From 9dbdcb3a39d0ab4a49047e655dc24ba8a6fc0b4a Mon Sep 17 00:00:00 2001
From: Darien Raymond <admin@v2ray.com>
Date: Sun, 26 Nov 2017 00:59:56 +0100
Subject: [PATCH] fix check of AEAD cipher

---
 proxy/shadowsocks/protocol.go | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/proxy/shadowsocks/protocol.go b/proxy/shadowsocks/protocol.go
index c58ecbcc2..b4edcf146 100644
--- a/proxy/shadowsocks/protocol.go
+++ b/proxy/shadowsocks/protocol.go
@@ -65,7 +65,7 @@ func ReadTCPSession(user *protocol.User, reader io.Reader) (*protocol.RequestHea
 		return nil, nil, newError("rejecting connection with OTA enabled, while server disables OTA")
 	}
 
-	if !request.Option.Has(RequestOptionOneTimeAuth) && account.OneTimeAuth == Account_Enabled {
+	if !account.Cipher.IsAEAD() && !request.Option.Has(RequestOptionOneTimeAuth) && account.OneTimeAuth == Account_Enabled {
 		return nil, nil, newError("rejecting connection with OTA disabled, while server enables OTA")
 	}