From 182f60d424e83455c4e09ab57978c54dcd10d444 Mon Sep 17 00:00:00 2001 From: wwqgtxx Date: Tue, 19 Aug 2025 21:37:02 +0800 Subject: [PATCH] chore: sync vless encryption code --- transport/vless/encryption/client.go | 6 +++--- transport/vless/encryption/doc.go | 1 + transport/vless/encryption/server.go | 6 +++--- transport/vless/encryption/xor.go | 6 ++++-- 4 files changed, 11 insertions(+), 8 deletions(-) diff --git a/transport/vless/encryption/client.go b/transport/vless/encryption/client.go index 9d249038..ecf20692 100644 --- a/transport/vless/encryption/client.go +++ b/transport/vless/encryption/client.go @@ -69,8 +69,8 @@ func (i *ClientInstance) Init(nfsEKeyBytes []byte, xor uint32, minutes time.Dura if err != nil { return } - hash256 := sha3.Sum256(nfsEKeyBytes) - copy(i.hash11[:], hash256[:]) + hash32 := sha3.Sum256(nfsEKeyBytes) + copy(i.hash11[:], hash32[:]) if xor > 0 { xorKey := sha3.Sum256(nfsEKeyBytes) i.xorKey = xorKey[:] @@ -79,7 +79,7 @@ func (i *ClientInstance) Init(nfsEKeyBytes []byte, xor uint32, minutes time.Dura return } -func (i *ClientInstance) Handshake(conn net.Conn) (net.Conn, error) { +func (i *ClientInstance) Handshake(conn net.Conn) (*ClientConn, error) { if i.nfsEKey == nil { return nil, errors.New("uninitialized") } diff --git a/transport/vless/encryption/doc.go b/transport/vless/encryption/doc.go index 9ba7eb11..6f0c8f70 100644 --- a/transport/vless/encryption/doc.go +++ b/transport/vless/encryption/doc.go @@ -13,4 +13,5 @@ // https://github.com/XTLS/Xray-core/commit/bfe4820f2f086daf639b1957eb23dc13c843cad1 // https://github.com/XTLS/Xray-core/commit/d1fb48521271251a8c74bd64fcc2fc8700717a3b // https://github.com/XTLS/Xray-core/commit/49580705f6029648399304b816a2737f991582a8 +// https://github.com/XTLS/Xray-core/commit/84835bec7d0d8555d0dd30953ed26a272de814c4 package encryption diff --git a/transport/vless/encryption/server.go b/transport/vless/encryption/server.go index 9c5c102e..ea72f2f5 100644 --- a/transport/vless/encryption/server.go +++ b/transport/vless/encryption/server.go @@ -54,8 +54,8 @@ func (i *ServerInstance) Init(nfsDKeySeed []byte, xor uint32, minutes time.Durat if err != nil { return } - hash256 := sha3.Sum256(i.nfsDKey.EncapsulationKey().Bytes()) - copy(i.hash11[:], hash256[:]) + hash32 := sha3.Sum256(i.nfsDKey.EncapsulationKey().Bytes()) + copy(i.hash11[:], hash32[:]) if xor > 0 { xorKey := sha3.Sum256(i.nfsDKey.EncapsulationKey().Bytes()) i.xorKey = xorKey[:] @@ -91,7 +91,7 @@ func (i *ServerInstance) Close() (err error) { return } -func (i *ServerInstance) Handshake(conn net.Conn) (net.Conn, error) { +func (i *ServerInstance) Handshake(conn net.Conn) (*ServerConn, error) { if i.nfsDKey == nil { return nil, errors.New("uninitialized") } diff --git a/transport/vless/encryption/xor.go b/transport/vless/encryption/xor.go index 69ff1578..caad12bf 100644 --- a/transport/vless/encryption/xor.go +++ b/transport/vless/encryption/xor.go @@ -49,6 +49,7 @@ func (c *XorConn) Write(b []byte) (int, error) { // whole one/two records l += 10 if t == 0 { c.out_after0 = true + c.out_header = make([]byte, 0, 5) // important } } c.ctr.XORKeyStream(b[:l], b[:l]) // caller MUST discard b @@ -77,7 +78,7 @@ func (c *XorConn) Write(b []byte) (int, error) { // whole one/two records break } _, c.out_skip, _ = DecodeHeader(append(c.out_header, p[:need]...)) - c.out_header = make([]byte, 0, 5) // DO NOT CHANGE + c.out_header = c.out_header[:0] c.ctr.XORKeyStream(p[:need], p[:need]) p = p[need:] } @@ -116,6 +117,7 @@ func (c *XorConn) Read(b []byte) (int, error) { // 5-bytes, data, 5-bytes... c.isHeader = false if t == 0 { c.in_after0 = true + c.in_header = make([]byte, 0, 5) // important } } } else { @@ -139,7 +141,7 @@ func (c *XorConn) Read(b []byte) (int, error) { // 5-bytes, data, 5-bytes... } c.peerCtr.XORKeyStream(p[:need], p[:need]) _, c.in_skip, _ = DecodeHeader(append(c.in_header, p[:need]...)) - c.in_header = make([]byte, 0, 5) // DO NOT CHANGE + c.in_header = c.in_header[:0] p = p[need:] } return n, err