Merge branch 'release/0.4.5'

lparam · Jul 23, 2016 · 9def74f · 9def74f
2 parents 243ee51 + 6131114
commit 9def74f
Show file tree

Hide file tree

Showing 29 changed files with 365 additions and 247 deletions.
diff --git a/3rd/c-ares b/3rd/c-ares
diff --git a/3rd/libsodium b/3rd/libsodium
diff --git a/3rd/libuv b/3rd/libuv
diff --git a/CHANGES.md b/CHANGES.md
@@ -1,3 +1,8 @@
+v0.4.5 (2016-7-23)
+-----------
+* Fix: Package avalible
+
+
 v0.4.4 (2015-10-21)
 -----------
 * Fix: Openwrt start script

diff --git a/Makefile b/Makefile
@@ -1,6 +1,6 @@
 MAJOR = 0
 MINOR = 4
-PATCH = 4
+PATCH = 5
 NAME = xSocks
 
 ifdef O
@@ -127,14 +127,15 @@ all: libuv libsodium c-ares $(XSOCKSD) $(XSOCKS) $(XTPROXY) $(XFORWARDER) $(XTUN
 endif
 
 android: libuv libsodium $(XSOCKS) $(XFORWARDER)
-mingw32: libuv libsodium c-ares $(XSOCKS).exe $(XTPROXY).exe $(XFORWARDER).exe $(XTUNNEL).exe
+mingw32: libuv libsodium c-ares $(XSOCKSD).exe $(XSOCKS).exe $(XFORWARDER).exe $(XTUNNEL).exe
 
 3rd/libuv/autogen.sh:
 	$(Q)git submodule update --init
 
 $(OBJTREE)/3rd/libuv/Makefile: | 3rd/libuv/autogen.sh
 	$(Q)mkdir -p $(OBJTREE)/3rd/libuv
 	$(Q)cd 3rd/libuv && ./autogen.sh
+	$(Q)cd 3rd/libuv &&autoreconf --force -ivf
 	$(Q)cd $(OBJTREE)/3rd/libuv && $(SRCTREE)/3rd/libuv/configure --host=$(HOST) LDFLAGS= && $(MAKE)
 
 libuv: $(OBJTREE)/3rd/libuv/Makefile
@@ -351,7 +352,7 @@ $(XTUNNEL).exe: \
 	src/xTunnel_source.o \
 	src/xTunnel_target.o \
 	src/xTunnel.o
-	$(LINK) $^ -o $(OBJTREE)/$@ $(LDFLAGS)
+	$(LINK) $^ -o $@ $(LDFLAGS)
 endif
 
 clean:

diff --git a/README.md b/README.md
@@ -13,8 +13,8 @@ Introdution
 Features
 ------------
 * Transparent Proxy for all tcp traffic and udp packet
-* Multithreading
-* Cross-platform, including PC (Linux, [Windows](https://github.com/lparam/xSocks-windows)), Mobile ([Android](https://github.com/lparam/xSocks-android) and Router (OpenWRT,[Tomatoware](https://github.com/lancethepants/tomatoware))
+* Cross-platform, including PC (Linux, [Windows](https://github.com/lparam/xSocks-windows)), Mobile ([Android](https://github.com/lparam/xSocks-android)) and Router (OpenWRT,[Tomatoware](https://github.com/lancethepants/tomatoware))
+* Parallelization
 
 BUILD
 ------------

diff --git a/openwrt/Makefile b/openwrt/Makefile
@@ -1,7 +1,7 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=xSocks
-PKG_VERSION:=0.4.4
+PKG_VERSION:=0.4.5
 PKG_RELEASE=
 
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz

diff --git a/openwrt/files/xSocks.init b/openwrt/files/xSocks.init
@@ -12,7 +12,7 @@ LISTEN_PORT=1070
 IP_ROUTE_TABLE_NUMBER=100
 FWMARK="0x01/0x01"
 SETNAME=wall
-CHAIN=XSOCKS
+CHAIN=xSocks
 DNS=8.8.8.8
 BLACK_LIST=/etc/black_list
 
@@ -87,7 +87,7 @@ tproxy_stop() {
 
 acl() {
     if [ ! -f $BLACK_LIST ]; then
-        exit 1
+        return
     fi
 
     while read line;do

diff --git a/src/common.h b/src/common.h
@@ -4,7 +4,7 @@
 #include "uv.h"
 #include "socks.h"
 
-#define XSOCKS_VERSION      "0.4.4"
+#define XSOCKS_VERSION      "0.4.5"
 
 struct server_context {
     int index;

diff --git a/src/crypto.c b/src/crypto.c
@@ -80,6 +80,9 @@ crypto_encrypt(uint8_t *c, const uint8_t *m, const uint32_t mlen) {
 int
 crypto_decrypt(uint8_t *m, const uint8_t *c, const uint32_t clen) {
     uint8_t nonce[CSSNB];
+    if (clen <= CSSNB + COB) {
+        return -1;
+    }
     memcpy(nonce, c, CSSNB);
     return salsa208poly1305_decrypt(m, c + CSSNB, clen - CSSNB, nonce, secret_key);
 }
diff --git a/src/daemon.c b/src/daemon.c
@@ -56,7 +56,7 @@ already_running(const char *pidfile) {
 		exit(1);
     }
 
-	return(0);
+	return 0;
 }
 
 void

diff --git a/src/packet.c b/src/packet.c
@@ -5,39 +5,55 @@
 #include "packet.h"
 
 
+void
+packet_alloc(struct packet *packet, uv_buf_t *buf) {
+    if (packet->size) {
+        buf->base = (char *) packet->buf + packet->offset;
+        buf->len = packet->size - packet->offset;
+    } else {
+        buf->base = (char *) packet->buf + (packet->read ? 1 : 0);
+        buf->len = packet->read ? 1 : HEADER_BYTES;
+    }
+}
+
 int
 packet_filter(struct packet *packet, const char *buf, ssize_t buflen) {
-    int rc;
+    int rc = PACKET_INVALID;
 
     if (packet->size == 0) {
-        assert(buflen <= HEADER_BYTES);
+        if (packet->read == 0) {
+            if (buflen == HEADER_BYTES) {
+                packet->size = read_size((uint8_t *) buf);
+                if (packet->size > PRIMITIVE_BYTES && packet->size <= packet->max) {
+                    rc = PACKET_UNCOMPLETE;
+                } else {
+                    rc = PACKET_INVALID;
+                }
 
-        if (packet->read == 1) {
-            packet->size = read_size((uint8_t *)packet->buf);
-            rc = PACKET_UNCOMPLETE;
-
-        } else {
-            if (buflen == 1) {
+            } else {
+                assert(buflen == 1);
                 packet->read = 1;
                 rc = PACKET_UNCOMPLETE;
+            }
 
-            } else if (buflen == HEADER_BYTES) {
-                packet->size = read_size((uint8_t *)buf);
-                rc = packet->size > 0 ? PACKET_UNCOMPLETE : PACKET_INVALID;
-
+        } else {
+            assert(packet->read == 1);
+            packet->size = read_size((uint8_t *) packet->buf);
+            if (packet->size > PRIMITIVE_BYTES && packet->size <= packet->max) {
+                rc = PACKET_UNCOMPLETE;
             } else {
                 rc = PACKET_INVALID;
             }
         }
 
     } else {
-        if (buflen + packet->offset < packet->size) {
-            packet->offset += buflen;
-            rc = PACKET_UNCOMPLETE;
+        if (buflen + packet->offset == packet->size) {
+            rc = PACKET_COMPLETED;
 
         } else {
-            assert(buflen + packet->offset == packet->size);
-            rc = PACKET_COMPLETED;
+            assert(buflen + packet->offset < packet->size);
+            packet->offset += buflen;
+            rc = PACKET_UNCOMPLETE;
         }
     }
 
@@ -46,5 +62,8 @@ packet_filter(struct packet *packet, const char *buf, ssize_t buflen) {
 
 void
 packet_reset(struct packet *packet) {
-    memset(packet, 0, sizeof(*packet));
+    packet->read = 0;
+    packet->offset = 0;
+    packet->size = 0;
+    memset(packet->buf, 0, packet->max);
 }
diff --git a/src/packet.h b/src/packet.h
@@ -1,8 +1,7 @@
 #ifndef PACKET_H
 #define PACKET_H
 
-#include <stdint.h>
-#include <stdlib.h>
+#include "uv.h"
 
 
 #define HEADER_BYTES    2
@@ -19,9 +18,11 @@ struct packet {
     int read;
     uint16_t offset;
     uint16_t size;
+    uint16_t max;
     uint8_t buf[MAX_PACKET_SIZE];
 };
 
+void packet_alloc(struct packet *packet, uv_buf_t *buf);
 int packet_filter(struct packet *packet, const char *buf, ssize_t buflen);
 void packet_reset(struct packet *packet);
 

diff --git a/src/xForwarder_remote.c b/src/xForwarder_remote.c
@@ -220,10 +220,13 @@ remote_recv_cb(uv_stream_t *stream, ssize_t nread, const uv_buf_t *buf) {
         struct packet *packet = &remote->packet;
         int rc = packet_filter(packet, buf->base, nread);
         if (rc == PACKET_COMPLETED) {
-            uint8_t *m = packet->buf;
+            int clen = packet->size;
             int mlen = packet->size - PRIMITIVE_BYTES;
+            uint8_t *c = packet->buf, *m = packet->buf;
 
-            int err = crypto_decrypt(m, packet->buf, packet->size);
+            assert(mlen > 0 && mlen <= MAX_PACKET_SIZE - PRIMITIVE_BYTES);
+
+            int err = crypto_decrypt(m, c, clen);
             if (err) {
                 goto error;
             }
@@ -247,6 +250,9 @@ remote_recv_cb(uv_stream_t *stream, ssize_t nread, const uv_buf_t *buf) {
 
 error:
     logger_log(LOG_ERR, "invalid tcp packet");
+    if (verbose) {
+        dump_hex(buf->base, nread, "invalid tcp Packet");
+    }
     close_client(client);
     close_remote(remote);
 }
diff --git a/src/xForwarder_udprelay.c b/src/xForwarder_udprelay.c
@@ -24,6 +24,7 @@ struct client_context {
     char key[KEY_BYTES + 1];
 };
 
+extern int verbose;
 extern uint16_t idle_timeout;
 static int addrlen = IPV4_HEADER_LEN;
 
@@ -123,30 +124,38 @@ forward_to_client(struct client_context *client, uint8_t *data, ssize_t len) {
  */
 static void
 server_recv_cb(uv_udp_t *handle, ssize_t nread, const uv_buf_t *buf, const struct sockaddr *addr, unsigned flags) {
-    if (nread > 0) {
-        struct client_context *client = handle->data;
-        reset_timer(client);
-
-        int mlen = nread - PRIMITIVE_BYTES;
-        uint8_t *m = (uint8_t *)buf->base;
-        int rc = crypto_decrypt(m, (uint8_t *)buf->base, nread);
-        if (rc) {
-            logger_log(LOG_ERR, "invalid packet");
-            goto err;
-        }
+    if (nread <= 0) {
+        return;
+    }
 
-        memmove(m, m + addrlen, mlen - addrlen);
-        mlen -= addrlen;
+    struct client_context *client = handle->data;
+    reset_timer(client);
 
-        forward_to_client(client, m , mlen);
+    int mlen = nread - PRIMITIVE_BYTES;
+    uint8_t *m = (uint8_t *)buf->base;
 
-    } else {
+    int valid = mlen > 0;
+    if (!valid) {
         goto err;
     }
 
+    int rc = crypto_decrypt(m, (uint8_t *)buf->base, nread);
+    if (rc) {
+        goto err;
+    }
+
+    memmove(m, m + addrlen, mlen - addrlen);
+    mlen -= addrlen;
+
+    forward_to_client(client, m , mlen);
+
     return;
 
 err:
+    logger_log(LOG_ERR, "invalid udp packet");
+    if (verbose) {
+        dump_hex(buf->base, nread, "invalid udp packet");
+    }
     free(buf->base);
 }
 

diff --git a/src/xSocks.c b/src/xSocks.c
@@ -9,7 +9,9 @@
 
 #include "uv.h"
 
+#if !defined(_WIN32)
 #include "acl.h"
+#endif
 #include "util.h"
 #include "logger.h"
 #include "crypto.h"
@@ -43,7 +45,9 @@ static const struct option _lopts[] = {
 #ifdef ANDROID
     { "vpn",     no_argument,         NULL,  0  },
 #endif
+#if !defined(_WIN32)
     { "acl",     required_argument,   NULL,  0  },
+#endif
     { "signal",  required_argument,   NULL,  0  },
     { "version", no_argument,         NULL, 'v' },
     { "help",    no_argument,         NULL, 'h' },
@@ -67,8 +71,8 @@ print_usage(const char *prog) {
 #ifndef _WIN32
          "  [-c <concurrency>]\t : worker threads\n"
          "  [-p <pidfile>]\t : pid file path (default: /var/run/xSocks/xSocks.pid)\n"
-#endif
          "  [--acl <aclfile>]\t : ACL (Access Control List) file path\n"
+#endif
 #ifdef ANDROID
          "  [--vpn]\t : protect vpn socket\n"
 #endif
@@ -239,9 +243,11 @@ init(void) {
         idle_timeout = 60;
     }
 
+#if !defined(_WIN32)
     if (acl_file != NULL) {
         acl = !acl_init(acl_file);
     }
+#endif
 }
 
 int
@@ -365,9 +371,11 @@ main(int argc, char *argv[]) {
     }
 #endif
 
+#if !defined(_WIN32)
     if (acl_file != NULL) {
         acl_free();
     }
+#endif
     logger_exit();
 
     return 0;

diff --git a/src/xSocks_client.c b/src/xSocks_client.c
@@ -5,7 +5,9 @@
 
 #include "uv.h"
 
+#if !defined(_WIN32)
 #include "acl.h"
+#endif
 #include "util.h"
 #include "logger.h"
 #include "crypto.h"
@@ -231,6 +233,7 @@ request_start(struct client_context *client, char *req_buf) {
     struct sockaddr addr;
     memset(&addr, 0, sizeof addr);
 
+#if !defined(_WIN32)
     if ((acl && (req->atyp == 1 || req->atyp == 4) && acl_contains_ip(host))) {
         if (verbose) {
             logger_log(LOG_WARNING, "bypass %s", client->target_addr);
@@ -243,6 +246,7 @@ request_start(struct client_context *client, char *req_buf) {
             return;
         }
     }
+#endif
 
     client->buflen = buflen;
     memcpy(req_buf, buf, buflen);
-Original file line number
+Diff line change
@@ Expand Up / @@ -56,7 +56,7 @@ already_running(const char *pidfile) { @@
     		exit(1);
         }
-    	return(0);
+    	return 0;
     }
     void
@@ Expand Down @@