mirror of
https://github.com/SagerNet/sing.git
synced 2025-04-05 21:07:41 +03:00
Fix shadowsocks
This commit is contained in:
世界
parent
f720169354
commit
8748049875
4 changed files with 34 additions and 19 deletions
|
|
@ -225,7 +225,14 @@ func (s *Service) newPacket(conn N.PacketConn, buffer *buf.Buffer, metadata M.Me
|
||||||
}
|
}
|
||||||
buffer.Advance(s.keySaltLength)
|
buffer.Advance(s.keySaltLength)
|
||||||
buffer.Truncate(len(packet))
|
buffer.Truncate(len(packet))
|
||||||
|
|
||||||
|
destination, err := socks5.AddressSerializer.ReadAddrPort(buffer)
|
||||||
|
if err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
|
||||||
metadata.Protocol = "shadowsocks"
|
metadata.Protocol = "shadowsocks"
|
||||||
|
metadata.Destination = destination
|
||||||
s.udpNat.NewPacket(metadata.Source.AddrPort(), func() N.PacketWriter {
|
s.udpNat.NewPacket(metadata.Source.AddrPort(), func() N.PacketWriter {
|
||||||
return &serverPacketWriter{s, conn, metadata.Source}
|
return &serverPacketWriter{s, conn, metadata.Source}
|
||||||
}, buffer, metadata)
|
}, buffer, metadata)
|
||||||
|
|
|
||||||
|
|
@ -431,7 +431,7 @@ func (c *clientPacketConn) WritePacket(buffer *buf.Buffer, destination M.Socksad
|
||||||
}
|
}
|
||||||
hdrLen += 1 // header type
|
hdrLen += 1 // header type
|
||||||
hdrLen += 8 // timestamp
|
hdrLen += 8 // timestamp
|
||||||
hdrLen += 1 // padding length
|
hdrLen += 2 // padding length
|
||||||
hdrLen += socks5.AddressSerializer.AddrPortLen(destination)
|
hdrLen += socks5.AddressSerializer.AddrPortLen(destination)
|
||||||
header := buf.With(buffer.ExtendHeader(hdrLen))
|
header := buf.With(buffer.ExtendHeader(hdrLen))
|
||||||
|
|
||||||
|
|
@ -505,6 +505,7 @@ func (c *clientPacketConn) ReadPacket(buffer *buf.Buffer) (M.Socksaddr, error) {
|
||||||
return M.Socksaddr{}, E.Cause(err, "decrypt packet")
|
return M.Socksaddr{}, E.Cause(err, "decrypt packet")
|
||||||
}
|
}
|
||||||
buffer.Advance(PacketNonceSize)
|
buffer.Advance(PacketNonceSize)
|
||||||
|
buffer.Truncate(buffer.Len() - c.method.udpCipher.Overhead())
|
||||||
} else {
|
} else {
|
||||||
packetHeader = buffer.To(aes.BlockSize)
|
packetHeader = buffer.To(aes.BlockSize)
|
||||||
c.method.udpBlockCipher.Decrypt(packetHeader, packetHeader)
|
c.method.udpBlockCipher.Decrypt(packetHeader, packetHeader)
|
||||||
|
|
@ -535,6 +536,7 @@ func (c *clientPacketConn) ReadPacket(buffer *buf.Buffer) (M.Socksaddr, error) {
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return M.Socksaddr{}, E.Cause(err, "decrypt packet")
|
return M.Socksaddr{}, E.Cause(err, "decrypt packet")
|
||||||
}
|
}
|
||||||
|
buffer.Truncate(buffer.Len() - remoteCipher.Overhead())
|
||||||
}
|
}
|
||||||
|
|
||||||
var headerType byte
|
var headerType byte
|
||||||
|
|
|
||||||
|
|
@ -262,6 +262,7 @@ func (s *Service) newPacket(conn N.PacketConn, buffer *buf.Buffer, metadata M.Me
|
||||||
return E.Cause(err, "decrypt packet header")
|
return E.Cause(err, "decrypt packet header")
|
||||||
}
|
}
|
||||||
buffer.Advance(PacketNonceSize)
|
buffer.Advance(PacketNonceSize)
|
||||||
|
buffer.Truncate(buffer.Len() - s.udpCipher.Overhead())
|
||||||
} else {
|
} else {
|
||||||
packetHeader = buffer.To(aes.BlockSize)
|
packetHeader = buffer.To(aes.BlockSize)
|
||||||
s.udpBlockCipher.Decrypt(packetHeader, packetHeader)
|
s.udpBlockCipher.Decrypt(packetHeader, packetHeader)
|
||||||
|
|
@ -306,6 +307,7 @@ process:
|
||||||
err = E.Cause(err, "decrypt packet")
|
err = E.Cause(err, "decrypt packet")
|
||||||
goto returnErr
|
goto returnErr
|
||||||
}
|
}
|
||||||
|
buffer.Truncate(buffer.Len() - session.remoteCipher.Overhead())
|
||||||
}
|
}
|
||||||
|
|
||||||
var headerType byte
|
var headerType byte
|
||||||
|
|
@ -324,7 +326,8 @@ process:
|
||||||
if err != nil {
|
if err != nil {
|
||||||
goto returnErr
|
goto returnErr
|
||||||
}
|
}
|
||||||
if math.Abs(float64(uint64(time.Now().Unix())-epoch)) > 30 {
|
diff := int(math.Abs(float64(time.Now().Unix() - int64(epoch))))
|
||||||
|
if diff > 30 {
|
||||||
err = ErrBadTimestamp
|
err = ErrBadTimestamp
|
||||||
goto returnErr
|
goto returnErr
|
||||||
}
|
}
|
||||||
|
|
@ -357,11 +360,17 @@ type serverPacketWriter struct {
|
||||||
}
|
}
|
||||||
|
|
||||||
func (w *serverPacketWriter) WritePacket(buffer *buf.Buffer, destination M.Socksaddr) error {
|
func (w *serverPacketWriter) WritePacket(buffer *buf.Buffer, destination M.Socksaddr) error {
|
||||||
defer buffer.Release()
|
var hdrLen int
|
||||||
|
if w.udpCipher != nil {
|
||||||
_header := buf.StackNew()
|
hdrLen = PacketNonceSize
|
||||||
defer runtime.KeepAlive(_header)
|
}
|
||||||
header := common.Dup(_header)
|
hdrLen += 16 // packet header
|
||||||
|
hdrLen += 1 // header type
|
||||||
|
hdrLen += 8 // timestamp
|
||||||
|
hdrLen += 8 // remote session id
|
||||||
|
hdrLen += 2 // padding length
|
||||||
|
hdrLen += socks5.AddressSerializer.AddrPortLen(destination)
|
||||||
|
header := buf.With(buffer.ExtendHeader(hdrLen))
|
||||||
|
|
||||||
var dataIndex int
|
var dataIndex int
|
||||||
if w.udpCipher != nil {
|
if w.udpCipher != nil {
|
||||||
|
|
@ -385,21 +394,16 @@ func (w *serverPacketWriter) WritePacket(buffer *buf.Buffer, destination M.Socks
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
|
|
||||||
_, err = header.Write(buffer.Bytes())
|
|
||||||
if err != nil {
|
|
||||||
return err
|
|
||||||
}
|
|
||||||
|
|
||||||
if w.udpCipher != nil {
|
if w.udpCipher != nil {
|
||||||
w.udpCipher.Seal(header.Index(dataIndex), header.To(dataIndex), header.From(dataIndex), nil)
|
w.udpCipher.Seal(buffer.Index(dataIndex), buffer.To(dataIndex), buffer.From(dataIndex), nil)
|
||||||
header.Extend(w.udpCipher.Overhead())
|
buffer.Extend(w.udpCipher.Overhead())
|
||||||
} else {
|
} else {
|
||||||
packetHeader := header.To(aes.BlockSize)
|
packetHeader := buffer.To(aes.BlockSize)
|
||||||
w.session.cipher.Seal(header.Index(dataIndex), packetHeader[4:16], header.From(dataIndex), nil)
|
w.session.cipher.Seal(buffer.Index(dataIndex), packetHeader[4:16], buffer.From(dataIndex), nil)
|
||||||
header.Extend(w.session.cipher.Overhead())
|
buffer.Extend(w.session.cipher.Overhead())
|
||||||
w.udpBlockCipher.Encrypt(packetHeader, packetHeader)
|
w.udpBlockCipher.Encrypt(packetHeader, packetHeader)
|
||||||
}
|
}
|
||||||
return w.PacketConn.WritePacket(header, w.session.remoteAddr)
|
return w.PacketConn.WritePacket(buffer, w.session.remoteAddr)
|
||||||
}
|
}
|
||||||
|
|
||||||
type serverUDPSession struct {
|
type serverUDPSession struct {
|
||||||
|
|
|
||||||
|
|
@ -140,7 +140,8 @@ func (s *MultiService[U]) newConnection(ctx context.Context, conn net.Conn, meta
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return E.Cause(err, "read timestamp")
|
return E.Cause(err, "read timestamp")
|
||||||
}
|
}
|
||||||
if math.Abs(float64(time.Now().Unix()-int64(epoch))) > 30 {
|
diff := int(math.Abs(float64(time.Now().Unix() - int64(epoch))))
|
||||||
|
if diff > 30 {
|
||||||
return ErrBadTimestamp
|
return ErrBadTimestamp
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -246,6 +247,7 @@ process:
|
||||||
err = E.Cause(err, "decrypt packet")
|
err = E.Cause(err, "decrypt packet")
|
||||||
goto returnErr
|
goto returnErr
|
||||||
}
|
}
|
||||||
|
buffer.Truncate(buffer.Len() - session.remoteCipher.Overhead())
|
||||||
}
|
}
|
||||||
|
|
||||||
var headerType byte
|
var headerType byte
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue