ss_rs/
context.rs

1//! Shadowsocks context.
2
3use std::net::IpAddr;
4
5use crate::{acl::Acl, security::ReplayProtection};
6
7/// Context for the shadowsocks communication.
8///
9/// It provides replay protection and access control list.
10pub struct Ctx {
11    replay_protection: ReplayProtection,
12    acl: Option<Acl>,
13}
14
15impl Ctx {
16    /// Creates a new context.
17    pub fn new() -> Self {
18        Ctx {
19            replay_protection: ReplayProtection::new(),
20            acl: None,
21        }
22    }
23
24    /// Checks for possible replay attacks.
25    pub fn check_replay(&self, salt: &[u8]) -> bool {
26        self.replay_protection.check_and_insert(&salt)
27    }
28
29    /// Set access control list.
30    pub fn set_acl(&mut self, acl: Acl) {
31        self.acl = Some(acl);
32    }
33
34    /// Returns true if the given ip or host should be bypassed.
35    pub fn is_bypass(&self, ip: IpAddr, host: Option<&str>) -> bool {
36        match self.acl {
37            Some(ref acl) => acl.is_bypass(ip, host),
38            _ => false,
39        }
40    }
41
42    /// Returns true if the given ip or host should be block.
43    pub fn is_block_outbound(&self, ip: IpAddr, host: Option<&str>) -> bool {
44        match self.acl {
45            Some(ref acl) => acl.is_block_outbound(ip, host),
46            _ => false,
47        }
48    }
49}
ss_rs/context.rs

ss_rs/
context.rs
