1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
use std::{io, sync::Arc, time::Duration};
use futures::{future, FutureExt};
use log::trace;
use shadowsocks::net::{AcceptOpts, ConnectOpts};
use crate::{
config::{Config, ConfigType},
dns::build_dns_resolver,
};
pub use self::server::Server;
pub mod context;
#[allow(clippy::module_inception)]
pub mod server;
mod tcprelay;
mod udprelay;
pub(crate) const SERVER_DEFAULT_KEEPALIVE_TIMEOUT: Duration = Duration::from_secs(15);
pub async fn run(config: Config) -> io::Result<()> {
assert_eq!(config.config_type, ConfigType::Server);
assert!(!config.server.is_empty());
trace!("{:?}", config);
#[cfg(feature = "stream-cipher")]
for server in config.server.iter() {
if server.method().is_stream() {
log::warn!("stream cipher {} for server {} have inherent weaknesses (see discussion in https://github.com/shadowsocks/shadowsocks-org/issues/36). \
DO NOT USE. It will be removed in the future.", server.method(), server.addr());
}
}
#[cfg(all(unix, not(target_os = "android")))]
if let Some(nofile) = config.nofile {
use crate::sys::set_nofile;
if let Err(err) = set_nofile(nofile) {
log::warn!("set_nofile {} failed, error: {}", nofile, err);
}
}
let mut servers = Vec::new();
let mut connect_opts = ConnectOpts {
#[cfg(any(target_os = "linux", target_os = "android"))]
fwmark: config.outbound_fwmark,
#[cfg(target_os = "android")]
vpn_protect_path: config.outbound_vpn_protect_path,
bind_local_addr: config.outbound_bind_addr,
bind_interface: config.outbound_bind_interface,
..Default::default()
};
connect_opts.tcp.send_buffer_size = config.outbound_send_buffer_size;
connect_opts.tcp.recv_buffer_size = config.outbound_recv_buffer_size;
connect_opts.tcp.nodelay = config.no_delay;
connect_opts.tcp.fastopen = config.fast_open;
connect_opts.tcp.keepalive = config.keep_alive.or(Some(SERVER_DEFAULT_KEEPALIVE_TIMEOUT));
let mut accept_opts = AcceptOpts {
ipv6_only: config.ipv6_only,
..Default::default()
};
accept_opts.tcp.send_buffer_size = config.inbound_send_buffer_size;
accept_opts.tcp.recv_buffer_size = config.inbound_recv_buffer_size;
accept_opts.tcp.nodelay = config.no_delay;
accept_opts.tcp.fastopen = config.fast_open;
accept_opts.tcp.keepalive = config.keep_alive.or(Some(SERVER_DEFAULT_KEEPALIVE_TIMEOUT));
let resolver = build_dns_resolver(config.dns, config.ipv6_first, &connect_opts)
.await
.map(Arc::new);
let acl = config.acl.map(Arc::new);
for svr_cfg in config.server {
let mut server = Server::new(svr_cfg);
if let Some(ref r) = resolver {
server.set_dns_resolver(r.clone());
}
server.set_connect_opts(connect_opts.clone());
server.set_accept_opts(accept_opts.clone());
if let Some(c) = config.udp_max_associations {
server.set_udp_capacity(c);
}
if let Some(d) = config.udp_timeout {
server.set_udp_expiry_duration(d);
}
if let Some(ref m) = config.manager {
server.set_manager_addr(m.addr.clone());
}
if let Some(ref acl) = acl {
server.set_acl(acl.clone());
}
if config.ipv6_first {
server.set_ipv6_first(config.ipv6_first);
}
server.set_security_config(&config.security);
servers.push(server);
}
let mut vfut = Vec::with_capacity(servers.len());
for server in servers {
vfut.push(server.run().boxed());
}
let (res, ..) = future::select_all(vfut).await;
res
}