Architecture of Shadowsocks-go

in #technology6 years ago

Shadowsocks-local

Description

Shadowsocks-local forwards and encrypts local socks traffic to shadowsocks-server, receive and decrypts traffic from remote shadowsocks-server back to clients.The client maybe an application with SOCKS5 proxy support, or a browser plugin.
Init-process
This init-process is trivial,except that for each (encrypt method, password) pair, a cipher is initialized only once, following a cache pattern.

Main-loop

Main-loop follows a trivial pattern where the server fires a go-routine to handle connection whenever one is available.
Connection-handler
This is the part which implements SOCKS5 protocol, it only allows version5 and connect command.Note that whichever step 3~7 fails, the client connection is guaranteed to be closed by the deferred handler.

Circuit-break

There’s an interesting detail in step 7 above, which follows a retry-pattern. It tries to connect a server whose failCnt is 0 at 100% probability, or a server whose failCnt greater than zero at a probability of 1/(failCnt + 20). Once a connection fails, the failCnt is incremented by 1 capped 30.If a later connection succeeds, the failCnt is cleared.

Shadowsocks-server

Description

Shadowsocks-server forwards and decrypts socks traffic to real server, receive and encrypts traffic from the real server back to shadowsocks-local.
The server consists of 3 functional parts: a TCP server daemon, a UDP server daemon, and a optional management daemon.
In this section I only want to introduce the TCP server, because the others are straightforward.
Init-process
Basically speaking,after the init-process finishes config-processing stuff like above, it registers a TCP-server go-routine, a UDP server go-routine(if udp is enabled) for each port and, if configured, it will fire a management go-routine listening for udp packets.

TCP-server

Main-flow

Handler

Works almost idententicaly like the shadowsocks-local server,except that it connects to the real server so it uses a raw tcp connection, and it does some log stuff and registers a callback which updates traffic statistics after the connection is finished.

Sort:  

Congratulations @wingt! You received a personal award!

Happy Birthday! - You are on the Steem blockchain for 1 year!

You can view your badges on your Steem Board and compare to others on the Steem Ranking

Vote for @Steemitboard as a witness to get one more award and increased upvotes!

Coin Marketplace

STEEM 0.22
TRX 0.26
JST 0.039
BTC 98362.82
ETH 3451.59
USDT 1.00
SBD 3.21