@@ -34,7 +34,7 @@ type ServerConn struct {
34
34
net.Conn
35
35
cipher byte
36
36
baseKey []byte
37
- reuse []byte
37
+ ticket []byte
38
38
peerRandom []byte
39
39
peerAead cipher.AEAD
40
40
peerNonce []byte
@@ -81,20 +81,20 @@ func (i *ServerInstance) Handshake(conn net.Conn) (net.Conn, error) {
81
81
}
82
82
c := & ServerConn {Conn : conn }
83
83
84
- peerReuseHello := make ([]byte , 21 + 32 )
85
- if _ , err := io .ReadFull (c .Conn , peerReuseHello ); err != nil {
84
+ peerTicketHello := make ([]byte , 21 + 32 )
85
+ if _ , err := io .ReadFull (c .Conn , peerTicketHello ); err != nil {
86
86
return nil , err
87
87
}
88
88
if i .minutes > 0 {
89
89
i .RLock ()
90
- s := i .sessions [[21 ]byte (peerReuseHello )]
90
+ s := i .sessions [[21 ]byte (peerTicketHello )]
91
91
i .RUnlock ()
92
92
if s != nil {
93
- if _ , replay := s .randoms .LoadOrStore ([32 ]byte (peerReuseHello [21 :]), true ); ! replay {
93
+ if _ , replay := s .randoms .LoadOrStore ([32 ]byte (peerTicketHello [21 :]), true ); ! replay {
94
94
c .cipher = s .cipher
95
95
c .baseKey = s .baseKey
96
- c .reuse = peerReuseHello [:21 ]
97
- c .peerRandom = peerReuseHello [21 :]
96
+ c .ticket = peerTicketHello [:21 ]
97
+ c .peerRandom = peerTicketHello [21 :]
98
98
return c , nil
99
99
}
100
100
}
@@ -106,11 +106,11 @@ func (i *ServerInstance) Handshake(conn net.Conn) (net.Conn, error) {
106
106
}
107
107
if l , _ := decodeHeader (peerHeader ); l != 0 {
108
108
c .Conn .Write (make ([]byte , randBetween (100 , 1000 ))) // make client do new handshake
109
- return nil , errors .New ("invalid reuse " )
109
+ return nil , errors .New ("invalid ticket " )
110
110
}
111
111
112
112
peerClientHello := make ([]byte , 1088 + 1184 + 1 )
113
- copy (peerClientHello , peerReuseHello )
113
+ copy (peerClientHello , peerTicketHello )
114
114
copy (peerClientHello [53 :], peerHeader )
115
115
if _ , err := io .ReadFull (c .Conn , peerClientHello [58 :]); err != nil {
116
116
return nil , err
@@ -136,13 +136,13 @@ func (i *ServerInstance) Handshake(conn net.Conn) (net.Conn, error) {
136
136
authKey := make ([]byte , 32 )
137
137
hkdf .New (sha256 .New , c .baseKey , encapsulatedNfsKey , eKeyPfsData ).Read (authKey )
138
138
nonce := make ([]byte , 12 )
139
- c .reuse = newAead (c .cipher , authKey ).Seal (nil , nonce , []byte ("VLESS" ), encapsulatedPfsKey )
139
+ c .ticket = newAead (c .cipher , authKey ).Seal (nil , nonce , []byte ("VLESS" ), encapsulatedPfsKey )
140
140
141
141
padding := randBetween (100 , 1000 )
142
142
143
143
serverHello := make ([]byte , 1088 + 21 + 5 + padding )
144
144
copy (serverHello , encapsulatedPfsKey )
145
- copy (serverHello [1088 :], c .reuse )
145
+ copy (serverHello [1088 :], c .ticket )
146
146
encodeHeader (serverHello [1109 :], int (padding ))
147
147
148
148
if _ , err := c .Conn .Write (serverHello ); err != nil {
@@ -151,7 +151,7 @@ func (i *ServerInstance) Handshake(conn net.Conn) (net.Conn, error) {
151
151
152
152
if i .minutes > 0 {
153
153
i .Lock ()
154
- i .sessions [[21 ]byte (c .reuse )] = & ServerSession {
154
+ i .sessions [[21 ]byte (c .ticket )] = & ServerSession {
155
155
expire : time .Now ().Add (i .minutes ),
156
156
cipher : c .cipher ,
157
157
baseKey : c .baseKey ,
@@ -181,12 +181,12 @@ func (c *ServerConn) Read(b []byte) (int, error) {
181
181
return 0 , err
182
182
}
183
183
}
184
- peerIndex := make ([]byte , 21 )
185
- copy (peerIndex , peerHeader )
186
- if _ , err := io .ReadFull (c .Conn , peerIndex [5 :]); err != nil {
184
+ peerTicket := make ([]byte , 21 )
185
+ copy (peerTicket , peerHeader )
186
+ if _ , err := io .ReadFull (c .Conn , peerTicket [5 :]); err != nil {
187
187
return 0 , err
188
188
}
189
- if ! bytes .Equal (peerIndex , c .reuse ) {
189
+ if ! bytes .Equal (peerTicket , c .ticket ) {
190
190
return 0 , errors .New ("naughty boy" )
191
191
}
192
192
c .peerRandom = make ([]byte , 32 )
@@ -195,7 +195,7 @@ func (c *ServerConn) Read(b []byte) (int, error) {
195
195
}
196
196
}
197
197
peerKey := make ([]byte , 32 )
198
- hkdf .New (sha256 .New , c .baseKey , c .peerRandom , c .reuse ).Read (peerKey )
198
+ hkdf .New (sha256 .New , c .baseKey , c .peerRandom , c .ticket ).Read (peerKey )
199
199
c .peerAead = newAead (c .cipher , peerKey )
200
200
c .peerNonce = make ([]byte , 12 )
201
201
}
0 commit comments