Merge branch 'master' of https://github.com/v2ray/v2ray-core

common/crypto/auth.go

@@ -68,9 +68,10 @@ func (v *AEADAuthenticator) Seal(dst, plainText []byte) ([]byte, error) {
 }
 
 type AuthenticationReader struct {
-	auth   Authenticator
-	buffer *buf.Buffer
-	reader io.Reader
+	auth     Authenticator
+	buffer   *buf.Buffer
+	reader   io.Reader
+	sizeMask uint16
 
 	chunk []byte
 }
@@ -79,11 +80,12 @@ const (
 	readerBufferSize = 32 * 1024
 )
 
-func NewAuthenticationReader(auth Authenticator, reader io.Reader) *AuthenticationReader {
+func NewAuthenticationReader(auth Authenticator, reader io.Reader, sizeMask uint16) *AuthenticationReader {
 	return &AuthenticationReader{
-		auth:   auth,
-		buffer: buf.NewLocal(readerBufferSize),
-		reader: reader,
+		auth:     auth,
+		buffer:   buf.NewLocal(readerBufferSize),
+		reader:   reader,
+		sizeMask: sizeMask,
 	}
 }
 
@@ -91,7 +93,7 @@ func (v *AuthenticationReader) NextChunk() error {
 	if v.buffer.Len() < 2 {
 		return errInsufficientBuffer
 	}
-	size := int(serial.BytesToUint16(v.buffer.BytesTo(2)))
+	size := int(serial.BytesToUint16(v.buffer.BytesTo(2)) ^ v.sizeMask)
 	if size > v.buffer.Len()-2 {
 		return errInsufficientBuffer
 	}
@@ -168,16 +170,18 @@ func (v *AuthenticationReader) Read(b []byte) (int, error) {
 }
 
 type AuthenticationWriter struct {
-	auth   Authenticator
-	buffer []byte
-	writer io.Writer
+	auth     Authenticator
+	buffer   []byte
+	writer   io.Writer
+	sizeMask uint16
 }
 
-func NewAuthenticationWriter(auth Authenticator, writer io.Writer) *AuthenticationWriter {
+func NewAuthenticationWriter(auth Authenticator, writer io.Writer, sizeMask uint16) *AuthenticationWriter {
 	return &AuthenticationWriter{
-		auth:   auth,
-		buffer: make([]byte, 32*1024),
-		writer: writer,
+		auth:     auth,
+		buffer:   make([]byte, 32*1024),
+		writer:   writer,
+		sizeMask: sizeMask,
 	}
 }
 
@@ -187,7 +191,8 @@ func (v *AuthenticationWriter) Write(b []byte) (int, error) {
 		return 0, err
 	}
 
-	serial.Uint16ToBytes(uint16(len(cipherChunk)), v.buffer[:0])
+	size := uint16(len(cipherChunk)) ^ v.sizeMask
+	serial.Uint16ToBytes(size, v.buffer[:0])
 	_, err = v.writer.Write(v.buffer[:2+len(cipherChunk)])
 	return len(b), err
 }

common/crypto/auth_test.go

@@ -6,17 +6,19 @@ import (
 	"crypto/rand"
 	"io"
 	"testing"
-
 	"time"
 
 	"v2ray.com/core/common/buf"
 	. "v2ray.com/core/common/crypto"
+	"v2ray.com/core/common/dice"
 	"v2ray.com/core/testing/assert"
 )
 
 func TestAuthenticationReaderWriter(t *testing.T) {
 	assert := assert.On(t)
 
+	sizeMask := uint16(dice.Roll(65536))
+
 	key := make([]byte, 16)
 	rand.Read(key)
 	block, err := aes.NewCipher(key)
@@ -38,7 +40,7 @@ func TestAuthenticationReaderWriter(t *testing.T) {
 			Content: iv,
 		},
 		AdditionalDataGenerator: &NoOpBytesGenerator{},
-	}, cache)
+	}, cache, sizeMask)
 
 	nBytes, err := writer.Write(payload)
 	assert.Error(err).IsNil()
@@ -53,7 +55,7 @@ func TestAuthenticationReaderWriter(t *testing.T) {
 			Content: iv,
 		},
 		AdditionalDataGenerator: &NoOpBytesGenerator{},
-	}, cache)
+	}, cache, sizeMask)
 
 	actualPayload := make([]byte, 16*1024)
 	nBytes, err = reader.Read(actualPayload)
@@ -68,6 +70,8 @@ func TestAuthenticationReaderWriter(t *testing.T) {
 func TestAuthenticationReaderWriterPartial(t *testing.T) {
 	assert := assert.On(t)
 
+	sizeMask := uint16(dice.Roll(65536))
+
 	key := make([]byte, 16)
 	rand.Read(key)
 	block, err := aes.NewCipher(key)
@@ -89,7 +93,7 @@ func TestAuthenticationReaderWriterPartial(t *testing.T) {
 			Content: iv,
 		},
 		AdditionalDataGenerator: &NoOpBytesGenerator{},
-	}, cache)
+	}, cache, sizeMask)
 
 	writer.Write([]byte{'a', 'b', 'c', 'd'})
 
@@ -119,7 +123,7 @@ func TestAuthenticationReaderWriterPartial(t *testing.T) {
 			Content: iv,
 		},
 		AdditionalDataGenerator: &NoOpBytesGenerator{},
-	}, pr)
+	}, pr, sizeMask)
 
 	actualPayload := make([]byte, 7*1024)
 	nBytes, err = reader.Read(actualPayload)

proxy/vmess/encoding/client.go

@@ -119,6 +119,7 @@ func (v *ClientSession) EncodeRequestHeader(header *protocol.RequestHeader, writ
 
 func (v *ClientSession) EncodeRequestBody(request *protocol.RequestHeader, writer io.Writer) buf.Writer {
 	var authWriter io.Writer
+	sizeMask := serial.BytesToUint16(v.requestBodyKey[:2])
 	if request.Security.Is(protocol.SecurityType_NONE) {
 		if request.Option.Has(protocol.RequestOptionChunkStream) {
 			auth := &crypto.AEADAuthenticator{
@@ -126,7 +127,7 @@ func (v *ClientSession) EncodeRequestBody(request *protocol.RequestHeader, write
 				NonceGenerator:          crypto.NoOpBytesGenerator{},
 				AdditionalDataGenerator: crypto.NoOpBytesGenerator{},
 			}
-			authWriter = crypto.NewAuthenticationWriter(auth, writer)
+			authWriter = crypto.NewAuthenticationWriter(auth, writer, sizeMask)
 		} else {
 			authWriter = writer
 		}
@@ -139,7 +140,7 @@ func (v *ClientSession) EncodeRequestBody(request *protocol.RequestHeader, write
 				NonceGenerator:          crypto.NoOpBytesGenerator{},
 				AdditionalDataGenerator: crypto.NoOpBytesGenerator{},
 			}
-			authWriter = crypto.NewAuthenticationWriter(auth, cryptionWriter)
+			authWriter = crypto.NewAuthenticationWriter(auth, cryptionWriter, sizeMask)
 		} else {
 			authWriter = cryptionWriter
 		}
@@ -155,7 +156,7 @@ func (v *ClientSession) EncodeRequestBody(request *protocol.RequestHeader, write
 			},
 			AdditionalDataGenerator: crypto.NoOpBytesGenerator{},
 		}
-		authWriter = crypto.NewAuthenticationWriter(auth, writer)
+		authWriter = crypto.NewAuthenticationWriter(auth, writer, sizeMask)
 	} else if request.Security.Is(protocol.SecurityType_CHACHA20_POLY1305) {
 		aead, _ := chacha20poly1305.New(GenerateChacha20Poly1305Key(v.requestBodyKey))
 
@@ -167,7 +168,7 @@ func (v *ClientSession) EncodeRequestBody(request *protocol.RequestHeader, write
 			},
 			AdditionalDataGenerator: crypto.NoOpBytesGenerator{},
 		}
-		authWriter = crypto.NewAuthenticationWriter(auth, writer)
+		authWriter = crypto.NewAuthenticationWriter(auth, writer, sizeMask)
 	}
 
 	return buf.NewWriter(authWriter)
@@ -214,6 +215,7 @@ func (v *ClientSession) DecodeResponseHeader(reader io.Reader) (*protocol.Respon
 
 func (v *ClientSession) DecodeResponseBody(request *protocol.RequestHeader, reader io.Reader) buf.Reader {
 	var authReader io.Reader
+	sizeMask := serial.BytesToUint16(v.responseBodyKey[:2])
 	if request.Security.Is(protocol.SecurityType_NONE) {
 		if request.Option.Has(protocol.RequestOptionChunkStream) {
 			auth := &crypto.AEADAuthenticator{
@@ -221,7 +223,7 @@ func (v *ClientSession) DecodeResponseBody(request *protocol.RequestHeader, read
 				NonceGenerator:          crypto.NoOpBytesGenerator{},
 				AdditionalDataGenerator: crypto.NoOpBytesGenerator{},
 			}
-			authReader = crypto.NewAuthenticationReader(auth, reader)
+			authReader = crypto.NewAuthenticationReader(auth, reader, sizeMask)
 		} else {
 			authReader = reader
 		}
@@ -232,7 +234,7 @@ func (v *ClientSession) DecodeResponseBody(request *protocol.RequestHeader, read
 				NonceGenerator:          crypto.NoOpBytesGenerator{},
 				AdditionalDataGenerator: crypto.NoOpBytesGenerator{},
 			}
-			authReader = crypto.NewAuthenticationReader(auth, v.responseReader)
+			authReader = crypto.NewAuthenticationReader(auth, v.responseReader, sizeMask)
 		} else {
 			authReader = v.responseReader
 		}
@@ -248,7 +250,7 @@ func (v *ClientSession) DecodeResponseBody(request *protocol.RequestHeader, read
 			},
 			AdditionalDataGenerator: crypto.NoOpBytesGenerator{},
 		}
-		authReader = crypto.NewAuthenticationReader(auth, reader)
+		authReader = crypto.NewAuthenticationReader(auth, reader, sizeMask)
 	} else if request.Security.Is(protocol.SecurityType_CHACHA20_POLY1305) {
 		aead, _ := chacha20poly1305.New(GenerateChacha20Poly1305Key(v.responseBodyKey))
 
@@ -260,7 +262,7 @@ func (v *ClientSession) DecodeResponseBody(request *protocol.RequestHeader, read
 			},
 			AdditionalDataGenerator: crypto.NoOpBytesGenerator{},
 		}
-		authReader = crypto.NewAuthenticationReader(auth, reader)
+		authReader = crypto.NewAuthenticationReader(auth, reader, sizeMask)
 	}
 
 	return buf.NewReader(authReader)

proxy/vmess/encoding/server.go

@@ -237,6 +237,7 @@ func (v *ServerSession) DecodeRequestHeader(reader io.Reader) (*protocol.Request
 
 func (v *ServerSession) DecodeRequestBody(request *protocol.RequestHeader, reader io.Reader) buf.Reader {
 	var authReader io.Reader
+	sizeMask := serial.BytesToUint16(v.requestBodyKey[:2])
 	if request.Security.Is(protocol.SecurityType_NONE) {
 		if request.Option.Has(protocol.RequestOptionChunkStream) {
 			auth := &crypto.AEADAuthenticator{
@@ -244,7 +245,7 @@ func (v *ServerSession) DecodeRequestBody(request *protocol.RequestHeader, reade
 				NonceGenerator:          crypto.NoOpBytesGenerator{},
 				AdditionalDataGenerator: crypto.NoOpBytesGenerator{},
 			}
-			authReader = crypto.NewAuthenticationReader(auth, reader)
+			authReader = crypto.NewAuthenticationReader(auth, reader, sizeMask)
 		} else {
 			authReader = reader
 		}
@@ -257,7 +258,7 @@ func (v *ServerSession) DecodeRequestBody(request *protocol.RequestHeader, reade
 				NonceGenerator:          crypto.NoOpBytesGenerator{},
 				AdditionalDataGenerator: crypto.NoOpBytesGenerator{},
 			}
-			authReader = crypto.NewAuthenticationReader(auth, cryptionReader)
+			authReader = crypto.NewAuthenticationReader(auth, cryptionReader, sizeMask)
 		} else {
 			authReader = cryptionReader
 		}
@@ -273,7 +274,7 @@ func (v *ServerSession) DecodeRequestBody(request *protocol.RequestHeader, reade
 			},
 			AdditionalDataGenerator: crypto.NoOpBytesGenerator{},
 		}
-		authReader = crypto.NewAuthenticationReader(auth, reader)
+		authReader = crypto.NewAuthenticationReader(auth, reader, sizeMask)
 	} else if request.Security.Is(protocol.SecurityType_CHACHA20_POLY1305) {
 		aead, _ := chacha20poly1305.New(GenerateChacha20Poly1305Key(v.requestBodyKey))
 
@@ -285,7 +286,7 @@ func (v *ServerSession) DecodeRequestBody(request *protocol.RequestHeader, reade
 			},
 			AdditionalDataGenerator: crypto.NoOpBytesGenerator{},
 		}
-		authReader = crypto.NewAuthenticationReader(auth, reader)
+		authReader = crypto.NewAuthenticationReader(auth, reader, sizeMask)
 	}
 
 	return buf.NewReader(authReader)
@@ -310,6 +311,7 @@ func (v *ServerSession) EncodeResponseHeader(header *protocol.ResponseHeader, wr
 
 func (v *ServerSession) EncodeResponseBody(request *protocol.RequestHeader, writer io.Writer) buf.Writer {
 	var authWriter io.Writer
+	sizeMask := serial.BytesToUint16(v.responseBodyKey[:2])
 	if request.Security.Is(protocol.SecurityType_NONE) {
 		if request.Option.Has(protocol.RequestOptionChunkStream) {
 			auth := &crypto.AEADAuthenticator{
@@ -317,7 +319,7 @@ func (v *ServerSession) EncodeResponseBody(request *protocol.RequestHeader, writ
 				NonceGenerator:          crypto.NoOpBytesGenerator{},
 				AdditionalDataGenerator: crypto.NoOpBytesGenerator{},
 			}
-			authWriter = crypto.NewAuthenticationWriter(auth, writer)
+			authWriter = crypto.NewAuthenticationWriter(auth, writer, sizeMask)
 		} else {
 			authWriter = writer
 		}
@@ -328,7 +330,7 @@ func (v *ServerSession) EncodeResponseBody(request *protocol.RequestHeader, writ
 				NonceGenerator:          crypto.NoOpBytesGenerator{},
 				AdditionalDataGenerator: crypto.NoOpBytesGenerator{},
 			}
-			authWriter = crypto.NewAuthenticationWriter(auth, v.responseWriter)
+			authWriter = crypto.NewAuthenticationWriter(auth, v.responseWriter, sizeMask)
 		} else {
 			authWriter = v.responseWriter
 		}
@@ -344,7 +346,7 @@ func (v *ServerSession) EncodeResponseBody(request *protocol.RequestHeader, writ
 			},
 			AdditionalDataGenerator: crypto.NoOpBytesGenerator{},
 		}
-		authWriter = crypto.NewAuthenticationWriter(auth, writer)
+		authWriter = crypto.NewAuthenticationWriter(auth, writer, sizeMask)
 	} else if request.Security.Is(protocol.SecurityType_CHACHA20_POLY1305) {
 		aead, _ := chacha20poly1305.New(GenerateChacha20Poly1305Key(v.responseBodyKey))
 
@@ -356,7 +358,7 @@ func (v *ServerSession) EncodeResponseBody(request *protocol.RequestHeader, writ
 			},
 			AdditionalDataGenerator: crypto.NoOpBytesGenerator{},
 		}
-		authWriter = crypto.NewAuthenticationWriter(auth, writer)
+		authWriter = crypto.NewAuthenticationWriter(auth, writer, sizeMask)
 	}
 
 	return buf.NewWriter(authWriter)

transport/internet/websocket/ws.go

@@ -1,33 +1,5 @@
 /*Package websocket implements Websocket transport
 
 Websocket transport implements a HTTP(S) compliable, surveillance proof transport method with plausible deniability.
-
-To configure such a listener, set streamSettings to be ws. A http(s) listener will be listening at the port you have configured.
-
-There is additional configure can be made at transport configure.
-
-"wsSettings":{
-      "Path":"ws", // the path our ws handler bind
-      "Pto": "wss/ws", // the transport protocol we are using ws or wss(listen ws with tls)
-      "Cert":"cert.pem", // if you have configured to use wss, configure your cert here
-      "PrivKey":"priv.pem" //if you have configured to use wss, configure your privatekey here
-    }
-
-
-To configure such a Dialer, set streamSettings to be ws.
-
-There is additional configure can be made at transport configure.
-
-"wsSettings":{
-      "Path":"ws", // the path our ws handler bind
-      "Pto": "wss/ws", // the transport protocol we are using ws or wss(listen ws with tls)
-    }
-
-It is worth noting that accepting a non-valid cert is not supported as a self-signed or invalid cert can be a sign of a website that is not correctly configured and lead to additional investigation.
-
-
-This transport was disscussed at
-https://github.com/v2ray/v2ray-core/issues/224
-
 */
 package websocket