vbatts/shadowsocks
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity

Merge pull request #2 from breakwa11/manyuser

Browse source 
fork Manyuser
This commit is contained in:
Falseen 2015-09-06 19:18:41 +08:00
commit 401da7815f
3 changed files with 63 additions and 14 deletions
Download patch file Download diff file Expand all files Collapse all files

21
shadowsocks/common.py
View file

@ -21,7 +21,7 @@ from __future__ import absolute_import, division, print_function, \
import socket
import struct
import logging
import binascii
def compat_ord(s):
if type(s) == int:
@ -140,7 +140,7 @@ def pack_addr(address):
def pre_parse_header(data):
datatype = ord(data[0])
if datatype == 0x80 :
if datatype == 0x80:
if len(data) <= 2:
return None
rand_data_size = ord(data[1])
@ -151,7 +151,7 @@ def pre_parse_header(data):
data = data[rand_data_size + 2:]
elif datatype == 0x81:
data = data[1:]
elif datatype == 0x82 :
elif datatype == 0x82:
if len(data) <= 3:
return None
rand_data_size = struct.unpack('>H', data[1:3])[0]
@ -160,6 +160,21 @@ def pre_parse_header(data):
'encryption method')
return None
data = data[rand_data_size + 3:]
elif datatype == 0x88:
if len(data) <= 7 + 7:
return None
data_size = struct.unpack('>H', data[1:3])[0]
ogn_data = data
data = data[:data_size]
crc = binascii.crc32(data) & 0xffffffff
if crc != 0xffffffff:
logging.warn('uncorrect CRC32, maybe wrong password or '
'encryption method')
return None
start_pos = 3 + ord(data[3])
data = data[start_pos:-4]
if data_size < len(ogn_data):
data += ogn_data[data_size:]
return data
def parse_header(data):

6
shadowsocks/encrypt.py
View file

@ -21,7 +21,6 @@ import os
import sys
import hashlib
import logging
import random
from shadowsocks import common
from shadowsocks.crypto import rc4_md5, openssl, sodium, table
@ -35,10 +34,7 @@ method_supported.update(table.ciphers)
def random_string(length):
try:
return os.urandom(length)
except (AttributeError, NotImplementedError):
return ''.join(chr(random.randrange(255)) for _ in range(length))
return os.urandom(length)
cached_keys = {}

50
shadowsocks/tcprelay.py
View file

@ -30,6 +30,10 @@ import random
from shadowsocks import encrypt, eventloop, shell, common
from shadowsocks.common import pre_parse_header, parse_header
# set it 'False' to use both new protocol and the original shadowsocks protocal
# set it 'True' to use new protocol ONLY, to avoid GFW detecting
FORCE_NEW_PROTOCOL = False
# we clear at most TIMEOUTS_CLEAN_SIZE timeouts each time
TIMEOUTS_CLEAN_SIZE = 512
@ -110,6 +114,7 @@ class TCPRelayHandler(object):
self._stage = STAGE_INIT
self._encryptor = encrypt.Encryptor(config['password'],
config['method'])
self._encrypt_correct = True
self._fastopen_connected = False
self._data_to_write_to_local = []
self._data_to_write_to_remote = []
@ -277,6 +282,31 @@ class TCPRelayHandler(object):
logging.error('write_all_to_sock:unknown socket')
return True
def _get_redirect_host(self, client_address, ogn_data):
# test
host_list = [("www.bing.com", 80), ("www.microsoft.com", 80), ("www.baidu.com", 443), ("www.qq.com", 80), ("www.csdn.net", 80), ("1.2.3.4", 1000)]
hash_code = binascii.crc32(ogn_data)
addrs = socket.getaddrinfo(client_address[0], client_address[1], 0, socket.SOCK_STREAM, socket.SOL_TCP)
af, socktype, proto, canonname, sa = addrs[0]
address_bytes = common.inet_pton(af, sa[0])
if len(address_bytes) == 16:
addr = struct.unpack('>Q', address_bytes[8:])[0]
if len(address_bytes) == 4:
addr = struct.unpack('>I', address_bytes)[0]
else:
addr = 0
return host_list[((hash_code & 0xffffffff) + addr + 3) % len(host_list)]
def _handel_protocol_error(self, client_address, ogn_data):
logging.warn("Protocol ERROR, TCP ogn data %s" % (binascii.hexlify(ogn_data), ))
self._encrypt_correct = False
#create redirect or disconnect by hash code
host, port = self._get_redirect_host(client_address, ogn_data)
data = "\x03" + chr(len(host)) + host + struct.pack('>H', port)
logging.warn("TCP data redir %s:%d %s" % (host, port, binascii.hexlify(data)))
#raise Exception('can not parse header')
return data + ogn_data
def _handle_stage_connecting(self, data):
if self._is_local:
data = self._encryptor.encrypt(data)
@ -315,7 +345,7 @@ class TCPRelayHandler(object):
traceback.print_exc()
self.destroy()
def _handle_stage_addr(self, data):
def _handle_stage_addr(self, ogn_data, data):
try:
if self._is_local:
cmd = common.ord(data[1])
@ -341,12 +371,17 @@ class TCPRelayHandler(object):
logging.error('unknown command %d', cmd)
self.destroy()
return
before_parse_data = data
if FORCE_NEW_PROTOCOL and ord(data[0]) != 0x88:
data = self._handel_protocol_error(self._client_address, ogn_data)
data = pre_parse_header(data)
if data is None:
raise Exception('can not parse header')
data = self._handel_protocol_error(self._client_address, ogn_data)
header_result = parse_header(data)
if header_result is None:
raise Exception('can not parse header')
data = self._handel_protocol_error(self._client_address, ogn_data)
header_result = parse_header(data)
connecttype, remote_addr, remote_port, header_length = header_result
logging.info('%s connecting %s:%d from %s:%d' %
((connecttype == 0) and 'TCP' or 'UDP',
@ -491,9 +526,11 @@ class TCPRelayHandler(object):
if not data:
self.destroy()
return
ogn_data = data
self._update_activity(len(data))
if not is_local:
data = self._encryptor.decrypt(data)
if self._encrypt_correct:
data = self._encryptor.decrypt(data)
if not data:
return
self._server.server_transfer_ul += len(data)
@ -511,7 +548,7 @@ class TCPRelayHandler(object):
self._handle_stage_connecting(data)
elif (is_local and self._stage == STAGE_ADDR) or \
(not is_local and self._stage == STAGE_INIT):
self._handle_stage_addr(data)
self._handle_stage_addr(ogn_data, data)
def _on_remote_read(self, is_remote_sock):
# handle all remote read events
@ -545,7 +582,8 @@ class TCPRelayHandler(object):
if self._is_local:
data = self._encryptor.decrypt(data)
else:
data = self._encryptor.encrypt(data)
if self._encrypt_correct:
data = self._encryptor.encrypt(data)
try:
self._write_to_sock(data, self._local_sock)
except Exception as e: