@ -277,7 +277,7 @@ class auth_simple(verify_base):
def server_post_decrypt ( self , buf ) :
def server_post_decrypt ( self , buf ) :
if self . raw_trans :
if self . raw_trans :
return buf
return ( buf , False )
self . recv_buf + = buf
self . recv_buf + = buf
out_buf = b ' '
out_buf = b ' '
while len ( self . recv_buf ) > 2 :
while len ( self . recv_buf ) > 2 :
@ -287,7 +287,7 @@ class auth_simple(verify_base):
self . recv_buf = b ' '
self . recv_buf = b ' '
if self . decrypt_packet_num == 0 :
if self . decrypt_packet_num == 0 :
logging . info ( ' auth_simple: over size ' )
logging . info ( ' auth_simple: over size ' )
return b ' E '
return ( b ' E ' , False )
else :
else :
raise Exception ( ' server_post_decrype data error ' )
raise Exception ( ' server_post_decrype data error ' )
if length > len ( self . recv_buf ) :
if length > len ( self . recv_buf ) :
@ -298,7 +298,7 @@ class auth_simple(verify_base):
self . raw_trans = True
self . raw_trans = True
self . recv_buf = b ' '
self . recv_buf = b ' '
if self . decrypt_packet_num == 0 :
if self . decrypt_packet_num == 0 :
return b ' E '
return ( b ' E ' , False )
else :
else :
raise Exception ( ' server_post_decrype data uncorrect CRC32 ' )
raise Exception ( ' server_post_decrype data uncorrect CRC32 ' )
@ -309,7 +309,7 @@ class auth_simple(verify_base):
self . raw_trans = True
self . raw_trans = True
self . recv_buf = b ' '
self . recv_buf = b ' '
logging . info ( ' auth_simple: too short ' )
logging . info ( ' auth_simple: too short ' )
return b ' E '
return ( b ' E ' , False )
utc_time = struct . unpack ( ' <I ' , out_buf [ : 4 ] ) [ 0 ]
utc_time = struct . unpack ( ' <I ' , out_buf [ : 4 ] ) [ 0 ]
client_id = struct . unpack ( ' <I ' , out_buf [ 4 : 8 ] ) [ 0 ]
client_id = struct . unpack ( ' <I ' , out_buf [ 4 : 8 ] ) [ 0 ]
connection_id = struct . unpack ( ' <I ' , out_buf [ 8 : 12 ] ) [ 0 ]
connection_id = struct . unpack ( ' <I ' , out_buf [ 8 : 12 ] ) [ 0 ]
@ -319,7 +319,7 @@ class auth_simple(verify_base):
self . raw_trans = True
self . raw_trans = True
self . recv_buf = b ' '
self . recv_buf = b ' '
logging . info ( ' auth_simple: wrong timestamp, time_dif %d , data %s ' % ( time_dif , binascii . hexlify ( out_buf ) , ) )
logging . info ( ' auth_simple: wrong timestamp, time_dif %d , data %s ' % ( time_dif , binascii . hexlify ( out_buf ) , ) )
return b ' E '
return ( b ' E ' , False )
elif self . server_info . data . insert ( client_id , connection_id ) :
elif self . server_info . data . insert ( client_id , connection_id ) :
self . has_recv_header = True
self . has_recv_header = True
out_buf = out_buf [ 12 : ]
out_buf = out_buf [ 12 : ]
@ -329,13 +329,13 @@ class auth_simple(verify_base):
self . raw_trans = True
self . raw_trans = True
self . recv_buf = b ' '
self . recv_buf = b ' '
logging . info ( ' auth_simple: auth fail, data %s ' % ( binascii . hexlify ( out_buf ) , ) )
logging . info ( ' auth_simple: auth fail, data %s ' % ( binascii . hexlify ( out_buf ) , ) )
return b ' E '
return ( b ' E ' , False )
self . recv_buf = self . recv_buf [ length : ]
self . recv_buf = self . recv_buf [ length : ]
if out_buf :
if out_buf :
self . server_info . data . update ( self . client_id , self . connection_id )
self . server_info . data . update ( self . client_id , self . connection_id )
self . decrypt_packet_num + = 1
self . decrypt_packet_num + = 1
return out_buf
return ( out_buf , False )
class auth_sha1 ( verify_base ) :
class auth_sha1 ( verify_base ) :
def __init__ ( self , method ) :
def __init__ ( self , method ) :
@ -446,33 +446,33 @@ class auth_sha1(verify_base):
def server_post_decrypt ( self , buf ) :
def server_post_decrypt ( self , buf ) :
if self . raw_trans :
if self . raw_trans :
return buf
return ( buf , False )
self . recv_buf + = buf
self . recv_buf + = buf
out_buf = b ' '
out_buf = b ' '
if not self . has_recv_header :
if not self . has_recv_header :
if len ( self . recv_buf ) < 4 :
if len ( self . recv_buf ) < 4 :
return b ' '
return ( b ' ' , False )
crc = struct . pack ( ' <I ' , binascii . crc32 ( self . server_info . key ) & 0xFFFFFFFF )
crc = struct . pack ( ' <I ' , binascii . crc32 ( self . server_info . key ) & 0xFFFFFFFF )
if crc != self . recv_buf [ : 4 ] :
if crc != self . recv_buf [ : 4 ] :
if self . method == ' auth_sha1 ' :
if self . method == ' auth_sha1 ' :
return b ' E '
return ( b ' E ' , False )
else :
else :
self . raw_trans = True
self . raw_trans = True
return self . recv_buf
return ( self . recv_buf , False )
length = struct . unpack ( ' >H ' , self . recv_buf [ 4 : 6 ] ) [ 0 ]
length = struct . unpack ( ' >H ' , self . recv_buf [ 4 : 6 ] ) [ 0 ]
if length > len ( self . recv_buf ) :
if length > len ( self . recv_buf ) :
return b ' '
return ( b ' ' , False )
sha1data = hmac . new ( self . server_info . recv_iv + self . server_info . key , self . recv_buf [ : length - 10 ] , hashlib . sha1 ) . digest ( ) [ : 10 ]
sha1data = hmac . new ( self . server_info . recv_iv + self . server_info . key , self . recv_buf [ : length - 10 ] , hashlib . sha1 ) . digest ( ) [ : 10 ]
if sha1data != self . recv_buf [ length - 10 : length ] :
if sha1data != self . recv_buf [ length - 10 : length ] :
logging . error ( ' auth_sha1 data uncorrect auth HMAC-SHA1 ' )
logging . error ( ' auth_sha1 data uncorrect auth HMAC-SHA1 ' )
return b ' E '
return ( b ' E ' , False )
pos = common . ord ( self . recv_buf [ 6 ] ) + 6
pos = common . ord ( self . recv_buf [ 6 ] ) + 6
out_buf = self . recv_buf [ pos : length - 10 ]
out_buf = self . recv_buf [ pos : length - 10 ]
if len ( out_buf ) < 12 :
if len ( out_buf ) < 12 :
self . raw_trans = True
self . raw_trans = True
self . recv_buf = b ' '
self . recv_buf = b ' '
logging . info ( ' auth_sha1: too short ' )
logging . info ( ' auth_sha1: too short ' )
return b ' E '
return ( b ' E ' , False )
utc_time = struct . unpack ( ' <I ' , out_buf [ : 4 ] ) [ 0 ]
utc_time = struct . unpack ( ' <I ' , out_buf [ : 4 ] ) [ 0 ]
client_id = struct . unpack ( ' <I ' , out_buf [ 4 : 8 ] ) [ 0 ]
client_id = struct . unpack ( ' <I ' , out_buf [ 4 : 8 ] ) [ 0 ]
connection_id = struct . unpack ( ' <I ' , out_buf [ 8 : 12 ] ) [ 0 ]
connection_id = struct . unpack ( ' <I ' , out_buf [ 8 : 12 ] ) [ 0 ]
@ -482,7 +482,7 @@ class auth_sha1(verify_base):
self . raw_trans = True
self . raw_trans = True
self . recv_buf = b ' '
self . recv_buf = b ' '
logging . info ( ' auth_sha1: wrong timestamp, time_dif %d , data %s ' % ( time_dif , binascii . hexlify ( out_buf ) , ) )
logging . info ( ' auth_sha1: wrong timestamp, time_dif %d , data %s ' % ( time_dif , binascii . hexlify ( out_buf ) , ) )
return b ' E '
return ( b ' E ' , False )
elif self . server_info . data . insert ( client_id , connection_id ) :
elif self . server_info . data . insert ( client_id , connection_id ) :
self . has_recv_header = True
self . has_recv_header = True
out_buf = out_buf [ 12 : ]
out_buf = out_buf [ 12 : ]
@ -492,7 +492,7 @@ class auth_sha1(verify_base):
self . raw_trans = True
self . raw_trans = True
self . recv_buf = b ' '
self . recv_buf = b ' '
logging . info ( ' auth_sha1: auth fail, data %s ' % ( binascii . hexlify ( out_buf ) , ) )
logging . info ( ' auth_sha1: auth fail, data %s ' % ( binascii . hexlify ( out_buf ) , ) )
return b ' E '
return ( b ' E ' , False )
self . recv_buf = self . recv_buf [ length : ]
self . recv_buf = self . recv_buf [ length : ]
self . has_recv_header = True
self . has_recv_header = True
@ -503,7 +503,7 @@ class auth_sha1(verify_base):
self . recv_buf = b ' '
self . recv_buf = b ' '
if self . decrypt_packet_num == 0 :
if self . decrypt_packet_num == 0 :
logging . info ( ' auth_sha1: over size ' )
logging . info ( ' auth_sha1: over size ' )
return b ' E '
return ( b ' E ' , False )
else :
else :
raise Exception ( ' server_post_decrype data error ' )
raise Exception ( ' server_post_decrype data error ' )
if length > len ( self . recv_buf ) :
if length > len ( self . recv_buf ) :
@ -514,7 +514,7 @@ class auth_sha1(verify_base):
self . raw_trans = True
self . raw_trans = True
self . recv_buf = b ' '
self . recv_buf = b ' '
if self . decrypt_packet_num == 0 :
if self . decrypt_packet_num == 0 :
return b ' E '
return ( b ' E ' , False )
else :
else :
raise Exception ( ' server_post_decrype data uncorrect checksum ' )
raise Exception ( ' server_post_decrype data uncorrect checksum ' )
@ -525,7 +525,7 @@ class auth_sha1(verify_base):
if out_buf :
if out_buf :
self . server_info . data . update ( self . client_id , self . connection_id )
self . server_info . data . update ( self . client_id , self . connection_id )
self . decrypt_packet_num + = 1
self . decrypt_packet_num + = 1
return out_buf
return ( out_buf , False )
class obfs_auth_v2_data ( object ) :
class obfs_auth_v2_data ( object ) :
def __init__ ( self ) :
def __init__ ( self ) :
@ -686,26 +686,26 @@ class auth_sha1_v2(verify_base):
def server_post_decrypt ( self , buf ) :
def server_post_decrypt ( self , buf ) :
if self . raw_trans :
if self . raw_trans :
return buf
return ( buf , False )
self . recv_buf + = buf
self . recv_buf + = buf
out_buf = b ' '
out_buf = b ' '
if not self . has_recv_header :
if not self . has_recv_header :
if len ( self . recv_buf ) < 4 :
if len ( self . recv_buf ) < 4 :
return b ' '
return ( b ' ' , False )
crc = struct . pack ( ' <I ' , binascii . crc32 ( self . salt + self . server_info . key ) & 0xFFFFFFFF )
crc = struct . pack ( ' <I ' , binascii . crc32 ( self . salt + self . server_info . key ) & 0xFFFFFFFF )
if crc != self . recv_buf [ : 4 ] :
if crc != self . recv_buf [ : 4 ] :
if self . method == ' auth_sha1_v2 ' :
if self . method == ' auth_sha1_v2 ' :
return b ' E '
return ( b ' E ' , False )
else :
else :
self . raw_trans = True
self . raw_trans = True
return self . recv_buf
return ( self . recv_buf , False )
length = struct . unpack ( ' >H ' , self . recv_buf [ 4 : 6 ] ) [ 0 ]
length = struct . unpack ( ' >H ' , self . recv_buf [ 4 : 6 ] ) [ 0 ]
if length > len ( self . recv_buf ) :
if length > len ( self . recv_buf ) :
return b ' '
return ( b ' ' , False )
sha1data = hmac . new ( self . server_info . recv_iv + self . server_info . key , self . recv_buf [ : length - 10 ] , hashlib . sha1 ) . digest ( ) [ : 10 ]
sha1data = hmac . new ( self . server_info . recv_iv + self . server_info . key , self . recv_buf [ : length - 10 ] , hashlib . sha1 ) . digest ( ) [ : 10 ]
if sha1data != self . recv_buf [ length - 10 : length ] :
if sha1data != self . recv_buf [ length - 10 : length ] :
logging . error ( ' auth_sha1_v2 data uncorrect auth HMAC-SHA1 ' )
logging . error ( ' auth_sha1_v2 data uncorrect auth HMAC-SHA1 ' )
return b ' E '
return ( b ' E ' , False )
pos = common . ord ( self . recv_buf [ 6 ] )
pos = common . ord ( self . recv_buf [ 6 ] )
if pos < 255 :
if pos < 255 :
pos + = 6
pos + = 6
@ -716,7 +716,7 @@ class auth_sha1_v2(verify_base):
self . raw_trans = True
self . raw_trans = True
self . recv_buf = b ' '
self . recv_buf = b ' '
logging . info ( ' auth_sha1_v2: too short ' )
logging . info ( ' auth_sha1_v2: too short ' )
return b ' E '
return ( b ' E ' , False )
client_id = struct . unpack ( ' <Q ' , out_buf [ : 8 ] ) [ 0 ]
client_id = struct . unpack ( ' <Q ' , out_buf [ : 8 ] ) [ 0 ]
connection_id = struct . unpack ( ' <I ' , out_buf [ 8 : 12 ] ) [ 0 ]
connection_id = struct . unpack ( ' <I ' , out_buf [ 8 : 12 ] ) [ 0 ]
if self . server_info . data . insert ( client_id , connection_id ) :
if self . server_info . data . insert ( client_id , connection_id ) :
@ -728,10 +728,11 @@ class auth_sha1_v2(verify_base):
self . raw_trans = True
self . raw_trans = True
self . recv_buf = b ' '
self . recv_buf = b ' '
logging . info ( ' auth_sha1_v2: auth fail, data %s ' % ( binascii . hexlify ( out_buf ) , ) )
logging . info ( ' auth_sha1_v2: auth fail, data %s ' % ( binascii . hexlify ( out_buf ) , ) )
return b ' E '
return ( b ' E ' , False )
self . recv_buf = self . recv_buf [ length : ]
self . recv_buf = self . recv_buf [ length : ]
self . has_recv_header = True
self . has_recv_header = True
sendback = False
while len ( self . recv_buf ) > 2 :
while len ( self . recv_buf ) > 2 :
length = struct . unpack ( ' >H ' , self . recv_buf [ : 2 ] ) [ 0 ]
length = struct . unpack ( ' >H ' , self . recv_buf [ : 2 ] ) [ 0 ]
if length > = 8192 or length < 7 :
if length > = 8192 or length < 7 :
@ -739,7 +740,7 @@ class auth_sha1_v2(verify_base):
self . recv_buf = b ' '
self . recv_buf = b ' '
if self . decrypt_packet_num == 0 :
if self . decrypt_packet_num == 0 :
logging . info ( ' auth_sha1_v2: over size ' )
logging . info ( ' auth_sha1_v2: over size ' )
return b ' E '
return ( b ' E ' , False )
else :
else :
raise Exception ( ' server_post_decrype data error ' )
raise Exception ( ' server_post_decrype data error ' )
if length > len ( self . recv_buf ) :
if length > len ( self . recv_buf ) :
@ -750,7 +751,7 @@ class auth_sha1_v2(verify_base):
self . raw_trans = True
self . raw_trans = True
self . recv_buf = b ' '
self . recv_buf = b ' '
if self . decrypt_packet_num == 0 :
if self . decrypt_packet_num == 0 :
return b ' E '
return ( b ' E ' , False )
else :
else :
raise Exception ( ' server_post_decrype data uncorrect checksum ' )
raise Exception ( ' server_post_decrype data uncorrect checksum ' )
@ -761,9 +762,11 @@ class auth_sha1_v2(verify_base):
pos = struct . unpack ( ' >H ' , self . recv_buf [ 3 : 5 ] ) [ 0 ] + 2
pos = struct . unpack ( ' >H ' , self . recv_buf [ 3 : 5 ] ) [ 0 ] + 2
out_buf + = self . recv_buf [ pos : length - 4 ]
out_buf + = self . recv_buf [ pos : length - 4 ]
self . recv_buf = self . recv_buf [ length : ]
self . recv_buf = self . recv_buf [ length : ]
if pos == length - 4 :
sendback = True
if out_buf :
if out_buf :
self . server_info . data . update ( self . client_id , self . connection_id )
self . server_info . data . update ( self . client_id , self . connection_id )
self . decrypt_packet_num + = 1
self . decrypt_packet_num + = 1
return out_buf
return ( out_buf , sendback )