Browse Source

return after destory

fix "tls1.0_session_auth"
dev
BreakWa11 9 years ago
parent
commit
13579f1ca4
  1. 6
      shadowsocks/obfsplugin/auth.py
  2. 4
      shadowsocks/obfsplugin/obfs_tls.py
  3. 9
      shadowsocks/obfsplugin/verify.py
  4. 3
      shadowsocks/tcprelay.py

6
shadowsocks/obfsplugin/auth.py

@ -247,9 +247,6 @@ class auth_simple(verify_base):
if length >= 8192 or length < 7: if length >= 8192 or length < 7:
self.raw_trans = True self.raw_trans = True
self.recv_buf = b'' self.recv_buf = b''
if self.decrypt_packet_num == 0:
return None
else:
raise Exception('client_post_decrypt data error') raise Exception('client_post_decrypt data error')
if length > len(self.recv_buf): if length > len(self.recv_buf):
break break
@ -257,9 +254,6 @@ class auth_simple(verify_base):
if (binascii.crc32(self.recv_buf[:length]) & 0xffffffff) != 0xffffffff: if (binascii.crc32(self.recv_buf[:length]) & 0xffffffff) != 0xffffffff:
self.raw_trans = True self.raw_trans = True
self.recv_buf = b'' self.recv_buf = b''
if self.decrypt_packet_num == 0:
return None
else:
raise Exception('client_post_decrypt data uncorrect CRC32') raise Exception('client_post_decrypt data uncorrect CRC32')
pos = common.ord(self.recv_buf[2]) + 2 pos = common.ord(self.recv_buf[2]) + 2

4
shadowsocks/obfsplugin/obfs_tls.py

@ -268,9 +268,11 @@ class tls_auth(plain.plain):
if sha1 != verifyid[22:]: if sha1 != verifyid[22:]:
logging.debug("tls_auth wrong sha1") logging.debug("tls_auth wrong sha1")
return self.decode_error_return(ogn_buf) return self.decode_error_return(ogn_buf)
if verifyid[4:22] in self.server_info.data.client_data: if self.server_info.data.client_data.get(verifyid[:22]):
logging.error("replay attack detect, id = %s" % (binascii.hexlify(verifyid))) logging.error("replay attack detect, id = %s" % (binascii.hexlify(verifyid)))
return self.decode_error_return(ogn_buf) return self.decode_error_return(ogn_buf)
self.server_info.data.client_data.sweep()
self.server_info.data.client_data[verifyid[:22]] = sessionid
# (buffer_to_recv, is_need_decrypt, is_need_to_encode_and_send_back) # (buffer_to_recv, is_need_decrypt, is_need_to_encode_and_send_back)
return (b'', False, True) return (b'', False, True)

9
shadowsocks/obfsplugin/verify.py

@ -124,9 +124,6 @@ class verify_simple(verify_base):
if length >= 8192 or length < 7: if length >= 8192 or length < 7:
self.raw_trans = True self.raw_trans = True
self.recv_buf = b'' self.recv_buf = b''
if self.decrypt_packet_num == 0:
return None
else:
raise Exception('client_post_decrypt data error') raise Exception('client_post_decrypt data error')
if length > len(self.recv_buf): if length > len(self.recv_buf):
break break
@ -134,9 +131,6 @@ class verify_simple(verify_base):
if (binascii.crc32(self.recv_buf[:length]) & 0xffffffff) != 0xffffffff: if (binascii.crc32(self.recv_buf[:length]) & 0xffffffff) != 0xffffffff:
self.raw_trans = True self.raw_trans = True
self.recv_buf = b'' self.recv_buf = b''
if self.decrypt_packet_num == 0:
return None
else:
raise Exception('client_post_decrypt data uncorrect CRC32') raise Exception('client_post_decrypt data uncorrect CRC32')
pos = common.ord(self.recv_buf[2]) + 2 pos = common.ord(self.recv_buf[2]) + 2
@ -221,9 +215,6 @@ class verify_deflate(verify_base):
if length >= 32768 or length < 6: if length >= 32768 or length < 6:
self.raw_trans = True self.raw_trans = True
self.recv_buf = b'' self.recv_buf = b''
if self.decrypt_packet_num == 0:
return None
else:
raise Exception('client_post_decrypt data error') raise Exception('client_post_decrypt data error')
if length > len(self.recv_buf): if length > len(self.recv_buf):
break break

3
shadowsocks/tcprelay.py

@ -603,6 +603,7 @@ class TCPRelayHandler(object):
except Exception as e: except Exception as e:
shell.print_exception(e) shell.print_exception(e)
self.destroy() self.destroy()
return
if obfs_decode[2]: if obfs_decode[2]:
self._write_to_sock(b'', self._local_sock) self._write_to_sock(b'', self._local_sock)
if obfs_decode[1]: if obfs_decode[1]:
@ -674,6 +675,7 @@ class TCPRelayHandler(object):
except Exception as e: except Exception as e:
shell.print_exception(e) shell.print_exception(e)
self.destroy() self.destroy()
return
if obfs_decode[1]: if obfs_decode[1]:
send_back = self._obfs.client_encode(b'') send_back = self._obfs.client_encode(b'')
self._write_to_sock(send_back, self._remote_sock) self._write_to_sock(send_back, self._remote_sock)
@ -686,6 +688,7 @@ class TCPRelayHandler(object):
except Exception as e: except Exception as e:
shell.print_exception(e) shell.print_exception(e)
self.destroy() self.destroy()
return
else: else:
if self._encrypt_correct: if self._encrypt_correct:
data = self._protocol.server_pre_encrypt(data) data = self._protocol.server_pre_encrypt(data)

Loading…
Cancel
Save