ss

package
v0.0.0-...-0299622 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Feb 12, 2026 License: MIT Imports: 13 Imported by: 0

Documentation

Overview

Package ss implements replay attack protection for Shadowsocks. It uses a Bloom filter to efficiently detect and reject replayed packets.

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func NewSSHandler 

func NewSSHandler(method, password string, log logger.Logger) (protocol.Handler, error)

NewSSHandler creates a new Shadowsocks protocol handler

Types

type Filter 

type Filter struct {
	// contains filtered or unexported fields
}

Filter is a time-based Bloom filter for replay attack detection

func NewFilter 

func NewFilter(config *FilterConfig) *Filter

NewFilter creates a new replay filter

func (*Filter) Check 

func (f *Filter) Check(data []byte) bool

Check checks if the data has been seen before and adds it to the filter Returns true if this is a replay (data was seen before)

func (*Filter) GetStats 

func (f *Filter) GetStats() Stats

GetStats returns current statistics

func (*Filter) Reset 

func (f *Filter) Reset()

Reset clears both filters

type FilterConfig 

type FilterConfig struct {
	// Size is the number of bits in the Bloom filter
	Size uint32
	// HashCount is the number of hash functions
	HashCount uint32
	// Interval is the rotation interval
	Interval time.Duration
}

FilterConfig configures the replay filter

func DefaultFilterConfig 

func DefaultFilterConfig() *FilterConfig

DefaultFilterConfig returns the default configuration

type NonceFilter 

type NonceFilter struct {
	// contains filtered or unexported fields
}

NonceFilter is a replay filter specifically for AEAD nonces

func NewNonceFilter 

func NewNonceFilter(ttl time.Duration) *NonceFilter

NewNonceFilter creates a new nonce-based replay filter

func (*NonceFilter) Check 

func (nf *NonceFilter) Check(nonce []byte) bool

Check checks if the nonce has been seen

func (*NonceFilter) Reset 

func (nf *NonceFilter) Reset()

Reset clears all stored nonces

func (*NonceFilter) Size 

func (nf *NonceFilter) Size() int

Size returns the number of stored nonces

type SaltFilter 

type SaltFilter struct {
	// contains filtered or unexported fields
}

SaltFilter is a replay filter that uses salt + IV for detection

func NewSaltFilter 

func NewSaltFilter(config *FilterConfig) *SaltFilter

NewSaltFilter creates a new salt-based replay filter

func (*SaltFilter) Check 

func (sf *SaltFilter) Check(salt, iv []byte) bool

Check checks if the salt+IV combination has been seen

func (*SaltFilter) GetStats 

func (sf *SaltFilter) GetStats() Stats

GetStats returns statistics

func (*SaltFilter) Reset 

func (sf *SaltFilter) Reset()

Reset clears the filter

type Stats 

type Stats struct {
	CurrentCount  uint64
	PreviousCount uint64
	Size          uint32
	HashCount     uint32
	LastRotate    time.Time
}

Stats returns statistics about the filter

type UDPHandler 

type UDPHandler struct {
	// contains filtered or unexported fields
}

UDPHandler handles Shadowsocks UDP relay

func NewUDPHandler 

func NewUDPHandler(method, password string, log logger.Logger) (*UDPHandler, error)

NewUDPHandler creates a new Shadowsocks UDP handler

func (*UDPHandler) HandlePacket 

func (h *UDPHandler) HandlePacket(ctx context.Context, conn net.PacketConn) error

HandlePacket implements protocol.PacketHandler interface

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.