zishuo/Archive
1
0
Fork 0
mirror of https://github.com/bolucat/Archive.git synced 2025-10-11 19:10:51 +08:00
Code Issues Packages Projects Releases Wiki Activity

Update On Thu Mar 13 19:35:42 CET 2025

Browse Source
This commit is contained in:
github-action[bot]
2025-03-13 19:35:42 +01:00
parent eca238082b
commit 20f9665606
149 changed files with 7237 additions and 6183 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
shadowsocks-rust/crates/shadowsocks/src/context.rs
View File

@@ -133,7 +133,11 @@ impl Context {
}
/// Resolves DNS address to `SocketAddr`s
pub async fn dns_resolve<'a>(&self, addr: &'a str, port: u16) -> io::Result<impl Iterator<Item = SocketAddr> + 'a> {
pub async fn dns_resolve<'a>(
&self,
addr: &'a str,
port: u16,
) -> io::Result<impl Iterator<Item = SocketAddr> + 'a + use<'a>> {
self.dns_resolver.resolve(addr, port).await
}

6
shadowsocks-rust/crates/shadowsocks/src/dns_resolver/mod.rs
View File

@@ -10,7 +10,7 @@ mod resolver;
/// Helper macro for resolving host and then process each addresses
#[macro_export]
macro_rules! lookup_then {
($context:expr, $addr:expr, $port:expr, |$resolved_addr:ident| $body:block) => {{
($context:expr_2021, $addr:expr_2021, $port:expr_2021, |$resolved_addr:ident| $body:block) => {{
use std::net::SocketAddr;
let ipv6_first = $context.ipv6_first();
@@ -49,7 +49,7 @@ macro_rules! lookup_then {
}
}};
(RESOLVE @ $addrs:expr, $resolved_addr:ident, $body:block) => {{
(RESOLVE @ $addrs:expr_2021, $resolved_addr:ident, $body:block) => {{
let mut result = None;
for $resolved_addr in $addrs {
@@ -70,7 +70,7 @@ macro_rules! lookup_then {
#[macro_export]
macro_rules! lookup_then_connect {
($context:expr, $addr:expr, $port:expr, |$resolved_addr:ident| $body:block) => {{
($context:expr_2021, $addr:expr_2021, $port:expr_2021, |$resolved_addr:ident| $body:block) => {{
use futures::future::{self, Either};
use log::trace;
use std::{net::SocketAddr, time::Duration};

2
shadowsocks-rust/crates/shadowsocks/src/dns_resolver/resolver.rs
View File

@@ -290,7 +290,7 @@ impl DnsResolver {
}
/// Resolve address into `SocketAddr`s
pub async fn resolve<'a>(&self, addr: &'a str, port: u16) -> io::Result<impl Iterator<Item = SocketAddr> + 'a> {
pub async fn resolve<'a>(&self, addr: &'a str, port: u16) -> io::Result<impl Iterator<Item = SocketAddr> + 'a + use<'a>> {
struct ResolverLogger<'x, 'y> {
resolver: &'x DnsResolver,
addr: &'y str,

2
shadowsocks-rust/crates/shadowsocks/src/net/sys/unix/bsd/macos.rs
View File

@@ -407,7 +407,7 @@ struct msghdr_x {
msg_datalen: libc::size_t, //< byte length of buffer in msg_iov
}
extern "C" {
unsafe extern "C" {
fn recvmsg_x(s: libc::c_int, msgp: *const msghdr_x, cnt: libc::c_uint, flags: libc::c_int) -> libc::ssize_t;
fn sendmsg_x(s: libc::c_int, msgp: *const msghdr_x, cnt: libc::c_uint, flags: libc::c_int) -> libc::ssize_t;
}

79
shadowsocks-rust/crates/shadowsocks/src/relay/tcprelay/aead_2022.rs
View File

@@ -298,50 +298,53 @@ impl DecryptedReader {
// Extensible Identity Header
// https://github.com/Shadowsocks-NET/shadowsocks-specs/blob/main/2022-2-shadowsocks-2022-extensible-identity-headers.md
let mut cipher = if require_eih {
if let Some(ref user_manager) = self.user_manager {
// Assume we have at least 1 EIH
if header_chunk.len() < 16 {
error!("expecting EIH, but header chunk len: {}", header_chunk.len());
return Err(ProtocolError::MissingExtendedIdentityHeader).into();
}
let (eih, remain_header_chunk) = header_chunk.split_at_mut(16);
header_chunk = remain_header_chunk;
let key_material = [key, salt].concat();
let identity_sub_key = blake3::derive_key(AEAD2022_EIH_SUBKEY_CONTEXT, &key_material);
let mut user_hash = Block::from([0u8; 16]);
match self.method {
CipherKind::AEAD2022_BLAKE3_AES_128_GCM => {
let cipher = Aes128::new_from_slice(&identity_sub_key[0..16]).expect("AES-128");
cipher.decrypt_block_b2b(Block::from_slice(eih), &mut user_hash);
match self.user_manager {
Some(ref user_manager) => {
// Assume we have at least 1 EIH
if header_chunk.len() < 16 {
error!("expecting EIH, but header chunk len: {}", header_chunk.len());
return Err(ProtocolError::MissingExtendedIdentityHeader).into();
}
CipherKind::AEAD2022_BLAKE3_AES_256_GCM => {
let cipher = Aes256::new_from_slice(&identity_sub_key[0..32]).expect("AES-256");
cipher.decrypt_block_b2b(Block::from_slice(eih), &mut user_hash);
}
_ => unreachable!("{} doesn't support EIH", self.method),
}
let user_hash = user_hash.as_slice();
trace!(
"server EIH {:?}, hash: {:?}",
ByteStr::new(eih),
ByteStr::new(user_hash)
);
let (eih, remain_header_chunk) = header_chunk.split_at_mut(16);
header_chunk = remain_header_chunk;
match user_manager.get_user_by_hash(user_hash) {
None => {
return Err(ProtocolError::InvalidClientUser(Bytes::copy_from_slice(user_hash))).into();
let key_material = [key, salt].concat();
let identity_sub_key = blake3::derive_key(AEAD2022_EIH_SUBKEY_CONTEXT, &key_material);
let mut user_hash = Block::from([0u8; 16]);
match self.method {
CipherKind::AEAD2022_BLAKE3_AES_128_GCM => {
let cipher = Aes128::new_from_slice(&identity_sub_key[0..16]).expect("AES-128");
cipher.decrypt_block_b2b(Block::from_slice(eih), &mut user_hash);
}
CipherKind::AEAD2022_BLAKE3_AES_256_GCM => {
let cipher = Aes256::new_from_slice(&identity_sub_key[0..32]).expect("AES-256");
cipher.decrypt_block_b2b(Block::from_slice(eih), &mut user_hash);
}
_ => unreachable!("{} doesn't support EIH", self.method),
}
Some(user) => {
trace!("{:?} chosen by EIH", user);
self.user_key = Some(Bytes::copy_from_slice(user.key()));
TcpCipher::new(self.method, user.key(), salt)
let user_hash = user_hash.as_slice();
trace!(
"server EIH {:?}, hash: {:?}",
ByteStr::new(eih),
ByteStr::new(user_hash)
);
match user_manager.get_user_by_hash(user_hash) {
None => {
return Err(ProtocolError::InvalidClientUser(Bytes::copy_from_slice(user_hash))).into();
}
Some(user) => {
trace!("{:?} chosen by EIH", user);
self.user_key = Some(Bytes::copy_from_slice(user.key()));
TcpCipher::new(self.method, user.key(), salt)
}
}
}
} else {
unreachable!("user_manager must not be None")
_ => {
unreachable!("user_manager must not be None")
}
}
} else {
TcpCipher::new(self.method, key, salt)

9
shadowsocks-rust/crates/shadowsocks/src/relay/tcprelay/crypto_io.rs
View File

@@ -499,10 +499,11 @@ impl<S> CryptoStream<S> {
/// Returning (DataChunkCount, RemainingBytes)
#[cfg(feature = "aead-cipher-2022")]
pub(crate) fn current_data_chunk_remaining(&self) -> (u64, usize) {
if let DecryptedReader::Aead2022(ref dec) = self.dec {
dec.current_data_chunk_remaining()
} else {
panic!("only AEAD-2022 protocol has data chunk counter");
match self.dec {
DecryptedReader::Aead2022(ref dec) => dec.current_data_chunk_remaining(),
_ => {
panic!("only AEAD-2022 protocol has data chunk counter");
}
}
}
}

4
shadowsocks-rust/crates/shadowsocks/src/relay/tcprelay/proxy_stream/client.rs
View File

@@ -303,7 +303,7 @@ where
loop {
match this.writer_state {
ProxyClientStreamWriteState::Connect(ref addr) => {
&mut ProxyClientStreamWriteState::Connect(ref addr) => {
let buffer = make_first_packet_buffer(this.stream.method(), addr, buf);
// Save the concatenated buffer before it is written successfully.
@@ -313,7 +313,7 @@ where
// before IO completion.
*(this.writer_state) = ProxyClientStreamWriteState::Connecting(buffer);
}
ProxyClientStreamWriteState::Connecting(ref buffer) => {
&mut ProxyClientStreamWriteState::Connecting(ref buffer) => {
let n = ready!(this.stream.poll_write_encrypted(cx, buffer))?;
// In general, poll_write_encrypted should perform like write_all.

2
shadowsocks-rust/crates/shadowsocks/src/relay/tcprelay/proxy_stream/server.rs
View File

@@ -162,7 +162,7 @@ where
// Wakeup writer task because we have already received the salt
#[cfg(feature = "aead-cipher-2022")]
if let ProxyServerStreamWriteState::PrepareHeader(ref mut waker) = this.writer_state {
if let ProxyServerStreamWriteState::PrepareHeader(waker) = this.writer_state {
if let Some(waker) = waker.take() {
waker.wake();
}