63, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x2e, 0x70, 0x72, 0x6f, 0x74,
|
0x2a, 0x2e, 0x76, 0x32, 0x72, 0x61, 0x79, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x63, 0x6f, 0x6d,
|
||||||
0x6f, 0x63, 0x6f, 0x6c, 0x2e, 0x55, 0x73, 0x65, 0x72, 0x52, 0x04, 0x75, 0x73, 0x65, 0x72, 0x12,
|
0x6d, 0x6f, 0x6e, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x63, 0x6f, 0x6c, 0x2e, 0x53, 0x65, 0x72,
|
||||||
0x38, 0x0a, 0x07, 0x6e, 0x65, 0x74, 0x77, 0x6f, 0x72, 0x6b, 0x18, 0x03, 0x20, 0x03, 0x28, 0x0e,
|
0x76, 0x65, 0x72, 0x45, 0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74, 0x52, 0x06, 0x73, 0x65, 0x72,
|
||||||
0x32, 0x1e, 0x2e, 0x76, 0x32, 0x72, 0x61, 0x79, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x63, 0x6f,
|
0x76, 0x65, 0x72, 0x2a, 0x9f, 0x01, 0x0a, 0x0a, 0x43, 0x69, 0x70, 0x68, 0x65, 0x72, 0x54, 0x79,
|
||||||
0x6d, 0x6d, 0x6f, 0x6e, 0x2e, 0x6e, 0x65, 0x74, 0x2e, 0x4e, 0x65, 0x74, 0x77, 0x6f, 0x72, 0x6b,
|
0x70, 0x65, 0x12, 0x0b, 0x0a, 0x07, 0x55, 0x4e, 0x4b, 0x4e, 0x4f, 0x57, 0x4e, 0x10, 0x00, 0x12,
|
||||||
0x52, 0x07, 0x6e, 0x65, 0x74, 0x77, 0x6f, 0x72, 0x6b, 0x22, 0x52, 0x0a, 0x0c, 0x43, 0x6c, 0x69,
|
0x0f, 0x0a, 0x0b, 0x41, 0x45, 0x53, 0x5f, 0x31, 0x32, 0x38, 0x5f, 0x43, 0x46, 0x42, 0x10, 0x01,
|
||||||
0x65, 0x6e, 0x74, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x42, 0x0a, 0x06, 0x73, 0x65, 0x72,
|
0x12, 0x0f, 0x0a, 0x0b, 0x41, 0x45, 0x53, 0x5f, 0x32, 0x35, 0x36, 0x5f, 0x43, 0x46, 0x42, 0x10,
|
||||||
0x76, 0x65, 0x72, 0x18, 0x01, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x2a, 0x2e, 0x76, 0x32, 0x72, 0x61,
|
0x02, 0x12, 0x0c, 0x0a, 0x08, 0x43, 0x48, 0x41, 0x43, 0x48, 0x41, 0x32, 0x30, 0x10, 0x03, 0x12,
|
||||||
0x79, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x63, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x2e, 0x70, 0x72,
|
0x11, 0x0a, 0x0d, 0x43, 0x48, 0x41, 0x43, 0x48, 0x41, 0x32, 0x30, 0x5f, 0x49, 0x45, 0x54, 0x46,
|
||||||
0x6f, 0x74, 0x6f, 0x63, 0x6f, 0x6c, 0x2e, 0x53, 0x65, 0x72, 0x76, 0x65, 0x72, 0x45, 0x6e, 0x64,
|
0x10, 0x04, 0x12, 0x0f, 0x0a, 0x0b, 0x41, 0x45, 0x53, 0x5f, 0x31, 0x32, 0x38, 0x5f, 0x47, 0x43,
|
||||||
0x70, 0x6f, 0x69, 0x6e, 0x74, 0x52, 0x06, 0x73, 0x65, 0x72, 0x76, 0x65, 0x72, 0x2a, 0x9f, 0x01,
|
0x4d, 0x10, 0x05, 0x12, 0x0f, 0x0a, 0x0b, 0x41, 0x45, 0x53, 0x5f, 0x32, 0x35, 0x36, 0x5f, 0x47,
|
||||||
0x0a, 0x0a, 0x43, 0x69, 0x70, 0x68, 0x65, 0x72, 0x54, 0x79, 0x70, 0x65, 0x12, 0x0b, 0x0a, 0x07,
|
0x43, 0x4d, 0x10, 0x06, 0x12, 0x15, 0x0a, 0x11, 0x43, 0x48, 0x41, 0x43, 0x48, 0x41, 0x32, 0x30,
|
||||||
0x55, 0x4e, 0x4b, 0x4e, 0x4f, 0x57, 0x4e, 0x10, 0x00, 0x12, 0x0f, 0x0a, 0x0b, 0x41, 0x45, 0x53,
|
0x5f, 0x50, 0x4f, 0x4c, 0x59, 0x31, 0x33, 0x30, 0x35, 0x10, 0x07, 0x12, 0x08, 0x0a, 0x04, 0x4e,
|
||||||
0x5f, 0x31, 0x32, 0x38, 0x5f, 0x43, 0x46, 0x42, 0x10, 0x01, 0x12, 0x0f, 0x0a, 0x0b, 0x41, 0x45,
|
0x4f, 0x4e, 0x45, 0x10, 0x08, 0x42, 0x65, 0x0a, 0x20, 0x63, 0x6f, 0x6d, 0x2e, 0x76, 0x32, 0x72,
|
||||||
0x53, 0x5f, 0x32, 0x35, 0x36, 0x5f, 0x43, 0x46, 0x42, 0x10, 0x02, 0x12, 0x0c, 0x0a, 0x08, 0x43,
|
0x61, 0x79, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x2e, 0x73, 0x68,
|
||||||
0x48, 0x41, 0x43, 0x48, 0x41, 0x32, 0x30, 0x10, 0x03, 0x12, 0x11, 0x0a, 0x0d, 0x43, 0x48, 0x41,
|
0x61, 0x64, 0x6f, 0x77, 0x73, 0x6f, 0x63, 0x6b, 0x73, 0x50, 0x01, 0x5a, 0x20, 0x76, 0x32, 0x72,
|
||||||
0x43, 0x48, 0x41, 0x32, 0x30, 0x5f, 0x49, 0x45, 0x54, 0x46, 0x10, 0x04, 0x12, 0x0f, 0x0a, 0x0b,
|
0x61, 0x79, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x63, 0x6f, 0x72, 0x65, 0x2f, 0x70, 0x72, 0x6f, 0x78,
|
||||||
0x41, 0x45, 0x53, 0x5f, 0x31, 0x32, 0x38, 0x5f, 0x47, 0x43, 0x4d, 0x10, 0x05, 0x12, 0x0f, 0x0a,
|
0x79, 0x2f, 0x73, 0x68, 0x61, 0x64, 0x6f, 0x77, 0x73, 0x6f, 0x63, 0x6b, 0x73, 0xaa, 0x02, 0x1c,
|
||||||
0x0b, 0x41, 0x45, 0x53, 0x5f, 0x32, 0x35, 0x36, 0x5f, 0x47, 0x43, 0x4d, 0x10, 0x06, 0x12, 0x15,
|
0x56, 0x32, 0x52, 0x61, 0x79, 0x2e, 0x43, 0x6f, 0x72, 0x65, 0x2e, 0x50, 0x72, 0x6f, 0x78, 0x79,
|
||||||
0x0a, 0x11, 0x43, 0x48, 0x41, 0x43, 0x48, 0x41, 0x32, 0x30, 0x5f, 0x50, 0x4f, 0x4c, 0x59, 0x31,
|
0x2e, 0x53, 0x68, 0x61, 0x64, 0x6f, 0x77, 0x73, 0x6f, 0x63, 0x6b, 0x73, 0x62, 0x06, 0x70, 0x72,
|
||||||
0x33, 0x30, 0x35, 0x10, 0x07, 0x12, 0x08, 0x0a, 0x04, 0x4e, 0x4f, 0x4e, 0x45, 0x10, 0x08, 0x42,
|
0x6f, 0x74, 0x6f, 0x33,
|
||||||
0x65, 0x0a, 0x20, 0x63, 0x6f, 0x6d, 0x2e, 0x76, 0x32, 0x72, 0x61, 0x79, 0x2e, 0x63, 0x6f, 0x72,
|
|
||||||
0x65, 0x2e, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x2e, 0x73, 0x68, 0x61, 0x64, 0x6f, 0x77, 0x73, 0x6f,
|
|
||||||
0x63, 0x6b, 0x73, 0x50, 0x01, 0x5a, 0x20, 0x76, 0x32, 0x72, 0x61, 0x79, 0x2e, 0x63, 0x6f, 0x6d,
|
|
||||||
0x2f, 0x63, 0x6f, 0x72, 0x65, 0x2f, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x2f, 0x73, 0x68, 0x61, 0x64,
|
|
||||||
0x6f, 0x77, 0x73, 0x6f, 0x63, 0x6b, 0x73, 0xaa, 0x02, 0x1c, 0x56, 0x32, 0x52, 0x61, 0x79, 0x2e,
|
|
||||||
0x43, 0x6f, 0x72, 0x65, 0x2e, 0x50, 0x72, 0x6f, 0x78, 0x79, 0x2e, 0x53, 0x68, 0x61, 0x64, 0x6f,
|
|
||||||
0x77, 0x73, 0x6f, 0x63, 0x6b, 0x73, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33,
|
|
||||||
}
|
}
|
||||||
|
|
||||||
var (
|
var (
|
||||||
@ -395,29 +331,27 @@ func file_proxy_shadowsocks_config_proto_rawDescGZIP() []byte {
|
|||||||
return file_proxy_shadowsocks_config_proto_rawDescData
|
return file_proxy_shadowsocks_config_proto_rawDescData
|
||||||
}
|
}
|
||||||
|
|
||||||
var file_proxy_shadowsocks_config_proto_enumTypes = make([]protoimpl.EnumInfo, 2)
|
var file_proxy_shadowsocks_config_proto_enumTypes = make([]protoimpl.EnumInfo, 1)
|
||||||
var file_proxy_shadowsocks_config_proto_msgTypes = make([]protoimpl.MessageInfo, 3)
|
var file_proxy_shadowsocks_config_proto_msgTypes = make([]protoimpl.MessageInfo, 3)
|
||||||
var file_proxy_shadowsocks_config_proto_goTypes = []interface{}{
|
var file_proxy_shadowsocks_config_proto_goTypes = []interface{}{
|
||||||
(CipherType)(0), // 0: v2ray.core.proxy.shadowsocks.CipherType
|
(CipherType)(0), // 0: v2ray.core.proxy.shadowsocks.CipherType
|
||||||
(Account_OneTimeAuth)(0), // 1: v2ray.core.proxy.shadowsocks.Account.OneTimeAuth
|
(*Account)(nil), // 1: v2ray.core.proxy.shadowsocks.Account
|
||||||
(*Account)(nil), // 2: v2ray.core.proxy.shadowsocks.Account
|
(*ServerConfig)(nil), // 2: v2ray.core.proxy.shadowsocks.ServerConfig
|
||||||
(*ServerConfig)(nil), // 3: v2ray.core.proxy.shadowsocks.ServerConfig
|
(*ClientConfig)(nil), // 3: v2ray.core.proxy.shadowsocks.ClientConfig
|
||||||
(*ClientConfig)(nil), // 4: v2ray.core.proxy.shadowsocks.ClientConfig
|
(*protocol.User)(nil), // 4: v2ray.core.common.protocol.User
|
||||||
(*protocol.User)(nil), // 5: v2ray.core.common.protocol.User
|
(net.Network)(0), // 5: v2ray.core.common.net.Network
|
||||||
(net.Network)(0), // 6: v2ray.core.common.net.Network
|
(*protocol.ServerEndpoint)(nil), // 6: v2ray.core.common.protocol.ServerEndpoint
|
||||||
(*protocol.ServerEndpoint)(nil), // 7: v2ray.core.common.protocol.ServerEndpoint
|
|
||||||
}
|
}
|
||||||
var file_proxy_shadowsocks_config_proto_depIdxs = []int32{
|
var file_proxy_shadowsocks_config_proto_depIdxs = []int32{
|
||||||
0, // 0: v2ray.core.proxy.shadowsocks.Account.cipher_type:type_name -> v2ray.core.proxy.shadowsocks.CipherType
|
0, // 0: v2ray.core.proxy.shadowsocks.Account.cipher_type:type_name -> v2ray.core.proxy.shadowsocks.CipherType
|
||||||
1, // 1: v2ray.core.proxy.shadowsocks.Account.ota:type_name -> v2ray.core.proxy.shadowsocks.Account.OneTimeAuth
|
4, // 1: v2ray.core.proxy.shadowsocks.ServerConfig.user:type_name -> v2ray.core.common.protocol.User
|
||||||
5, // 2: v2ray.core.proxy.shadowsocks.ServerConfig.user:type_name -> v2ray.core.common.protocol.User
|
5, // 2: v2ray.core.proxy.shadowsocks.ServerConfig.network:type_name -> v2ray.core.common.net.Network
|
||||||
6, // 3: v2ray.core.proxy.shadowsocks.ServerConfig.network:type_name -> v2ray.core.common.net.Network
|
6, // 3: v2ray.core.proxy.shadowsocks.ClientConfig.server:type_name -> v2ray.core.common.protocol.ServerEndpoint
|
||||||
7, // 4: v2ray.core.proxy.shadowsocks.ClientConfig.server:type_name -> v2ray.core.common.protocol.ServerEndpoint
|
4, // [4:4] is the sub-list for method output_type
|
||||||
5, // [5:5] is the sub-list for method output_type
|
4, // [4:4] is the sub-list for method input_type
|
||||||
5, // [5:5] is the sub-list for method input_type
|
4, // [4:4] is the sub-list for extension type_name
|
||||||
5, // [5:5] is the sub-list for extension type_name
|
4, // [4:4] is the sub-list for extension extendee
|
||||||
5, // [5:5] is the sub-list for extension extendee
|
0, // [0:4] is the sub-list for field type_name
|
||||||
0, // [0:5] is the sub-list for field type_name
|
|
||||||
}
|
}
|
||||||
|
|
||||||
func init() { file_proxy_shadowsocks_config_proto_init() }
|
func init() { file_proxy_shadowsocks_config_proto_init() }
|
||||||
@ -468,7 +402,7 @@ func file_proxy_shadowsocks_config_proto_init() {
|
|||||||
File: protoimpl.DescBuilder{
|
File: protoimpl.DescBuilder{
|
||||||
GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
|
GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
|
||||||
RawDescriptor: file_proxy_shadowsocks_config_proto_rawDesc,
|
RawDescriptor: file_proxy_shadowsocks_config_proto_rawDesc,
|
||||||
NumEnums: 2,
|
NumEnums: 1,
|
||||||
NumMessages: 3,
|
NumMessages: 3,
|
||||||
NumExtensions: 0,
|
NumExtensions: 0,
|
||||||
NumServices: 0,
|
NumServices: 0,
|
||||||
|
@ -11,14 +11,8 @@ import "common/protocol/user.proto";
|
|||||||
import "common/protocol/server_spec.proto";
|
import "common/protocol/server_spec.proto";
|
||||||
|
|
||||||
message Account {
|
message Account {
|
||||||
enum OneTimeAuth {
|
|
||||||
Auto = 0;
|
|
||||||
Disabled = 1;
|
|
||||||
Enabled = 2;
|
|
||||||
}
|
|
||||||
string password = 1;
|
string password = 1;
|
||||||
CipherType cipher_type = 2;
|
CipherType cipher_type = 2;
|
||||||
OneTimeAuth ota = 3;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
enum CipherType {
|
enum CipherType {
|
||||||
|
@ -1,132 +0,0 @@
|
|||||||
// +build !confonly
|
|
||||||
|
|
||||||
package shadowsocks
|
|
||||||
|
|
||||||
import (
|
|
||||||
"bytes"
|
|
||||||
"crypto/hmac"
|
|
||||||
"crypto/sha1"
|
|
||||||
"encoding/binary"
|
|
||||||
"io"
|
|
||||||
|
|
||||||
"v2ray.com/core/common"
|
|
||||||
"v2ray.com/core/common/buf"
|
|
||||||
"v2ray.com/core/common/bytespool"
|
|
||||||
"v2ray.com/core/common/serial"
|
|
||||||
)
|
|
||||||
|
|
||||||
const (
|
|
||||||
// AuthSize is the number of extra bytes for Shadowsocks OTA.
|
|
||||||
AuthSize = 10
|
|
||||||
)
|
|
||||||
|
|
||||||
type KeyGenerator func() []byte
|
|
||||||
|
|
||||||
type Authenticator struct {
|
|
||||||
key KeyGenerator
|
|
||||||
}
|
|
||||||
|
|
||||||
func NewAuthenticator(keygen KeyGenerator) *Authenticator {
|
|
||||||
return &Authenticator{
|
|
||||||
key: keygen,
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
func (v *Authenticator) Authenticate(data []byte, dest []byte) {
|
|
||||||
hasher := hmac.New(sha1.New, v.key())
|
|
||||||
common.Must2(hasher.Write(data))
|
|
||||||
res := hasher.Sum(nil)
|
|
||||||
copy(dest, res[:AuthSize])
|
|
||||||
}
|
|
||||||
|
|
||||||
func HeaderKeyGenerator(key []byte, iv []byte) func() []byte {
|
|
||||||
return func() []byte {
|
|
||||||
newKey := make([]byte, 0, len(key)+len(iv))
|
|
||||||
newKey = append(newKey, iv...)
|
|
||||||
newKey = append(newKey, key...)
|
|
||||||
return newKey
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
func ChunkKeyGenerator(iv []byte) func() []byte {
|
|
||||||
chunkID := uint32(0)
|
|
||||||
return func() []byte {
|
|
||||||
newKey := make([]byte, len(iv)+4)
|
|
||||||
copy(newKey, iv)
|
|
||||||
binary.BigEndian.PutUint32(newKey[len(iv):], chunkID)
|
|
||||||
chunkID++
|
|
||||||
return newKey
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
type ChunkReader struct {
|
|
||||||
reader io.Reader
|
|
||||||
auth *Authenticator
|
|
||||||
}
|
|
||||||
|
|
||||||
func NewChunkReader(reader io.Reader, auth *Authenticator) *ChunkReader {
|
|
||||||
return &ChunkReader{
|
|
||||||
reader: reader,
|
|
||||||
auth: auth,
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
func (v *ChunkReader) ReadMultiBuffer() (buf.MultiBuffer, error) {
|
|
||||||
size, err := serial.ReadUint16(v.reader)
|
|
||||||
if err != nil {
|
|
||||||
return nil, newError("failed to read size").Base(err)
|
|
||||||
}
|
|
||||||
size += AuthSize
|
|
||||||
|
|
||||||
buffer := bytespool.Alloc(int32(size))
|
|
||||||
defer bytespool.Free(buffer)
|
|
||||||
|
|
||||||
if _, err := io.ReadFull(v.reader, buffer[:size]); err != nil {
|
|
||||||
return nil, err
|
|
||||||
}
|
|
||||||
|
|
||||||
authBytes := buffer[:AuthSize]
|
|
||||||
payload := buffer[AuthSize:size]
|
|
||||||
|
|
||||||
actualAuthBytes := make([]byte, AuthSize)
|
|
||||||
v.auth.Authenticate(payload, actualAuthBytes)
|
|
||||||
if !bytes.Equal(authBytes, actualAuthBytes) {
|
|
||||||
return nil, newError("invalid auth")
|
|
||||||
}
|
|
||||||
|
|
||||||
mb := buf.MergeBytes(nil, payload)
|
|
||||||
|
|
||||||
return mb, nil
|
|
||||||
}
|
|
||||||
|
|
||||||
type ChunkWriter struct {
|
|
||||||
writer io.Writer
|
|
||||||
auth *Authenticator
|
|
||||||
buffer []byte
|
|
||||||
}
|
|
||||||
|
|
||||||
func NewChunkWriter(writer io.Writer, auth *Authenticator) *ChunkWriter {
|
|
||||||
return &ChunkWriter{
|
|
||||||
writer: writer,
|
|
||||||
auth: auth,
|
|
||||||
buffer: make([]byte, 32*1024),
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
// WriteMultiBuffer implements buf.Writer.
|
|
||||||
func (w *ChunkWriter) WriteMultiBuffer(mb buf.MultiBuffer) error {
|
|
||||||
defer buf.ReleaseMulti(mb)
|
|
||||||
|
|
||||||
for {
|
|
||||||
mb, payloadLen := buf.SplitBytes(mb, w.buffer[2+AuthSize:])
|
|
||||||
binary.BigEndian.PutUint16(w.buffer, uint16(payloadLen))
|
|
||||||
w.auth.Authenticate(w.buffer[2+AuthSize:2+AuthSize+payloadLen], w.buffer[2:])
|
|
||||||
if err := buf.WriteAllBytes(w.writer, w.buffer[:2+AuthSize+payloadLen]); err != nil {
|
|
||||||
return err
|
|
||||||
}
|
|
||||||
if mb.IsEmpty() {
|
|
||||||
break
|
|
||||||
}
|
|
||||||
}
|
|
||||||
return nil
|
|
||||||
}
|
|
@ -1,37 +0,0 @@
|
|||||||
package shadowsocks_test
|
|
||||||
|
|
||||||
import (
|
|
||||||
"testing"
|
|
||||||
|
|
||||||
"github.com/google/go-cmp/cmp"
|
|
||||||
|
|
||||||
"v2ray.com/core/common"
|
|
||||||
"v2ray.com/core/common/buf"
|
|
||||||
. "v2ray.com/core/proxy/shadowsocks"
|
|
||||||
)
|
|
||||||
|
|
||||||
func TestNormalChunkReading(t *testing.T) {
|
|
||||||
buffer := buf.New()
|
|
||||||
buffer.Write([]byte{0, 8, 39, 228, 69, 96, 133, 39, 254, 26, 201, 70, 11, 12, 13, 14, 15, 16, 17, 18})
|
|
||||||
reader := NewChunkReader(buffer, NewAuthenticator(ChunkKeyGenerator(
|
|
||||||
[]byte{21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36})))
|
|
||||||
payload, err := reader.ReadMultiBuffer()
|
|
||||||
common.Must(err)
|
|
||||||
|
|
||||||
if diff := cmp.Diff(payload[0].Bytes(), []byte{11, 12, 13, 14, 15, 16, 17, 18}); diff != "" {
|
|
||||||
t.Error(diff)
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
func TestNormalChunkWriting(t *testing.T) {
|
|
||||||
buffer := buf.New()
|
|
||||||
writer := NewChunkWriter(buffer, NewAuthenticator(ChunkKeyGenerator(
|
|
||||||
[]byte{21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36})))
|
|
||||||
|
|
||||||
b := buf.New()
|
|
||||||
b.Write([]byte{11, 12, 13, 14, 15, 16, 17, 18})
|
|
||||||
common.Must(writer.WriteMultiBuffer(buf.MultiBuffer{b}))
|
|
||||||
if diff := cmp.Diff(buffer.Bytes(), []byte{0, 8, 39, 228, 69, 96, 133, 39, 254, 26, 201, 70, 11, 12, 13, 14, 15, 16, 17, 18}); diff != "" {
|
|
||||||
t.Error(diff)
|
|
||||||
}
|
|
||||||
}
|
|
@ -3,7 +3,6 @@
|
|||||||
package shadowsocks
|
package shadowsocks
|
||||||
|
|
||||||
import (
|
import (
|
||||||
"bytes"
|
|
||||||
"crypto/hmac"
|
"crypto/hmac"
|
||||||
"crypto/rand"
|
"crypto/rand"
|
||||||
"crypto/sha256"
|
"crypto/sha256"
|
||||||
@ -14,7 +13,6 @@ import (
|
|||||||
"v2ray.com/core/common/dice"
|
"v2ray.com/core/common/dice"
|
||||||
|
|
||||||
"v2ray.com/core/common"
|
"v2ray.com/core/common"
|
||||||
"v2ray.com/core/common/bitmask"
|
|
||||||
"v2ray.com/core/common/buf"
|
"v2ray.com/core/common/buf"
|
||||||
"v2ray.com/core/common/net"
|
"v2ray.com/core/common/net"
|
||||||
"v2ray.com/core/common/protocol"
|
"v2ray.com/core/common/protocol"
|
||||||
@ -22,7 +20,6 @@ import (
|
|||||||
|
|
||||||
const (
|
const (
|
||||||
Version = 1
|
Version = 1
|
||||||
RequestOptionOneTimeAuth bitmask.Byte = 0x01
|
|
||||||
)
|
)
|
||||||
|
|
||||||
var addrParser = protocol.NewAddressParser(
|
var addrParser = protocol.NewAddressParser(
|
||||||
@ -73,7 +70,6 @@ func ReadTCPSession(user *protocol.MemoryUser, reader io.Reader) (*protocol.Requ
|
|||||||
}
|
}
|
||||||
br := &buf.BufferedReader{Reader: r}
|
br := &buf.BufferedReader{Reader: r}
|
||||||
|
|
||||||
authenticator := NewAuthenticator(HeaderKeyGenerator(account.Key, iv))
|
|
||||||
request := &protocol.RequestHeader{
|
request := &protocol.RequestHeader{
|
||||||
Version: Version,
|
Version: Version,
|
||||||
User: user,
|
User: user,
|
||||||
@ -93,56 +89,13 @@ func ReadTCPSession(user *protocol.MemoryUser, reader io.Reader) (*protocol.Requ
|
|||||||
request.Address = addr
|
request.Address = addr
|
||||||
request.Port = port
|
request.Port = port
|
||||||
|
|
||||||
if !account.Cipher.IsAEAD() {
|
|
||||||
if (buffer.Byte(0) & 0x10) == 0x10 {
|
|
||||||
request.Option.Set(RequestOptionOneTimeAuth)
|
|
||||||
}
|
|
||||||
|
|
||||||
if request.Option.Has(RequestOptionOneTimeAuth) && account.OneTimeAuth == Account_Disabled {
|
|
||||||
readSizeRemain -= int(buffer.Len())
|
|
||||||
DrainConnN(reader, readSizeRemain)
|
|
||||||
return nil, nil, newError("rejecting connection with OTA enabled, while server disables OTA")
|
|
||||||
}
|
|
||||||
|
|
||||||
if !request.Option.Has(RequestOptionOneTimeAuth) && account.OneTimeAuth == Account_Enabled {
|
|
||||||
readSizeRemain -= int(buffer.Len())
|
|
||||||
DrainConnN(reader, readSizeRemain)
|
|
||||||
return nil, nil, newError("rejecting connection with OTA disabled, while server enables OTA")
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
if request.Option.Has(RequestOptionOneTimeAuth) {
|
|
||||||
actualAuth := make([]byte, AuthSize)
|
|
||||||
authenticator.Authenticate(buffer.Bytes(), actualAuth)
|
|
||||||
|
|
||||||
_, err := buffer.ReadFullFrom(br, AuthSize)
|
|
||||||
if err != nil {
|
|
||||||
readSizeRemain -= int(buffer.Len())
|
|
||||||
DrainConnN(reader, readSizeRemain)
|
|
||||||
return nil, nil, newError("Failed to read OTA").Base(err)
|
|
||||||
}
|
|
||||||
|
|
||||||
if !bytes.Equal(actualAuth, buffer.BytesFrom(-AuthSize)) {
|
|
||||||
readSizeRemain -= int(buffer.Len())
|
|
||||||
DrainConnN(reader, readSizeRemain)
|
|
||||||
return nil, nil, newError("invalid OTA")
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
if request.Address == nil {
|
if request.Address == nil {
|
||||||
readSizeRemain -= int(buffer.Len())
|
readSizeRemain -= int(buffer.Len())
|
||||||
DrainConnN(reader, readSizeRemain)
|
DrainConnN(reader, readSizeRemain)
|
||||||
return nil, nil, newError("invalid remote address.")
|
return nil, nil, newError("invalid remote address.")
|
||||||
}
|
}
|
||||||
|
|
||||||
var chunkReader buf.Reader
|
return request, br, nil
|
||||||
if request.Option.Has(RequestOptionOneTimeAuth) {
|
|
||||||
chunkReader = NewChunkReader(br, NewAuthenticator(ChunkKeyGenerator(iv)))
|
|
||||||
} else {
|
|
||||||
chunkReader = buf.NewReader(br)
|
|
||||||
}
|
|
||||||
|
|
||||||
return request, chunkReader, nil
|
|
||||||
}
|
}
|
||||||
|
|
||||||
func DrainConnN(reader io.Reader, n int) error {
|
func DrainConnN(reader io.Reader, n int) error {
|
||||||
@ -155,10 +108,6 @@ func WriteTCPRequest(request *protocol.RequestHeader, writer io.Writer) (buf.Wri
|
|||||||
user := request.User
|
user := request.User
|
||||||
account := user.Account.(*MemoryAccount)
|
account := user.Account.(*MemoryAccount)
|
||||||
|
|
||||||
if account.Cipher.IsAEAD() {
|
|
||||||
request.Option.Clear(RequestOptionOneTimeAuth)
|
|
||||||
}
|
|
||||||
|
|
||||||
var iv []byte
|
var iv []byte
|
||||||
if account.Cipher.IVSize() > 0 {
|
if account.Cipher.IVSize() > 0 {
|
||||||
iv = make([]byte, account.Cipher.IVSize())
|
iv = make([]byte, account.Cipher.IVSize())
|
||||||
@ -179,27 +128,11 @@ func WriteTCPRequest(request *protocol.RequestHeader, writer io.Writer) (buf.Wri
|
|||||||
return nil, newError("failed to write address").Base(err)
|
return nil, newError("failed to write address").Base(err)
|
||||||
}
|
}
|
||||||
|
|
||||||
if request.Option.Has(RequestOptionOneTimeAuth) {
|
|
||||||
header.SetByte(0, header.Byte(0)|0x10)
|
|
||||||
|
|
||||||
authenticator := NewAuthenticator(HeaderKeyGenerator(account.Key, iv))
|
|
||||||
authPayload := header.Bytes()
|
|
||||||
authBuffer := header.Extend(AuthSize)
|
|
||||||
authenticator.Authenticate(authPayload, authBuffer)
|
|
||||||
}
|
|
||||||
|
|
||||||
if err := w.WriteMultiBuffer(buf.MultiBuffer{header}); err != nil {
|
if err := w.WriteMultiBuffer(buf.MultiBuffer{header}); err != nil {
|
||||||
return nil, newError("failed to write header").Base(err)
|
return nil, newError("failed to write header").Base(err)
|
||||||
}
|
}
|
||||||
|
|
||||||
var chunkWriter buf.Writer
|
return w, nil
|
||||||
if request.Option.Has(RequestOptionOneTimeAuth) {
|
|
||||||
chunkWriter = NewChunkWriter(w.(io.Writer), NewAuthenticator(ChunkKeyGenerator(iv)))
|
|
||||||
} else {
|
|
||||||
chunkWriter = w
|
|
||||||
}
|
|
||||||
|
|
||||||
return chunkWriter, nil
|
|
||||||
}
|
}
|
||||||
|
|
||||||
func ReadTCPResponse(user *protocol.MemoryUser, reader io.Reader) (buf.Reader, error) {
|
func ReadTCPResponse(user *protocol.MemoryUser, reader io.Reader) (buf.Reader, error) {
|
||||||
@ -241,7 +174,6 @@ func EncodeUDPPacket(request *protocol.RequestHeader, payload []byte) (*buf.Buff
|
|||||||
if ivLen > 0 {
|
if ivLen > 0 {
|
||||||
common.Must2(buffer.ReadFullFrom(rand.Reader, ivLen))
|
common.Must2(buffer.ReadFullFrom(rand.Reader, ivLen))
|
||||||
}
|
}
|
||||||
iv := buffer.Bytes()
|
|
||||||
|
|
||||||
if err := addrParser.WriteAddressPort(buffer, request.Address, request.Port); err != nil {
|
if err := addrParser.WriteAddressPort(buffer, request.Address, request.Port); err != nil {
|
||||||
return nil, newError("failed to write address").Base(err)
|
return nil, newError("failed to write address").Base(err)
|
||||||
@ -249,14 +181,6 @@ func EncodeUDPPacket(request *protocol.RequestHeader, payload []byte) (*buf.Buff
|
|||||||
|
|
||||||
buffer.Write(payload)
|
buffer.Write(payload)
|
||||||
|
|
||||||
if !account.Cipher.IsAEAD() && request.Option.Has(RequestOptionOneTimeAuth) {
|
|
||||||
authenticator := NewAuthenticator(HeaderKeyGenerator(account.Key, iv))
|
|
||||||
buffer.SetByte(ivLen, buffer.Byte(ivLen)|0x10)
|
|
||||||
|
|
||||||
authPayload := buffer.BytesFrom(ivLen)
|
|
||||||
authBuffer := buffer.Extend(AuthSize)
|
|
||||||
authenticator.Authenticate(authPayload, authBuffer)
|
|
||||||
}
|
|
||||||
if err := account.Cipher.EncodePacket(account.Key, buffer); err != nil {
|
if err := account.Cipher.EncodePacket(account.Key, buffer); err != nil {
|
||||||
return nil, newError("failed to encrypt UDP payload").Base(err)
|
return nil, newError("failed to encrypt UDP payload").Base(err)
|
||||||
}
|
}
|
||||||
@ -284,34 +208,6 @@ func DecodeUDPPacket(user *protocol.MemoryUser, payload *buf.Buffer) (*protocol.
|
|||||||
Command: protocol.RequestCommandUDP,
|
Command: protocol.RequestCommandUDP,
|
||||||
}
|
}
|
||||||
|
|
||||||
if !account.Cipher.IsAEAD() {
|
|
||||||
if (payload.Byte(0) & 0x10) == 0x10 {
|
|
||||||
request.Option |= RequestOptionOneTimeAuth
|
|
||||||
}
|
|
||||||
|
|
||||||
if request.Option.Has(RequestOptionOneTimeAuth) && account.OneTimeAuth == Account_Disabled {
|
|
||||||
return nil, nil, newError("rejecting packet with OTA enabled, while server disables OTA").AtWarning()
|
|
||||||
}
|
|
||||||
|
|
||||||
if !request.Option.Has(RequestOptionOneTimeAuth) && account.OneTimeAuth == Account_Enabled {
|
|
||||||
return nil, nil, newError("rejecting packet with OTA disabled, while server enables OTA").AtWarning()
|
|
||||||
}
|
|
||||||
|
|
||||||
if request.Option.Has(RequestOptionOneTimeAuth) {
|
|
||||||
payloadLen := payload.Len() - AuthSize
|
|
||||||
authBytes := payload.BytesFrom(payloadLen)
|
|
||||||
|
|
||||||
authenticator := NewAuthenticator(HeaderKeyGenerator(account.Key, iv))
|
|
||||||
actualAuth := make([]byte, AuthSize)
|
|
||||||
authenticator.Authenticate(payload.BytesTo(payloadLen), actualAuth)
|
|
||||||
if !bytes.Equal(actualAuth, authBytes) {
|
|
||||||
return nil, nil, newError("invalid OTA")
|
|
||||||
}
|
|
||||||
|
|
||||||
payload.Resize(0, payloadLen)
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
payload.SetByte(0, payload.Byte(0)&0x0F)
|
payload.SetByte(0, payload.Byte(0)&0x0F)
|
||||||
|
|
||||||
addr, port, err := addrParser.ReadAddressPort(nil, payload)
|
addr, port, err := addrParser.ReadAddressPort(nil, payload)
|
||||||
|
@ -29,7 +29,6 @@ func TestUDPEncoding(t *testing.T) {
|
|||||||
Account: toAccount(&Account{
|
Account: toAccount(&Account{
|
||||||
Password: "shadowsocks-password",
|
Password: "shadowsocks-password",
|
||||||
CipherType: CipherType_AES_128_CFB,
|
CipherType: CipherType_AES_128_CFB,
|
||||||
Ota: Account_Disabled,
|
|
||||||
}),
|
}),
|
||||||
},
|
},
|
||||||
}
|
}
|
||||||
@ -61,7 +60,6 @@ func TestTCPRequest(t *testing.T) {
|
|||||||
Version: Version,
|
Version: Version,
|
||||||
Command: protocol.RequestCommandTCP,
|
Command: protocol.RequestCommandTCP,
|
||||||
Address: net.LocalHostIP,
|
Address: net.LocalHostIP,
|
||||||
Option: RequestOptionOneTimeAuth,
|
|
||||||
Port: 1234,
|
Port: 1234,
|
||||||
User: &protocol.MemoryUser{
|
User: &protocol.MemoryUser{
|
||||||
Email: "love@v2ray.com",
|
Email: "love@v2ray.com",
|
||||||
@ -78,7 +76,6 @@ func TestTCPRequest(t *testing.T) {
|
|||||||
Version: Version,
|
Version: Version,
|
||||||
Command: protocol.RequestCommandTCP,
|
Command: protocol.RequestCommandTCP,
|
||||||
Address: net.LocalHostIPv6,
|
Address: net.LocalHostIPv6,
|
||||||
Option: RequestOptionOneTimeAuth,
|
|
||||||
Port: 1234,
|
Port: 1234,
|
||||||
User: &protocol.MemoryUser{
|
User: &protocol.MemoryUser{
|
||||||
Email: "love@v2ray.com",
|
Email: "love@v2ray.com",
|
||||||
@ -95,7 +92,6 @@ func TestTCPRequest(t *testing.T) {
|
|||||||
Version: Version,
|
Version: Version,
|
||||||
Command: protocol.RequestCommandTCP,
|
Command: protocol.RequestCommandTCP,
|
||||||
Address: net.DomainAddress("v2ray.com"),
|
Address: net.DomainAddress("v2ray.com"),
|
||||||
Option: RequestOptionOneTimeAuth,
|
|
||||||
Port: 1234,
|
Port: 1234,
|
||||||
User: &protocol.MemoryUser{
|
User: &protocol.MemoryUser{
|
||||||
Email: "love@v2ray.com",
|
Email: "love@v2ray.com",
|
||||||
@ -157,7 +153,6 @@ func TestUDPReaderWriter(t *testing.T) {
|
|||||||
Address: net.DomainAddress("v2ray.com"),
|
Address: net.DomainAddress("v2ray.com"),
|
||||||
Port: 123,
|
Port: 123,
|
||||||
User: user,
|
User: user,
|
||||||
Option: RequestOptionOneTimeAuth,
|
|
||||||
},
|
},
|
||||||
}}
|
}}
|
||||||
|
|
||||||
|
@ -90,7 +90,6 @@ func (s *Server) handlerUDPPayload(ctx context.Context, conn internet.Connection
|
|||||||
conn.Write(data.Bytes())
|
conn.Write(data.Bytes())
|
||||||
})
|
})
|
||||||
|
|
||||||
account := s.user.Account.(*MemoryAccount)
|
|
||||||
inbound := session.InboundFromContext(ctx)
|
inbound := session.InboundFromContext(ctx)
|
||||||
if inbound == nil {
|
if inbound == nil {
|
||||||
panic("no inbound metadata")
|
panic("no inbound metadata")
|
||||||
@ -120,18 +119,6 @@ func (s *Server) handlerUDPPayload(ctx context.Context, conn internet.Connection
|
|||||||
continue
|
continue
|
||||||
}
|
}
|
||||||
|
|
||||||
if request.Option.Has(RequestOptionOneTimeAuth) && account.OneTimeAuth == Account_Disabled {
|
|
||||||
newError("client payload enables OTA but server doesn't allow it").WriteToLog(session.ExportIDToError(ctx))
|
|
||||||
payload.Release()
|
|
||||||
continue
|
|
||||||
}
|
|
||||||
|
|
||||||
if !request.Option.Has(RequestOptionOneTimeAuth) && account.OneTimeAuth == Account_Enabled {
|
|
||||||
newError("client payload disables OTA but server forces it").WriteToLog(session.ExportIDToError(ctx))
|
|
||||||
payload.Release()
|
|
||||||
continue
|
|
||||||
}
|
|
||||||
|
|
||||||
currentPacketCtx := ctx
|
currentPacketCtx := ctx
|
||||||
dest := request.Destination()
|
dest := request.Destination()
|
||||||
if inbound.Source.IsValid() {
|
if inbound.Source.IsValid() {
|
||||||
|
@ -2,14 +2,6 @@
|
|||||||
//
|
//
|
||||||
// Shadowsocks client and server are implemented as outbound and inbound respectively in V2Ray's term.
|
// Shadowsocks client and server are implemented as outbound and inbound respectively in V2Ray's term.
|
||||||
//
|
//
|
||||||
// Shadowsocks OTA is fully supported. By default both client and server enable OTA, but it can be optionally disabled.
|
|
||||||
//
|
|
||||||
// Supperted Ciphers:
|
|
||||||
// * AES-256-CFB
|
|
||||||
// * AES-128-CFB
|
|
||||||
// * Chacha20
|
|
||||||
// * Chacha20-IEFT
|
|
||||||
//
|
|
||||||
// R.I.P Shadowsocks
|
// R.I.P Shadowsocks
|
||||||
package shadowsocks
|
package shadowsocks
|
||||||
|
|
||||||
|
@ -35,7 +35,6 @@ func TestShadowsocksAES256TCP(t *testing.T) {
|
|||||||
account := serial.ToTypedMessage(&shadowsocks.Account{
|
account := serial.ToTypedMessage(&shadowsocks.Account{
|
||||||
Password: "shadowsocks-password",
|
Password: "shadowsocks-password",
|
||||||
CipherType: shadowsocks.CipherType_AES_256_CFB,
|
CipherType: shadowsocks.CipherType_AES_256_CFB,
|
||||||
Ota: shadowsocks.Account_Enabled,
|
|
||||||
})
|
})
|
||||||
|
|
||||||
serverPort := tcp.PickPort()
|
serverPort := tcp.PickPort()
|
||||||
@ -134,7 +133,6 @@ func TestShadowsocksAES128UDP(t *testing.T) {
|
|||||||
account := serial.ToTypedMessage(&shadowsocks.Account{
|
account := serial.ToTypedMessage(&shadowsocks.Account{
|
||||||
Password: "shadowsocks-password",
|
Password: "shadowsocks-password",
|
||||||
CipherType: shadowsocks.CipherType_AES_128_CFB,
|
CipherType: shadowsocks.CipherType_AES_128_CFB,
|
||||||
Ota: shadowsocks.Account_Enabled,
|
|
||||||
})
|
})
|
||||||
|
|
||||||
serverPort := tcp.PickPort()
|
serverPort := tcp.PickPort()
|
||||||
@ -261,7 +259,6 @@ func TestShadowsocksChacha20TCP(t *testing.T) {
|
|||||||
account := serial.ToTypedMessage(&shadowsocks.Account{
|
account := serial.ToTypedMessage(&shadowsocks.Account{
|
||||||
Password: "shadowsocks-password",
|
Password: "shadowsocks-password",
|
||||||
CipherType: shadowsocks.CipherType_CHACHA20_IETF,
|
CipherType: shadowsocks.CipherType_CHACHA20_IETF,
|
||||||
Ota: shadowsocks.Account_Enabled,
|
|
||||||
})
|
})
|
||||||
|
|
||||||
serverPort := tcp.PickPort()
|
serverPort := tcp.PickPort()
|
||||||
@ -749,7 +746,6 @@ func TestShadowsocksNone(t *testing.T) {
|
|||||||
account := serial.ToTypedMessage(&shadowsocks.Account{
|
account := serial.ToTypedMessage(&shadowsocks.Account{
|
||||||
Password: "shadowsocks-password",
|
Password: "shadowsocks-password",
|
||||||
CipherType: shadowsocks.CipherType_NONE,
|
CipherType: shadowsocks.CipherType_NONE,
|
||||||
Ota: shadowsocks.Account_Enabled,
|
|
||||||
})
|
})
|
||||||
|
|
||||||
serverPort := tcp.PickPort()
|
serverPort := tcp.PickPort()
|
||||||
|
Loading…
Reference in New Issue
Block a user