dnomd343
/
shadowsocksr
mirror of https://github.com/dnomd343/shadowsocksr
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

merge manyuser 2.6.13

master
BreakWa11 9 years ago
parent
a681a72b16
commit
1ee344220a
11 changed files with 136 additions and 65 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 3
      CHANGES
  2. 17
      shadowsocks/asyncdns.py
  3. 3
      shadowsocks/local.py
  4. 4
      shadowsocks/obfs.py
  5. 3
      shadowsocks/obfsplugin/http_simple.py
  6. 4
      shadowsocks/obfsplugin/plain.py
  7. 58
      shadowsocks/obfsplugin/verify_simple.py
  8. 18
      shadowsocks/server.py
  9. 1
      shadowsocks/shell.py
  10. 31
      shadowsocks/tcprelay.py
  11. 29
      shadowsocks/udprelay.py

3
CHANGES
View File

@ -1,3 +1,6 @@
2.6.13 2015-11-02
- add protocol setting
2.6.12 2015-10-27
- IPv6 first
- Fix mem leaks

17
shadowsocks/asyncdns.py
View File

@ -83,9 +83,11 @@ def detect_ipv6_supprot():
s = socket.socket(socket.AF_INET6, socket.SOCK_DGRAM)
try:
s.connect(('ipv6.google.com', 0))
print('IPv6 support')
return True
except:
pass
print('IPv6 not support')
return False
IPV6_CONNECTION_SUPPORT = detect_ipv6_supprot()
@ -356,6 +358,7 @@ class DNSResolver(object):
answer[2] == QCLASS_IN:
ip = answer[0]
break
if IPV6_CONNECTION_SUPPORT:
if not ip and self._hostname_status.get(hostname, STATUS_IPV4) \
== STATUS_IPV6:
self._hostname_status[hostname] = STATUS_IPV4
@ -369,6 +372,20 @@ class DNSResolver(object):
if question[1] == QTYPE_A:
self._call_callback(hostname, None)
break
else:
if not ip and self._hostname_status.get(hostname, STATUS_IPV6) \
== STATUS_IPV4:
self._hostname_status[hostname] = STATUS_IPV6
self._send_req(hostname, QTYPE_AAAA)
else:
if ip:
self._cache[hostname] = ip
self._call_callback(hostname, ip)
elif self._hostname_status.get(hostname, None) == STATUS_IPV6:
for question in response.questions:
if question[1] == QTYPE_AAAA:
self._call_callback(hostname, None)
break
def handle_event(self, sock, fd, event):
if sock != self._sock:

3
shadowsocks/local.py
View File

@ -43,6 +43,9 @@ def main():
config = shell.get_config(True)
if not config.get('dns_ipv6', False):
asyncdns.IPV6_CONNECTION_SUPPORT = False
daemon.daemon_exec(config)
try:

4
shadowsocks/obfs.py
View File

@ -83,3 +83,7 @@ class obfs(object):
def server_post_decrypt(self, buf):
return self.obfs.server_post_decrypt(buf)
def dispose(self):
self.obfs.dispose()
del self.obfs

3
shadowsocks/obfsplugin/http_simple.py
View File

@ -192,6 +192,9 @@ class http2_simple(plain.plain):
return buf
self.send_buffer += buf
if not self.has_sent_header:
port = b''
if self.server_info.port != 80:
port = b':' + common.to_bytes(str(self.server_info.port))
self.has_sent_header = True
http_head = b"GET / HTTP/1.1\r\n"
http_head += b"Host: " + (self.server_info.param or self.server_info.host) + port + b"\r\n"

4
shadowsocks/obfsplugin/plain.py
View File

@ -27,6 +27,7 @@ def create_obfs(method):
obfs_map = {
'plain': (create_obfs,),
'origin': (create_obfs,),
}
class plain(object):
@ -66,3 +67,6 @@ class plain(object):
def server_post_decrypt(self, buf):
return buf
def dispose(self):
pass

58
shadowsocks/obfsplugin/verify_simple.py
View File

@ -57,59 +57,42 @@ def match_begin(str1, str2):
class obfs_verify_data(object):
def __init__(self):
self.sub_obfs = None
pass
class verify_base(plain.plain):
def __init__(self, method):
super(verify_base, self).__init__(method)
self.method = method
self.sub_obfs = None
def init_data(self):
return obfs_verify_data()
def set_server_info(self, server_info):
try:
if server_info.param:
sub_param = ''
param_list = server_info.param.split(',', 1)
if len(param_list) > 1:
self.sub_obfs = shadowsocks.obfs.obfs(param_list[0])
sub_param = param_list[1]
else:
self.sub_obfs = shadowsocks.obfs.obfs(server_info.param)
if server_info.data.sub_obfs is None:
server_info.data.sub_obfs = self.sub_obfs.init_data()
_server_info = shadowsocks.obfs.server_info(server_info.data.sub_obfs)
_server_info.host = server_info.host
_server_info.port = server_info.port
_server_info.tcp_mss = server_info.tcp_mss
_server_info.param = sub_param
self.sub_obfs.set_server_info(_server_info)
except Exception as e:
shadowsocks.shell.print_exception(e)
self.server_info = server_info
def client_encode(self, buf):
if self.sub_obfs is not None:
return self.sub_obfs.client_encode(buf)
return buf
def client_decode(self, buf):
if self.sub_obfs is not None:
return self.sub_obfs.client_decode(buf)
return (buf, False)
def server_encode(self, buf):
if self.sub_obfs is not None:
return self.sub_obfs.server_encode(buf)
return buf
def server_decode(self, buf):
if self.sub_obfs is not None:
return self.sub_obfs.server_decode(buf)
return (buf, True, False)
def get_head_size(self, buf, def_value):
if len(buf) < 2:
return def_value
if ord(buf[0]) == 1:
return 7
if ord(buf[0]) == 4:
return 19
if ord(buf[0]) == 3:
return 4 + ord(buf[1])
return def_value
class verify_simple(verify_base):
def __init__(self, method):
super(verify_simple, self).__init__(method)
@ -336,28 +319,28 @@ class client_queue(object):
class obfs_auth_data(object):
def __init__(self):
self.sub_obfs = None
self.client_id = {}
self.startup_time = int(time.time() - 30) & 0xFFFFFFFF
self.local_client_id = b''
self.connection_id = 0
self.max_client = 16 # max active client count
self.max_buffer = max(self.max_client, 256) # max client id buffer size
def update(self, client_id, connection_id):
if client_id in self.client_id:
self.client_id[client_id].update()
def insert(self, client_id, connection_id):
max_client = 16
if client_id not in self.client_id or not self.client_id[client_id].enable:
active = 0
for c_id in self.client_id:
if self.client_id[c_id].is_active():
active += 1
if active >= max_client:
if active >= self.max_client:
logging.warn('auth_simple: max active clients exceeded')
return False
if len(self.client_id) < max_client:
if len(self.client_id) < self.max_client:
if client_id not in self.client_id:
self.client_id[client_id] = client_queue(connection_id)
else:
@ -367,7 +350,7 @@ class obfs_auth_data(object):
random.shuffle(keys)
for c_id in keys:
if not self.client_id[c_id].is_active() and self.client_id[c_id].enable:
if len(self.client_id) >= 256:
if len(self.client_id) >= self.max_buffer:
del self.client_id[c_id]
else:
self.client_id[c_id].enable = False
@ -392,6 +375,7 @@ class auth_simple(verify_base):
self.has_recv_header = False
self.client_id = 0
self.connection_id = 0
self.max_time_dif = 60 * 5 # time dif (second) setting
def init_data(self):
return obfs_auth_data()
@ -422,7 +406,8 @@ class auth_simple(verify_base):
def client_pre_encrypt(self, buf):
ret = b''
if not self.has_sent_header:
datalen = min(len(buf), common.ord(os.urandom(1)[0]) % 32 + 4)
head_size = self.get_head_size(buf, 30)
datalen = min(len(buf), random.randint(0, 31) + head_size)
ret += self.pack_data(self.auth_data() + buf[:datalen])
buf = buf[datalen:]
self.has_sent_header = True
@ -512,7 +497,8 @@ class auth_simple(verify_base):
client_id = struct.unpack('<I', out_buf[4:8])[0]
connection_id = struct.unpack('<I', out_buf[8:12])[0]
time_dif = common.int32((int(time.time()) & 0xffffffff) - utc_time)
if time_dif < 60 * -3 or time_dif > 60 * 3 or common.int32(utc_time - self.server_info.data.startup_time) < 0:
if time_dif < -self.max_time_dif or time_dif > self.max_time_dif \
or common.int32(utc_time - self.server_info.data.startup_time) < 0:
self.raw_trans = True
self.recv_buf = b''
logging.info('auth_simple: wrong timestamp, time_dif %d, data %s' % (time_dif, binascii.hexlify(out_buf),))

18
shadowsocks/server.py
View File

@ -54,6 +54,9 @@ def main():
else:
config['port_password'][str(server_port)] = config['password']
if not config.get('dns_ipv6', False):
asyncdns.IPV6_CONNECTION_SUPPORT = False
if config.get('manager_address', 0):
logging.info('entering manager mode')
manager.run(config)
@ -65,23 +68,32 @@ def main():
port_password = config['port_password']
del config['port_password']
for port, password_obfs in port_password.items():
protocol = config.get("protocol", 'origin')
obfs_param = config.get("obfs_param", '')
if type(password_obfs) == list:
password = password_obfs[0]
obfs = password_obfs[1]
elif type(password_obfs) == dict:
password = password_obfs.get('password', 'm')
protocol = password_obfs.get('protocol', 'origin')
obfs = password_obfs.get('obfs', 'plain')
obfs_param = password_obfs.get('obfs_param', '')
else:
password = password_obfs
obfs = config["obfs"]
a_config = config.copy()
ipv6_ok = False
logging.info("server start with password [%s] method [%s] obfs [%s] obfs_param [%s]" %
(password, a_config['method'], obfs, a_config['obfs_param']))
logging.info("server start with protocol[%s] password [%s] method [%s] obfs [%s] obfs_param [%s]" %
(protocol, password, a_config['method'], obfs, obfs_param))
if 'server_ipv6' in a_config:
try:
if len(a_config['server_ipv6']) > 2 and a_config['server_ipv6'][0] == "[" and a_config['server_ipv6'][-1] == "]":
a_config['server_ipv6'] = a_config['server_ipv6'][1:-1]
a_config['server_port'] = int(port)
a_config['password'] = password
a_config['protocol'] = protocol
a_config['obfs'] = obfs
a_config['obfs_param'] = obfs_param
a_config['server'] = a_config['server_ipv6']
logging.info("starting server at [%s]:%d" %
(a_config['server'], int(port)))
@ -96,7 +108,9 @@ def main():
a_config = config.copy()
a_config['server_port'] = int(port)
a_config['password'] = password
a_config['protocol'] = protocol
a_config['obfs'] = obfs
a_config['obfs_param'] = obfs_param
logging.info("starting server at %s:%d" %
(a_config['server'], int(port)))
tcp_servers.append(tcprelay.TCPRelay(a_config, dns_resolver, False))

1
shadowsocks/shell.py
View File

@ -218,6 +218,7 @@ def get_config(is_local):
config['password'] = to_bytes(config.get('password', b''))
config['method'] = to_str(config.get('method', 'aes-256-cfb'))
config['protocol'] = to_str(config.get('protocol', 'origin'))
config['obfs'] = to_str(config.get('obfs', 'plain'))
config['obfs_param'] = to_str(config.get('obfs_param', ''))
config['port_password'] = config.get('port_password', None)

31
shadowsocks/tcprelay.py
View File

@ -122,6 +122,14 @@ class TCPRelayHandler(object):
server_info.param = config['obfs_param']
self._obfs.set_server_info(server_info)
self._protocol = obfs.obfs(config['protocol'])
server_info = obfs.server_info(server.protocol_data)
server_info.host = config['server']
server_info.port = server._listen_port
server_info.tcp_mss = 1440
server_info.param = ''
self._protocol.set_server_info(server_info)
self._fastopen_connected = False
self._data_to_write_to_local = []
self._data_to_write_to_remote = []
@ -330,7 +338,7 @@ class TCPRelayHandler(object):
def _handle_stage_connecting(self, data):
if self._is_local:
data = self._obfs.client_pre_encrypt(data)
data = self._protocol.client_pre_encrypt(data)
data = self._encryptor.encrypt(data)
data = self._obfs.client_encode(data)
if data:
@ -428,7 +436,7 @@ class TCPRelayHandler(object):
data = b'\x88' + struct.pack('>H', total_len) + chr(rnd_len) + (b' ' * (rnd_len - 1)) + data
crc = (0xffffffff - binascii.crc32(data)) & 0xffffffff
data += struct.pack('<I', crc)
data = self._obfs.client_pre_encrypt(data)
data = self._protocol.client_pre_encrypt(data)
data_to_send = self._encryptor.encrypt(data)
data_to_send = self._obfs.client_encode(data_to_send)
if data_to_send:
@ -523,8 +531,8 @@ class TCPRelayHandler(object):
try:
remote_sock.connect((remote_addr, remote_port))
except (OSError, IOError) as e:
if eventloop.errno_from_exception(e) == \
errno.EINPROGRESS:
if eventloop.errno_from_exception(e) in (errno.EINPROGRESS,
errno.EWOULDBLOCK):
pass # always goto here
else:
raise e
@ -574,7 +582,7 @@ class TCPRelayHandler(object):
else:
data = obfs_decode[0]
try:
data = self._obfs.server_post_decrypt(data)
data = self._protocol.server_post_decrypt(data)
except Exception as e:
shell.print_exception(e)
self.destroy()
@ -583,7 +591,7 @@ class TCPRelayHandler(object):
self._server.server_transfer_ul += len(data)
if self._stage == STAGE_STREAM:
if self._is_local:
data = self._obfs.client_pre_encrypt(data)
data = self._protocol.client_pre_encrypt(data)
data = self._encryptor.encrypt(data)
data = self._obfs.client_encode(data)
self._write_to_sock(data, self._remote_sock)
@ -634,10 +642,10 @@ class TCPRelayHandler(object):
send_back = self._obfs.client_encode(b'')
self._write_to_sock(send_back, self._remote_sock)
data = self._encryptor.decrypt(obfs_decode[0])
data = self._obfs.client_post_decrypt(data)
data = self._protocol.client_post_decrypt(data)
else:
if self._encrypt_correct:
data = self._obfs.server_pre_encrypt(data)
data = self._protocol.server_pre_encrypt(data)
data = self._encryptor.encrypt(data)
try:
self._write_to_sock(data, self._local_sock)
@ -756,6 +764,12 @@ class TCPRelayHandler(object):
del self._fd_to_handlers[self._local_sock.fileno()]
self._local_sock.close()
self._local_sock = None
if self._obfs:
self._obfs.dispose()
self._obfs = None
if self._protocol:
self._protocol.dispose()
self._protocol = None
self._dns_resolver.remove_callback(self._handle_dns_resolved)
self._server.remove_handler(self)
self._server.add_connection(-1)
@ -771,6 +785,7 @@ class TCPRelay(object):
self.server_transfer_ul = 0
self.server_transfer_dl = 0
self.server_connections = 0
self.protocol_data = obfs.obfs(config['protocol']).init_data()
self.obfs_data = obfs.obfs(config['obfs']).init_data()
self._timeout = config['timeout']

29
shadowsocks/udprelay.py
View File

@ -207,7 +207,7 @@ class RecvQueue(object):
def set_end(self, end_id):
if end_id > self.end_id:
eid = self.end_id
while eid < pack_id:
while eid < end_id:
self.miss_queue.add(eid)
eid += 1
self.end_id = end_id
@ -465,9 +465,11 @@ class TCPRelayHandler(object):
try:
remote_sock.connect((remote_addr, remote_port))
except (OSError, IOError) as e:
if eventloop.errno_from_exception(e) == \
errno.EINPROGRESS:
pass
if eventloop.errno_from_exception(e) in (errno.EINPROGRESS,
errno.EWOULDBLOCK):
pass # always goto here
else:
raise e
self._loop.add(remote_sock,
eventloop.POLL_ERR | eventloop.POLL_OUT,
@ -623,6 +625,7 @@ class TCPRelayHandler(object):
for pid in missing:
data += struct.pack(">H", pid)
rsp_data = self._pack_post_data(CMD_SYN_STATUS, pack_id, data)
addr = self.get_local_address()
self._write_to_sock(rsp_data, self._local_sock, addr)
def handle_stream_sync_status(self, addr, cmd, request_id, pack_id, max_send_id, data):
@ -829,7 +832,10 @@ class TCPRelayHandler(object):
if self._remote_sock:
logging.debug('destroying remote')
self._loop.remove(self._remote_sock)
try:
del self._fd_to_handlers[self._remote_sock.fileno()]
except Exception as e:
pass
self._remote_sock.close()
self._remote_sock = None
if self._sendingqueue.empty():
@ -844,7 +850,11 @@ class TCPRelayHandler(object):
addr = self.get_local_address()
self._write_to_sock(rsp_data, self._local_sock, addr)
self._local_sock = None
try:
del self._reqid_to_handlers[self._request_id]
except Exception as e:
pass
self._server.remove_handler(self)
def client_key(source_addr, server_af):
@ -963,9 +973,14 @@ class UDPRelay(object):
reqid_str = struct.pack(">H", request_id)
return b''.join([CMD_VER_STR, common.chr(cmd), reqid_str, data, _rand_data[:random.randint(0, len(_rand_data))], reqid_str])
def _handel_protocol_error(self, client_address, ogn_data):
#raise Exception('can not parse header')
logging.warn("Protocol ERROR, UDP ogn data %s from %s:%d" % (binascii.hexlify(ogn_data), client_address[0], client_address[1]))
def _handle_server(self):
server = self._server_socket
data, r_addr = server.recvfrom(BUF_SIZE)
ogn_data = data
if not data:
logging.debug('UDP handle_server: data is empty')
if self._stat_callback:
@ -1056,8 +1071,14 @@ class UDPRelay(object):
logging.error(trace)
return
try:
header_result = parse_header(data)
except:
self._handel_protocol_error(r_addr, ogn_data)
return
if header_result is None:
self._handel_protocol_error(r_addr, ogn_data)
return
connecttype, dest_addr, dest_port, header_length = header_result

Write Preview
Loading…
Cancel
Save