diff --git a/.copr/Makefile b/.copr/Makefile new file mode 100644 index 000000000..f88794f35 --- /dev/null +++ b/.copr/Makefile @@ -0,0 +1,19 @@ +.PHONY: deps srpm +.DEFAULT_GOAL := srpm + +DOT_COPR := $(dir $(firstword $(MAKEFILE_LIST))) +TOP_DIR := $(realpath $(DOT_COPR)/../) + +RPM_DIR := $(TOP_DIR)/rpm +outdir ?= $(RPM_DIR)/SRPMS + +HAS_GIT := $(shell command -v git 2> /dev/null) +ifndef HAS_GIT +deps: + dnf -y install git +else +deps: +endif + +srpm: deps + $(TOP_DIR)/rpm/genrpm.sh -o $(outdir) diff --git a/.gitignore b/.gitignore index e9cf6471b..8e260abd4 100644 --- a/.gitignore +++ b/.gitignore @@ -53,7 +53,6 @@ rpm/BUILDROOT/ # Ignore per-project vim config .vimrc -.vscode/ # Ignore garbage of OS X *.DS_Store diff --git a/.travis.yml b/.travis.yml index eceef35c0..f555b8856 100644 --- a/.travis.yml +++ b/.travis.yml @@ -53,3 +53,4 @@ script: branches: only: - nocrypto + diff --git a/CMakeLists.txt b/CMakeLists.txt index c9d35167d..8a922200c 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -1,8 +1,8 @@ cmake_minimum_required(VERSION 3.2) set(PROJECT_NAME shadowsocks-libev) -set(RELEASE_DATE 2018-1-15) -set(PROJECT_VERSION "3.1.3") +set(RELEASE_DATE 2018-5-28) +set(PROJECT_VERSION "3.2.0") set(PROJECT_DESC "a lightweight secured socks5 proxy") set(PROJECT_URL "https://shadowsocks.org") set(PROJECT_ISSUES_URL "https://github.com/shadowsocks/shadowsocks-libev") diff --git a/Changes b/Changes index ed2e9ae8b..b50a7c3e1 100644 --- a/Changes +++ b/Changes @@ -1,3 +1,12 @@ +shadowsocks-libev (3.2.0-1) unstable; urgency=medium + + * Add MinGW support by @linusyang. + * Refine c-ares integration by @xnoreq. + * Fix building issues with GCC8 by @FlyingheartCN. + * Minor bug fixes. + + -- Max Lv Mon, 28 May 2018 19:46:21 -0700 + shadowsocks-libev (3.1.3-1) unstable; urgency=medium * Fix a bug in UDP relay. diff --git a/README.md b/README.md index 7bbf29573..7b1d1a8d4 100644 --- a/README.md +++ b/README.md @@ -8,7 +8,6 @@ The motivation behind this: on router boards with limited CPU resources, the enc On my Raspberry Pi 2 device, I measured **15 Mbps** on loopback with `aes-128-gcm` and **285 Mbps** with `none` (no encryption). Obviously, turning off the encryption is optional (set encryption method to `none` for that), and only use if you can sure in the security considerations. - # shadowsocks-libev ## Intro @@ -20,8 +19,9 @@ It is a port of [Shadowsocks](https://github.com/shadowsocks/shadowsocks) created by [@clowwindy](https://github.com/clowwindy), and maintained by [@madeye](https://github.com/madeye) and [@linusyang](https://github.com/linusyang). -Current version: 3.1.3 | [Changelog](debian/changelog) +Current version: 3.2.0 | [Changelog](debian/changelog) +Travis CI: [![Travis CI](https://travis-ci.org/shadowsocks/shadowsocks-libev.svg?branch=master)](https://travis-ci.org/shadowsocks/shadowsocks-libev) ## Features diff --git a/completions/bash/ss-server b/completions/bash/ss-server index d8f3c298f..103d21744 100644 --- a/completions/bash/ss-server +++ b/completions/bash/ss-server @@ -1,7 +1,7 @@ _ss_server() { local cur prev opts ciphers - opts='-s -p -l -k -m -a -f -t -c -n -i -b -u -U -6 -d -v -h --reuse-port --fast-open --acl --manager-address --mtu --mptcp --key --plugin --plugin-opts --help' + opts='-s -p -l -k -m -a -f -t -c -n -i -b -u -U -6 -d -v -h --reuse-port --fast-open --acl --manager-address --mtu --mptcp --no-delay --key --plugin --plugin-opts --help' ciphers='none rc4-md5 aes-128-gcm aes-192-gcm aes-256-gcm aes-128-cfb aes-192-cfb aes-256-cfb aes-128-ctr aes-192-ctr aes-256-ctr camellia-128-cfb camellia-192-cfb camellia-256-cfb bf-cfb chacha20-ietf-poly1305 salsa20 chacha20 chacha20-ietf' COMPREPLY=() cur=${COMP_WORDS[COMP_CWORD]} diff --git a/configure.ac b/configure.ac index 243a1a3f7..8e24359cc 100755 --- a/configure.ac +++ b/configure.ac @@ -2,7 +2,7 @@ dnl -*- Autoconf -*- dnl Process this file with autoconf to produce a configure script. AC_PREREQ([2.67]) -AC_INIT([shadowsocks-libev], [3.1.3], [max.c.lv@gmail.com]) +AC_INIT([shadowsocks-libev], [3.2.0], [max.c.lv@gmail.com]) AC_CONFIG_SRCDIR([src/crypto.c]) AC_CONFIG_HEADERS([config.h]) AC_CONFIG_AUX_DIR(auto) diff --git a/debian/changelog b/debian/changelog index ed2e9ae8b..b50a7c3e1 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,12 @@ +shadowsocks-libev (3.2.0-1) unstable; urgency=medium + + * Add MinGW support by @linusyang. + * Refine c-ares integration by @xnoreq. + * Fix building issues with GCC8 by @FlyingheartCN. + * Minor bug fixes. + + -- Max Lv Mon, 28 May 2018 19:46:21 -0700 + shadowsocks-libev (3.1.3-1) unstable; urgency=medium * Fix a bug in UDP relay. diff --git a/doc/shadowsocks-libev.asciidoc b/doc/shadowsocks-libev.asciidoc index ef359095e..afa13353c 100644 --- a/doc/shadowsocks-libev.asciidoc +++ b/doc/shadowsocks-libev.asciidoc @@ -66,7 +66,7 @@ aes-128-ctr, aes-192-ctr, aes-256-ctr, bf-cfb, camellia-128-cfb, camellia-192-cfb, camellia-256-cfb, chacha20-ietf-poly1305, salsa20, chacha20 and chacha20-ietf. + -The default cipher is 'rc4-md5'. +The default cipher is 'chacha20-ietf-poly1305'. + If built with PolarSSL or custom OpenSSL libraries, some of these ciphers may not work. diff --git a/doc/ss-local.asciidoc b/doc/ss-local.asciidoc index 82439e0f1..1e5a68a49 100644 --- a/doc/ss-local.asciidoc +++ b/doc/ss-local.asciidoc @@ -61,7 +61,7 @@ aes-128-ctr, aes-192-ctr, aes-256-ctr, bf-cfb, camellia-128-cfb, camellia-192-cfb, camellia-256-cfb, chacha20-ietf-poly1305, salsa20, chacha20 and chacha20-ietf. + -The default cipher is 'rc4-md5'. +The default cipher is 'chacha20-ietf-poly1305'. + If built with PolarSSL or custom OpenSSL libraries, some of these ciphers may not work. diff --git a/doc/ss-manager.asciidoc b/doc/ss-manager.asciidoc index bc00cac0a..1061a010a 100644 --- a/doc/ss-manager.asciidoc +++ b/doc/ss-manager.asciidoc @@ -45,6 +45,8 @@ Set the cipher or turn off the encryption. + To disable encryption use `none` as cipher. + +Set the cipher. ++ *Shadowsocks-libev* accepts 18 different ciphers: + aes-128-gcm, aes-192-gcm, aes-256-gcm, @@ -53,7 +55,7 @@ aes-128-ctr, aes-192-ctr, aes-256-ctr, bf-cfb, camellia-128-cfb, camellia-192-cfb, camellia-256-cfb, chacha20-ietf-poly1305, salsa20, chacha20 and chacha20-ietf. + -The default cipher is 'rc4-md5'. +The default cipher is 'chacha20-ietf-poly1305'. + If built with PolarSSL or custom OpenSSL libraries, some of these ciphers may not work. diff --git a/doc/ss-redir.asciidoc b/doc/ss-redir.asciidoc index e085d6052..0fe7f2963 100644 --- a/doc/ss-redir.asciidoc +++ b/doc/ss-redir.asciidoc @@ -60,7 +60,7 @@ aes-128-ctr, aes-192-ctr, aes-256-ctr, bf-cfb, camellia-128-cfb, camellia-192-cfb, camellia-256-cfb, chacha20-ietf-poly1305, salsa20, chacha20 and chacha20-ietf. + -The default cipher is 'rc4-md5'. +The default cipher is 'chacha20-ietf-poly1305'. + If built with PolarSSL or custom OpenSSL libraries, some of these ciphers may not work. diff --git a/doc/ss-tunnel.asciidoc b/doc/ss-tunnel.asciidoc index 96ab1d5ee..3072b2fa4 100644 --- a/doc/ss-tunnel.asciidoc +++ b/doc/ss-tunnel.asciidoc @@ -60,7 +60,7 @@ aes-128-ctr, aes-192-ctr, aes-256-ctr, bf-cfb, camellia-128-cfb, camellia-192-cfb, camellia-256-cfb, chacha20-ietf-poly1305, salsa20, chacha20 and chacha20-ietf. + -The default cipher is 'rc4-md5'. +The default cipher is 'chacha20-ietf-poly1305'. + If built with PolarSSL or custom OpenSSL libraries, some of these ciphers may not work. diff --git a/docker/alpine/README.md b/docker/alpine/README.md index 37dd5d1da..fdd91c16b 100644 --- a/docker/alpine/README.md +++ b/docker/alpine/README.md @@ -29,7 +29,7 @@ $ docker pull shadowsocks/shadowsocks-libev:edge ## Start a container ```bash -$ docker run -p8388:8388 -p8388:8388/udp -d --restart always shadowsocks/shadowsocks-libev:latest +$ docker run -p 8388:8388 -p 8388:8388/udp -d --restart always shadowsocks/shadowsocks-libev:latest ``` This starts a container of the latest release with all the default settings, which is equivalent to ```bash @@ -43,7 +43,7 @@ In most cases you'll want to change a thing or two, for instance the port which Here's an example to start a container that listens on `28388` (both TCP and UDP): ```bash -$ docker run -p28388:8388 -p28388:8388/udp -d --restart always shadowsocks/shadowsocks-libev +$ docker run -p 28388:8388 -p 28388:8388/udp -d --restart always shadowsocks/shadowsocks-libev ``` ### With custom password @@ -52,7 +52,7 @@ Another thing you may want to change is the password. To change that, you can pa Here's an example to start a container with `9MLSpPmNt` as the password: ```bash -$ docker run -e PASSWORD=9MLSpPmNt -p8388:8388 -p8388:8388/udp -d --restart always shadowsocks/shadowsocks-libev +$ docker run -e PASSWORD=9MLSpPmNt -p 8388:8388 -p 8388:8388/udp -d --restart always shadowsocks/shadowsocks-libev ``` > :warning: Click [here][6] to generate a strong password to protect your server. @@ -65,7 +65,7 @@ Besides `PASSWORD`, the image also defines the following environment variables t Additional arguments supported by `ss-server` can be passed with the environment variable `ARGS`, for instance to start in verbose mode: ```bash -$ docker run -e ARGS=-v -p8388:8388 -p8388:8388/udp -d --restart always shadowsocks/shadowsocks-libev:latest +$ docker run -e ARGS=-v -p 8388:8388 -p 8388:8388/udp -d --restart always shadowsocks/shadowsocks-libev:latest ``` ## Use docker-compose to manage (optional) diff --git a/docker/alpine/docker-compose.yml b/docker/alpine/docker-compose.yml index e545201b4..a868d5741 100644 --- a/docker/alpine/docker-compose.yml +++ b/docker/alpine/docker-compose.yml @@ -1,5 +1,5 @@ shadowsocks: - image: shadowsocks-libev + image: shadowsocks/shadowsocks-libev ports: - "8388:8388/tcp" - "8388:8388/udp" diff --git a/docker/mingw/build.sh b/docker/mingw/build.sh index 382f9b210..cfc96b4bb 100644 --- a/docker/mingw/build.sh +++ b/docker/mingw/build.sh @@ -29,6 +29,7 @@ build_proj() { host=$arch-w64-mingw32 prefix=${DIST}/$arch dep=${PREFIX}/$arch + cpu="$(nproc --all)" cd "$SRC" if ! [ -d proj ]; then @@ -49,7 +50,7 @@ build_proj() { --with-cares="$dep" \ CFLAGS="-DCARES_STATICLIB -DPCRE_STATIC" make clean - make LDFLAGS="-all-static -L${dep}/lib" + make -j$cpu LDFLAGS="-all-static -L${dep}/lib" make install-strip # Reference SIP003 plugin (Experimental) @@ -72,7 +73,7 @@ build_proj() { --disable-documentation \ --with-ev="$dep" make clean - make LDFLAGS="-all-static -L${dep}/lib" + make -j$cpu LDFLAGS="-all-static -L${dep}/lib" make install-strip } diff --git a/docker/mingw/deps.sh b/docker/mingw/deps.sh index 7364b902b..2e15a4a1a 100644 --- a/docker/mingw/deps.sh +++ b/docker/mingw/deps.sh @@ -29,17 +29,18 @@ build_deps() { host=$arch-w64-mingw32 prefix=${PREFIX}/$arch args="--host=${host} --prefix=${prefix} --disable-shared --enable-static" + cpu="$(nproc --all)" # libev cd "$SRC/$LIBEV_SRC" ./configure $args make clean - make install + make -j$cpu install # mbedtls cd "$SRC/$MBEDTLS_SRC" make clean - make lib WINDOWS=1 CC="${host}-gcc" AR="${host}-ar" + make -j$cpu lib WINDOWS=1 CC="${host}-gcc" AR="${host}-ar" ## "make install" command from mbedtls DESTDIR="${prefix}" mkdir -p "${DESTDIR}"/include/mbedtls @@ -54,21 +55,20 @@ build_deps() { cd "$SRC/$SODIUM_SRC" ./configure $args make clean - make install + make -j$cpu install # pcre cd "$SRC/$PCRE_SRC" - ./configure $args \ - --enable-jit --disable-cpp \ + ./configure $args --disable-cpp \ --enable-unicode-properties make clean - make install + make -j$cpu install # c-ares cd "$SRC/$CARES_SRC" ./configure $args make clean - make install + make -j$cpu install } dk_deps() { diff --git a/rpm/SOURCES/0001-systemd-services.patch b/rpm/SOURCES/0001-systemd-services.patch deleted file mode 100644 index f9b241f7e..000000000 --- a/rpm/SOURCES/0001-systemd-services.patch +++ /dev/null @@ -1,36 +0,0 @@ -diff -ru shadowsocks-libev-orig/debian/shadowsocks-libev.default shadowsocks-libev/debian/shadowsocks-libev.default ---- shadowsocks-libev-orig/debian/shadowsocks-libev.default 2017-06-02 08:45:07.000000000 +0800 -+++ shadowsocks-libev/debian/shadowsocks-libev.default 2017-06-28 16:39:37.236474413 +0800 -@@ -19,7 +19,7 @@ - - # User and group to run the server as - USER=nobody --GROUP=nogroup -+GROUP=nobody - - # Number of maximum file descriptors - MAXFD=32768 -diff -ru shadowsocks-libev-orig/debian/shadowsocks-libev.service shadowsocks-libev/debian/shadowsocks-libev.service ---- shadowsocks-libev-orig/debian/shadowsocks-libev.service 2017-06-02 08:45:07.000000000 +0800 -+++ shadowsocks-libev/debian/shadowsocks-libev.service 2017-06-28 17:23:55.131822730 +0800 -@@ -6,7 +6,7 @@ - # (at your option) any later version. - # - # This file is default for Debian packaging. See also --# /etc/default/shadowsocks-libev for environment variables. -+# /etc/sysconfig/shadowsocks-libev for environment variables. - - [Unit] - Description=Shadowsocks-libev Default Server Service -@@ -15,9 +15,9 @@ - - [Service] - Type=simple --EnvironmentFile=/etc/default/shadowsocks-libev -+EnvironmentFile=/etc/sysconfig/shadowsocks-libev - User=nobody --Group=nogroup -+Group=nobody - LimitNOFILE=32768 - ExecStart=/usr/bin/ss-server -c $CONFFILE $DAEMON_ARGS - diff --git a/rpm/SPECS/shadowsocks-libev.spec.in b/rpm/SPECS/shadowsocks-libev.spec.in index 021df20f1..5be416ddd 100644 --- a/rpm/SPECS/shadowsocks-libev.spec.in +++ b/rpm/SPECS/shadowsocks-libev.spec.in @@ -6,7 +6,7 @@ %if 0%{?suse_version} %global requires %{?requires} libcap-progs %endif -%global project_desc shadowsocks-libev is a lightweight secured scoks5 proxy for embedded devices and low end boxes. +%global project_desc shadowsocks-libev is a lightweight secured socks5 proxy for embedded devices and low end boxes. %if 0%{?fedora} >= 15 || 0%{?rhel} >=7 || 0%{?suse_version} >= 1210 %global use_systemd 1 @@ -14,15 +14,15 @@ %global use_systemd 0 %endif -Name: shadowsocks-libev -Version: VERSION -Release: 1%{?dist} +Name: @NAME@ +Version: @VERSION@ +Release: @RELEASE@%{?dist} Summary: A lightweight and secure socks5 proxy Group: Applications/Internet License: GPLv3+ URL: https://github.com/shadowsocks/%{name} -Source0: %{url}/archive/v%{version}.tar.gz +Source0: @SOURCE@ BuildRequires: make gcc pcre-devel asciidoc xmlto automake libtool mbedtls-devel libsodium-devel >= 1.0.4 libev-devel c-ares-devel %if 0%{?suse_version} @@ -48,7 +48,7 @@ BuildRequires: systemd %{?project_desc} %prep -%setup -q +%setup -q -n @NAME_VERSION@ %build ./autogen.sh diff --git a/rpm/genrpm.sh b/rpm/genrpm.sh index 877c66b70..9ed25cb90 100755 --- a/rpm/genrpm.sh +++ b/rpm/genrpm.sh @@ -1,87 +1,95 @@ #!/usr/bin/env bash set -e +NAME=shadowsocks-libev + SELF=$(readlink -f -- "$0") HERE=$(dirname -- "$SELF") +SOURCES="${HERE}"/SOURCES +SPEC_TEMPLATE="${HERE}"/SPECS/${NAME}.spec.in +SPEC_FILE="${SPEC_TEMPLATE%%.in}" + +GIT_VERSION=$("${HERE}"/../scripts/git_version.sh) + +OPT_OUTDIR="${HERE}/SRPMS" +OPT_USE_SYSTEM_LIB=0 +OUT_BUILD_RPM=0 + +version=$(echo ${GIT_VERSION} | cut -d' ' -f1) +release=$(echo ${GIT_VERSION} | cut -d' ' -f2) + +name_version=${NAME}-${version}-${release} +source_name=${name_version}.tar.gz + +archive() +{ + "${HERE}"/../scripts/git_archive.sh -o "${SOURCES}" -n ${name_version} +} + +build_src_rpm() +{ + rpmbuild -bs "${SPEC_FILE}" \ + --undefine "dist" \ + --define "%_topdir ${HERE}" \ + --define "%_srcrpmdir ${OPT_OUTDIR}" +} + +build_rpm() +{ + rpmbuild --rebuild "${OPT_OUTDIR}"/${name_version}.src.rpm \ + --define "%_topdir ${HERE}" \ + --define "%use_system_lib ${OPT_USE_SYSTEM_LIB}" +} + +create_spec() +{ + sed -e "s/@NAME@/${NAME}/g" \ + -e "s/@VERSION@/${version}/g" \ + -e "s/@RELEASE@/${release}/g" \ + -e "s/@SOURCE@/${source_name}/g" \ + -e "s/@NAME_VERSION@/${name_version}/g" \ + "${SPEC_TEMPLATE}" > "${SPEC_FILE}" +} + show_help() { - echo -e "`basename $0` [OPTION...]" + echo -e "$(basename $0) [OPTION...]" + echo -e "Create and build shadowsocks-libev SRPM" echo echo -e "Options:" echo -e " -h show this help." - echo -e " -s use system shared libraries" + echo -e " -b use rpmbuld to build resulting SRPM" + echo -e " -s use system shared libraries (RPM only)" + echo -e " -o output directory" } -OPT_USE_SYSTEM_LIB=0 - -while getopts "hs" opt +while getopts "hbso:" opt do case ${opt} in h) show_help exit 0 ;; - - s) + b) + OPT_BUILD_RPM=1 + ;; + s) OPT_USE_SYSTEM_LIB=1 - ;; + ;; + o) + OPT_OUTDIR=$(readlink -f -- $OPTARG) + ;; *) - show_help + show_help exit 1 ;; esac done -# determine version and release number -GIT_DESCRIBE=$(git describe --tags --match 'v*' --long) -# GIT_DESCRIBE is like v3.0.3-11-g1e3f35c-dirty - -if [[ ! "$GIT_DESCRIBE" =~ ^v([^-]+)-([0-9]+)-g([0-9a-f]+)$ ]]; then - >&2 echo 'ERROR - unrecognized `git describe` output: '"$GIT_DESCRIBE" - exit 1 -fi - -TARGET_VERSION=${BASH_REMATCH[1]} -TARGET_COMMITS=${BASH_REMATCH[2]} -TARGET_SHA1=${BASH_REMATCH[3]} - -TARGET_RELEASE=1 -if [ "$TARGET_COMMITS" -gt 0 ]; then - TARGET_RELEASE+=".$TARGET_COMMITS.git$TARGET_SHA1" +create_spec +archive +build_src_rpm +if [ "${OPT_BUILD_RPM}" = "1" ] ; then + build_rpm fi - -TARGET_VERREL=$TARGET_VERSION-$TARGET_RELEASE ->&2 echo "INFO - RPM version-release is $TARGET_VERREL." - -# archive tarball from Git workspace -export TARGET_TARBALL_NAME=shadowsocks-libev-$TARGET_VERSION -export TARGET_TARBALL_DIR=$HERE/SOURCES -mkdir -p -- "$TARGET_TARBALL_DIR" -pushd "$HERE"/.. -# archive this repo -git archive HEAD --format=tar --prefix="$TARGET_TARBALL_NAME/" \ - -o "$TARGET_TARBALL_DIR/$TARGET_TARBALL_NAME.tar" -# archive submodules -git submodule update --init -git submodule foreach 'git archive HEAD --format=tar \ - --prefix="$TARGET_TARBALL_NAME/$path/" \ - -o "$TARGET_TARBALL_DIR/$TARGET_TARBALL_NAME-submodule-$path-$sha1.tar" - tar -n --concatenate --file="$TARGET_TARBALL_DIR/$TARGET_TARBALL_NAME.tar" \ - "$TARGET_TARBALL_DIR/$TARGET_TARBALL_NAME-submodule-$path-$sha1.tar"' -gzip -c "$TARGET_TARBALL_DIR/$TARGET_TARBALL_NAME.tar" > "$TARGET_TARBALL_DIR/$TARGET_TARBALL_NAME.tar.gz" -popd - -# generate spec file -TARGET_SPEC_DIR=$HERE/SPECS -mkdir -p -- "$TARGET_SPEC_DIR" -TARGET_SPEC_PATH=$TARGET_SPEC_DIR/shadowsocks-libev.spec -sed -e "s/^\(Version:\).*$/\1 ${TARGET_VERSION}/" \ - -e "s/^\(Release:\).*$/\1 ${TARGET_RELEASE}%{?dist}/" \ - -e "s/^\(Source0:\).*$/\1 ${TARGET_TARBALL_NAME}.tar.gz/" \ - "${TARGET_SPEC_PATH}".in > "${TARGET_SPEC_PATH}" - -# build rpms -rpmbuild -ba "$TARGET_SPEC_PATH" \ - --define "%_topdir $HERE" \ - --define "%use_system_lib $OPT_USE_SYSTEM_LIB" diff --git a/scripts/git_archive.sh b/scripts/git_archive.sh new file mode 100755 index 000000000..aa932df06 --- /dev/null +++ b/scripts/git_archive.sh @@ -0,0 +1,44 @@ +#!/usr/bin/env bash +set -e + +archive() { + export TARBALL_NAME=$1 + export TARBALL_OUTDIR=$2 + + # archive this repo + cd "$(git rev-parse --show-toplevel)" + git archive HEAD --format=tar --prefix="${TARBALL_NAME}/" \ + -o "${TARBALL_OUTDIR}/${TARBALL_NAME}.tar" + # archive submodules + git submodule update --init + git submodule foreach --quiet 'git archive HEAD --format=tar \ + --prefix="${TARBALL_NAME}/${path}/" \ + -o "${TARBALL_OUTDIR}/${TARBALL_NAME}-submodule-${path}-${sha1}.tar" + tar -n --concatenate --file="${TARBALL_OUTDIR}/${TARBALL_NAME}.tar" \ + "${TARBALL_OUTDIR}/${TARBALL_NAME}-submodule-${path}-${sha1}.tar"' + gzip -c "${TARBALL_OUTDIR}/${TARBALL_NAME}.tar" > "${TARBALL_OUTDIR}/${TARBALL_NAME}.tar.gz" + + # clean-up + git submodule foreach --quiet 'rm ${TARBALL_OUTDIR}/${TARBALL_NAME}-submodule-${path}-${sha1}.tar' + rm "${TARBALL_OUTDIR}/${TARBALL_NAME}.tar" +} + +TARGET_TARBALL_NAME=shadowsocks-libev +TARGET_TARBALL_DIR=$(git rev-parse --show-toplevel) + +while getopts "n:o:" opt +do + case ${opt} in + o) + TARGET_TARBALL_DIR=$(readlink -f -- $OPTARG) + ;; + n) + TARGET_TARBALL_NAME=$OPTARG + ;; + \?) + exit 1 + ;; + esac +done + +archive "${TARGET_TARBALL_NAME}" "${TARGET_TARBALL_DIR}" diff --git a/scripts/git_version.sh b/scripts/git_version.sh new file mode 100755 index 000000000..272ae145e --- /dev/null +++ b/scripts/git_version.sh @@ -0,0 +1,21 @@ +#!/usr/bin/env bash +set -e + +# determine version and release number +GIT_DESCRIBE=$(git describe --tags --match 'v*' --long) +# GIT_DESCRIBE is like v3.0.3-11-g1e3f35c-dirty +if [[ ! "$GIT_DESCRIBE" =~ ^v([^-]+)-([0-9]+)-g([0-9a-f]+)$ ]]; then + >&2 echo 'ERROR - unrecognized `git describe` output: '"$GIT_DESCRIBE" + exit 1 +fi + +version=${BASH_REMATCH[1]} +commits=${BASH_REMATCH[2]} +short_hash=${BASH_REMATCH[3]} + +release=1 +if [ "${commits}" -gt 0 ] ; then + release+=.${commits}.git${short_hash} +fi + +echo "${version} ${release}" diff --git a/src/Makefile.am b/src/Makefile.am index 4efb89050..b926e7d48 100644 --- a/src/Makefile.am +++ b/src/Makefile.am @@ -116,5 +116,5 @@ include_HEADERS = shadowsocks.h noinst_HEADERS = acl.h crypto.h stream.h aead.h json.h netutils.h redir.h server.h tls.h uthash.h \ cache.h http.h local.h plugin.h resolv.h tunnel.h utils.h base64.h ppbloom.h \ - common.h jconf.h manager.h protocol.h rule.h socks5.h udprelay.h + common.h jconf.h manager.h protocol.h rule.h socks5.h udprelay.h winsock.h EXTRA_DIST = ss-nat diff --git a/src/aead.c b/src/aead.c index 56cf30ad7..9e2da725e 100644 --- a/src/aead.c +++ b/src/aead.c @@ -719,8 +719,8 @@ aead_init(const char *pass, const char *key, const char *method) break; } if (m >= AEAD_CIPHER_NUM) { - LOGE("Invalid cipher name: %s, use aes-256-gcm instead", method); - m = AES256GCM; + LOGE("Invalid cipher name: %s, use chacha20-ietf-poly1305 instead", method); + m = CHACHA20POLY1305IETF; } } return aead_key_init(m, pass, key); diff --git a/src/local.c b/src/local.c index 3cff2f750..94dcef39a 100644 --- a/src/local.c +++ b/src/local.c @@ -1697,7 +1697,7 @@ main(int argc, char **argv) } if (method == NULL) { - method = "rc4-md5"; + method = "chacha20-ietf-poly1305"; } if (timeout == NULL) { diff --git a/src/manager.c b/src/manager.c index e0012f99c..4472eef6e 100644 --- a/src/manager.c +++ b/src/manager.c @@ -288,13 +288,13 @@ get_server(char *buf, int len) json_value *value = obj->u.object.values[i].value; if (strcmp(name, "server_port") == 0) { if (value->type == json_string) { - strncpy(server->port, value->u.string.ptr, 8); + strncpy(server->port, value->u.string.ptr, 7); } else if (value->type == json_integer) { snprintf(server->port, 8, "%" PRIu64 "", value->u.integer); } } else if (strcmp(name, "password") == 0) { if (value->type == json_string) { - strncpy(server->password, value->u.string.ptr, 128); + strncpy(server->password, value->u.string.ptr, 127); } } else if (strcmp(name, "method") == 0) { if (value->type == json_string) { @@ -355,7 +355,7 @@ parse_traffic(char *buf, int len, char *port, uint64_t *traffic) char *name = obj->u.object.values[i].name; json_value *value = obj->u.object.values[i].value; if (value->type == json_integer) { - strncpy(port, name, 8); + strncpy(port, name, 7); *traffic = value->u.integer; } } @@ -1172,8 +1172,8 @@ main(int argc, char **argv) for (i = 0; i < conf->port_password_num; i++) { struct server *server = ss_malloc(sizeof(struct server)); memset(server, 0, sizeof(struct server)); - strncpy(server->port, conf->port_password[i].port, 8); - strncpy(server->password, conf->port_password[i].password, 128); + strncpy(server->port, conf->port_password[i].port, 7); + strncpy(server->password, conf->port_password[i].password, 127); add_server(&manager, server); } } diff --git a/src/netutils.c b/src/netutils.c index 1c119d670..377e72bd9 100644 --- a/src/netutils.c +++ b/src/netutils.c @@ -81,7 +81,7 @@ setinterface(int socket_fd, const char *interface_name) { struct ifreq interface; memset(&interface, 0, sizeof(struct ifreq)); - strncpy(interface.ifr_name, interface_name, IFNAMSIZ); + strncpy(interface.ifr_name, interface_name, IFNAMSIZ-1); int res = setsockopt(socket_fd, SOL_SOCKET, SO_BINDTODEVICE, &interface, sizeof(struct ifreq)); return res; diff --git a/src/noencrypt.c b/src/noencrypt.c index 76253647d..761d2b2ed 100644 --- a/src/noencrypt.c +++ b/src/noencrypt.c @@ -24,4 +24,4 @@ none_stream_ctx_init (cipher_t *chiper, cipher_ctx_t *chiper_ctx, int enc) { void none_stream_ctx_release (cipher_ctx_t *chiper_ctx) { (void) chiper_ctx; -} \ No newline at end of file +} diff --git a/src/noencrypt.h b/src/noencrypt.h index 489541154..673ed2779 100644 --- a/src/noencrypt.h +++ b/src/noencrypt.h @@ -8,4 +8,4 @@ int none_stream(buffer_t *, cipher_ctx_t *, size_t); void none_stream_ctx_init(cipher_t *, cipher_ctx_t *, int); void none_stream_ctx_release(cipher_ctx_t *); -#endif //_NOENCRYPT_H \ No newline at end of file +#endif //_NOENCRYPT_H diff --git a/src/resolv.c b/src/resolv.c index ed8ea76fb..8d78765c6 100644 --- a/src/resolv.c +++ b/src/resolv.c @@ -65,9 +65,15 @@ * Implement DNS resolution interface using libc-ares */ + +#define SS_NUM_IOS 6 +#define SS_INVALID_FD -1 +#define SS_TIMER_AFTER 1.0 + struct resolv_ctx { - struct ev_io io; - struct ev_timer tw; + struct ev_io ios[SS_NUM_IOS]; + struct ev_timer timer; + ev_tstamp last_tick; ares_channel channel; struct ares_options options; @@ -90,7 +96,7 @@ struct resolv_query { extern int verbose; -struct resolv_ctx default_ctx; +static struct resolv_ctx default_ctx; static struct ev_loop *default_loop; enum { @@ -101,7 +107,7 @@ enum { static int resolv_mode = MODE_IPV4_FIRST; static void resolv_sock_cb(struct ev_loop *, struct ev_io *, int); -static void resolv_timeout_cb(struct ev_loop *, struct ev_timer *, int); +static void resolv_timer_cb(struct ev_loop *, struct ev_timer *, int); static void resolv_sock_state_cb(void *, int, int, int); static void dns_query_v4_cb(void *, int, int, struct hostent *); @@ -113,16 +119,12 @@ static struct sockaddr *choose_ipv4_first(struct resolv_query *); static struct sockaddr *choose_ipv6_first(struct resolv_query *); static struct sockaddr *choose_any(struct resolv_query *); -static void reset_timer(); - /* * DNS UDP socket activity callback */ static void resolv_sock_cb(EV_P_ ev_io *w, int revents) { - struct resolv_ctx *ctx = (struct resolv_ctx *)w; - ares_socket_t rfd = ARES_SOCKET_BAD, wfd = ARES_SOCKET_BAD; if (revents & EV_READ) @@ -130,9 +132,9 @@ resolv_sock_cb(EV_P_ ev_io *w, int revents) if (revents & EV_WRITE) wfd = w->fd; - ares_process_fd(ctx->channel, rfd, wfd); + default_ctx.last_tick = ev_now(default_loop); - reset_timer(); + ares_process_fd(default_ctx.channel, rfd, wfd); } int @@ -181,8 +183,13 @@ resolv_init(struct ev_loop *loop, char *nameservers, int ipv6first) FATAL("failed to set nameservers"); } - ev_init(&default_ctx.io, resolv_sock_cb); - ev_timer_init(&default_ctx.tw, resolv_timeout_cb, 0.0, 0.0); + for (int i = 0; i < SS_NUM_IOS; i++) { + ev_io_init(&default_ctx.ios[i], resolv_sock_cb, SS_INVALID_FD, 0); + } + + default_ctx.last_tick = ev_now(default_loop); + ev_init(&default_ctx.timer, resolv_timer_cb); + resolv_timer_cb(default_loop, &default_ctx.timer, 0); return 0; } @@ -190,6 +197,11 @@ resolv_init(struct ev_loop *loop, char *nameservers, int ipv6first) void resolv_shutdown(struct ev_loop *loop) { + ev_timer_stop(default_loop, &default_ctx.timer); + for (int i = 0; i < SS_NUM_IOS; i++) { + ev_io_stop(default_loop, &default_ctx.ios[i]); + } + ares_cancel(default_ctx.channel); ares_destroy(default_ctx.channel); @@ -220,8 +232,6 @@ resolv_start(const char *hostname, uint16_t port, ares_gethostbyname(default_ctx.channel, hostname, AF_INET, dns_query_v4_cb, query); ares_gethostbyname(default_ctx.channel, hostname, AF_INET6, dns_query_v6_cb, query); - - reset_timer(); } /* @@ -427,29 +437,26 @@ all_requests_are_null(struct resolv_query *query) } /* - * DNS timeout callback + * Timer callback */ static void -resolv_timeout_cb(struct ev_loop *loop, struct ev_timer *w, int revents) +resolv_timer_cb(struct ev_loop *loop, struct ev_timer *w, int revents) { - struct resolv_ctx *ctx = cork_container_of(w, struct resolv_ctx, tw); + struct resolv_ctx *ctx = cork_container_of(w, struct resolv_ctx, timer); - ares_process_fd(ctx->channel, ARES_SOCKET_BAD, ARES_SOCKET_BAD); + ev_tstamp now = ev_now(default_loop); + ev_tstamp after = ctx->last_tick - now + SS_TIMER_AFTER; - reset_timer(); -} + if (after < 0.0) { + ctx->last_tick = now; + ares_process_fd(ctx->channel, ARES_SOCKET_BAD, ARES_SOCKET_BAD); -static void -reset_timer() -{ - struct timeval tvout; - struct timeval *tv = ares_timeout(default_ctx.channel, NULL, &tvout); - if (tv == NULL) { - return; + ev_timer_set(w, SS_TIMER_AFTER, 0.0); + } else { + ev_timer_set(w, after, 0.0); } - float repeat = tv->tv_sec + tv->tv_usec / 1000000. + 1e-9; - ev_timer_set(&default_ctx.tw, repeat, repeat); - ev_timer_again(default_loop, &default_ctx.tw); + + ev_timer_start(loop, w); } /* @@ -459,16 +466,35 @@ static void resolv_sock_state_cb(void *data, int s, int read, int write) { struct resolv_ctx *ctx = (struct resolv_ctx *)data; - int io_active = ev_is_active(&ctx->io); + int events = (read ? EV_READ : 0) | (write ? EV_WRITE : 0); + + int i = 0, ffi = -1; + for (; i < SS_NUM_IOS; i++) { + if (ctx->ios[i].fd == s) { + break; + } - if (read || write) { - if (io_active && ctx->io.fd != s) { - ev_io_stop(default_loop, &ctx->io); + if (ffi < 0 && ctx->ios[i].fd == SS_INVALID_FD) { + // first free index + ffi = i; } - ev_io_set(&ctx->io, s, (read ? EV_READ : 0) | (write ? EV_WRITE : 0)); - ev_io_start(default_loop, &ctx->io); + } + + if (i < SS_NUM_IOS) { + ev_io_stop(default_loop, &ctx->ios[i]); + } else if (ffi > -1) { + i = ffi; + } else { + LOGE("failed to find free I/O watcher slot for DNS query"); + // last resort: stop io and re-use slot, will cause timeout + i = 0; + ev_io_stop(default_loop, &ctx->ios[i]); + } + + if (events) { + ev_io_set(&ctx->ios[i], s, events); + ev_io_start(default_loop, &ctx->ios[i]); } else { - ev_io_stop(default_loop, &ctx->io); - ev_io_set(&ctx->io, -1, 0); + ev_io_set(&ctx->ios[i], SS_INVALID_FD, 0); } } diff --git a/src/server.c b/src/server.c index c6d6d75a5..052e49377 100644 --- a/src/server.c +++ b/src/server.c @@ -813,7 +813,7 @@ server_recv_cb(EV_P_ ev_io *w, int revents) int offset = 0; int need_query = 0; char atyp = server->buf->data[offset++]; - char host[257] = { 0 }; + char host[255] = { 0 }; uint16_t port = 0; struct addrinfo info; struct sockaddr_storage storage; @@ -971,7 +971,7 @@ server_recv_cb(EV_P_ ev_io *w, int revents) memset(query, 0, sizeof(query_t)); query->server = server; server->query = query; - snprintf(query->hostname, 256, "%s", host); + snprintf(query->hostname, 257, "%s", host); server->stage = STAGE_RESOLVE; resolv_start(host, port, resolv_cb, resolv_free_cb, query); @@ -1860,7 +1860,7 @@ main(int argc, char **argv) } if (method == NULL) { - method = "rc4-md5"; + method = "chacha20-ietf-poly1305"; } if (timeout == NULL) { diff --git a/src/stream.c b/src/stream.c index aa94f5133..2a7b86137 100644 --- a/src/stream.c +++ b/src/stream.c @@ -72,7 +72,7 @@ * */ -#define NONE 0 +#define NONE 0 #define RC4 1 #define RC4_MD5 2 #define AES_128_CFB 3 @@ -119,7 +119,7 @@ const char *supported_stream_ciphers[STREAM_CIPHER_NUM] = { }; static const char *supported_stream_ciphers_mbedtls[STREAM_CIPHER_NUM] = { - "table", + "none", "ARC4-128", "ARC4-128", "AES-128-CFB128", @@ -676,11 +676,11 @@ stream_init(const char *pass, const char *key, const char *method) break; } if (m >= STREAM_CIPHER_NUM) { - LOGE("Invalid cipher name: %s, use rc4-md5 instead", method); - m = RC4_MD5; + LOGE("Invalid cipher name: %s, use chacha20-ietf instead", method); + m = CHACHA20IETF; } } - if (m == NONE) { + if (m == TABLE) { LOGE("Table is deprecated"); return NULL; } diff --git a/src/tunnel.c b/src/tunnel.c index 7970d33d7..d6e12fb51 100644 --- a/src/tunnel.c +++ b/src/tunnel.c @@ -182,17 +182,6 @@ create_and_bind(const char *addr, const char *port) return listen_sock; } -static void -delayed_connect_cb(EV_P_ ev_timer *watcher, int revents) -{ - server_t *server = cork_container_of(watcher, server_t, - delayed_connect_watcher); - remote_t *remote = server->remote; - - if (server->abuf != NULL) - remote_send_cb(EV_A_ & remote->send_ctx->io, revents); -} - static void server_recv_cb(EV_P_ ev_io *w, int revents) { @@ -236,14 +225,6 @@ server_recv_cb(EV_P_ ev_io *w, int revents) return; } - if (server->abuf != NULL) { - ev_timer_stop(EV_A_ & server->delayed_connect_watcher); - bprepend(remote->buf, server->abuf, BUF_SIZE); - bfree(server->abuf); - ss_free(server->abuf); - server->abuf = NULL; - } - int s = send(remote->fd, remote->buf->data, remote->buf->len, 0); if (s == -1) { @@ -413,12 +394,10 @@ remote_send_cb(EV_P_ ev_io *w, int revents) int r = getpeername(remote->fd, (struct sockaddr *)&addr, &len); if (r == 0) { remote_send_ctx->connected = 1; - ev_io_stop(EV_A_ & remote_send_ctx->io); ev_timer_stop(EV_A_ & remote_send_ctx->watcher); - server->abuf = (buffer_t *)ss_malloc(sizeof(buffer_t)); - buffer_t *abuf = server->abuf; - balloc(abuf, BUF_SIZE); + assert(remote->buf->len == 0); + buffer_t *abuf = remote->buf; ss_addr_t *sa = &server->destaddr; struct cork_ip ip; @@ -467,18 +446,14 @@ remote_send_cb(EV_P_ ev_io *w, int revents) int err = crypto->encrypt(abuf, server->e_ctx, BUF_SIZE); if (err) { - bfree(abuf); LOGE("invalid password or cipher"); close_and_free_remote(EV_A_ remote); close_and_free_server(EV_A_ server); return; } - ev_timer_start(EV_A_ & server->delayed_connect_watcher); ev_io_start(EV_A_ & remote->recv_ctx->io); - ev_io_start(EV_A_ & server->recv_ctx->io); - return; } else { ERROR("getpeername"); // not connected @@ -486,43 +461,36 @@ remote_send_cb(EV_P_ ev_io *w, int revents) close_and_free_server(EV_A_ server); return; } + } + + if (remote->buf->len == 0) { + // close and free + close_and_free_remote(EV_A_ remote); + close_and_free_server(EV_A_ server); + return; } else { - if (remote->buf->len == 0 && server->abuf->len == 0) { - // close and free - close_and_free_remote(EV_A_ remote); - close_and_free_server(EV_A_ server); + // has data to send + ssize_t s = send(remote->fd, remote->buf->data + remote->buf->idx, + remote->buf->len, 0); + if (s == -1) { + if (errno != EAGAIN && errno != EWOULDBLOCK) { + ERROR("send"); + // close and free + close_and_free_remote(EV_A_ remote); + close_and_free_server(EV_A_ server); + } + return; + } else if (s < remote->buf->len) { + // partly sent, move memory, wait for the next time to send + remote->buf->len -= s; + remote->buf->idx += s; return; } else { - // has data to send - if (server->abuf != NULL) { - assert(remote->buf->len == 0); - bprepend(remote->buf, server->abuf, BUF_SIZE); - bfree(server->abuf); - ss_free(server->abuf); - server->abuf = NULL; - } - ssize_t s = send(remote->fd, remote->buf->data + remote->buf->idx, - remote->buf->len, 0); - if (s == -1) { - if (errno != EAGAIN && errno != EWOULDBLOCK) { - ERROR("send"); - // close and free - close_and_free_remote(EV_A_ remote); - close_and_free_server(EV_A_ server); - } - return; - } else if (s < remote->buf->len) { - // partly sent, move memory, wait for the next time to send - remote->buf->len -= s; - remote->buf->idx += s; - return; - } else { - // all sent out, wait for reading - remote->buf->len = 0; - remote->buf->idx = 0; - ev_io_stop(EV_A_ & remote_send_ctx->io); - ev_io_start(EV_A_ & server->recv_ctx->io); - } + // all sent out, wait for reading + remote->buf->len = 0; + remote->buf->idx = 0; + ev_io_stop(EV_A_ & remote_send_ctx->io); + ev_io_start(EV_A_ & server->recv_ctx->io); } } } @@ -606,9 +574,6 @@ new_server(int fd) ev_io_init(&server->recv_ctx->io, server_recv_cb, fd, EV_READ); ev_io_init(&server->send_ctx->io, server_send_cb, fd, EV_WRITE); - ev_timer_init(&server->delayed_connect_watcher, - delayed_connect_cb, 0.05, 0); - return server; } @@ -626,10 +591,6 @@ free_server(server_t *server) crypto->ctx_release(server->d_ctx); ss_free(server->d_ctx); } - if (server->abuf != NULL) { - bfree(server->abuf); - ss_free(server->abuf); - } if (server->buf != NULL) { bfree(server->buf); ss_free(server->buf); @@ -1060,7 +1021,7 @@ main(int argc, char **argv) } if (method == NULL) { - method = "rc4-md5"; + method = "chacha20-ietf-poly1305"; } if (timeout == NULL) { diff --git a/src/tunnel.h b/src/tunnel.h index ae2193454..cf4ff381f 100644 --- a/src/tunnel.h +++ b/src/tunnel.h @@ -55,15 +55,12 @@ typedef struct server { int fd; buffer_t *buf; - buffer_t *abuf; cipher_ctx_t *e_ctx; cipher_ctx_t *d_ctx; struct server_ctx *recv_ctx; struct server_ctx *send_ctx; struct remote *remote; ss_addr_t destaddr; - - ev_timer delayed_connect_watcher; } server_t; typedef struct remote_ctx { diff --git a/src/utils.c b/src/utils.c index 12496256d..5d1236289 100644 --- a/src/utils.c +++ b/src/utils.c @@ -317,7 +317,7 @@ usage() printf( " salsa20, chacha20 and chacha20-ietf.\n"); printf( - " The default cipher is rc4-md5.\n"); + " The default cipher is chacha20-ietf-poly1305.\n"); printf("\n"); printf( " [-a ] Run as another user.\n"); @@ -492,17 +492,28 @@ get_default_conf(void) { #ifndef __MINGW32__ static char sysconf[] = "/etc/shadowsocks-libev/config.json"; - static char userconf[PATH_MAX] = { 0 }; + static char *userconf = NULL; + static int buf_size = 0; char *conf_home; conf_home = getenv("XDG_CONFIG_HOME"); + // Memory of userconf only gets allocated once, and will not be + // freed. It is used as static buffer. if (!conf_home) { - strcpy(userconf, getenv("HOME")); - strcat(userconf, "/.config/shadowsocks-libev/config.json"); + if (buf_size == 0) { + buf_size = 50 + strlen(getenv("HOME")); + userconf = malloc(buf_size); + } + snprintf(userconf, buf_size, "%s%s", getenv("HOME"), + "/.config/shadowsocks-libev/config.json"); } else { - strcpy(userconf, conf_home); - strcat(userconf, "/shadowsocks-libev/config.json"); + if (buf_size == 0) { + buf_size = 50 + strlen(conf_home); + userconf = malloc(buf_size); + } + snprintf(userconf, buf_size, "%s%s", conf_home, + "/shadowsocks-libev/config.json"); } // Check if the user-specific config exists. diff --git a/tests/aes-ctr.json b/tests/aes-ctr.json index 44ba6a28c..417ccb973 100644 --- a/tests/aes-ctr.json +++ b/tests/aes-ctr.json @@ -5,6 +5,6 @@ "password":"aes_password", "timeout":60, "method":"aes-256-ctr", - "local_address":"127.0.0.1", + "local":"127.0.0.1", "fast_open":false } diff --git a/tests/aes-gcm.json b/tests/aes-gcm.json index 2f74baa05..2341786c5 100644 --- a/tests/aes-gcm.json +++ b/tests/aes-gcm.json @@ -5,6 +5,6 @@ "password":"aes_password", "timeout":60, "method":"aes-256-gcm", - "local_address":"127.0.0.1", + "local":"127.0.0.1", "fast_open":false } diff --git a/tests/aes.json b/tests/aes.json index 1b3b738b8..14bbe22f8 100644 --- a/tests/aes.json +++ b/tests/aes.json @@ -5,6 +5,6 @@ "password":"aes_password", "timeout":60, "method":"aes-256-cfb", - "local_address":"127.0.0.1", + "local":"127.0.0.1", "fast_open":false } diff --git a/tests/chacha20-ietf-poly1305.json b/tests/chacha20-ietf-poly1305.json index 705393dd5..bca655c87 100644 --- a/tests/chacha20-ietf-poly1305.json +++ b/tests/chacha20-ietf-poly1305.json @@ -5,6 +5,6 @@ "password":"salsa20_password", "timeout":60, "method":"chacha20-ietf-poly1305", - "local_address":"127.0.0.1", + "local":"127.0.0.1", "fast_open":false } diff --git a/tests/chacha20-ietf.json b/tests/chacha20-ietf.json index 2a062a4f6..45841b932 100644 --- a/tests/chacha20-ietf.json +++ b/tests/chacha20-ietf.json @@ -5,6 +5,6 @@ "password":"salsa20_password", "timeout":60, "method":"chacha20-ietf", - "local_address":"127.0.0.1", + "local":"127.0.0.1", "fast_open":false } diff --git a/tests/chacha20.json b/tests/chacha20.json index 5c3168631..35b5f8afa 100644 --- a/tests/chacha20.json +++ b/tests/chacha20.json @@ -5,6 +5,6 @@ "password":"chacha20_password", "timeout":60, "method":"chacha20", - "local_address":"127.0.0.1", + "local":"127.0.0.1", "fast_open":false } diff --git a/tests/rc4-md5.json b/tests/rc4-md5.json index eb08beeaf..3e0a9abfa 100644 --- a/tests/rc4-md5.json +++ b/tests/rc4-md5.json @@ -5,6 +5,6 @@ "password":"aes_password", "timeout":60, "method":"rc4-md5", - "local_address":"127.0.0.1", + "local":"127.0.0.1", "fast_open":false } diff --git a/tests/salsa20.json b/tests/salsa20.json index 3729b4606..58860b3ae 100644 --- a/tests/salsa20.json +++ b/tests/salsa20.json @@ -5,6 +5,6 @@ "password":"salsa20_password", "timeout":60, "method":"salsa20", - "local_address":"127.0.0.1", + "local":"127.0.0.1", "fast_open":false } diff --git a/tests/test.sh b/tests/test.sh index 1dcd15fc3..b666eb1a9 100755 --- a/tests/test.sh +++ b/tests/test.sh @@ -27,6 +27,11 @@ function run_test { [ -d src -a -x src/ss-local ] && BIN="--bin src/" +if [ "$http_proxy" ]; then + echo "SKIP: shadowsocks-libev does not support an upstream HTTP proxy" + exit 0 +fi + run_test python tests/test.py $BIN -c tests/aes.json run_test python tests/test.py $BIN -c tests/aes-gcm.json run_test python tests/test.py $BIN -c tests/aes-ctr.json