diff --git a/common/crypto/auth.go b/common/crypto/auth.go index 1f174dcf2..4d20a8feb 100644 --- a/common/crypto/auth.go +++ b/common/crypto/auth.go @@ -68,9 +68,10 @@ func (v *AEADAuthenticator) Seal(dst, plainText []byte) ([]byte, error) { } type AuthenticationReader struct { - auth Authenticator - buffer *buf.Buffer - reader io.Reader + auth Authenticator + buffer *buf.Buffer + reader io.Reader + sizeMask uint16 chunk []byte } @@ -79,11 +80,12 @@ const ( readerBufferSize = 32 * 1024 ) -func NewAuthenticationReader(auth Authenticator, reader io.Reader) *AuthenticationReader { +func NewAuthenticationReader(auth Authenticator, reader io.Reader, sizeMask uint16) *AuthenticationReader { return &AuthenticationReader{ - auth: auth, - buffer: buf.NewLocal(readerBufferSize), - reader: reader, + auth: auth, + buffer: buf.NewLocal(readerBufferSize), + reader: reader, + sizeMask: sizeMask, } } @@ -91,7 +93,7 @@ func (v *AuthenticationReader) NextChunk() error { if v.buffer.Len() < 2 { return errInsufficientBuffer } - size := int(serial.BytesToUint16(v.buffer.BytesTo(2))) + size := int(serial.BytesToUint16(v.buffer.BytesTo(2)) ^ v.sizeMask) if size > v.buffer.Len()-2 { return errInsufficientBuffer } @@ -168,16 +170,18 @@ func (v *AuthenticationReader) Read(b []byte) (int, error) { } type AuthenticationWriter struct { - auth Authenticator - buffer []byte - writer io.Writer + auth Authenticator + buffer []byte + writer io.Writer + sizeMask uint16 } -func NewAuthenticationWriter(auth Authenticator, writer io.Writer) *AuthenticationWriter { +func NewAuthenticationWriter(auth Authenticator, writer io.Writer, sizeMask uint16) *AuthenticationWriter { return &AuthenticationWriter{ - auth: auth, - buffer: make([]byte, 32*1024), - writer: writer, + auth: auth, + buffer: make([]byte, 32*1024), + writer: writer, + sizeMask: sizeMask, } } @@ -187,7 +191,8 @@ func (v *AuthenticationWriter) Write(b []byte) (int, error) { return 0, err } - serial.Uint16ToBytes(uint16(len(cipherChunk)), v.buffer[:0]) + size := uint16(len(cipherChunk)) ^ v.sizeMask + serial.Uint16ToBytes(size, v.buffer[:0]) _, err = v.writer.Write(v.buffer[:2+len(cipherChunk)]) return len(b), err } diff --git a/common/crypto/auth_test.go b/common/crypto/auth_test.go index b104cb864..d9c71e653 100644 --- a/common/crypto/auth_test.go +++ b/common/crypto/auth_test.go @@ -6,17 +6,19 @@ import ( "crypto/rand" "io" "testing" - "time" "v2ray.com/core/common/buf" . "v2ray.com/core/common/crypto" + "v2ray.com/core/common/dice" "v2ray.com/core/testing/assert" ) func TestAuthenticationReaderWriter(t *testing.T) { assert := assert.On(t) + sizeMask := uint16(dice.Roll(65536)) + key := make([]byte, 16) rand.Read(key) block, err := aes.NewCipher(key) @@ -38,7 +40,7 @@ func TestAuthenticationReaderWriter(t *testing.T) { Content: iv, }, AdditionalDataGenerator: &NoOpBytesGenerator{}, - }, cache) + }, cache, sizeMask) nBytes, err := writer.Write(payload) assert.Error(err).IsNil() @@ -53,7 +55,7 @@ func TestAuthenticationReaderWriter(t *testing.T) { Content: iv, }, AdditionalDataGenerator: &NoOpBytesGenerator{}, - }, cache) + }, cache, sizeMask) actualPayload := make([]byte, 16*1024) nBytes, err = reader.Read(actualPayload) @@ -68,6 +70,8 @@ func TestAuthenticationReaderWriter(t *testing.T) { func TestAuthenticationReaderWriterPartial(t *testing.T) { assert := assert.On(t) + sizeMask := uint16(dice.Roll(65536)) + key := make([]byte, 16) rand.Read(key) block, err := aes.NewCipher(key) @@ -89,7 +93,7 @@ func TestAuthenticationReaderWriterPartial(t *testing.T) { Content: iv, }, AdditionalDataGenerator: &NoOpBytesGenerator{}, - }, cache) + }, cache, sizeMask) writer.Write([]byte{'a', 'b', 'c', 'd'}) @@ -119,7 +123,7 @@ func TestAuthenticationReaderWriterPartial(t *testing.T) { Content: iv, }, AdditionalDataGenerator: &NoOpBytesGenerator{}, - }, pr) + }, pr, sizeMask) actualPayload := make([]byte, 7*1024) nBytes, err = reader.Read(actualPayload) diff --git a/proxy/vmess/encoding/client.go b/proxy/vmess/encoding/client.go index 2c54a1a29..e31de4617 100644 --- a/proxy/vmess/encoding/client.go +++ b/proxy/vmess/encoding/client.go @@ -119,6 +119,7 @@ func (v *ClientSession) EncodeRequestHeader(header *protocol.RequestHeader, writ func (v *ClientSession) EncodeRequestBody(request *protocol.RequestHeader, writer io.Writer) buf.Writer { var authWriter io.Writer + sizeMask := serial.BytesToUint16(v.requestBodyKey[:2]) if request.Security.Is(protocol.SecurityType_NONE) { if request.Option.Has(protocol.RequestOptionChunkStream) { auth := &crypto.AEADAuthenticator{ @@ -126,7 +127,7 @@ func (v *ClientSession) EncodeRequestBody(request *protocol.RequestHeader, write NonceGenerator: crypto.NoOpBytesGenerator{}, AdditionalDataGenerator: crypto.NoOpBytesGenerator{}, } - authWriter = crypto.NewAuthenticationWriter(auth, writer) + authWriter = crypto.NewAuthenticationWriter(auth, writer, sizeMask) } else { authWriter = writer } @@ -139,7 +140,7 @@ func (v *ClientSession) EncodeRequestBody(request *protocol.RequestHeader, write NonceGenerator: crypto.NoOpBytesGenerator{}, AdditionalDataGenerator: crypto.NoOpBytesGenerator{}, } - authWriter = crypto.NewAuthenticationWriter(auth, cryptionWriter) + authWriter = crypto.NewAuthenticationWriter(auth, cryptionWriter, sizeMask) } else { authWriter = cryptionWriter } @@ -155,7 +156,7 @@ func (v *ClientSession) EncodeRequestBody(request *protocol.RequestHeader, write }, AdditionalDataGenerator: crypto.NoOpBytesGenerator{}, } - authWriter = crypto.NewAuthenticationWriter(auth, writer) + authWriter = crypto.NewAuthenticationWriter(auth, writer, sizeMask) } else if request.Security.Is(protocol.SecurityType_CHACHA20_POLY1305) { aead, _ := chacha20poly1305.New(GenerateChacha20Poly1305Key(v.requestBodyKey)) @@ -167,7 +168,7 @@ func (v *ClientSession) EncodeRequestBody(request *protocol.RequestHeader, write }, AdditionalDataGenerator: crypto.NoOpBytesGenerator{}, } - authWriter = crypto.NewAuthenticationWriter(auth, writer) + authWriter = crypto.NewAuthenticationWriter(auth, writer, sizeMask) } return buf.NewWriter(authWriter) @@ -214,6 +215,7 @@ func (v *ClientSession) DecodeResponseHeader(reader io.Reader) (*protocol.Respon func (v *ClientSession) DecodeResponseBody(request *protocol.RequestHeader, reader io.Reader) buf.Reader { var authReader io.Reader + sizeMask := serial.BytesToUint16(v.responseBodyKey[:2]) if request.Security.Is(protocol.SecurityType_NONE) { if request.Option.Has(protocol.RequestOptionChunkStream) { auth := &crypto.AEADAuthenticator{ @@ -221,7 +223,7 @@ func (v *ClientSession) DecodeResponseBody(request *protocol.RequestHeader, read NonceGenerator: crypto.NoOpBytesGenerator{}, AdditionalDataGenerator: crypto.NoOpBytesGenerator{}, } - authReader = crypto.NewAuthenticationReader(auth, reader) + authReader = crypto.NewAuthenticationReader(auth, reader, sizeMask) } else { authReader = reader } @@ -232,7 +234,7 @@ func (v *ClientSession) DecodeResponseBody(request *protocol.RequestHeader, read NonceGenerator: crypto.NoOpBytesGenerator{}, AdditionalDataGenerator: crypto.NoOpBytesGenerator{}, } - authReader = crypto.NewAuthenticationReader(auth, v.responseReader) + authReader = crypto.NewAuthenticationReader(auth, v.responseReader, sizeMask) } else { authReader = v.responseReader } @@ -248,7 +250,7 @@ func (v *ClientSession) DecodeResponseBody(request *protocol.RequestHeader, read }, AdditionalDataGenerator: crypto.NoOpBytesGenerator{}, } - authReader = crypto.NewAuthenticationReader(auth, reader) + authReader = crypto.NewAuthenticationReader(auth, reader, sizeMask) } else if request.Security.Is(protocol.SecurityType_CHACHA20_POLY1305) { aead, _ := chacha20poly1305.New(GenerateChacha20Poly1305Key(v.responseBodyKey)) @@ -260,7 +262,7 @@ func (v *ClientSession) DecodeResponseBody(request *protocol.RequestHeader, read }, AdditionalDataGenerator: crypto.NoOpBytesGenerator{}, } - authReader = crypto.NewAuthenticationReader(auth, reader) + authReader = crypto.NewAuthenticationReader(auth, reader, sizeMask) } return buf.NewReader(authReader) diff --git a/proxy/vmess/encoding/server.go b/proxy/vmess/encoding/server.go index 2cbfd6254..779f3c65f 100644 --- a/proxy/vmess/encoding/server.go +++ b/proxy/vmess/encoding/server.go @@ -237,6 +237,7 @@ func (v *ServerSession) DecodeRequestHeader(reader io.Reader) (*protocol.Request func (v *ServerSession) DecodeRequestBody(request *protocol.RequestHeader, reader io.Reader) buf.Reader { var authReader io.Reader + sizeMask := serial.BytesToUint16(v.requestBodyKey[:2]) if request.Security.Is(protocol.SecurityType_NONE) { if request.Option.Has(protocol.RequestOptionChunkStream) { auth := &crypto.AEADAuthenticator{ @@ -244,7 +245,7 @@ func (v *ServerSession) DecodeRequestBody(request *protocol.RequestHeader, reade NonceGenerator: crypto.NoOpBytesGenerator{}, AdditionalDataGenerator: crypto.NoOpBytesGenerator{}, } - authReader = crypto.NewAuthenticationReader(auth, reader) + authReader = crypto.NewAuthenticationReader(auth, reader, sizeMask) } else { authReader = reader } @@ -257,7 +258,7 @@ func (v *ServerSession) DecodeRequestBody(request *protocol.RequestHeader, reade NonceGenerator: crypto.NoOpBytesGenerator{}, AdditionalDataGenerator: crypto.NoOpBytesGenerator{}, } - authReader = crypto.NewAuthenticationReader(auth, cryptionReader) + authReader = crypto.NewAuthenticationReader(auth, cryptionReader, sizeMask) } else { authReader = cryptionReader } @@ -273,7 +274,7 @@ func (v *ServerSession) DecodeRequestBody(request *protocol.RequestHeader, reade }, AdditionalDataGenerator: crypto.NoOpBytesGenerator{}, } - authReader = crypto.NewAuthenticationReader(auth, reader) + authReader = crypto.NewAuthenticationReader(auth, reader, sizeMask) } else if request.Security.Is(protocol.SecurityType_CHACHA20_POLY1305) { aead, _ := chacha20poly1305.New(GenerateChacha20Poly1305Key(v.requestBodyKey)) @@ -285,7 +286,7 @@ func (v *ServerSession) DecodeRequestBody(request *protocol.RequestHeader, reade }, AdditionalDataGenerator: crypto.NoOpBytesGenerator{}, } - authReader = crypto.NewAuthenticationReader(auth, reader) + authReader = crypto.NewAuthenticationReader(auth, reader, sizeMask) } return buf.NewReader(authReader) @@ -310,6 +311,7 @@ func (v *ServerSession) EncodeResponseHeader(header *protocol.ResponseHeader, wr func (v *ServerSession) EncodeResponseBody(request *protocol.RequestHeader, writer io.Writer) buf.Writer { var authWriter io.Writer + sizeMask := serial.BytesToUint16(v.responseBodyKey[:2]) if request.Security.Is(protocol.SecurityType_NONE) { if request.Option.Has(protocol.RequestOptionChunkStream) { auth := &crypto.AEADAuthenticator{ @@ -317,7 +319,7 @@ func (v *ServerSession) EncodeResponseBody(request *protocol.RequestHeader, writ NonceGenerator: crypto.NoOpBytesGenerator{}, AdditionalDataGenerator: crypto.NoOpBytesGenerator{}, } - authWriter = crypto.NewAuthenticationWriter(auth, writer) + authWriter = crypto.NewAuthenticationWriter(auth, writer, sizeMask) } else { authWriter = writer } @@ -328,7 +330,7 @@ func (v *ServerSession) EncodeResponseBody(request *protocol.RequestHeader, writ NonceGenerator: crypto.NoOpBytesGenerator{}, AdditionalDataGenerator: crypto.NoOpBytesGenerator{}, } - authWriter = crypto.NewAuthenticationWriter(auth, v.responseWriter) + authWriter = crypto.NewAuthenticationWriter(auth, v.responseWriter, sizeMask) } else { authWriter = v.responseWriter } @@ -344,7 +346,7 @@ func (v *ServerSession) EncodeResponseBody(request *protocol.RequestHeader, writ }, AdditionalDataGenerator: crypto.NoOpBytesGenerator{}, } - authWriter = crypto.NewAuthenticationWriter(auth, writer) + authWriter = crypto.NewAuthenticationWriter(auth, writer, sizeMask) } else if request.Security.Is(protocol.SecurityType_CHACHA20_POLY1305) { aead, _ := chacha20poly1305.New(GenerateChacha20Poly1305Key(v.responseBodyKey)) @@ -356,7 +358,7 @@ func (v *ServerSession) EncodeResponseBody(request *protocol.RequestHeader, writ }, AdditionalDataGenerator: crypto.NoOpBytesGenerator{}, } - authWriter = crypto.NewAuthenticationWriter(auth, writer) + authWriter = crypto.NewAuthenticationWriter(auth, writer, sizeMask) } return buf.NewWriter(authWriter) diff --git a/transport/internet/websocket/ws.go b/transport/internet/websocket/ws.go index 58deb6cfe..d8b2eba8e 100644 --- a/transport/internet/websocket/ws.go +++ b/transport/internet/websocket/ws.go @@ -1,33 +1,5 @@ /*Package websocket implements Websocket transport Websocket transport implements a HTTP(S) compliable, surveillance proof transport method with plausible deniability. - -To configure such a listener, set streamSettings to be ws. A http(s) listener will be listening at the port you have configured. - -There is additional configure can be made at transport configure. - -"wsSettings":{ - "Path":"ws", // the path our ws handler bind - "Pto": "wss/ws", // the transport protocol we are using ws or wss(listen ws with tls) - "Cert":"cert.pem", // if you have configured to use wss, configure your cert here - "PrivKey":"priv.pem" //if you have configured to use wss, configure your privatekey here - } - - -To configure such a Dialer, set streamSettings to be ws. - -There is additional configure can be made at transport configure. - -"wsSettings":{ - "Path":"ws", // the path our ws handler bind - "Pto": "wss/ws", // the transport protocol we are using ws or wss(listen ws with tls) - } - -It is worth noting that accepting a non-valid cert is not supported as a self-signed or invalid cert can be a sign of a website that is not correctly configured and lead to additional investigation. - - -This transport was disscussed at -https://github.com/v2ray/v2ray-core/issues/224 - */ package websocket