lzhr/v2fly
1
0
Fork 0
mirror of https://github.com/v2fly/v2ray-core.git synced 2024-12-22 01:57:12 -05:00
Code Issues Releases Wiki Activity

enable global padding for aead by default

Browse Source
This commit is contained in:
Darien Raymond 2018-11-02 09:15:35 +01:00
parent 59fa890332
commit 9f48a6d017
No known key found for this signature in database
GPG Key ID: 7251FFA14BB18169
2 changed files with 16 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
common/crypto/auth.go
View File

@ -2,8 +2,9 @@ package crypto
import ( import (
"crypto/cipher" "crypto/cipher"
"crypto/rand"
"io" "io"
"math/rand"
"time"
"v2ray.com/core/common" "v2ray.com/core/common"
"v2ray.com/core/common/buf" "v2ray.com/core/common/buf"
@ -226,16 +227,21 @@ type AuthenticationWriter struct {
sizeParser ChunkSizeEncoder sizeParser ChunkSizeEncoder
transferType protocol.TransferType transferType protocol.TransferType
padding PaddingLengthGenerator padding PaddingLengthGenerator
randReader *rand.Rand
} }
func NewAuthenticationWriter(auth Authenticator, sizeParser ChunkSizeEncoder, writer io.Writer, transferType protocol.TransferType, padding PaddingLengthGenerator) *AuthenticationWriter { func NewAuthenticationWriter(auth Authenticator, sizeParser ChunkSizeEncoder, writer io.Writer, transferType protocol.TransferType, padding PaddingLengthGenerator) *AuthenticationWriter {
return &AuthenticationWriter{ w := &AuthenticationWriter{
auth: auth, auth: auth,
writer: buf.NewWriter(writer), writer: buf.NewWriter(writer),
sizeParser: sizeParser, sizeParser: sizeParser,
transferType: transferType, transferType: transferType,
padding: padding,
} }
if padding != nil {
w.padding = padding
w.randReader = rand.New(rand.NewSource(time.Now().Unix()))
}
return w
} }
func (w *AuthenticationWriter) seal(b *buf.Buffer) (*buf.Buffer, error) { func (w *AuthenticationWriter) seal(b *buf.Buffer) (*buf.Buffer, error) {
@ -263,7 +269,8 @@ func (w *AuthenticationWriter) seal(b *buf.Buffer) (*buf.Buffer, error) {
return nil, err return nil, err
} }
if paddingSize > 0 { if paddingSize > 0 {
common.Must(eb.AppendSupplier(buf.ReadFullFrom(rand.Reader, int32(paddingSize)))) // With size of the chunk and padding length encrypted, the content of padding doesn't matter much.
common.Must(eb.AppendSupplier(buf.ReadFullFrom(w.randReader, int32(paddingSize))))
} }
return eb, nil return eb, nil

6
proxy/vmess/outbound/outbound.go
View File

@ -103,7 +103,7 @@ func (v *Handler) Process(ctx context.Context, link *vio.Link, dialer internet.D
request.Option.Set(protocol.RequestOptionChunkMasking) request.Option.Set(protocol.RequestOptionChunkMasking)
} }
if enablePadding && request.Option.Has(protocol.RequestOptionChunkMasking) { if shouldEnablePadding(request.Security) && request.Option.Has(protocol.RequestOptionChunkMasking) {
request.Option.Set(protocol.RequestOptionGlobalPadding) request.Option.Set(protocol.RequestOptionGlobalPadding)
} }
@ -173,6 +173,10 @@ var (
enablePadding = false enablePadding = false
) )
func shouldEnablePadding(s protocol.SecurityType) bool {
return enablePadding || s == protocol.SecurityType_AES128_GCM || s == protocol.SecurityType_CHACHA20_POLY1305 || s == protocol.SecurityType_AUTO
}
func init() { func init() {
common.Must(common.RegisterConfig((*Config)(nil), func(ctx context.Context, config interface{}) (interface{}, error) { common.Must(common.RegisterConfig((*Config)(nil), func(ctx context.Context, config interface{}) (interface{}, error) {
return New(ctx, config.(*Config)) return New(ctx, config.(*Config))