diff --git a/src/Makefile.am b/src/Makefile.am index 68f455d2..6a4578bb 100644 --- a/src/Makefile.am +++ b/src/Makefile.am @@ -77,9 +77,10 @@ ss_tunnel_LDADD += $(top_builddir)/libudns/libudns.la ss_server_LDADD += $(top_builddir)/libudns/libudns.la endif -ss_local_CFLAGS = $(AM_CFLAGS) -DUDPRELAY_LOCAL -ss_tunnel_CFLAGS = $(AM_CFLAGS) -DUDPRELAY_LOCAL -DUDPRELAY_TUNNEL -ss_server_CFLAGS = $(AM_CFLAGS) -DUDPRELAY_REMOTE +ss_local_CFLAGS = $(AM_CFLAGS) -DMODULE_LOCAL +ss_tunnel_CFLAGS = $(AM_CFLAGS) -DMODULE_TUNNEL +ss_server_CFLAGS = $(AM_CFLAGS) -DMODULE_REMOTE +ss_manager_CFLAGS = $(AM_CFLAGS) -DMODULE_MANAGER if BUILD_WINCOMPAT ss_local_SOURCES += win32.c @@ -97,7 +98,7 @@ ss_redir_SOURCES = utils.c \ udprelay.c \ hmac-sha1.c \ redir.c -ss_redir_CFLAGS = $(AM_CFLAGS) -DUDPRELAY_REDIR -DUDPRELAY_LOCAL +ss_redir_CFLAGS = $(AM_CFLAGS) -DMODULE_REDIR ss_redir_LDADD = $(SS_COMMON_LIBS) if USE_SYSTEM_SHARED_LIB ss_redir_LDADD += -ludns diff --git a/src/Makefile.in b/src/Makefile.in index 1342c401..eb3836f2 100644 --- a/src/Makefile.in +++ b/src/Makefile.in @@ -1,9 +1,8 @@ -# Makefile.in generated by automake 1.11.6 from Makefile.am. +# Makefile.in generated by automake 1.14.1 from Makefile.am. # @configure_input@ -# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, -# 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2011 Free Software -# Foundation, Inc. +# Copyright (C) 1994-2013 Free Software Foundation, Inc. + # This Makefile.in is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. @@ -18,23 +17,51 @@ VPATH = @srcdir@ -am__make_dryrun = \ - { \ - am__dry=no; \ +am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)' +am__make_running_with_option = \ + case $${target_option-} in \ + ?) ;; \ + *) echo "am__make_running_with_option: internal error: invalid" \ + "target option '$${target_option-}' specified" >&2; \ + exit 1;; \ + esac; \ + has_opt=no; \ + sane_makeflags=$$MAKEFLAGS; \ + if $(am__is_gnu_make); then \ + sane_makeflags=$$MFLAGS; \ + else \ case $$MAKEFLAGS in \ *\\[\ \ ]*) \ - echo 'am--echo: ; @echo "AM" OK' | $(MAKE) -f - 2>/dev/null \ - | grep '^AM OK$$' >/dev/null || am__dry=yes;; \ - *) \ - for am__flg in $$MAKEFLAGS; do \ - case $$am__flg in \ - *=*|--*) ;; \ - *n*) am__dry=yes; break;; \ - esac; \ - done;; \ + bs=\\; \ + sane_makeflags=`printf '%s\n' "$$MAKEFLAGS" \ + | sed "s/$$bs$$bs[$$bs $$bs ]*//g"`;; \ esac; \ - test $$am__dry = yes; \ - } + fi; \ + skip_next=no; \ + strip_trailopt () \ + { \ + flg=`printf '%s\n' "$$flg" | sed "s/$$1.*$$//"`; \ + }; \ + for flg in $$sane_makeflags; do \ + test $$skip_next = yes && { skip_next=no; continue; }; \ + case $$flg in \ + *=*|--*) continue;; \ + -*I) strip_trailopt 'I'; skip_next=yes;; \ + -*I?*) strip_trailopt 'I';; \ + -*O) strip_trailopt 'O'; skip_next=yes;; \ + -*O?*) strip_trailopt 'O';; \ + -*l) strip_trailopt 'l'; skip_next=yes;; \ + -*l?*) strip_trailopt 'l';; \ + -[dEDm]) skip_next=yes;; \ + -[JT]) skip_next=yes;; \ + esac; \ + case $$flg in \ + *$$target_option*) has_opt=yes; break;; \ + esac; \ + done; \ + test $$has_opt = yes +am__make_dryrun = (target_option=n; $(am__make_running_with_option)) +am__make_keepgoing = (target_option=k; $(am__make_running_with_option)) pkgdatadir = $(datadir)/@PACKAGE@ pkgincludedir = $(includedir)/@PACKAGE@ pkglibdir = $(libdir)/@PACKAGE@ @@ -75,8 +102,8 @@ bin_PROGRAMS = ss-local$(EXEEXT) ss-tunnel$(EXEEXT) $(am__EXEEXT_1) \ @BUILD_REDIRECTOR_TRUE@@USE_SYSTEM_SHARED_LIB_TRUE@am__append_14 = -ludns @BUILD_REDIRECTOR_TRUE@@USE_SYSTEM_SHARED_LIB_FALSE@am__append_15 = $(top_builddir)/libudns/libudns.la subdir = src -DIST_COMMON = $(include_HEADERS) $(srcdir)/Makefile.am \ - $(srcdir)/Makefile.in +DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \ + $(top_srcdir)/auto/depcomp $(include_HEADERS) ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 am__aclocal_m4_deps = $(top_srcdir)/m4/acx_pthread.m4 \ $(top_srcdir)/m4/ax_tls.m4 $(top_srcdir)/m4/inet_ntop.m4 \ @@ -144,6 +171,7 @@ libshadowsocks_la_OBJECTS = $(am_libshadowsocks_la_OBJECTS) AM_V_lt = $(am__v_lt_@AM_V@) am__v_lt_ = $(am__v_lt_@AM_DEFAULT_V@) am__v_lt_0 = --silent +am__v_lt_1 = libshadowsocks_la_LINK = $(LIBTOOL) $(AM_V_lt) --tag=CC \ $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=link $(CCLD) \ $(libshadowsocks_la_CFLAGS) $(CFLAGS) \ @@ -168,10 +196,14 @@ ss_local_DEPENDENCIES = $(am__DEPENDENCIES_2) $(am__DEPENDENCIES_1) \ ss_local_LINK = $(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) \ $(LIBTOOLFLAGS) --mode=link $(CCLD) $(ss_local_CFLAGS) \ $(CFLAGS) $(AM_LDFLAGS) $(LDFLAGS) -o $@ -am_ss_manager_OBJECTS = utils.$(OBJEXT) jconf.$(OBJEXT) json.$(OBJEXT) \ - manager.$(OBJEXT) +am_ss_manager_OBJECTS = ss_manager-utils.$(OBJEXT) \ + ss_manager-jconf.$(OBJEXT) ss_manager-json.$(OBJEXT) \ + ss_manager-manager.$(OBJEXT) ss_manager_OBJECTS = $(am_ss_manager_OBJECTS) ss_manager_DEPENDENCIES = $(am__DEPENDENCIES_2) +ss_manager_LINK = $(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) \ + $(LIBTOOLFLAGS) --mode=link $(CCLD) $(ss_manager_CFLAGS) \ + $(CFLAGS) $(AM_LDFLAGS) $(LDFLAGS) -o $@ am__ss_redir_SOURCES_DIST = utils.c jconf.c json.c encrypt.c \ netutils.c cache.c udprelay.c hmac-sha1.c redir.c @BUILD_REDIRECTOR_TRUE@am_ss_redir_OBJECTS = ss_redir-utils.$(OBJEXT) \ @@ -216,6 +248,18 @@ ss_tunnel_DEPENDENCIES = $(am__DEPENDENCIES_2) $(am__DEPENDENCIES_1) \ ss_tunnel_LINK = $(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) \ $(LIBTOOLFLAGS) --mode=link $(CCLD) $(ss_tunnel_CFLAGS) \ $(CFLAGS) $(AM_LDFLAGS) $(LDFLAGS) -o $@ +AM_V_P = $(am__v_P_@AM_V@) +am__v_P_ = $(am__v_P_@AM_DEFAULT_V@) +am__v_P_0 = false +am__v_P_1 = : +AM_V_GEN = $(am__v_GEN_@AM_V@) +am__v_GEN_ = $(am__v_GEN_@AM_DEFAULT_V@) +am__v_GEN_0 = @echo " GEN " $@; +am__v_GEN_1 = +AM_V_at = $(am__v_at_@AM_V@) +am__v_at_ = $(am__v_at_@AM_DEFAULT_V@) +am__v_at_0 = @ +am__v_at_1 = DEFAULT_INCLUDES = -I.@am__isrc@ -I$(top_builddir) depcomp = $(SHELL) $(top_srcdir)/auto/depcomp am__depfiles_maybe = depfiles @@ -228,20 +272,16 @@ LTCOMPILE = $(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) \ $(AM_CFLAGS) $(CFLAGS) AM_V_CC = $(am__v_CC_@AM_V@) am__v_CC_ = $(am__v_CC_@AM_DEFAULT_V@) -am__v_CC_0 = @echo " CC " $@; -AM_V_at = $(am__v_at_@AM_V@) -am__v_at_ = $(am__v_at_@AM_DEFAULT_V@) -am__v_at_0 = @ +am__v_CC_0 = @echo " CC " $@; +am__v_CC_1 = CCLD = $(CC) LINK = $(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) \ $(LIBTOOLFLAGS) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \ $(AM_LDFLAGS) $(LDFLAGS) -o $@ AM_V_CCLD = $(am__v_CCLD_@AM_V@) am__v_CCLD_ = $(am__v_CCLD_@AM_DEFAULT_V@) -am__v_CCLD_0 = @echo " CCLD " $@; -AM_V_GEN = $(am__v_GEN_@AM_V@) -am__v_GEN_ = $(am__v_GEN_@AM_DEFAULT_V@) -am__v_GEN_0 = @echo " GEN " $@; +am__v_CCLD_0 = @echo " CCLD " $@; +am__v_CCLD_1 = SOURCES = $(libshadowsocks_la_SOURCES) $(ss_local_SOURCES) \ $(ss_manager_SOURCES) $(ss_redir_SOURCES) $(ss_server_SOURCES) \ $(ss_tunnel_SOURCES) @@ -255,6 +295,23 @@ am__can_run_installinfo = \ *) (install-info --version) >/dev/null 2>&1;; \ esac HEADERS = $(include_HEADERS) +am__tagged_files = $(HEADERS) $(SOURCES) $(TAGS_FILES) $(LISP) +# Read a list of newline-separated strings from the standard input, +# and print each of them once, without duplicates. Input order is +# *not* preserved. +am__uniquify_input = $(AWK) '\ + BEGIN { nonempty = 0; } \ + { items[$$0] = 1; nonempty = 1; } \ + END { if (nonempty) { for (i in items) print i; }; } \ +' +# Make sure the list of sources is unique. This is necessary because, +# e.g., the same source file might be shared among _SOURCES variables +# for different programs/libraries. +am__define_uniq_tagged_files = \ + list='$(am__tagged_files)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | $(am__uniquify_input)` ETAGS = etags CTAGS = ctags DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) @@ -413,9 +470,10 @@ ss_local_LDADD = $(SS_COMMON_LIBS) $(am__append_5) $(am__append_8) ss_tunnel_LDADD = $(SS_COMMON_LIBS) $(am__append_6) $(am__append_9) ss_server_LDADD = $(SS_COMMON_LIBS) $(am__append_7) $(am__append_10) ss_manager_LDADD = $(SS_COMMON_LIBS) -ss_local_CFLAGS = $(AM_CFLAGS) -DUDPRELAY_LOCAL -ss_tunnel_CFLAGS = $(AM_CFLAGS) -DUDPRELAY_LOCAL -DUDPRELAY_TUNNEL -ss_server_CFLAGS = $(AM_CFLAGS) -DUDPRELAY_REMOTE +ss_local_CFLAGS = $(AM_CFLAGS) -DMODULE_LOCAL +ss_tunnel_CFLAGS = $(AM_CFLAGS) -DMODULE_TUNNEL +ss_server_CFLAGS = $(AM_CFLAGS) -DMODULE_REMOTE +ss_manager_CFLAGS = $(AM_CFLAGS) -DMODULE_MANAGER @BUILD_REDIRECTOR_TRUE@ss_redir_SOURCES = utils.c \ @BUILD_REDIRECTOR_TRUE@ jconf.c \ @BUILD_REDIRECTOR_TRUE@ json.c \ @@ -426,7 +484,7 @@ ss_server_CFLAGS = $(AM_CFLAGS) -DUDPRELAY_REMOTE @BUILD_REDIRECTOR_TRUE@ hmac-sha1.c \ @BUILD_REDIRECTOR_TRUE@ redir.c -@BUILD_REDIRECTOR_TRUE@ss_redir_CFLAGS = $(AM_CFLAGS) -DUDPRELAY_REDIR -DUDPRELAY_LOCAL +@BUILD_REDIRECTOR_TRUE@ss_redir_CFLAGS = $(AM_CFLAGS) -DMODULE_REDIR @BUILD_REDIRECTOR_TRUE@ss_redir_LDADD = $(SS_COMMON_LIBS) \ @BUILD_REDIRECTOR_TRUE@ $(am__append_14) $(am__append_15) lib_LTLIBRARIES = libshadowsocks.la @@ -469,6 +527,7 @@ $(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) $(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh $(am__aclocal_m4_deps): + install-libLTLIBRARIES: $(lib_LTLIBRARIES) @$(NORMAL_INSTALL) @list='$(lib_LTLIBRARIES)'; test -n "$(libdir)" || list=; \ @@ -495,12 +554,15 @@ uninstall-libLTLIBRARIES: clean-libLTLIBRARIES: -test -z "$(lib_LTLIBRARIES)" || rm -f $(lib_LTLIBRARIES) - @list='$(lib_LTLIBRARIES)'; for p in $$list; do \ - dir="`echo $$p | sed -e 's|/[^/]*$$||'`"; \ - test "$$dir" != "$$p" || dir=.; \ - echo "rm -f \"$${dir}/so_locations\""; \ - rm -f "$${dir}/so_locations"; \ - done + @list='$(lib_LTLIBRARIES)'; \ + locs=`for p in $$list; do echo $$p; done | \ + sed 's|^[^/]*$$|.|; s|/[^/]*$$||; s|$$|/so_locations|' | \ + sort -u`; \ + test -z "$$locs" || { \ + echo rm -f $${locs}; \ + rm -f $${locs}; \ + } + libshadowsocks.la: $(libshadowsocks_la_OBJECTS) $(libshadowsocks_la_DEPENDENCIES) $(EXTRA_libshadowsocks_la_DEPENDENCIES) $(AM_V_CCLD)$(libshadowsocks_la_LINK) -rpath $(libdir) $(libshadowsocks_la_OBJECTS) $(libshadowsocks_la_LIBADD) $(LIBS) install-binPROGRAMS: $(bin_PROGRAMS) @@ -512,10 +574,12 @@ install-binPROGRAMS: $(bin_PROGRAMS) fi; \ for p in $$list; do echo "$$p $$p"; done | \ sed 's/$(EXEEXT)$$//' | \ - while read p p1; do if test -f $$p || test -f $$p1; \ - then echo "$$p"; echo "$$p"; else :; fi; \ + while read p p1; do if test -f $$p \ + || test -f $$p1 \ + ; then echo "$$p"; echo "$$p"; else :; fi; \ done | \ - sed -e 'p;s,.*/,,;n;h' -e 's|.*|.|' \ + sed -e 'p;s,.*/,,;n;h' \ + -e 's|.*|.|' \ -e 'p;x;s,.*/,,;s/$(EXEEXT)$$//;$(transform);s/$$/$(EXEEXT)/' | \ sed 'N;N;N;s,\n, ,g' | \ $(AWK) 'BEGIN { files["."] = ""; dirs["."] = 1 } \ @@ -536,7 +600,8 @@ uninstall-binPROGRAMS: @list='$(bin_PROGRAMS)'; test -n "$(bindir)" || list=; \ files=`for p in $$list; do echo "$$p"; done | \ sed -e 'h;s,^.*/,,;s/$(EXEEXT)$$//;$(transform)' \ - -e 's/$$/$(EXEEXT)/' `; \ + -e 's/$$/$(EXEEXT)/' \ + `; \ test -n "$$list" || exit 0; \ echo " ( cd '$(DESTDIR)$(bindir)' && rm -f" $$files ")"; \ cd "$(DESTDIR)$(bindir)" && rm -f $$files @@ -549,18 +614,23 @@ clean-binPROGRAMS: list=`for p in $$list; do echo "$$p"; done | sed 's/$(EXEEXT)$$//'`; \ echo " rm -f" $$list; \ rm -f $$list + ss-local$(EXEEXT): $(ss_local_OBJECTS) $(ss_local_DEPENDENCIES) $(EXTRA_ss_local_DEPENDENCIES) @rm -f ss-local$(EXEEXT) $(AM_V_CCLD)$(ss_local_LINK) $(ss_local_OBJECTS) $(ss_local_LDADD) $(LIBS) + ss-manager$(EXEEXT): $(ss_manager_OBJECTS) $(ss_manager_DEPENDENCIES) $(EXTRA_ss_manager_DEPENDENCIES) @rm -f ss-manager$(EXEEXT) - $(AM_V_CCLD)$(LINK) $(ss_manager_OBJECTS) $(ss_manager_LDADD) $(LIBS) + $(AM_V_CCLD)$(ss_manager_LINK) $(ss_manager_OBJECTS) $(ss_manager_LDADD) $(LIBS) + ss-redir$(EXEEXT): $(ss_redir_OBJECTS) $(ss_redir_DEPENDENCIES) $(EXTRA_ss_redir_DEPENDENCIES) @rm -f ss-redir$(EXEEXT) $(AM_V_CCLD)$(ss_redir_LINK) $(ss_redir_OBJECTS) $(ss_redir_LDADD) $(LIBS) + ss-server$(EXEEXT): $(ss_server_OBJECTS) $(ss_server_DEPENDENCIES) $(EXTRA_ss_server_DEPENDENCIES) @rm -f ss-server$(EXEEXT) $(AM_V_CCLD)$(ss_server_LINK) $(ss_server_OBJECTS) $(ss_server_LDADD) $(LIBS) + ss-tunnel$(EXEEXT): $(ss_tunnel_OBJECTS) $(ss_tunnel_DEPENDENCIES) $(EXTRA_ss_tunnel_DEPENDENCIES) @rm -f ss-tunnel$(EXEEXT) $(AM_V_CCLD)$(ss_tunnel_LINK) $(ss_tunnel_OBJECTS) $(ss_tunnel_LDADD) $(LIBS) @@ -571,8 +641,6 @@ mostlyclean-compile: distclean-compile: -rm -f *.tab.c -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/jconf.Po@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/json.Po@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libshadowsocks_la-acl.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libshadowsocks_la-cache.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libshadowsocks_la-encrypt.Plo@am__quote@ @@ -584,7 +652,6 @@ distclean-compile: @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libshadowsocks_la-udprelay.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libshadowsocks_la-utils.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libshadowsocks_la-win32.Plo@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/manager.Po@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/ss_local-acl.Po@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/ss_local-cache.Po@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/ss_local-encrypt.Po@am__quote@ @@ -596,6 +663,10 @@ distclean-compile: @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/ss_local-udprelay.Po@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/ss_local-utils.Po@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/ss_local-win32.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/ss_manager-jconf.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/ss_manager-json.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/ss_manager-manager.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/ss_manager-utils.Po@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/ss_redir-cache.Po@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/ss_redir-encrypt.Po@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/ss_redir-hmac-sha1.Po@am__quote@ @@ -626,7 +697,6 @@ distclean-compile: @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/ss_tunnel-udprelay.Po@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/ss_tunnel-utils.Po@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/ss_tunnel-win32.Po@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/utils.Po@am__quote@ .c.o: @am__fastdepCC_TRUE@ $(AM_V_CC)depbase=`echo $@ | sed 's|[^/]*$$|$(DEPDIR)/&|;s|\.o$$||'`;\ @@ -883,6 +953,62 @@ ss_local-win32.obj: win32.c @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(ss_local_CFLAGS) $(CFLAGS) -c -o ss_local-win32.obj `if test -f 'win32.c'; then $(CYGPATH_W) 'win32.c'; else $(CYGPATH_W) '$(srcdir)/win32.c'; fi` +ss_manager-utils.o: utils.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(ss_manager_CFLAGS) $(CFLAGS) -MT ss_manager-utils.o -MD -MP -MF $(DEPDIR)/ss_manager-utils.Tpo -c -o ss_manager-utils.o `test -f 'utils.c' || echo '$(srcdir)/'`utils.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/ss_manager-utils.Tpo $(DEPDIR)/ss_manager-utils.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='utils.c' object='ss_manager-utils.o' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(ss_manager_CFLAGS) $(CFLAGS) -c -o ss_manager-utils.o `test -f 'utils.c' || echo '$(srcdir)/'`utils.c + +ss_manager-utils.obj: utils.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(ss_manager_CFLAGS) $(CFLAGS) -MT ss_manager-utils.obj -MD -MP -MF $(DEPDIR)/ss_manager-utils.Tpo -c -o ss_manager-utils.obj `if test -f 'utils.c'; then $(CYGPATH_W) 'utils.c'; else $(CYGPATH_W) '$(srcdir)/utils.c'; fi` +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/ss_manager-utils.Tpo $(DEPDIR)/ss_manager-utils.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='utils.c' object='ss_manager-utils.obj' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(ss_manager_CFLAGS) $(CFLAGS) -c -o ss_manager-utils.obj `if test -f 'utils.c'; then $(CYGPATH_W) 'utils.c'; else $(CYGPATH_W) '$(srcdir)/utils.c'; fi` + +ss_manager-jconf.o: jconf.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(ss_manager_CFLAGS) $(CFLAGS) -MT ss_manager-jconf.o -MD -MP -MF $(DEPDIR)/ss_manager-jconf.Tpo -c -o ss_manager-jconf.o `test -f 'jconf.c' || echo '$(srcdir)/'`jconf.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/ss_manager-jconf.Tpo $(DEPDIR)/ss_manager-jconf.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='jconf.c' object='ss_manager-jconf.o' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(ss_manager_CFLAGS) $(CFLAGS) -c -o ss_manager-jconf.o `test -f 'jconf.c' || echo '$(srcdir)/'`jconf.c + +ss_manager-jconf.obj: jconf.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(ss_manager_CFLAGS) $(CFLAGS) -MT ss_manager-jconf.obj -MD -MP -MF $(DEPDIR)/ss_manager-jconf.Tpo -c -o ss_manager-jconf.obj `if test -f 'jconf.c'; then $(CYGPATH_W) 'jconf.c'; else $(CYGPATH_W) '$(srcdir)/jconf.c'; fi` +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/ss_manager-jconf.Tpo $(DEPDIR)/ss_manager-jconf.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='jconf.c' object='ss_manager-jconf.obj' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(ss_manager_CFLAGS) $(CFLAGS) -c -o ss_manager-jconf.obj `if test -f 'jconf.c'; then $(CYGPATH_W) 'jconf.c'; else $(CYGPATH_W) '$(srcdir)/jconf.c'; fi` + +ss_manager-json.o: json.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(ss_manager_CFLAGS) $(CFLAGS) -MT ss_manager-json.o -MD -MP -MF $(DEPDIR)/ss_manager-json.Tpo -c -o ss_manager-json.o `test -f 'json.c' || echo '$(srcdir)/'`json.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/ss_manager-json.Tpo $(DEPDIR)/ss_manager-json.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='json.c' object='ss_manager-json.o' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(ss_manager_CFLAGS) $(CFLAGS) -c -o ss_manager-json.o `test -f 'json.c' || echo '$(srcdir)/'`json.c + +ss_manager-json.obj: json.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(ss_manager_CFLAGS) $(CFLAGS) -MT ss_manager-json.obj -MD -MP -MF $(DEPDIR)/ss_manager-json.Tpo -c -o ss_manager-json.obj `if test -f 'json.c'; then $(CYGPATH_W) 'json.c'; else $(CYGPATH_W) '$(srcdir)/json.c'; fi` +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/ss_manager-json.Tpo $(DEPDIR)/ss_manager-json.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='json.c' object='ss_manager-json.obj' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(ss_manager_CFLAGS) $(CFLAGS) -c -o ss_manager-json.obj `if test -f 'json.c'; then $(CYGPATH_W) 'json.c'; else $(CYGPATH_W) '$(srcdir)/json.c'; fi` + +ss_manager-manager.o: manager.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(ss_manager_CFLAGS) $(CFLAGS) -MT ss_manager-manager.o -MD -MP -MF $(DEPDIR)/ss_manager-manager.Tpo -c -o ss_manager-manager.o `test -f 'manager.c' || echo '$(srcdir)/'`manager.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/ss_manager-manager.Tpo $(DEPDIR)/ss_manager-manager.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='manager.c' object='ss_manager-manager.o' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(ss_manager_CFLAGS) $(CFLAGS) -c -o ss_manager-manager.o `test -f 'manager.c' || echo '$(srcdir)/'`manager.c + +ss_manager-manager.obj: manager.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(ss_manager_CFLAGS) $(CFLAGS) -MT ss_manager-manager.obj -MD -MP -MF $(DEPDIR)/ss_manager-manager.Tpo -c -o ss_manager-manager.obj `if test -f 'manager.c'; then $(CYGPATH_W) 'manager.c'; else $(CYGPATH_W) '$(srcdir)/manager.c'; fi` +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/ss_manager-manager.Tpo $(DEPDIR)/ss_manager-manager.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='manager.c' object='ss_manager-manager.obj' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(ss_manager_CFLAGS) $(CFLAGS) -c -o ss_manager-manager.obj `if test -f 'manager.c'; then $(CYGPATH_W) 'manager.c'; else $(CYGPATH_W) '$(srcdir)/manager.c'; fi` + ss_redir-utils.o: utils.c @am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(ss_redir_CFLAGS) $(CFLAGS) -MT ss_redir-utils.o -MD -MP -MF $(DEPDIR)/ss_redir-utils.Tpo -c -o ss_redir-utils.o `test -f 'utils.c' || echo '$(srcdir)/'`utils.c @am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/ss_redir-utils.Tpo $(DEPDIR)/ss_redir-utils.Po @@ -1330,26 +1456,15 @@ uninstall-includeHEADERS: files=`for p in $$list; do echo $$p; done | sed -e 's|^.*/||'`; \ dir='$(DESTDIR)$(includedir)'; $(am__uninstall_files_from_dir) -ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES) - list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ - unique=`for i in $$list; do \ - if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ - done | \ - $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ - END { if (nonempty) { for (i in files) print i; }; }'`; \ - mkid -fID $$unique -tags: TAGS - -TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ - $(TAGS_FILES) $(LISP) +ID: $(am__tagged_files) + $(am__define_uniq_tagged_files); mkid -fID $$unique +tags: tags-am +TAGS: tags + +tags-am: $(TAGS_DEPENDENCIES) $(am__tagged_files) set x; \ here=`pwd`; \ - list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ - unique=`for i in $$list; do \ - if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ - done | \ - $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ - END { if (nonempty) { for (i in files) print i; }; }'`; \ + $(am__define_uniq_tagged_files); \ shift; \ if test -z "$(ETAGS_ARGS)$$*$$unique"; then :; else \ test -n "$$unique" || unique=$$empty_fix; \ @@ -1361,15 +1476,11 @@ TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ $$unique; \ fi; \ fi -ctags: CTAGS -CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ - $(TAGS_FILES) $(LISP) - list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ - unique=`for i in $$list; do \ - if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ - done | \ - $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ - END { if (nonempty) { for (i in files) print i; }; }'`; \ +ctags: ctags-am + +CTAGS: ctags +ctags-am: $(TAGS_DEPENDENCIES) $(am__tagged_files) + $(am__define_uniq_tagged_files); \ test -z "$(CTAGS_ARGS)$$unique" \ || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ $$unique @@ -1378,6 +1489,21 @@ GTAGS: here=`$(am__cd) $(top_builddir) && pwd` \ && $(am__cd) $(top_srcdir) \ && gtags -i $(GTAGS_ARGS) "$$here" +cscopelist: cscopelist-am + +cscopelist-am: $(am__tagged_files) + list='$(am__tagged_files)'; \ + case "$(srcdir)" in \ + [\\/]* | ?:[\\/]*) sdir="$(srcdir)" ;; \ + *) sdir=$(subdir)/$(srcdir) ;; \ + esac; \ + for i in $$list; do \ + if test -f "$$i"; then \ + echo "$(subdir)/$$i"; \ + else \ + echo "$$sdir/$$i"; \ + fi; \ + done >> $(top_builddir)/cscope.files distclean-tags: -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags @@ -1525,20 +1651,21 @@ uninstall-am: uninstall-binPROGRAMS uninstall-includeHEADERS \ .MAKE: install-am install-strip -.PHONY: CTAGS GTAGS all all-am check check-am clean clean-binPROGRAMS \ - clean-generic clean-libLTLIBRARIES clean-libtool ctags \ - distclean distclean-compile distclean-generic \ - distclean-libtool distclean-tags distdir dvi dvi-am html \ - html-am info info-am install install-am install-binPROGRAMS \ - install-data install-data-am install-dvi install-dvi-am \ - install-exec install-exec-am install-html install-html-am \ +.PHONY: CTAGS GTAGS TAGS all all-am check check-am clean \ + clean-binPROGRAMS clean-generic clean-libLTLIBRARIES \ + clean-libtool cscopelist-am ctags ctags-am distclean \ + distclean-compile distclean-generic distclean-libtool \ + distclean-tags distdir dvi dvi-am html html-am info info-am \ + install install-am install-binPROGRAMS install-data \ + install-data-am install-dvi install-dvi-am install-exec \ + install-exec-am install-html install-html-am \ install-includeHEADERS install-info install-info-am \ install-libLTLIBRARIES install-man install-pdf install-pdf-am \ install-ps install-ps-am install-strip installcheck \ installcheck-am installdirs maintainer-clean \ maintainer-clean-generic mostlyclean mostlyclean-compile \ mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \ - tags uninstall uninstall-am uninstall-binPROGRAMS \ + tags tags-am uninstall uninstall-am uninstall-binPROGRAMS \ uninstall-includeHEADERS uninstall-libLTLIBRARIES diff --git a/src/acl.c b/src/acl.c index e6f31dba..429b1824 100644 --- a/src/acl.c +++ b/src/acl.c @@ -23,10 +23,13 @@ #include #include "utils.h" +#include "acl.h" static struct ip_set acl_ipv4_set; static struct ip_set acl_ipv6_set; +static int acl_mode = BLACK_LIST; + static void parse_addr_cidr(const char *str, char *host, int *cidr) { int ret = -1, n = 0; @@ -48,8 +51,10 @@ static void parse_addr_cidr(const char *str, char *host, int *cidr) } } -int init_acl(const char *path) +int init_acl(const char *path, int mode) { + acl_mode = mode; + // initialize ipset ipset_init_library(); ipset_init(&acl_ipv4_set); @@ -104,18 +109,61 @@ void free_acl(void) ipset_done(&acl_ipv6_set); } -int acl_contains_ip(const char *host) +int acl_get_mode(void) +{ + return acl_mode; +} + +int acl_match_ip(const char *ip) { struct cork_ip addr; - int err = cork_ip_init(&addr, host); - if (err) { + int ret = cork_ip_init(&addr, ip); + if (ret) { return 0; } if (addr.version == 4) { - return ipset_contains_ipv4(&acl_ipv4_set, &(addr.ip.v4)); + ret = ipset_contains_ipv4(&acl_ipv4_set, &(addr.ip.v4)); + } else if (addr.version == 6) { + ret = ipset_contains_ipv6(&acl_ipv6_set, &(addr.ip.v6)); + } + + if (acl_mode == WHITE_LIST) { + ret = !ret; + } + + return ret; +} + +int acl_add_ip(const char *ip) +{ + struct cork_ip addr; + int err = cork_ip_init(&addr, ip); + if (err) { + return -1; + } + + if (addr.version == 4) { + ipset_ipv4_add(&acl_ipv4_set, &(addr.ip.v4)); + } else if (addr.version == 6) { + ipset_ipv6_add(&acl_ipv6_set, &(addr.ip.v6)); + } + + return 0; +} + +int acl_remove_ip(const char *ip) +{ + struct cork_ip addr; + int err = cork_ip_init(&addr, ip); + if (err) { + return -1; + } + + if (addr.version == 4) { + ipset_ipv4_remove(&acl_ipv4_set, &(addr.ip.v4)); } else if (addr.version == 6) { - return ipset_contains_ipv6(&acl_ipv6_set, &(addr.ip.v6)); + ipset_ipv6_remove(&acl_ipv6_set, &(addr.ip.v6)); } return 0; diff --git a/src/acl.h b/src/acl.h index 52ada9c0..13545144 100644 --- a/src/acl.h +++ b/src/acl.h @@ -23,9 +23,15 @@ #ifndef _ACL_H #define _ACL_H -int init_acl(const char *path); +#define BLACK_LIST 0 +#define WHITE_LIST 1 + +int init_acl(const char *path, int mode); void free_acl(void); -int acl_contains_ip(const char *ip); +int acl_get_mode(void); +int acl_match_ip(const char *ip); +int acl_add_ip(const char *ip); +int acl_remove_ip(const char *ip); #endif // _ACL_H diff --git a/src/common.h b/src/common.h index 6404e294..69560d22 100644 --- a/src/common.h +++ b/src/common.h @@ -53,10 +53,14 @@ #define TCP_AND_UDP 1 #define UDP_ONLY 3 +#if defined(MODULE_TUNNEL) || defined(MODULE_REDIR) +#define MODULE_LOCAL +#endif + int init_udprelay(const char *server_host, const char *server_port, -#ifdef UDPRELAY_LOCAL +#ifdef MODULE_LOCAL const struct sockaddr *remote_addr, const int remote_addr_len, -#ifdef UDPRELAY_TUNNEL +#ifdef MODULE_TUNNEL const ss_addr_t tunnel_addr, #endif #endif diff --git a/src/local.c b/src/local.c index d3e8c75f..567013f8 100644 --- a/src/local.c +++ b/src/local.c @@ -467,7 +467,7 @@ static void server_recv_cb(EV_P_ ev_io *w, int revents) LOGI("connect to %s:%s", host, port); } - if ((acl && (request->atyp == 1 || request->atyp == 4) && acl_contains_ip(host))) { + if ((acl && (request->atyp == 1 || request->atyp == 4) && acl_match_ip(host))) { if (verbose) { LOGI("bypass %s:%s", host, port); } @@ -990,7 +990,7 @@ int main(int argc, char **argv) fast_open = 1; } else if (option_index == 1) { LOGI("initialize acl..."); - acl = !init_acl(optarg); + acl = !init_acl(optarg, BLACK_LIST); } break; case 's': @@ -1266,7 +1266,7 @@ int start_ss_local_server(profile_t profile) USE_LOGFILE(log); if (profile.acl != NULL) { - acl = !init_acl(profile.acl); + acl = !init_acl(profile.acl, BLACK_LIST); } if (local_addr == NULL) { diff --git a/src/server.c b/src/server.c index da227444..fbd136b7 100644 --- a/src/server.c +++ b/src/server.c @@ -107,6 +107,7 @@ static void server_resolve_cb(struct sockaddr *addr, void *data); int verbose = 0; +static int white_list = 0; static int acl = 0; static int mode = TCP_ONLY; static int auth = 0; @@ -214,14 +215,14 @@ static void free_connections(struct ev_loop *loop) } } -static void report_addr(int fd) +static char *get_peer_name(int fd) { + static char peer_name[INET6_ADDRSTRLEN] = { 0 }; struct sockaddr_storage addr; socklen_t len = sizeof addr; memset(&addr, 0, len); int err = getpeername(fd, (struct sockaddr *)&addr, &len); if (err == 0) { - char peer_name[INET6_ADDRSTRLEN] = { 0 }; if (addr.ss_family == AF_INET) { struct sockaddr_in *s = (struct sockaddr_in *)&addr; dns_ntop(AF_INET, &s->sin_addr, peer_name, INET_ADDRSTRLEN); @@ -229,6 +230,17 @@ static void report_addr(int fd) struct sockaddr_in6 *s = (struct sockaddr_in6 *)&addr; dns_ntop(AF_INET6, &s->sin6_addr, peer_name, INET6_ADDRSTRLEN); } + } else { + return NULL; + } + return peer_name; +} + +static void report_addr(int fd) +{ + char *peer_name; + peer_name = get_peer_name(fd); + if (peer_name != NULL) { LOGE("failed to handshake with %s", peer_name); } } @@ -650,14 +662,6 @@ static void server_recv_cb(EV_P_ ev_io *w, int revents) return; } - if (acl && !need_query && acl_contains_ip(host)) { - if (verbose) { - LOGI("Access denied to %s", host); - } - close_and_free_server(EV_A_ server); - return; - } - port = (*(uint16_t *)(server->buf->array + offset)); offset += 2; @@ -671,8 +675,19 @@ static void server_recv_cb(EV_P_ ev_io *w, int revents) size_t len = server->buf->len; server->buf->len = offset + ONETIMEAUTH_BYTES; if (ss_onetimeauth_verify(server->buf, server->d_ctx->evp.iv)) { - LOGE("authentication error %d", atyp); - report_addr(server->fd); + char *peer_name = get_peer_name(server->fd); + if (peer_name) { + LOGE("authentication error from %s", peer_name); + if (acl) { + if (acl_get_mode() == BLACK_LIST) { + acl_add_ip(peer_name); + LOGE("add %s to the black list", peer_name); + } else { + acl_remove_ip(peer_name); + LOGE("remove %s from the white list", peer_name); + } + } + } close_and_free_server(EV_A_ server); return; } @@ -825,25 +840,6 @@ static void server_resolve_cb(struct sockaddr *addr, void *data) LOGI("udns resolved"); } - if (acl) { - char host[INET6_ADDRSTRLEN] = { 0 }; - if (addr->sa_family == AF_INET) { - struct sockaddr_in *s = (struct sockaddr_in *)addr; - dns_ntop(AF_INET, &s->sin_addr, host, INET_ADDRSTRLEN); - } else if (addr->sa_family == AF_INET6) { - struct sockaddr_in6 *s = (struct sockaddr_in6 *)addr; - dns_ntop(AF_INET6, &s->sin6_addr, host, INET6_ADDRSTRLEN); - } - - if (acl_contains_ip(host)) { - if (verbose) { - LOGI("Access denied to %s", host); - } - close_and_free_server(EV_A_ server); - return; - } - } - struct addrinfo info; memset(&info, 0, sizeof(struct addrinfo)); info.ai_socktype = SOCK_STREAM; @@ -1218,13 +1214,22 @@ static void accept_cb(EV_P_ ev_io *w, int revents) ERROR("accept"); return; } - setnonblocking(serverfd); + + if (acl) { + char *peer_name = get_peer_name(serverfd); + if (peer_name != NULL && acl_match_ip(peer_name)) { + if (verbose) LOGI("Access denied from %s", peer_name); + close(serverfd); + return; + } + } int opt = 1; setsockopt(serverfd, SOL_TCP, TCP_NODELAY, &opt, sizeof(opt)); #ifdef SO_NOSIGPIPE setsockopt(serverfd, SOL_SOCKET, SO_NOSIGPIPE, &opt, sizeof(opt)); #endif + setnonblocking(serverfd); if (verbose) { LOGI("accept a connection"); @@ -1245,6 +1250,7 @@ int main(int argc, char **argv) char *method = NULL; char *pid_path = NULL; char *conf_path = NULL; + char *acl_path = NULL; char *iface = NULL; int server_num = 0; @@ -1265,7 +1271,7 @@ int main(int argc, char **argv) USE_TTY(); - while ((c = getopt_long(argc, argv, "f:s:p:l:k:t:m:c:i:d:a:uUvA", + while ((c = getopt_long(argc, argv, "f:s:p:l:k:t:m:c:i:d:a:uUvAw", long_options, &option_index)) != -1) switch (c) { case 0: @@ -1273,7 +1279,8 @@ int main(int argc, char **argv) fast_open = 1; } else if (option_index == 1) { LOGI("initialize acl..."); - acl = !init_acl(optarg); + acl = 1; + acl_path = optarg; } else if (option_index == 2) { manager_address = optarg; } @@ -1325,6 +1332,9 @@ int main(int argc, char **argv) case 'A': auth = 1; break; + case 'w': + white_list = 1; + break; } if (opterr) { @@ -1332,6 +1342,8 @@ int main(int argc, char **argv) exit(EXIT_FAILURE); } + acl = acl ? !init_acl(acl_path, white_list) : 0; + if (argc == 1) { if (conf_path == NULL) { conf_path = DEFAULT_CONF_PATH; diff --git a/src/udprelay.c b/src/udprelay.c index 52ef8637..88d5423c 100644 --- a/src/udprelay.c +++ b/src/udprelay.c @@ -61,15 +61,15 @@ #include "cache.h" #include "udprelay.h" -#ifdef UDPRELAY_REMOTE +#ifdef MODULE_REMOTE #define MAX_UDP_CONN_NUM 512 #else #define MAX_UDP_CONN_NUM 256 #endif -#ifdef UDPRELAY_REMOTE -#ifdef UDPRELAY_LOCAL -#error "UDPRELAY_REMOTE and UDPRELAY_LOCAL should not be both defined" +#ifdef MODULE_REMOTE +#ifdef MODULE_ +#error "MODULE_REMOTE and MODULE_LOCAL should not be both defined" #endif #endif @@ -88,7 +88,7 @@ static void remote_recv_cb(EV_P_ ev_io *w, int revents); static void remote_timeout_cb(EV_P_ ev_timer *watcher, int revents); static char *hash_key(const int af, const struct sockaddr_storage *addr); -#ifdef UDPRELAY_REMOTE +#ifdef MODULE_REMOTE static void query_resolve_cb(struct sockaddr *addr, void *data); #endif static void close_and_free_remote(EV_P_ remote_ctx_t *ctx); @@ -96,7 +96,7 @@ static remote_ctx_t *new_remote(int fd, server_ctx_t *server_ctx); extern int verbose; extern int vpn; -#ifdef UDPRELAY_REMOTE +#ifdef MODULE_REMOTE extern uint64_t tx; extern uint64_t rx; #endif @@ -129,7 +129,7 @@ static int setinterface(int socket_fd, const char *interface_name) #endif -#if defined(UDPRELAY_REMOTE) && defined(SO_BROADCAST) +#if defined(MODULE_REMOTE) && defined(SO_BROADCAST) static int set_broadcast(int socket_fd) { int opt = 1; @@ -147,7 +147,7 @@ static int set_nosigpipe(int socket_fd) #endif -#ifdef UDPRELAY_REDIR +#ifdef MODULE_REDIR #ifndef IP_TRANSPARENT #define IP_TRANSPARENT 19 @@ -191,7 +191,7 @@ static char *hash_key(const int af, const struct sockaddr_storage *addr) return key; } -#if defined(UDPRELAY_REDIR) || defined(UDPRELAY_REMOTE) +#if defined(MODULE_REDIR) || defined(MODULE_REMOTE) static int construct_udprealy_header(const struct sockaddr_storage *in_addr, char *addr_header) { @@ -439,7 +439,7 @@ int create_server_socket(const char *host, const char *port) set_nosigpipe(server_sock); #endif -#ifdef UDPRELAY_REDIR +#ifdef MODULE_REDIR if (setsockopt(server_sock, SOL_IP, IP_TRANSPARENT, &opt, sizeof(opt))) { FATAL("[udp] setsockopt IP_TRANSPARENT"); } @@ -496,7 +496,7 @@ server_ctx_t *new_server_ctx(int fd) return ctx; } -#ifdef UDPRELAY_REMOTE +#ifdef MODULE_REMOTE struct query_ctx *new_query_ctx(char *buf, size_t len) { struct query_ctx *ctx = malloc(sizeof(struct query_ctx)); @@ -548,7 +548,7 @@ static void remote_timeout_cb(EV_P_ ev_timer *watcher, int revents) cache_remove(remote_ctx->server_ctx->conn_cache, key, HASH_KEY_LEN); } -#ifdef UDPRELAY_REMOTE +#ifdef MODULE_REMOTE static void query_resolve_cb(struct sockaddr *addr, void *data) { struct query_ctx *query_ctx = (struct query_ctx *)data; @@ -666,14 +666,14 @@ static void remote_recv_cb(EV_P_ ev_io *w, int revents) LOGE("[udp] possible ip fragment, size: %d", (int)buf->len); } -#ifdef UDPRELAY_LOCAL +#ifdef MODULE_LOCAL int err = ss_decrypt_all(buf, server_ctx->method, 0); if (err) { // drop the packet silently goto CLEAN_UP; } -#ifdef UDPRELAY_REDIR +#ifdef MODULE_REDIR struct sockaddr_storage dst_addr; memset(&dst_addr, 0, sizeof(struct sockaddr_storage)); int len = parse_udprealy_header(buf->array, buf->len, NULL, NULL, NULL, &dst_addr); @@ -695,7 +695,7 @@ static void remote_recv_cb(EV_P_ ev_io *w, int revents) // server may return using a different address type other than the type we // have used during sending -#if defined(UDPRELAY_TUNNEL) || defined(UDPRELAY_REDIR) +#if defined(MODULE_TUNNEL) || defined(MODULE_REDIR) // Construct packet buf->len -= len; memmove(buf->array, buf->array + len, buf->len); @@ -708,7 +708,7 @@ static void remote_recv_cb(EV_P_ ev_io *w, int revents) #endif #endif -#ifdef UDPRELAY_REMOTE +#ifdef MODULE_REMOTE rx += buf->len; @@ -736,7 +736,7 @@ static void remote_recv_cb(EV_P_ ev_io *w, int revents) size_t remote_src_addr_len = get_sockaddr_len((struct sockaddr *)&remote_ctx->src_addr); -#ifdef UDPRELAY_REDIR +#ifdef MODULE_REDIR size_t remote_dst_addr_len = get_sockaddr_len((struct sockaddr *)&dst_addr); int src_fd = socket(remote_ctx->src_addr.ss_family, SOCK_DGRAM, 0); @@ -801,7 +801,7 @@ static void server_recv_cb(EV_P_ ev_io *w, int revents) socklen_t src_addr_len = sizeof(struct sockaddr_storage); unsigned int offset = 0; -#ifdef UDPRELAY_REDIR +#ifdef MODULE_REDIR char control_buffer[64] = { 0 }; struct msghdr msg; struct iovec iov[1]; @@ -846,7 +846,7 @@ static void server_recv_cb(EV_P_ ev_io *w, int revents) LOGI("[udp] server receive a packet"); } -#ifdef UDPRELAY_REMOTE +#ifdef MODULE_REMOTE tx += buf->len; @@ -857,8 +857,8 @@ static void server_recv_cb(EV_P_ ev_io *w, int revents) } #endif -#ifdef UDPRELAY_LOCAL -#if !defined(UDPRELAY_TUNNEL) && !defined(UDPRELAY_REDIR) +#ifdef MODULE_LOCAL +#if !defined(MODULE_TUNNEL) && !defined(MODULE_REDIR) uint8_t frag = *(uint8_t *)(buf->array + 2); offset += 3; #endif @@ -913,7 +913,7 @@ static void server_recv_cb(EV_P_ ev_io *w, int revents) * */ -#ifdef UDPRELAY_REDIR +#ifdef MODULE_REDIR char addr_header[256] = { 0 }; int addr_header_len = construct_udprealy_header(&dst_addr, addr_header); @@ -930,7 +930,7 @@ static void server_recv_cb(EV_P_ ev_io *w, int revents) char *key = hash_key(dst_addr.ss_family, &src_addr); -#elif UDPRELAY_TUNNEL +#elif MODULE_TUNNEL char addr_header[256] = { 0 }; char *host = server_ctx->tunnel_addr.host; @@ -1023,7 +1023,7 @@ static void server_recv_cb(EV_P_ ev_io *w, int revents) if (remote_ctx == NULL) { if (verbose) { -#ifdef UDPRELAY_REDIR +#ifdef MODULE_REDIR char src[SS_ADDRSTRLEN]; char dst[SS_ADDRSTRLEN]; strcpy(src, get_addr_str((struct sockaddr *)&src_addr)); @@ -1036,7 +1036,7 @@ static void server_recv_cb(EV_P_ ev_io *w, int revents) } } else { if (verbose) { -#ifdef UDPRELAY_REDIR +#ifdef MODULE_REDIR char src[SS_ADDRSTRLEN]; char dst[SS_ADDRSTRLEN]; strcpy(src, get_addr_str((struct sockaddr *)&src_addr)); @@ -1049,9 +1049,9 @@ static void server_recv_cb(EV_P_ ev_io *w, int revents) } } -#ifdef UDPRELAY_LOCAL +#ifdef MODULE_LOCAL -#if !defined(UDPRELAY_TUNNEL) && !defined(UDPRELAY_REDIR) +#if !defined(MODULE_TUNNEL) && !defined(MODULE_REDIR) if (frag) { LOGE("[udp] drop a message since frag is not 0, but %d", frag); goto CLEAN_UP; @@ -1236,9 +1236,9 @@ void free_cb(void *element) } int init_udprelay(const char *server_host, const char *server_port, -#ifdef UDPRELAY_LOCAL +#ifdef MODULE_LOCAL const struct sockaddr *remote_addr, const int remote_addr_len, -#ifdef UDPRELAY_TUNNEL +#ifdef MODULE_TUNNEL const ss_addr_t tunnel_addr, #endif #endif @@ -1262,7 +1262,7 @@ int init_udprelay(const char *server_host, const char *server_port, setnonblocking(serverfd); server_ctx_t *server_ctx = new_server_ctx(serverfd); -#ifdef UDPRELAY_REMOTE +#ifdef MODULE_REMOTE server_ctx->loop = loop; #endif server_ctx->auth = auth; @@ -1270,10 +1270,10 @@ int init_udprelay(const char *server_host, const char *server_port, server_ctx->method = method; server_ctx->iface = iface; server_ctx->conn_cache = conn_cache; -#ifdef UDPRELAY_LOCAL +#ifdef MODULE_LOCAL server_ctx->remote_addr = remote_addr; server_ctx->remote_addr_len = remote_addr_len; -#ifdef UDPRELAY_TUNNEL +#ifdef MODULE_TUNNEL server_ctx->tunnel_addr = tunnel_addr; #endif #endif diff --git a/src/udprelay.h b/src/udprelay.h index 6f8bcc2f..7221db63 100644 --- a/src/udprelay.h +++ b/src/udprelay.h @@ -29,7 +29,7 @@ #include "encrypt.h" #include "jconf.h" -#ifdef UDPRELAY_REMOTE +#ifdef MODULE_REMOTE #include "resolv.h" #endif @@ -49,19 +49,19 @@ typedef struct server_ctx { int timeout; const char *iface; struct cache *conn_cache; -#ifdef UDPRELAY_LOCAL +#ifdef MODULE_LOCAL const struct sockaddr *remote_addr; int remote_addr_len; -#ifdef UDPRELAY_TUNNEL +#ifdef MODULE_TUNNEL ss_addr_t tunnel_addr; #endif #endif -#ifdef UDPRELAY_REMOTE +#ifdef MODULE_REMOTE struct ev_loop *loop; #endif } server_ctx_t; -#ifdef UDPRELAY_REMOTE +#ifdef MODULE_REMOTE typedef struct query_ctx { struct ResolvQuery *query; struct sockaddr_storage src_addr; diff --git a/src/utils.c b/src/utils.c index 98b3c063..f2e45967 100644 --- a/src/utils.c +++ b/src/utils.c @@ -192,22 +192,28 @@ void usage() printf( " maintained by Max Lv and Linus Yang \n\n"); printf(" usage:\n\n"); - printf(" ss-[local|redir|server|tunnel|manager]\n"); +#ifdef MODULE_LOCAL + printf(" ss-local\n"); +#elif MODULE_REMOTE + printf(" ss-server\n"); +#elif MODULE_TUNNEl + printf(" ss-tunnel\n"); +#elif MODULE_REDIR + printf(" ss-redir\n"); +#elif MODULE_MANAGER + printf(" ss-manager\n"); +#endif printf("\n"); printf( - " -s host name or ip address of your remote server\n"); - printf("\n"); + " -s Host name or ip address of your remote server.\n"); printf( - " -p port number of your remote server\n"); - printf("\n"); + " -p Port number of your remote server.\n"); printf( - " -l port number of your local server\n"); - printf("\n"); + " -l Port number of your local server.\n"); printf( - " -k password of your remote server\n"); - printf("\n"); + " -k Password of your remote server.\n"); printf( - " [-m ] encrypt method: table, rc4, rc4-md5,\n"); + " -m Encrypt method: table, rc4, rc4-md5,\n"); printf( " aes-128-cfb, aes-192-cfb, aes-256-cfb,\n"); printf( @@ -215,76 +221,69 @@ void usage() printf( " camellia-256-cfb, cast5-cfb, des-cfb, idea-cfb,\n"); printf( - " rc2-cfb, seed-cfb, salsa20 and chacha20\n"); - printf("\n"); - printf( - " [-f ] the file path to store pid\n"); - printf("\n"); - printf( - " [-t ] socket timeout in seconds\n"); - printf("\n"); - printf( - " [-c ] the path to config file\n"); - printf("\n"); - printf( - " [-i ] network interface to bind,\n"); - printf( - " not available in redir mode\n"); - printf("\n"); - printf( - " [-b ] local address to bind,\n"); - printf( - " not available in server mode\n"); + " rc2-cfb, seed-cfb, salsa20 and chacha20.\n"); printf("\n"); printf( - " [-u] enable UDP relay,\n"); + " [-f ] The file path to store pid.\n"); printf( - " TPROXY is required in redir mode\n"); - printf("\n"); + " [-t ] Socket timeout in seconds.\n"); printf( - " [-U] enable UDP relay and disable TCP relay,\n"); + " [-c ] The path to config file.\n"); +#ifndef MODULE_REDIR printf( - " not available in local mode\n"); - printf("\n"); + " [-i ] Network interface to bind.\n"); +#endif +#ifndef MODULE_REMOTE printf( - " [-A] enable onetime authentication\n"); + " [-b ] Local address to bind.\n"); +#endif printf("\n"); printf( - " [-L :] specify destination server address and port\n"); + " [-u] Enable UDP relay,\n"); +#ifdef MODULE_REDIR printf( - " for local port forwarding,\n"); + " TPROXY is required in redir mode.\n"); +#endif +#ifndef MODULE_LOCAL printf( - " only available in tunnel mode\n"); - printf("\n"); + " [-U] Enable UDP relay and disable TCP relay.\n"); +#endif printf( - " [-d ] setup name servers for internal DNS resolver,\n"); + " [-A] Enable onetime authentication.\n"); +#ifdef MODULE_REMOTE printf( - " only available in server mode\n"); + " [-w] Enable white list mode (when ACL enabled).\n"); +#endif printf("\n"); +#ifdef MODULE_TUNNEl printf( - " [--fast-open] enable TCP fast open,\n"); - printf( - " only available in local and server mode,\n"); + " [-L :] Destination server address and port\n"); printf( - " with Linux kernel > 3.7.0\n"); - printf("\n"); + " for local port forwarding.\n"); +#endif +#ifdef MODULE_REMOTE printf( - " [--acl ] config file of ACL (Access Control List)\n"); + " [-d ] Name servers for internal DNS resolver.\n"); +#endif +#if defined(MODULE_REMOTE) || defined(MODULE_LOCAL) printf( - " only available in local and server mode\n"); - printf("\n"); + " [--fast-open] Enable TCP fast open.\n"); printf( - " [--manager-address ] UNIX domain socket address\n"); + " with Linux kernel > 3.7.0.\n"); printf( - " only available in server and manager mode\n"); - printf("\n"); + " [--acl ] Path to ACL (Access Control List).\n"); +#endif +#if defined(MODULE_REMOTE) || defined(MODULE_MANAGER) printf( - " [--executable ] path to the executable of ss-server\n"); + " [--manager-address ] UNIX domain socket address.\n"); +#endif +#ifdef MODULE_MANAGER printf( - " only available in manager mode\n"); + " [--executable ] Path to the executable of ss-server.\n"); +#endif printf("\n"); printf( - " [-v] verbose mode\n"); + " [-v] Verbose mode\n"); printf("\n"); }