Fix shadowsocks multi service

This commit is contained in:
世界 2022-05-09 17:06:39 +08:00
parent 9e77776a60
commit 3f988e077d
No known key found for this signature in database
GPG key ID: CD109927C34A63C4
5 changed files with 86 additions and 15 deletions

View file

@ -21,12 +21,6 @@ type Handler interface {
E.Handler
}
type MultiUserService[U comparable] interface {
Service
AddUser(user U, key []byte)
RemoveUser(user U)
}
type UserContext[U comparable] struct {
context.Context
User U

View file

@ -74,7 +74,7 @@ func New(method string, pskList [][KeySaltSize]byte, secureRNG io.Reader) (shado
}
if len(pskList) > 1 {
pskHash := make([]byte, len(pskList)-1*aes.BlockSize)
pskHash := make([]byte, (len(pskList)-1)*aes.BlockSize)
for i, psk := range pskList {
if i == 0 {
continue

View file

@ -119,7 +119,8 @@ func (s *Service) newConnection(ctx context.Context, conn net.Conn, metadata M.M
return E.Cause(err, "read timestamp")
}
if math.Abs(float64(time.Now().Unix()-int64(epoch))) > 30 {
diff := int(math.Abs(float64(time.Now().Unix() - int64(epoch))))
if diff > 30 {
return ErrBadTimestamp
}

View file

@ -30,9 +30,9 @@ type MultiService[U comparable] struct {
uPSKHashR map[[aes.BlockSize]byte]U
}
func (s *MultiService[U]) AddUser(user U, key []byte) {
func (s *MultiService[U]) AddUser(user U, key [KeySaltSize]byte) {
var uPSKHash [aes.BlockSize]byte
hash512 := blake3.Sum512(key)
hash512 := blake3.Sum512(key[:])
copy(uPSKHash[:], hash512[:])
if oldHash, loaded := s.uPSKHash[user]; loaded {
@ -42,9 +42,7 @@ func (s *MultiService[U]) AddUser(user U, key []byte) {
s.uPSKHash[user] = uPSKHash
s.uPSKHashR[uPSKHash] = user
var uPSK [KeySaltSize]byte
copy(uPSK[:], key)
s.uPSK[user] = uPSK
s.uPSK[user] = key
}
func (s *MultiService[U]) RemoveUser(user U) {
@ -55,7 +53,7 @@ func (s *MultiService[U]) RemoveUser(user U) {
delete(s.uPSKHash, user)
}
func NewMultiService[U comparable](method string, iPSK [KeySaltSize]byte, secureRNG io.Reader, udpTimeout int64, handler shadowsocks.Handler) (shadowsocks.MultiUserService[U], error) {
func NewMultiService[U comparable](method string, iPSK [KeySaltSize]byte, secureRNG io.Reader, udpTimeout int64, handler shadowsocks.Handler) (*MultiService[U], error) {
switch method {
case "2022-blake3-aes-128-gcm":
case "2022-blake3-aes-256-gcm":
@ -70,6 +68,10 @@ func NewMultiService[U comparable](method string, iPSK [KeySaltSize]byte, secure
s := &MultiService[U]{
Service: ss.(*Service),
uPSK: make(map[U][KeySaltSize]byte),
uPSKHash: make(map[U][aes.BlockSize]byte),
uPSKHashR: make(map[[aes.BlockSize]byte]U),
}
return s, nil
}
@ -266,7 +268,8 @@ process:
if err != nil {
goto returnErr
}
if math.Abs(float64(uint64(time.Now().Unix())-epoch)) > 30 {
diff := int(math.Abs(float64(time.Now().Unix() - int64(epoch))))
if diff > 30 {
err = ErrBadTimestamp
goto returnErr
}

View file

@ -0,0 +1,73 @@
package shadowaead_2022_test
import (
"context"
"net"
"sync"
"testing"
"github.com/sagernet/sing/common"
M "github.com/sagernet/sing/common/metadata"
N "github.com/sagernet/sing/common/network"
"github.com/sagernet/sing/common/random"
"github.com/sagernet/sing/protocol/shadowsocks/shadowaead_2022"
)
func TestMultiService(t *testing.T) {
method := "2022-blake3-aes-128-gcm"
var iPSK [shadowaead_2022.KeySaltSize]byte
random.Default.Read(iPSK[:])
var wg sync.WaitGroup
multiService, err := shadowaead_2022.NewMultiService[string](method, iPSK, random.Default, 500, &multiHandler{t, &wg})
if err != nil {
t.Fatal(err)
}
var uPSK [shadowaead_2022.KeySaltSize]byte
random.Default.Read(uPSK[:])
multiService.AddUser("my user", uPSK)
client, err := shadowaead_2022.New(method, [][shadowaead_2022.KeySaltSize]byte{iPSK, uPSK}, random.Default)
if err != nil {
t.Fatal(err)
}
wg.Add(1)
serverConn, clientConn := net.Pipe()
defer common.Close(serverConn, clientConn)
go func() {
err := multiService.NewConnection(context.Background(), serverConn, M.Metadata{})
if err != nil {
t.Error(err)
return
}
}()
_, err = client.DialConn(clientConn, M.ParseSocksaddr("test.com:443"))
if err != nil {
t.Fatal(err)
}
wg.Wait()
}
type multiHandler struct {
t *testing.T
wg *sync.WaitGroup
}
func (h *multiHandler) NewConnection(ctx context.Context, conn net.Conn, metadata M.Metadata) error {
if metadata.Destination.String() != "test.com:443" {
h.t.Error("bad destination")
}
h.wg.Done()
return nil
}
func (h *multiHandler) NewPacketConnection(ctx context.Context, conn N.PacketConn, metadata M.Metadata) error {
return nil
}
func (h *multiHandler) HandleError(err error) {
h.t.Error(err)
}