Browse Source

change default protocol settings, refine auth_aes128_* for redir method

dev
破娃酱 8 years ago
parent
commit
486c007928
  1. 2
      config.json
  2. 9
      mujson_mgr.py
  3. 11
      shadowsocks/obfsplugin/auth.py

2
config.json

@ -8,7 +8,7 @@
"timeout": 120,
"udp_timeout": 60,
"method": "aes-256-cfb",
"protocol": "auth_sha1_v4_compatible",
"protocol": "auth_sha1_v4",
"protocol_param": "",
"obfs": "tls1.2_ticket_auth_compatible",
"obfs_param": "",

9
mujson_mgr.py

@ -92,7 +92,7 @@ class MuMgr(object):
def add(self, user):
up = {'enable': 1, 'u': 0, 'd': 0, 'method': "aes-128-cfb",
'protocol': "auth_sha1_v4_compatible",
'protocol': "auth_sha1_v4",
'obfs': "tls1.2_ticket_auth_compatible",
'transfer_enable': 1125899906842624}
up['passwd'] = self.rand_pass()
@ -187,7 +187,7 @@ Options:
-p PORT server port
-k PASSWORD password
-m METHOD encryption method, default: aes-128-cfb
-O PROTOCOL protocol plugin, default: auth_sha1_v2_compatible
-O PROTOCOL protocol plugin, default: auth_sha1_v4
-o OBFS obfs plugin, default: tls1.2_ticket_auth_compatible
-G PROTOCOL_PARAM protocol plugin param
-g OBFS_PARAM obfs plugin param
@ -211,16 +211,11 @@ def main():
fast_set_protocol = {'0': 'origin',
'+1': 'verify_sha1_compatible',
'1': 'verify_sha1',
'+2': 'auth_sha1_compatible',
'2': 'auth_sha1',
'+3': 'auth_sha1_v2_compatible',
'3': 'auth_sha1_v2',
'+4': 'auth_sha1_v4_compatible',
'4': 'auth_sha1_v4',
'am': 'auth_aes128_md5',
'as': 'auth_aes128_sha1',
'+am': 'auth_aes128_md5_compatible',
'+as': 'auth_aes128_sha1_compatible'
}
fast_set_method = {'a0': 'aes-128-cfb',
'a1': 'aes-192-cfb',

11
shadowsocks/obfsplugin/auth.py

@ -81,7 +81,6 @@ class auth_base(plain.plain):
def __init__(self, method):
super(auth_base, self).__init__(method)
self.method = method
self.no_compatible_method = ''
def init_data(self):
return ''
@ -103,9 +102,7 @@ class auth_base(plain.plain):
def not_match_return(self, buf):
self.raw_trans = True
if self.method == self.no_compatible_method:
return (b'E'*2048, False)
return (buf, False)
class client_queue(object):
def __init__(self, begin_id):
@ -214,7 +211,6 @@ class auth_sha1(auth_base):
self.client_id = 0
self.connection_id = 0
self.max_time_dif = 60 * 60 # time dif (second) setting
self.no_compatible_method = 'auth_sha1'
def init_data(self):
return obfs_auth_data()
@ -436,7 +432,6 @@ class auth_sha1_v2(auth_base):
self.client_id = 0
self.connection_id = 0
self.salt = b"auth_sha1_v2"
self.no_compatible_method = 'auth_sha1_v2'
def init_data(self):
return obfs_auth_v2_data()
@ -638,7 +633,6 @@ class auth_sha1_v3(auth_base):
self.connection_id = 0
self.max_time_dif = 60 * 60 * 24 # time dif (second) setting
self.salt = b"auth_sha1_v3"
self.no_compatible_method = 'auth_sha1_v3'
def init_data(self):
return obfs_auth_v2_data()
@ -847,7 +841,6 @@ class auth_sha1_v4(auth_base):
self.connection_id = 0
self.max_time_dif = 60 * 60 * 24 # time dif (second) setting
self.salt = b"auth_sha1_v4"
self.no_compatible_method = 'auth_sha1_v4'
def init_data(self):
return obfs_auth_v2_data()
@ -1072,7 +1065,6 @@ class auth_aes128(auth_base):
self.connection_id = 0
self.max_time_dif = 60 * 60 * 24 # time dif (second) setting
self.salt = b"auth_aes128"
self.no_compatible_method = 'auth_aes128'
self.extra_wait_size = struct.unpack('>H', os.urandom(2))[0] % 1024
self.pack_id = 0
self.recv_id = 0
@ -1479,9 +1471,6 @@ class auth_aes128_sha1(auth_base):
mac_key = self.server_info.recv_iv + self.server_info.key
sha1data = hmac.new(mac_key, self.recv_buf[:1], self.hashfunc).digest()[:6]
if sha1data != self.recv_buf[1:7]:
if self.method == self.no_compatible_method:
if len(self.recv_buf) < 31 + self.extra_wait_size:
return (b'', False)
return self.not_match_return(self.recv_buf)
if len(self.recv_buf) < 31:

Loading…
Cancel
Save