return after destory

fix "tls1.0_session_auth"

shadowsocks/obfsplugin/auth.py

@@ -247,9 +247,6 @@ class auth_simple(verify_base):
             if length >= 8192 or length < 7:
                 self.raw_trans = True
                 self.recv_buf = b''
-                if self.decrypt_packet_num == 0:
-                    return None
-                else:
                 raise Exception('client_post_decrypt data error')
             if length > len(self.recv_buf):
                 break
@@ -257,9 +254,6 @@ class auth_simple(verify_base):
             if (binascii.crc32(self.recv_buf[:length]) & 0xffffffff) != 0xffffffff:
                 self.raw_trans = True
                 self.recv_buf = b''
-                if self.decrypt_packet_num == 0:
-                    return None
-                else:
                 raise Exception('client_post_decrypt data uncorrect CRC32')
 
             pos = common.ord(self.recv_buf[2]) + 2

shadowsocks/obfsplugin/obfs_tls.py

@@ -268,9 +268,11 @@ class tls_auth(plain.plain):
         if sha1 != verifyid[22:]:
             logging.debug("tls_auth wrong sha1")
             return self.decode_error_return(ogn_buf)
-        if verifyid[4:22] in self.server_info.data.client_data:
+        if self.server_info.data.client_data.get(verifyid[:22]):
             logging.error("replay attack detect, id = %s" % (binascii.hexlify(verifyid)))
             return self.decode_error_return(ogn_buf)
+        self.server_info.data.client_data.sweep()
+        self.server_info.data.client_data[verifyid[:22]] = sessionid
         # (buffer_to_recv, is_need_decrypt, is_need_to_encode_and_send_back)
         return (b'', False, True)
 

shadowsocks/obfsplugin/verify.py

@@ -124,9 +124,6 @@ class verify_simple(verify_base):
             if length >= 8192 or length < 7:
                 self.raw_trans = True
                 self.recv_buf = b''
-                if self.decrypt_packet_num == 0:
-                    return None
-                else:
                 raise Exception('client_post_decrypt data error')
             if length > len(self.recv_buf):
                 break
@@ -134,9 +131,6 @@ class verify_simple(verify_base):
             if (binascii.crc32(self.recv_buf[:length]) & 0xffffffff) != 0xffffffff:
                 self.raw_trans = True
                 self.recv_buf = b''
-                if self.decrypt_packet_num == 0:
-                    return None
-                else:
                 raise Exception('client_post_decrypt data uncorrect CRC32')
 
             pos = common.ord(self.recv_buf[2]) + 2
@@ -221,9 +215,6 @@ class verify_deflate(verify_base):
             if length >= 32768 or length < 6:
                 self.raw_trans = True
                 self.recv_buf = b''
-                if self.decrypt_packet_num == 0:
-                    return None
-                else:
                 raise Exception('client_post_decrypt data error')
             if length > len(self.recv_buf):
                 break

shadowsocks/tcprelay.py

@@ -603,6 +603,7 @@ class TCPRelayHandler(object):
                     except Exception as e:
                         shell.print_exception(e)
                         self.destroy()
+                        return
                     if obfs_decode[2]:
                         self._write_to_sock(b'', self._local_sock)
                     if obfs_decode[1]:
@@ -674,6 +675,7 @@ class TCPRelayHandler(object):
                 except Exception as e:
                     shell.print_exception(e)
                     self.destroy()
+                    return
                 if obfs_decode[1]:
                     send_back = self._obfs.client_encode(b'')
                     self._write_to_sock(send_back, self._remote_sock)
@@ -686,6 +688,7 @@ class TCPRelayHandler(object):
                 except Exception as e:
                     shell.print_exception(e)
                     self.destroy()
+                    return
             else:
                 if self._encrypt_correct:
                     data = self._protocol.server_pre_encrypt(data)