From a0c63ba1cf38c4f8e6e3a126d9527a0911bf79d9 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=E9=A3=8E=E6=89=87=E6=BB=91=E7=BF=94=E7=BF=BC?=
 <Fangliding.fshxy@outlook.com>
Date: Mon, 8 Sep 2025 22:19:17 +0800
Subject: [PATCH] VMess: Returns clearer error in AuthIDDecoderHolder (#5090)

---
 proxy/vmess/aead/authid.go | 10 ++++++----
 1 file changed, 6 insertions(+), 4 deletions(-)

diff --git a/proxy/vmess/aead/authid.go b/proxy/vmess/aead/authid.go
index 2ec48f11..7309010a 100644
--- a/proxy/vmess/aead/authid.go
+++ b/proxy/vmess/aead/authid.go
@@ -17,8 +17,10 @@ import (
 )
 
 var (
-	ErrNotFound = errors.New("user do not exist")
-	ErrReplay   = errors.New("replayed request")
+	ErrNotFound     = errors.New("user do not exist")
+	ErrNeagtiveTime = errors.New("timestamp is negative")
+	ErrInvalidTime  = errors.New("invalid timestamp, perhaps unsynchronized time")
+	ErrReplay       = errors.New("replayed request")
 )
 
 func CreateAuthID(cmdKey []byte, time int64) [16]byte {
@@ -102,11 +104,11 @@ func (a *AuthIDDecoderHolder) Match(authID [16]byte) (interface{}, error) {
 		}
 
 		if t < 0 {
-			continue
+			return nil, ErrNeagtiveTime
 		}
 
 		if math.Abs(math.Abs(float64(t))-float64(time.Now().Unix())) > 120 {
-			continue
+			return nil, ErrInvalidTime
 		}
 
 		if !a.filter.Check(authID[:]) {