ss

Documentation

Index

• Constants
• Variables
• func CheckCipherMethod(method string) error
• func NewSSUDPConn(c net.PacketConn, cipher *StreamCipher) net.PacketConn
• func Pack(dst, plaintext []byte, s *StreamCipher) ([]byte, error)
• func ProtectSocket(clientConn net.Conn) (newTCPConn *net.TCPConn, err error)
• func TfoDial(net, addr string, data []byte) (net.Conn, error)
• func TfoListen(net, addr string) (net.Listener, error)
• func Unpack(dst, pkt []byte, s *StreamCipher) ([]byte, error)
• type DecOrEnc
• type Filter
  • func (f *Filter) AddPattern(p *regexp.Regexp)
  • func (f *Filter) Find(b []byte) []byte
  • func (f *Filter) FindIndex(b []byte) []int
  • func (f *Filter) Match(b []byte) bool
• type SSTCPConn
  • func Dial(host string, cipher *StreamCipher, priorityInterfaceAddress string) (c *SSTCPConn, err error)
  • func NewSSTCPConn(c net.Conn, cipher *StreamCipher) *SSTCPConn
  • func TfoDialWithRawAddr(rawaddr []byte, server string, cipher *StreamCipher) (c *SSTCPConn, err error)
  • func (c *SSTCPConn) Close() error
  • func (c *SSTCPConn) GetIv() (iv []byte)
  • func (c *SSTCPConn) GetKey() (key []byte)
  • func (c *SSTCPConn) Read(b []byte) (n int, err error)
  • func (c *SSTCPConn) Write(b []byte) (n int, err error)
• type SSUDPConn
  • func (c *SSUDPConn) ReadFrom(b []byte) (int, net.Addr, error)
  • func (c *SSUDPConn) WriteTo(b []byte, addr net.Addr) (int, error)
• type StreamCipher
  • func NewStreamCipher(method, password string) (c *StreamCipher, err error)
  • func (c *StreamCipher) Copy() *StreamCipher
  • func (c *StreamCipher) IV() ([]byte, int)
  • func (c *StreamCipher) Key() (key []byte, keyLen int)

Constants

const (
	TCP_FASTOPEN     = 23
	TCP_FASTOPEN_VAL = 5
)

Variables

var ENotImpl = errors.New("function not implemented")

var ErrShortPacket = errors.New("short packet")

ErrShortPacket means the packet is too short to be a valid encrypted packet.

var (
	// ProtectSocketPathPrefix prefix of file path that used for Unix socket communication
	ProtectSocketPathPrefix string
)

Functions

func CheckCipherMethod

func CheckCipherMethod(method string) error

func NewSSUDPConn

func NewSSUDPConn(c net.PacketConn, cipher *StreamCipher) net.PacketConn

NewPacketConn wraps a net.PacketConn with stream cipher encryption/decryption.

func Pack

func Pack(dst, plaintext []byte, s *StreamCipher) ([]byte, error)

Pack encrypts plaintext using stream cipher s and a random IV. Returns a slice of dst containing random IV and ciphertext. Ensure len(dst) >= s.IVSize() + len(plaintext).

func ProtectSocket

func ProtectSocket(clientConn net.Conn) (newTCPConn *net.TCPConn, err error)

func TfoDial

func TfoDial(net, addr string, data []byte) (net.Conn, error)

func TfoListen

func TfoListen(net, addr string) (net.Listener, error)

func Unpack

func Unpack(dst, pkt []byte, s *StreamCipher) ([]byte, error)

Unpack decrypts pkt using stream cipher s. Returns a slice of dst containing decrypted plaintext.

Types

type DecOrEnc

type DecOrEnc int

const (
	Decrypt DecOrEnc = iota
	Encrypt
)

type Filter

type Filter struct {
	// contains filtered or unexported fields
}

Filter is a set of regexp targeted to work around SSPanel policy

func (*Filter) AddPattern

func (f *Filter) AddPattern(p *regexp.Regexp)

AddPattern to the pattern set

func (*Filter) Find

func (f *Filter) Find(b []byte) []byte

Find the left most match Refer to regexp library

func (*Filter) FindIndex

func (f *Filter) FindIndex(b []byte) []int

FindIndex of the left most match Refer to regexp library

func (*Filter) Match

func (f *Filter) Match(b []byte) bool

Match the byte slice Refer to regexp library

type SSTCPConn

type SSTCPConn struct {
	net.Conn
	sync.RWMutex
	*StreamCipher
	IObfs     obfs.IObfs
	IProtocol protocol.IProtocol
	IFilter   Filter
	// contains filtered or unexported fields
}

SSTCPConn the struct that override the net.Conn methods

func Dial

func Dial(host string, cipher *StreamCipher, priorityInterfaceAddress string) (c *SSTCPConn, err error)

rawaddr shoud contain part of the data in socks request, starting from the ATYP field. (Refer to rfc1928 for more information.)

func NewSSTCPConn

func NewSSTCPConn(c net.Conn, cipher *StreamCipher) *SSTCPConn

func TfoDialWithRawAddr

func TfoDialWithRawAddr(rawaddr []byte, server string, cipher *StreamCipher) (c *SSTCPConn, err error)

This is intended for use by users implementing a local socks proxy. rawaddr shoud contain part of the data in socks request, starting from the ATYP field. (Refer to rfc1928 for more information.)

func (*SSTCPConn) Close

func (c *SSTCPConn) Close() error

func (*SSTCPConn) GetIv

func (c *SSTCPConn) GetIv() (iv []byte)

func (*SSTCPConn) GetKey

func (c *SSTCPConn) GetKey() (key []byte)

func (*SSTCPConn) Read

func (c *SSTCPConn) Read(b []byte) (n int, err error)

func (*SSTCPConn) Write

func (c *SSTCPConn) Write(b []byte) (n int, err error)

type SSUDPConn

type SSUDPConn struct {
	net.PacketConn
	*StreamCipher
	IFilter Filter
}

func (*SSUDPConn) ReadFrom

func (c *SSUDPConn) ReadFrom(b []byte) (int, net.Addr, error)

func (*SSUDPConn) WriteTo

func (c *SSUDPConn) WriteTo(b []byte, addr net.Addr) (int, error)

type StreamCipher

type StreamCipher struct {
	// contains filtered or unexported fields
}

func NewStreamCipher

func NewStreamCipher(method, password string) (c *StreamCipher, err error)

NewStreamCipher creates a cipher that can be used in Dial() etc. Use cipher.Copy() to create a new cipher with the same method and password to avoid the cost of repeated cipher initialization.

func (*StreamCipher) Copy

func (c *StreamCipher) Copy() *StreamCipher

Copy creates a new cipher at it's initial state.

func (*StreamCipher) IV

func (c *StreamCipher) IV() ([]byte, int)

func (*StreamCipher) Key

func (c *StreamCipher) Key() (key []byte, keyLen int)