2023-11-18 18:09:26 -05:00
|
|
|
package shadowsocks2022
|
|
|
|
|
|
|
|
import (
|
|
|
|
"bytes"
|
|
|
|
"crypto/cipher"
|
2023-11-18 19:42:20 -05:00
|
|
|
"io"
|
|
|
|
|
2023-11-18 18:09:26 -05:00
|
|
|
"github.com/lunixbochs/struc"
|
2023-11-18 19:42:20 -05:00
|
|
|
|
2023-11-18 18:09:26 -05:00
|
|
|
"github.com/v2fly/v2ray-core/v5/common/buf"
|
|
|
|
"github.com/v2fly/v2ray-core/v5/common/net"
|
|
|
|
)
|
|
|
|
|
|
|
|
type AESUDPClientPacketProcessor struct {
|
|
|
|
requestSeparateHeaderBlockCipher cipher.Block
|
|
|
|
responseSeparateHeaderBlockCipher cipher.Block
|
|
|
|
mainPacketAEAD func([]byte) cipher.AEAD
|
|
|
|
EIHGenerator func([]byte) ExtensibleIdentityHeaders
|
|
|
|
}
|
|
|
|
|
|
|
|
func NewAESUDPClientPacketProcessor(requestSeparateHeaderBlockCipher, responseSeparateHeaderBlockCipher cipher.Block, mainPacketAEAD func([]byte) cipher.AEAD, eih func([]byte) ExtensibleIdentityHeaders) *AESUDPClientPacketProcessor {
|
|
|
|
return &AESUDPClientPacketProcessor{
|
|
|
|
requestSeparateHeaderBlockCipher: requestSeparateHeaderBlockCipher,
|
|
|
|
responseSeparateHeaderBlockCipher: responseSeparateHeaderBlockCipher,
|
|
|
|
mainPacketAEAD: mainPacketAEAD,
|
|
|
|
EIHGenerator: eih,
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
type separateHeader struct {
|
|
|
|
SessionID [8]byte
|
|
|
|
PacketID uint64
|
|
|
|
}
|
|
|
|
|
|
|
|
type header struct {
|
|
|
|
Type byte
|
|
|
|
TimeStamp uint64
|
|
|
|
PaddingLength uint16 `struc:"sizeof=Padding"`
|
|
|
|
Padding []byte
|
|
|
|
}
|
|
|
|
|
|
|
|
type respHeader struct {
|
|
|
|
Type byte
|
|
|
|
TimeStamp uint64
|
|
|
|
ClientSessionID [8]byte
|
|
|
|
PaddingLength uint16 `struc:"sizeof=Padding"`
|
|
|
|
Padding []byte
|
|
|
|
}
|
|
|
|
|
2023-11-23 19:40:07 -05:00
|
|
|
type cachedUDPState struct {
|
|
|
|
sessionAEAD cipher.AEAD
|
|
|
|
sessionRecvAEAD cipher.AEAD
|
|
|
|
}
|
|
|
|
|
|
|
|
func (p *AESUDPClientPacketProcessor) EncodeUDPRequest(request *UDPRequest, out *buf.Buffer,
|
|
|
|
cache UDPClientPacketProcessorCachedStateContainer,
|
|
|
|
) error {
|
2023-11-18 18:09:26 -05:00
|
|
|
separateHeaderStruct := separateHeader{PacketID: request.PacketID, SessionID: request.SessionID}
|
|
|
|
separateHeaderBuffer := buf.New()
|
|
|
|
defer separateHeaderBuffer.Release()
|
|
|
|
{
|
|
|
|
err := struc.Pack(separateHeaderBuffer, &separateHeaderStruct)
|
|
|
|
if err != nil {
|
|
|
|
return newError("failed to pack separateHeader").Base(err)
|
|
|
|
}
|
|
|
|
}
|
|
|
|
separateHeaderBufferBytes := separateHeaderBuffer.Bytes()
|
|
|
|
{
|
|
|
|
encryptedDest := out.Extend(16)
|
|
|
|
p.requestSeparateHeaderBlockCipher.Encrypt(encryptedDest, separateHeaderBufferBytes)
|
|
|
|
}
|
|
|
|
|
|
|
|
if p.EIHGenerator != nil {
|
|
|
|
eih := p.EIHGenerator(separateHeaderBufferBytes[0:16])
|
|
|
|
eihHeader := struct {
|
|
|
|
EIH ExtensibleIdentityHeaders
|
|
|
|
}{
|
|
|
|
EIH: eih,
|
|
|
|
}
|
|
|
|
err := struc.Pack(out, &eihHeader)
|
|
|
|
if err != nil {
|
|
|
|
return newError("failed to pack eih").Base(err)
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
headerStruct := header{
|
|
|
|
Type: UDPHeaderTypeClientToServerStream,
|
|
|
|
TimeStamp: request.TimeStamp,
|
|
|
|
PaddingLength: 0,
|
|
|
|
Padding: nil,
|
|
|
|
}
|
|
|
|
requestBodyBuffer := buf.New()
|
|
|
|
{
|
|
|
|
err := struc.Pack(requestBodyBuffer, &headerStruct)
|
|
|
|
if err != nil {
|
|
|
|
return newError("failed to header").Base(err)
|
|
|
|
}
|
|
|
|
}
|
|
|
|
{
|
|
|
|
err := addrParser.WriteAddressPort(requestBodyBuffer, request.Address, net.Port(request.Port))
|
|
|
|
if err != nil {
|
|
|
|
return newError("failed to write address port").Base(err)
|
|
|
|
}
|
|
|
|
}
|
|
|
|
{
|
|
|
|
_, err := io.Copy(requestBodyBuffer, bytes.NewReader(request.Payload.Bytes()))
|
|
|
|
if err != nil {
|
|
|
|
return newError("failed to copy payload").Base(err)
|
|
|
|
}
|
|
|
|
}
|
|
|
|
{
|
2023-11-23 19:40:07 -05:00
|
|
|
cacheKey := string(separateHeaderBufferBytes[0:8])
|
|
|
|
receivedCacheInterface := cache.GetCachedState(cacheKey)
|
|
|
|
cachedState := &cachedUDPState{}
|
|
|
|
if receivedCacheInterface != nil {
|
|
|
|
cachedState = receivedCacheInterface.(*cachedUDPState)
|
|
|
|
}
|
|
|
|
if cachedState.sessionAEAD == nil {
|
|
|
|
cachedState.sessionAEAD = p.mainPacketAEAD(separateHeaderBufferBytes[0:8])
|
|
|
|
cache.PutCachedState(cacheKey, cachedState)
|
|
|
|
}
|
|
|
|
|
|
|
|
mainPacketAEADMaterialized := cachedState.sessionAEAD
|
|
|
|
|
2023-11-18 18:09:26 -05:00
|
|
|
encryptedDest := out.Extend(int32(mainPacketAEADMaterialized.Overhead()) + requestBodyBuffer.Len())
|
|
|
|
mainPacketAEADMaterialized.Seal(encryptedDest[:0], separateHeaderBuffer.Bytes()[4:16], requestBodyBuffer.Bytes(), nil)
|
|
|
|
}
|
|
|
|
return nil
|
|
|
|
}
|
|
|
|
|
2023-11-23 19:40:07 -05:00
|
|
|
func (p *AESUDPClientPacketProcessor) DecodeUDPResp(input []byte, resp *UDPResponse,
|
|
|
|
cache UDPClientPacketProcessorCachedStateContainer,
|
|
|
|
) error {
|
2023-11-18 18:09:26 -05:00
|
|
|
separateHeaderBuffer := buf.New()
|
|
|
|
defer separateHeaderBuffer.Release()
|
|
|
|
{
|
|
|
|
encryptedDest := separateHeaderBuffer.Extend(16)
|
|
|
|
p.responseSeparateHeaderBlockCipher.Decrypt(encryptedDest, input)
|
|
|
|
}
|
|
|
|
separateHeaderStruct := separateHeader{}
|
|
|
|
{
|
|
|
|
err := struc.Unpack(separateHeaderBuffer, &separateHeaderStruct)
|
|
|
|
if err != nil {
|
|
|
|
return newError("failed to unpack separateHeader").Base(err)
|
|
|
|
}
|
|
|
|
}
|
|
|
|
resp.PacketID = separateHeaderStruct.PacketID
|
|
|
|
resp.SessionID = separateHeaderStruct.SessionID
|
|
|
|
{
|
2023-11-23 19:40:07 -05:00
|
|
|
cacheKey := string(separateHeaderBuffer.Bytes()[0:8])
|
|
|
|
receivedCacheInterface := cache.GetCachedServerState(cacheKey)
|
|
|
|
cachedState := &cachedUDPState{}
|
|
|
|
if receivedCacheInterface != nil {
|
|
|
|
cachedState = receivedCacheInterface.(*cachedUDPState)
|
|
|
|
}
|
|
|
|
|
|
|
|
if cachedState.sessionRecvAEAD == nil {
|
|
|
|
cachedState.sessionRecvAEAD = p.mainPacketAEAD(separateHeaderBuffer.Bytes()[0:8])
|
|
|
|
cache.PutCachedServerState(cacheKey, cachedState)
|
|
|
|
}
|
|
|
|
|
|
|
|
mainPacketAEADMaterialized := cachedState.sessionRecvAEAD
|
2023-11-18 18:09:26 -05:00
|
|
|
decryptedDestBuffer := buf.New()
|
|
|
|
decryptedDest := decryptedDestBuffer.Extend(int32(len(input)) - 16 - int32(mainPacketAEADMaterialized.Overhead()))
|
|
|
|
_, err := mainPacketAEADMaterialized.Open(decryptedDest[:0], separateHeaderBuffer.Bytes()[4:16], input[16:], nil)
|
|
|
|
if err != nil {
|
|
|
|
return newError("failed to open main packet").Base(err)
|
|
|
|
}
|
|
|
|
decryptedDestReader := bytes.NewReader(decryptedDest)
|
|
|
|
headerStruct := respHeader{}
|
|
|
|
{
|
|
|
|
err := struc.Unpack(decryptedDestReader, &headerStruct)
|
|
|
|
if err != nil {
|
|
|
|
return newError("failed to unpack header").Base(err)
|
|
|
|
}
|
|
|
|
}
|
|
|
|
resp.TimeStamp = headerStruct.TimeStamp
|
2023-11-18 19:42:20 -05:00
|
|
|
addressReaderBuf := buf.New()
|
2023-11-18 18:09:26 -05:00
|
|
|
defer addressReaderBuf.Release()
|
|
|
|
var port net.Port
|
|
|
|
resp.Address, port, err = addrParser.ReadAddressPort(addressReaderBuf, decryptedDestReader)
|
|
|
|
if err != nil {
|
|
|
|
return newError("failed to read address port").Base(err)
|
|
|
|
}
|
|
|
|
resp.Port = int(port)
|
|
|
|
readedLength := decryptedDestReader.Size() - int64(decryptedDestReader.Len())
|
|
|
|
decryptedDestBuffer.Advance(int32(readedLength))
|
|
|
|
resp.Payload = decryptedDestBuffer
|
|
|
|
resp.ClientSessionID = headerStruct.ClientSessionID
|
|
|
|
return nil
|
|
|
|
}
|
|
|
|
}
|