diff --git a/shadowsocks/common.py b/shadowsocks/common.py index ee14995..6c377f5 100644 --- a/shadowsocks/common.py +++ b/shadowsocks/common.py @@ -159,6 +159,11 @@ def pack_addr(address): address = address[:255] # TODO return b'\x03' + chr(len(address)) + address +# add socks5 request header +def add_header(address, port ,data): + header = b'' + header = pack_addr(address) + struct.pack('>H', port) + data + return header def parse_header(data): addrtype = ord(data[0]) diff --git a/shadowsocks/local.py b/shadowsocks/local.py index dfc8032..d737e85 100755 --- a/shadowsocks/local.py +++ b/shadowsocks/local.py @@ -25,6 +25,7 @@ import signal sys.path.insert(0, os.path.join(os.path.dirname(__file__), '../')) from shadowsocks import shell, daemon, eventloop, tcprelay, udprelay, asyncdns +from tunnel import get_tunnel_udp_server @shell.exception_handle(self_=False, exit_code=1) @@ -50,6 +51,9 @@ def main(): dns_resolver.add_to_loop(loop) tcp_server.add_to_loop(loop) udp_server.add_to_loop(loop) + if config["dns_service"]: + tunnel_udp_server = get_tunnel_udp_server(config.copy(), dns_resolver) + tunnel_udp_server.add_to_loop(loop) def handler(signum, _): logging.warn('received SIGQUIT, doing graceful shutting down..') diff --git a/shadowsocks/shell.py b/shadowsocks/shell.py index 3c6676f..8ecfce6 100644 --- a/shadowsocks/shell.py +++ b/shadowsocks/shell.py @@ -159,6 +159,11 @@ def check_config(config, is_local): if 'server_port' in config and type(config['server_port']) != list: config['server_port'] = int(config['server_port']) + if 'dns_server_port' in config: + config['dns_server_port'] = int(config['dns_server_port']) + if 'dns_local_port' in config: + config['dns_local_port'] = int(config['dns_local_port']) + if config.get('local_address', '') in [b'0.0.0.0']: logging.warn('warning: local set to listen on 0.0.0.0, it\'s not safe') if config.get('server', '') in ['127.0.0.1', 'localhost']: @@ -297,6 +302,10 @@ def get_config(is_local): config['one_time_auth'] = config.get('one_time_auth', False) config['prefer_ipv6'] = config.get('prefer_ipv6', False) config['server_port'] = config.get('server_port', 8388) + config['dns_service'] = config.get('dns_service', False) + config['dns_server'] = to_str(config.get('dns_server', "8.8.8.8")) + config['dns_server_port'] = config.get('dns_server_port', 53) + config['dns_local_port'] = config.get('dns_local_port', 53) logging.getLogger('').handlers = [] logging.addLevelName(VERBOSE_LEVEL, 'VERBOSE') diff --git a/shadowsocks/tunnel.py b/shadowsocks/tunnel.py new file mode 100644 index 0000000..442f02c --- /dev/null +++ b/shadowsocks/tunnel.py @@ -0,0 +1,77 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- +# +# Copyright 2012-2015 clowwindy +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. + +from __future__ import absolute_import, division, print_function, \ + with_statement + +import sys +import os +import logging +import signal + +sys.path.insert(0, os.path.join(os.path.dirname(__file__), '../')) +from shadowsocks import shell, daemon, eventloop, tcprelay, udprelay, asyncdns + +def get_tunnel_udp_server(config, dns_resolver): + if config["dns_service"]: + config["local_port"] = config.copy()["dns_local_port"] + logging.info("starting tunnel at %s:%d" % + (config['local_address'], config['local_port'])) + else: + logging.info("dns_service is False") + return + + #tcp_server = tcprelay.TCPRelay(config, dns_resolver, True) + tunnel_udp_server = udprelay.UDPRelay(config, dns_resolver, True) + tunnel_udp_server.is_tunnel = True + return tunnel_udp_server + + +@shell.exception_handle(self_=False, exit_code=1) +def main(): + shell.check_python() + + # fix py2exe + if hasattr(sys, "frozen") and sys.frozen in \ + ("windows_exe", "console_exe"): + p = os.path.dirname(os.path.abspath(sys.executable)) + os.chdir(p) + + config = shell.get_config(True) + daemon.daemon_exec(config) + dns_resolver = asyncdns.DNSResolver() + tunnel_udp_server = get_tunnel_udp_server(config, dns_resolver) + loop = eventloop.EventLoop() + dns_resolver.add_to_loop(loop) + #tcp_server.add_to_loop(loop) + tunnel_udp_server.add_to_loop(loop) + + def handler(signum, _): + logging.warn('received SIGQUIT, doing graceful shutting down..') + #tcp_server.close(next_tick=True) + udp_server.close(next_tick=True) + signal.signal(getattr(signal, 'SIGQUIT', signal.SIGTERM), handler) + + def int_handler(signum, _): + sys.exit(1) + signal.signal(signal.SIGINT, int_handler) + + daemon.set_user(config.get('user', None)) + loop.run() + +if __name__ == '__main__': + main() diff --git a/shadowsocks/udprelay.py b/shadowsocks/udprelay.py index 3a36cff..057cd52 100644 --- a/shadowsocks/udprelay.py +++ b/shadowsocks/udprelay.py @@ -94,6 +94,11 @@ class UDPRelay(object): self._listen_port = config['server_port'] self._remote_addr = None self._remote_port = None + self.dns_service = config.get('dns_service', False) + self.dns_server = config.get('dns_server', "8.8.8.8") + self.dns_server_port = config.get('dns_server_port', 53) + self.dns_local_port = config.get('dns_local_port', 53) + self.is_tunnel = False self._dns_resolver = dns_resolver self._password = common.to_bytes(config['password']) self._method = config['method'] @@ -151,12 +156,18 @@ class UDPRelay(object): if self._stat_callback: self._stat_callback(self._listen_port, len(data)) if self._is_local: - frag = common.ord(data[2]) - if frag != 0: - logging.warn('UDP drop a message since frag is not 0') - return + if self.is_tunnel: + #add socks5 header to data + dns_server = self.dns_server + dns_server_port = self.dns_server_port + data = common.add_header(dns_server, dns_server_port, data) else: - data = data[3:] + frag = common.ord(data[2]) + if frag != 0: + logging.warn('UDP drop a message since frag is not 0') + return + else: + data = data[3:] else: data, key, iv = encrypt.dencrypt_all(self._password, self._method, @@ -171,7 +182,7 @@ class UDPRelay(object): if header_result is None: return addrtype, dest_addr, dest_port, header_length = header_result - + logging.info("udp data to %s:%d from %s:%d" %(dest_addr, dest_port, r_addr[0], r_addr[1])) if self._is_local: server_addr, server_port = self._get_a_server() else: @@ -267,9 +278,14 @@ class UDPRelay(object): if header_result is None: return addrtype, dest_addr, dest_port, header_length = header_result - response = b'\x00\x00\x00' + data + if self.is_tunnel: + # remove socks5 header + response = data[7:] + else: + response = b'\x00\x00\x00' + data client_addr = self._client_fd_to_server_addr.get(sock.fileno()) if client_addr: + logging.debug("send udp response to %s:%d" %(client_addr[0], client_addr[1])) self._server_socket.sendto(response, client_addr) else: # this packet is from somewhere else we know