diff --git a/.travis.yml b/.travis.yml index 503d829f..a9648dbb 100644 --- a/.travis.yml +++ b/.travis.yml @@ -1,15 +1,10 @@ language: go go: - - 1.1 + - 1.3 install: - - go get github.com/cyfdecyf/leakybuf - go get code.google.com/p/go.crypto/blowfish - go get code.google.com/p/go.crypto/cast5 - - pushd $TRAVIS_BUILD_DIR - go install ./cmd/shadowsocks-local - go install ./cmd/shadowsocks-server - - popd script: - - pushd $TRAVIS_BUILD_DIR - PATH=$PATH:$HOME/gopath/bin bash -x ./script/test.sh - - popd diff --git a/CHANGELOG b/CHANGELOG index e9f800cb..72826e95 100644 --- a/CHANGELOG +++ b/CHANGELOG @@ -1,3 +1,7 @@ +1.1.2 (2014-09-21) + * Support new encryption method "rc4-md5" + * Use aes-256-cfb as default encryption method for command line app + 1.1.1 (2013-07-12) * Add -b option to limit listen address for client * Fix can't override server address on command line diff --git a/README.md b/README.md index 7de90074..11aabc52 100644 --- a/README.md +++ b/README.md @@ -1,6 +1,6 @@ # shadowsocks-go -Current version: 1.1.1 [![Build Status](https://travis-ci.org/shadowsocks/shadowsocks-go.png?branch=master)](https://travis-ci.org/shadowsocks/shadowsocks-go) +Current version: 1.1.2 [![Build Status](https://travis-ci.org/shadowsocks/shadowsocks-go.png?branch=master)](https://travis-ci.org/shadowsocks/shadowsocks-go) shadowsocks-go is a lightweight tunnel proxy which can help you get through firewalls. It is a port of [shadowsocks](https://github.com/clowwindy/shadowsocks). @@ -23,7 +23,7 @@ go get github.com/shadowsocks/shadowsocks-go/cmd/shadowsocks-server go get github.com/shadowsocks/shadowsocks-go/cmd/shadowsocks-local ``` -It's recommend to disable cgo when compiling shadowsocks-go. This will prevent the go runtime from creating too many threads for dns lookup. +It's recommended to disable cgo when compiling shadowsocks-go. This will prevent the go runtime from creating too many threads for dns lookup. # Usage @@ -35,8 +35,8 @@ Configuration file is in json format and has the same syntax with [shadowsocks-n server your server ip or hostname server_port server port local_port local socks5 proxy port -method encryption method, null by default, the following methods are supported: - aes-128-cfb, aes-192-cfb, aes-256-cfb, bf-cfb, cast5-cfb, des-cfb, rc4 +method encryption method, null by default (table), the following methods are supported: + aes-128-cfb, aes-192-cfb, aes-256-cfb, bf-cfb, cast5-cfb, des-cfb, rc4-md5, rc4, table password a password used to encrypt transfer timeout server option, in seconds ``` @@ -51,9 +51,9 @@ SOCKS5 127.0.0.1:local_port ## About encryption methods -AES is recommended for shadowsocks-go. ([Intel AES Instruction Set](http://en.wikipedia.org/wiki/AES_instruction_set) will be used if available and can make encryption/decryption fast.) +AES is recommended for shadowsocks-go. [Intel AES Instruction Set](http://en.wikipedia.org/wiki/AES_instruction_set) will be used if available and can make encryption/decryption very fast. To be more specific, **`aes-128-cfb` is recommended as it is faster and [secure enough](https://www.schneier.com/blog/archives/2009/07/another_new_aes.html)**. -**rc4 and table encryption methods are deprecated because they are not secure**. +**rc4 and table encryption methods are deprecated because they are not secure.** ## Command line options @@ -61,10 +61,10 @@ Command line options can override settings from configuration files. Use `-h` op ``` shadowsocks-local -s server_address -p server_port -k password - -m rc4 -c config.json + -m aes-128-cfb -c config.json -b local_address -l local_port shadowsocks-server -p server_port -k password - -m rc4 -c config.json + -m aes-128-cfb -c config.json -t timeout ``` diff --git a/cmd/shadowsocks-local/local.go b/cmd/shadowsocks-local/local.go index 68ec07dc..e0336a4f 100644 --- a/cmd/shadowsocks-local/local.go +++ b/cmd/shadowsocks-local/local.go @@ -355,7 +355,7 @@ func main() { flag.StringVar(&cmdConfig.Password, "k", "", "password") flag.IntVar(&cmdConfig.ServerPort, "p", 0, "server port") flag.IntVar(&cmdConfig.LocalPort, "l", 0, "local socks5 proxy port") - flag.StringVar(&cmdConfig.Method, "m", "", "encryption method, use empty string or rc4") + flag.StringVar(&cmdConfig.Method, "m", "aes-256-cfb", "encryption method") flag.BoolVar((*bool)(&debug), "d", false, "print debug message") flag.Parse() diff --git a/cmd/shadowsocks-server/server.go b/cmd/shadowsocks-server/server.go index a7889c1e..391d2b21 100644 --- a/cmd/shadowsocks-server/server.go +++ b/cmd/shadowsocks-server/server.go @@ -57,7 +57,7 @@ func getRequest(conn *ss.Conn) (host string, extra []byte, err error) { case typeDm: reqLen = int(buf[idDmLen]) + lenDmBase default: - err = errors.New(fmt.Sprintf("addr type %d not supported", buf[idType])) + err = fmt.Errorf("addr type %d not supported", buf[idType]) return } @@ -322,7 +322,7 @@ func main() { flag.StringVar(&cmdConfig.Password, "k", "", "password") flag.IntVar(&cmdConfig.ServerPort, "p", 0, "server port") flag.IntVar(&cmdConfig.Timeout, "t", 60, "connection timeout (in seconds)") - flag.StringVar(&cmdConfig.Method, "m", "", "encryption method, use empty string or rc4") + flag.StringVar(&cmdConfig.Method, "m", "aes-256-cfb", "encryption method") flag.IntVar(&core, "core", 0, "maximum number of CPU cores to use, default is determinied by Go runtime") flag.BoolVar((*bool)(&debug), "d", false, "print debug message") diff --git a/config.json b/config.json index 0a9f3193..8475f08d 100644 --- a/config.json +++ b/config.json @@ -3,5 +3,6 @@ "server_port":8388, "local_port":1080, "password":"barfoo!", + "method": "aes-128-cfb", "timeout":600 } diff --git a/sample-config/client-multi-server.json b/sample-config/client-multi-server.json index 3b534e1b..21e20580 100644 --- a/sample-config/client-multi-server.json +++ b/sample-config/client-multi-server.json @@ -1,7 +1,7 @@ { - "local_port":1081, + "local_port": 1081, "server_password": [ ["127.0.0.1:8387", "foobar"], - ["127.0.0.1:8388", "barfoo", "rc4"] + ["127.0.0.1:8388", "barfoo", "aes-128-cfb"] ] } diff --git a/sample-config/server-multi-port.json b/sample-config/server-multi-port.json index 1ef4f645..39ac351f 100644 --- a/sample-config/server-multi-port.json +++ b/sample-config/server-multi-port.json @@ -3,5 +3,6 @@ "8387": "foobar", "8388": "barfoo" }, - "timeout": 600, + "method": "aes-128-cfb", + "timeout": 600 } diff --git a/script/build.sh b/script/build.sh index 75d00ec8..207b4cfa 100755 --- a/script/build.sh +++ b/script/build.sh @@ -51,11 +51,11 @@ build windows 386 win32 local build linux amd64 linux64 server build linux 386 linux32 server -#build darwin amd64 mac64 server +build darwin amd64 mac64 server build windows amd64 win64 server build windows 386 win32 server -script/createdeb.sh amd64 -script/createdeb.sh 386 -mv shadowsocks-go_$version-1-*.deb bin/ -rm -rf shadowsocks-go_$version-1* +#script/createdeb.sh amd64 +#script/createdeb.sh i386 +#mv shadowsocks-go_$version-1-*.deb bin/ +#rm -rf shadowsocks-go_$version-1* diff --git a/script/createdeb.sh b/script/createdeb.sh index fb022789..92a061c8 100755 --- a/script/createdeb.sh +++ b/script/createdeb.sh @@ -13,7 +13,7 @@ export GOOS=linux arch=$1 case $arch in - 386) + i386) export GOARCH=386 ;; amd64) diff --git a/script/http.go b/script/http.go new file mode 100644 index 00000000..6ae6f4d7 --- /dev/null +++ b/script/http.go @@ -0,0 +1,21 @@ +/* Simple http server for testing. */ +package main + +import ( + "fmt" + "net/http" + "os" +) + +func handler(w http.ResponseWriter, r *http.Request) { + fmt.Fprintf(w, "Hello, shadowsocks-go!") +} + +func main() { + if len(os.Args) != 2 { + fmt.Println("Usage: http ") + os.Exit(1) + } + http.HandleFunc("/", handler) + http.ListenAndServe("127.0.0.1:"+os.Args[1], nil) +} diff --git a/script/test.sh b/script/test.sh index 0286a0a0..4a288327 100755 --- a/script/test.sh +++ b/script/test.sh @@ -1,8 +1,22 @@ #!/bin/bash +# Run in the scripts directory. +cd "$( dirname "${BASH_SOURCE[0]}" )" + OPTION="-p 8389 -k foobar" LOCAL_PORT="1090" SOCKS="127.0.0.1:$LOCAL_PORT" +HTTP_PORT="8123" + +start_http_server() { + go build http.go + ./http $HTTP_PORT & + http_pid=$! +} + +stop_http_server() { + kill -SIGTERM $http_pid +} test_get() { local url @@ -45,23 +59,36 @@ test_shadowsocks() { $LOCAL $OPTION -s 127.0.0.1 -l $LOCAL_PORT -m "$method" & local_pid=$! - # wait server and client finish startup - sleep 1 + # Wait server and client finish startup. + sleeptime=0.1 + if [ -n "$TRAVIS" ]; then + # On Travis we need to wait a little longer. + sleeptime=1 + elif echo $SERVER $LOCAL | grep 'py'; then + # The python version is slow to start. + if [[ $method == "table" ]]; then + sleeptime=2 + else + sleeptime=0.5 + fi + fi + echo $sleeptime + sleep $sleeptime for i in {1..3}; do - if ! test_get $url "