mirror of
https://github.com/v2fly/v2ray-core.git
synced 2024-09-29 15:26:29 -04:00
comments
This commit is contained in:
parent
0caf2a004b
commit
413a3a4eb6
@ -29,12 +29,14 @@ type sessionId struct {
|
|||||||
nonce [16]byte
|
nonce [16]byte
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// SessionHistory keeps track of historical session ids, to prevent replay attacks.
|
||||||
type SessionHistory struct {
|
type SessionHistory struct {
|
||||||
sync.RWMutex
|
sync.RWMutex
|
||||||
cache map[sessionId]time.Time
|
cache map[sessionId]time.Time
|
||||||
task *signal.PeriodicTask
|
task *signal.PeriodicTask
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// NewSessionHistory creates a new SessionHistory object.
|
||||||
func NewSessionHistory() *SessionHistory {
|
func NewSessionHistory() *SessionHistory {
|
||||||
h := &SessionHistory{
|
h := &SessionHistory{
|
||||||
cache: make(map[sessionId]time.Time, 128),
|
cache: make(map[sessionId]time.Time, 128),
|
||||||
@ -84,6 +86,7 @@ func (h *SessionHistory) removeExpiredEntries() {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// ServerSession keeps information for a session in VMess server.
|
||||||
type ServerSession struct {
|
type ServerSession struct {
|
||||||
userValidator *vmess.TimedUserValidator
|
userValidator *vmess.TimedUserValidator
|
||||||
sessionHistory *SessionHistory
|
sessionHistory *SessionHistory
|
||||||
@ -116,6 +119,7 @@ func parseSecurityType(b byte) protocol.SecurityType {
|
|||||||
return protocol.SecurityType_UNKNOWN
|
return protocol.SecurityType_UNKNOWN
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// DecodeRequestHeader decodes and returns (if successful) a RequestHeader from an input stream.
|
||||||
func (s *ServerSession) DecodeRequestHeader(reader io.Reader) (*protocol.RequestHeader, error) {
|
func (s *ServerSession) DecodeRequestHeader(reader io.Reader) (*protocol.RequestHeader, error) {
|
||||||
buffer := buf.New()
|
buffer := buf.New()
|
||||||
defer buffer.Release()
|
defer buffer.Release()
|
||||||
@ -172,7 +176,7 @@ func (s *ServerSession) DecodeRequestHeader(reader io.Reader) (*protocol.Request
|
|||||||
if invalidRequestErr != nil {
|
if invalidRequestErr != nil {
|
||||||
randomLen := dice.Roll(64) + 1
|
randomLen := dice.Roll(64) + 1
|
||||||
// Read random number of bytes for prevent detection.
|
// Read random number of bytes for prevent detection.
|
||||||
buffer.AppendSupplier(buf.ReadFullFrom(decryptor, int32(randomLen)))
|
common.Ignore(buffer.AppendSupplier(buf.ReadFullFrom(decryptor, int32(randomLen))), "Error doesn't matter")
|
||||||
}
|
}
|
||||||
}()
|
}()
|
||||||
|
|
||||||
@ -224,6 +228,7 @@ func (s *ServerSession) DecodeRequestHeader(reader io.Reader) (*protocol.Request
|
|||||||
return request, nil
|
return request, nil
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// DecodeRequestBody returns Reader from which caller can fetch decrypted body.
|
||||||
func (s *ServerSession) DecodeRequestBody(request *protocol.RequestHeader, reader io.Reader) buf.Reader {
|
func (s *ServerSession) DecodeRequestBody(request *protocol.RequestHeader, reader io.Reader) buf.Reader {
|
||||||
var sizeParser crypto.ChunkSizeDecoder = crypto.PlainChunkSizeParser{}
|
var sizeParser crypto.ChunkSizeDecoder = crypto.PlainChunkSizeParser{}
|
||||||
if request.Option.Has(protocol.RequestOptionChunkMasking) {
|
if request.Option.Has(protocol.RequestOptionChunkMasking) {
|
||||||
@ -282,11 +287,10 @@ func (s *ServerSession) DecodeRequestBody(request *protocol.RequestHeader, reade
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// EncodeResponseHeader writes encoded response header into the given writer.
|
||||||
func (s *ServerSession) EncodeResponseHeader(header *protocol.ResponseHeader, writer io.Writer) {
|
func (s *ServerSession) EncodeResponseHeader(header *protocol.ResponseHeader, writer io.Writer) {
|
||||||
responseBodyKey := md5.Sum(s.requestBodyKey[:])
|
s.responseBodyKey = md5.Sum(s.requestBodyKey[:])
|
||||||
responseBodyIV := md5.Sum(s.requestBodyIV[:])
|
s.responseBodyIV = md5.Sum(s.requestBodyIV[:])
|
||||||
s.responseBodyKey = responseBodyKey
|
|
||||||
s.responseBodyIV = responseBodyIV
|
|
||||||
|
|
||||||
aesStream := crypto.NewAesEncryptionStream(s.responseBodyKey[:], s.responseBodyIV[:])
|
aesStream := crypto.NewAesEncryptionStream(s.responseBodyKey[:], s.responseBodyIV[:])
|
||||||
encryptionWriter := crypto.NewCryptionWriter(aesStream, writer)
|
encryptionWriter := crypto.NewCryptionWriter(aesStream, writer)
|
||||||
@ -299,6 +303,7 @@ func (s *ServerSession) EncodeResponseHeader(header *protocol.ResponseHeader, wr
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// EncodeResponseBody returns a Writer that auto-encrypt content written by caller.
|
||||||
func (s *ServerSession) EncodeResponseBody(request *protocol.RequestHeader, writer io.Writer) buf.Writer {
|
func (s *ServerSession) EncodeResponseBody(request *protocol.RequestHeader, writer io.Writer) buf.Writer {
|
||||||
var sizeParser crypto.ChunkSizeEncoder = crypto.PlainChunkSizeParser{}
|
var sizeParser crypto.ChunkSizeEncoder = crypto.PlainChunkSizeParser{}
|
||||||
if request.Option.Has(protocol.RequestOptionChunkMasking) {
|
if request.Option.Has(protocol.RequestOptionChunkMasking) {
|
||||||
|
Loading…
Reference in New Issue
Block a user