shadowsocks

package
v1.0.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Nov 6, 2021 License: AGPL-3.0 Imports: 37 Imported by: 1

Documentation

Index

Constants

View Source 
const (
	MaxNonceSize = 12
	ATypeIPv4    = 1
	ATypeDomain  = 3
	ATypeIpv6    = 4
)
View Source 
const (
	// BasicLen is the basic auth length of [salt][encrypted payload length][length tag][encrypted payload][payload tag]
	BasicLen      = 32 + 2 + 16
	TCPBufferSize = 32 * 1024
)
View Source 
const (
	DefaultNatTimeout = 3 * time.Minute
	DnsQueryTimeout   = 17 * time.Second // RFC 5452
)
View Source 
const (
	TCPChunkMaxLen = (1 << (16 - 2)) - 1
)

Variables

View Source 
var (
	CiphersConf = map[string]CipherConf{
		"chacha20-ietf-poly1305": {KeyLen: 32, SaltLen: 32, NonceLen: 12, TagLen: 16, NewCipher: chacha20poly1305.New},
		"chacha20-poly1305":      {KeyLen: 32, SaltLen: 32, NonceLen: 12, TagLen: 16, NewCipher: chacha20poly1305.New},
		"aes-256-gcm":            {KeyLen: 32, SaltLen: 32, NonceLen: 12, TagLen: 16, NewCipher: NewGcm},
		"aes-128-gcm":            {KeyLen: 16, SaltLen: 16, NonceLen: 12, TagLen: 16, NewCipher: NewGcm},
	}
	ZeroNonce  [MaxNonceSize]byte
	ReusedInfo = []byte("ss-subkey")
)
View Source 
var (
	ErrFailAuth       = fmt.Errorf("fail to authenticate")
	ErrFailInitCihper = fmt.Errorf("fail to initiate cipher")
)
View Source 
var (
	ErrPassageAbuse = fmt.Errorf("passage abuse")
	ErrReplayAttack = fmt.Errorf("replay attack")
)
View Source 
var (
	ErrInvalidMetadata = errors.Errorf("invalid metadata")
)

Functions

func BytesSizeForMetadata 

func BytesSizeForMetadata(firstTwoByte []byte) (int, error)

func CalcPaddingLen 

func CalcPaddingLen(masterKey []byte, bodyWithoutAddr []byte, req bool) (length int)

func DecryptUDP 

func DecryptUDP(key Key, shadowBytes []byte) (plainText []byte, err error)

DecryptUDP will decrypt the data in place

func EVPBytesToKey 

func EVPBytesToKey(password string, keyLen int) (key []byte)

func EncryptUDPFromPool 

func EncryptUDPFromPool(key Key, b []byte) (shadowBytes []byte, err error)

EncryptUDPFromPool returns shadowBytes from pool. the shadowBytes MUST be put back.

func EncryptedPayloadLen 

func EncryptedPayloadLen(plainTextLen int, tagLen int) int

func LocalizePassages 

func LocalizePassages(passages []server.Passage) (psgs []Passage, manager *Passage)

func MD5Sum 

func MD5Sum(d []byte) []byte

func New 

func New(valueCtx context.Context, sweetLisaHost config.Lisa, arg server.Argument) (server.Server, error)

func NewGcm 

func NewGcm(key []byte) (cipher.AEAD, error)

Types

type CipherConf 

type CipherConf struct {
	KeyLen    int
	SaltLen   int
	NonceLen  int
	TagLen    int
	NewCipher func(key []byte) (cipher.AEAD, error)
}

func (*CipherConf) Verify 

func (conf *CipherConf) Verify(buf []byte, masterKey []byte, salt []byte, cipherText []byte, subKey *[]byte) ([]byte, bool)

type Key 

type Key struct {
	CipherConf CipherConf
	MasterKey  []byte
}

type Metadata 

type Metadata struct {
	Type       MetadataType
	Hostname   string
	Port       uint16
	Cmd        MetadataCmd
	LenMsgBody uint32
}

func NewMetadata 

func NewMetadata(bytesMetadata []byte) (*Metadata, error)

func (*Metadata) Bytes 

func (meta *Metadata) Bytes() (b []byte)

func (*Metadata) BytesFromPool 

func (meta *Metadata) BytesFromPool() (b []byte)

type MetadataCmd 

type MetadataCmd uint8
const (
	MetadataCmdPing MetadataCmd = iota
	MetadataCmdSyncPassages
	MetadataCmdResponse
)

type MetadataType 

type MetadataType int
const (
	MetadataTypeReserved0 MetadataType = iota
	MetadataTypeIPv4
	MetadataTypeReserved2
	MetadataTypeDomain
	MetadataTypeIPv6
	// MetadataTypeMsg indicates it's a message from SweetLisa.
	// [MetadataType(1)][MetadataCmd(1)]
	MetadataTypeMsg
)

type Passage 

type Passage struct {
	server.Passage
	// contains filtered or unexported fields
}

func (*Passage) Use 

func (p *Passage) Use() (use server.PassageUse)

type SSConn 

type SSConn struct {
	net.Conn
	// contains filtered or unexported fields
}

func NewSSConn 

func NewSSConn(conn net.Conn, conf CipherConf, masterKey []byte) (crw *SSConn, err error)

func (*SSConn) Close 

func (c *SSConn) Close() error

func (*SSConn) GetTurn 

func (c *SSConn) GetTurn(addr Metadata, reqBody []byte) (resp []byte, err error)

GetTurn executes one msg request and get one response like HTTP

func (*SSConn) Read 

func (c *SSConn) Read(b []byte) (n int, err error)

func (*SSConn) ReadMetadata 

func (c *SSConn) ReadMetadata() (metadata *Metadata, err error)

func (*SSConn) Write 

func (c *SSConn) Write(b []byte) (n int, err error)

type Server 

type Server struct {
	// contains filtered or unexported fields
}

func (*Server) AddPassages 

func (s *Server) AddPassages(passages []server.Passage) (err error)

func (*Server) Close 

func (s *Server) Close() error

func (*Server) ContentionCheck added in v0.1.9 

func (s *Server) ContentionCheck(thisIP net.IP, passage *Passage) (err error)

func (*Server) GetOrBuildUCPConn 

func (s *Server) GetOrBuildUCPConn(lAddr net.Addr, data []byte) (rc *net.UDPConn, passage *Passage, plainText []byte, target string, err error)

GetOrBuildUCPConn get a UDP conn from the mapping. plainText is from pool. Please MUST put it back.

func (*Server) GetUserContextOrInsert 

func (s *Server) GetUserContextOrInsert(userIP string) *UserContext

func (*Server) Listen 

func (s *Server) Listen(addr string) (err error)

func (*Server) ListenTCP 

func (s *Server) ListenTCP(addr string) (err error)

func (*Server) ListenUDP 

func (s *Server) ListenUDP(addr string) (err error)

func (*Server) Passages 

func (s *Server) Passages() (passages []server.Passage)

func (*Server) RemovePassages 

func (s *Server) RemovePassages(passages []server.Passage, alsoManager bool) (err error)

func (*Server) SyncPassages 

func (s *Server) SyncPassages(passages []server.Passage) (err error)

type UDPConn 

type UDPConn struct {
	Establishing chan struct{}

	*net.UDPConn
	// contains filtered or unexported fields
}

func NewUDPConn 

func NewUDPConn(conn *net.UDPConn) *UDPConn

type UDPConnMapping 

type UDPConnMapping struct {
	sync.Mutex
	// contains filtered or unexported fields
}

func NewUDPConnMapping 

func NewUDPConnMapping() *UDPConnMapping

func (*UDPConnMapping) Get 

func (m *UDPConnMapping) Get(key string) (conn *UDPConn, ok bool)

func (*UDPConnMapping) Insert 

func (m *UDPConnMapping) Insert(key string, val *net.UDPConn) *UDPConn

pass val=nil for stating it is establishing

func (*UDPConnMapping) Remove 

func (m *UDPConnMapping) Remove(key string)

type UserContext 

type UserContext lrulist.LruList

UserContext is the context of a user which indicates the preferred servers

func NewUserContext 

func NewUserContext(passages []Passage) *UserContext

func (*UserContext) Auth 

func (ctx *UserContext) Auth(probe func(Passage) ([]byte, bool)) (hit *Passage, content []byte)

func (*UserContext) Close 

func (ctx *UserContext) Close() error

func (*UserContext) Infra 

func (ctx *UserContext) Infra() *lrulist.LruList

type UserContextPool 

type UserContextPool lru.LRU

UserContextPool is a pool which saves the UserContext and eliminates unused UserContext over time

func (*UserContextPool) Infra 

func (pool *UserContextPool) Infra() *lru.LRU

type WriteCloser added in v1.0.0 

type WriteCloser interface {
	CloseWrite() error
}

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.