mirror of
https://github.com/v2fly/v2ray-core.git
synced 2024-09-29 07:16:29 -04:00
support enforcing VMessAEAD via environment variable (#596)
* support enforcing VMessAEAD via env var to prevent downgrade attack * Add comments to make Codacy Production happy
This commit is contained in:
parent
51af372bed
commit
d8bc41e653
@ -118,6 +118,11 @@ func NewServerSession(validator *vmess.TimedUserValidator, sessionHistory *Sessi
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// SetAEADForced sets isAEADForced for a ServerSession.
|
||||||
|
func (s *ServerSession) SetAEADForced(isAEADForced bool) {
|
||||||
|
s.isAEADForced = isAEADForced
|
||||||
|
}
|
||||||
|
|
||||||
func parseSecurityType(b byte) protocol.SecurityType {
|
func parseSecurityType(b byte) protocol.SecurityType {
|
||||||
if _, f := protocol.SecurityType_name[int32(b)]; f {
|
if _, f := protocol.SecurityType_name[int32(b)]; f {
|
||||||
st := protocol.SecurityType(b)
|
st := protocol.SecurityType(b)
|
||||||
|
@ -17,6 +17,7 @@ import (
|
|||||||
"v2ray.com/core/common/errors"
|
"v2ray.com/core/common/errors"
|
||||||
"v2ray.com/core/common/log"
|
"v2ray.com/core/common/log"
|
||||||
"v2ray.com/core/common/net"
|
"v2ray.com/core/common/net"
|
||||||
|
"v2ray.com/core/common/platform"
|
||||||
"v2ray.com/core/common/protocol"
|
"v2ray.com/core/common/protocol"
|
||||||
"v2ray.com/core/common/session"
|
"v2ray.com/core/common/session"
|
||||||
"v2ray.com/core/common/signal"
|
"v2ray.com/core/common/signal"
|
||||||
@ -224,6 +225,7 @@ func (h *Handler) Process(ctx context.Context, network net.Network, connection i
|
|||||||
|
|
||||||
reader := &buf.BufferedReader{Reader: buf.NewReader(connection)}
|
reader := &buf.BufferedReader{Reader: buf.NewReader(connection)}
|
||||||
svrSession := encoding.NewServerSession(h.clients, h.sessionHistory)
|
svrSession := encoding.NewServerSession(h.clients, h.sessionHistory)
|
||||||
|
svrSession.SetAEADForced(aeadForced)
|
||||||
request, err := svrSession.DecodeRequestHeader(reader)
|
request, err := svrSession.DecodeRequestHeader(reader)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
if errors.Cause(err) != io.EOF {
|
if errors.Cause(err) != io.EOF {
|
||||||
@ -350,8 +352,17 @@ func (h *Handler) generateCommand(ctx context.Context, request *protocol.Request
|
|||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
|
|
||||||
|
var aeadForced = false
|
||||||
|
|
||||||
func init() {
|
func init() {
|
||||||
common.Must(common.RegisterConfig((*Config)(nil), func(ctx context.Context, config interface{}) (interface{}, error) {
|
common.Must(common.RegisterConfig((*Config)(nil), func(ctx context.Context, config interface{}) (interface{}, error) {
|
||||||
return New(ctx, config.(*Config))
|
return New(ctx, config.(*Config))
|
||||||
}))
|
}))
|
||||||
|
|
||||||
|
const defaultFlagValue = "NOT_DEFINED_AT_ALL"
|
||||||
|
|
||||||
|
isAeadForced := platform.NewEnvFlag("v2ray.vmess.aead.forced").GetValue(func() string { return defaultFlagValue })
|
||||||
|
if isAeadForced == "true" {
|
||||||
|
aeadForced = true
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user