Merge branch 'feature/more-encrypt-method' into develop

test84 · May 26, 2013 · 0a9a2cd · 0a9a2cd
2 parents bf411b9 + a0e180b
commit 0a9a2cd
Show file tree

Hide file tree

Showing 7 changed files with 396 additions and 136 deletions.
diff --git a/cmd/shadowsocks-local/local.go b/cmd/shadowsocks-local/local.go
@@ -150,7 +150,7 @@ func getRequest(conn net.Conn) (rawaddr []byte, host string, err error) {
 
 type ServerCipher struct {
 	server string
-	cipher ss.Cipher
+	cipher *ss.Cipher
 }
 
 var servers struct {
@@ -191,7 +191,7 @@ func parseServerConfig(config *ss.Config) {
 		n := len(config.ServerPassword)
 		servers.srvCipher = make([]*ServerCipher, n)
 
-		cipherCache := make(map[string]ss.Cipher)
+		cipherCache := make(map[string]*ss.Cipher)
 		i := 0
 		for _, serverInfo := range config.ServerPassword {
 			if len(serverInfo) < 2 || len(serverInfo) > 3 {

diff --git a/cmd/shadowsocks-server/server.go b/cmd/shadowsocks-server/server.go
@@ -264,7 +264,7 @@ func run(port, password string) {
 		return
 	}
 	passwdManager.add(port, password, ln)
-	var cipher ss.Cipher
+	var cipher *ss.Cipher
 	log.Printf("server listening port %v ...\n", port)
 	for {
 		conn, err := ln.Accept()

diff --git a/script/test.sh b/script/test.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 
-OPTION="-p 8389 -k foobar -d"
+OPTION="-p 8389 -k foobar"
 LOCAL_PORT="1090"
 SOCKS="127.0.0.1:$LOCAL_PORT"
 
@@ -14,25 +14,21 @@ test_get() {
         code="200"
     fi
 
-    # get 5 times
-    for i in {1..2}; do
-        # -s silent to disable progress meter, but enable --show-error
-        # -i to include http header
-        # -L to follow redirect so we should always get HTTP 200
-        cont=`curl --socks5 $SOCKS -s --show-error -i -L $url 2>&1`
-        ok=`echo $cont | grep -E -o "HTTP/1\.1 +$code"`
-        html=`echo $cont | grep -E -o -i "$target"`
-        if [[ -z $ok || -z $html ]] ; then
-            echo "=============================="
-            echo "GET $url FAILED!!!"
-            echo "$ok"
-            echo "$html"
-            echo $cont
-            echo "=============================="
-            return 1
-        fi
-        sleep 0.3
-    done
+    # -s silent to disable progress meter, but enable --show-error
+    # -i to include http header
+    # -L to follow redirect so we should always get HTTP 200
+    cont=`curl --socks5 $SOCKS -s --show-error -i -L $url 2>&1`
+    ok=`echo $cont | grep -E -o "HTTP/1\.1 +$code"`
+    html=`echo $cont | grep -E -o -i "$target"`
+    if [[ -z $ok || -z $html ]] ; then
+        echo "=============================="
+        echo "GET $url FAILED!!!"
+        echo "$ok"
+        echo "$html"
+        echo $cont
+        echo "=============================="
+        return 1
+    fi
     return 0
 }
 
@@ -44,21 +40,21 @@ test_shadowsocks() {
     url=$1
     method=$2
 
-    shadowsocks-server $OPTION -m "$method" &
+    $SERVER $OPTION -m "$method" &
     server_pid=$!
-    shadowsocks-local $OPTION -s 127.0.0.1 -l $LOCAL_PORT -m "$method" &
+    $LOCAL $OPTION -s 127.0.0.1 -l $LOCAL_PORT -m "$method" &
     local_pid=$!
 
     # wait server and client finish startup
     sleep 1
 
-    # get 5 times
-    for i in {1..5}; do
+    for i in {1..3}; do
         if ! test_get $url "<html"; then
             kill -SIGTERM $server_pid
             kill -SIGTERM $local_pid
-            return 1
+            exit 1
         fi
+        sleep 0.3
     done
     echo "=============================="
     echo "GET $url $method passed"
@@ -68,6 +64,35 @@ test_shadowsocks() {
     sleep 1
 }
 
-test_shadowsocks baidu.com
-test_shadowsocks baidu.com rc4
+test_server_local_pair() {
+    echo "============================================================"
+    echo "server: $SERVER, local: $LOCAL"
+    echo "============================================================"
+    test_shadowsocks baidu.com table
+    test_shadowsocks baidu.com rc4
+    test_shadowsocks baidu.com aes-128-cfb
+    test_shadowsocks baidu.com aes-192-cfb
+    test_shadowsocks baidu.com aes-256-cfb
+    test_shadowsocks baidu.com bf-cfb
+    test_shadowsocks baidu.com des-cfb
+    test_shadowsocks baidu.com cast5-cfb
+}
+
+SERVER="shadowsocks-server"
+LOCAL="shadowsocks-local"
+test_server_local_pair
+
+if [ -n $SS_NODEJS ]; then
+    pushd $SS_NODEJS
+
+    SERVER="node server.js"
+    LOCAL="shadowsocks-local"
+    test_server_local_pair
+
+    SERVER="shadowsocks-server"
+    LOCAL="node local.js"
+    test_server_local_pair
+
+    popd $SS_NODEJS
+fi
 
diff --git a/shadowsocks/config.go b/shadowsocks/config.go
@@ -120,4 +120,7 @@ func UpdateConfig(old, new *Config) {
 			}
 		}
 	}
+	if old.Method == "table" {
+		old.Method = ""
+	}
 }
diff --git a/shadowsocks/conn.go b/shadowsocks/conn.go
@@ -4,16 +4,17 @@ import (
 	"encoding/binary"
 	"errors"
 	"fmt"
+	"io"
 	"net"
 	"strconv"
 )
 
 type Conn struct {
 	net.Conn
-	Cipher
+	*Cipher
 }
 
-func NewConn(cn net.Conn, cipher Cipher) *Conn {
+func NewConn(cn net.Conn, cipher *Cipher) *Conn {
 	return &Conn{cn, cipher}
 }
 
@@ -42,7 +43,7 @@ func RawAddr(addr string) (buf []byte, err error) {
 // This is intended for use by users implementing a local socks proxy.
 // rawaddr shoud contain part of the data in socks request, starting from the
 // ATYP field. (Refer to rfc1928 for more information.)
-func DialWithRawAddr(rawaddr []byte, server string, cipher Cipher) (c *Conn, err error) {
+func DialWithRawAddr(rawaddr []byte, server string, cipher *Cipher) (c *Conn, err error) {
 	conn, err := net.Dial("tcp", server)
 	if err != nil {
 		return
@@ -56,7 +57,7 @@ func DialWithRawAddr(rawaddr []byte, server string, cipher Cipher) (c *Conn, err
 }
 
 // addr should be in the form of host:port
-func Dial(addr, server string, cipher Cipher) (c *Conn, err error) {
+func Dial(addr, server string, cipher *Cipher) (c *Conn, err error) {
 	ra, err := RawAddr(addr)
 	if err != nil {
 		return
@@ -65,17 +66,36 @@ func Dial(addr, server string, cipher Cipher) (c *Conn, err error) {
 }
 
 func (c Conn) Read(b []byte) (n int, err error) {
-	cipherData := make([]byte, len(b), len(b))
+	if c.dec == nil {
+		iv := make([]byte, c.info.ivLen)
+		if _, err = io.ReadFull(c.Conn, iv); err != nil {
+			return
+		}
+		if err = c.initDecrypt(iv); err != nil {
+			return
+		}
+	}
+	cipherData := make([]byte, len(b))
 	n, err = c.Conn.Read(cipherData)
 	if n > 0 {
-		c.Decrypt(b[0:n], cipherData[0:n])
+		c.decrypt(b[0:n], cipherData[0:n])
 	}
 	return
 }
 
 func (c Conn) Write(b []byte) (n int, err error) {
-	cipherData := make([]byte, len(b), len(b))
-	c.Encrypt(cipherData, b)
+	if c.enc == nil {
+		var iv []byte
+		iv, err = c.initEncrypt()
+		if err != nil {
+			return
+		}
+		if _, err = c.Conn.Write(iv); err != nil {
+			return
+		}
+	}
+	cipherData := make([]byte, len(b))
+	c.encrypt(cipherData, b)
 	n, err = c.Conn.Write(cipherData)
 	return
 }
-Original file line number
+Diff line change
@@ Expand Up / @@ -120,4 +120,7 @@ func UpdateConfig(old, new *Config) { @@
     			}
     		}
     	}
+    	if old.Method == "table" {
+    		old.Method = ""
+    	}
     }