Architecture of Shadowsocks-go
Shadowsocks-local
Description
Shadowsocks-local forwards and encrypts local socks traffic to shadowsocks-server, receive and decrypts traffic from remote shadowsocks-server back to clients.The client maybe an application with SOCKS5 proxy support, or a browser plugin.
Init-process
This init-process is trivial,except that for each (encrypt method, password) pair, a cipher is initialized only once, following a cache pattern.
Main-loop
Main-loop follows a trivial pattern where the server fires a go-routine to handle connection whenever one is available.
Connection-handler
This is the part which implements SOCKS5 protocol, it only allows version5 and connect command.Note that whichever step 3~7 fails, the client connection is guaranteed to be closed by the deferred handler.
Circuit-break
There’s an interesting detail in step 7 above, which follows a retry-pattern. It tries to connect a server whose failCnt is 0 at 100% probability, or a server whose failCnt greater than zero at a probability of 1/(failCnt + 20). Once a connection fails, the failCnt is incremented by 1 capped 30.If a later connection succeeds, the failCnt is cleared.
Shadowsocks-server
Description
Shadowsocks-server forwards and decrypts socks traffic to real server, receive and encrypts traffic from the real server back to shadowsocks-local.
The server consists of 3 functional parts: a TCP server daemon, a UDP server daemon, and a optional management daemon.
In this section I only want to introduce the TCP server, because the others are straightforward.
Init-process
Basically speaking,after the init-process finishes config-processing stuff like above, it registers a TCP-server go-routine, a UDP server go-routine(if udp is enabled) for each port and, if configured, it will fire a management go-routine listening for udp packets.
TCP-server
Main-flow
Handler
Works almost idententicaly like the shadowsocks-local server,except that it connects to the real server so it uses a raw tcp connection, and it does some log stuff and registers a callback which updates traffic statistics after the connection is finished.
Congratulations @wingt! You received a personal award!
You can view your badges on your Steem Board and compare to others on the Steem Ranking
Vote for @Steemitboard as a witness to get one more award and increased upvotes!