vbatts/shadowsocks
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity

change default protocol settings, refine auth_aes128_* for redir method

Browse source
This commit is contained in:
破娃酱 2016-12-30 11:22:24 +08:00
parent 19d0034ba9
commit 486c007928
3 changed files with 4 additions and 20 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
config.json
View file

@ -8,7 +8,7 @@
"timeout": 120, "timeout": 120,
"udp_timeout": 60, "udp_timeout": 60,
"method": "aes-256-cfb", "method": "aes-256-cfb",
"protocol": "auth_sha1_v4_compatible", "protocol": "auth_sha1_v4",
"protocol_param": "", "protocol_param": "",
"obfs": "tls1.2_ticket_auth_compatible", "obfs": "tls1.2_ticket_auth_compatible",
"obfs_param": "", "obfs_param": "",

9
mujson_mgr.py
View file

@ -92,7 +92,7 @@ class MuMgr(object):
def add(self, user): def add(self, user):
up = {'enable': 1, 'u': 0, 'd': 0, 'method': "aes-128-cfb", up = {'enable': 1, 'u': 0, 'd': 0, 'method': "aes-128-cfb",
'protocol': "auth_sha1_v4_compatible", 'protocol': "auth_sha1_v4",
'obfs': "tls1.2_ticket_auth_compatible", 'obfs': "tls1.2_ticket_auth_compatible",
'transfer_enable': 1125899906842624} 'transfer_enable': 1125899906842624}
up['passwd'] = self.rand_pass() up['passwd'] = self.rand_pass()
@ -187,7 +187,7 @@ Options:
-p PORT server port -p PORT server port
-k PASSWORD password -k PASSWORD password
-m METHOD encryption method, default: aes-128-cfb -m METHOD encryption method, default: aes-128-cfb
-O PROTOCOL protocol plugin, default: auth_sha1_v2_compatible -O PROTOCOL protocol plugin, default: auth_sha1_v4
-o OBFS obfs plugin, default: tls1.2_ticket_auth_compatible -o OBFS obfs plugin, default: tls1.2_ticket_auth_compatible
-G PROTOCOL_PARAM protocol plugin param -G PROTOCOL_PARAM protocol plugin param
-g OBFS_PARAM obfs plugin param -g OBFS_PARAM obfs plugin param
@ -211,16 +211,11 @@ def main():
fast_set_protocol = {'0': 'origin', fast_set_protocol = {'0': 'origin',
'+1': 'verify_sha1_compatible', '+1': 'verify_sha1_compatible',
'1': 'verify_sha1', '1': 'verify_sha1',
'+2': 'auth_sha1_compatible',
'2': 'auth_sha1', '2': 'auth_sha1',
'+3': 'auth_sha1_v2_compatible',
'3': 'auth_sha1_v2', '3': 'auth_sha1_v2',
'+4': 'auth_sha1_v4_compatible',
'4': 'auth_sha1_v4', '4': 'auth_sha1_v4',
'am': 'auth_aes128_md5', 'am': 'auth_aes128_md5',
'as': 'auth_aes128_sha1', 'as': 'auth_aes128_sha1',
'+am': 'auth_aes128_md5_compatible',
'+as': 'auth_aes128_sha1_compatible'
} }
fast_set_method = {'a0': 'aes-128-cfb', fast_set_method = {'a0': 'aes-128-cfb',
'a1': 'aes-192-cfb', 'a1': 'aes-192-cfb',

11
shadowsocks/obfsplugin/auth.py
View file

@ -81,7 +81,6 @@ class auth_base(plain.plain):
def __init__(self, method): def __init__(self, method):
super(auth_base, self).__init__(method) super(auth_base, self).__init__(method)
self.method = method self.method = method
self.no_compatible_method = ''
def init_data(self): def init_data(self):
return '' return ''
@ -103,9 +102,7 @@ class auth_base(plain.plain):
def not_match_return(self, buf): def not_match_return(self, buf):
self.raw_trans = True self.raw_trans = True
if self.method == self.no_compatible_method:
return (b'E'*2048, False) return (b'E'*2048, False)
return (buf, False)
class client_queue(object): class client_queue(object):
def __init__(self, begin_id): def __init__(self, begin_id):
@ -214,7 +211,6 @@ class auth_sha1(auth_base):
self.client_id = 0 self.client_id = 0
self.connection_id = 0 self.connection_id = 0
self.max_time_dif = 60 * 60 # time dif (second) setting self.max_time_dif = 60 * 60 # time dif (second) setting
self.no_compatible_method = 'auth_sha1'
def init_data(self): def init_data(self):
return obfs_auth_data() return obfs_auth_data()
@ -436,7 +432,6 @@ class auth_sha1_v2(auth_base):
self.client_id = 0 self.client_id = 0
self.connection_id = 0 self.connection_id = 0
self.salt = b"auth_sha1_v2" self.salt = b"auth_sha1_v2"
self.no_compatible_method = 'auth_sha1_v2'
def init_data(self): def init_data(self):
return obfs_auth_v2_data() return obfs_auth_v2_data()
@ -638,7 +633,6 @@ class auth_sha1_v3(auth_base):
self.connection_id = 0 self.connection_id = 0
self.max_time_dif = 60 * 60 * 24 # time dif (second) setting self.max_time_dif = 60 * 60 * 24 # time dif (second) setting
self.salt = b"auth_sha1_v3" self.salt = b"auth_sha1_v3"
self.no_compatible_method = 'auth_sha1_v3'
def init_data(self): def init_data(self):
return obfs_auth_v2_data() return obfs_auth_v2_data()
@ -847,7 +841,6 @@ class auth_sha1_v4(auth_base):
self.connection_id = 0 self.connection_id = 0
self.max_time_dif = 60 * 60 * 24 # time dif (second) setting self.max_time_dif = 60 * 60 * 24 # time dif (second) setting
self.salt = b"auth_sha1_v4" self.salt = b"auth_sha1_v4"
self.no_compatible_method = 'auth_sha1_v4'
def init_data(self): def init_data(self):
return obfs_auth_v2_data() return obfs_auth_v2_data()
@ -1072,7 +1065,6 @@ class auth_aes128(auth_base):
self.connection_id = 0 self.connection_id = 0
self.max_time_dif = 60 * 60 * 24 # time dif (second) setting self.max_time_dif = 60 * 60 * 24 # time dif (second) setting
self.salt = b"auth_aes128" self.salt = b"auth_aes128"
self.no_compatible_method = 'auth_aes128'
self.extra_wait_size = struct.unpack('>H', os.urandom(2))[0] % 1024 self.extra_wait_size = struct.unpack('>H', os.urandom(2))[0] % 1024
self.pack_id = 0 self.pack_id = 0
self.recv_id = 0 self.recv_id = 0
@ -1479,9 +1471,6 @@ class auth_aes128_sha1(auth_base):
mac_key = self.server_info.recv_iv + self.server_info.key mac_key = self.server_info.recv_iv + self.server_info.key
sha1data = hmac.new(mac_key, self.recv_buf[:1], self.hashfunc).digest()[:6] sha1data = hmac.new(mac_key, self.recv_buf[:1], self.hashfunc).digest()[:6]
if sha1data != self.recv_buf[1:7]: if sha1data != self.recv_buf[1:7]:
if self.method == self.no_compatible_method:
if len(self.recv_buf) < 31 + self.extra_wait_size:
return (b'', False)
return self.not_match_return(self.recv_buf) return self.not_match_return(self.recv_buf)
if len(self.recv_buf) < 31: if len(self.recv_buf) < 31: