diff --git a/luci-app-openmptcprouter/root/bin/omr-mptcp-intf b/luci-app-openmptcprouter/root/bin/omr-mptcp-intf index d2a74b245..8fac4468b 100755 --- a/luci-app-openmptcprouter/root/bin/omr-mptcp-intf +++ b/luci-app-openmptcprouter/root/bin/omr-mptcp-intf @@ -12,9 +12,17 @@ get_mptcp_from_server() { get_mptcp() { serverip=$1 if [ "$(echo $serverip | grep :)" ]; then - support="$(curl -s -k -6 -m ${timeout} --interface $intf https://[$serverip]:$serverport/mptcpsupport)" + if [ -f /proc/sys/net/mptcp/enabled ]; then + support="$(mptcpize run curl -s -k -6 -m ${timeout} --interface $intf https://[$serverip]:$serverport/mptcpsupport)" + else + support="$(curl -s -k -6 -m ${timeout} --interface $intf https://[$serverip]:$serverport/mptcpsupport)" + fi else - support="$(curl -s -k -4 -m ${timeout} --interface $intf https://$serverip:$serverport/mptcpsupport)" + if [ -f /proc/sys/net/mptcp/enabled ]; then + support="$(mptcpize run curl -s -k -4 -m ${timeout} --interface $intf https://$serverip:$serverport/mptcpsupport)" + else + support="$(curl -s -k -4 -m ${timeout} --interface $intf https://$serverip:$serverport/mptcpsupport)" + fi fi [ -n "$support" ] && { support=$(echo $support | jsonfilter -e '@.mptcp') @@ -56,8 +64,10 @@ get_mptcp_from_website6() { support="" config_load openmptcprouter config_foreach get_mptcp_from_server server -[ -z "$support" ] && [ -n "$(ip -4 a show dev $intf)" ] && get_mptcp_from_website -[ -z "$support" ] && [ -n "$(ip -6 a show dev $intf)" ] && get_mptcp_from_website6 +if [ ! -f /proc/sys/net/mptcp/enabled ] && [ -z "$support" ]; then + [ -n "$(ip -4 a show dev $intf)" ] && get_mptcp_from_website + [ -n "$(ip -6 a show dev $intf)" ] && get_mptcp_from_website6 +fi if [ "$support" = "working" ]; then echo "MPTCP enabled" elif [ "$support" = "not working" ]; then diff --git a/mptcp/files/etc/uci-defaults/mptcp-defaults b/mptcp/files/etc/uci-defaults/mptcp-defaults index 9dddade8f..97235fb8d 100755 --- a/mptcp/files/etc/uci-defaults/mptcp-defaults +++ b/mptcp/files/etc/uci-defaults/mptcp-defaults @@ -8,6 +8,9 @@ if [ "$(uci -q get network.globals.mptcp_path_manager)" = "" ]; then set network.globals.mptcp_checksum=0 set network.globals.mptcp_debug=0 set network.globals.mptcp_syn_retries=2 + set network.globals.mptcp_subflows=3 + set network.globals.mptcp_add_addr_accepted=1 + set network.globals.mptcp_add_addr_timeout=120 commit network EOF fi @@ -53,6 +56,15 @@ if [ "$(uci -q show network.globals | grep mptcp_fullmesh)" = "" ]; then commit network EOF fi +if [ "$(uci -q get network.globals.mptcp_subflows)" = "" ]; then + uci -q batch <<-EOF >/dev/null + set network.globals.mptcp_subflows=3 + set network.globals.mptcp_add_addr_accepted=1 + set network.globals.mptcp_add_addr_timeout=120 + commit network + EOF +fi + uci -q batch <<-EOF >/dev/null delete ucitrack.@mptcp[-1] add ucitrack mptcp diff --git a/openmptcprouter/files/etc/uci-defaults/2030-omr-fstab b/openmptcprouter/files/etc/uci-defaults/2030-omr-fstab new file mode 100755 index 000000000..575d0e238 --- /dev/null +++ b/openmptcprouter/files/etc/uci-defaults/2030-omr-fstab @@ -0,0 +1,17 @@ +#!/bin/sh +. /lib/functions.sh + +_set_fsck() { + uci -q batch <<-EOF >/dev/null + set "fstab.$1.enabled=1" + set "fstab.$1.enable_fsck=1" + EOF +} + +/sbin/block detect > /etc/config/fstab +uci -q set fstab.@global[0].check_fs='1' +config_load fstab +config_foreach _set_fsck mount +uci -q commit fstab + +exit 0 diff --git a/openmptcprouter/files/etc/uci-defaults/2060-omr-system b/openmptcprouter/files/etc/uci-defaults/2060-omr-system index 787763c26..902dae6dc 100755 --- a/openmptcprouter/files/etc/uci-defaults/2060-omr-system +++ b/openmptcprouter/files/etc/uci-defaults/2060-omr-system @@ -17,12 +17,6 @@ if [ "$(uci -q get rpcd.@rpcd[0].socket)" != "/var/run/ubus/ubus.sock" ]; then EOF fi -/sbin/block detect > /etc/config/fstab -uci -q batch <<-EOF >/dev/null - set fstab.@global[0].check_fs='1' - commit fstab -EOF - [ -n "$(ubus call system board | jsonfilter -e '@.board_name' | grep raspberry)" ] && [ "$(uci -q get openmptcprouter.settings.scaling_governor)" != "performance" ] && { # force CPU speed for RPI uci -q set openmptcprouter.settings.scaling_min_freq=$(cat /sys/devices/system/cpu/cpufreq/policy0/scaling_max_freq | tr -d "\n") diff --git a/shadowsocks-libev/Makefile b/shadowsocks-libev/Makefile index 00c12c7f5..78fdf4c30 100644 --- a/shadowsocks-libev/Makefile +++ b/shadowsocks-libev/Makefile @@ -14,12 +14,11 @@ include $(TOPDIR)/rules.mk # - check if default mode has changed from being tcp_only # PKG_NAME:=shadowsocks-libev -PKG_VERSION:=3.3.5 -PKG_RELEASE:=10 - -PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz -PKG_SOURCE_URL:=https://github.com/shadowsocks/shadowsocks-libev/releases/download/v$(PKG_VERSION) -PKG_HASH:=cfc8eded35360f4b67e18dc447b0c00cddb29cc57a3cec48b135e5fb87433488 +PKG_RELEASE:=11 +PKG_SOURCE_PROTO:=git +PKG_SOURCE_URL:=https://github.com/Ysurac/shadowsocks-libev.git +PKG_SOURCE_VERSION:=bf44f710b4a0c451809279383acc847995c35ead +PKG_VERSION:=3.3.5-$(PKG_SOURCE_VERSION) PKG_MAINTAINER:=Ycarus (Yannick Chabanois) diff --git a/shadowsocks-libev/patches/020-NOCRYPTO.patch b/shadowsocks-libev/patches/020-NOCRYPTO.patch deleted file mode 100644 index fbe0cc883..000000000 --- a/shadowsocks-libev/patches/020-NOCRYPTO.patch +++ /dev/null @@ -1,632 +0,0 @@ -From e9fc31e06453cacf662448663f0c79ae4878fed5 Mon Sep 17 00:00:00 2001 -From: Fejes Ferenc -Date: Mon, 31 Jul 2017 12:08:11 +0200 -Subject: [PATCH 01/17] No encryption initial implementation - -Set cipher az "none" to disable encryption. ---- - completions/bash/ss-local | 2 +- - completions/bash/ss-manager | 2 +- - completions/bash/ss-redir | 2 +- - completions/bash/ss-server | 4 ++-- - completions/bash/ss-tunnel | 2 +- - completions/zsh/_ss-local | 2 +- - completions/zsh/_ss-manager | 2 +- - completions/zsh/_ss-redir | 2 +- - completions/zsh/_ss-server | 2 +- - completions/zsh/_ss-tunnel | 2 +- - doc/shadowsocks-libev.asciidoc | 4 +++- - doc/ss-local.asciidoc | 4 +++- - doc/ss-manager.asciidoc | 4 +++- - doc/ss-redir.asciidoc | 4 +++- - doc/ss-server.asciidoc | 4 +++- - doc/ss-tunnel.asciidoc | 4 +++- - src/Makefile.am | 3 ++- - src/crypto.c | 15 +++++++++++++++ - src/noencrypt.c | 25 +++++++++++++++++++++++++ - src/noencrypt.h | 11 +++++++++++ - src/server.c | 2 +- - src/stream.c | 17 ++++++++--------- - src/utils.c | 2 +- - 27 files changed, 100 insertions(+), 37 deletions(-) - create mode 100644 src/noencrypt.c - create mode 100644 src/noencrypt.h - -diff --git a/completions/bash/ss-local b/completions/bash/ss-local -index 0186ccc4..57fa318b 100644 ---- a/completions/bash/ss-local -+++ b/completions/bash/ss-local -@@ -2,7 +2,7 @@ _ss_local() - { - local cur prev opts ciphers - opts='-s -p -l -k -m -a -f -t -c -n -i -b -u -U -v -h --reuse-port --fast-open --acl --mtu --mptcp --no-delay --key --plugin --plugin-opts --help' -- ciphers='rc4-md5 aes-128-gcm aes-192-gcm aes-256-gcm aes-128-cfb aes-192-cfb aes-256-cfb aes-128-ctr aes-192-ctr aes-256-ctr camellia-128-cfb camellia-192-cfb camellia-256-cfb bf-cfb chacha20-ietf-poly1305 xchacha20-ietf-poly1305 salsa20 chacha20 chacha20-ietf' -+ ciphers='none rc4-md5 aes-128-gcm aes-192-gcm aes-256-gcm aes-128-cfb aes-192-cfb aes-256-cfb aes-128-ctr aes-192-ctr aes-256-ctr camellia-128-cfb camellia-192-cfb camellia-256-cfb bf-cfb chacha20-ietf-poly1305 xchacha20-ietf-poly1305 salsa20 chacha20 chacha20-ietf' - cur=${COMP_WORDS[COMP_CWORD]} - prev="${COMP_WORDS[COMP_CWORD-1]}" - case "$prev" in -diff --git a/completions/bash/ss-manager b/completions/bash/ss-manager -index d3168a3b..de13c9e9 100644 ---- a/completions/bash/ss-manager -+++ b/completions/bash/ss-manager -@@ -2,7 +2,7 @@ _ss_manager() - { - local cur prev opts ciphers - opts='-s -p -l -k -m -a -f -t -c -n -i -b -u -U -v -h --reuse-port --manager-address --executable --mtu --mptcp --plugin --plugin-opts --help' -- ciphers='rc4-md5 aes-128-gcm aes-192-gcm aes-256-gcm aes-128-cfb aes-192-cfb aes-256-cfb aes-128-ctr aes-192-ctr aes-256-ctr camellia-128-cfb camellia-192-cfb camellia-256-cfb bf-cfb chacha20-ietf-poly1305 xchacha20-ietf-poly1305 salsa20 chacha20 chacha20-ietf' -+ ciphers='none rc4-md5 aes-128-gcm aes-192-gcm aes-256-gcm aes-128-cfb aes-192-cfb aes-256-cfb aes-128-ctr aes-192-ctr aes-256-ctr camellia-128-cfb camellia-192-cfb camellia-256-cfb bf-cfb chacha20-ietf-poly1305 xchacha20-ietf-poly1305 salsa20 chacha20 chacha20-ietf' - cur=${COMP_WORDS[COMP_CWORD]} - prev="${COMP_WORDS[COMP_CWORD-1]}" - case "$prev" in -diff --git a/completions/bash/ss-redir b/completions/bash/ss-redir -index 9a14efe8..fdc7b21e 100644 ---- a/completions/bash/ss-redir -+++ b/completions/bash/ss-redir -@@ -2,7 +2,7 @@ _ss_redir() - { - local cur prev opts ciphers - opts='-s -p -l -k -m -a -f -t -c -n -b -u -U -T -v -h --reuse-port --mtu --mptcp --key --plugin --plugin-opts --help' -- ciphers='rc4-md5 aes-128-gcm aes-192-gcm aes-256-gcm aes-128-cfb aes-192-cfb aes-256-cfb aes-128-ctr aes-192-ctr aes-256-ctr camellia-128-cfb camellia-192-cfb camellia-256-cfb bf-cfb chacha20-ietf-poly1305 xchacha20-ietf-poly1305 salsa20 chacha20 chacha20-ietf' -+ ciphers='none rc4-md5 aes-128-gcm aes-192-gcm aes-256-gcm aes-128-cfb aes-192-cfb aes-256-cfb aes-128-ctr aes-192-ctr aes-256-ctr camellia-128-cfb camellia-192-cfb camellia-256-cfb bf-cfb chacha20-ietf-poly1305 xchacha20-ietf-poly1305 salsa20 chacha20 chacha20-ietf' - cur=${COMP_WORDS[COMP_CWORD]} - prev="${COMP_WORDS[COMP_CWORD-1]}" - case "$prev" in -diff --git a/completions/bash/ss-server b/completions/bash/ss-server -index cec983ce..d8f3c298 100644 ---- a/completions/bash/ss-server -+++ b/completions/bash/ss-server -@@ -1,8 +1,8 @@ - _ss_server() - { - local cur prev opts ciphers -- opts='-s -p -l -k -m -a -f -t -c -n -i -b -u -U -6 -d -v -h --reuse-port --fast-open --acl --manager-address --mtu --mptcp --no-delay --key --plugin --plugin-opts --help' -- ciphers='rc4-md5 aes-128-gcm aes-192-gcm aes-256-gcm aes-128-cfb aes-192-cfb aes-256-cfb aes-128-ctr aes-192-ctr aes-256-ctr camellia-128-cfb camellia-192-cfb camellia-256-cfb bf-cfb chacha20-ietf-poly1305 xchacha20-ietf-poly1305 salsa20 chacha20 chacha20-ietf' -+ opts='-s -p -l -k -m -a -f -t -c -n -i -b -u -U -6 -d -v -h --reuse-port --fast-open --acl --manager-address --mtu --mptcp --key --plugin --plugin-opts --help' -+ ciphers='none rc4-md5 aes-128-gcm aes-192-gcm aes-256-gcm aes-128-cfb aes-192-cfb aes-256-cfb aes-128-ctr aes-192-ctr aes-256-ctr camellia-128-cfb camellia-192-cfb camellia-256-cfb bf-cfb chacha20-ietf-poly1305 xchacha20-ietf-poly1305 salsa20 chacha20 chacha20-ietf' - COMPREPLY=() - cur=${COMP_WORDS[COMP_CWORD]} - prev="${COMP_WORDS[COMP_CWORD-1]}" -diff --git a/completions/bash/ss-tunnel b/completions/bash/ss-tunnel -index 707dc7a9..2e119098 100644 ---- a/completions/bash/ss-tunnel -+++ b/completions/bash/ss-tunnel -@@ -2,7 +2,7 @@ _ss_tunnel() - { - local cur prev opts ciphers - opts='-s -p -l -k -m -a -f -t -c -n -i -b -u -U -L -v -h --reuse-port --mtu --mptcp --key --plugin --plugin-opts --help' -- ciphers='rc4-md5 aes-128-gcm aes-192-gcm aes-256-gcm aes-128-cfb aes-192-cfb aes-256-cfb aes-128-ctr aes-192-ctr aes-256-ctr camellia-128-cfb camellia-192-cfb camellia-256-cfb bf-cfb chacha20-ietf-poly1305 xchacha20-ietf-poly1305 salsa20 chacha20 chacha20-ietf' -+ ciphers='none rc4-md5 aes-128-gcm aes-192-gcm aes-256-gcm aes-128-cfb aes-192-cfb aes-256-cfb aes-128-ctr aes-192-ctr aes-256-ctr camellia-128-cfb camellia-192-cfb camellia-256-cfb bf-cfb chacha20-ietf-poly1305 xchacha20-ietf-poly1305 salsa20 chacha20 chacha20-ietf' - cur=${COMP_WORDS[COMP_CWORD]} - prev="${COMP_WORDS[COMP_CWORD-1]}" - compopt +o nospace -diff --git a/completions/zsh/_ss-local b/completions/zsh/_ss-local -index c56ed521..8b12b767 100644 ---- a/completions/zsh/_ss-local -+++ b/completions/zsh/_ss-local -@@ -1,7 +1,7 @@ - #compdef ss-local - - local ciphers --ciphers='(rc4-md5 aes-128-gcm aes-192-gcm aes-256-gcm aes-128-cfb aes-192-cfb aes-256-cfb aes-128-ctr aes-192-ctr aes-256-ctr camellia-128-cfb camellia-192-cfb camellia-256-cfb bf-cfb chacha20-ietf-poly1305 xchacha20-ietf-poly1305 salsa20 chacha20 chacha20-ietf)' -+ciphers='(none rc4-md5 aes-128-gcm aes-192-gcm aes-256-gcm aes-128-cfb aes-192-cfb aes-256-cfb aes-128-ctr aes-192-ctr aes-256-ctr camellia-128-cfb camellia-192-cfb camellia-256-cfb bf-cfb chacha20-ietf-poly1305 xchacha20-ietf-poly1305 salsa20 chacha20 chacha20-ietf)' - - _arguments "-h::" \ - "-s:server host:_hosts" \ -diff --git a/completions/zsh/_ss-manager b/completions/zsh/_ss-manager -index 3e65f6c8..66c101a1 100644 ---- a/completions/zsh/_ss-manager -+++ b/completions/zsh/_ss-manager -@@ -1,7 +1,7 @@ - #compdef ss-manager - - local ciphers --ciphers='(rc4-md5 aes-128-gcm aes-192-gcm aes-256-gcm aes-128-cfb aes-192-cfb aes-256-cfb aes-128-ctr aes-192-ctr aes-256-ctr camellia-128-cfb camellia-192-cfb camellia-256-cfb bf-cfb chacha20-ietf-poly1305 xchacha20-ietf-poly1305 salsa20 chacha20 chacha20-ietf)' -+ciphers='(none rc4-md5 aes-128-gcm aes-192-gcm aes-256-gcm aes-128-cfb aes-192-cfb aes-256-cfb aes-128-ctr aes-192-ctr aes-256-ctr camellia-128-cfb camellia-192-cfb camellia-256-cfb bf-cfb chacha20-ietf-poly1305 xchacha20-ietf-poly1305 salsa20 chacha20 chacha20-ietf)' - - _arguments "-h::" \ - "-s:server host:_hosts" \ -diff --git a/completions/zsh/_ss-redir b/completions/zsh/_ss-redir -index 4f3b065e..6ef867f3 100644 ---- a/completions/zsh/_ss-redir -+++ b/completions/zsh/_ss-redir -@@ -1,7 +1,7 @@ - #compdef ss-redir - - local ciphers --ciphers='(rc4-md5 aes-128-gcm aes-192-gcm aes-256-gcm aes-128-cfb aes-192-cfb aes-256-cfb aes-128-ctr aes-192-ctr aes-256-ctr camellia-128-cfb camellia-192-cfb camellia-256-cfb bf-cfb chacha20-ietf-poly1305 xchacha20-ietf-poly1305 salsa20 chacha20 chacha20-ietf)' -+ciphers='(none rc4-md5 aes-128-gcm aes-192-gcm aes-256-gcm aes-128-cfb aes-192-cfb aes-256-cfb aes-128-ctr aes-192-ctr aes-256-ctr camellia-128-cfb camellia-192-cfb camellia-256-cfb bf-cfb chacha20-ietf-poly1305 xchacha20-ietf-poly1305 salsa20 chacha20 chacha20-ietf)' - - _arguments "-h::" \ - "-s:server host:_hosts" \ -diff --git a/completions/zsh/_ss-server b/completions/zsh/_ss-server -index 8d9f4316..76bae33c 100644 ---- a/completions/zsh/_ss-server -+++ b/completions/zsh/_ss-server -@@ -1,7 +1,7 @@ - #compdef ss-server - - local ciphers --ciphers='(rc4-md5 aes-128-gcm aes-192-gcm aes-256-gcm aes-128-cfb aes-192-cfb aes-256-cfb aes-128-ctr aes-192-ctr aes-256-ctr camellia-128-cfb camellia-192-cfb camellia-256-cfb bf-cfb chacha20-ietf-poly1305 xchacha20-ietf-poly1305 salsa20 chacha20 chacha20-ietf)' -+ciphers='(none rc4-md5 aes-128-gcm aes-192-gcm aes-256-gcm aes-128-cfb aes-192-cfb aes-256-cfb aes-128-ctr aes-192-ctr aes-256-ctr camellia-128-cfb camellia-192-cfb camellia-256-cfb bf-cfb chacha20-ietf-poly1305 xchacha20-ietf-poly1305 salsa20 chacha20 chacha20-ietf)' - - _arguments "-h::" \ - "-s:server host:_hosts" \ -diff --git a/completions/zsh/_ss-tunnel b/completions/zsh/_ss-tunnel -index 5a269900..248451f9 100644 ---- a/completions/zsh/_ss-tunnel -+++ b/completions/zsh/_ss-tunnel -@@ -1,7 +1,7 @@ - #compdef ss-tunnel - - local ciphers --ciphers='(rc4-md5 aes-128-gcm aes-192-gcm aes-256-gcm aes-128-cfb aes-192-cfb aes-256-cfb aes-128-ctr aes-192-ctr aes-256-ctr camellia-128-cfb camellia-192-cfb camellia-256-cfb bf-cfb chacha20-ietf-poly1305 xchacha20-ietf-poly1305 salsa20 chacha20 chacha20-ietf)' -+ciphers='(none rc4-md5 aes-128-gcm aes-192-gcm aes-256-gcm aes-128-cfb aes-192-cfb aes-256-cfb aes-128-ctr aes-192-ctr aes-256-ctr camellia-128-cfb camellia-192-cfb camellia-256-cfb bf-cfb chacha20-ietf-poly1305 xchacha20-ietf-poly1305 salsa20 chacha20 chacha20-ietf)' - - _arguments "-h::" \ - "-s:server host:_hosts" \ -diff --git a/doc/shadowsocks-libev.asciidoc b/doc/shadowsocks-libev.asciidoc -index 5a62f669..f0844a3f 100644 ---- a/doc/shadowsocks-libev.asciidoc -+++ b/doc/shadowsocks-libev.asciidoc -@@ -54,7 +54,9 @@ Set the key directly. The key should be encoded with URL-safe Base64. - Not available in manager mode. - - -m :: --Set the cipher. -+Set the cipher or turn off the encryption. -++ -+To disable encryption use `none` as cipher. - + - *Shadowsocks-libev* accepts 18 different ciphers: - + -diff --git a/doc/ss-local.asciidoc b/doc/ss-local.asciidoc -index 931fcd54..82439e0f 100644 ---- a/doc/ss-local.asciidoc -+++ b/doc/ss-local.asciidoc -@@ -49,7 +49,9 @@ Set the password. The server and the client should use the same password. - Set the key directly. The key should be encoded with URL-safe Base64. - - -m :: --Set the cipher. -+Set the cipher or turn off the encryption. -++ -+To disable encryption use `none` as cipher. - + - *Shadowsocks-libev* accepts 18 different ciphers: - + -diff --git a/doc/ss-manager.asciidoc b/doc/ss-manager.asciidoc -index f344cffa..bc00cac0 100644 ---- a/doc/ss-manager.asciidoc -+++ b/doc/ss-manager.asciidoc -@@ -41,7 +41,9 @@ Set the server's hostname or IP. - Set the password. The server and the client should use the same password. - - -m :: --Set the cipher. -+Set the cipher or turn off the encryption. -++ -+To disable encryption use `none` as cipher. - + - *Shadowsocks-libev* accepts 18 different ciphers: - + -diff --git a/doc/ss-redir.asciidoc b/doc/ss-redir.asciidoc -index f9195b31..6a0207f0 100644 ---- a/doc/ss-redir.asciidoc -+++ b/doc/ss-redir.asciidoc -@@ -48,7 +48,9 @@ Set the password. The server and the client should use the same password. - Set the key directly. The key should be encoded with URL-safe Base64. - - -m :: --Set the cipher. -+Set the cipher or turn off the encryption. -++ -+To disable encryption use `none` as cipher. - + - *Shadowsocks-libev* accepts 18 different ciphers: - + -diff --git a/doc/ss-server.asciidoc b/doc/ss-server.asciidoc -index 866f0605..0fbacb0c 100644 ---- a/doc/ss-server.asciidoc -+++ b/doc/ss-server.asciidoc -@@ -46,7 +46,9 @@ Set the password. The server and the client should use the same password. - Set the key directly. The key should be encoded with URL-safe Base64. - - -m :: --Set the cipher. -+Set the cipher or turn off the encryption. -++ -+To disable encryption use `none` as cipher. - + - *Shadowsocks-libev* accepts 18 different ciphers: - + -diff --git a/doc/ss-tunnel.asciidoc b/doc/ss-tunnel.asciidoc -index b4b3e6ec..96ab1d5e 100644 ---- a/doc/ss-tunnel.asciidoc -+++ b/doc/ss-tunnel.asciidoc -@@ -48,7 +48,9 @@ Set the password. The server and the client should use the same password. - Set the key directly. The key should be encoded with URL-safe Base64. - - -m :: --Set the cipher. -+Set the cipher or turn off the encryption. -++ -+To disable encryption use `none` as cipher. - + - *Shadowsocks-libev* accepts 18 different ciphers: - + -diff --git a/src/Makefile.am b/src/Makefile.am -index dcc5fd9b..2e689b7a 100644 ---- a/src/Makefile.am -+++ b/src/Makefile.am -@@ -31,7 +31,8 @@ crypto_src = crypto.c \ - aead.c \ - stream.c \ - ppbloom.c \ -- base64.c -+ base64.c \ -+ noencrypt.c - - plugin_src = plugin.c - -diff --git a/src/crypto.c b/src/crypto.c -index df608cea..8c9044f6 100644 ---- a/src/crypto.c -+++ b/src/crypto.c -@@ -41,6 +41,7 @@ - #include "aead.h" - #include "utils.h" - #include "ppbloom.h" -+#include "noencrypt.h" - - int - balloc(buffer_t *ptr, size_t capacity) -@@ -144,6 +145,20 @@ crypto_init(const char *password, const char *key, const char *method) - #endif - - if (method != NULL) { -+ if (strncmp(method, "none", 4) == 0) { -+ crypto_t *crypto = (crypto_t *) malloc(sizeof(crypto_t)); -+ crypto_t temp = { -+ .chiper = NULL, -+ .encrypt_all = &none_stream_all, -+ .decrypt_all = &none_stream_all, -+ .encrypt = &none_stream, -+ .decrypt = &none_stream, -+ .ctx_init = &none_stream_ctx_init, -+ .ctx_release = &none_stream_ctx_release, -+ }; -+ memcpy(crypto, &temp, sizeof(crypto_t)); -+ return crypto; -+ } - for (i = 0; i < STREAM_CIPHER_NUM; i++) - if (strcmp(method, supported_stream_ciphers[i]) == 0) { - m = i; -diff --git a/src/noencrypt.c b/src/noencrypt.c -new file mode 100644 -index 00000000..1804aaa5 ---- /dev/null -+++ b/src/noencrypt.c -@@ -0,0 +1,25 @@ -+#ifdef HAVE_CONFIG_H -+#include "config.h" -+#endif -+ -+#include "noencrypt.h" -+ -+int -+none_stream (buffer_t *chipertext, chiper_ctx_t *chiper_ctx, size_t capacity) { -+ return CRYPTO_OK; -+} -+ -+int -+none_stream_all (buffer_t *plaintext, chiper_t *chiper, size_t capacity) { -+ return CRYPTO_OK; -+} -+ -+void -+none_stream_ctx_init (chiper_t *chiper, chiper_ctx_t *chiper_ctx, int enc) { -+ ; -+} -+ -+void -+plain_stream_ctx_release (chiper_ctx_t *chiper_ctx) { -+ ; -+} -\ No newline at end of file -diff --git a/src/noencrypt.h b/src/noencrypt.h -new file mode 100644 -index 00000000..38057da7 ---- /dev/null -+++ b/src/noencrypt.h -@@ -0,0 +1,11 @@ -+#ifndef _NOENCRYPT_H -+#define _NOENCRYPT_H -+ -+#include "noencrypt.h" -+ -+int none_stream_all(buffer_t *, cipher_t *, size_t); -+int none_stream(buffer_t *, cipher_ctx_t *, size_t); -+int none_stream_ctx_init(cipher_t *, cipher_ctx_t *, int); -+int none_stream_ctx_release(cipher_ctx_t *); -+ -+#endif _NOENCRYPT_H -\ No newline at end of file -diff --git a/src/server.c b/src/server.c -index 3132c4d4..5fa87c28 100644 ---- a/src/server.c -+++ b/src/server.c -@@ -1710,7 +1710,7 @@ main(int argc, char **argv) - } - - if (server_num == 0 || server_port == NULL -- || (password == NULL && key == NULL)) { -+ || (strncmp(method, "none", 4) && password == NULL && key == NULL)) { - usage(); - exit(EXIT_FAILURE); - } -diff --git a/src/stream.c b/src/stream.c -index 5196c9ef..12c8be33 100644 ---- a/src/stream.c -+++ b/src/stream.c -@@ -72,8 +72,7 @@ - * - */ - --#define NONE -1 --#define TABLE 0 -+#define NONE 0 - #define RC4 1 - #define RC4_MD5 2 - #define AES_128_CFB 3 -@@ -96,7 +95,7 @@ - #define CHACHA20IETF 20 - - const char *supported_stream_ciphers[STREAM_CIPHER_NUM] = { -- "table", -+ "none", - "rc4", - "rc4-md5", - "aes-128-cfb", -@@ -198,7 +197,7 @@ cipher_key_size(const cipher_t *cipher) - const cipher_kt_t * - stream_get_cipher_type(int method) - { -- if (method <= TABLE || method >= STREAM_CIPHER_NUM) { -+ if (method <= NONE || method >= STREAM_CIPHER_NUM) { - LOGE("stream_get_cipher_type(): Illegal method"); - return NULL; - } -@@ -224,7 +223,7 @@ stream_get_cipher_type(int method) - void - stream_cipher_ctx_init(cipher_ctx_t *ctx, int method, int enc) - { -- if (method <= TABLE || method >= STREAM_CIPHER_NUM) { -+ if (method <= NONE || method >= STREAM_CIPHER_NUM) { - LOGE("stream_ctx_init(): Illegal method"); - return; - } -@@ -622,7 +621,7 @@ stream_ctx_init(cipher_t *cipher, cipher_ctx_t *cipher_ctx, int enc) - cipher_t * - stream_key_init(int method, const char *pass, const char *key) - { -- if (method <= TABLE || method >= STREAM_CIPHER_NUM) { -+ if (method <= NONE || method >= STREAM_CIPHER_NUM) { - LOGE("cipher->key_init(): Illegal method"); - return NULL; - } -@@ -666,9 +665,9 @@ stream_key_init(int method, const char *pass, const char *key) - cipher_t * - stream_init(const char *pass, const char *key, const char *method) - { -- int m = TABLE; -+ int m = NONE; - if (method != NULL) { -- for (m = TABLE; m < STREAM_CIPHER_NUM; m++) -+ for (m = NONE; m < STREAM_CIPHER_NUM; m++) - if (strcmp(method, supported_stream_ciphers[m]) == 0) { - break; - } -@@ -677,7 +676,7 @@ stream_init(const char *pass, const char *key, const char *method) - m = RC4_MD5; - } - } -- if (m == TABLE) { -+ if (m == NONE) { - LOGE("Table is deprecated"); - return NULL; - } -diff --git a/src/utils.c b/src/utils.c -index b9142e7e..70bc99bb 100644 ---- a/src/utils.c -+++ b/src/utils.c -@@ -289,7 +289,7 @@ usage() - printf( - " -k Password of your remote server.\n"); - printf( -- " -m Encrypt method: rc4-md5, \n"); -+ " -m Encrypt method: none, rc4-md5, \n"); - printf( - " aes-128-gcm, aes-192-gcm, aes-256-gcm,\n"); - printf( - -From 4cbca114514b06a5cbc6c2bab21929fe861852fb Mon Sep 17 00:00:00 2001 -From: Fejes Ferenc -Date: Mon, 31 Jul 2017 12:39:58 +0200 -Subject: [PATCH 06/17] Fixes - ---- - src/crypto.c | 2 +- - src/noencrypt.h | 6 +++--- - 2 files changed, 4 insertions(+), 4 deletions(-) - -diff --git a/src/crypto.c b/src/crypto.c -index 8c9044f6..98edee4f 100644 ---- a/src/crypto.c -+++ b/src/crypto.c -@@ -148,7 +148,7 @@ crypto_init(const char *password, const char *key, const char *method) - if (strncmp(method, "none", 4) == 0) { - crypto_t *crypto = (crypto_t *) malloc(sizeof(crypto_t)); - crypto_t temp = { -- .chiper = NULL, -+ .cipher = NULL, - .encrypt_all = &none_stream_all, - .decrypt_all = &none_stream_all, - .encrypt = &none_stream, -diff --git a/src/noencrypt.h b/src/noencrypt.h -index 38057da7..206c18de 100644 ---- a/src/noencrypt.h -+++ b/src/noencrypt.h -@@ -5,7 +5,7 @@ - - int none_stream_all(buffer_t *, cipher_t *, size_t); - int none_stream(buffer_t *, cipher_ctx_t *, size_t); --int none_stream_ctx_init(cipher_t *, cipher_ctx_t *, int); --int none_stream_ctx_release(cipher_ctx_t *); -+void none_stream_ctx_init(cipher_t *, cipher_ctx_t *, int); -+void none_stream_ctx_release(cipher_ctx_t *); - --#endif _NOENCRYPT_H -\ No newline at end of file -+#endif //_NOENCRYPT_H -\ No newline at end of file - -From 07607127317804319b0cb358080516ee99cf30e0 Mon Sep 17 00:00:00 2001 -From: Fejes Ferenc -Date: Mon, 31 Jul 2017 12:57:46 +0200 -Subject: [PATCH 08/17] fixed typenames - ---- - src/noencrypt.c | 8 ++++---- - src/noencrypt.h | 2 +- - 3 files changed, 7 insertions(+), 6 deletions(-) - -diff --git a/src/noencrypt.c b/src/noencrypt.c -index 1804aaa5..114c908d 100644 ---- a/src/noencrypt.c -+++ b/src/noencrypt.c -@@ -5,21 +5,21 @@ - #include "noencrypt.h" - - int --none_stream (buffer_t *chipertext, chiper_ctx_t *chiper_ctx, size_t capacity) { -+none_stream (buffer_t *chipertext, cipher_ctx_t *chiper_ctx, size_t capacity) { - return CRYPTO_OK; - } - - int --none_stream_all (buffer_t *plaintext, chiper_t *chiper, size_t capacity) { -+none_stream_all (buffer_t *plaintext, cipher_t *chiper, size_t capacity) { - return CRYPTO_OK; - } - - void --none_stream_ctx_init (chiper_t *chiper, chiper_ctx_t *chiper_ctx, int enc) { -+none_stream_ctx_init (chiper_t *chiper, cipher_ctx_t *chiper_ctx, int enc) { - ; - } - - void --plain_stream_ctx_release (chiper_ctx_t *chiper_ctx) { -+plain_stream_ctx_release (cipher_ctx_t *chiper_ctx) { - ; - } -\ No newline at end of file -diff --git a/src/noencrypt.h b/src/noencrypt.h -index 206c18de..48954115 100644 ---- a/src/noencrypt.h -+++ b/src/noencrypt.h -@@ -1,7 +1,7 @@ - #ifndef _NOENCRYPT_H - #define _NOENCRYPT_H - --#include "noencrypt.h" -+#include "crypto.h" - - int none_stream_all(buffer_t *, cipher_t *, size_t); - int none_stream(buffer_t *, cipher_ctx_t *, size_t); - -From 4d1c15ba49a58359234174e775b509efa07bbb95 Mon Sep 17 00:00:00 2001 -From: Fejes Ferenc -Date: Mon, 31 Jul 2017 13:14:53 +0200 -Subject: [PATCH 09/17] small fix - ---- - src/noencrypt.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/src/noencrypt.c b/src/noencrypt.c -index 114c908d..8ddcaabb 100644 ---- a/src/noencrypt.c -+++ b/src/noencrypt.c -@@ -15,7 +15,7 @@ none_stream_all (buffer_t *plaintext, cipher_t *chiper, size_t capacity) { - } - - void --none_stream_ctx_init (chiper_t *chiper, cipher_ctx_t *chiper_ctx, int enc) { -+none_stream_ctx_init (cipher_t *chiper, cipher_ctx_t *chiper_ctx, int enc) { - ; - } - - -From 01294c25e8e02c399a9df17a13758e7f9f16ed8f Mon Sep 17 00:00:00 2001 -From: Fejes Ferenc -Date: Mon, 31 Jul 2017 13:22:44 +0200 -Subject: [PATCH 11/17] Do not optimize away the unused variablas - ---- - src/noencrypt.c | 6 ++++-- - 1 file changed, 4 insertions(+), 2 deletions(-) - -diff --git a/src/noencrypt.c b/src/noencrypt.c -index 8ddcaabb..e9bf017d 100644 ---- a/src/noencrypt.c -+++ b/src/noencrypt.c -@@ -6,20 +6,22 @@ - - int - none_stream (buffer_t *chipertext, cipher_ctx_t *chiper_ctx, size_t capacity) { -+ (void) chipertext; (void) chiper_ctx; (void) capacity; - return CRYPTO_OK; - } - - int - none_stream_all (buffer_t *plaintext, cipher_t *chiper, size_t capacity) { -+ (void) plaintext; (void) chiper; (void) capacity; - return CRYPTO_OK; - } - - void - none_stream_ctx_init (cipher_t *chiper, cipher_ctx_t *chiper_ctx, int enc) { -- ; -+ (void) chiper; (void) chiper_ctx; (void) enc; - } - - void - plain_stream_ctx_release (cipher_ctx_t *chiper_ctx) { -- ; -+ (void) chiper_ctx; - } -\ No newline at end of file - -From 1b0c88066515ea496c00049cb5aff92decdbe05a Mon Sep 17 00:00:00 2001 -From: Fejes Ferenc -Date: Mon, 31 Jul 2017 13:39:57 +0200 -Subject: [PATCH 13/17] code fix - ---- - src/noencrypt.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/src/noencrypt.c b/src/noencrypt.c -index e9bf017d..76253647 100644 ---- a/src/noencrypt.c -+++ b/src/noencrypt.c -@@ -22,6 +22,6 @@ none_stream_ctx_init (cipher_t *chiper, cipher_ctx_t *chiper_ctx, int enc) { - } - - void --plain_stream_ctx_release (cipher_ctx_t *chiper_ctx) { -+none_stream_ctx_release (cipher_ctx_t *chiper_ctx) { - (void) chiper_ctx; - } -\ No newline at end of file