Xray-core/infra/conf/shadowsocks.go

251 lines
7.3 KiB
Go
Raw Normal View History

2020-11-25 13:01:53 +02:00
package conf
import (
"strings"
"github.com/sagernet/sing-shadowsocks/shadowaead_2022"
2022-05-23 15:45:30 +03:00
C "github.com/sagernet/sing/common"
"github.com/xtls/xray-core/common/errors"
2020-12-04 03:36:16 +02:00
"github.com/xtls/xray-core/common/protocol"
"github.com/xtls/xray-core/common/serial"
"github.com/xtls/xray-core/proxy/shadowsocks"
2022-05-23 15:45:30 +03:00
"github.com/xtls/xray-core/proxy/shadowsocks_2022"
"google.golang.org/protobuf/proto"
2020-11-25 13:01:53 +02:00
)
func cipherFromString(c string) shadowsocks.CipherType {
switch strings.ToLower(c) {
case "aes-128-gcm", "aead_aes_128_gcm":
return shadowsocks.CipherType_AES_128_GCM
case "aes-256-gcm", "aead_aes_256_gcm":
return shadowsocks.CipherType_AES_256_GCM
case "chacha20-poly1305", "aead_chacha20_poly1305", "chacha20-ietf-poly1305":
return shadowsocks.CipherType_CHACHA20_POLY1305
case "xchacha20-poly1305", "aead_xchacha20_poly1305", "xchacha20-ietf-poly1305":
return shadowsocks.CipherType_XCHACHA20_POLY1305
2020-11-25 13:01:53 +02:00
case "none", "plain":
return shadowsocks.CipherType_NONE
default:
return shadowsocks.CipherType_UNKNOWN
}
}
type ShadowsocksUserConfig struct {
2022-08-08 02:18:23 +03:00
Cipher string `json:"method"`
Password string `json:"password"`
Level byte `json:"level"`
Email string `json:"email"`
Address *Address `json:"address"`
Port uint16 `json:"port"`
}
2020-11-25 13:01:53 +02:00
type ShadowsocksServerConfig struct {
Cipher string `json:"method"`
Password string `json:"password"`
Level byte `json:"level"`
Email string `json:"email"`
Users []*ShadowsocksUserConfig `json:"clients"`
NetworkList *NetworkList `json:"network"`
IVCheck bool `json:"ivCheck"`
2020-11-25 13:01:53 +02:00
}
func (v *ShadowsocksServerConfig) Build() (proto.Message, error) {
2022-05-23 15:45:30 +03:00
if C.Contains(shadowaead_2022.List, v.Cipher) {
2022-08-08 02:18:23 +03:00
return buildShadowsocks2022(v)
2022-05-23 15:45:30 +03:00
}
2020-11-25 13:01:53 +02:00
config := new(shadowsocks.ServerConfig)
config.Network = v.NetworkList.Build()
if v.Users != nil {
for _, user := range v.Users {
account := &shadowsocks.Account{
Password: user.Password,
CipherType: cipherFromString(user.Cipher),
IvCheck: v.IVCheck,
}
if account.Password == "" {
return nil, errors.New("Shadowsocks password is not specified.")
}
2021-09-20 17:41:09 +03:00
if account.CipherType < shadowsocks.CipherType_AES_128_GCM ||
account.CipherType > shadowsocks.CipherType_XCHACHA20_POLY1305 {
return nil, errors.New("unsupported cipher method: ", user.Cipher)
}
config.Users = append(config.Users, &protocol.User{
Email: user.Email,
Level: uint32(user.Level),
Account: serial.ToTypedMessage(account),
})
}
} else {
account := &shadowsocks.Account{
Password: v.Password,
CipherType: cipherFromString(v.Cipher),
IvCheck: v.IVCheck,
}
if account.Password == "" {
return nil, errors.New("Shadowsocks password is not specified.")
}
if account.CipherType == shadowsocks.CipherType_UNKNOWN {
return nil, errors.New("unknown cipher method: ", v.Cipher)
}
config.Users = append(config.Users, &protocol.User{
Email: v.Email,
Level: uint32(v.Level),
Account: serial.ToTypedMessage(account),
})
2020-11-25 13:01:53 +02:00
}
return config, nil
}
2022-08-08 02:18:23 +03:00
func buildShadowsocks2022(v *ShadowsocksServerConfig) (proto.Message, error) {
if len(v.Users) == 0 {
config := new(shadowsocks_2022.ServerConfig)
config.Method = v.Cipher
config.Key = v.Password
config.Network = v.NetworkList.Build()
config.Email = v.Email
return config, nil
}
2022-12-26 02:37:35 +02:00
2022-08-08 02:18:23 +03:00
if v.Cipher == "" {
return nil, errors.New("shadowsocks 2022 (multi-user): missing server method")
2022-08-08 02:18:23 +03:00
}
if !strings.Contains(v.Cipher, "aes") {
return nil, errors.New("shadowsocks 2022 (multi-user): only blake3-aes-*-gcm methods are supported")
2022-08-08 02:18:23 +03:00
}
if v.Users[0].Address == nil {
config := new(shadowsocks_2022.MultiUserServerConfig)
config.Method = v.Cipher
config.Key = v.Password
config.Network = v.NetworkList.Build()
2022-12-26 02:37:35 +02:00
2022-08-08 02:18:23 +03:00
for _, user := range v.Users {
if user.Cipher != "" {
return nil, errors.New("shadowsocks 2022 (multi-user): users must have empty method")
2022-08-08 02:18:23 +03:00
}
account := &shadowsocks_2022.Account{
Key: user.Password,
}
config.Users = append(config.Users, &protocol.User{
Email: user.Email,
Level: uint32(user.Level),
Account: serial.ToTypedMessage(account),
2022-08-08 02:18:23 +03:00
})
}
return config, nil
}
config := new(shadowsocks_2022.RelayServerConfig)
config.Method = v.Cipher
config.Key = v.Password
config.Network = v.NetworkList.Build()
for _, user := range v.Users {
if user.Cipher != "" {
return nil, errors.New("shadowsocks 2022 (relay): users must have empty method")
2022-08-08 02:18:23 +03:00
}
if user.Address == nil {
return nil, errors.New("shadowsocks 2022 (relay): all users must have relay address")
2022-08-08 02:18:23 +03:00
}
config.Destinations = append(config.Destinations, &shadowsocks_2022.RelayDestination{
2022-12-26 02:37:35 +02:00
Key: user.Password,
Email: user.Email,
2022-08-08 02:18:23 +03:00
Address: user.Address.Build(),
2022-12-26 02:37:35 +02:00
Port: uint32(user.Port),
2022-08-08 02:18:23 +03:00
})
}
return config, nil
}
2020-11-25 13:01:53 +02:00
type ShadowsocksServerTarget struct {
2023-03-15 08:42:32 +02:00
Address *Address `json:"address"`
Port uint16 `json:"port"`
Cipher string `json:"method"`
Password string `json:"password"`
Email string `json:"email"`
Level byte `json:"level"`
IVCheck bool `json:"ivCheck"`
UoT bool `json:"uot"`
UoTVersion int `json:"uotVersion"`
2020-11-25 13:01:53 +02:00
}
type ShadowsocksClientConfig struct {
Servers []*ShadowsocksServerTarget `json:"servers"`
}
func (v *ShadowsocksClientConfig) Build() (proto.Message, error) {
if len(v.Servers) == 0 {
return nil, errors.New("0 Shadowsocks server configured.")
2020-11-25 13:01:53 +02:00
}
2022-05-23 15:45:30 +03:00
if len(v.Servers) == 1 {
server := v.Servers[0]
if C.Contains(shadowaead_2022.List, server.Cipher) {
if server.Address == nil {
return nil, errors.New("Shadowsocks server address is not set.")
2022-05-23 15:45:30 +03:00
}
if server.Port == 0 {
return nil, errors.New("Invalid Shadowsocks port.")
2022-05-23 15:45:30 +03:00
}
if server.Password == "" {
return nil, errors.New("Shadowsocks password is not specified.")
2022-05-23 15:45:30 +03:00
}
config := new(shadowsocks_2022.ClientConfig)
config.Address = server.Address.Build()
config.Port = uint32(server.Port)
config.Method = server.Cipher
config.Key = server.Password
config.UdpOverTcp = server.UoT
2023-03-15 08:42:32 +02:00
config.UdpOverTcpVersion = uint32(server.UoTVersion)
2022-05-23 15:45:30 +03:00
return config, nil
}
}
config := new(shadowsocks.ClientConfig)
2020-11-25 13:01:53 +02:00
serverSpecs := make([]*protocol.ServerEndpoint, len(v.Servers))
for idx, server := range v.Servers {
2022-05-23 15:45:30 +03:00
if C.Contains(shadowaead_2022.List, server.Cipher) {
return nil, errors.New("Shadowsocks 2022 accept no multi servers")
2022-05-23 15:45:30 +03:00
}
2020-11-25 13:01:53 +02:00
if server.Address == nil {
return nil, errors.New("Shadowsocks server address is not set.")
2020-11-25 13:01:53 +02:00
}
if server.Port == 0 {
return nil, errors.New("Invalid Shadowsocks port.")
2020-11-25 13:01:53 +02:00
}
if server.Password == "" {
return nil, errors.New("Shadowsocks password is not specified.")
2020-11-25 13:01:53 +02:00
}
account := &shadowsocks.Account{
Password: server.Password,
}
account.CipherType = cipherFromString(server.Cipher)
if account.CipherType == shadowsocks.CipherType_UNKNOWN {
return nil, errors.New("unknown cipher method: ", server.Cipher)
2020-11-25 13:01:53 +02:00
}
account.IvCheck = server.IVCheck
2020-11-25 13:01:53 +02:00
ss := &protocol.ServerEndpoint{
Address: server.Address.Build(),
Port: uint32(server.Port),
User: []*protocol.User{
{
Level: uint32(server.Level),
Email: server.Email,
Account: serial.ToTypedMessage(account),
},
},
}
serverSpecs[idx] = ss
}
config.Server = serverSpecs
return config, nil
}