From 9f344fa1c928f35e39a0d722bce8eb360bd080cd Mon Sep 17 00:00:00 2001 From: Kslr Date: Fri, 2 Oct 2020 16:13:31 +0800 Subject: [PATCH] remove shadowsosks ota (#238) * remove shadowsosks ota * remove unused buf.Reader --- infra/conf/shadowsocks.go | 13 -- proxy/shadowsocks/client.go | 6 +- proxy/shadowsocks/config.go | 2 - proxy/shadowsocks/config.pb.go | 184 +++++++++----------------- proxy/shadowsocks/config.proto | 6 - proxy/shadowsocks/ota.go | 132 ------------------ proxy/shadowsocks/ota_test.go | 37 ------ proxy/shadowsocks/protocol.go | 108 +-------------- proxy/shadowsocks/protocol_test.go | 5 - proxy/shadowsocks/server.go | 13 -- proxy/shadowsocks/shadowsocks.go | 8 -- testing/scenarios/shadowsocks_test.go | 4 - 12 files changed, 62 insertions(+), 456 deletions(-) delete mode 100644 proxy/shadowsocks/ota.go delete mode 100644 proxy/shadowsocks/ota_test.go diff --git a/infra/conf/shadowsocks.go b/infra/conf/shadowsocks.go index efd62f12..b56c8710 100644 --- a/infra/conf/shadowsocks.go +++ b/infra/conf/shadowsocks.go @@ -39,7 +39,6 @@ type ShadowsocksServerConfig struct { UDP bool `json:"udp"` Level byte `json:"level"` Email string `json:"email"` - OTA *bool `json:"ota"` NetworkList *NetworkList `json:"network"` } @@ -53,14 +52,6 @@ func (v *ShadowsocksServerConfig) Build() (proto.Message, error) { } account := &shadowsocks.Account{ Password: v.Password, - Ota: shadowsocks.Account_Auto, - } - if v.OTA != nil { - if *v.OTA { - account.Ota = shadowsocks.Account_Enabled - } else { - account.Ota = shadowsocks.Account_Disabled - } } account.CipherType = cipherFromString(v.Cipher) if account.CipherType == shadowsocks.CipherType_UNKNOWN { @@ -110,10 +101,6 @@ func (v *ShadowsocksClientConfig) Build() (proto.Message, error) { } account := &shadowsocks.Account{ Password: server.Password, - Ota: shadowsocks.Account_Enabled, - } - if !server.Ota { - account.Ota = shadowsocks.Account_Disabled } account.CipherType = cipherFromString(server.Cipher) if account.CipherType == shadowsocks.CipherType_UNKNOWN { diff --git a/proxy/shadowsocks/client.go b/proxy/shadowsocks/client.go index 3823f3cc..012e595f 100644 --- a/proxy/shadowsocks/client.go +++ b/proxy/shadowsocks/client.go @@ -90,16 +90,12 @@ func (c *Client) Process(ctx context.Context, link *transport.Link, dialer inter } user := server.PickUser() - account, ok := user.Account.(*MemoryAccount) + _, ok := user.Account.(*MemoryAccount) if !ok { return newError("user account is not valid") } request.User = user - if account.OneTimeAuth == Account_Auto || account.OneTimeAuth == Account_Enabled { - request.Option |= RequestOptionOneTimeAuth - } - sessionPolicy := c.policyManager.ForLevel(user.Level) ctx, cancel := context.WithCancel(ctx) timer := signal.CancelAfterInactivity(ctx, cancel, sessionPolicy.Timeouts.ConnectionIdle) diff --git a/proxy/shadowsocks/config.go b/proxy/shadowsocks/config.go index 0bcdcac3..45452cd6 100644 --- a/proxy/shadowsocks/config.go +++ b/proxy/shadowsocks/config.go @@ -21,7 +21,6 @@ import ( type MemoryAccount struct { Cipher Cipher Key []byte - OneTimeAuth Account_OneTimeAuth } // Equals implements protocol.Account.Equals(). @@ -90,7 +89,6 @@ func (a *Account) AsAccount() (protocol.Account, error) { return &MemoryAccount{ Cipher: cipher, Key: passwordToCipherKey([]byte(a.Password), cipher.KeySize()), - OneTimeAuth: a.Ota, }, nil } diff --git a/proxy/shadowsocks/config.pb.go b/proxy/shadowsocks/config.pb.go index 1d2ee460..1cd19a51 100644 --- a/proxy/shadowsocks/config.pb.go +++ b/proxy/shadowsocks/config.pb.go @@ -94,63 +94,13 @@ func (CipherType) EnumDescriptor() ([]byte, []int) { return file_proxy_shadowsocks_config_proto_rawDescGZIP(), []int{0} } -type Account_OneTimeAuth int32 - -const ( - Account_Auto Account_OneTimeAuth = 0 - Account_Disabled Account_OneTimeAuth = 1 - Account_Enabled Account_OneTimeAuth = 2 -) - -// Enum value maps for Account_OneTimeAuth. -var ( - Account_OneTimeAuth_name = map[int32]string{ - 0: "Auto", - 1: "Disabled", - 2: "Enabled", - } - Account_OneTimeAuth_value = map[string]int32{ - "Auto": 0, - "Disabled": 1, - "Enabled": 2, - } -) - -func (x Account_OneTimeAuth) Enum() *Account_OneTimeAuth { - p := new(Account_OneTimeAuth) - *p = x - return p -} - -func (x Account_OneTimeAuth) String() string { - return protoimpl.X.EnumStringOf(x.Descriptor(), protoreflect.EnumNumber(x)) -} - -func (Account_OneTimeAuth) Descriptor() protoreflect.EnumDescriptor { - return file_proxy_shadowsocks_config_proto_enumTypes[1].Descriptor() -} - -func (Account_OneTimeAuth) Type() protoreflect.EnumType { - return &file_proxy_shadowsocks_config_proto_enumTypes[1] -} - -func (x Account_OneTimeAuth) Number() protoreflect.EnumNumber { - return protoreflect.EnumNumber(x) -} - -// Deprecated: Use Account_OneTimeAuth.Descriptor instead. -func (Account_OneTimeAuth) EnumDescriptor() ([]byte, []int) { - return file_proxy_shadowsocks_config_proto_rawDescGZIP(), []int{0, 0} -} - type Account struct { state protoimpl.MessageState sizeCache protoimpl.SizeCache unknownFields protoimpl.UnknownFields - Password string `protobuf:"bytes,1,opt,name=password,proto3" json:"password,omitempty"` - CipherType CipherType `protobuf:"varint,2,opt,name=cipher_type,json=cipherType,proto3,enum=v2ray.core.proxy.shadowsocks.CipherType" json:"cipher_type,omitempty"` - Ota Account_OneTimeAuth `protobuf:"varint,3,opt,name=ota,proto3,enum=v2ray.core.proxy.shadowsocks.Account_OneTimeAuth" json:"ota,omitempty"` + Password string `protobuf:"bytes,1,opt,name=password,proto3" json:"password,omitempty"` + CipherType CipherType `protobuf:"varint,2,opt,name=cipher_type,json=cipherType,proto3,enum=v2ray.core.proxy.shadowsocks.CipherType" json:"cipher_type,omitempty"` } func (x *Account) Reset() { @@ -199,13 +149,6 @@ func (x *Account) GetCipherType() CipherType { return CipherType_UNKNOWN } -func (x *Account) GetOta() Account_OneTimeAuth { - if x != nil { - return x.Ota - } - return Account_Auto -} - type ServerConfig struct { state protoimpl.MessageState sizeCache protoimpl.SizeCache @@ -333,54 +276,47 @@ var file_proxy_shadowsocks_config_proto_rawDesc = []byte{ 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x63, 0x6f, 0x6c, 0x2f, 0x75, 0x73, 0x65, 0x72, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x21, 0x63, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x63, 0x6f, 0x6c, 0x2f, 0x73, 0x65, 0x72, 0x76, 0x65, 0x72, 0x5f, 0x73, 0x70, 0x65, - 0x63, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x22, 0xe9, 0x01, 0x0a, 0x07, 0x41, 0x63, 0x63, 0x6f, - 0x75, 0x6e, 0x74, 0x12, 0x1a, 0x0a, 0x08, 0x70, 0x61, 0x73, 0x73, 0x77, 0x6f, 0x72, 0x64, 0x18, - 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x08, 0x70, 0x61, 0x73, 0x73, 0x77, 0x6f, 0x72, 0x64, 0x12, - 0x49, 0x0a, 0x0b, 0x63, 0x69, 0x70, 0x68, 0x65, 0x72, 0x5f, 0x74, 0x79, 0x70, 0x65, 0x18, 0x02, - 0x20, 0x01, 0x28, 0x0e, 0x32, 0x28, 0x2e, 0x76, 0x32, 0x72, 0x61, 0x79, 0x2e, 0x63, 0x6f, 0x72, - 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x2e, 0x73, 0x68, 0x61, 0x64, 0x6f, 0x77, 0x73, 0x6f, - 0x63, 0x6b, 0x73, 0x2e, 0x43, 0x69, 0x70, 0x68, 0x65, 0x72, 0x54, 0x79, 0x70, 0x65, 0x52, 0x0a, - 0x63, 0x69, 0x70, 0x68, 0x65, 0x72, 0x54, 0x79, 0x70, 0x65, 0x12, 0x43, 0x0a, 0x03, 0x6f, 0x74, - 0x61, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0e, 0x32, 0x31, 0x2e, 0x76, 0x32, 0x72, 0x61, 0x79, 0x2e, - 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x2e, 0x73, 0x68, 0x61, 0x64, 0x6f, - 0x77, 0x73, 0x6f, 0x63, 0x6b, 0x73, 0x2e, 0x41, 0x63, 0x63, 0x6f, 0x75, 0x6e, 0x74, 0x2e, 0x4f, - 0x6e, 0x65, 0x54, 0x69, 0x6d, 0x65, 0x41, 0x75, 0x74, 0x68, 0x52, 0x03, 0x6f, 0x74, 0x61, 0x22, - 0x32, 0x0a, 0x0b, 0x4f, 0x6e, 0x65, 0x54, 0x69, 0x6d, 0x65, 0x41, 0x75, 0x74, 0x68, 0x12, 0x08, - 0x0a, 0x04, 0x41, 0x75, 0x74, 0x6f, 0x10, 0x00, 0x12, 0x0c, 0x0a, 0x08, 0x44, 0x69, 0x73, 0x61, - 0x62, 0x6c, 0x65, 0x64, 0x10, 0x01, 0x12, 0x0b, 0x0a, 0x07, 0x45, 0x6e, 0x61, 0x62, 0x6c, 0x65, - 0x64, 0x10, 0x02, 0x22, 0xa3, 0x01, 0x0a, 0x0c, 0x53, 0x65, 0x72, 0x76, 0x65, 0x72, 0x43, 0x6f, - 0x6e, 0x66, 0x69, 0x67, 0x12, 0x23, 0x0a, 0x0b, 0x75, 0x64, 0x70, 0x5f, 0x65, 0x6e, 0x61, 0x62, - 0x6c, 0x65, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x08, 0x42, 0x02, 0x18, 0x01, 0x52, 0x0a, 0x75, - 0x64, 0x70, 0x45, 0x6e, 0x61, 0x62, 0x6c, 0x65, 0x64, 0x12, 0x34, 0x0a, 0x04, 0x75, 0x73, 0x65, - 0x72, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x20, 0x2e, 0x76, 0x32, 0x72, 0x61, 0x79, 0x2e, - 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x63, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x2e, 0x70, 0x72, 0x6f, 0x74, - 0x6f, 0x63, 0x6f, 0x6c, 0x2e, 0x55, 0x73, 0x65, 0x72, 0x52, 0x04, 0x75, 0x73, 0x65, 0x72, 0x12, - 0x38, 0x0a, 0x07, 0x6e, 0x65, 0x74, 0x77, 0x6f, 0x72, 0x6b, 0x18, 0x03, 0x20, 0x03, 0x28, 0x0e, - 0x32, 0x1e, 0x2e, 0x76, 0x32, 0x72, 0x61, 0x79, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x63, 0x6f, - 0x6d, 0x6d, 0x6f, 0x6e, 0x2e, 0x6e, 0x65, 0x74, 0x2e, 0x4e, 0x65, 0x74, 0x77, 0x6f, 0x72, 0x6b, - 0x52, 0x07, 0x6e, 0x65, 0x74, 0x77, 0x6f, 0x72, 0x6b, 0x22, 0x52, 0x0a, 0x0c, 0x43, 0x6c, 0x69, - 0x65, 0x6e, 0x74, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x42, 0x0a, 0x06, 0x73, 0x65, 0x72, - 0x76, 0x65, 0x72, 0x18, 0x01, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x2a, 0x2e, 0x76, 0x32, 0x72, 0x61, - 0x79, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x63, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x2e, 0x70, 0x72, - 0x6f, 0x74, 0x6f, 0x63, 0x6f, 0x6c, 0x2e, 0x53, 0x65, 0x72, 0x76, 0x65, 0x72, 0x45, 0x6e, 0x64, - 0x70, 0x6f, 0x69, 0x6e, 0x74, 0x52, 0x06, 0x73, 0x65, 0x72, 0x76, 0x65, 0x72, 0x2a, 0x9f, 0x01, - 0x0a, 0x0a, 0x43, 0x69, 0x70, 0x68, 0x65, 0x72, 0x54, 0x79, 0x70, 0x65, 0x12, 0x0b, 0x0a, 0x07, - 0x55, 0x4e, 0x4b, 0x4e, 0x4f, 0x57, 0x4e, 0x10, 0x00, 0x12, 0x0f, 0x0a, 0x0b, 0x41, 0x45, 0x53, - 0x5f, 0x31, 0x32, 0x38, 0x5f, 0x43, 0x46, 0x42, 0x10, 0x01, 0x12, 0x0f, 0x0a, 0x0b, 0x41, 0x45, - 0x53, 0x5f, 0x32, 0x35, 0x36, 0x5f, 0x43, 0x46, 0x42, 0x10, 0x02, 0x12, 0x0c, 0x0a, 0x08, 0x43, - 0x48, 0x41, 0x43, 0x48, 0x41, 0x32, 0x30, 0x10, 0x03, 0x12, 0x11, 0x0a, 0x0d, 0x43, 0x48, 0x41, - 0x43, 0x48, 0x41, 0x32, 0x30, 0x5f, 0x49, 0x45, 0x54, 0x46, 0x10, 0x04, 0x12, 0x0f, 0x0a, 0x0b, - 0x41, 0x45, 0x53, 0x5f, 0x31, 0x32, 0x38, 0x5f, 0x47, 0x43, 0x4d, 0x10, 0x05, 0x12, 0x0f, 0x0a, - 0x0b, 0x41, 0x45, 0x53, 0x5f, 0x32, 0x35, 0x36, 0x5f, 0x47, 0x43, 0x4d, 0x10, 0x06, 0x12, 0x15, - 0x0a, 0x11, 0x43, 0x48, 0x41, 0x43, 0x48, 0x41, 0x32, 0x30, 0x5f, 0x50, 0x4f, 0x4c, 0x59, 0x31, - 0x33, 0x30, 0x35, 0x10, 0x07, 0x12, 0x08, 0x0a, 0x04, 0x4e, 0x4f, 0x4e, 0x45, 0x10, 0x08, 0x42, - 0x65, 0x0a, 0x20, 0x63, 0x6f, 0x6d, 0x2e, 0x76, 0x32, 0x72, 0x61, 0x79, 0x2e, 0x63, 0x6f, 0x72, - 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x2e, 0x73, 0x68, 0x61, 0x64, 0x6f, 0x77, 0x73, 0x6f, - 0x63, 0x6b, 0x73, 0x50, 0x01, 0x5a, 0x20, 0x76, 0x32, 0x72, 0x61, 0x79, 0x2e, 0x63, 0x6f, 0x6d, - 0x2f, 0x63, 0x6f, 0x72, 0x65, 0x2f, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x2f, 0x73, 0x68, 0x61, 0x64, - 0x6f, 0x77, 0x73, 0x6f, 0x63, 0x6b, 0x73, 0xaa, 0x02, 0x1c, 0x56, 0x32, 0x52, 0x61, 0x79, 0x2e, - 0x43, 0x6f, 0x72, 0x65, 0x2e, 0x50, 0x72, 0x6f, 0x78, 0x79, 0x2e, 0x53, 0x68, 0x61, 0x64, 0x6f, - 0x77, 0x73, 0x6f, 0x63, 0x6b, 0x73, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33, + 0x63, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x22, 0x70, 0x0a, 0x07, 0x41, 0x63, 0x63, 0x6f, 0x75, + 0x6e, 0x74, 0x12, 0x1a, 0x0a, 0x08, 0x70, 0x61, 0x73, 0x73, 0x77, 0x6f, 0x72, 0x64, 0x18, 0x01, + 0x20, 0x01, 0x28, 0x09, 0x52, 0x08, 0x70, 0x61, 0x73, 0x73, 0x77, 0x6f, 0x72, 0x64, 0x12, 0x49, + 0x0a, 0x0b, 0x63, 0x69, 0x70, 0x68, 0x65, 0x72, 0x5f, 0x74, 0x79, 0x70, 0x65, 0x18, 0x02, 0x20, + 0x01, 0x28, 0x0e, 0x32, 0x28, 0x2e, 0x76, 0x32, 0x72, 0x61, 0x79, 0x2e, 0x63, 0x6f, 0x72, 0x65, + 0x2e, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x2e, 0x73, 0x68, 0x61, 0x64, 0x6f, 0x77, 0x73, 0x6f, 0x63, + 0x6b, 0x73, 0x2e, 0x43, 0x69, 0x70, 0x68, 0x65, 0x72, 0x54, 0x79, 0x70, 0x65, 0x52, 0x0a, 0x63, + 0x69, 0x70, 0x68, 0x65, 0x72, 0x54, 0x79, 0x70, 0x65, 0x22, 0xa3, 0x01, 0x0a, 0x0c, 0x53, 0x65, + 0x72, 0x76, 0x65, 0x72, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x23, 0x0a, 0x0b, 0x75, 0x64, + 0x70, 0x5f, 0x65, 0x6e, 0x61, 0x62, 0x6c, 0x65, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x08, 0x42, + 0x02, 0x18, 0x01, 0x52, 0x0a, 0x75, 0x64, 0x70, 0x45, 0x6e, 0x61, 0x62, 0x6c, 0x65, 0x64, 0x12, + 0x34, 0x0a, 0x04, 0x75, 0x73, 0x65, 0x72, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x20, 0x2e, + 0x76, 0x32, 0x72, 0x61, 0x79, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x63, 0x6f, 0x6d, 0x6d, 0x6f, + 0x6e, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x63, 0x6f, 0x6c, 0x2e, 0x55, 0x73, 0x65, 0x72, 0x52, + 0x04, 0x75, 0x73, 0x65, 0x72, 0x12, 0x38, 0x0a, 0x07, 0x6e, 0x65, 0x74, 0x77, 0x6f, 0x72, 0x6b, + 0x18, 0x03, 0x20, 0x03, 0x28, 0x0e, 0x32, 0x1e, 0x2e, 0x76, 0x32, 0x72, 0x61, 0x79, 0x2e, 0x63, + 0x6f, 0x72, 0x65, 0x2e, 0x63, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x2e, 0x6e, 0x65, 0x74, 0x2e, 0x4e, + 0x65, 0x74, 0x77, 0x6f, 0x72, 0x6b, 0x52, 0x07, 0x6e, 0x65, 0x74, 0x77, 0x6f, 0x72, 0x6b, 0x22, + 0x52, 0x0a, 0x0c, 0x43, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, + 0x42, 0x0a, 0x06, 0x73, 0x65, 0x72, 0x76, 0x65, 0x72, 0x18, 0x01, 0x20, 0x03, 0x28, 0x0b, 0x32, + 0x2a, 0x2e, 0x76, 0x32, 0x72, 0x61, 0x79, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x63, 0x6f, 0x6d, + 0x6d, 0x6f, 0x6e, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x63, 0x6f, 0x6c, 0x2e, 0x53, 0x65, 0x72, + 0x76, 0x65, 0x72, 0x45, 0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74, 0x52, 0x06, 0x73, 0x65, 0x72, + 0x76, 0x65, 0x72, 0x2a, 0x9f, 0x01, 0x0a, 0x0a, 0x43, 0x69, 0x70, 0x68, 0x65, 0x72, 0x54, 0x79, + 0x70, 0x65, 0x12, 0x0b, 0x0a, 0x07, 0x55, 0x4e, 0x4b, 0x4e, 0x4f, 0x57, 0x4e, 0x10, 0x00, 0x12, + 0x0f, 0x0a, 0x0b, 0x41, 0x45, 0x53, 0x5f, 0x31, 0x32, 0x38, 0x5f, 0x43, 0x46, 0x42, 0x10, 0x01, + 0x12, 0x0f, 0x0a, 0x0b, 0x41, 0x45, 0x53, 0x5f, 0x32, 0x35, 0x36, 0x5f, 0x43, 0x46, 0x42, 0x10, + 0x02, 0x12, 0x0c, 0x0a, 0x08, 0x43, 0x48, 0x41, 0x43, 0x48, 0x41, 0x32, 0x30, 0x10, 0x03, 0x12, + 0x11, 0x0a, 0x0d, 0x43, 0x48, 0x41, 0x43, 0x48, 0x41, 0x32, 0x30, 0x5f, 0x49, 0x45, 0x54, 0x46, + 0x10, 0x04, 0x12, 0x0f, 0x0a, 0x0b, 0x41, 0x45, 0x53, 0x5f, 0x31, 0x32, 0x38, 0x5f, 0x47, 0x43, + 0x4d, 0x10, 0x05, 0x12, 0x0f, 0x0a, 0x0b, 0x41, 0x45, 0x53, 0x5f, 0x32, 0x35, 0x36, 0x5f, 0x47, + 0x43, 0x4d, 0x10, 0x06, 0x12, 0x15, 0x0a, 0x11, 0x43, 0x48, 0x41, 0x43, 0x48, 0x41, 0x32, 0x30, + 0x5f, 0x50, 0x4f, 0x4c, 0x59, 0x31, 0x33, 0x30, 0x35, 0x10, 0x07, 0x12, 0x08, 0x0a, 0x04, 0x4e, + 0x4f, 0x4e, 0x45, 0x10, 0x08, 0x42, 0x65, 0x0a, 0x20, 0x63, 0x6f, 0x6d, 0x2e, 0x76, 0x32, 0x72, + 0x61, 0x79, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x2e, 0x73, 0x68, + 0x61, 0x64, 0x6f, 0x77, 0x73, 0x6f, 0x63, 0x6b, 0x73, 0x50, 0x01, 0x5a, 0x20, 0x76, 0x32, 0x72, + 0x61, 0x79, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x63, 0x6f, 0x72, 0x65, 0x2f, 0x70, 0x72, 0x6f, 0x78, + 0x79, 0x2f, 0x73, 0x68, 0x61, 0x64, 0x6f, 0x77, 0x73, 0x6f, 0x63, 0x6b, 0x73, 0xaa, 0x02, 0x1c, + 0x56, 0x32, 0x52, 0x61, 0x79, 0x2e, 0x43, 0x6f, 0x72, 0x65, 0x2e, 0x50, 0x72, 0x6f, 0x78, 0x79, + 0x2e, 0x53, 0x68, 0x61, 0x64, 0x6f, 0x77, 0x73, 0x6f, 0x63, 0x6b, 0x73, 0x62, 0x06, 0x70, 0x72, + 0x6f, 0x74, 0x6f, 0x33, } var ( @@ -395,29 +331,27 @@ func file_proxy_shadowsocks_config_proto_rawDescGZIP() []byte { return file_proxy_shadowsocks_config_proto_rawDescData } -var file_proxy_shadowsocks_config_proto_enumTypes = make([]protoimpl.EnumInfo, 2) +var file_proxy_shadowsocks_config_proto_enumTypes = make([]protoimpl.EnumInfo, 1) var file_proxy_shadowsocks_config_proto_msgTypes = make([]protoimpl.MessageInfo, 3) var file_proxy_shadowsocks_config_proto_goTypes = []interface{}{ (CipherType)(0), // 0: v2ray.core.proxy.shadowsocks.CipherType - (Account_OneTimeAuth)(0), // 1: v2ray.core.proxy.shadowsocks.Account.OneTimeAuth - (*Account)(nil), // 2: v2ray.core.proxy.shadowsocks.Account - (*ServerConfig)(nil), // 3: v2ray.core.proxy.shadowsocks.ServerConfig - (*ClientConfig)(nil), // 4: v2ray.core.proxy.shadowsocks.ClientConfig - (*protocol.User)(nil), // 5: v2ray.core.common.protocol.User - (net.Network)(0), // 6: v2ray.core.common.net.Network - (*protocol.ServerEndpoint)(nil), // 7: v2ray.core.common.protocol.ServerEndpoint + (*Account)(nil), // 1: v2ray.core.proxy.shadowsocks.Account + (*ServerConfig)(nil), // 2: v2ray.core.proxy.shadowsocks.ServerConfig + (*ClientConfig)(nil), // 3: v2ray.core.proxy.shadowsocks.ClientConfig + (*protocol.User)(nil), // 4: v2ray.core.common.protocol.User + (net.Network)(0), // 5: v2ray.core.common.net.Network + (*protocol.ServerEndpoint)(nil), // 6: v2ray.core.common.protocol.ServerEndpoint } var file_proxy_shadowsocks_config_proto_depIdxs = []int32{ 0, // 0: v2ray.core.proxy.shadowsocks.Account.cipher_type:type_name -> v2ray.core.proxy.shadowsocks.CipherType - 1, // 1: v2ray.core.proxy.shadowsocks.Account.ota:type_name -> v2ray.core.proxy.shadowsocks.Account.OneTimeAuth - 5, // 2: v2ray.core.proxy.shadowsocks.ServerConfig.user:type_name -> v2ray.core.common.protocol.User - 6, // 3: v2ray.core.proxy.shadowsocks.ServerConfig.network:type_name -> v2ray.core.common.net.Network - 7, // 4: v2ray.core.proxy.shadowsocks.ClientConfig.server:type_name -> v2ray.core.common.protocol.ServerEndpoint - 5, // [5:5] is the sub-list for method output_type - 5, // [5:5] is the sub-list for method input_type - 5, // [5:5] is the sub-list for extension type_name - 5, // [5:5] is the sub-list for extension extendee - 0, // [0:5] is the sub-list for field type_name + 4, // 1: v2ray.core.proxy.shadowsocks.ServerConfig.user:type_name -> v2ray.core.common.protocol.User + 5, // 2: v2ray.core.proxy.shadowsocks.ServerConfig.network:type_name -> v2ray.core.common.net.Network + 6, // 3: v2ray.core.proxy.shadowsocks.ClientConfig.server:type_name -> v2ray.core.common.protocol.ServerEndpoint + 4, // [4:4] is the sub-list for method output_type + 4, // [4:4] is the sub-list for method input_type + 4, // [4:4] is the sub-list for extension type_name + 4, // [4:4] is the sub-list for extension extendee + 0, // [0:4] is the sub-list for field type_name } func init() { file_proxy_shadowsocks_config_proto_init() } @@ -468,7 +402,7 @@ func file_proxy_shadowsocks_config_proto_init() { File: protoimpl.DescBuilder{ GoPackagePath: reflect.TypeOf(x{}).PkgPath(), RawDescriptor: file_proxy_shadowsocks_config_proto_rawDesc, - NumEnums: 2, + NumEnums: 1, NumMessages: 3, NumExtensions: 0, NumServices: 0, diff --git a/proxy/shadowsocks/config.proto b/proxy/shadowsocks/config.proto index a2a09ea2..967c21a9 100644 --- a/proxy/shadowsocks/config.proto +++ b/proxy/shadowsocks/config.proto @@ -11,14 +11,8 @@ import "common/protocol/user.proto"; import "common/protocol/server_spec.proto"; message Account { - enum OneTimeAuth { - Auto = 0; - Disabled = 1; - Enabled = 2; - } string password = 1; CipherType cipher_type = 2; - OneTimeAuth ota = 3; } enum CipherType { diff --git a/proxy/shadowsocks/ota.go b/proxy/shadowsocks/ota.go deleted file mode 100644 index 33daa9fd..00000000 --- a/proxy/shadowsocks/ota.go +++ /dev/null @@ -1,132 +0,0 @@ -// +build !confonly - -package shadowsocks - -import ( - "bytes" - "crypto/hmac" - "crypto/sha1" - "encoding/binary" - "io" - - "v2ray.com/core/common" - "v2ray.com/core/common/buf" - "v2ray.com/core/common/bytespool" - "v2ray.com/core/common/serial" -) - -const ( - // AuthSize is the number of extra bytes for Shadowsocks OTA. - AuthSize = 10 -) - -type KeyGenerator func() []byte - -type Authenticator struct { - key KeyGenerator -} - -func NewAuthenticator(keygen KeyGenerator) *Authenticator { - return &Authenticator{ - key: keygen, - } -} - -func (v *Authenticator) Authenticate(data []byte, dest []byte) { - hasher := hmac.New(sha1.New, v.key()) - common.Must2(hasher.Write(data)) - res := hasher.Sum(nil) - copy(dest, res[:AuthSize]) -} - -func HeaderKeyGenerator(key []byte, iv []byte) func() []byte { - return func() []byte { - newKey := make([]byte, 0, len(key)+len(iv)) - newKey = append(newKey, iv...) - newKey = append(newKey, key...) - return newKey - } -} - -func ChunkKeyGenerator(iv []byte) func() []byte { - chunkID := uint32(0) - return func() []byte { - newKey := make([]byte, len(iv)+4) - copy(newKey, iv) - binary.BigEndian.PutUint32(newKey[len(iv):], chunkID) - chunkID++ - return newKey - } -} - -type ChunkReader struct { - reader io.Reader - auth *Authenticator -} - -func NewChunkReader(reader io.Reader, auth *Authenticator) *ChunkReader { - return &ChunkReader{ - reader: reader, - auth: auth, - } -} - -func (v *ChunkReader) ReadMultiBuffer() (buf.MultiBuffer, error) { - size, err := serial.ReadUint16(v.reader) - if err != nil { - return nil, newError("failed to read size").Base(err) - } - size += AuthSize - - buffer := bytespool.Alloc(int32(size)) - defer bytespool.Free(buffer) - - if _, err := io.ReadFull(v.reader, buffer[:size]); err != nil { - return nil, err - } - - authBytes := buffer[:AuthSize] - payload := buffer[AuthSize:size] - - actualAuthBytes := make([]byte, AuthSize) - v.auth.Authenticate(payload, actualAuthBytes) - if !bytes.Equal(authBytes, actualAuthBytes) { - return nil, newError("invalid auth") - } - - mb := buf.MergeBytes(nil, payload) - - return mb, nil -} - -type ChunkWriter struct { - writer io.Writer - auth *Authenticator - buffer []byte -} - -func NewChunkWriter(writer io.Writer, auth *Authenticator) *ChunkWriter { - return &ChunkWriter{ - writer: writer, - auth: auth, - buffer: make([]byte, 32*1024), - } -} - -// WriteMultiBuffer implements buf.Writer. -func (w *ChunkWriter) WriteMultiBuffer(mb buf.MultiBuffer) error { - defer buf.ReleaseMulti(mb) - - for { - mb, payloadLen := buf.SplitBytes(mb, w.buffer[2+AuthSize:]) - binary.BigEndian.PutUint16(w.buffer, uint16(payloadLen)) - w.auth.Authenticate(w.buffer[2+AuthSize:2+AuthSize+payloadLen], w.buffer[2:]) - if err := buf.WriteAllBytes(w.writer, w.buffer[:2+AuthSize+payloadLen]); err != nil { - return err - } - if mb.IsEmpty() { - break - } - } - return nil -} diff --git a/proxy/shadowsocks/ota_test.go b/proxy/shadowsocks/ota_test.go deleted file mode 100644 index 28ac416f..00000000 --- a/proxy/shadowsocks/ota_test.go +++ /dev/null @@ -1,37 +0,0 @@ -package shadowsocks_test - -import ( - "testing" - - "github.com/google/go-cmp/cmp" - - "v2ray.com/core/common" - "v2ray.com/core/common/buf" - . "v2ray.com/core/proxy/shadowsocks" -) - -func TestNormalChunkReading(t *testing.T) { - buffer := buf.New() - buffer.Write([]byte{0, 8, 39, 228, 69, 96, 133, 39, 254, 26, 201, 70, 11, 12, 13, 14, 15, 16, 17, 18}) - reader := NewChunkReader(buffer, NewAuthenticator(ChunkKeyGenerator( - []byte{21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36}))) - payload, err := reader.ReadMultiBuffer() - common.Must(err) - - if diff := cmp.Diff(payload[0].Bytes(), []byte{11, 12, 13, 14, 15, 16, 17, 18}); diff != "" { - t.Error(diff) - } -} - -func TestNormalChunkWriting(t *testing.T) { - buffer := buf.New() - writer := NewChunkWriter(buffer, NewAuthenticator(ChunkKeyGenerator( - []byte{21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36}))) - - b := buf.New() - b.Write([]byte{11, 12, 13, 14, 15, 16, 17, 18}) - common.Must(writer.WriteMultiBuffer(buf.MultiBuffer{b})) - if diff := cmp.Diff(buffer.Bytes(), []byte{0, 8, 39, 228, 69, 96, 133, 39, 254, 26, 201, 70, 11, 12, 13, 14, 15, 16, 17, 18}); diff != "" { - t.Error(diff) - } -} diff --git a/proxy/shadowsocks/protocol.go b/proxy/shadowsocks/protocol.go index babcefdf..d8f6813e 100644 --- a/proxy/shadowsocks/protocol.go +++ b/proxy/shadowsocks/protocol.go @@ -3,7 +3,6 @@ package shadowsocks import ( - "bytes" "crypto/hmac" "crypto/rand" "crypto/sha256" @@ -14,7 +13,6 @@ import ( "v2ray.com/core/common/dice" "v2ray.com/core/common" - "v2ray.com/core/common/bitmask" "v2ray.com/core/common/buf" "v2ray.com/core/common/net" "v2ray.com/core/common/protocol" @@ -22,7 +20,6 @@ import ( const ( Version = 1 - RequestOptionOneTimeAuth bitmask.Byte = 0x01 ) var addrParser = protocol.NewAddressParser( @@ -73,7 +70,6 @@ func ReadTCPSession(user *protocol.MemoryUser, reader io.Reader) (*protocol.Requ } br := &buf.BufferedReader{Reader: r} - authenticator := NewAuthenticator(HeaderKeyGenerator(account.Key, iv)) request := &protocol.RequestHeader{ Version: Version, User: user, @@ -93,56 +89,13 @@ func ReadTCPSession(user *protocol.MemoryUser, reader io.Reader) (*protocol.Requ request.Address = addr request.Port = port - if !account.Cipher.IsAEAD() { - if (buffer.Byte(0) & 0x10) == 0x10 { - request.Option.Set(RequestOptionOneTimeAuth) - } - - if request.Option.Has(RequestOptionOneTimeAuth) && account.OneTimeAuth == Account_Disabled { - readSizeRemain -= int(buffer.Len()) - DrainConnN(reader, readSizeRemain) - return nil, nil, newError("rejecting connection with OTA enabled, while server disables OTA") - } - - if !request.Option.Has(RequestOptionOneTimeAuth) && account.OneTimeAuth == Account_Enabled { - readSizeRemain -= int(buffer.Len()) - DrainConnN(reader, readSizeRemain) - return nil, nil, newError("rejecting connection with OTA disabled, while server enables OTA") - } - } - - if request.Option.Has(RequestOptionOneTimeAuth) { - actualAuth := make([]byte, AuthSize) - authenticator.Authenticate(buffer.Bytes(), actualAuth) - - _, err := buffer.ReadFullFrom(br, AuthSize) - if err != nil { - readSizeRemain -= int(buffer.Len()) - DrainConnN(reader, readSizeRemain) - return nil, nil, newError("Failed to read OTA").Base(err) - } - - if !bytes.Equal(actualAuth, buffer.BytesFrom(-AuthSize)) { - readSizeRemain -= int(buffer.Len()) - DrainConnN(reader, readSizeRemain) - return nil, nil, newError("invalid OTA") - } - } - if request.Address == nil { readSizeRemain -= int(buffer.Len()) DrainConnN(reader, readSizeRemain) return nil, nil, newError("invalid remote address.") } - var chunkReader buf.Reader - if request.Option.Has(RequestOptionOneTimeAuth) { - chunkReader = NewChunkReader(br, NewAuthenticator(ChunkKeyGenerator(iv))) - } else { - chunkReader = buf.NewReader(br) - } - - return request, chunkReader, nil + return request, br, nil } func DrainConnN(reader io.Reader, n int) error { @@ -155,10 +108,6 @@ func WriteTCPRequest(request *protocol.RequestHeader, writer io.Writer) (buf.Wri user := request.User account := user.Account.(*MemoryAccount) - if account.Cipher.IsAEAD() { - request.Option.Clear(RequestOptionOneTimeAuth) - } - var iv []byte if account.Cipher.IVSize() > 0 { iv = make([]byte, account.Cipher.IVSize()) @@ -179,27 +128,11 @@ func WriteTCPRequest(request *protocol.RequestHeader, writer io.Writer) (buf.Wri return nil, newError("failed to write address").Base(err) } - if request.Option.Has(RequestOptionOneTimeAuth) { - header.SetByte(0, header.Byte(0)|0x10) - - authenticator := NewAuthenticator(HeaderKeyGenerator(account.Key, iv)) - authPayload := header.Bytes() - authBuffer := header.Extend(AuthSize) - authenticator.Authenticate(authPayload, authBuffer) - } - if err := w.WriteMultiBuffer(buf.MultiBuffer{header}); err != nil { return nil, newError("failed to write header").Base(err) } - var chunkWriter buf.Writer - if request.Option.Has(RequestOptionOneTimeAuth) { - chunkWriter = NewChunkWriter(w.(io.Writer), NewAuthenticator(ChunkKeyGenerator(iv))) - } else { - chunkWriter = w - } - - return chunkWriter, nil + return w, nil } func ReadTCPResponse(user *protocol.MemoryUser, reader io.Reader) (buf.Reader, error) { @@ -241,7 +174,6 @@ func EncodeUDPPacket(request *protocol.RequestHeader, payload []byte) (*buf.Buff if ivLen > 0 { common.Must2(buffer.ReadFullFrom(rand.Reader, ivLen)) } - iv := buffer.Bytes() if err := addrParser.WriteAddressPort(buffer, request.Address, request.Port); err != nil { return nil, newError("failed to write address").Base(err) @@ -249,14 +181,6 @@ func EncodeUDPPacket(request *protocol.RequestHeader, payload []byte) (*buf.Buff buffer.Write(payload) - if !account.Cipher.IsAEAD() && request.Option.Has(RequestOptionOneTimeAuth) { - authenticator := NewAuthenticator(HeaderKeyGenerator(account.Key, iv)) - buffer.SetByte(ivLen, buffer.Byte(ivLen)|0x10) - - authPayload := buffer.BytesFrom(ivLen) - authBuffer := buffer.Extend(AuthSize) - authenticator.Authenticate(authPayload, authBuffer) - } if err := account.Cipher.EncodePacket(account.Key, buffer); err != nil { return nil, newError("failed to encrypt UDP payload").Base(err) } @@ -284,34 +208,6 @@ func DecodeUDPPacket(user *protocol.MemoryUser, payload *buf.Buffer) (*protocol. Command: protocol.RequestCommandUDP, } - if !account.Cipher.IsAEAD() { - if (payload.Byte(0) & 0x10) == 0x10 { - request.Option |= RequestOptionOneTimeAuth - } - - if request.Option.Has(RequestOptionOneTimeAuth) && account.OneTimeAuth == Account_Disabled { - return nil, nil, newError("rejecting packet with OTA enabled, while server disables OTA").AtWarning() - } - - if !request.Option.Has(RequestOptionOneTimeAuth) && account.OneTimeAuth == Account_Enabled { - return nil, nil, newError("rejecting packet with OTA disabled, while server enables OTA").AtWarning() - } - - if request.Option.Has(RequestOptionOneTimeAuth) { - payloadLen := payload.Len() - AuthSize - authBytes := payload.BytesFrom(payloadLen) - - authenticator := NewAuthenticator(HeaderKeyGenerator(account.Key, iv)) - actualAuth := make([]byte, AuthSize) - authenticator.Authenticate(payload.BytesTo(payloadLen), actualAuth) - if !bytes.Equal(actualAuth, authBytes) { - return nil, nil, newError("invalid OTA") - } - - payload.Resize(0, payloadLen) - } - } - payload.SetByte(0, payload.Byte(0)&0x0F) addr, port, err := addrParser.ReadAddressPort(nil, payload) diff --git a/proxy/shadowsocks/protocol_test.go b/proxy/shadowsocks/protocol_test.go index e6a28ba6..60630e29 100644 --- a/proxy/shadowsocks/protocol_test.go +++ b/proxy/shadowsocks/protocol_test.go @@ -29,7 +29,6 @@ func TestUDPEncoding(t *testing.T) { Account: toAccount(&Account{ Password: "shadowsocks-password", CipherType: CipherType_AES_128_CFB, - Ota: Account_Disabled, }), }, } @@ -61,7 +60,6 @@ func TestTCPRequest(t *testing.T) { Version: Version, Command: protocol.RequestCommandTCP, Address: net.LocalHostIP, - Option: RequestOptionOneTimeAuth, Port: 1234, User: &protocol.MemoryUser{ Email: "love@v2ray.com", @@ -78,7 +76,6 @@ func TestTCPRequest(t *testing.T) { Version: Version, Command: protocol.RequestCommandTCP, Address: net.LocalHostIPv6, - Option: RequestOptionOneTimeAuth, Port: 1234, User: &protocol.MemoryUser{ Email: "love@v2ray.com", @@ -95,7 +92,6 @@ func TestTCPRequest(t *testing.T) { Version: Version, Command: protocol.RequestCommandTCP, Address: net.DomainAddress("v2ray.com"), - Option: RequestOptionOneTimeAuth, Port: 1234, User: &protocol.MemoryUser{ Email: "love@v2ray.com", @@ -157,7 +153,6 @@ func TestUDPReaderWriter(t *testing.T) { Address: net.DomainAddress("v2ray.com"), Port: 123, User: user, - Option: RequestOptionOneTimeAuth, }, }} diff --git a/proxy/shadowsocks/server.go b/proxy/shadowsocks/server.go index 46e8fc3e..fdfa1d9f 100644 --- a/proxy/shadowsocks/server.go +++ b/proxy/shadowsocks/server.go @@ -90,7 +90,6 @@ func (s *Server) handlerUDPPayload(ctx context.Context, conn internet.Connection conn.Write(data.Bytes()) }) - account := s.user.Account.(*MemoryAccount) inbound := session.InboundFromContext(ctx) if inbound == nil { panic("no inbound metadata") @@ -120,18 +119,6 @@ func (s *Server) handlerUDPPayload(ctx context.Context, conn internet.Connection continue } - if request.Option.Has(RequestOptionOneTimeAuth) && account.OneTimeAuth == Account_Disabled { - newError("client payload enables OTA but server doesn't allow it").WriteToLog(session.ExportIDToError(ctx)) - payload.Release() - continue - } - - if !request.Option.Has(RequestOptionOneTimeAuth) && account.OneTimeAuth == Account_Enabled { - newError("client payload disables OTA but server forces it").WriteToLog(session.ExportIDToError(ctx)) - payload.Release() - continue - } - currentPacketCtx := ctx dest := request.Destination() if inbound.Source.IsValid() { diff --git a/proxy/shadowsocks/shadowsocks.go b/proxy/shadowsocks/shadowsocks.go index c7418441..d7f6980e 100644 --- a/proxy/shadowsocks/shadowsocks.go +++ b/proxy/shadowsocks/shadowsocks.go @@ -2,14 +2,6 @@ // // Shadowsocks client and server are implemented as outbound and inbound respectively in V2Ray's term. // -// Shadowsocks OTA is fully supported. By default both client and server enable OTA, but it can be optionally disabled. -// -// Supperted Ciphers: -// * AES-256-CFB -// * AES-128-CFB -// * Chacha20 -// * Chacha20-IEFT -// // R.I.P Shadowsocks package shadowsocks diff --git a/testing/scenarios/shadowsocks_test.go b/testing/scenarios/shadowsocks_test.go index 21fd94cf..368a67d4 100644 --- a/testing/scenarios/shadowsocks_test.go +++ b/testing/scenarios/shadowsocks_test.go @@ -35,7 +35,6 @@ func TestShadowsocksAES256TCP(t *testing.T) { account := serial.ToTypedMessage(&shadowsocks.Account{ Password: "shadowsocks-password", CipherType: shadowsocks.CipherType_AES_256_CFB, - Ota: shadowsocks.Account_Enabled, }) serverPort := tcp.PickPort() @@ -134,7 +133,6 @@ func TestShadowsocksAES128UDP(t *testing.T) { account := serial.ToTypedMessage(&shadowsocks.Account{ Password: "shadowsocks-password", CipherType: shadowsocks.CipherType_AES_128_CFB, - Ota: shadowsocks.Account_Enabled, }) serverPort := tcp.PickPort() @@ -261,7 +259,6 @@ func TestShadowsocksChacha20TCP(t *testing.T) { account := serial.ToTypedMessage(&shadowsocks.Account{ Password: "shadowsocks-password", CipherType: shadowsocks.CipherType_CHACHA20_IETF, - Ota: shadowsocks.Account_Enabled, }) serverPort := tcp.PickPort() @@ -749,7 +746,6 @@ func TestShadowsocksNone(t *testing.T) { account := serial.ToTypedMessage(&shadowsocks.Account{ Password: "shadowsocks-password", CipherType: shadowsocks.CipherType_NONE, - Ota: shadowsocks.Account_Enabled, }) serverPort := tcp.PickPort()