merge manyuser branch

Author: breakwa11

shadowsocks/common.py

@@ -160,7 +160,7 @@ def pre_parse_header(data):
                          'encryption method')
             return None
         data = data[rand_data_size + 3:]
-    elif datatype == 0x88:
+    elif datatype == 0x88 or (~datatype & 0xff) == 0x88:
         if len(data) <= 7 + 7:
             return None
         data_size = struct.unpack('>H', data[1:3])[0]

shadowsocks/obfs.py

@@ -27,19 +27,28 @@
 
 
 method_supported = {}
-method_supported.update(plain.obfs)
-method_supported.update(http_simple.obfs)
-method_supported.update(verify_simple.obfs)
+method_supported.update(plain.obfs_map)
+method_supported.update(http_simple.obfs_map)
+method_supported.update(verify_simple.obfs_map)
 
-class Obfs(object):
+class server_info(object):
+    def __init__(self, data):
+        self.data = data
+
+class obfs(object):
     def __init__(self, method):
         self.method = method
         self._method_info = self.get_method_info(method)
         if self._method_info:
             self.obfs = self.get_obfs(method)
         else:
-            logging.error('method %s not supported' % method)
-            sys.exit(1)
+            raise Exception('method %s not supported' % method)
+
+    def init_data(self):
+        return self.obfs.init_data()
+
+    def set_server_info(self, server_info):
+        return self.obfs.set_server_info(server_info)
 
     def get_method_info(self, method):
         method = method.lower()

shadowsocks/obfsplugin/http_simple.py

@@ -25,8 +25,8 @@
 import base64
 import datetime
 
-from shadowsocks.obfsplugin import plain
 from shadowsocks import common
+from shadowsocks.obfsplugin import plain
 from shadowsocks.common import to_bytes, to_str, ord
 
 def create_http_obfs(method):
@@ -41,7 +41,7 @@ def create_tls_obfs(method):
 def create_random_head_obfs(method):
     return random_head(method)
 
-obfs = {
+obfs_map = {
         'http_simple': (create_http_obfs,),
         'http_simple_compatible': (create_http_obfs,),
         'http2_simple': (create_http2_obfs,),

shadowsocks/obfsplugin/plain.py

@@ -25,13 +25,20 @@
 def create_obfs(method):
     return plain(method)
 
-obfs = {
+obfs_map = {
         'plain': (create_obfs,),
 }
 
 class plain(object):
     def __init__(self, method):
         self.method = method
+        self.server_info = None
+
+    def init_data(self):
+        return b''
+
+    def set_server_info(self, server_info):
+        self.server_info = server_info
 
     def client_pre_encrypt(self, buf):
         return buf

shadowsocks/obfsplugin/verify_simple.py

@@ -25,16 +25,22 @@
 import base64
 import datetime
 import struct
+import zlib
 
-from shadowsocks.obfsplugin import plain
+import shadowsocks
 from shadowsocks import common
+from shadowsocks.obfsplugin import plain
 from shadowsocks.common import to_bytes, to_str, ord
 
 def create_verify_obfs(method):
     return verify_simple(method)
 
-obfs = {
+def create_verify_deflate(method):
+    return verify_deflate(method)
+
+obfs_map = {
         'verify_simple': (create_verify_obfs,),
+        'verify_deflate': (create_verify_deflate,),
 }
 
 def match_begin(str1, str2):
@@ -43,9 +49,64 @@ def match_begin(str1, str2):
             return True
     return False
 
-class verify_simple(plain.plain):
+class sub_encode_obfs(object):
+    def __init__(self):
+        self.sub_obfs = None
+
+class verify_base(plain.plain):
     def __init__(self, method):
+        super(verify_base, self).__init__(method)
         self.method = method
+        self.sub_obfs = None
+
+    def init_data(self):
+        return sub_encode_obfs()
+
+    def set_server_info(self, server_info):
+        try:
+            if server_info.param:
+                sub_param = ''
+                param_list = server_info.param.split(',', 1)
+                if len(param_list) > 1:
+                    self.sub_obfs = shadowsocks.obfs.obfs(param_list[0])
+                    sub_param = param_list[1]
+                else:
+                    self.sub_obfs = shadowsocks.obfs.obfs(server_info.param)
+                if server_info.data.sub_obfs is None:
+                    server_info.data.sub_obfs = self.sub_obfs.init_data()
+                _server_info = shadowsocks.obfs.server_info(server_info.data.sub_obfs)
+                _server_info.host = server_info.host
+                _server_info.port = server_info.port
+                _server_info.tcp_mss = server_info.tcp_mss
+                _server_info.param = sub_param
+                self.sub_obfs.set_server_info(_server_info)
+        except Exception as e:
+            shadowsocks.shell.print_exception(e)
+        self.server_info = server_info
+
+    def client_encode(self, buf):
+        if self.sub_obfs is not None:
+            return self.sub_obfs.client_encode(buf)
+        return buf
+
+    def client_decode(self, buf):
+        if self.sub_obfs is not None:
+            return self.sub_obfs.client_decode(buf)
+        return (buf, False)
+
+    def server_encode(self, buf):
+        if self.sub_obfs is not None:
+            return self.sub_obfs.server_encode(buf)
+        return buf
+
+    def server_decode(self, buf):
+        if self.sub_obfs is not None:
+            return self.sub_obfs.server_decode(buf)
+        return (buf, True, False)
+
+class verify_simple(verify_base):
+    def __init__(self, method):
+        super(verify_simple, self).__init__(method)
         self.recv_buf = b''
         self.unit_len = 8100
         self.decrypt_packet_num = 0
@@ -69,13 +130,6 @@ def client_pre_encrypt(self, buf):
         ret += self.pack_data(buf)
         return ret
 
-    def client_encode(self, buf):
-        return buf
-
-    def client_decode(self, buf):
-        # (buffer_to_recv, is_need_to_encode_and_send_back)
-        return (buf, False)
-
     def client_post_decrypt(self, buf):
         if self.raw_trans:
             return buf
@@ -117,13 +171,6 @@ def server_pre_encrypt(self, buf):
         ret += self.pack_data(buf)
         return ret
 
-    def server_encode(self, buf):
-        return buf
-
-    def server_decode(self, buf):
-        # (buffer_to_recv, is_need_decrypt, is_need_to_encode_and_send_back)
-        return (buf, True, False)
-
     def server_post_decrypt(self, buf):
         if self.raw_trans:
             return buf
@@ -157,3 +204,82 @@ def server_post_decrypt(self, buf):
             self.decrypt_packet_num += 1
         return out_buf
 
+class verify_deflate(verify_base):
+    def __init__(self, method):
+        super(verify_deflate, self).__init__(method)
+        self.recv_buf = b''
+        self.unit_len = 32700
+        self.decrypt_packet_num = 0
+        self.raw_trans = False
+
+    def pack_data(self, buf):
+        if len(buf) == 0:
+            return b''
+        data = zlib.compress(buf)
+        data = struct.pack('>H', len(data)) + data[2:]
+        return data
+
+    def client_pre_encrypt(self, buf):
+        ret = b''
+        while len(buf) > self.unit_len:
+            ret += self.pack_data(buf[:self.unit_len])
+            buf = buf[self.unit_len:]
+        ret += self.pack_data(buf)
+        return ret
+
+    def client_post_decrypt(self, buf):
+        if self.raw_trans:
+            return buf
+        self.recv_buf += buf
+        out_buf = b''
+        while len(self.recv_buf) > 2:
+            length = struct.unpack('>H', self.recv_buf[:2])[0]
+            if length >= 32768:
+                self.raw_trans = True
+                self.recv_buf = b''
+                if self.decrypt_packet_num == 0:
+                    return None
+                else:
+                    raise Exception('server_post_decrype data error')
+            if length > len(self.recv_buf):
+                break
+
+            out_buf += zlib.decompress(b'x\x9c' + self.recv_buf[2:length])
+            self.recv_buf = self.recv_buf[length:]
+
+        if out_buf:
+            self.decrypt_packet_num += 1
+        return out_buf
+
+    def server_pre_encrypt(self, buf):
+        ret = b''
+        while len(buf) > self.unit_len:
+            ret += self.pack_data(buf[:self.unit_len])
+            buf = buf[self.unit_len:]
+        ret += self.pack_data(buf)
+        return ret
+
+    def server_post_decrypt(self, buf):
+        if self.raw_trans:
+            return buf
+        self.recv_buf += buf
+        out_buf = b''
+        while len(self.recv_buf) > 2:
+            length = struct.unpack('>H', self.recv_buf[:2])[0]
+            if length >= 32768:
+                self.raw_trans = True
+                self.recv_buf = b''
+                if self.decrypt_packet_num == 0:
+                    return None
+                else:
+                    raise Exception('server_post_decrype data error')
+            if length > len(self.recv_buf):
+                break
+
+            out_buf += zlib.decompress(b'\x78\x9c' + self.recv_buf[2:length])
+            self.recv_buf = self.recv_buf[length:]
+
+        if out_buf:
+            self.decrypt_packet_num += 1
+        return out_buf
+

shadowsocks/shell.py

@@ -130,11 +130,11 @@ def get_config(is_local):
     logging.basicConfig(level=logging.INFO,
                         format='%(levelname)-s: %(message)s')
     if is_local:
-        shortopts = 'hd:s:b:p:k:l:m:c:t:vq'
+        shortopts = 'hd:s:b:p:k:l:m:o:c:t:vq'
         longopts = ['help', 'fast-open', 'pid-file=', 'log-file=', 'user=',
                     'version']
     else:
-        shortopts = 'hd:s:p:k:m:c:t:vq'
+        shortopts = 'hd:s:p:k:m:o:c:t:vq'
         longopts = ['help', 'fast-open', 'pid-file=', 'log-file=', 'workers=',
                     'forbidden-ip=', 'user=', 'manager-address=', 'version']
     try:
@@ -168,6 +168,8 @@ def get_config(is_local):
                 config['server'] = to_str(value)
             elif key == '-m':
                 config['method'] = to_str(value)
+            elif key == '-o':
+                config['obfs'] = to_str(value)
             elif key == '-b':
                 config['local_address'] = to_str(value)
             elif key == '-v':
@@ -217,6 +219,7 @@ def get_config(is_local):
     config['password'] = to_bytes(config.get('password', b''))
     config['method'] = to_str(config.get('method', 'aes-256-cfb'))
     config['obfs'] = to_str(config.get('obfs', 'plain'))
+    config['obfs_param'] = to_str(config.get('obfs_param', ''))
     config['port_password'] = config.get('port_password', None)
     config['timeout'] = int(config.get('timeout', 300))
     config['fast_open'] = config.get('fast_open', False)
@@ -286,6 +289,7 @@ def print_local_help():
   -l LOCAL_PORT          local port, default: 1080
   -k PASSWORD            password
   -m METHOD              encryption method, default: aes-256-cfb
+  -o OBFS                obfsplugin, default: http_simple
   -t TIMEOUT             timeout in seconds, default: 300
   --fast-open            use TCP_FASTOPEN, requires Linux 3.7+
 
@@ -315,6 +319,7 @@ def print_server_help():
   -p SERVER_PORT         server port, default: 8388
   -k PASSWORD            password
   -m METHOD              encryption method, default: aes-256-cfb
+  -o OBFS                obfsplugin, default: http_simple
   -t TIMEOUT             timeout in seconds, default: 300
   --fast-open            use TCP_FASTOPEN, requires Linux 3.7+
   --workers WORKERS      number of workers, available on Unix/Linux