feat: make aead-cipher an optional feature

shadowsocks · Nov 2, 2024 · f8e6941 · f8e6941
1 parent e2ae9c8
commit f8e6941
Show file tree

Hide file tree

Showing 5 changed files with 38 additions and 13 deletions.
diff --git a/Cargo.lock b/Cargo.lock
diff --git a/Cargo.toml b/Cargo.toml
@@ -1,6 +1,6 @@
 [package]
 name = "shadowsocks-rust"
-version = "1.21.2"
+version = "1.21.3"
 authors = ["Shadowsocks Contributors"]
 description = "shadowsocks is a fast tunnel proxy that helps you bypass firewalls."
 repository = "https://github.com/shadowsocks/shadowsocks-rust"
@@ -67,11 +67,19 @@ default = [
     "local-tunnel",
     "local-socks4",
     "multi-threaded",
+    "aead-cipher",
     "aead-cipher-2022",
 ]
 
 # Basic Features
-basic = ["logging", "hickory-dns", "local", "server", "multi-threaded"]
+basic = [
+    "logging",
+    "hickory-dns",
+    "local",
+    "server",
+    "multi-threaded",
+    "aead-cipher",
+]
 
 # All Suggested Features
 full = [
@@ -95,6 +103,7 @@ full = [
     "local-online-config",
     "multi-threaded",
     "stream-cipher",
+    "aead-cipher",
     "aead-cipher-2022",
 ]
 
@@ -190,9 +199,12 @@ multi-threaded = ["tokio/rt-multi-thread"]
 # Users should always avoid using these ciphers in practice
 stream-cipher = ["shadowsocks-service/stream-cipher"]
 
+# Enable AEAD ciphers
+aead-cipher = ["shadowsocks-service/aead-cipher"]
+
 # Enable extra AEAD ciphers
 # WARN: These non-standard AEAD ciphers are not officially supported by shadowsocks community
-aead-cipher-extra = ["shadowsocks-service/aead-cipher-extra"]
+aead-cipher-extra = ["aead-cipher", "shadowsocks-service/aead-cipher-extra"]
 
 # Enable AEAD 2022
 aead-cipher-2022 = ["shadowsocks-service/aead-cipher-2022"]
@@ -248,7 +260,7 @@ jemallocator = { version = "0.5", optional = true }
 snmalloc-rs = { version = "0.3", optional = true }
 rpmalloc = { version = "0.2", optional = true }
 
-shadowsocks-service = { version = "1.21.2", path = "./crates/shadowsocks-service" }
+shadowsocks-service = { version = "1.21.3", path = "./crates/shadowsocks-service" }
 
 windows-service = { version = "0.7", optional = true }
 

diff --git a/crates/shadowsocks-service/Cargo.toml b/crates/shadowsocks-service/Cargo.toml
@@ -1,6 +1,6 @@
 [package]
 name = "shadowsocks-service"
-version = "1.21.2"
+version = "1.21.3"
 authors = ["Shadowsocks Contributors"]
 description = "shadowsocks is a fast tunnel proxy that helps you bypass firewalls."
 repository = "https://github.com/shadowsocks/shadowsocks-rust"
@@ -15,6 +15,9 @@ rust-version = "1.74"
 maintenance = { status = "passively-maintained" }
 
 [features]
+# WARN: Just for compatible. May be removed in the future releases.
+default = ["aead-cipher"]
+
 full = [
     "local",
     "server",
@@ -24,6 +27,7 @@ full = [
     "local-redir",
     "local-tunnel",
     "local-socks4",
+    "aead-cipher",
 ]
 
 # Enable local server
@@ -114,14 +118,20 @@ local-online-config = [
 # Users should always avoid using these ciphers in practice
 stream-cipher = ["shadowsocks/stream-cipher"]
 
+# Enable AEAD ciphers
+aead-cipher = ["shadowsocks/aead-cipher"]
+
 # Enable extra AEAD ciphers
 # WARN: These non-standard AEAD ciphers are not officially supported by shadowsocks community
-aead-cipher-extra = ["shadowsocks/aead-cipher-extra"]
+aead-cipher-extra = ["aead-cipher", "shadowsocks/aead-cipher-extra"]
 
 # Enable AEAD 2022
 aead-cipher-2022 = ["shadowsocks/aead-cipher-2022"]
 # Enable AEAD 2022 with extra ciphers
-aead-cipher-2022-extra = ["shadowsocks/aead-cipher-2022-extra"]
+aead-cipher-2022-extra = [
+    "aead-cipher-2022",
+    "shadowsocks/aead-cipher-2022-extra",
+]
 
 # Enable detection against replay attack
 security-replay-attack-detect = ["shadowsocks/security-replay-attack-detect"]
@@ -205,7 +215,7 @@ serde = { version = "1.0", features = ["derive"] }
 json5 = "0.4"
 bson = { version = "2.13.0", optional = true }
 
-shadowsocks = { version = "1.21.0", path = "../shadowsocks", default-features = false }
+shadowsocks = { version = "1.21.1", path = "../shadowsocks", default-features = false }
 
 # Just for the ioctl call macro
 [target.'cfg(any(target_os = "macos", target_os = "ios", target_os = "freebsd", target_os = "openbsd"))'.dependencies]

diff --git a/crates/shadowsocks-service/src/manager/server.rs b/crates/shadowsocks-service/src/manager/server.rs
@@ -473,7 +473,10 @@ impl Manager {
                     return Ok(AddResponse(err));
                 }
             },
+            #[cfg(feature = "aead-cipher")]
             None => self.svr_cfg.method.unwrap_or(CipherKind::CHACHA20_POLY1305),
+            #[cfg(not(feature = "aead-cipher"))]
+            None => return Ok(AddResponse("method is required")),
         };
 
         let mut svr_cfg = ServerConfig::new(addr, req.password.clone(), method);

diff --git a/crates/shadowsocks-service/src/server/udprelay.rs b/crates/shadowsocks-service/src/server/udprelay.rs
@@ -113,9 +113,9 @@ impl UdpServer {
         }
 
         let assoc_map = match svr_cfg.method().category() {
-            CipherCategory::None | CipherCategory::Aead => {
-                NatMap::Association(create_assoc_map(time_to_live, capacity))
-            }
+            CipherCategory::None => NatMap::Association(create_assoc_map(time_to_live, capacity)),
+            #[cfg(feature = "aead-cipher")]
+            CipherCategory::Aead => NatMap::Association(create_assoc_map(time_to_live, capacity)),
             #[cfg(feature = "stream-cipher")]
             CipherCategory::Stream => NatMap::Association(create_assoc_map(time_to_live, capacity)),
             #[cfg(feature = "aead-cipher-2022")]