diff --git a/go.mod b/go.mod index 1bd18df..c6794f6 100644 --- a/go.mod +++ b/go.mod @@ -7,7 +7,6 @@ require ( git.torproject.org/pluggable-transports/obfs4.git v0.0.0-20181103133120-08f4d470188e github.com/LiamHaworth/go-tproxy v0.0.0-20190726054950-ef7efd7f24ed github.com/Yawning/chacha20 v0.0.0-20170904085104-e3b1f968fc63 // indirect - github.com/aead/chacha20 v0.0.0-20180709150244-8b13a72661da // indirect github.com/bifurcation/mint v0.0.0-20181105071958-a14404e9a861 // indirect github.com/cheekybits/genny v1.0.0 // indirect github.com/coreos/go-iptables v0.4.5 // indirect @@ -34,7 +33,7 @@ require ( github.com/onsi/gomega v1.4.3 // indirect github.com/pkg/errors v0.8.1 // indirect github.com/ryanuber/go-glob v0.0.0-20170128012129-256dc444b735 - github.com/shadowsocks/go-shadowsocks2 v0.0.11 + github.com/shadowsocks/go-shadowsocks2 v0.0.12-0.20191211020244-a57bc393e43a github.com/shadowsocks/shadowsocks-go v0.0.0-20170121203516-97a5c71f80ba github.com/songgao/water v0.0.0-20190725173103-fd331bda3f4b github.com/templexxx/cpufeat v0.0.0-20180724012125-cef66df7f161 // indirect diff --git a/go.sum b/go.sum index 98cc74b..59f803a 100644 --- a/go.sum +++ b/go.sum @@ -58,8 +58,6 @@ github.com/lucas-clemente/quic-go v0.10.0 h1:xEF+pSHYAOcu+U10Meunf+DTtc8vhQDRqlA github.com/lucas-clemente/quic-go v0.10.0/go.mod h1:wuD+2XqEx8G9jtwx5ou2BEYBsE+whgQmlj0Vz/77PrY= github.com/lucas-clemente/quic-go-certificates v0.0.0-20160823095156-d2f86524cced h1:zqEC1GJZFbGZA0tRyNZqRjep92K5fujFtFsu5ZW7Aug= github.com/lucas-clemente/quic-go-certificates v0.0.0-20160823095156-d2f86524cced/go.mod h1:NCcRLrOTZbzhZvixZLlERbJtDtYsmMw8Jc4vS8Z0g58= -github.com/miekg/dns v1.1.3 h1:1g0r1IvskvgL8rR+AcHzUA+oFmGcQlaIm4IqakufeMM= -github.com/miekg/dns v1.1.3/go.mod h1:W1PPwlIAgtquWBMBEV9nkV9Cazfe8ScdGz/Lj7v3Nrg= github.com/miekg/dns v1.1.27 h1:aEH/kqUzUxGJ/UHcEKdJY+ugH6WEzsEBBSPa8zuy1aM= github.com/miekg/dns v1.1.27/go.mod h1:KNUDUusw/aVsxyTYZM1oqvCicbwhgbNgztCETuNZ7xM= github.com/milosgajdos83/tenus v0.0.0-20190415114537-1f3ed00ae7d8 h1:4WFQEfEJ7zaHYViIVM2Cd6tnQOOhiEHbmQtlcV7aOpc= @@ -73,8 +71,8 @@ github.com/pkg/errors v0.8.1 h1:iURUrRGxPUNPdy5/HRSm+Yj6okJ6UtLINN0Q9M4+h3I= github.com/pkg/errors v0.8.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= github.com/ryanuber/go-glob v0.0.0-20170128012129-256dc444b735 h1:7YvPJVmEeFHR1Tj9sZEYsmarJEQfMVYpd/Vyy/A8dqE= github.com/ryanuber/go-glob v0.0.0-20170128012129-256dc444b735/go.mod h1:807d1WSdnB0XRJzKNil9Om6lcp/3a0v4qIHxIXzX/Yc= -github.com/shadowsocks/go-shadowsocks2 v0.0.11 h1:dXloqEhYnZV40jblWTK8kWeC0Eb+dgql4S0tj99e8j0= -github.com/shadowsocks/go-shadowsocks2 v0.0.11/go.mod h1:R+KWaoIwRRhnpw6XV+dZil0XHi64Hc1D7hXUyXTjUzQ= +github.com/shadowsocks/go-shadowsocks2 v0.0.12-0.20191211020244-a57bc393e43a h1:cxYYZwo6iuuJ/5f8x1mHnya7xvSF3cDrOh8Pqh7RZ/w= +github.com/shadowsocks/go-shadowsocks2 v0.0.12-0.20191211020244-a57bc393e43a/go.mod h1:/0aFGbhK8mtOX4J/6kTJsPLZlEs9KnzKoWCOCvjd7vk= github.com/shadowsocks/shadowsocks-go v0.0.0-20170121203516-97a5c71f80ba h1:tJgNXb3S+RkB4kNPi6N5OmEWe3m+Y3Qs6LUMiNDAONM= github.com/shadowsocks/shadowsocks-go v0.0.0-20170121203516-97a5c71f80ba/go.mod h1:mttDPaeLm87u74HMrP+n2tugXvIKWcwff/cqSX0lehY= github.com/songgao/water v0.0.0-20190725173103-fd331bda3f4b h1:+y4hCMc/WKsDbAPsOQZgBSaSZ26uh2afyaWeVg/3s/c= @@ -88,30 +86,24 @@ github.com/tjfoc/gmsm v1.0.1/go.mod h1:XxO4hdhhrzAd+G4CjDqaOkd0hUzmtPR/d3EiBBMn/ github.com/xtaci/tcpraw v1.2.25 h1:VDlqo0op17JeXBM6e2G9ocCNLOJcw9mZbobMbJjo0vk= github.com/xtaci/tcpraw v1.2.25/go.mod h1:dKyZ2V75s0cZ7cbgJYdxPvms7af0joIeOyx1GgJQbLk= golang.org/x/crypto v0.0.0-20181015023909-0c41d7ab0a0e/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4= -golang.org/x/crypto v0.0.0-20190130090550-b01c7a725664 h1:YbZJ76lQ1BqNhVe7dKTSB67wDrc2VPRR75IyGyyPDX8= -golang.org/x/crypto v0.0.0-20190130090550-b01c7a725664/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4= golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2 h1:VklqNMn3ovrHsnt90PveolxSbWFaJdECFbxSq0Mqo2M= golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= +golang.org/x/crypto v0.0.0-20190426145343-a29dc8fdc734/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550 h1:ObdrDkeb4kJdCP557AjRjq69pTHfNouLtWZG7j9rPN8= golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= golang.org/x/mod v0.1.1-0.20191105210325-c90efee705ee/go.mod h1:QqPTAvyqsEbceGzBzNggFXnrqF1CaUcvgkdR5Ot7KZg= golang.org/x/net v0.0.0-20180906233101-161cd47e91fd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20181011144130-49bb7cea24b1/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= -golang.org/x/net v0.0.0-20190125091013-d26f9f9a57f3 h1:ulvT7fqt0yHWzpJwI57MezWnYDVpCAYBVuYst/L+fAY= -golang.org/x/net v0.0.0-20190125091013-d26f9f9a57f3/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3 h1:0GoQqolDA55aaLxZyTzK/Y2ePZzZTUrRacwib7cNsYQ= golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20190923162816-aa69164e4478 h1:l5EDrHhldLYb3ZRHDUhXF7Om7MvYXnkV9/iQNo1lX6g= golang.org/x/net v0.0.0-20190923162816-aa69164e4478/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4 h1:YUO/7uOKsKeq9UokNS62b8FYywz3ker1l1vDZRCRefw= -golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.0.0-20190423024810-112230192c58 h1:8gQV6CLnAEikrhgkHFbMAEhagSSnXWGV915qUMm9mrU= golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sys v0.0.0-20180909124046-d0be0721c37e/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= -golang.org/x/sys v0.0.0-20190228124157-a34e9553db1e h1:ZytStCyV048ZqDsWHiYDdoI2Vd4msMcrDECFxS+tL9c= -golang.org/x/sys v0.0.0-20190228124157-a34e9553db1e/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20190405154228-4b34438f7a67 h1:1Fzlr8kkDLQwqMP8GxrhptBLqZG/EDpiATneiZHY998= golang.org/x/sys v0.0.0-20190405154228-4b34438f7a67/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= diff --git a/resolver_test.go b/resolver_test.go index 9b34304..79732ea 100644 --- a/resolver_test.go +++ b/resolver_test.go @@ -45,13 +45,13 @@ func TestDNSResolver(t *testing.T) { tc := tc t.Run(fmt.Sprintf("#%d", i), func(t *testing.T) { ns := tc.ns - if err := ns.Init(); err != nil { - t.Error(err) - } t.Log(ns) r := NewResolver(0, ns) resolv := r.(*resolver) resolv.domain = "com" + if err := r.Init(); err != nil { + t.Error("got error:", err) + } err := dnsResolverRoundtrip(t, r, tc.host) if err != nil { if tc.pass { diff --git a/snapcraft.yaml b/snapcraft.yaml index 6edda2e..0f8a0ba 100644 --- a/snapcraft.yaml +++ b/snapcraft.yaml @@ -1,6 +1,6 @@ name: gost type: app -version: '2.9.2' +version: '2.10.0' title: GO Simple Tunnel summary: A simple security tunnel written in golang description: | @@ -16,7 +16,7 @@ parts: source: https://github.com/ginuerzh/gost.git source-subdir: cmd/gost source-type: git - source-branch: '2.9' + source-branch: '2' build-packages: - build-essential override-build: | diff --git a/ss.go b/ss.go index 08d1f55..c698d5c 100644 --- a/ss.go +++ b/ss.go @@ -403,7 +403,9 @@ func (h *shadowUDPHandler) Handle(conn net.Conn) { if h.cipher != nil { pc = h.cipher.PacketConn(pc) } + log.Logf("[ssu] %s <-> %s", conn.RemoteAddr(), conn.LocalAddr()) h.transportPacket(pc, cc) + log.Logf("[ssu] %s >-< %s", conn.RemoteAddr(), conn.LocalAddr()) return } diff --git a/ss_test.go b/ss_test.go index eebb0ee..21390ef 100644 --- a/ss_test.go +++ b/ss_test.go @@ -300,6 +300,125 @@ func BenchmarkSSProxyParallel(b *testing.B) { }) } +var ssuTests = []struct { + clientCipher *url.Userinfo + serverCipher *url.Userinfo + pass bool +}{ + {nil, nil, true}, + {&url.Userinfo{}, &url.Userinfo{}, true}, + {url.User("abc"), url.User("abc"), true}, + {url.UserPassword("abc", "def"), url.UserPassword("abc", "def"), true}, + + {url.User("aes-128-cfb"), url.User("aes-128-cfb"), true}, + {url.User("aes-128-cfb"), url.UserPassword("aes-128-cfb", "123456"), false}, + {url.UserPassword("aes-128-cfb", "123456"), url.User("aes-128-cfb"), false}, + {url.UserPassword("aes-128-cfb", "123456"), url.UserPassword("aes-128-cfb", "abc"), false}, + {url.UserPassword("aes-128-cfb", "123456"), url.UserPassword("aes-128-cfb", "123456"), true}, + + {url.User("aes-192-cfb"), url.User("aes-192-cfb"), true}, + {url.User("aes-192-cfb"), url.UserPassword("aes-192-cfb", "123456"), false}, + {url.UserPassword("aes-192-cfb", "123456"), url.User("aes-192-cfb"), false}, + {url.UserPassword("aes-192-cfb", "123456"), url.UserPassword("aes-192-cfb", "abc"), false}, + {url.UserPassword("aes-192-cfb", "123456"), url.UserPassword("aes-192-cfb", "123456"), true}, + + {url.User("aes-256-cfb"), url.User("aes-256-cfb"), true}, + {url.User("aes-256-cfb"), url.UserPassword("aes-256-cfb", "123456"), false}, + {url.UserPassword("aes-256-cfb", "123456"), url.User("aes-256-cfb"), false}, + {url.UserPassword("aes-256-cfb", "123456"), url.UserPassword("aes-256-cfb", "abc"), false}, + {url.UserPassword("aes-256-cfb", "123456"), url.UserPassword("aes-256-cfb", "123456"), true}, + + {url.User("aes-128-ctr"), url.User("aes-128-ctr"), true}, + {url.User("aes-128-ctr"), url.UserPassword("aes-128-ctr", "123456"), false}, + {url.UserPassword("aes-128-ctr", "123456"), url.User("aes-128-ctr"), false}, + {url.UserPassword("aes-128-ctr", "123456"), url.UserPassword("aes-128-ctr", "abc"), false}, + {url.UserPassword("aes-128-ctr", "123456"), url.UserPassword("aes-128-ctr", "123456"), true}, + + {url.User("aes-192-ctr"), url.User("aes-192-ctr"), true}, + {url.User("aes-192-ctr"), url.UserPassword("aes-192-ctr", "123456"), false}, + {url.UserPassword("aes-192-ctr", "123456"), url.User("aes-192-ctr"), false}, + {url.UserPassword("aes-192-ctr", "123456"), url.UserPassword("aes-192-ctr", "abc"), false}, + {url.UserPassword("aes-192-ctr", "123456"), url.UserPassword("aes-192-ctr", "123456"), true}, + + {url.User("aes-256-ctr"), url.User("aes-256-ctr"), true}, + {url.User("aes-256-ctr"), url.UserPassword("aes-256-ctr", "123456"), false}, + {url.UserPassword("aes-256-ctr", "123456"), url.User("aes-256-ctr"), false}, + {url.UserPassword("aes-256-ctr", "123456"), url.UserPassword("aes-256-ctr", "abc"), false}, + {url.UserPassword("aes-256-ctr", "123456"), url.UserPassword("aes-256-ctr", "123456"), true}, + + {url.User("des-cfb"), url.User("des-cfb"), true}, + {url.User("des-cfb"), url.UserPassword("des-cfb", "123456"), false}, + {url.UserPassword("des-cfb", "123456"), url.User("des-cfb"), false}, + {url.UserPassword("des-cfb", "123456"), url.UserPassword("des-cfb", "abc"), false}, + {url.UserPassword("des-cfb", "123456"), url.UserPassword("des-cfb", "123456"), true}, + + {url.User("bf-cfb"), url.User("bf-cfb"), true}, + {url.User("bf-cfb"), url.UserPassword("bf-cfb", "123456"), false}, + {url.UserPassword("bf-cfb", "123456"), url.User("bf-cfb"), false}, + {url.UserPassword("bf-cfb", "123456"), url.UserPassword("bf-cfb", "abc"), false}, + {url.UserPassword("bf-cfb", "123456"), url.UserPassword("bf-cfb", "123456"), true}, + + {url.User("cast5-cfb"), url.User("cast5-cfb"), true}, + {url.User("cast5-cfb"), url.UserPassword("cast5-cfb", "123456"), false}, + {url.UserPassword("cast5-cfb", "123456"), url.User("cast5-cfb"), false}, + {url.UserPassword("cast5-cfb", "123456"), url.UserPassword("cast5-cfb", "abc"), false}, + {url.UserPassword("cast5-cfb", "123456"), url.UserPassword("cast5-cfb", "123456"), true}, + + {url.User("rc4-md5"), url.User("rc4-md5"), true}, + {url.User("rc4-md5"), url.UserPassword("rc4-md5", "123456"), false}, + {url.UserPassword("rc4-md5", "123456"), url.User("rc4-md5"), false}, + {url.UserPassword("rc4-md5", "123456"), url.UserPassword("rc4-md5", "abc"), false}, + {url.UserPassword("rc4-md5", "123456"), url.UserPassword("rc4-md5", "123456"), true}, + + {url.User("chacha20"), url.User("chacha20"), true}, + {url.User("chacha20"), url.UserPassword("chacha20", "123456"), false}, + {url.UserPassword("chacha20", "123456"), url.User("chacha20"), false}, + {url.UserPassword("chacha20", "123456"), url.UserPassword("chacha20", "abc"), false}, + {url.UserPassword("chacha20", "123456"), url.UserPassword("chacha20", "123456"), true}, + + {url.User("chacha20-ietf"), url.User("chacha20-ietf"), true}, + {url.User("chacha20-ietf"), url.UserPassword("chacha20-ietf", "123456"), false}, + {url.UserPassword("chacha20-ietf", "123456"), url.User("chacha20-ietf"), false}, + {url.UserPassword("chacha20-ietf", "123456"), url.UserPassword("chacha20-ietf", "abc"), false}, + {url.UserPassword("chacha20-ietf", "123456"), url.UserPassword("chacha20-ietf", "123456"), true}, + + {url.User("salsa20"), url.User("salsa20"), true}, + {url.User("salsa20"), url.UserPassword("salsa20", "123456"), false}, + {url.UserPassword("salsa20", "123456"), url.User("salsa20"), false}, + {url.UserPassword("salsa20", "123456"), url.UserPassword("salsa20", "abc"), false}, + {url.UserPassword("salsa20", "123456"), url.UserPassword("salsa20", "123456"), true}, + + {url.User("xchacha20"), url.User("xchacha20"), true}, + {url.User("xchacha20"), url.UserPassword("xchacha20", "123456"), false}, + {url.UserPassword("xchacha20", "123456"), url.User("xchacha20"), false}, + {url.UserPassword("xchacha20", "123456"), url.UserPassword("xchacha20", "abc"), false}, + {url.UserPassword("xchacha20", "123456"), url.UserPassword("xchacha20", "123456"), true}, + + {url.User("CHACHA20-IETF-POLY1305"), url.User("CHACHA20-IETF-POLY1305"), true}, + {url.User("CHACHA20-IETF-POLY1305"), url.UserPassword("CHACHA20-IETF-POLY1305", "123456"), false}, + {url.UserPassword("CHACHA20-IETF-POLY1305", "123456"), url.User("CHACHA20-IETF-POLY1305"), false}, + {url.UserPassword("CHACHA20-IETF-POLY1305", "123456"), url.UserPassword("CHACHA20-IETF-POLY1305", "abc"), false}, + {url.UserPassword("CHACHA20-IETF-POLY1305", "123456"), url.UserPassword("CHACHA20-IETF-POLY1305", "123456"), true}, + + {url.User("AES-128-GCM"), url.User("AES-128-GCM"), true}, + {url.User("AES-128-GCM"), url.UserPassword("AES-128-GCM", "123456"), false}, + {url.UserPassword("AES-128-GCM", "123456"), url.User("AES-128-GCM"), false}, + {url.UserPassword("AES-128-GCM", "123456"), url.UserPassword("AES-128-GCM", "abc"), false}, + {url.UserPassword("AES-128-GCM", "123456"), url.UserPassword("AES-128-GCM", "123456"), true}, + + {url.User("AES-192-GCM"), url.User("AES-192-GCM"), true}, + {url.User("AES-192-GCM"), url.UserPassword("AES-192-GCM", "123456"), false}, + {url.UserPassword("AES-192-GCM", "123456"), url.User("AES-192-GCM"), false}, + {url.UserPassword("AES-192-GCM", "123456"), url.UserPassword("AES-192-GCM", "abc"), false}, + {url.UserPassword("AES-192-GCM", "123456"), url.UserPassword("AES-192-GCM", "123456"), true}, + + {url.User("AES-256-GCM"), url.User("AES-256-GCM"), true}, + {url.User("AES-256-GCM"), url.UserPassword("AES-256-GCM", "123456"), false}, + {url.UserPassword("AES-256-GCM", "123456"), url.User("AES-256-GCM"), false}, + {url.UserPassword("AES-256-GCM", "123456"), url.UserPassword("AES-256-GCM", "abc"), false}, + {url.UserPassword("AES-256-GCM", "123456"), url.UserPassword("AES-256-GCM", "123456"), true}, +} + func shadowUDPRoundtrip(t *testing.T, host string, data []byte, clientInfo *url.Userinfo, serverInfo *url.Userinfo) error { ln, err := UDPListener("localhost:0", nil) @@ -329,7 +448,7 @@ func TestShadowUDP(t *testing.T) { sendData := make([]byte, 128) rand.Read(sendData) - for i, tc := range ssTests { + for i, tc := range ssuTests { tc := tc t.Run(fmt.Sprintf("#%d", i), func(t *testing.T) { udpSrv := newUDPTestServer(udpTestHandler) @@ -354,7 +473,6 @@ func TestShadowUDP(t *testing.T) { } } -// TODO: fix shadowsocks UDP relay benchmark. func BenchmarkShadowUDP(b *testing.B) { udpSrv := newUDPTestServer(udpTestHandler) udpSrv.Start()