一半君的总结纸

听话只听一半君

shadowsocks libev 3.0 cross compiling for tomato shibby

shadowsocks-libev出到3.0了

edit:
如果不想看下面这一大段垃圾伤眼,可以直接去下载lz编译好的http://oglopss.github.io/ctng-ss-jekyll/

同样使用之前弄出来的ct-ng工具链

  • Use crosstool-ng 1.21 toolchain

    git clone https://github.com/crosstool-ng/crosstool-ng.git
    cd crosstool-ng
    git checkout tags/crosstool-ng-1.21.0
    ./bootstrap
    ./configure
    make && make install
    
  • compile toolchain
    config files gist

    mkdir -p ~/config
    cd ~/config
    
    # copy my ctng.config as .config
    # copy uclibc.config as uclibc.config
    
    ct-ng build.4
    
  • clone shadowsock-libev

    cd ~/Downloads# 连submodule一起clone下来
    git clone --recursive https://github.com/shadowsocks/shadowsocks-libev.git
    cd shadowsocks-libev
    git checkout tags/v3.0.5
    

    如果clone的时候没有连带submodule一起,可以

    # git >= 1.8.2
    git submodule update --recursive --remote
    
    # git >= 1.7.3
    git submodule update --init --recursive
    
    # 如果想把submodule升级到最新,无视repo里的设置
    git pull --recurse-submodules
    
  • 把toolchain加到PATH里

    export PATH=/home/oglop/x-tools/mipsel-unknown-linux-uclibc/bin:$PATH
    
  • libsodium
    cd ~/Downloads/shadowsocks-libev
    export LIBSODIUM_VER=1.0.11
    # 好像这地址挂了
    # wget https://download.libsodium.org/libsodium/releases/libsodium-$LIBSODIUM_VER.tar.gz
    wget --backups=1 https://github.com/jedisct1/libsodium/releases/download/$LIBSODIUM_VER/libsodium-$LIBSODIUM_VER.tar.gz
    tar xvf libsodium-$LIBSODIUM_VER.tar.gz
    pushd libsodium-$LIBSODIUM_VER
    CC=mipsel-unknown-linux-uclibc-gcc CXX=mipsel-unknown-linux-uclibc-g++ AR=mipsel-unknown-linux-uclibc-ar RANLIB=mipsel-unknown-linux-uclibc-ranlib  ./configure --prefix=$HOME/Downloads/libsodium-install --host=mipsel-uclibc-linux
    
    make
    make install
    
    popd
    
  • mbedTLS
    export MBEDTLS_VER=2.4.2
    wget https://tls.mbed.org/download/mbedtls-$MBEDTLS_VER-gpl.tgz
    tar xvf mbedtls-$MBEDTLS_VER-gpl.tgz
    pushd mbedtls-$MBEDTLS_VER
    CC=mipsel-unknown-linux-uclibc-gcc CXX=mipsel-unknown-linux-uclibc-g++ AR=mipsel-unknown-linux-uclibc-ar RANLIB=mipsel-unknown-linux-uclibc-ranlib make SHARED=1 CFLAGS=-fPIC
    
    make install DESTDIR=$HOME/Downloads/mbedtls-install
    
    popd
    

    这里有个问题是如果在make后面不加 SHARED=1 CFLAGS=-fPIC 最后就不会产生对libmbedcrypto.so.0的依赖,但是可执行文件会大一点,因为静态链接进去了大概,但依然会有libev的依赖

  • udns
    export UDNS_VER=0.4
    wget http://www.corpit.ru/mjt/udns/udns-$UDNS_VER.tar.gz
    tar xvf udns-$UDNS_VER.tar.gz
    pushd udns-$UDNS_VERCC=mipsel-unknown-linux-uclibc-gcc CXX=mipsel-unknown-linux-uclibc-g++ AR=mipsel-unknown-linux-uclibc-ar RANLIB=mipsel-unknown-linux-uclibc-ranlib ./configure
    
    make
    # 因为作者没在makefile里放install
    popd
    

    其中conftest过不了,因为是cross compiling,所以去config.lib里做如下修改 跳过conftest

    if [ -n "$CC" ]; then
    -    if ac_run $CC -o conftest conftest.c && ac_run ./conftest; then
    +    if ac_run $CC -o conftest conftest.c; then
    ac_result "\$CC ($CC)"
    else
    ac_result no
    ccld="$cc"
    if [ -n "$LDFLAGS" ]; then ccld="$ccld $LDFLAGS"; fi
    if [ -n "$LIBS" ]; then ccld="$ccld $LIBS"; fi
    -  if ac_yesno "whenever the C compiler ($ccld)
    -           can produce executables" \
    -     ac_compile_run <<EOF
    -int main() { return 0; }
    -EOF
    -  then :
    -  else
    -    ac_fatal "no working C compiler found"
    -  fi
    
  • pcre
    export PCRE_VER=8.40
    wget ftp://ftp.csx.cam.ac.uk/pub/software/programming/pcre/pcre-$PCRE_VER.tar.gz
    tar xvf pcre-$PCRE_VER.tar.gz
    cd pcre-$PCRE_VERCC=mipsel-unknown-linux-uclibc-gcc CXX=mipsel-unknown-linux-uclibc-g++ AR=mipsel-unknown-linux-uclibc-ar RANLIB=mipsel-unknown-linux-uclibc-ranlib ./configure --host=mipsel-uclibc-linux --prefix=$HOME/Downloads/pcre-install
    
    make
    make install
    
  • libev
    git clone https://github.com/enki/libev.git
    cd libev
    CPPFLAGS=-I$HOME/Downloads/udns-0.4 LDFLAGS=-L$HOME/Downloads/udns-0.4  CC=mipsel-unknown-linux-uclibc-gcc CXX=mipsel-unknown-linux-uclibc-g++ AR=mipsel-unknown-linux-uclibc-ar RANLIB=mipsel-unknown-linux-uclibc-ranlib ./configure --prefix=$HOME/Downloads/libev-install --host=mipsel-uclibc-linux
    make
    make install
    
  • shadowsocks-libev
    因为configure没有给libev和udns的配置参数,所以放在CPPFLAGS和LDFLAGS里了

    ./autogen.shCPPFLAGS="-I$HOME/Downloads/udns-0.4 -I$HOME/Downloads/libev-install/include"  LDFLAGS="-Wl,-rpath,/jffs/lib -L$HOME/Downloads/udns-0.4 -L$HOME/Downloads/libev-install/lib"  CC=mipsel-unknown-linux-uclibc-gcc CXX=mipsel-unknown-linux-uclibc-g++ AR=mipsel-unknown-linux-uclibc-ar RANLIB=mipsel-unknown-linux-uclibc-ranlib ./configure --disable-ssp --prefix=$HOME/ss-install --with-pcre=$HOME/Downloads/pcre-install --with-sodium=$HOME/Downloads/libsodium-install --with-mbedtls=$HOME/Downloads/mbedtls-install --disable-documentation --host=mipsel-uclibc-linux
    
    make
    make install
    
    

    注意上面lz把 /opt/lib 放在了 rpath的最前面,这是为了让装有entware的路由器找到 libcrypto.so里的MD5 symbol, 以及libev.so lz把/jffs/lib加到了rpath里面,原因见下文

    lz试过

    -Wl,-z,origin -Wl,-rpath,\$\$ORIGIN':/lib:/usr/lib
    

    不过似乎没效果,也许是v138里的uclibc不支持rpath里用$ORIGIN, 那就还是自己用tomatoedit把.so文件放进/usr/lib吧

  • 然后在$HOME/ss-install下可以见到编译出来的成果,把他们strip小一点然后upx压缩一下

    # 不要压./ss-nat因为他是个shell script
    find . ! -path './ss-nat' -type f | xargs mipsel-unknown-linux-uclibc-strip# upx 一下
    find . ! -path './ss-nat' -type f | xargs ~/Downloads/upx-3.91-amd64_linux/upx
    
    Ultimate Packer for eXecutables
    Copyright (C) 1996 - 2013
    UPX 3.91        Markus Oberhumer, Laszlo Molnar & John Reiser   Sep 30th 2013
    
    File size         Ratio      Format      Name
    --------------------   ------   -----------   -----------
    172376 ->     64116   37.20%  linux/mipsel   ss-local
    150008 ->     56140   37.42%  linux/mipsel   ss-tunnel
    212296 ->     78252   36.86%  linux/mipsel   ss-server
    91372 ->     37552   41.10%  linux/mipsel   ss-manager
    158488 ->     58948   37.19%  linux/mipsel   ss-redir
    --------------------   ------   -----------   -----------
    784540 ->    295008   37.60%                 [ 5 files ]
    
    

    压缩之前

    $ ll --block-size=K
    total 2916K
    -rwxr-xr-x. 1 oglop oglop 663K Feb 16 00:57 ss-local
    -rwxr-xr-x. 1 oglop oglop 339K Feb 16 00:57 ss-manager
    -rwxr-xr-x. 1 oglop oglop   6K Feb 16 00:57 ss-nat
    -rwxr-xr-x. 1 oglop oglop 594K Feb 16 00:57 ss-redir
    -rwxr-xr-x. 1 oglop oglop 737K Feb 16 00:57 ss-server
    -rwxr-xr-x. 1 oglop oglop 567K Feb 16 00:57 ss-tunnel
    
    

    压缩之后

    $ ll --block-size=K
    total 308K
    -rwxr-xr-x. 1 oglop oglop 63K Feb 16 00:58 ss-local
    -rwxr-xr-x. 1 oglop oglop 37K Feb 16 00:58 ss-manager
    -rwxr-xr-x. 1 oglop oglop  6K Feb 16 00:57 ss-nat
    -rwxr-xr-x. 1 oglop oglop 58K Feb 16 00:58 ss-redir
    -rwxr-xr-x. 1 oglop oglop 77K Feb 16 00:58 ss-server
    -rwxr-xr-x. 1 oglop oglop 55K Feb 16 00:58 ss-tunnel
    
  • 拷到路由器上测试一下,lz的路由器是tomato shibby AIO v138,插了优盘,装了entware的
    root@unknown:/jffs/ss# ldd ./ss-server
    libev.so.4 => /jffs/lib/libev.so.4 (0x2aac1000)
    libm.so.0 => /lib/libm.so.0 (0x2aae1000)
    libsodium.so.18 => /usr/lib/libsodium.so.18 (0x2aaf8000)
    libmbedcrypto.so.0 => /jffs/lib/libmbedcrypto.so.0 (0x2ab56000)
    libpcre.so.1 => /usr/lib/libpcre.so.1 (0x2abf0000)
    libgcc_s.so.1 => /lib/libgcc_s.so.1 (0x2ac3c000)
    libpthread.so.0 => /lib/libpthread.so.0 (0x2ac5b000)
    libc.so.0 => /lib/libc.so.0 (0x2ac7e000)
    ld-uClibc.so.0 => /lib/ld-uClibc.so.0 (0x2aaa8000)

    由此看来,默认情况下AIO已经带了大部分需要的lib,(entware的都在/opt/lib下),还少一个libev,少libev和libmbedcrypto, 如果你在 configure ss的时候没加-Wl,-rpath,/jffs/lib 就会找不到libev和libmbedcrypto,此时你要么用tomatoedit把这个so加到固件里,然后重刷,要么可以试试用rpath修改可执行文件的rpath路径

    因为lz的路由器有usb口可以插优盘,而且lz装有entware,所以lz的libev是用opkg install libev直接从repo里装的,省去了一些麻烦.

    root@unknown:/tmp/home/root# opkg install libev
    Installing libev (4.20-1) to root...
    Downloading http://entware.wl500g.info/binaries/mipselsf/libev_4.20-1_mipselsf.ipk.
    Configuring libev.
    

    edit:
    经过尝试把 /opt/lib 加到 rpath里似乎不行,对于>=2.6.3的ss来说,会找不到某个symbol,所以还是需要把编译libev时产生的.so嵌入到/usr/lib下,或者可以试试自定义个路径加到/etc/ld.so.conf里,然后保存进nvram,或者加个/etc/ld.so.conf.d/ss.conf,如果不想重刷路由器的话

    最后…

    root@unknown:/tmp/home/root# ./ss-server -h
    shadowsocks-libev 3.0.5
    
    maintained by Max Lv <max.c.lv@gmail.com> and Linus Yang <laokongzi@gmail.com>
    
    usage:
    
    ss-server
    
    -s <server_host>           Host name or IP address of your remote server.
    -p <server_port>           Port number of your remote server.
    -l <local_port>            Port number of your local server.
    -k <password>              Password of your remote server.
    -m <encrypt_method>        Encrypt method: rc4-md5,
    aes-128-gcm, aes-192-gcm, aes-256-gcm,
    aes-128-cfb, aes-192-cfb, aes-256-cfb,
    aes-128-ctr, aes-192-ctr, aes-256-ctr,
    camellia-128-cfb, camellia-192-cfb,
    camellia-256-cfb, bf-cfb,
    chacha20-ietf-poly1305,
    salsa20, chacha20 and chacha20-ietf.
    The default cipher is rc4-md5.
    
    [-a <user>]                Run as another user.
    [-f <pid_file>]            The file path to store pid.
    [-t <timeout>]             Socket timeout in seconds.
    [-c <config_file>]         The path to config file.
    [-n <number>]              Max number of open files.
    [-i <interface>]           Network interface to bind.
    [-b <local_address>]       Local address to bind.
    
    [-u]                       Enable UDP relay.
    [-U]                       Enable UDP relay and disable TCP relay.
    [-6]                       Resovle hostname to IPv6 address first.
    
    [-d <addr>]                Name servers for internal DNS resolver.
    [--reuse-port]             Enable port reuse.
    [--fast-open]              Enable TCP fast open.
    with Linux kernel > 3.7.0.
    [--acl <acl_file>]         Path to ACL (Access Control List).
    [--manager-address <addr>] UNIX domain socket address.
    [--mtu <MTU>]              MTU of your network interface.
    [--mptcp]                  Enable Multipath TCP on MPTCP Kernel.
    [--key <key_in_base64>]    Key of your remote server.
    [--plugin <name>]          Enable SIP003 plugin. (Experimental)
    [--plugin-opts <options>]  Set SIP003 plugin options. (Experimental)
    
    [-v]                       Verbose mode.
    [-h, --help]               Print this message.
    
    
  • compile simple-obfs
    git clone https://github.com/shadowsocks/simple-obfs
    cd simple-obfs
    git checkout tags/v0.0.3
    git submodule init && git submodule updateLDFLAGS="-Wl,-rpath,/jffs/lib -L$HOME/Downloads/libsodium-install/lib -L$HOME/Downloads/udns-$UDNS_VER -L$HOME/Downloads/libev-install/lib" CFLAGS="-I$HOME/Downloads/libsodium-install/include -I$HOME/Downloads/udns-$UDNS_VER -I$HOME/Downloads/libev-install/include" CC=mipsel-unknown-linux-uclibc-gcc CXX=mipsel-unknown-linux-uclibc-g++ AR=mipsel-unknown-linux-uclibc-ar RANLIB=mipsel-unknown-linux-uclibc-ranlib ./configure --host=mipsel-uclibc-linux --prefix=$HOME/Downloads/obfs-install --disable-ssp --disable-documentation
    make && make install
    
    

    obfs

    root@unknown:/jffs/ss# ./obfs-server -h
    
    simple-obfs 0.0.3
    
    maintained by Max Lv <max.c.lv@gmail.com>
    
    usage:
    
    obfs-server
    
    -s <server_host>           Host name or IP address of your remote server.
    -p <server_port>           Port number of your remote server.
    -l <local_port>            Port number of your local server.
    -r <addr>:<port>           Forward traffic to this remote server address.
    --obfs <http|tls>          Enable obfuscating: HTTP or TLS (Experimental).
    
    [-a <user>]                Run as another user.
    [-f <pid_file>]            The file path to store pid.
    [-t <timeout>]             Socket timeout in seconds.
    [-c <config_file>]         The path to config file.
    [-n <number>]              Max number of open files.
    [-b <local_address>]       Local address to bind.
    
    [-6]                       Resovle hostname to IPv6 address first.
    
    [-d <addr>]                Name servers for internal DNS resolver.
    [--fast-open]              Enable TCP fast open.
    with Linux kernel > 3.7.0.
    [--mptcp]                  Enable Multipath TCP on MPTCP Kernel.
    
    [-v]                       Verbose mode.
    [-h, --help]               Print this message.
    
    root@unknown:/jffs/ss# ./obfs-local  -h
    
    simple-obfs 0.0.3
    
    maintained by Max Lv <max.c.lv@gmail.com>
    
    usage:
    
    obfs-local
    
    -s <server_host>           Host name or IP address of your remote server.
    -p <server_port>           Port number of your remote server.
    -l <local_port>            Port number of your local server.
    --obfs <http|tls>          Enable obfuscating: HTTP or TLS (Experimental).
    --obfs-host <host_name>    Hostname for obfuscating (Experimental).
    
    [-a <user>]                Run as another user.
    [-f <pid_file>]            The file path to store pid.
    [-t <timeout>]             Socket timeout in seconds.
    [-c <config_file>]         The path to config file.
    [-n <number>]              Max number of open files.
    [-b <local_address>]       Local address to bind.
    
    [--fast-open]              Enable TCP fast open.
    with Linux kernel > 3.7.0.
    [--mptcp]                  Enable Multipath TCP on MPTCP Kernel.
    
    [-v]                       Verbose mode.
    [-h, --help]               Print this message.
    
    
  • ps:
    在travis ci上compile mbedtls的时候遇到奇怪的问题

    # 如果使用下面的命令, 在笔记本上一切正常
    CC=mipsel-unknown-linux-uclibc-gcc CXX=mipsel-unknown-linux-uclibc-g++ AR=mipsel-unknown-linux-uclibc-ar RANLIB=mipsel-unknown-linux-uclibc-ranlib make SHARED=1 CFLAGS=-fPIC
    
    总是提示没有看到-fPIC参数
    /home/travis/x-tools/mipsel-unknown-linux-uclibc/lib/gcc/mipsel-unknown-linux-uclibc/5.2.0/../../../../mipsel-unknown-linux-uclibc/bin/ld: aes.o: relocation R_MIPS_HI16 against `a local symbol' can not be used when making a shared object; recompile with -fPIC
    aes.o: could not read symbols: Bad value
    collect2: error: ld returned 1 exit status
    make[1]: *** [libmbedcrypto.so.0] Error 1
    make: *** [lib] Error 2
    
    # 必须改成这样才行
    CC="mipsel-unknown-linux-uclibc-gcc -fPIC" CXX="mipsel-unknown-linux-uclibc-g++ -fPIC" AR=mipsel-unknown-linux-uclibc-ar RANLIB=mipsel-unknown-linux-uclibc-ranlib make SHARED=1
    

    如果mbedtls不编译成动态的(不加SHARED=1 CFLAGS=-fPIC ),编译出来的可执行文件会大一些,但是同时也少了一个依赖,不过lz还是希望可执行文件小一点,所以文末提供的下载是上面所示的更小的版本

    total 532K
    -rwxr-xr-x 1 travis travis 119K Feb 17 08:21 ss-local
    -rwxr-xr-x 1 travis travis  37K Feb 17 08:21 ss-manager
    -rwxr-xr-x 1 travis travis   6K Feb 17 08:21 ss-nat
    -rwxr-xr-x 1 travis travis 114K Feb 17 08:21 ss-redir
    -rwxr-xr-x 1 travis travis 133K Feb 17 08:21 ss-server
    -rwxr-xr-x 1 travis travis 112K Feb 17 08:21 ss-tunnel
    

文件下载:

http://oglopss.github.io/ctng-ss-jekyll/

需要注意的是对于>=2.6.3的版本,会有如上ldd结果显示的依赖,所以还需要将两个.so文件放入/jffs/lib或者用tomatoedit加入固件中

ps:
目前ss-server >=2.6.3的版本在tomato shibby v138上 会有如下错误,无法正常使用

root@unknown:/jffs/ss# gdb -ex run --args /jffs/ss/ss-servre -c /jffs/ss/ss-server-config.json -u -v
2017-03-11 08:10:02 INFO: UDP relay enabled
2017-03-11 08:10:02 INFO: initializing ciphers... aes-256-cfb
2017-03-11 08:10:02 INFO: tcp server listening at 0.0.0.0:18388
2017-03-11 08:10:02 INFO: udp server listening at 0.0.0.0:18388
2017-03-11 08:10:02 INFO: running from root user
2017-03-11 08:10:08 INFO: accept a connection
Bus error
Program received signal SIGSEGV, Segmentation fault.
0x0041b88c in cork_error_set_printf ()
(gdb) bt
#0  0x0041b88c in cork_error_set_printf ()
#1  0x0041c7d0 in cork_ip_init ()
#2  0x004112e8 in server_recv_cb () at server.c:795
#3  0x2aac2a70 in ev_invoke_pending () from /jffs/lib/libev.so.4
#4  0x2aac6818 in ev_run () from /jffs/lib/libev.so.4
#5  0x00413044 in main () at server.c:1890

For higher version of crosstool-ng, the following patch maybe needed for libev

sed -i "/#define HAVE_EVENTFD 1/s/^/\/\/ /" ./config.h
# sed -i "s/epoll_create1/epoll_create/g" ./ev_epoll.c

and for libcork, force disable tls

sed -i -e 's/\(#define CORK_CONFIG_HAVE_THREAD_STORAGE_CLASS  \)1/\10/' ./libcork/include/libcork/config/gcc.h

perp

root@unknown:/jffs/ss# perpls
[+ +++ +++]  ss         uptime: 18s/18s  pids: 11703/11701
[+ +++ +++]  ss-server  uptime: 14s/14s  pids: 11707/11706

参考:

compile udns-0.0.9 on an MIPSEL-architecture

How to run travis-ci locally

GNU Linker 和 RPATH

How To Automatically Skip Wget SSL Certificate Check

Easy way pull latest of all submodules

rpath=$ORIGIN not having desired effect?

Building Portable Binaries – Attempting to self-contain application dependencies

Recompile with -fPIC option, but the option is already in the makefile

(静态)交叉编译shadowsocks-libev

Advertisements

25 responses to “shadowsocks libev 3.0 cross compiling for tomato shibby

  1. kc88 二月 14, 2017 @ 7:54 下午

    谢谢编译. 用tomatoedit塞进所需要的lib.
    tomato-K26-1.28.RT-N5x-MIPSR2-138-Max-cht-0807_SS.trx
    https://www.sendspace.com/file/j5p00i
    8m容量的q3能跑ss 3.0.2

  2. kc88 二月 16, 2017 @ 1:51 上午

    非是自己编译的.只是用别人编译好NVRAM 32K的shibby正体中文版加入两个lib文件、连结。
    3.0.2选rc4-md5会跳下面的问题
    ss-server: can’t resolve symbol ‘MD5’ in lib ‘ss-server’.
    因之前都使用chacha20所以没发现这个问题,不过新版的3.0.2能跑是能跑,
    但不太稳定,直接在ssh前台下命令看,跑一阵后就会跳Bus error直接退出。
    3.0.1的rc4-md5是正常能跑的,不过一样会跳Bus error退出。
    3.0.0、2.6.3也是跑一跑就跳出,无法维持在后台。
    2.6.2目前看来是正常的,但也是有md5问题。
    另2.6.3之后的json好像有变动,用之前的跑命令会跳Bus error。
    “server”:[“[::0]”,”0.0.0.0″],
    去掉”[::0]”,只留ipv4才能跑ss-server -c .json

    • 一半君 二月 16, 2017 @ 4:42 上午

      我觉得可以试试
      a.自己加个路径到ld.so.conf.d下,然后存到nvram里,这样可以避免用tomatoedit 省得刷机
      b.干脆设置/jffs/lib到rpath里,这样不会影响其他软件,但有一点是低端路由器jffs剩余空间太少,放进ss就基本放不了别的什么了,意义不大,高端路由器空间是有,不过一般都有usb口,那一般人也不会去开jffs了,不然刷的时候还要先关,刷完还要恢复文件 好麻烦

      ps:试过在rpath里设$ORIGIN了,似乎在shibby v138上没有效果

      • kc88 二月 16, 2017 @ 5:47 下午

        8M固件开jffs有近1m可用,只放ss-server和vlmcsd两个服務还可以。
        之前ss都会开启ota,3.0.2新版已去掉ota功能,才发现机子重启后,
        有时第一次连线会卡住上不了。退回2.6.2时也是同样问题,此时
        客户端若开ota就能立即连上,再之后即使没用ota也能顺利连结,
        另台k2刷padavan的ss服务器已没ota,是都很顺利的连上。
        不知是ss tomato版本的问题?还是q3机子BCM5357性能不佳?
        也怀疑是isp随机阻断,因为这问题不是每次都发生。
        ss新版混淆功能你之后会编译在tomato上跑吗?感谢!!

      • 一半君 二月 17, 2017 @ 1:35 下午

        我目前还没机会测试,我之前的用法是客户端,服务端都在路由器上,服务端在国内,客户端在国外,主要用途是反向翻墙回国内看b站和用虾米,但是现在国内端挂了,无法远程修复

      • kc88 二月 27, 2017 @ 1:30 上午

        看hiboy padavan的ss-server
        ldd ss-server
        libev.so.4 => /lib/libev.so.4 (0x775de000)
        libm.so.0 => /lib/libm.so.0 (0x775c2000)
        libsodium.so.18 => /lib/libsodium.so.18 (0x77542000)
        libmbedcrypto.so.0 => /lib/libmbedcrypto.so.0 (0x774e2000)
        libpthread.so.0 => /lib/libpthread.so.0 (0x774bc000)
        libc.so.0 => /lib/libc.so.0 (0x77440000)
        ld-uClibc.so.0 => /lib/ld-uClibc.so.0 (0x775f9000)
        libdl.so.0 => /lib/libdl.so.0 (0x7742c000)
        ^^
        8个文件和你的9个文件有差别,libdl.so.0 // libpcre.so.1、libgcc_s.so.1
        而且编译的文件都比较大 3.0.2 ss-server 216kb
        不知是否有关?

        p.s. ss-server -c /jffs/ss.json -d start -u 这命令跑一阵也是会消失

      • 一半君 二月 28, 2017 @ 12:45 上午

        你可以试试我半自动编译网站上的vsnapshot,作者说他在commit 5b122d4里修复了posix_memalign问题

    • 一半君 二月 20, 2017 @ 9:39 上午

      我试了下,也是有这个问题,不过最新的shadowsocks-libev-vsnapshot-f7f90.tar.gz 这个似乎没问题,没有bus error, md5也能用. 之前不能用的原因大概是因为在>2.6.3版本里用了openssl的lib, <2.6.3不能用的原因是没把这个so文件放到/jffs/lib里,不放也可以用是因为路由器自带有libcrypto.so.1.0.0,只是缺这个symbol而已

      不知道为何2.6.3和latest snapshot依然需要openssl, 所以可能依然有md5找不到的问题,但是如果你试下travis ci页面上3.0.2的下载链接,应该没这个问题(因为没用openssl,用的是mbedtls)

      • kc88 二月 26, 2017 @ 6:40 上午

        shadowsocks-libev-vsnapshot-f7f90.tar.gz
        看了版本是旧的shadowsocks-libev 2.5.2
        /lib/libcrypto.so.1 11kb
        /usr/lib/libcrypto.so.1.0.0 1365kb
        和这个解压出来的libcrypto.so.1.0.0 2.26mb有差别吗?
        目前拿最新的3.0.3 直接运作会跳出
        ss-server: can’t resolve symbol ‘posix_memalign’ in lib ‘ss-server’
        Q3 tomato上头现在跑2.6.2服务端没问题,不知2.6.3之后改了什么造成不稳定?

      • 一半君 二月 26, 2017 @ 7:20 上午

        vsnapshot那个可能我放错了,我去检查一下,他本意是编译原repo里最新的commit。凡是下载安装包里有.so文件的,都是交叉编译中在编译的依赖的包里的.so,因为他们可能和路由器里/lib /usr/lib下的版本不同,所以才在rpath里把/jffs/lib放在了最前面,这个用意是将他们放在/jffs/lib下,就会使用他们而不是路由器自带的so(如果使用自带的so出现错误的话),我试过3.0.2,没看到任何错误,rc4-md5 cipher也可以正常使用,我猜2.6.3以后你都要把那些so放到/jffs/lib,才不会出问题,我觉得q3 jffs空间应该不够了,除非使用4mb的firmware, (max版本一般都6.x MB,我用的是tomato shibby v138)

      • kc88 二月 26, 2017 @ 10:42 上午

        新的3.0.2跑rc4-md5是没跳出错消息了,
        而从2.6.3之后文件大小缩到7x kb的ss-server,
        会遇到运行一段时间会从后台消失。
        ss-server -c /jffs/ss.json -f /var/run/ss.pid -u
        这个命令在2.6.2之前没问题的,另外找到
        ss-server -c /jffs/ss.json -d start -u
        这个好像可以自动保护后台执行?
        3.0.3 则是下命令时没问题,只要客户端一连就跳
        ss-server: can’t resolve symbol ‘posix_memalign’ in lib ‘ss-server’.
        不是路径的问题吧?用ldd看是都有连到,
        最后刷了小固件,把三个lib文件塞到/jffs/lib也一样。

      • 一半君 二月 26, 2017 @ 12:17 下午

        我测试了下,也遇到和你一样的错误,你自己用电脑编译试试吧,也许我步骤有不对的地方

  3. kc88 二月 16, 2017 @ 8:14 下午

    刚又加装libmbedcrypto.so.0试了新的3.0.2,下载的速度跑一跑就会变慢,再切回2.6.2是正常的。

  4. kc88 二月 17, 2017 @ 2:57 上午

    https://www.sendspace.com/file/j61su2
    以tomatoedit将max版的tor去除,加入aio版的libpcre.so.1.2.3及lz提供的libev.so.4、libmbedcrypto.so.0,Q3刷完开jffs是1664kb。可以跑ss-server 2.6.3之后版本,只是
    ss新版测过不是很稳定。建议还是先用旧的稳定版本。

  5. kc88 二月 17, 2017 @ 5:47 下午

    现在gfw挡掉pptp,而openvpn要绕道ss/ssr服务器才能连上。
    tomato上的openvpn用Static key方式比较方便点。
    把下面二行加入.open文件内最后,pc上开启ss/ssr软件(已设好随便一个能连上的ss/ssr),
    应该就能用pc的OpenVPN GUI连回tomato了。

    socks-proxy 127.0.0.1 1089  //port数字与pc上ss/ssr软件开启的local port对应
    route Tomato路由IP 255.255.255.255 net_gateway  //Tomato路由可以是ip或ddns位置

  6. kc88 二月 17, 2017 @ 6:01 下午

    若之前tomato沒開openvpn,现在ss还能跑,pc上开启ss/ssr软件。
    firefox进阶选项中手动将proxy设成127.0.0.1 port是ss/ssr软件开启的local port
    SOCKS v5。 然后就能登入tomato的私网ip,去设定openvpn。
    当然最快速的方式是登入后直接开启外网访问处理,短期间应该没什么安全性的问题吧?

  7. kc88 二月 28, 2017 @ 4:07 下午

    这次是客户端一连跳 Floating Point Exception
    查了一下说法是由于使用高版本的gcc glibc 编译后在低版本的glibc上运行导致

  8. kc88 二月 28, 2017 @ 4:33 下午

    压缩内3个lib文件替换至tomato 138 内,3.0.3没跳Floating Point Exception了。
    但还是有跑一跑就Bus error停止的问题。

  9. kc88 三月 12, 2017 @ 10:53 下午

    -a6154 3.0.3版本的ss-server目前使用正常了。
    只是最高速度会少0.1mb/s

  10. kc88 三月 27, 2017 @ 3:10 上午

    试了一下,看来确实是正常很多。感谢重编译。

发表评论

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / 更改 )

Twitter picture

You are commenting using your Twitter account. Log Out / 更改 )

Facebook photo

You are commenting using your Facebook account. Log Out / 更改 )

Google+ photo

You are commenting using your Google+ account. Log Out / 更改 )

Connecting to %s

%d 博主赞过: