From e6fe89519062961ac650d92c746942fa46c9c974 Mon Sep 17 00:00:00 2001
From: wwqgtxx <wwqgtxx@gmail.com>
Date: Mon, 11 Aug 2025 09:31:13 +0800
Subject: [PATCH] chore: sync code

https://github.com/XTLS/Xray-core/commit/3e19bf9233bdd9bafc073a71c65b737cc1ffba5e
---
 transport/vless/encryption/client.go | 18 +++++++--------
 transport/vless/encryption/server.go | 34 ++++++++++++++--------------
 2 files changed, 26 insertions(+), 26 deletions(-)

diff --git a/transport/vless/encryption/client.go b/transport/vless/encryption/client.go
index b0b44857..39d56731 100644
--- a/transport/vless/encryption/client.go
+++ b/transport/vless/encryption/client.go
@@ -41,14 +41,14 @@ type ClientInstance struct {
 	minutes time.Duration
 	expire  time.Time
 	baseKey []byte
-	reuse   []byte
+	ticket  []byte
 }
 
 type ClientConn struct {
 	net.Conn
 	instance  *ClientInstance
 	baseKey   []byte
-	reuse     []byte
+	ticket    []byte
 	random    []byte
 	aead      cipher.AEAD
 	nonce     []byte
@@ -74,7 +74,7 @@ func (i *ClientInstance) Handshake(conn net.Conn) (net.Conn, error) {
 		if time.Now().Before(i.expire) {
 			c.instance = i
 			c.baseKey = i.baseKey
-			c.reuse = i.reuse
+			c.ticket = i.ticket
 			i.RUnlock()
 			return c, nil
 		}
@@ -104,7 +104,7 @@ func (i *ClientInstance) Handshake(conn net.Conn) (net.Conn, error) {
 		return nil, err
 	}
 	encapsulatedPfsKey := peerServerHello[:1088]
-	c.reuse = peerServerHello[1088:]
+	c.ticket = peerServerHello[1088:]
 
 	pfsKey, err := dKeyPfs.Decapsulate(encapsulatedPfsKey)
 	if err != nil {
@@ -115,7 +115,7 @@ func (i *ClientInstance) Handshake(conn net.Conn) (net.Conn, error) {
 	authKey := make([]byte, 32)
 	hkdf.New(sha256.New, c.baseKey, encapsulatedNfsKey, eKeyPfs).Read(authKey)
 	nonce := make([]byte, 12)
-	VLESS, _ := newAead(ClientCipher, authKey).Open(nil, nonce, c.reuse, encapsulatedPfsKey)
+	VLESS, _ := newAead(ClientCipher, authKey).Open(nil, nonce, c.ticket, encapsulatedPfsKey)
 	if !bytes.Equal(VLESS, []byte("VLESS")) { // TODO: more message
 		return nil, errors.New("invalid server")
 	}
@@ -124,7 +124,7 @@ func (i *ClientInstance) Handshake(conn net.Conn) (net.Conn, error) {
 		i.Lock()
 		i.expire = time.Now().Add(i.minutes)
 		i.baseKey = c.baseKey
-		i.reuse = c.reuse
+		i.ticket = c.ticket
 		i.Unlock()
 	}
 
@@ -140,12 +140,12 @@ func (c *ClientConn) Write(b []byte) (int, error) {
 		c.random = make([]byte, 32)
 		rand.Read(c.random)
 		key := make([]byte, 32)
-		hkdf.New(sha256.New, c.baseKey, c.random, c.reuse).Read(key)
+		hkdf.New(sha256.New, c.baseKey, c.random, c.ticket).Read(key)
 		c.aead = newAead(ClientCipher, key)
 		c.nonce = make([]byte, 12)
 
 		data = make([]byte, 21+32+5+len(b)+16)
-		copy(data, c.reuse)
+		copy(data, c.ticket)
 		copy(data[21:], c.random)
 		encodeHeader(data[53:], len(b)+16)
 		c.aead.Seal(data[:58], c.nonce, b, data[53:58])
@@ -210,7 +210,7 @@ func (c *ClientConn) Read(b []byte) (int, error) { // after first Write()
 	if err != nil {
 		if c.instance != nil {
 			c.instance.Lock()
-			if bytes.Equal(c.reuse, c.instance.reuse) {
+			if bytes.Equal(c.ticket, c.instance.ticket) {
 				c.instance.expire = time.Now() // expired
 			}
 			c.instance.Unlock()
diff --git a/transport/vless/encryption/server.go b/transport/vless/encryption/server.go
index 667b813f..04643ec6 100644
--- a/transport/vless/encryption/server.go
+++ b/transport/vless/encryption/server.go
@@ -34,7 +34,7 @@ type ServerConn struct {
 	net.Conn
 	cipher     byte
 	baseKey    []byte
-	reuse      []byte
+	ticket     []byte
 	peerRandom []byte
 	peerAead   cipher.AEAD
 	peerNonce  []byte
@@ -81,20 +81,20 @@ func (i *ServerInstance) Handshake(conn net.Conn) (net.Conn, error) {
 	}
 	c := &ServerConn{Conn: conn}
 
-	peerReuseHello := make([]byte, 21+32)
-	if _, err := io.ReadFull(c.Conn, peerReuseHello); err != nil {
+	peerTicketHello := make([]byte, 21+32)
+	if _, err := io.ReadFull(c.Conn, peerTicketHello); err != nil {
 		return nil, err
 	}
 	if i.minutes > 0 {
 		i.RLock()
-		s := i.sessions[[21]byte(peerReuseHello)]
+		s := i.sessions[[21]byte(peerTicketHello)]
 		i.RUnlock()
 		if s != nil {
-			if _, replay := s.randoms.LoadOrStore([32]byte(peerReuseHello[21:]), true); !replay {
+			if _, replay := s.randoms.LoadOrStore([32]byte(peerTicketHello[21:]), true); !replay {
 				c.cipher = s.cipher
 				c.baseKey = s.baseKey
-				c.reuse = peerReuseHello[:21]
-				c.peerRandom = peerReuseHello[21:]
+				c.ticket = peerTicketHello[:21]
+				c.peerRandom = peerTicketHello[21:]
 				return c, nil
 			}
 		}
@@ -106,11 +106,11 @@ func (i *ServerInstance) Handshake(conn net.Conn) (net.Conn, error) {
 	}
 	if l, _ := decodeHeader(peerHeader); l != 0 {
 		c.Conn.Write(make([]byte, randBetween(100, 1000))) // make client do new handshake
-		return nil, errors.New("invalid reuse")
+		return nil, errors.New("invalid ticket")
 	}
 
 	peerClientHello := make([]byte, 1088+1184+1)
-	copy(peerClientHello, peerReuseHello)
+	copy(peerClientHello, peerTicketHello)
 	copy(peerClientHello[53:], peerHeader)
 	if _, err := io.ReadFull(c.Conn, peerClientHello[58:]); err != nil {
 		return nil, err
@@ -136,13 +136,13 @@ func (i *ServerInstance) Handshake(conn net.Conn) (net.Conn, error) {
 	authKey := make([]byte, 32)
 	hkdf.New(sha256.New, c.baseKey, encapsulatedNfsKey, eKeyPfsData).Read(authKey)
 	nonce := make([]byte, 12)
-	c.reuse = newAead(c.cipher, authKey).Seal(nil, nonce, []byte("VLESS"), encapsulatedPfsKey)
+	c.ticket = newAead(c.cipher, authKey).Seal(nil, nonce, []byte("VLESS"), encapsulatedPfsKey)
 
 	padding := randBetween(100, 1000)
 
 	serverHello := make([]byte, 1088+21+5+padding)
 	copy(serverHello, encapsulatedPfsKey)
-	copy(serverHello[1088:], c.reuse)
+	copy(serverHello[1088:], c.ticket)
 	encodeHeader(serverHello[1109:], int(padding))
 
 	if _, err := c.Conn.Write(serverHello); err != nil {
@@ -151,7 +151,7 @@ func (i *ServerInstance) Handshake(conn net.Conn) (net.Conn, error) {
 
 	if i.minutes > 0 {
 		i.Lock()
-		i.sessions[[21]byte(c.reuse)] = &ServerSession{
+		i.sessions[[21]byte(c.ticket)] = &ServerSession{
 			expire:  time.Now().Add(i.minutes),
 			cipher:  c.cipher,
 			baseKey: c.baseKey,
@@ -181,12 +181,12 @@ func (c *ServerConn) Read(b []byte) (int, error) {
 					return 0, err
 				}
 			}
-			peerIndex := make([]byte, 21)
-			copy(peerIndex, peerHeader)
-			if _, err := io.ReadFull(c.Conn, peerIndex[5:]); err != nil {
+			peerTicket := make([]byte, 21)
+			copy(peerTicket, peerHeader)
+			if _, err := io.ReadFull(c.Conn, peerTicket[5:]); err != nil {
 				return 0, err
 			}
-			if !bytes.Equal(peerIndex, c.reuse) {
+			if !bytes.Equal(peerTicket, c.ticket) {
 				return 0, errors.New("naughty boy")
 			}
 			c.peerRandom = make([]byte, 32)
@@ -195,7 +195,7 @@ func (c *ServerConn) Read(b []byte) (int, error) {
 			}
 		}
 		peerKey := make([]byte, 32)
-		hkdf.New(sha256.New, c.baseKey, c.peerRandom, c.reuse).Read(peerKey)
+		hkdf.New(sha256.New, c.baseKey, c.peerRandom, c.ticket).Read(peerKey)
 		c.peerAead = newAead(c.cipher, peerKey)
 		c.peerNonce = make([]byte, 12)
 	}