init

README.md

@@ -1,2 +1,28 @@
 shadowsocks
-===========
+===========
+
+shadowsocks is a lightweight tunnel proxy which can help you get through firewalls
+
+usage
+-----------
+
+Put `server.py` on your server. Edit `server.py`, change the following values:
+
+    PORT          server port
+    KEY           a password to identify clients
+
+Run `python server.py` on your server. To run it in the background, run `setsid python server.py`.
+
+Put `local.py` on your client machine. Edit `local.py`, change these values:
+
+    SERVER  your  your server ip or hostname
+    REMOTE_PORT   server port
+    PORT          local port
+    KEY           a password, it must be the same as the password of your server
+
+Run `python local.py` on your client machine.
+
+Change proxy settings of your browser into
+
+    SOCKS5 127.0.0.1:PORT
+

local.py

@@ -0,0 +1,106 @@
+#!/usr/bin/env python
+
+# Copyright (c) 2012 clowwindy
+#
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to deal
+# in the Software without restriction, including without limitation the rights
+# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+# copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+# SOFTWARE.
+
+SERVER = 'myserver_ip_or_hostname'
+REMOTE_PORT = 8499
+PORT = 1080
+KEY = "foobar!"
+
+import socket
+import select
+import string
+import struct
+import hashlib
+import threading
+import time
+import SocketServer
+
+def get_table(key):
+    m = hashlib.md5.new()
+    m.update(key)
+    s = m.digest()
+    (a, b) = struct.unpack('<QQ', s)
+    table = [c for c in string.maketrans('', '')]
+    for i in xrange(1, 1024):
+        table.sort(lambda x, y: int(a % (ord(x) + i) - a % (ord(y) + i)))
+    return table
+
+encrypt_table = ''.join(get_table(KEY))
+decrypt_table = string.maketrans(encrypt_table, string.maketrans('', ''))
+
+my_lock = threading.Lock()
+
+def lock_print(msg):
+    my_lock.acquire()
+    try:
+        print "[%s]%s" % (time.ctime(), msg)
+    finally:
+        my_lock.release()
+
+
+class ThreadingTCPServer(SocketServer.ThreadingMixIn, SocketServer.TCPServer):
+    pass
+
+
+class Socks5Server(SocketServer.StreamRequestHandler):
+    def encrypt(self, data):
+        return data.translate(encrypt_table)
+
+    def decrypt(self, data):
+        return data.translate(decrypt_table)
+
+    def handle_tcp(self, sock, remote):
+        fdset = [sock, remote]
+        counter = 0
+        while True:
+            r, w, e = select.select(fdset, [], [])
+            if sock in r:
+                r_data = sock.recv(4096)
+                if counter == 1:
+                    try:
+                        lock_print("Connecting " + r_data[5:5 + ord(r_data[4])])
+                    except Exception:
+                        pass
+                if counter < 2:
+                    counter += 1
+                if remote.send(self.encrypt(r_data)) <= 0: break
+            if remote in r:
+                if sock.send(self.decrypt(remote.recv(4096))) <= 0:
+                    break
+
+    def handle(self):
+        try:
+            sock = self.connection
+            remote = socket.socket()
+            remote.connect((SERVER, REMOTE_PORT))
+            self.handle_tcp(sock, remote)
+        except socket.error:
+            lock_print('socket error')
+
+
+def main():
+    print 'Starting proxy at port %d' % PORT
+    server = ThreadingTCPServer(('', PORT), Socks5Server)
+    server.serve_forever()
+
+if __name__ == '__main__':
+    main()

server.py

@@ -0,0 +1,115 @@
+#!/usr/bin/env python
+
+# Copyright (c) 2012 clowwindy
+#
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to deal
+# in the Software without restriction, including without limitation the rights
+# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+# copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+# SOFTWARE.
+
+PORT = 8499
+KEY = "foobar!"
+
+import socket
+import select
+import SocketServer
+import struct
+import string
+import hashlib
+
+def get_table(key):
+    m = hashlib.md5.new()
+    m.update(key)
+    s = m.digest()
+    (a, b) = struct.unpack('<QQ', s)
+    table = [c for c in string.maketrans('', '')]
+    for i in xrange(1, 1024):
+        table.sort(lambda x, y: int(a % (ord(x) + i) - a % (ord(y) + i)))
+    return table
+
+
+class ThreadingTCPServer(SocketServer.ThreadingMixIn, SocketServer.TCPServer):
+    pass
+
+
+class Socks5Server(SocketServer.StreamRequestHandler):
+    def handle_tcp(self, sock, remote):
+        fdset = [sock, remote]
+        while True:
+            r, w, e = select.select(fdset, [], [])
+            if sock in r:
+                if remote.send(self.decrypt(sock.recv(4096))) <= 0: break
+            if remote in r:
+                if sock.send(self.encrypt(remote.recv(4096))) <= 0: break
+
+    def encrypt(self, data):
+        return data.translate(encrypt_table)
+
+    def decrypt(self, data):
+        return data.translate(decrypt_table)
+
+    def send_encrpyt(self, sock, data):
+        sock.send(self.encrypt(data))
+
+    def handle(self):
+        try:
+            print 'socks connection from ', self.client_address
+            sock = self.connection
+            sock.recv(262)
+            self.send_encrpyt(sock, "\x05\x00")
+            data = self.decrypt(self.rfile.read(4))
+            mode = ord(data[1])
+            addrtype = ord(data[3])
+            if addrtype == 1:
+                addr = socket.inet_ntoa(self.decrypt(self.rfile.read(4)))
+            elif addrtype == 3:
+                addr = self.decrypt(self.rfile.read(ord(self.decrypt(sock.recv(1)))))
+            else:
+                # not support
+                return
+            port = struct.unpack('>H', self.decrypt(self.rfile.read(2)))
+            reply = "\x05\x00\x00\x01"
+            try:
+                if mode == 1:
+                    remote = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
+                    remote.connect((addr, port[0]))
+                    local = remote.getsockname()
+                    reply += socket.inet_aton(local[0]) + struct.pack(">H", local[1])
+                    print 'Tcp connect to', addr, port[0]
+                else:
+                    reply = "\x05\x07\x00\x01" # Command not supported
+                    print 'command not supported'
+            except socket.error:
+                # Connection refused
+                reply = '\x05\x05\x00\x01\x00\x00\x00\x00\x00\x00'
+            self.send_encrpyt(sock, reply)
+            if reply[1] == '\x00':
+                if mode == 1:
+                    self.handle_tcp(sock, remote)
+        except socket.error:
+            print 'socket error'
+
+
+def main():
+    server = ThreadingTCPServer(('', PORT), Socks5Server)
+    server.allow_reuse_address = True
+    print "starting server at port %d ..." % PORT
+    server.serve_forever()
+
+if __name__ == '__main__':
+    encrypt_table = ''.join(get_table(KEY))
+    decrypt_table = string.maketrans(encrypt_table, string.maketrans('', ''))
+    main()