vbatts/shadowsocks
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity

return after destory

Browse source 
fix "tls1.0_session_auth"
This commit is contained in:
BreakWa11 2015-12-14 02:32:24 +08:00
parent aff97d4ce8
commit 13579f1ca4
4 changed files with 11 additions and 21 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

10
shadowsocks/obfsplugin/auth.py
View file

@ -247,20 +247,14 @@ class auth_simple(verify_base):
if length >= 8192 or length < 7:
self.raw_trans = True
self.recv_buf = b''
if self.decrypt_packet_num == 0:
return None
else:
raise Exception('client_post_decrypt data error')
raise Exception('client_post_decrypt data error')
if length > len(self.recv_buf):
break
if (binascii.crc32(self.recv_buf[:length]) & 0xffffffff) != 0xffffffff:
self.raw_trans = True
self.recv_buf = b''
if self.decrypt_packet_num == 0:
return None
else:
raise Exception('client_post_decrypt data uncorrect CRC32')
raise Exception('client_post_decrypt data uncorrect CRC32')
pos = common.ord(self.recv_buf[2]) + 2
out_buf += self.recv_buf[pos:length - 4]

4
shadowsocks/obfsplugin/obfs_tls.py
View file

@ -268,9 +268,11 @@ class tls_auth(plain.plain):
if sha1 != verifyid[22:]:
logging.debug("tls_auth wrong sha1")
return self.decode_error_return(ogn_buf)
if verifyid[4:22] in self.server_info.data.client_data:
if self.server_info.data.client_data.get(verifyid[:22]):
logging.error("replay attack detect, id = %s" % (binascii.hexlify(verifyid)))
return self.decode_error_return(ogn_buf)
self.server_info.data.client_data.sweep()
self.server_info.data.client_data[verifyid[:22]] = sessionid
# (buffer_to_recv, is_need_decrypt, is_need_to_encode_and_send_back)
return (b'', False, True)

15
shadowsocks/obfsplugin/verify.py
View file

@ -124,20 +124,14 @@ class verify_simple(verify_base):
if length >= 8192 or length < 7:
self.raw_trans = True
self.recv_buf = b''
if self.decrypt_packet_num == 0:
return None
else:
raise Exception('client_post_decrypt data error')
raise Exception('client_post_decrypt data error')
if length > len(self.recv_buf):
break
if (binascii.crc32(self.recv_buf[:length]) & 0xffffffff) != 0xffffffff:
self.raw_trans = True
self.recv_buf = b''
if self.decrypt_packet_num == 0:
return None
else:
raise Exception('client_post_decrypt data uncorrect CRC32')
raise Exception('client_post_decrypt data uncorrect CRC32')
pos = common.ord(self.recv_buf[2]) + 2
out_buf += self.recv_buf[pos:length - 4]
@ -221,10 +215,7 @@ class verify_deflate(verify_base):
if length >= 32768 or length < 6:
self.raw_trans = True
self.recv_buf = b''
if self.decrypt_packet_num == 0:
return None
else:
raise Exception('client_post_decrypt data error')
raise Exception('client_post_decrypt data error')
if length > len(self.recv_buf):
break

3
shadowsocks/tcprelay.py
View file

@ -603,6 +603,7 @@ class TCPRelayHandler(object):
except Exception as e:
shell.print_exception(e)
self.destroy()
return
if obfs_decode[2]:
self._write_to_sock(b'', self._local_sock)
if obfs_decode[1]:
@ -674,6 +675,7 @@ class TCPRelayHandler(object):
except Exception as e:
shell.print_exception(e)
self.destroy()
return
if obfs_decode[1]:
send_back = self._obfs.client_encode(b'')
self._write_to_sock(send_back, self._remote_sock)
@ -686,6 +688,7 @@ class TCPRelayHandler(object):
except Exception as e:
shell.print_exception(e)
self.destroy()
return
else:
if self._encrypt_correct:
data = self._protocol.server_pre_encrypt(data)