Iseva elibamba ye-outline-ss-server 1.4 ikhululiwe, kusetshenziswa iphrothokholi ye-Shadowsocks ukufihla imvelo yethrafikhi, ama-firewall adlulayo kanye namasistimu okuhlola amaphakethe akhohlisayo. Iseva ithuthukiswa iphrojekthi ye-Outline, ehlinzeka ngokungeziwe ngohlaka lwezinhlelo zokusebenza zeklayenti kanye nesixhumi esibonakalayo sokulawula esikuvumela ukuthi ukhiphe ngokushesha amaseva e-Shadowsocks anabasebenzisi abaningi ngokusekelwe ku-outline-ss-server ezindaweni zamafu zomphakathi noma kumishini yakho, zilawule ngesixhumi esibonakalayo sewebhu futhi uhlele ukufinyelela komsebenzisi ngokhiye . Ikhodi ithuthukiswa futhi inakekelwa yi-Jigsaw, ingxenye engaphakathi kwe-Google edalelwe ukuthuthukisa amathuluzi okugwema ukucwaninga nokuhlela ukushintshisana kwamahhala kolwazi.
I-Outline-ss-server ibhalwe ku-Go futhi isatshalaliswa ngaphansi kwelayisensi ye-Apache 2.0. Ikhodi esetshenziswa njengesisekelo iseva elibamba i-go-shadowsocks2, edalwe umphakathi wonjiniyela we-Shadowsocks. Muva nje, umsebenzi oyinhloko wephrojekthi ye-Shadowsocks ubugxile ekuthuthukisweni kweseva entsha ngolimi lwe-Rust, futhi ukusetshenziswa kolimi lwe-Go akuzange kubuyekezwe isikhathi esingaphezu konyaka futhi kusalele emuva ngokuphawulekayo ekusebenzeni.
Umehluko phakathi kwe-outline-ss-server kanye ne-go-shadowsocks2 wehla ekusekelweni kokuxhuma abasebenzisi abaningi ngembobo yenethiwekhi eyodwa, ikhono lokuvula izimbobo zenethiwekhi ezimbalwa ukuze uthole ukuxhumeka, ukusekelwa kokuqala kabusha okushisayo nezibuyekezo zokumisa ngaphandle kokunqamula ukuxhumana, eyakhelwe ngaphakathi. ukuqapha kanye namathuluzi okushintsha ithrafikhi ngokusekelwe kungxenyekazi ye-prometheus .io.
i-outline-ss-server futhi yengeza isivikelo esicelweni sophenyo nokuhlaselwa kwe-traffic replay. Ukuhlasela ngezicelo zokuhlolwa kuhloselwe ukunquma ubukhona bommeleli; isibonelo, umhlaseli angathumela amasethi edatha osayizi abahlukahlukene kuseva eqondiwe ye-Shadowsocks futhi ahlaziye ukuthi ingakanani idatha ezofundwa yiseva ngaphambi kokuthola iphutha futhi avale uxhumano. Ukuhlasela kokudlala kabusha kwethrafikhi kusekelwe ekungeneni isikhathi phakathi kweklayenti neseva bese uzama ukudlulisa kabusha idatha ebanjiwe ukuze kunqunywe ukuba khona kommeleli.
Ukuze uvikele ekuhlaselweni ngezicelo zokuhlola, iseva ye-outline-ss-server, lapho idatha engalungile ifika, ayiphazamisi uxhumano futhi ayibonisi iphutha, kodwa iyaqhubeka nokuthola ulwazi, isebenza njengohlobo lwembobo emnyama. Ukuze uvikeleke ekudlaleni kabusha, idatha etholwe kuklayenti iphinde ihlolwe ukuze iphindeke kusetshenziswa amasheke agcinelwe ukulandelana kwezinkulungwane ezimbalwa zokugcina zokuxhawula (ubukhulu bezinkulungwane ezingama-40, usayizi uyasethwa lapho iseva iqala futhi idla amabhayithi angu-20 enkumbulo ngokulandelana). Ukuze uvimbele izimpendulo eziphindaphindiwe ezivela kuseva, zonke izinhlelo zokuxhawula iseva zisebenzisa amakhodi okuqinisekisa e-HMAC anamathegi angu-32-bit.
Ngokwezinga lokucasha kwethrafikhi, iphrothokholi ye-Shadowsocks ekusetshenzisweni kwe-outline-ss-server iseduze nezokuthutha ze-Obfs4 ze-plug-in kunethiwekhi ye-Tor engaziwa. Iphrothokholi yadalelwa ukweqa uhlelo lokuhlolwa kwethrafikhi e-China (βI-Firewall Enkulu Yase-Chinaβ) futhi ikuvumela ukuthi ufihle ngokuphumelelayo ithrafikhi edluliswa kwenye iseva (akulula ukuyibona ithrafikhi ngenxa yokunamathiselwa kwembewu okungahleliwe nokulingisa ukugeleza okuqhubekayo).
I-SOCKS5 isetshenziswa njengephrothokholi yezicelo zommeleli - ummeleli onokusekelwa kwe-SOCKS5 wethulwa kusistimu yendawo, edonsa ithrafikhi iye kuseva ekude lapho izicelo zifakwa khona ngempela. Ithrafikhi phakathi kweklayenti neseva ibekwe emhubheni obethelwe (ukubethela okuqinisekisiwe kusekelwa i-AEAD_CHACHA20_POLY1305, AEAD_AES_128_GCM ne-AEAD_AES_256_GCM), ukufihla iqiniso lokudalwa kwayo kuwumsebenzi oyinhloko wama-Shadowsocks. Ukuhlelwa kwemihubhe ye-TCP ne-UDP kuyasekelwa, kanye nokudalwa kwemigudu engafanele engakhawulelwe yi-SOCKS5 ngokusebenzisa ama-plugin okukhumbuza ukuthutha kwe-plug-in ku-Tor.
Source: opennet.ru