diff --git a/transport/vless/encryption/doc.go b/transport/vless/encryption/doc.go
index f26826b6..d6aeb93e 100644
--- a/transport/vless/encryption/doc.go
+++ b/transport/vless/encryption/doc.go
@@ -4,4 +4,5 @@
 // https://github.com/XTLS/Xray-core/commit/7ffb555fc8ec51bd1e3e60f26f1d6957984dba80
 // https://github.com/XTLS/Xray-core/commit/ec1cc35188c1a5f38a2ff75e88b5d043ffdc59da
 // https://github.com/XTLS/Xray-core/commit/5c611420487a92f931faefc01d4bf03869f477f6
+// https://github.com/XTLS/Xray-core/commit/23d7aad461d232bc5bed52dd6aaa731ecd88ad35
 package encryption
diff --git a/transport/vless/encryption/server.go b/transport/vless/encryption/server.go
index 35b88fb2..b42db3fd 100644
--- a/transport/vless/encryption/server.go
+++ b/transport/vless/encryption/server.go
@@ -27,7 +27,7 @@ type ServerInstance struct {
 	xor          uint32
 	minutes      time.Duration
 	sessions     map[[21]byte]*ServerSession
-	stop         bool
+	closed       bool
 }
 
 type ServerConn struct {
@@ -57,7 +57,8 @@ func (i *ServerInstance) Init(nfsDKeySeed []byte, xor uint32, minutes time.Durat
 				time.Sleep(time.Minute)
 				now := time.Now()
 				i.Lock()
-				if i.stop {
+				if i.closed {
+					i.Unlock()
 					return
 				}
 				for ticket, session := range i.sessions {
@@ -74,8 +75,8 @@ func (i *ServerInstance) Init(nfsDKeySeed []byte, xor uint32, minutes time.Durat
 
 func (i *ServerInstance) Close() (err error) {
 	i.Lock()
-	defer i.Unlock()
-	i.stop = true
+	i.closed = true
+	i.Unlock()
 	return
 }
 
@@ -225,7 +226,7 @@ func (c *ServerConn) Read(b []byte) (int, error) {
 	}
 	var peerAead cipher.AEAD
 	if bytes.Equal(c.peerNonce, MaxNonce) {
-		peerAead = NewAead(ClientCipher, c.baseKey, peerData, peerHeader)
+		peerAead = NewAead(c.cipher, c.baseKey, peerData, peerHeader)
 	}
 	_, err = c.peerAead.Open(dst[:0], c.peerNonce, peerData, peerHeader)
 	if peerAead != nil {
@@ -268,7 +269,7 @@ func (c *ServerConn) Write(b []byte) (int, error) {
 			EncodeHeader(data, len(b)+16)
 			c.aead.Seal(data[:5], c.nonce, b, data[:5])
 			if bytes.Equal(c.nonce, MaxNonce) {
-				c.aead = NewAead(ClientCipher, c.baseKey, data[5:], data[:5])
+				c.aead = NewAead(c.cipher, c.baseKey, data[5:], data[:5])
 			}
 		}
 		IncreaseNonce(c.nonce)