SagerNet/sing-shadowtls
1
0
Fork 0
mirror of https://github.com/SagerNet/sing-shadowtls.git synced 2025-04-03 20:27:35 +03:00
Code Issues Projects Releases Packages Wiki Activity Actions

Fix TLS12 support for v3 client

Browse source
This commit is contained in:
世界 2023-05-31 10:58:05 +08:00
parent 74b210a0e6
commit ebadc7615d
No known key found for this signature in database
GPG key ID: CD109927C34A63C4
2 changed files with 15 additions and 5 deletions
Download patch file Download diff file Expand all files Collapse all files

9
v3_client.go
View file

@ -41,6 +41,7 @@ type streamWrapper struct {
serverRandom []byte
readHMAC hash.Hash
readHMACKey []byte
isTLS13 bool
authorized bool
}
@ -51,8 +52,8 @@ func newStreamWrapper(conn net.Conn, password string) *streamWrapper {
}
}
func (w *streamWrapper) Authorized() (bool, []byte, hash.Hash) {
return w.authorized, w.serverRandom, w.readHMAC
func (w *streamWrapper) Authorized() (bool, bool, []byte, hash.Hash) {
return w.isTLS13, w.authorized, w.serverRandom, w.readHMAC
}
func (w *streamWrapper) Read(p []byte) (n int, err error) {
@ -84,6 +85,10 @@ func (w *streamWrapper) Read(p []byte) (n int, err error) {
w.readHMAC = hmac.New(sha1.New, []byte(w.password))
w.readHMAC.Write(w.serverRandom)
w.readHMACKey = kdf(w.password, w.serverRandom)
w.isTLS13 = isServerHelloSupportTLS13(buffer[5:])
if !w.isTLS13 {
w.authorized = true
}
}
case applicationData:
w.authorized = false