dnomd343
/
shadowsocksr
mirror of https://github.com/dnomd343/shadowsocksr
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

optimize

akkariiin/dev
AkaneAkaza 7 years ago
parent
199755552d
commit
a9e49b77f2
1 changed files with 13 additions and 16 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 29
      shadowsocks/obfsplugin/auth_chain.py

29
shadowsocks/obfsplugin/auth_chain.py
View File

@ -18,8 +18,6 @@
from __future__ import absolute_import, division, print_function, \ from __future__ import absolute_import, division, print_function, \
with_statement with_statement
import os
import sys
import hashlib import hashlib
import logging import logging
import binascii import binascii
@ -29,16 +27,16 @@ import datetime
import random import random
import math import math
import struct import struct
import zlib
import hmac import hmac
import hashlib
import bisect import bisect
import shadowsocks import shadowsocks
from shadowsocks import common, lru_cache, encrypt from shadowsocks import common, lru_cache, encrypt
from shadowsocks.obfsplugin import plain from shadowsocks.obfsplugin import plain
from shadowsocks.common import to_bytes, to_str, ord, chr from shadowsocks.common import to_bytes, to_str, ord, chr
from shadowsocks.crypto import openssl
rand_bytes = openssl.rand_bytes
def create_auth_chain_a(method): def create_auth_chain_a(method):
return auth_chain_a(method) return auth_chain_a(method)
@ -106,7 +104,6 @@ class xorshift128plus(object):
for i in range(4): for i in range(4):
self.next() self.next()
def match_begin(str1, str2): def match_begin(str1, str2):
if len(str1) >= len(str2): if len(str1) >= len(str2):
if str1[:len(str2)] == str2: if str1[:len(str2)] == str2:
@ -336,7 +333,7 @@ class auth_chain_a(auth_base):
def rnd_data(self, buf_size, buf, last_hash, random): def rnd_data(self, buf_size, buf, last_hash, random):
rand_len = self.rnd_data_len(buf_size, last_hash, random) rand_len = self.rnd_data_len(buf_size, last_hash, random)
rnd_data_buf = os.urandom(rand_len) rnd_data_buf = rand_bytes(rand_len)
if buf_size == 0: if buf_size == 0:
return rnd_data_buf return rnd_data_buf
@ -374,7 +371,7 @@ class auth_chain_a(auth_base):
data = data + (struct.pack('<H', self.server_info.overhead) + struct.pack('<H', 0)) data = data + (struct.pack('<H', self.server_info.overhead) + struct.pack('<H', 0))
mac_key = self.server_info.iv + self.server_info.key mac_key = self.server_info.iv + self.server_info.key
check_head = os.urandom(4) check_head = rand_bytes(4)
self.last_client_hash = hmac.new(mac_key, check_head, self.hashfunc).digest() self.last_client_hash = hmac.new(mac_key, check_head, self.hashfunc).digest()
check_head += self.last_client_hash[:8] check_head += self.last_client_hash[:8]
@ -384,9 +381,9 @@ class auth_chain_a(auth_base):
self.user_key = items[1] self.user_key = items[1]
uid = struct.pack('<I', int(items[0])) uid = struct.pack('<I', int(items[0]))
except: except:
uid = os.urandom(4) uid = rand_bytes(4)
else: else:
uid = os.urandom(4) uid = rand_bytes(4)
if self.user_key is None: if self.user_key is None:
self.user_key = self.server_info.key self.user_key = self.server_info.key
@ -407,9 +404,9 @@ class auth_chain_a(auth_base):
if self.server_info.data.connection_id > 0xFF000000: if self.server_info.data.connection_id > 0xFF000000:
self.server_info.data.local_client_id = b'' self.server_info.data.local_client_id = b''
if not self.server_info.data.local_client_id: if not self.server_info.data.local_client_id:
self.server_info.data.local_client_id = os.urandom(4) self.server_info.data.local_client_id = rand_bytes(4)
logging.debug("local_client_id %s" % (binascii.hexlify(self.server_info.data.local_client_id),)) logging.debug("local_client_id %s" % (binascii.hexlify(self.server_info.data.local_client_id),))
self.server_info.data.connection_id = struct.unpack('<I', os.urandom(4))[0] & 0xFFFFFF self.server_info.data.connection_id = struct.unpack('<I', rand_bytes(4))[0] & 0xFFFFFF
self.server_info.data.connection_id += 1 self.server_info.data.connection_id += 1
return b''.join([struct.pack('<I', utc_time), return b''.join([struct.pack('<I', utc_time),
self.server_info.data.local_client_id, self.server_info.data.local_client_id,
@ -612,9 +609,9 @@ class auth_chain_a(auth_base):
except: except:
pass pass
if self.user_key is None: if self.user_key is None:
self.user_id = os.urandom(4) self.user_id = rand_bytes(4)
self.user_key = self.server_info.key self.user_key = self.server_info.key
authdata = os.urandom(3) authdata = rand_bytes(3)
mac_key = self.server_info.key mac_key = self.server_info.key
md5data = hmac.new(mac_key, authdata, self.hashfunc).digest() md5data = hmac.new(mac_key, authdata, self.hashfunc).digest()
uid = struct.unpack('<I', self.user_id)[0] ^ struct.unpack('<I', md5data[:4])[0] uid = struct.unpack('<I', self.user_id)[0] ^ struct.unpack('<I', md5data[:4])[0]
@ -623,7 +620,7 @@ class auth_chain_a(auth_base):
encryptor = encrypt.Encryptor( encryptor = encrypt.Encryptor(
to_bytes(base64.b64encode(self.user_key)) + to_bytes(base64.b64encode(md5data)), 'rc4') to_bytes(base64.b64encode(self.user_key)) + to_bytes(base64.b64encode(md5data)), 'rc4')
out_buf = encryptor.encrypt(buf) out_buf = encryptor.encrypt(buf)
buf = out_buf + os.urandom(rand_len) + authdata + uid buf = out_buf + rand_bytes(rand_len) + authdata + uid
return buf + hmac.new(self.user_key, buf, self.hashfunc).digest()[:1] return buf + hmac.new(self.user_key, buf, self.hashfunc).digest()[:1]
def client_udp_post_decrypt(self, buf): def client_udp_post_decrypt(self, buf):
@ -647,13 +644,13 @@ class auth_chain_a(auth_base):
user_key = self.server_info.key user_key = self.server_info.key
else: else:
user_key = self.server_info.recv_iv user_key = self.server_info.recv_iv
authdata = os.urandom(7) authdata = rand_bytes(7)
mac_key = self.server_info.key mac_key = self.server_info.key
md5data = hmac.new(mac_key, authdata, self.hashfunc).digest() md5data = hmac.new(mac_key, authdata, self.hashfunc).digest()
rand_len = self.udp_rnd_data_len(md5data, self.random_server) rand_len = self.udp_rnd_data_len(md5data, self.random_server)
encryptor = encrypt.Encryptor(to_bytes(base64.b64encode(user_key)) + to_bytes(base64.b64encode(md5data)), 'rc4') encryptor = encrypt.Encryptor(to_bytes(base64.b64encode(user_key)) + to_bytes(base64.b64encode(md5data)), 'rc4')
out_buf = encryptor.encrypt(buf) out_buf = encryptor.encrypt(buf)
buf = out_buf + os.urandom(rand_len) + authdata buf = out_buf + rand_bytes(rand_len) + authdata
return buf + hmac.new(user_key, buf, self.hashfunc).digest()[:1] return buf + hmac.new(user_key, buf, self.hashfunc).digest()[:1]
def server_udp_post_decrypt(self, buf): def server_udp_post_decrypt(self, buf):

Write Preview
Loading…
Cancel
Save