Skip to content

Commit e6fe895

Browse files
wwqgtxxwwqgtxx
committed
chore: sync code
XTLS/Xray-core@3e19bf9
1 parent adf553a commit e6fe895

File tree

2 files changed

+26
-26
lines changed

2 files changed

+26
-26
lines changed

transport/vless/encryption/client.go

Lines changed: 9 additions & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -41,14 +41,14 @@ type ClientInstance struct {
4141
minutes time.Duration
4242
expire time.Time
4343
baseKey []byte
44-
reuse []byte
44+
ticket []byte
4545
}
4646

4747
type ClientConn struct {
4848
net.Conn
4949
instance *ClientInstance
5050
baseKey []byte
51-
reuse []byte
51+
ticket []byte
5252
random []byte
5353
aead cipher.AEAD
5454
nonce []byte
@@ -74,7 +74,7 @@ func (i *ClientInstance) Handshake(conn net.Conn) (net.Conn, error) {
7474
if time.Now().Before(i.expire) {
7575
c.instance = i
7676
c.baseKey = i.baseKey
77-
c.reuse = i.reuse
77+
c.ticket = i.ticket
7878
i.RUnlock()
7979
return c, nil
8080
}
@@ -104,7 +104,7 @@ func (i *ClientInstance) Handshake(conn net.Conn) (net.Conn, error) {
104104
return nil, err
105105
}
106106
encapsulatedPfsKey := peerServerHello[:1088]
107-
c.reuse = peerServerHello[1088:]
107+
c.ticket = peerServerHello[1088:]
108108

109109
pfsKey, err := dKeyPfs.Decapsulate(encapsulatedPfsKey)
110110
if err != nil {
@@ -115,7 +115,7 @@ func (i *ClientInstance) Handshake(conn net.Conn) (net.Conn, error) {
115115
authKey := make([]byte, 32)
116116
hkdf.New(sha256.New, c.baseKey, encapsulatedNfsKey, eKeyPfs).Read(authKey)
117117
nonce := make([]byte, 12)
118-
VLESS, _ := newAead(ClientCipher, authKey).Open(nil, nonce, c.reuse, encapsulatedPfsKey)
118+
VLESS, _ := newAead(ClientCipher, authKey).Open(nil, nonce, c.ticket, encapsulatedPfsKey)
119119
if !bytes.Equal(VLESS, []byte("VLESS")) { // TODO: more message
120120
return nil, errors.New("invalid server")
121121
}
@@ -124,7 +124,7 @@ func (i *ClientInstance) Handshake(conn net.Conn) (net.Conn, error) {
124124
i.Lock()
125125
i.expire = time.Now().Add(i.minutes)
126126
i.baseKey = c.baseKey
127-
i.reuse = c.reuse
127+
i.ticket = c.ticket
128128
i.Unlock()
129129
}
130130

@@ -140,12 +140,12 @@ func (c *ClientConn) Write(b []byte) (int, error) {
140140
c.random = make([]byte, 32)
141141
rand.Read(c.random)
142142
key := make([]byte, 32)
143-
hkdf.New(sha256.New, c.baseKey, c.random, c.reuse).Read(key)
143+
hkdf.New(sha256.New, c.baseKey, c.random, c.ticket).Read(key)
144144
c.aead = newAead(ClientCipher, key)
145145
c.nonce = make([]byte, 12)
146146

147147
data = make([]byte, 21+32+5+len(b)+16)
148-
copy(data, c.reuse)
148+
copy(data, c.ticket)
149149
copy(data[21:], c.random)
150150
encodeHeader(data[53:], len(b)+16)
151151
c.aead.Seal(data[:58], c.nonce, b, data[53:58])
@@ -210,7 +210,7 @@ func (c *ClientConn) Read(b []byte) (int, error) { // after first Write()
210210
if err != nil {
211211
if c.instance != nil {
212212
c.instance.Lock()
213-
if bytes.Equal(c.reuse, c.instance.reuse) {
213+
if bytes.Equal(c.ticket, c.instance.ticket) {
214214
c.instance.expire = time.Now() // expired
215215
}
216216
c.instance.Unlock()

transport/vless/encryption/server.go

Lines changed: 17 additions & 17 deletions
Original file line numberDiff line numberDiff line change
@@ -34,7 +34,7 @@ type ServerConn struct {
3434
net.Conn
3535
cipher byte
3636
baseKey []byte
37-
reuse []byte
37+
ticket []byte
3838
peerRandom []byte
3939
peerAead cipher.AEAD
4040
peerNonce []byte
@@ -81,20 +81,20 @@ func (i *ServerInstance) Handshake(conn net.Conn) (net.Conn, error) {
8181
}
8282
c := &ServerConn{Conn: conn}
8383

84-
peerReuseHello := make([]byte, 21+32)
85-
if _, err := io.ReadFull(c.Conn, peerReuseHello); err != nil {
84+
peerTicketHello := make([]byte, 21+32)
85+
if _, err := io.ReadFull(c.Conn, peerTicketHello); err != nil {
8686
return nil, err
8787
}
8888
if i.minutes > 0 {
8989
i.RLock()
90-
s := i.sessions[[21]byte(peerReuseHello)]
90+
s := i.sessions[[21]byte(peerTicketHello)]
9191
i.RUnlock()
9292
if s != nil {
93-
if _, replay := s.randoms.LoadOrStore([32]byte(peerReuseHello[21:]), true); !replay {
93+
if _, replay := s.randoms.LoadOrStore([32]byte(peerTicketHello[21:]), true); !replay {
9494
c.cipher = s.cipher
9595
c.baseKey = s.baseKey
96-
c.reuse = peerReuseHello[:21]
97-
c.peerRandom = peerReuseHello[21:]
96+
c.ticket = peerTicketHello[:21]
97+
c.peerRandom = peerTicketHello[21:]
9898
return c, nil
9999
}
100100
}
@@ -106,11 +106,11 @@ func (i *ServerInstance) Handshake(conn net.Conn) (net.Conn, error) {
106106
}
107107
if l, _ := decodeHeader(peerHeader); l != 0 {
108108
c.Conn.Write(make([]byte, randBetween(100, 1000))) // make client do new handshake
109-
return nil, errors.New("invalid reuse")
109+
return nil, errors.New("invalid ticket")
110110
}
111111

112112
peerClientHello := make([]byte, 1088+1184+1)
113-
copy(peerClientHello, peerReuseHello)
113+
copy(peerClientHello, peerTicketHello)
114114
copy(peerClientHello[53:], peerHeader)
115115
if _, err := io.ReadFull(c.Conn, peerClientHello[58:]); err != nil {
116116
return nil, err
@@ -136,13 +136,13 @@ func (i *ServerInstance) Handshake(conn net.Conn) (net.Conn, error) {
136136
authKey := make([]byte, 32)
137137
hkdf.New(sha256.New, c.baseKey, encapsulatedNfsKey, eKeyPfsData).Read(authKey)
138138
nonce := make([]byte, 12)
139-
c.reuse = newAead(c.cipher, authKey).Seal(nil, nonce, []byte("VLESS"), encapsulatedPfsKey)
139+
c.ticket = newAead(c.cipher, authKey).Seal(nil, nonce, []byte("VLESS"), encapsulatedPfsKey)
140140

141141
padding := randBetween(100, 1000)
142142

143143
serverHello := make([]byte, 1088+21+5+padding)
144144
copy(serverHello, encapsulatedPfsKey)
145-
copy(serverHello[1088:], c.reuse)
145+
copy(serverHello[1088:], c.ticket)
146146
encodeHeader(serverHello[1109:], int(padding))
147147

148148
if _, err := c.Conn.Write(serverHello); err != nil {
@@ -151,7 +151,7 @@ func (i *ServerInstance) Handshake(conn net.Conn) (net.Conn, error) {
151151

152152
if i.minutes > 0 {
153153
i.Lock()
154-
i.sessions[[21]byte(c.reuse)] = &ServerSession{
154+
i.sessions[[21]byte(c.ticket)] = &ServerSession{
155155
expire: time.Now().Add(i.minutes),
156156
cipher: c.cipher,
157157
baseKey: c.baseKey,
@@ -181,12 +181,12 @@ func (c *ServerConn) Read(b []byte) (int, error) {
181181
return 0, err
182182
}
183183
}
184-
peerIndex := make([]byte, 21)
185-
copy(peerIndex, peerHeader)
186-
if _, err := io.ReadFull(c.Conn, peerIndex[5:]); err != nil {
184+
peerTicket := make([]byte, 21)
185+
copy(peerTicket, peerHeader)
186+
if _, err := io.ReadFull(c.Conn, peerTicket[5:]); err != nil {
187187
return 0, err
188188
}
189-
if !bytes.Equal(peerIndex, c.reuse) {
189+
if !bytes.Equal(peerTicket, c.ticket) {
190190
return 0, errors.New("naughty boy")
191191
}
192192
c.peerRandom = make([]byte, 32)
@@ -195,7 +195,7 @@ func (c *ServerConn) Read(b []byte) (int, error) {
195195
}
196196
}
197197
peerKey := make([]byte, 32)
198-
hkdf.New(sha256.New, c.baseKey, c.peerRandom, c.reuse).Read(peerKey)
198+
hkdf.New(sha256.New, c.baseKey, c.peerRandom, c.ticket).Read(peerKey)
199199
c.peerAead = newAead(c.cipher, peerKey)
200200
c.peerNonce = make([]byte, 12)
201201
}

0 commit comments

Comments
 (0)