def _find_access_user(self, first_data: bytes): """通过auth校验来找到正确的user""" with memoryview(first_data) as d: salt = first_data[:self.cipher_cls.SALT_SIZE] if salt in self.bf: raise RuntimeError("repeated salt founded!") else: self.bf.add(salt) t1 = time.time() cnt = 0 for user in User.list_by_port(self.user_port).iterator(): if not self.last_access_user: self.last_access_user = user try: cnt += 1 cipher = self.cipher_cls(user.password) with memoryview(first_data) as d: if self.ts_protocol == flag.TRANSPORT_TCP: cipher.decrypt(d) else: cipher.unpack(d) self.access_user = user break except ValueError as e: if e.args[0] != "MAC check failed": raise e del cipher logging.info( f"用户:{self.access_user} 一共寻找了{ cnt }个user,共花费{(time.time()-t1)*1000}ms" )
def get_cipher_by_port(cls, port) -> CipherMan: user_list = User.list_by_port(port) if len(user_list) == 1: access_user = user_list[0] else: access_user = None return cls(user_list, access_user=access_user)
def get_cipher_by_port(cls, port, ts_protocol) -> CipherMan: user_query = User.list_by_port(port) if user_query.count() == 1: access_user = user_query.first() else: access_user = None return cls(port, access_user=access_user, ts_protocol=ts_protocol)
def __init__( self, user_port=None, access_user: User = None, ts_protocol=flag.TRANSPORT_TCP, ): self.user_port = user_port self.access_user = access_user self.ts_protocol = ts_protocol self.cipher = None self._buffer = bytearray() self.last_access_user = None if self.access_user: self.method = access_user.method else: self.method = (User.list_by_port(self.user_port).first().method ) # NOTE 所有的user用的加密方式必须是一种 self.cipher_cls = self.SUPPORT_METHODS.get(self.method) if self.cipher_cls.AEAD_CIPHER: if self.ts_protocol == flag.TRANSPORT_TCP: self._first_data_len = self.cipher_cls.tcp_first_data_len() else: self._first_data_len = self.cipher_cls.udp_first_data_len() else: self._first_data_len = 0
def get_cipher_by_port(cls, port, ts_protocol, peername) -> CipherMan: user_query = User.list_by_port(port) access_user = user_query.first() if user_query.count() == 1 else None return cls(port, access_user=access_user, ts_protocol=ts_protocol, peername=peername)
def __init__( self, user_port=None, access_user: User = None, ts_protocol=flag.TRANSPORT_TCP, peername=None, ): self.user_port = user_port self.access_user = access_user self.ts_protocol = ts_protocol self.peername = peername self.cipher = None self._buffer = bytearray() if self.access_user: self.method = access_user.method else: self.method = (User.list_by_port(self.user_port).first().method ) # NOTE 所有的user用的加密方式必须是一种 self.cipher_cls = SUPPORT_METHODS.get(self.method) if not self.cipher_cls: raise Exception(f"暂时不支持这种加密方式:{self.method}") if self.cipher_cls.AEAD_CIPHER and self.ts_protocol == flag.TRANSPORT_TCP: self._first_data_len = self.cipher_cls.tcp_first_data_len() else: self._first_data_len = 0
def get_cipher_by_port(cls, port) -> CipherMan: user_list = User.list_by_port(port) if len(user_list) != 1: raise ValueError("单个端口找到了多个用户") return cls(user_list[0])