Merge branch 'feature/per-conn-encrypt-table' into develop

dearplain · Dec 11, 2012 · 1cd0ad5 · 1cd0ad5
2 parents b65a437 + 8b5aa4e
commit 1cd0ad5
Show file tree

Hide file tree

Showing 8 changed files with 93 additions and 106 deletions.
diff --git a/Makefile b/Makefile
@@ -3,7 +3,6 @@
 PREFIX := shadowsocks
 LOCAL := $(GOBIN)/$(PREFIX)-local
 SERVER := $(GOBIN)/$(PREFIX)-server
-TEST := $(GOBIN)/$(PREFIX)-test
 
 # TODO define the install package path for use in clean and detect whether
 # package need re-build
@@ -23,6 +22,5 @@ $(SERVER): shadowsocks/*.go cmd/$(PREFIX)-server/*.go
 	cd shadowsocks; go install
 	cd cmd/$(PREFIX)-server; go install
 
-$(TEST): shadowsocks/*.go cmd/$(PREFIX)-test/*.go
-	cd shadowsocks; go install
-	cd cmd/$(PREFIX)-test; go install
+test:
+	cd shadowsocks; go test
diff --git a/cmd/shadowsocks-local/local.go b/cmd/shadowsocks-local/local.go
@@ -2,11 +2,14 @@ package main
 
 import (
 	"fmt"
+	"github.com/shadowsocks/shadowsocks-go/shadowsocks"
 	"log"
 	"net"
-	"github.com/shadowsocks/shadowsocks-go/shadowsocks"
 )
 
+var config shadowsocks.Config
+var encTbl *shadowsocks.EncryptTable
+
 func handleConnection(conn net.Conn, server string) {
 	log.Printf("socks connect from %s\n", conn.RemoteAddr().String())
 	b := make([]byte, 262)
@@ -48,7 +51,7 @@ func handleConnection(conn net.Conn, server string) {
 		log.Println("connecting ", addr)
 		conn.Write([]byte{0x05, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00, 0x00, 0x08, 0x43})
 
-		remote, err := shadowsocks.DialWithAddrBuf(addrToSend, server)
+		remote, err := shadowsocks.DialWithRawAddr(addrToSend, server, encTbl)
 		if err != nil {
 			hasError = true
 			break
@@ -95,7 +98,7 @@ func run(port int, server string) {
 }
 
 func main() {
-	config := shadowsocks.ParseConfig()
-	shadowsocks.InitTable(config.Password)
+	config = shadowsocks.ParseConfig()
+	encTbl = shadowsocks.GetTable(config.Password)
 	run(config.LocalPort, fmt.Sprintf("%s:%d", config.Server, config.ServerPort))
 }
diff --git a/cmd/shadowsocks-server/server.go b/cmd/shadowsocks-server/server.go
@@ -4,12 +4,15 @@ import (
 	"bytes"
 	"encoding/binary"
 	"fmt"
+	"github.com/shadowsocks/shadowsocks-go/shadowsocks"
 	"log"
 	"net"
-	"github.com/shadowsocks/shadowsocks-go/shadowsocks"
 )
 
-func handleConnection(conn shadowsocks.Conn) {
+var config shadowsocks.Config
+var encTbl *shadowsocks.EncryptTable
+
+func handleConnection(conn *shadowsocks.Conn) {
 	log.Printf("socks connect from %s\n", conn.RemoteAddr().String())
 	var err error = nil
 	var hasError = false
@@ -106,12 +109,12 @@ func run(port int) {
 			log.Println("accept:", err)
 			continue
 		}
-		go handleConnection(shadowsocks.Conn{conn})
+		go handleConnection(shadowsocks.NewConn(conn, encTbl))
 	}
 }
 
 func main() {
-	config := shadowsocks.ParseConfig()
-	shadowsocks.InitTable(config.Password)
+	config = shadowsocks.ParseConfig()
+	encTbl = shadowsocks.GetTable(config.Password)
 	run(config.ServerPort)
 }
diff --git a/cmd/shadowsocks-test/test.go b/cmd/shadowsocks-test/test.go
diff --git a/shadowsocks/config.go b/shadowsocks/config.go
@@ -9,14 +9,15 @@ package shadowsocks
 
 import (
 	"encoding/json"
-	"os"
 	"log"
+	"os"
 )
+
 type Config struct {
-	Server string `json:"server"`
-	ServerPort int `json:"server_port"`
-	LocalPort int `json:"local_port"`
-	Password string `json:"password"`
+	Server     string `json:"server"`
+	ServerPort int    `json:"server_port"`
+	LocalPort  int    `json:"local_port"`
+	Password   string `json:"password"`
 }
 
 func ParseConfig() Config {
@@ -35,7 +36,7 @@ func ParseConfig() Config {
 	var config Config
 	err = json.Unmarshal(data[0:count], &config)
 	if err != nil {
-		log.Fatal("can not parse config:",err)
+		log.Fatal("can not parse config:", err)
 	}
 	return config
 }
diff --git a/shadowsocks/conn.go b/shadowsocks/conn.go
@@ -8,20 +8,16 @@ import (
 	"strings"
 )
 
-var (
-	encTable []byte
-	decTable []byte
-)
-
 type Conn struct {
 	net.Conn
+	*EncryptTable
 }
 
-func InitTable(passwd string) {
-	encTable, decTable = GetTable(passwd)
+func NewConn(cn net.Conn, encTbl *EncryptTable) *Conn {
+	return &Conn{cn, encTbl}
 }
 
-func addrBufFromString(addr string) (buf []byte, err error) {
+func rawAddr(addr string) (buf []byte, err error) {
 	arr := strings.Split(addr, ":")
 	if len(arr) != 2 {
 		return nil, errors.New(
@@ -37,51 +33,50 @@ func addrBufFromString(addr string) (buf []byte, err error) {
 	hostLen := len(host)
 	l := 1 + 1 + hostLen + 2 // addrType + lenByte + address + port
 	buf = make([]byte, l, l)
-	buf[0] = 3
-	buf[1] = byte(hostLen)
+	buf[0] = 3             // 3 means the address is domain name
+	buf[1] = byte(hostLen) // host address length  followed by host address
 	copy(buf[2:], host)
-	buf[2+hostLen] = byte(port >> 8 & 0xFF)
+	buf[2+hostLen] = byte(port >> 8 & 0xFF) // the next 2 bytes are port
 	buf[2+hostLen+1] = byte(port) & 0xFF
 	return
 }
 
-// Export this for use by local.go and server.go
-func DialWithAddrBuf(addrBuf []byte, server string) (c Conn, err error) {
-	if encTable == nil {
-		panic("shadowsocks internal error, must call InitTable first.")
-	}
+// This is intended for use by users implementing a local socks proxy.
+// rawaddr shoud contain part of the data in socks request, starting from the
+// ATYP field. (Refer to rfc1928 for more information.)
+func DialWithRawAddr(rawaddr []byte, server string, encTbl *EncryptTable) (c *Conn, err error) {
 	conn, err := net.Dial("tcp", server)
 	if err != nil {
 		return
 	}
-	c = Conn{conn}
-	if _, err = c.Write(addrBuf); err != nil {
+	c = NewConn(conn, encTbl)
+	if _, err = c.Write(rawaddr); err != nil {
 		c.Close()
-		return
+		return nil, err
 	}
 	return
 }
 
 // addr should be in the form of host:port
-func Dial(addr string, server string) (c Conn, err error) {
-	addrBuf, err := addrBufFromString(addr)
+func Dial(addr, server string, encTbl *EncryptTable) (c *Conn, err error) {
+	ra, err := rawAddr(addr)
 	if err != nil {
 		return
 	}
-	return DialWithAddrBuf(addrBuf, server)
+	return DialWithRawAddr(ra, server, encTbl)
 }
 
 func (c Conn) Read(b []byte) (n int, err error) {
 	buf := make([]byte, len(b), len(b))
 	n, err = c.Conn.Read(buf)
 	if n > 0 {
-		Encrypt2(decTable, buf[0:n], b[0:n])
+		Encrypt2(c.DecTbl, buf[0:n], b[0:n])
 	}
 	return
 }
 
 func (c Conn) Write(b []byte) (n int, err error) {
-	buf := Encrypt(encTable, b)
+	buf := Encrypt(c.EncTbl, b)
 	n, err = c.Conn.Write(buf)
 	return
 }
diff --git a/shadowsocks/encrypt.go b/shadowsocks/encrypt.go
@@ -7,10 +7,19 @@ import (
 	"io"
 )
 
-func GetTable(key string) (encryptTable []byte, decryptTable []byte) {
-	encryptTable = make([]byte, 256)
-	decryptTable = make([]byte, 256)
-	table := make([]uint64, 256)
+// TODO unexport fields after change shadowsocks-test to use Go testing package
+type EncryptTable struct {
+	EncTbl []byte
+	DecTbl []byte
+}
+
+func GetTable(key string) (tbl *EncryptTable) {
+	const tbl_size = 256
+	tbl = &EncryptTable{
+		make([]byte, tbl_size, tbl_size),
+		make([]byte, tbl_size, tbl_size),
+	}
+	table := make([]uint64, tbl_size, tbl_size)
 
 	h := md5.New()
 	io.WriteString(h, key)
@@ -21,21 +30,20 @@ func GetTable(key string) (encryptTable []byte, decryptTable []byte) {
 	buf := bytes.NewBuffer(s)
 	binary.Read(buf, binary.LittleEndian, &a)
 	var i uint64
-	for i = 0; i < 256; i++ {
+	for i = 0; i < tbl_size; i++ {
 		table[i] = i
 	}
 	for i = 1; i < 1024; i++ {
 		table = Sort(table, func(x, y uint64) int64 {
 			return int64(a%uint64(x+i) - a%uint64(y+i))
 		})
 	}
-	for i = 0; i < 256; i++ {
-		encryptTable[i] = byte(table[i])
+	for i = 0; i < tbl_size; i++ {
+		tbl.EncTbl[i] = byte(table[i])
 	}
-	for i = 0; i < 256; i++ {
-		decryptTable[encryptTable[i]] = byte(i)
+	for i = 0; i < tbl_size; i++ {
+		tbl.DecTbl[tbl.EncTbl[i]] = byte(i)
 	}
-
 	return
 }
 

diff --git a/shadowsocks/encrypt_test.go b/shadowsocks/encrypt_test.go
@@ -0,0 +1,32 @@
+package shadowsocks
+
+import (
+	"testing"
+)
+
+const tbl_size = 256
+
+func checkTable(t *testing.T, tbl *EncryptTable, encTarget, decTarget []byte, msg string) {
+	for i := 0; i < tbl_size; i++ {
+		if encTarget[i] != tbl.EncTbl[i] {
+			t.Fatalf("%s: encrypt table error at index %d\n", msg, i)
+		}
+		if decTarget[i] != tbl.DecTbl[i] {
+			t.Fatalf("%s: decrypt table error at index %d\n", msg, i)
+		}
+	}
+}
+
+func TestEncrypt1(t *testing.T) {
+	enc := []byte{60, 53, 84, 138, 217, 94, 88, 23, 39, 242, 219, 35, 12, 157, 165, 181, 255, 143, 83, 247, 162, 16, 31, 209, 190, 171, 115, 65, 38, 41, 21, 245, 236, 46, 121, 62, 166, 233, 44, 154, 153, 145, 230, 49, 128, 216, 173, 29, 241, 119, 64, 229, 194, 103, 131, 110, 26, 197, 218, 59, 204, 56, 27, 34, 141, 221, 149, 239, 192, 195, 24, 155, 170, 183, 11, 254, 213, 37, 137, 226, 75, 203, 55, 19, 72, 248, 22, 129, 33, 175, 178, 10, 198, 71, 77, 36, 113, 167, 48, 2, 117, 140, 142, 66, 199, 232, 243, 32, 123, 54, 51, 82, 57, 177, 87, 251, 150, 196, 133, 5, 253, 130, 8, 184, 14, 152, 231, 3, 186, 159, 76, 89, 228, 205, 156, 96, 163, 146, 18, 91, 132, 85, 80, 109, 172, 176, 105, 13, 50, 235, 127, 0, 189, 95, 98, 136, 250, 200, 108, 179, 211, 214, 106, 168, 78, 79, 74, 210, 30, 73, 201, 151, 208, 114, 101, 174, 92, 52, 120, 240, 15, 169, 220, 182, 81, 224, 43, 185, 40, 99, 180, 17, 212, 158, 42, 90, 9, 191, 45, 6, 25, 4, 222, 67, 126, 1, 116, 124, 206, 69, 61, 7, 68, 97, 202, 63, 244, 20, 28, 58, 93, 134, 104, 144, 227, 147, 102, 118, 135, 148, 47, 238, 86, 112, 122, 70, 107, 215, 100, 139, 223, 225, 164, 237, 111, 125, 207, 160, 187, 246, 234, 161, 188, 193, 249, 252}
+	dec := []byte{151, 205, 99, 127, 201, 119, 199, 211, 122, 196, 91, 74, 12, 147, 124, 180, 21, 191, 138, 83, 217, 30, 86, 7, 70, 200, 56, 62, 218, 47, 168, 22, 107, 88, 63, 11, 95, 77, 28, 8, 188, 29, 194, 186, 38, 198, 33, 230, 98, 43, 148, 110, 177, 1, 109, 82, 61, 112, 219, 59, 0, 210, 35, 215, 50, 27, 103, 203, 212, 209, 235, 93, 84, 169, 166, 80, 130, 94, 164, 165, 142, 184, 111, 18, 2, 141, 232, 114, 6, 131, 195, 139, 176, 220, 5, 153, 135, 213, 154, 189, 238, 174, 226, 53, 222, 146, 162, 236, 158, 143, 55, 244, 233, 96, 173, 26, 206, 100, 227, 49, 178, 34, 234, 108, 207, 245, 204, 150, 44, 87, 121, 54, 140, 118, 221, 228, 155, 78, 3, 239, 101, 64, 102, 17, 223, 41, 137, 225, 229, 66, 116, 171, 125, 40, 39, 71, 134, 13, 193, 129, 247, 251, 20, 136, 242, 14, 36, 97, 163, 181, 72, 25, 144, 46, 175, 89, 145, 113, 90, 159, 190, 15, 183, 73, 123, 187, 128, 248, 252, 152, 24, 197, 68, 253, 52, 69, 117, 57, 92, 104, 157, 170, 214, 81, 60, 133, 208, 246, 172, 23, 167, 160, 192, 76, 161, 237, 45, 4, 58, 10, 182, 65, 202, 240, 185, 241, 79, 224, 132, 51, 42, 126, 105, 37, 250, 149, 32, 243, 231, 67, 179, 48, 9, 106, 216, 31, 249, 19, 85, 254, 156, 115, 255, 120, 75, 16}
+	tbl := GetTable("foobar!")
+	checkTable(t, tbl, enc, dec, "Error for password foobar!")
+}
+
+func TestEncrypt2(t *testing.T) {
+	enc := []byte{124, 30, 170, 247, 27, 127, 224, 59, 13, 22, 196, 76, 72, 154, 32, 209, 4, 2, 131, 62, 101, 51, 230, 9, 166, 11, 99, 80, 208, 112, 36, 248, 81, 102, 130, 88, 218, 38, 168, 15, 241, 228, 167, 117, 158, 41, 10, 180, 194, 50, 204, 243, 246, 251, 29, 198, 219, 210, 195, 21, 54, 91, 203, 221, 70, 57, 183, 17, 147, 49, 133, 65, 77, 55, 202, 122, 162, 169, 188, 200, 190, 125, 63, 244, 96, 31, 107, 106, 74, 143, 116, 148, 78, 46, 1, 137, 150, 110, 181, 56, 95, 139, 58, 3, 231, 66, 165, 142, 242, 43, 192, 157, 89, 175, 109, 220, 128, 0, 178, 42, 255, 20, 214, 185, 83, 160, 253, 7, 23, 92, 111, 153, 26, 226, 33, 176, 144, 18, 216, 212, 28, 151, 71, 206, 222, 182, 8, 174, 205, 201, 152, 240, 155, 108, 223, 104, 239, 98, 164, 211, 184, 34, 193, 14, 114, 187, 40, 254, 12, 67, 93, 217, 6, 94, 16, 19, 82, 86, 245, 24, 197, 134, 132, 138, 229, 121, 5, 235, 238, 85, 47, 103, 113, 179, 69, 250, 45, 135, 156, 25, 61, 75, 44, 146, 189, 84, 207, 172, 119, 53, 123, 186, 120, 171, 68, 227, 145, 136, 100, 90, 48, 79, 159, 149, 39, 213, 236, 126, 52, 60, 225, 199, 105, 73, 233, 252, 118, 215, 35, 115, 64, 37, 97, 129, 161, 177, 87, 237, 141, 173, 191, 163, 140, 234, 232, 249}
+	dec := []byte{117, 94, 17, 103, 16, 186, 172, 127, 146, 23, 46, 25, 168, 8, 163, 39, 174, 67, 137, 175, 121, 59, 9, 128, 179, 199, 132, 4, 140, 54, 1, 85, 14, 134, 161, 238, 30, 241, 37, 224, 166, 45, 119, 109, 202, 196, 93, 190, 220, 69, 49, 21, 228, 209, 60, 73, 99, 65, 102, 7, 229, 200, 19, 82, 240, 71, 105, 169, 214, 194, 64, 142, 12, 233, 88, 201, 11, 72, 92, 221, 27, 32, 176, 124, 205, 189, 177, 246, 35, 112, 219, 61, 129, 170, 173, 100, 84, 242, 157, 26, 218, 20, 33, 191, 155, 232, 87, 86, 153, 114, 97, 130, 29, 192, 164, 239, 90, 43, 236, 208, 212, 185, 75, 210, 0, 81, 227, 5, 116, 243, 34, 18, 182, 70, 181, 197, 217, 95, 183, 101, 252, 248, 107, 89, 136, 216, 203, 68, 91, 223, 96, 141, 150, 131, 13, 152, 198, 111, 44, 222, 125, 244, 76, 251, 158, 106, 24, 42, 38, 77, 2, 213, 207, 249, 147, 113, 135, 245, 118, 193, 47, 98, 145, 66, 160, 123, 211, 165, 78, 204, 80, 250, 110, 162, 48, 58, 10, 180, 55, 231, 79, 149, 74, 62, 50, 148, 143, 206, 28, 15, 57, 159, 139, 225, 122, 237, 138, 171, 36, 56, 115, 63, 144, 154, 6, 230, 133, 215, 41, 184, 22, 104, 254, 234, 253, 187, 226, 247, 188, 156, 151, 40, 108, 51, 83, 178, 52, 3, 31, 255, 195, 53, 235, 126, 167, 120}
+	tbl := GetTable("barfoo!")
+	checkTable(t, tbl, enc, dec, "Error for password barfoo!")
+}