From 299a997e2885fe03012f70576ee18a885bc8f475 Mon Sep 17 00:00:00 2001 From: lirundong Date: Sun, 17 Dec 2023 16:19:38 +0800 Subject: [PATCH] [confgen] support Shadowsocks-2022 --- common/secrets.yaml | 4 +++ conf-gen/generator/sing_box_generator.py | 2 ++ conf-gen/proxy/__init__.py | 4 ++- conf-gen/proxy/parser.py | 32 +++++++++++++++++------- conf-gen/proxy/shadowsocks_proxy.py | 13 ++++++++++ conf-gen/source.yaml | 14 +++++++++++ 6 files changed, 59 insertions(+), 10 deletions(-) diff --git a/common/secrets.yaml b/common/secrets.yaml index b3194fa..b07c110 100644 --- a/common/secrets.yaml +++ b/common/secrets.yaml @@ -17,6 +17,10 @@ HK_V2RAY_WS_UUID: gAAAAABjyRIpjU2nFAxQimZh1I84Dwv-U_uETScPIeHlQXDV6IFZiOKrOOBsEK JP_NODE_HOSTNAME: gAAAAABiRtXJDg_a2l2OqpGDVpBDw_Tvd7ViOvcrgKfqGcO0Z-B1pJJi4tjLBklqi9hBd5GIvU1NPphUDmI6q0XroPTS4p9H1jvRPiuT6J6Lc_46hP8FCeg= JP_NODE_IPV4: gAAAAABkP82nESapwounyBesoqiXkZqEeHS7bojbsWjwQgEfcWQ9lqHtQUG3yxKpJ7XpC_hExDoUcaQ5mFct8k5vonHKaYqN9A== JP_NODE_IPV6: gAAAAABkLEROneKJk1q60wTPXG0__dthpU495QS4zwx7Nd433h5q7QYa-mCXy_XuQgpE3h4lrLOOPjeCyT42rfMFETx_BG4ArQCG7CfcfZNrTYX6PDP3EHE= +JP_NODE_SS2022_AES_256_PASSWORD: gAAAAABlfq0mjuhEDjh9d3IoE8wcR8aJp3CPPLDR3_eqHvo76zrOwRlzMrGMiBR6RDTYY0R_42YR9nUNgsjH10wAWE_PXUjF-y4jPZX9f1MntSKlRhPYDMkE5OEpKT6hRZQAsPZ44F08 +JP_NODE_SS2022_AES_256_PORT: gAAAAABlfq1CZvDHWTmKf0BmlG62_Jsm2R3JxzOv5cXGQjpzco4cep30m7--ebI5A5NtUZwbxsRfJ3vnA-SsTpm1Wr4hQo_6ow== +JP_NODE_SS2022_CHACHA_PASSWORD: gAAAAABlfq1xiUGvdg2ZGJs_ezmsBUe-aBRerO3bSBApyPU0-e5SMOZRJfLYhMlb6llD4PWmqB3SBIc-y9AmlPEU0zjRRSyTqV2aURyRgiMybf6jLnCjp2wnQPjliS_7pcELZhD_vheu +JP_NODE_SS2022_CHACHA_PORT: gAAAAABlfq1g3xtzssdwlFym6JsheDjZYHw47L3tuJzWEazDh-8NZddnImeKFtnDyD1w0--fGLCX02BN-rIWz5IMep59o0lYwg== JP_NODE_TROJAN_HOSTNAME: gAAAAABkKEbDnyMT_FZGRg-hY9IdC13A_X-0NhhJ1UBIHmOhnrBCHqQ-SBkh-W1Cx4P5CD3xyBpn14ylMG8tlcv3U24lzkWv3Pr3uybcuqzB_D257a6GPRY= JP_NODE_TROJAN_PASSWORD: gAAAAABkKEdnt0MJ1qs0vVXgX5N3eVkqNaWh3FwoeqegpXbP_HoJfX1NLf9TWDKIDiqDN-GVSiJ3bYJoQ7IVzCExFjaUM1RzL8gqBbmK04sFXf7eIU_MN2AbCjE2TRlDeyeBtajZMeUS NAIVE_PROXY_PASSWORD: gAAAAABkcx_GDsjeHNUZW66sUpvRU1e8BR_ujugdiDUPTyrgi5hW4nqpo28We6v-fiF_n_G_kRN7-xbyg50C7NPIQPyO-Hl0mZQgWbj67OkjdxRNfOsK9IaweZkTYNX-vbVTWXL-CA6O diff --git a/conf-gen/generator/sing_box_generator.py b/conf-gen/generator/sing_box_generator.py index 43ff59e..c2835ac 100644 --- a/conf-gen/generator/sing_box_generator.py +++ b/conf-gen/generator/sing_box_generator.py @@ -8,6 +8,7 @@ from proxy import ( ProxyBase, ShadowSocksProxy, + ShadowSocks2022Proxy, TrojanProxy, ) from proxy_group import group_sing_box_filters, ProxyGroupBase @@ -19,6 +20,7 @@ class SingBoxGenerator(GeneratorBase): _SUPPORTED_PROXY_TYPE = ( ShadowSocksProxy, + ShadowSocks2022Proxy, TrojanProxy, ) _DEFAULT_PROXY_NAMES = {"PROXY", "DIRECT", "REJECT", "DNS"} diff --git a/conf-gen/proxy/__init__.py b/conf-gen/proxy/__init__.py index aa09ed6..db6b8f0 100644 --- a/conf-gen/proxy/__init__.py +++ b/conf-gen/proxy/__init__.py @@ -7,7 +7,7 @@ parse_clash_subscription, parse_subscriptions, ) -from proxy.shadowsocks_proxy import ShadowSocksProxy +from proxy.shadowsocks_proxy import SHADOWSOCKS_2022_CIPHERS, ShadowSocksProxy, ShadowSocks2022Proxy from proxy.socks_proxy import Socks5Proxy from proxy.trojan_proxy import TrojanProxy from proxy.v2ray_proxy import VMessProxy, VMessGRPCProxy, VMessWebSocketProxy @@ -16,7 +16,9 @@ __all__ = ( "ProxyBase", "ProxyT", + "SHADOWSOCKS_2022_CIPHERS", "ShadowSocksProxy", + "ShadowSocks2022Proxy", "Socks5Proxy", "TrojanProxy", "VMessGRPCProxy", diff --git a/conf-gen/proxy/parser.py b/conf-gen/proxy/parser.py index dcbae40..41a7a85 100644 --- a/conf-gen/proxy/parser.py +++ b/conf-gen/proxy/parser.py @@ -3,7 +3,11 @@ import yaml from proxy import ProxyBase -from proxy.shadowsocks_proxy import ShadowSocksProxy +from proxy.shadowsocks_proxy import ( + SHADOWSOCKS_2022_CIPHERS, + ShadowSocks2022Proxy, + ShadowSocksProxy, +) from proxy.socks_proxy import Socks5Proxy from proxy.trojan_proxy import TrojanProxy from proxy.v2ray_proxy import VMessProxy, VMessGRPCProxy, VMessWebSocketProxy @@ -16,14 +20,24 @@ def parse_clash_proxies( ret = [] for proxy_info in proxies_info: if proxy_info["type"] == "ss": - proxy = ShadowSocksProxy( - name=proxy_info["name"], - server=proxy_info["server"], - port=proxy_info["port"], - password=proxy_info["password"], - cipher=proxy_info["cipher"], - udp=proxy_info.get("udp", False), - ) + if proxy_info["cipher"] in SHADOWSOCKS_2022_CIPHERS: + proxy = ShadowSocks2022Proxy( + name=proxy_info["name"], + server=proxy_info["server"], + port=proxy_info["port"], + password=proxy_info["password"], + cipher=proxy_info["cipher"], + udp=proxy_info.get("udp", False), + ) + else: + proxy = ShadowSocksProxy( + name=proxy_info["name"], + server=proxy_info["server"], + port=proxy_info["port"], + password=proxy_info["password"], + cipher=proxy_info["cipher"], + udp=proxy_info.get("udp", False), + ) elif proxy_info["type"] == "vmess": if proxy_info.get("network", None) == "ws": tls_version = proxy_info.get("tls-version", 1.3) diff --git a/conf-gen/proxy/shadowsocks_proxy.py b/conf-gen/proxy/shadowsocks_proxy.py index 60ce453..ae97349 100644 --- a/conf-gen/proxy/shadowsocks_proxy.py +++ b/conf-gen/proxy/shadowsocks_proxy.py @@ -60,3 +60,16 @@ def sing_box_proxy(self): if not self.udp: cfg["network"] = "tcp" return cfg + + +SHADOWSOCKS_2022_CIPHERS = ( + "2022-blake3-aes-128-gcm", + "2022-blake3-aes-256-gcm", + "2022-blake3-chacha20-poly1305" +) + + +# Distinct from other normal Shadowsocks proxies merely in cipher choices. Build such a subclass so +# services without Shadowsocks-2022 ciphers can safely exclude this proxy. +class ShadowSocks2022Proxy(ShadowSocksProxy): + pass diff --git a/conf-gen/source.yaml b/conf-gen/source.yaml index db2798a..7ef6b54 100644 --- a/conf-gen/source.yaml +++ b/conf-gen/source.yaml @@ -21,6 +21,20 @@ proxies: cipher: chacha20-ietf-poly1305 password: '@secret:NODE_SS_CHACHA_PASSWORD' udp: true +- name: 🇯🇵「SS20222-AES」bwh-jp-01 + type: ss + server: '@secret:JP_NODE_HOSTNAME' + port: '@secret:JP_NODE_SS2022_AES_256_PORT!int' + cipher: 2022-blake3-aes-256-gcm + password: '@secret:JP_NODE_SS2022_AES_256_PASSWORD' + udp: true +- name: 🇯🇵「SS2022-ChaCha」bwh-jp-01 + type: ss + server: '@secret:JP_NODE_HOSTNAME' + port: '@secret:JP_NODE_SS2022_CHACHA_PORT!int' + cipher: 2022-blake3-chacha20-poly1305 + password: '@secret:JP_NODE_SS2022_CHACHA_PASSWORD' + udp: true rules: # ------------------------------------------------------------------------------ # Guard.