From 06161102962b3dd8698c1246924ae4f7e2caf9aa Mon Sep 17 00:00:00 2001 From: Vinicius Fortuna Date: Thu, 8 Dec 2022 05:47:58 +0000 Subject: [PATCH 1/7] Move outline-ss-server to cmd/ --- .goreleaser.yml | 1 + Makefile | 11 +++-------- README.md | 16 ++++++++-------- .../outline-ss-server/config_example.yml | 0 server.go => cmd/outline-ss-server/main.go | 0 .../outline-ss-server/prometheus_example.yml | 0 .../outline-ss-server/server_test.go | 0 7 files changed, 12 insertions(+), 16 deletions(-) rename config_example.yml => cmd/outline-ss-server/config_example.yml (100%) rename server.go => cmd/outline-ss-server/main.go (100%) rename prometheus_example.yml => cmd/outline-ss-server/prometheus_example.yml (100%) rename server_test.go => cmd/outline-ss-server/server_test.go (100%) diff --git a/.goreleaser.yml b/.goreleaser.yml index ade75a04..d5288b76 100644 --- a/.goreleaser.yml +++ b/.goreleaser.yml @@ -18,6 +18,7 @@ project_name: outline-ss-server # Skip 32 bit macOS builds. builds: - + main: ./cmd/outline-ss-server/main.go env: - CGO_ENABLED=0 goos: diff --git a/Makefile b/Makefile index e7d3321d..8e993b60 100644 --- a/Makefile +++ b/Makefile @@ -1,14 +1,13 @@ BUILDDIR=$(CURDIR)/dist -GOBIN=$(CURDIR)/bin -GORELEASER=$(GOBIN)/goreleaser +GORELEASER=go run github.com/goreleaser/goreleaser .PHONY: release release-local test clean clean-all # This requires GITHUB_TOKEN to be set. -release: clean-all $(GORELEASER) +release: clean-all $(GORELEASER) -release-local: $(GORELEASER) +release-local: $(GORELEASER) --rm-dist --snapshot test: third_party/maxmind/test-data/GeoIP2-Country-Test.mmdb @@ -17,9 +16,6 @@ test: third_party/maxmind/test-data/GeoIP2-Country-Test.mmdb third_party/maxmind/test-data/GeoIP2-Country-Test.mmdb: git submodule update --init -$(GORELEASER): go.mod - env GOBIN=$(GOBIN) go install github.com/goreleaser/goreleaser - go.mod: tools.go go mod tidy touch go.mod @@ -30,4 +26,3 @@ clean: clean-all: clean rm -rf $(CURDIR)/third_party/maxmind/* - rm -rf $(GOBIN) diff --git a/README.md b/README.md index 8a19a17d..fb17f535 100644 --- a/README.md +++ b/README.md @@ -22,15 +22,15 @@ The Outline Shadowsocks service allows for: Fetch dependencies for this demo: ``` -GO111MODULE=off go get github.com/shadowsocks/go-shadowsocks2 github.com/prometheus/prometheus/cmd/... +GO111MODULE=off go get github.com/prometheus/prometheus/cmd/... ``` -If that doesn't work, download the [prometheus](https://prometheus.io/download/) or [go-shadowsocks2](https://github.com/shadowsocks/go-shadowsocks2/releases) binaries directly. +If that doesn't work, download the [prometheus](https://prometheus.io/download/) binary directly. ### Run the server On Terminal 1, from the repository directory, build and start the SS server: ``` -go run . -config config_example.yml -metrics localhost:9091 --replay_history=10000 +go run github.com/Jigsaw-Code/outline-ss-server/cmd/server -config cmd/server/config_example.yml -metrics localhost:9091 --replay_history=10000 ``` In production, you may want to specify `-ip_country_db` to get per-country metrics. See [how the Outline Server calls outline-ss-server](https://github.com/Jigsaw-Code/outline-server/blob/master/src/shadowbox/server/outline_shadowsocks_server.ts). @@ -38,13 +38,13 @@ In production, you may want to specify `-ip_country_db` to get per-country metri ### Run the Prometheus scraper for metrics collection On Terminal 2, start prometheus scraper for metrics collection: ``` -$(go env GOPATH)/bin/prometheus --config.file=prometheus_example.yml +$(go env GOPATH)/bin/prometheus --config.file=cmd/server/prometheus_example.yml ``` ### Run the SOCKS-to-Shadowsocks client On Terminal 3, start the SS client: ``` -$(go env GOPATH)/bin/go-shadowsocks2 -c ss://chacha20-ietf-poly1305:Secret0@:9000 -verbose -socks localhost:1080 +go run github.com/shadowsocks/go-shadowsocks2 -c ss://chacha20-ietf-poly1305:Secret0@:9000 -verbose -socks localhost:1080 ``` ### Fetch a page over Shadowsocks @@ -70,12 +70,12 @@ iperf3 -s Start the SS server (listening on port 9000): ``` -go run . -config config_example.yml +go run github.com/Jigsaw-Code/outline-ss-server/cmd/server -config cmd/server/config_example.yml ``` Start the SS tunnel to redirect port 8000 -> localhost:5201 via the proxy on 9000: ``` -$(go env GOPATH)/bin/go-shadowsocks2 -c ss://chacha20-ietf-poly1305:Secret0@:9000 -tcptun ":8000=localhost:5201" -udptun ":8000=localhost:5201" -verbose +go run github.com/shadowsocks/go-shadowsocks2 -c ss://chacha20-ietf-poly1305:Secret0@:9000 -tcptun ":8000=localhost:5201" -udptun ":8000=localhost:5201" -verbose ``` Test TCP upload (client -> server): @@ -102,7 +102,7 @@ iperf3 -c localhost -p 8000 --udp -b 0 --reverse Run the commands above, but start the SS server with ``` -$(go env GOPATH)/bin/go-shadowsocks2 -s ss://chacha20-ietf-poly1305:Secret0@:9000 -verbose +go run github.com/shadowsocks/go-shadowsocks2 -s ss://chacha20-ietf-poly1305:Secret0@:9000 -verbose ``` diff --git a/config_example.yml b/cmd/outline-ss-server/config_example.yml similarity index 100% rename from config_example.yml rename to cmd/outline-ss-server/config_example.yml diff --git a/server.go b/cmd/outline-ss-server/main.go similarity index 100% rename from server.go rename to cmd/outline-ss-server/main.go diff --git a/prometheus_example.yml b/cmd/outline-ss-server/prometheus_example.yml similarity index 100% rename from prometheus_example.yml rename to cmd/outline-ss-server/prometheus_example.yml diff --git a/server_test.go b/cmd/outline-ss-server/server_test.go similarity index 100% rename from server_test.go rename to cmd/outline-ss-server/server_test.go From 09f8991c8c546b223004e295c6063d331f02e2b8 Mon Sep 17 00:00:00 2001 From: Vinicius Fortuna Date: Thu, 8 Dec 2022 05:53:46 +0000 Subject: [PATCH 2/7] Ignore Prometheus data --- .gitignore | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.gitignore b/.gitignore index a6bcb5f6..decfc298 100644 --- a/.gitignore +++ b/.gitignore @@ -21,3 +21,6 @@ # Git submodules /third_party/maxmind/ + +# Prometheus +/data/ \ No newline at end of file From 046033c85617b84dd7a3aeaeb45655f9eb6b4475 Mon Sep 17 00:00:00 2001 From: Vinicius Fortuna Date: Thu, 8 Dec 2022 05:53:57 +0000 Subject: [PATCH 3/7] Fix path on README --- README.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/README.md b/README.md index fb17f535..4a8a8983 100644 --- a/README.md +++ b/README.md @@ -30,7 +30,7 @@ If that doesn't work, download the [prometheus](https://prometheus.io/download/) ### Run the server On Terminal 1, from the repository directory, build and start the SS server: ``` -go run github.com/Jigsaw-Code/outline-ss-server/cmd/server -config cmd/server/config_example.yml -metrics localhost:9091 --replay_history=10000 +go run ./cmd/outline-ss-server -config cmd/outline-ss-server/config_example.yml -metrics localhost:9091 --replay_history=10000 ``` In production, you may want to specify `-ip_country_db` to get per-country metrics. See [how the Outline Server calls outline-ss-server](https://github.com/Jigsaw-Code/outline-server/blob/master/src/shadowbox/server/outline_shadowsocks_server.ts). @@ -38,7 +38,7 @@ In production, you may want to specify `-ip_country_db` to get per-country metri ### Run the Prometheus scraper for metrics collection On Terminal 2, start prometheus scraper for metrics collection: ``` -$(go env GOPATH)/bin/prometheus --config.file=cmd/server/prometheus_example.yml +$(go env GOPATH)/bin/prometheus --config.file=cmd/outline-ss-server/prometheus_example.yml ``` ### Run the SOCKS-to-Shadowsocks client @@ -70,7 +70,7 @@ iperf3 -s Start the SS server (listening on port 9000): ``` -go run github.com/Jigsaw-Code/outline-ss-server/cmd/server -config cmd/server/config_example.yml +go run ./cmd/outline-ss-server -config cmd/outline-ss-server/config_example.yml ``` Start the SS tunnel to redirect port 8000 -> localhost:5201 via the proxy on 9000: From 91ec3481c48e97b3a519b2ede0e119fa2c38d5e8 Mon Sep 17 00:00:00 2001 From: Vinicius Fortuna Date: Thu, 8 Dec 2022 06:00:22 +0000 Subject: [PATCH 4/7] Hide internal code --- client/client.go | 8 ++++---- client/client_test.go | 4 ++-- .../integration_test}/integration_test.go | 0 {slicepool => internal/slicepool}/slicepool.go | 0 {slicepool => internal/slicepool}/slicepool_test.go | 0 shadowsocks/stream.go | 2 +- 6 files changed, 7 insertions(+), 7 deletions(-) rename {integration_test => internal/integration_test}/integration_test.go (100%) rename {slicepool => internal/slicepool}/slicepool.go (100%) rename {slicepool => internal/slicepool}/slicepool_test.go (100%) diff --git a/client/client.go b/client/client.go index f1fc3bf6..7b59ce19 100644 --- a/client/client.go +++ b/client/client.go @@ -6,9 +6,9 @@ import ( "net" "time" + "github.com/Jigsaw-Code/outline-ss-server/internal/slicepool" onet "github.com/Jigsaw-Code/outline-ss-server/net" ss "github.com/Jigsaw-Code/outline-ss-server/shadowsocks" - "github.com/Jigsaw-Code/outline-ss-server/slicepool" "github.com/shadowsocks/go-shadowsocks2/socks" ) @@ -156,7 +156,7 @@ func (c *packetConn) ReadFrom(b []byte) (int, net.Addr, error) { if socksSrcAddr == nil { return 0, nil, errors.New("Failed to read source address") } - srcAddr := NewAddr(socksSrcAddr.String(), "udp") + srcAddr := newAddr(socksSrcAddr.String(), "udp") n = copy(b, buf[len(socksSrcAddr):]) // Strip the SOCKS source address if len(b) < len(buf)-len(socksSrcAddr) { return n, srcAddr, io.ErrShortBuffer @@ -177,8 +177,8 @@ func (a *addr) Network() string { return a.network } -// NewAddr returns a net.Addr that holds an address of the form `host:port` with a domain name or IP as host. +// newAddr returns a net.Addr that holds an address of the form `host:port` with a domain name or IP as host. // Used for SOCKS addressing. -func NewAddr(address, network string) net.Addr { +func newAddr(address, network string) net.Addr { return &addr{address: address, network: network} } diff --git a/client/client_test.go b/client/client_test.go index 595932c0..67ef331a 100644 --- a/client/client_test.go +++ b/client/client_test.go @@ -176,7 +176,7 @@ func TestShadowsocksClient_ListenUDP(t *testing.T) { } defer conn.Close() conn.SetReadDeadline(time.Now().Add(time.Second * 5)) - pcrw := &packetConnReadWriter{PacketConn: conn, targetAddr: NewAddr(testTargetAddr, "udp")} + pcrw := &packetConnReadWriter{PacketConn: conn, targetAddr: newAddr(testTargetAddr, "udp")} expectEchoPayload(pcrw, ss.MakeTestPayload(1024), make([]byte, 1024), t) proxy.Close() @@ -236,7 +236,7 @@ func BenchmarkShadowsocksClient_ListenUDP(b *testing.B) { buf := make([]byte, clientUDPBufferSize) for n := 0; n < b.N; n++ { payload := ss.MakeTestPayload(1024) - pcrw := &packetConnReadWriter{PacketConn: conn, targetAddr: NewAddr(testTargetAddr, "udp")} + pcrw := &packetConnReadWriter{PacketConn: conn, targetAddr: newAddr(testTargetAddr, "udp")} b.StartTimer() expectEchoPayload(pcrw, payload, buf, b) b.StopTimer() diff --git a/integration_test/integration_test.go b/internal/integration_test/integration_test.go similarity index 100% rename from integration_test/integration_test.go rename to internal/integration_test/integration_test.go diff --git a/slicepool/slicepool.go b/internal/slicepool/slicepool.go similarity index 100% rename from slicepool/slicepool.go rename to internal/slicepool/slicepool.go diff --git a/slicepool/slicepool_test.go b/internal/slicepool/slicepool_test.go similarity index 100% rename from slicepool/slicepool_test.go rename to internal/slicepool/slicepool_test.go diff --git a/shadowsocks/stream.go b/shadowsocks/stream.go index a1a478c2..b1b74700 100644 --- a/shadowsocks/stream.go +++ b/shadowsocks/stream.go @@ -22,7 +22,7 @@ import ( "io" "sync" - "github.com/Jigsaw-Code/outline-ss-server/slicepool" + "github.com/Jigsaw-Code/outline-ss-server/internal/slicepool" ) // payloadSizeMask is the maximum size of payload in bytes. From 7da6b3d199ca3a1c1af0b30de2c266a8c6ab0de7 Mon Sep 17 00:00:00 2001 From: Vinicius Fortuna Date: Thu, 8 Dec 2022 06:48:42 +0000 Subject: [PATCH 5/7] Hide serverSaltMarkLen --- service/cipher_list.go | 2 +- service/server_salt.go | 10 +++++----- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/service/cipher_list.go b/service/cipher_list.go index 6b45da49..49394e03 100644 --- a/service/cipher_list.go +++ b/service/cipher_list.go @@ -37,7 +37,7 @@ type CipherEntry struct { // MakeCipherEntry constructs a CipherEntry. func MakeCipherEntry(id string, cipher *ss.Cipher, secret string) CipherEntry { var saltGenerator ServerSaltGenerator - if cipher.SaltSize()-ServerSaltMarkLen >= minSaltEntropy { + if cipher.SaltSize()-serverSaltMarkLen >= minSaltEntropy { // Mark salts with a tag for reverse replay protection. saltGenerator = NewServerSaltGenerator(secret) } else { diff --git a/service/server_salt.go b/service/server_salt.go index 72433d46..27230423 100644 --- a/service/server_salt.go +++ b/service/server_salt.go @@ -56,10 +56,10 @@ type serverSaltGenerator struct { key []byte } -// ServerSaltMarkLen is the number of bytes of salt to use as a marker. +// serverSaltMarkLen is the number of bytes of salt to use as a marker. // Increasing this value reduces the false positive rate, but increases // the likelihood of salt collisions. -const ServerSaltMarkLen = 4 // Must be less than or equal to SHA1.Size() +const serverSaltMarkLen = 4 // Must be less than or equal to SHA1.Size() // Constant to identify this marking scheme. var serverSaltLabel = []byte("outline-server-salt") @@ -79,9 +79,9 @@ func NewServerSaltGenerator(secret string) ServerSaltGenerator { } func (sg serverSaltGenerator) splitSalt(salt []byte) (prefix, mark []byte, err error) { - prefixLen := len(salt) - ServerSaltMarkLen + prefixLen := len(salt) - serverSaltMarkLen if prefixLen < 0 { - return nil, nil, fmt.Errorf("Salt is too short: %d < %d", len(salt), ServerSaltMarkLen) + return nil, nil, fmt.Errorf("Salt is too short: %d < %d", len(salt), serverSaltMarkLen) } return salt[:prefixLen], salt[prefixLen:], nil } @@ -116,5 +116,5 @@ func (sg serverSaltGenerator) IsServerSalt(salt []byte) bool { return false } tag := sg.getTag(prefix) - return bytes.Equal(tag[:ServerSaltMarkLen], mark) + return bytes.Equal(tag[:serverSaltMarkLen], mark) } From b7661c8608dc571bb4845f7a59df9a0f4ffa7b30 Mon Sep 17 00:00:00 2001 From: Vinicius Fortuna Date: Thu, 8 Dec 2022 07:03:06 +0000 Subject: [PATCH 6/7] Add EOL --- .gitignore | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.gitignore b/.gitignore index decfc298..0182c89b 100644 --- a/.gitignore +++ b/.gitignore @@ -23,4 +23,4 @@ /third_party/maxmind/ # Prometheus -/data/ \ No newline at end of file +/data/ From ede3a786eaf2c08032cc7a91077e41241fc837ce Mon Sep 17 00:00:00 2001 From: Vinicius Fortuna Date: Thu, 8 Dec 2022 21:36:41 +0000 Subject: [PATCH 7/7] Add badges --- README.md | 3 +++ 1 file changed, 3 insertions(+) diff --git a/README.md b/README.md index 4a8a8983..addb13bc 100644 --- a/README.md +++ b/README.md @@ -1,6 +1,9 @@ # Outline ss-server ![Build Status](https://github.com/Jigsaw-Code/outline-ss-server/actions/workflows/go.yml/badge.svg) +[![Go Report Card](https://goreportcard.com/badge/github.com/Jigsaw-Code/outline-ss-server)](https://goreportcard.com/report/github.com/Jigsaw-Code/outline-ss-server) +[![Go Reference](https://pkg.go.dev/badge/github.com/Jigsaw-Code/outline-ss-server.svg)](https://pkg.go.dev/github.com/Jigsaw-Code/outline-ss-server) + [![Mattermost](https://badgen.net/badge/Mattermost/Outline%20Community/blue)](https://community.internetfreedomfestival.org/community/channels/outline-community) [![Reddit](https://badgen.net/badge/Reddit/r%2Foutlinevpn/orange)](https://www.reddit.com/r/outlinevpn/)