From 39b25e59b2ae850996cc3e432d9c5c98c82edc14 Mon Sep 17 00:00:00 2001 From: Zou Yong Date: Thu, 2 Mar 2017 18:21:18 +0800 Subject: [PATCH] fix udp replay: decrypt_all return a list remove manager api --- requirements.txt | 15 ---- shadowsocks/manager_api.py | 138 ------------------------------------- shadowsocks/server.py | 13 ---- shadowsocks/shell.py | 9 +-- shadowsocks/udprelay.py | 5 +- 5 files changed, 4 insertions(+), 176 deletions(-) delete mode 100644 requirements.txt delete mode 100644 shadowsocks/manager_api.py diff --git a/requirements.txt b/requirements.txt deleted file mode 100644 index 10ef828..0000000 --- a/requirements.txt +++ /dev/null @@ -1,15 +0,0 @@ -backports-abc==0.5 -certifi==2016.9.26 -click==6.7 -Flask==0.12 -Flask-Inputs==0.2.0 -functools32==3.2.3.post2 -itsdangerous==0.24 -Jinja2==2.9.4 -jsonschema==2.5.1 -MarkupSafe==0.23 -singledispatch==3.4.0.3 -six==1.10.0 -tornado==4.4.2 -Werkzeug==0.11.15 -WTForms==2.1 diff --git a/shadowsocks/manager_api.py b/shadowsocks/manager_api.py deleted file mode 100644 index 22bda3e..0000000 --- a/shadowsocks/manager_api.py +++ /dev/null @@ -1,138 +0,0 @@ -#!/usr/bin/env python -# -*- coding: utf-8 -*- -# Author: jiawei@shoplex.com -# Created at 2017-01-22 - -from __future__ import absolute_import, division, print_function, \ - with_statement - -import socket -import logging -import random -import hashlib - -from flask import Flask, abort, request, jsonify -from flask_inputs import Inputs -from flask_inputs.validators import JsonSchema - -logger = logging.getLogger('Manager API') - - -class FlaskDeployedViaTornado(Flask): - @property - def logger(self): - return logger - - def run(self, host=None, port=None, debug=None, **options): - import tornado.wsgi - import tornado.ioloop - import tornado.httpserver - import tornado.web - - if host is None: - host = '0.0.0.0' - if port is None: - port = 5000 - if debug is not None: - self.debug = bool(debug) - self.logger.setLevel(logging.DEBUG) - - hostname = host - port = port - application = self - use_reloader = self.debug - use_debugger = self.debug - - if use_debugger: - from werkzeug.debug import DebuggedApplication - application = DebuggedApplication(application, True) - - container = tornado.wsgi.WSGIContainer(application) - self.http_server = tornado.httpserver.HTTPServer(container) - self.http_server.listen(port, hostname) - if use_reloader: - from tornado import autoreload - autoreload.start() - - self.logger.info('Manager API running on %s:%s', hostname, port) - self.ioloop = tornado.ioloop.IOLoop.current() - self.ioloop.start() - - -class RemovePortInputs(Inputs): - json = [ - JsonSchema(schema={ - 'type': 'object', - 'properties': { - 'port': { - 'type': [ - 'string', - 'number', - ], - } - } - }) - ] - - -def pick_unused_port(): - s = socket.socket(socket.AF_INET, socket.SOCK_STREAM) - s.bind(('localhost', 0)) - addr, port = s.getsockname() - s.close() - return port - - -app = FlaskDeployedViaTornado(__name__) - - -@app.before_request -def authenticate(): - if not request.headers.get('Authorization') \ - == app.config.get('AUTHORIZATION_KEY'): - abort(403) - - -@app.route('/add-port', methods=['POST']) -def add_port(): - app.logger.debug('Receive request to add port') - - cli = socket.socket(socket.AF_INET, socket.SOCK_DGRAM) - manager_host, manager_port = app.config.get('MANAGER_ADDRESS').split(':') - cli.connect((manager_host, int(manager_port))) - - port = pick_unused_port() - password = hashlib.md5( - bytes(random.randint(1, 100) * random.randint(1, 200))).hexdigest() - - cli.send(b'add: {"server_port":' + bytes(port) + - b', "password":"' + bytes(password) + b'"}') - - cli.close() - - data = { - 'port': port, - 'password': password, - } - - return jsonify(message='success', data=data) - - -@app.route('/remove-port', methods=['POST']) -def remove_port(): - app.logger.debug('Receive request to add port') - - inputs = RemovePortInputs(request) - if not inputs.validate(): - return jsonify(message='Got bad request', errors=inputs.errors) - - port = int(request.json.get('port')) - - cli = socket.socket(socket.AF_INET, socket.SOCK_DGRAM) - manager_host, manager_port = app.config.get('MANAGER_ADDRESS').split(':') - cli.connect((manager_host, int(manager_port))) - - cli.send('remove: {"server_port": ' + bytes(port) + '}') - cli.close() - - return jsonify(message='success') diff --git a/shadowsocks/server.py b/shadowsocks/server.py index 6b8fe20..d7af497 100755 --- a/shadowsocks/server.py +++ b/shadowsocks/server.py @@ -52,19 +52,6 @@ def main(): if config.get('manager_address', 0): logging.info('entering manager mode') - if config.get('manager_api_port', 0) and config.get('manager_api_key'): - logging.info('serving manager api') - from shadowsocks.manager_api import app - app.config.update({ - 'MANAGER_ADDRESS': config.get('manager_address'), - 'AUTHORIZATION_KEY': config.get('manager_api_key') - }) - - def run_manager_api(): - app.run(port=config.get('manager_api_port')) - - p = multiprocessing.Process(target=run_manager_api) - p.start() manager.run(config) return diff --git a/shadowsocks/shell.py b/shadowsocks/shell.py index 9b1b63c..2d1eb29 100644 --- a/shadowsocks/shell.py +++ b/shadowsocks/shell.py @@ -202,8 +202,7 @@ def get_config(is_local): else: shortopts = 'hd:s:p:k:m:c:t:vqa' longopts = ['help', 'fast-open', 'pid-file=', 'log-file=', 'workers=', - 'forbidden-ip=', 'user=', 'manager-address=', - 'manager-api-port=', 'manager-api-key=', 'version', + 'forbidden-ip=', 'user=', 'manager-address=', 'version', 'prefer-ipv6'] try: config_path = find_config() @@ -252,10 +251,6 @@ def get_config(is_local): config['workers'] = int(value) elif key == '--manager-address': config['manager_address'] = value - elif key == '--manager-api-port': - config['manager_api_port'] = int(value) - elif key == '--manager-api-key': - config['manager_api_key'] = value elif key == '--user': config['user'] = to_str(value) elif key == '--forbidden-ip': @@ -409,8 +404,6 @@ Proxy options: --workers WORKERS number of workers, available on Unix/Linux --forbidden-ip IPLIST comma seperated IP list forbidden to connect --manager-address ADDR optional server manager UDP address, see wiki - --manager-api-port optional server manager API port - --manager-api-key optional server manager API Authorization key --prefer-ipv6 resolve ipv6 address first General options: diff --git a/shadowsocks/udprelay.py b/shadowsocks/udprelay.py index a3de427..5553ad6 100644 --- a/shadowsocks/udprelay.py +++ b/shadowsocks/udprelay.py @@ -258,13 +258,14 @@ class UDPRelay(object): if not response: return else: - data = cryptor.decrypt_all(self._password, self._method, data) + data, key, iv = cryptor.decrypt_all(self._password, + self._method, data) if not data: return header_result = parse_header(data) if header_result is None: return - addrtype, dest_addr, dest_port, header_length = header_result + # addrtype, dest_addr, dest_port, header_length = header_result response = b'\x00\x00\x00' + data client_addr = self._client_fd_to_server_addr.get(sock.fileno()) if client_addr: