Server side OTA settings in shadowsocks

pull/314/head
Darien Raymond 8 years ago
parent 22379e5a6b
commit 470e35849f
No known key found for this signature in database
GPG Key ID: 7251FFA14BB18169

@ -56,7 +56,7 @@ func ReadTCPSession(user *protocol.User, reader io.Reader) (*protocol.RequestHea
lenBuffer := 1 lenBuffer := 1
_, err = io.ReadFull(reader, buffer.Value[:1]) _, err = io.ReadFull(reader, buffer.Value[:1])
if err != nil { if err != nil {
return nil, nil, errors.New("Sahdowsocks|TCP: Failed to read address type: " + err.Error()) return nil, nil, errors.New("Shadowsocks|TCP: Failed to read address type: " + err.Error())
} }
addrType := (buffer.Value[0] & 0x0F) addrType := (buffer.Value[0] & 0x0F)
@ -64,6 +64,14 @@ func ReadTCPSession(user *protocol.User, reader io.Reader) (*protocol.RequestHea
request.Option |= RequestOptionOneTimeAuth request.Option |= RequestOptionOneTimeAuth
} }
if request.Option.Has(RequestOptionOneTimeAuth) && account.OneTimeAuth == Account_Disabled {
return nil, nil, errors.New("Shadowsocks|TCP: Rejecting connection with OTA enabled, while server disables OTA.")
}
if !request.Option.Has(RequestOptionOneTimeAuth) && account.OneTimeAuth == Account_Enabled {
return nil, nil, errors.New("Shadowsocks|TCP: Rejecting connection with OTA disabled, while server enables OTA.")
}
switch addrType { switch addrType {
case AddrTypeIPv4: case AddrTypeIPv4:
_, err := io.ReadFull(reader, buffer.Value[lenBuffer:lenBuffer+4]) _, err := io.ReadFull(reader, buffer.Value[lenBuffer:lenBuffer+4])
@ -308,6 +316,14 @@ func DecodeUDPPacket(user *protocol.User, payload *alloc.Buffer) (*protocol.Requ
request.Option |= RequestOptionOneTimeAuth request.Option |= RequestOptionOneTimeAuth
} }
if request.Option.Has(RequestOptionOneTimeAuth) && account.OneTimeAuth == Account_Disabled {
return nil, nil, errors.New("Shadowsocks|UDP: Rejecting packet with OTA enabled, while server disables OTA.")
}
if !request.Option.Has(RequestOptionOneTimeAuth) && account.OneTimeAuth == Account_Enabled {
return nil, nil, errors.New("Shadowsocks|UDP: Rejecting packet with OTA disabled, while server enables OTA.")
}
if request.Option.Has(RequestOptionOneTimeAuth) { if request.Option.Has(RequestOptionOneTimeAuth) {
payloadLen := payload.Len() - AuthSize payloadLen := payload.Len() - AuthSize
authBytes := payload.Value[payloadLen:] authBytes := payload.Value[payloadLen:]

@ -15,6 +15,7 @@ type ShadowsocksServerConfig struct {
UDP bool `json:"udp"` UDP bool `json:"udp"`
Level byte `json:"level"` Level byte `json:"level"`
Email string `json:"email"` Email string `json:"email"`
OTA *bool `json:"ota"`
} }
func (this *ShadowsocksServerConfig) Build() (*loader.TypedSettings, error) { func (this *ShadowsocksServerConfig) Build() (*loader.TypedSettings, error) {
@ -28,6 +29,13 @@ func (this *ShadowsocksServerConfig) Build() (*loader.TypedSettings, error) {
Password: this.Password, Password: this.Password,
Ota: shadowsocks.Account_Auto, Ota: shadowsocks.Account_Auto,
} }
if this.OTA != nil {
if *this.OTA {
account.Ota = shadowsocks.Account_Enabled
} else {
account.Ota = shadowsocks.Account_Disabled
}
}
cipher := strings.ToLower(this.Cipher) cipher := strings.ToLower(this.Cipher)
switch cipher { switch cipher {
case "aes-256-cfb": case "aes-256-cfb":

Loading…
Cancel
Save