vbatts/shadowsocks
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity

fix ota (#609)(#610) (#610)

Browse source
This commit is contained in:
v3aqb 2016-09-04 15:05:15 +08:00 committed by mengskysama
parent f35590b2e2
commit 56bf81f58a
2 changed files with 21 additions and 13 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

20
shadowsocks/tcprelay.py
View file

@ -126,6 +126,7 @@ class TCPRelayHandler(object):
self._ota_enable = True
else:
self._ota_enable = False
self._ota_enable_session = self._ota_enable
self._ota_buff_head = b''
self._ota_buff_data = b''
self._ota_len = 0
@ -247,12 +248,12 @@ class TCPRelayHandler(object):
def _handle_stage_connecting(self, data):
if self._is_local:
if self._ota_enable:
if self._ota_enable_session:
data = self._ota_chunk_data_gen(data)
data = self._encryptor.encrypt(data)
self._data_to_write_to_remote.append(data)
else:
if self._ota_enable:
if self._ota_enable_session:
self._ota_chunk_data(data,
self._data_to_write_to_remote.append)
else:
@ -327,8 +328,11 @@ class TCPRelayHandler(object):
self._client_address[0], self._client_address[1]))
if self._is_local is False:
# spec https://shadowsocks.org/en/spec/one-time-auth.html
if self._ota_enable or addrtype & ADDRTYPE_AUTH:
self._ota_enable = True
self._ota_enable_session = addrtype & ADDRTYPE_AUTH
if self._ota_enable and not self._ota_enable_session:
logging.warn('client one time auth is required')
return
if self._ota_enable_session:
if len(data) < header_length + ONETIMEAUTH_BYTES:
logging.warn('one time auth header is too short')
return None
@ -352,7 +356,7 @@ class TCPRelayHandler(object):
self._local_sock)
# spec https://shadowsocks.org/en/spec/one-time-auth.html
# ATYP & 0x10 == 1, then OTA is enabled.
if self._ota_enable:
if self._ota_enable_session:
data = common.chr(addrtype | ADDRTYPE_AUTH) + data[1:]
key = self._encryptor.cipher_iv + self._encryptor.key
data += onetimeauth_gen(data, key)
@ -362,7 +366,7 @@ class TCPRelayHandler(object):
self._dns_resolver.resolve(self._chosen_server[0],
self._handle_dns_resolved)
else:
if self._ota_enable:
if self._ota_enable_session:
data = data[header_length:]
self._ota_chunk_data(data,
self._data_to_write_to_remote.append)
@ -485,12 +489,12 @@ class TCPRelayHandler(object):
def _handle_stage_stream(self, data):
if self._is_local:
if self._ota_enable:
if self._ota_enable_session:
data = self._ota_chunk_data_gen(data)
data = self._encryptor.encrypt(data)
self._write_to_sock(data, self._remote_sock)
else:
if self._ota_enable:
if self._ota_enable_session:
self._ota_chunk_data(data, self._write_to_sock_remote)
else:
self._write_to_sock(data, self._remote_sock)

14
shadowsocks/udprelay.py
View file

@ -99,9 +99,10 @@ class UDPRelay(object):
self._method = config['method']
self._timeout = config['timeout']
if 'one_time_auth' in config and config['one_time_auth']:
self._one_time_auth_enable = True
self._ota_enable = True
else:
self._one_time_auth_enable = False
self._ota_enable = False
self._ota_enable_session = self._ota_enable
self._is_local = is_local
self._cache = lru_cache.LRUCache(timeout=config['timeout'],
close_callback=self._close_client)
@ -183,8 +184,11 @@ class UDPRelay(object):
else:
server_addr, server_port = dest_addr, dest_port
# spec https://shadowsocks.org/en/spec/one-time-auth.html
if self._one_time_auth_enable or addrtype & ADDRTYPE_AUTH:
self._one_time_auth_enable = True
self._ota_enable_session = addrtype & ADDRTYPE_AUTH
if self._ota_enable and not self._ota_enable_session:
logging.warn('client one time auth is required')
return
if self._ota_enable_session:
if len(data) < header_length + ONETIMEAUTH_BYTES:
logging.warn('UDP one time auth header is too short')
return
@ -226,7 +230,7 @@ class UDPRelay(object):
if self._is_local:
key, iv, m = encrypt.gen_key_iv(self._password, self._method)
# spec https://shadowsocks.org/en/spec/one-time-auth.html
if self._one_time_auth_enable:
if self._ota_enable_session:
data = self._ota_chunk_data_gen(key, iv, data)
data = encrypt.encrypt_all_m(key, iv, m, self._method, data)
if not data: