From 816d2f629872eaf800b375f079710a3adb6a657f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E7=A0=B4=E5=A8=83=E9=85=B1?= Date: Mon, 15 Aug 2016 12:49:52 +0800 Subject: [PATCH] remove tls_simple, fix tls1.2_ticket_auth --- shadowsocks/obfsplugin/obfs_tls.py | 74 +----------------------------- 1 file changed, 1 insertion(+), 73 deletions(-) diff --git a/shadowsocks/obfsplugin/obfs_tls.py b/shadowsocks/obfsplugin/obfs_tls.py index 98c25c2..400e1aa 100644 --- a/shadowsocks/obfsplugin/obfs_tls.py +++ b/shadowsocks/obfsplugin/obfs_tls.py @@ -35,9 +35,6 @@ from shadowsocks.obfsplugin import plain from shadowsocks.common import to_bytes, to_str, ord from shadowsocks import lru_cache -def create_tls_obfs(method): - return tls_simple(method) - def create_tls_auth_obfs(method): return tls_auth(method) @@ -45,8 +42,6 @@ def create_tls_ticket_auth_obfs(method): return tls_ticket_auth(method) obfs_map = { - 'tls_simple': (create_tls_obfs,), - 'tls_simple_compatible': (create_tls_obfs,), 'tls1.0_session_auth': (create_tls_auth_obfs,), 'tls1.0_session_auth_compatible': (create_tls_auth_obfs,), 'tls1.2_ticket_auth': (create_tls_ticket_auth_obfs,), @@ -59,73 +54,6 @@ def match_begin(str1, str2): return True return False -class tls_simple(plain.plain): - def __init__(self, method): - self.method = method - self.has_sent_header = False - self.has_recv_header = False - self.raw_trans_sent = False - self.send_buffer = b'' - self.tls_version = b'\x03\x01' - - def client_encode(self, buf): - if self.raw_trans_sent: - return buf - self.send_buffer += buf - if not self.has_sent_header: - self.has_sent_header = True - data = self.tls_version + os.urandom(32) + binascii.unhexlify(b"000016c02bc02fc00ac009c013c01400330039002f0035000a0100006fff01000100000a00080006001700180019000b0002010000230000337400000010002900270568322d31360568322d31350568322d313402683208737064792f332e3108687474702f312e31000500050100000000000d001600140401050106010201040305030603020304020202") - data = b"\x01\x00" + struct.pack('>H', len(data)) + data - data = b"\x16" + self.tls_version + struct.pack('>H', len(data)) + data - return data - if self.has_recv_header: - ret = self.send_buffer - self.send_buffer = b'' - self.raw_trans_sent = True - return ret - return b'' - - def client_decode(self, buf): - if self.has_recv_header: - return (buf, False) - self.has_recv_header = True - return (b'', True) - - def server_encode(self, buf): - if self.has_sent_header: - return buf - self.has_sent_header = True - # TODO - data = self.tls_version + os.urandom(32) - data = b"\x02\x00" + struct.pack('>H', len(data)) + data - data = b"\x16" + self.tls_version + struct.pack('>H', len(data)) + data - return data - - def decode_error_return(self, buf): - self.has_sent_header = True - if self.method == 'tls_simple': - return (b'E'*64, False, False) - return (buf, True, False) - - def server_decode(self, buf): - if self.has_recv_header: - return (buf, True, False) - - self.has_recv_header = True - if not match_begin(buf, b'\x16' + self.tls_version): - return self.decode_error_return(buf) - buf = buf[3:] - if struct.unpack('>H', buf[:2])[0] != len(buf) - 2: - return self.decode_error_return(buf) - buf = buf[2:] - if not match_begin(buf, b'\x01\x00'): #client hello - return self.decode_error_return(buf) - buf = buf[2:] - if struct.unpack('>H', buf[:2])[0] != len(buf) - 2: - return self.decode_error_return(buf) - # (buffer_to_recv, is_need_decrypt, is_need_to_encode_and_send_back) - return (b'', False, True) - class obfs_client_data(object): def __init__(self, cid): self.client_id = cid @@ -385,7 +313,7 @@ class tls_ticket_auth(plain.plain): def decode_error_return(self, buf): self.handshake_status = -1 - if self.method == 'tls1.2_session_auth': + if self.method == 'tls1.2_ticket_auth': return (b'E'*64, False, False) return (buf, True, False)