Browse Source
Replace nonce cache with a ping-pong bloom filter (#1282)
Replace nonce cache with a ping-pong bloom filter (#1282)
* Add Ping-Pong bloom filter * Refine bloom filter insertion * Reduce the error rate to 0.00001 * Avoid alignment issue in murmurhash2 * Fix a memory leak * Fix build on non-GPU targets * Detect get_current_dir_name in configure * Update README.md * Remove redudant bfree() * Reduce the memory usage for local client * Fix #1275 * Refine #1275 * Use IP when bypassing SNI domains * Also apply replay detector on UDP traffic * Update deb build script Now build script is able to auto detect system and choose libraries necessary to build. Also update the README accordingly. * Update build script to enable jessie/stretch etc Also include a few cleanup that simplified pkg installation from backports repository.pull/1284/head
Max Lv
7 years ago
committed by
GitHub
19 changed files with 217 additions and 77 deletions
Split View
Diff Options
-
4.gitmodules
-
5Makefile.am
-
3configure.ac
-
1libbloom
-
5src/Makefile.am
-
38src/aead.c
-
12src/crypto.c
-
2src/crypto.h
-
4src/jconf.c
-
1src/jconf.h
-
9src/local.c
-
19src/manager.c
-
1src/manager.h
-
98src/ppbloom.c
-
31src/ppbloom.h
-
5src/redir.c
-
5src/server.c
-
44src/stream.c
-
7src/tunnel.c
@ -0,0 +1,98 @@ |
|||
/* |
|||
* ppbloom.c - Ping-Pong Bloom Filter for nonce reuse detection |
|||
* |
|||
* Copyright (C) 2013 - 2017, Max Lv <max.c.lv@gmail.com> |
|||
* |
|||
* This file is part of the shadowsocks-libev. |
|||
* |
|||
* shadowsocks-libev is free software; you can redistribute it and/or modify |
|||
* it under the terms of the GNU General Public License as published by |
|||
* the Free Software Foundation; either version 3 of the License, or |
|||
* (at your option) any later version. |
|||
* |
|||
* shadowsocks-libev is distributed in the hope that it will be useful, |
|||
* but WITHOUT ANY WARRANTY; without even the implied warranty of |
|||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
|||
* GNU General Public License for more details. |
|||
* |
|||
* You should have received a copy of the GNU General Public License |
|||
* along with shadowsocks-libev; see the file COPYING. If not, see |
|||
* <http://www.gnu.org/licenses/>. |
|||
*/ |
|||
|
|||
#include <errno.h> |
|||
#include <stdlib.h> |
|||
|
|||
#include "bloom.h" |
|||
#include "ppbloom.h" |
|||
#include "utils.h" |
|||
|
|||
#define PING 0 |
|||
#define PONG 1 |
|||
|
|||
static struct bloom ppbloom[2]; |
|||
static int bloom_count[2]; |
|||
static int current; |
|||
static int entries; |
|||
static double error; |
|||
|
|||
int |
|||
ppbloom_init(int n, double e) |
|||
{ |
|||
int err; |
|||
entries = n / 2; |
|||
error = e; |
|||
|
|||
err = bloom_init(ppbloom + PING, entries, error); |
|||
if (err) return err; |
|||
|
|||
err = bloom_init(ppbloom + PONG, entries, error); |
|||
if (err) return err; |
|||
|
|||
bloom_count[PING] = 0; |
|||
bloom_count[PONG] = 0; |
|||
|
|||
current = PING; |
|||
|
|||
return 0; |
|||
} |
|||
|
|||
int |
|||
ppbloom_check(const void *buffer, int len) |
|||
{ |
|||
int ret; |
|||
|
|||
ret = bloom_check(ppbloom + PING, buffer, len); |
|||
if (ret) return ret; |
|||
|
|||
ret = bloom_check(ppbloom + PONG, buffer, len); |
|||
if (ret) return ret; |
|||
|
|||
return 0; |
|||
} |
|||
|
|||
int |
|||
ppbloom_add(const void *buffer, int len) |
|||
{ |
|||
int err; |
|||
err = bloom_add(ppbloom + current, buffer, len); |
|||
if (err == -1) return err; |
|||
|
|||
bloom_count[current]++; |
|||
|
|||
if (bloom_count[current] >= entries) { |
|||
bloom_count[current] = 0; |
|||
current = current == PING ? PONG : PING; |
|||
bloom_free(ppbloom + current); |
|||
bloom_init(ppbloom + current, entries, error); |
|||
} |
|||
|
|||
return 0; |
|||
} |
|||
|
|||
void |
|||
ppbloom_free() |
|||
{ |
|||
bloom_free(ppbloom + PING); |
|||
bloom_free(ppbloom + PONG); |
|||
} |
@ -0,0 +1,31 @@ |
|||
/* |
|||
* ppbloom.h - Define the Ping-Pong Bloom Filter interface |
|||
* |
|||
* Copyright (C) 2013 - 2017, Max Lv <max.c.lv@gmail.com> |
|||
* |
|||
* This file is part of the shadowsocks-libev. |
|||
* |
|||
* shadowsocks-libev is free software; you can redistribute it and/or modify |
|||
* it under the terms of the GNU General Public License as published by |
|||
* the Free Software Foundation; either version 3 of the License, or |
|||
* (at your option) any later version. |
|||
* |
|||
* shadowsocks-libev is distributed in the hope that it will be useful, |
|||
* but WITHOUT ANY WARRANTY; without even the implied warranty of |
|||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
|||
* GNU General Public License for more details. |
|||
* |
|||
* You should have received a copy of the GNU General Public License |
|||
* along with shadowsocks-libev; see the file COPYING. If not, see |
|||
* <http://www.gnu.org/licenses/>. |
|||
*/ |
|||
|
|||
#ifndef _PPBLOOM_ |
|||
#define _PPBLOOM_ |
|||
|
|||
int ppbloom_init(int entries, double error); |
|||
int ppbloom_check(const void * buffer, int len); |
|||
int ppbloom_add(const void * buffer, int len); |
|||
void ppbloom_free(void); |
|||
|
|||
#endif |
Write
Preview
Loading…
Cancel
Save