[confgen] support Shadowsocks-2022

common/secrets.yaml

@@ -17,6 +17,10 @@ HK_V2RAY_WS_UUID: gAAAAABjyRIpjU2nFAxQimZh1I84Dwv-U_uETScPIeHlQXDV6IFZiOKrOOBsEK
 JP_NODE_HOSTNAME: gAAAAABiRtXJDg_a2l2OqpGDVpBDw_Tvd7ViOvcrgKfqGcO0Z-B1pJJi4tjLBklqi9hBd5GIvU1NPphUDmI6q0XroPTS4p9H1jvRPiuT6J6Lc_46hP8FCeg=
 JP_NODE_IPV4: gAAAAABkP82nESapwounyBesoqiXkZqEeHS7bojbsWjwQgEfcWQ9lqHtQUG3yxKpJ7XpC_hExDoUcaQ5mFct8k5vonHKaYqN9A==
 JP_NODE_IPV6: gAAAAABkLEROneKJk1q60wTPXG0__dthpU495QS4zwx7Nd433h5q7QYa-mCXy_XuQgpE3h4lrLOOPjeCyT42rfMFETx_BG4ArQCG7CfcfZNrTYX6PDP3EHE=
+JP_NODE_SS2022_AES_256_PASSWORD: gAAAAABlfq0mjuhEDjh9d3IoE8wcR8aJp3CPPLDR3_eqHvo76zrOwRlzMrGMiBR6RDTYY0R_42YR9nUNgsjH10wAWE_PXUjF-y4jPZX9f1MntSKlRhPYDMkE5OEpKT6hRZQAsPZ44F08
+JP_NODE_SS2022_AES_256_PORT: gAAAAABlfq1CZvDHWTmKf0BmlG62_Jsm2R3JxzOv5cXGQjpzco4cep30m7--ebI5A5NtUZwbxsRfJ3vnA-SsTpm1Wr4hQo_6ow==
+JP_NODE_SS2022_CHACHA_PASSWORD: gAAAAABlfq1xiUGvdg2ZGJs_ezmsBUe-aBRerO3bSBApyPU0-e5SMOZRJfLYhMlb6llD4PWmqB3SBIc-y9AmlPEU0zjRRSyTqV2aURyRgiMybf6jLnCjp2wnQPjliS_7pcELZhD_vheu
+JP_NODE_SS2022_CHACHA_PORT: gAAAAABlfq1g3xtzssdwlFym6JsheDjZYHw47L3tuJzWEazDh-8NZddnImeKFtnDyD1w0--fGLCX02BN-rIWz5IMep59o0lYwg==
 JP_NODE_TROJAN_HOSTNAME: gAAAAABkKEbDnyMT_FZGRg-hY9IdC13A_X-0NhhJ1UBIHmOhnrBCHqQ-SBkh-W1Cx4P5CD3xyBpn14ylMG8tlcv3U24lzkWv3Pr3uybcuqzB_D257a6GPRY=
 JP_NODE_TROJAN_PASSWORD: gAAAAABkKEdnt0MJ1qs0vVXgX5N3eVkqNaWh3FwoeqegpXbP_HoJfX1NLf9TWDKIDiqDN-GVSiJ3bYJoQ7IVzCExFjaUM1RzL8gqBbmK04sFXf7eIU_MN2AbCjE2TRlDeyeBtajZMeUS
 NAIVE_PROXY_PASSWORD: gAAAAABkcx_GDsjeHNUZW66sUpvRU1e8BR_ujugdiDUPTyrgi5hW4nqpo28We6v-fiF_n_G_kRN7-xbyg50C7NPIQPyO-Hl0mZQgWbj67OkjdxRNfOsK9IaweZkTYNX-vbVTWXL-CA6O

conf-gen/generator/sing_box_generator.py

@@ -8,6 +8,7 @@
 from proxy import (
     ProxyBase,
     ShadowSocksProxy,
+    ShadowSocks2022Proxy,
     TrojanProxy,
 )
 from proxy_group import group_sing_box_filters, ProxyGroupBase
@@ -19,6 +20,7 @@
 class SingBoxGenerator(GeneratorBase):
     _SUPPORTED_PROXY_TYPE = (
         ShadowSocksProxy,
+        ShadowSocks2022Proxy,
         TrojanProxy,
     )
     _DEFAULT_PROXY_NAMES = {"PROXY", "DIRECT", "REJECT", "DNS"}

conf-gen/proxy/__init__.py

@@ -7,7 +7,7 @@
     parse_clash_subscription,
     parse_subscriptions,
 )
-from proxy.shadowsocks_proxy import ShadowSocksProxy
+from proxy.shadowsocks_proxy import SHADOWSOCKS_2022_CIPHERS, ShadowSocksProxy, ShadowSocks2022Proxy
 from proxy.socks_proxy import Socks5Proxy
 from proxy.trojan_proxy import TrojanProxy
 from proxy.v2ray_proxy import VMessProxy, VMessGRPCProxy, VMessWebSocketProxy
@@ -16,7 +16,9 @@
 __all__ = (
     "ProxyBase",
     "ProxyT",
+    "SHADOWSOCKS_2022_CIPHERS",
     "ShadowSocksProxy",
+    "ShadowSocks2022Proxy",
     "Socks5Proxy",
     "TrojanProxy",
     "VMessGRPCProxy",

conf-gen/proxy/parser.py

@@ -3,7 +3,11 @@
 import yaml
 
 from proxy import ProxyBase
-from proxy.shadowsocks_proxy import ShadowSocksProxy
+from proxy.shadowsocks_proxy import (
+    SHADOWSOCKS_2022_CIPHERS,
+    ShadowSocks2022Proxy,
+    ShadowSocksProxy,
+)
 from proxy.socks_proxy import Socks5Proxy
 from proxy.trojan_proxy import TrojanProxy
 from proxy.v2ray_proxy import VMessProxy, VMessGRPCProxy, VMessWebSocketProxy
@@ -16,14 +20,24 @@ def parse_clash_proxies(
     ret = []
     for proxy_info in proxies_info:
         if proxy_info["type"] == "ss":
-            proxy = ShadowSocksProxy(
-                name=proxy_info["name"],
-                server=proxy_info["server"],
-                port=proxy_info["port"],
-                password=proxy_info["password"],
-                cipher=proxy_info["cipher"],
-                udp=proxy_info.get("udp", False),
-            )
+            if proxy_info["cipher"] in SHADOWSOCKS_2022_CIPHERS:
+                proxy = ShadowSocks2022Proxy(
+                    name=proxy_info["name"],
+                    server=proxy_info["server"],
+                    port=proxy_info["port"],
+                    password=proxy_info["password"],
+                    cipher=proxy_info["cipher"],
+                    udp=proxy_info.get("udp", False),
+                )
+            else:
+                proxy = ShadowSocksProxy(
+                    name=proxy_info["name"],
+                    server=proxy_info["server"],
+                    port=proxy_info["port"],
+                    password=proxy_info["password"],
+                    cipher=proxy_info["cipher"],
+                    udp=proxy_info.get("udp", False),
+                )
         elif proxy_info["type"] == "vmess":
             if proxy_info.get("network", None) == "ws":
                 tls_version = proxy_info.get("tls-version", 1.3)

conf-gen/proxy/shadowsocks_proxy.py

@@ -60,3 +60,16 @@ def sing_box_proxy(self):
         if not self.udp:
             cfg["network"] = "tcp"
         return cfg
+
+
+SHADOWSOCKS_2022_CIPHERS = (
+    "2022-blake3-aes-128-gcm",
+    "2022-blake3-aes-256-gcm",
+    "2022-blake3-chacha20-poly1305"
+)
+
+
+# Distinct from other normal Shadowsocks proxies merely in cipher choices. Build such a subclass so
+# services without Shadowsocks-2022 ciphers can safely exclude this proxy.
+class ShadowSocks2022Proxy(ShadowSocksProxy):
+    pass

conf-gen/source.yaml

@@ -21,6 +21,20 @@ proxies:
   cipher: chacha20-ietf-poly1305
   password: '@secret:NODE_SS_CHACHA_PASSWORD'
   udp: true
+- name: 🇯🇵「SS20222-AES」bwh-jp-01
+  type: ss
+  server: '@secret:JP_NODE_HOSTNAME'
+  port: '@secret:JP_NODE_SS2022_AES_256_PORT!int'
+  cipher: 2022-blake3-aes-256-gcm
+  password: '@secret:JP_NODE_SS2022_AES_256_PASSWORD'
+  udp: true
+- name: 🇯🇵「SS2022-ChaCha」bwh-jp-01
+  type: ss
+  server: '@secret:JP_NODE_HOSTNAME'
+  port: '@secret:JP_NODE_SS2022_CHACHA_PORT!int'
+  cipher: 2022-blake3-chacha20-poly1305
+  password: '@secret:JP_NODE_SS2022_CHACHA_PASSWORD'
+  udp: true
 rules:
 # ------------------------------------------------------------------------------
 # Guard.