diff --git a/proxy/shadowsocks/client.go b/proxy/shadowsocks/client.go index 231834e99..d86127c21 100644 --- a/proxy/shadowsocks/client.go +++ b/proxy/shadowsocks/client.go @@ -97,7 +97,7 @@ func (v *Client) Process(ctx context.Context, outboundRay ray.OutboundRay, diale if err != nil { return newError("failed to get a valid user account").AtWarning().Base(err) } - account := rawAccount.(*ShadowsocksAccount) + account := rawAccount.(*MemoryAccount) request.User = user if account.OneTimeAuth == Account_Auto || account.OneTimeAuth == Account_Enabled { diff --git a/proxy/shadowsocks/config.go b/proxy/shadowsocks/config.go index 1479cc863..54de878f0 100644 --- a/proxy/shadowsocks/config.go +++ b/proxy/shadowsocks/config.go @@ -17,15 +17,17 @@ import ( "v2ray.com/core/common/protocol" ) -type ShadowsocksAccount struct { +// MemoryAccount is an account type converted from Account. +type MemoryAccount struct { Cipher Cipher Key []byte OneTimeAuth Account_OneTimeAuth } -func (v *ShadowsocksAccount) Equals(another protocol.Account) bool { - if account, ok := another.(*ShadowsocksAccount); ok { - return bytes.Equal(v.Key, account.Key) +// Equals implements protocol.Account.Equals(). +func (a *MemoryAccount) Equals(another protocol.Account) bool { + if account, ok := another.(*MemoryAccount); ok { + return bytes.Equal(a.Key, account.Key) } return false } @@ -44,7 +46,7 @@ func createChacha20Poly1305(key []byte) cipher.AEAD { return chacha20 } -func (a *Account) GetCipher() (Cipher, error) { +func (a *Account) getCipher() (Cipher, error) { switch a.CipherType { case CipherType_AES_128_CFB: return &AesCfb{KeyBytes: 16}, nil @@ -79,18 +81,20 @@ func (a *Account) GetCipher() (Cipher, error) { } } +// AsAccount implements protocol.AsAccount. func (a *Account) AsAccount() (protocol.Account, error) { - cipher, err := a.GetCipher() + cipher, err := a.getCipher() if err != nil { return nil, newError("failed to get cipher").Base(err) } - return &ShadowsocksAccount{ + return &MemoryAccount{ Cipher: cipher, - Key: PasswordToCipherKey([]byte(a.Password), cipher.KeySize()), + Key: passwordToCipherKey([]byte(a.Password), cipher.KeySize()), OneTimeAuth: a.Ota, }, nil } +// Cipher is an interface for all Shadowsocks ciphers. type Cipher interface { KeySize() int IVSize() int @@ -101,6 +105,7 @@ type Cipher interface { DecodePacket(key []byte, b *buf.Buffer) error } +// AesCfb represents all AES-CFB ciphers. type AesCfb struct { KeyBytes int } @@ -279,7 +284,7 @@ func (NoneCipher) DecodePacket(key []byte, b *buf.Buffer) error { return nil } -func PasswordToCipherKey(password []byte, keySize int) []byte { +func passwordToCipherKey(password []byte, keySize int) []byte { key := make([]byte, 0, keySize) md5Sum := md5.Sum(password) @@ -287,8 +292,8 @@ func PasswordToCipherKey(password []byte, keySize int) []byte { for len(key) < keySize { md5Hash := md5.New() - md5Hash.Write(md5Sum[:]) - md5Hash.Write(password) + common.Must2(md5Hash.Write(md5Sum[:])) + common.Must2(md5Hash.Write(password)) md5Hash.Sum(md5Sum[:0]) key = append(key, md5Sum[:]...) diff --git a/proxy/shadowsocks/ota.go b/proxy/shadowsocks/ota.go index 91549b829..3d9396822 100644 --- a/proxy/shadowsocks/ota.go +++ b/proxy/shadowsocks/ota.go @@ -6,6 +6,7 @@ import ( "crypto/sha1" "io" + "v2ray.com/core/common" "v2ray.com/core/common/buf" "v2ray.com/core/common/serial" ) @@ -29,7 +30,7 @@ func NewAuthenticator(keygen KeyGenerator) *Authenticator { func (v *Authenticator) Authenticate(data []byte) buf.Supplier { hasher := hmac.New(sha1.New, v.key()) - hasher.Write(data) + common.Must2(hasher.Write(data)) res := hasher.Sum(nil) return func(b []byte) (int, error) { return copy(b, res[:AuthSize]), nil diff --git a/proxy/shadowsocks/protocol.go b/proxy/shadowsocks/protocol.go index eb45bbf63..3dfdfc882 100644 --- a/proxy/shadowsocks/protocol.go +++ b/proxy/shadowsocks/protocol.go @@ -27,7 +27,7 @@ func ReadTCPSession(user *protocol.User, reader io.Reader) (*protocol.RequestHea if err != nil { return nil, nil, newError("failed to parse account").Base(err).AtError() } - account := rawAccount.(*ShadowsocksAccount) + account := rawAccount.(*MemoryAccount) buffer := buf.NewLocal(512) defer buffer.Release() @@ -142,7 +142,7 @@ func WriteTCPRequest(request *protocol.RequestHeader, writer io.Writer) (buf.Wri if err != nil { return nil, newError("failed to parse account").Base(err).AtError() } - account := rawAccount.(*ShadowsocksAccount) + account := rawAccount.(*MemoryAccount) if account.Cipher.IsAEAD() { request.Option.Clear(RequestOptionOneTimeAuth) @@ -211,7 +211,7 @@ func ReadTCPResponse(user *protocol.User, reader io.Reader) (buf.Reader, error) if err != nil { return nil, newError("failed to parse account").Base(err).AtError() } - account := rawAccount.(*ShadowsocksAccount) + account := rawAccount.(*MemoryAccount) var iv []byte if account.Cipher.IVSize() > 0 { @@ -231,7 +231,7 @@ func WriteTCPResponse(request *protocol.RequestHeader, writer io.Writer) (buf.Wr if err != nil { return nil, newError("failed to parse account.").Base(err).AtError() } - account := rawAccount.(*ShadowsocksAccount) + account := rawAccount.(*MemoryAccount) var iv []byte if account.Cipher.IVSize() > 0 { @@ -252,7 +252,7 @@ func EncodeUDPPacket(request *protocol.RequestHeader, payload []byte) (*buf.Buff if err != nil { return nil, newError("failed to parse account.").Base(err).AtError() } - account := rawAccount.(*ShadowsocksAccount) + account := rawAccount.(*MemoryAccount) buffer := buf.New() ivLen := account.Cipher.IVSize() @@ -296,7 +296,7 @@ func DecodeUDPPacket(user *protocol.User, payload *buf.Buffer) (*protocol.Reques if err != nil { return nil, nil, newError("failed to parse account").Base(err).AtError() } - account := rawAccount.(*ShadowsocksAccount) + account := rawAccount.(*MemoryAccount) var iv []byte var authenticator *Authenticator diff --git a/proxy/shadowsocks/server.go b/proxy/shadowsocks/server.go index 023840d37..52434fcb5 100644 --- a/proxy/shadowsocks/server.go +++ b/proxy/shadowsocks/server.go @@ -21,7 +21,7 @@ import ( type Server struct { config *ServerConfig user *protocol.User - account *ShadowsocksAccount + account *MemoryAccount policyManager policy.Manager } @@ -39,7 +39,7 @@ func NewServer(ctx context.Context, config *ServerConfig) (*Server, error) { if err != nil { return nil, newError("failed to get user account").Base(err) } - account := rawAccount.(*ShadowsocksAccount) + account := rawAccount.(*MemoryAccount) s := &Server{ config: config,