vbatts/shadowsocks
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity

support custom cryptor for ss command, requests, response

Browse source
This commit is contained in:
zhipeng 2017-07-24 19:02:35 +08:00
parent d5026cf5ef
commit 14345a124b
6 changed files with 76 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
README.md
View file

@ -60,6 +60,11 @@ To start:
ssserver -c /etc/shadowsocks.json ssserver -c /etc/shadowsocks.json
### use you custom cryptor
change common.py
clsss DefaultCryptor
encrypt_ss_data, decrypt_ss_data: encrypt/decrypt ss commands, ss local to ss server, ss command and http request
encrypt_http_data, decrypt_ss_data: encrypt/decrypt http data, ss server to ss local, http/https response
Documentation Documentation
------------- -------------

10
local.json Normal file
View file

@ -0,0 +1,10 @@
{
"password": "ss@zhang?2017@ss",
"method": "aes-256-cfb",
"server_port": 2221,
"remarks": "",
"server": "127.0.0.1",
"local_address": "127.0.0.1",
"local_port":2222,
"verbose":1
}

8
server.json Normal file
View file

@ -0,0 +1,8 @@
{
"password": "ss@zhang?2017@ss",
"method": "aes-256-cfb",
"server_port": 2221,
"remarks": "",
"server": "127.0.0.1",
"verbose":1
}

39
shadowsocks/common.py
View file

@ -206,6 +206,44 @@ def parse_header(data):
return None return None
return addrtype, to_bytes(dest_addr), dest_port, header_length return addrtype, to_bytes(dest_addr), dest_port, header_length
class BaseDataCryptor(object):
@staticmethod
def encrypt_ss_data(data):
return data
@staticmethod
def decrypt_ss_data(data):
return data
@staticmethod
def encrypt_http_data(data):
return data
@staticmethod
def decrypy_http_data(data):
return data
class DefaultCryptor(BaseDataCryptor):
@staticmethod
def encrypt_ss_data(data):
logging.debug("encrypt ss data:" + str([data]) + "|")
return data[::-1]
@staticmethod
def decrypt_ss_data(data):
logging.debug("try decrypt ss data:" + str([data]) + "|")
return data[::-1]
@staticmethod
def encrypt_http_data(data):
logging.debug("encrypt http data:" + str([data]) + "|")
return data[::-1]
@staticmethod
def decrypy_http_data(data):
logging.debug("try decrypt http data:" + str([data]) + "|")
return data[::-1]
class IPNetwork(object): class IPNetwork(object):
ADDRLENGTH = {socket.AF_INET: 32, socket.AF_INET6: 128, False: 0} ADDRLENGTH = {socket.AF_INET: 32, socket.AF_INET6: 128, False: 0}
@ -308,3 +346,4 @@ if __name__ == '__main__':
test_parse_header() test_parse_header()
test_pack_header() test_pack_header()
test_ip_network() test_ip_network()

1
shadowsocks/shell.py
View file

@ -55,6 +55,7 @@ def print_exception(e):
if verbose > 0: if verbose > 0:
import traceback import traceback
traceback.print_exc() traceback.print_exc()
print(traceback.format_exc())
def exception_handle(self_, err_msg=None, exit_code=None, def exception_handle(self_, err_msg=None, exit_code=None,

13
shadowsocks/tcprelay.py
View file

@ -31,6 +31,8 @@ from shadowsocks.common import parse_header, onetimeauth_verify, \
onetimeauth_gen, ONETIMEAUTH_BYTES, ONETIMEAUTH_CHUNK_BYTES, \ onetimeauth_gen, ONETIMEAUTH_BYTES, ONETIMEAUTH_CHUNK_BYTES, \
ONETIMEAUTH_CHUNK_DATA_LEN, ADDRTYPE_AUTH ONETIMEAUTH_CHUNK_DATA_LEN, ADDRTYPE_AUTH
from shadowsocks.common import DefaultCryptor
# we clear at most TIMEOUTS_CLEAN_SIZE timeouts each time # we clear at most TIMEOUTS_CLEAN_SIZE timeouts each time
TIMEOUTS_CLEAN_SIZE = 512 TIMEOUTS_CLEAN_SIZE = 512
@ -502,7 +504,9 @@ class TCPRelayHandler(object):
if self._is_local: if self._is_local:
if self._ota_enable_session: if self._ota_enable_session:
data = self._ota_chunk_data_gen(data) data = self._ota_chunk_data_gen(data)
# ss local: send ss-data to ss server.
data = self._cryptor.encrypt(data) data = self._cryptor.encrypt(data)
data = DefaultCryptor.encrypt_ss_data(data)
self._write_to_sock(data, self._remote_sock) self._write_to_sock(data, self._remote_sock)
else: else:
if self._ota_enable_session: if self._ota_enable_session:
@ -571,6 +575,8 @@ class TCPRelayHandler(object):
return return
self._update_activity(len(data)) self._update_activity(len(data))
if not is_local: if not is_local:
# ss server: decrypt ss local ss-data
data = DefaultCryptor.decrypt_ss_data(data)
data = self._cryptor.decrypt(data) data = self._cryptor.decrypt(data)
if not data: if not data:
return return
@ -609,8 +615,12 @@ class TCPRelayHandler(object):
return return
self._update_activity(len(data)) self._update_activity(len(data))
if self._is_local: if self._is_local:
# ss local: decrypt http-data, send to Agent
data = self._cryptor.decrypt(data) data = self._cryptor.decrypt(data)
data = DefaultCryptor.decrypy_http_data(data)
else: else:
# ss server: encrypt http-data, send to ss local
data = DefaultCryptor.encrypt_http_data(data)
data = self._cryptor.encrypt(data) data = self._cryptor.encrypt(data)
try: try:
self._write_to_sock(data, self._local_sock) self._write_to_sock(data, self._local_sock)
@ -635,6 +645,9 @@ class TCPRelayHandler(object):
self._stage = STAGE_STREAM self._stage = STAGE_STREAM
if self._data_to_write_to_remote: if self._data_to_write_to_remote:
data = b''.join(self._data_to_write_to_remote) data = b''.join(self._data_to_write_to_remote)
if self._is_local:
# ss local: send ss-data to ss server.
data = DefaultCryptor.encrypt_ss_data(data)
self._data_to_write_to_remote = [] self._data_to_write_to_remote = []
self._write_to_sock(data, self._remote_sock) self._write_to_sock(data, self._remote_sock)
else: else: