github
/
v2ray-core
mirror of https://github.com/v2ray/v2ray-core
1
0
Fork 0
Code Issues Releases Wiki Activity

refine aead check on server

pull/787/head
Darien Raymond 2017-11-26 01:02:10 +01:00
parent 9dbdcb3a39
commit 02ab3f3494
No known key found for this signature in database
GPG Key ID: 7251FFA14BB18169
1 changed files with 14 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
proxy/shadowsocks/protocol.go
View File

@ -56,19 +56,21 @@ func ReadTCPSession(user *protocol.User, reader io.Reader) (*protocol.RequestHea
return nil, nil, newError("failed to read address type").Base(err) return nil, nil, newError("failed to read address type").Base(err)
} }
addrType := (buffer.Byte(0) & 0x0F) if !account.Cipher.IsAEAD() {
if (buffer.Byte(0) & 0x10) == 0x10 { if (buffer.Byte(0) & 0x10) == 0x10 {
request.Option.Set(RequestOptionOneTimeAuth) request.Option.Set(RequestOptionOneTimeAuth)
} }
if request.Option.Has(RequestOptionOneTimeAuth) && (account.OneTimeAuth == Account_Disabled || account.Cipher.IsAEAD()) { if request.Option.Has(RequestOptionOneTimeAuth) && account.OneTimeAuth == Account_Disabled {
return nil, nil, newError("rejecting connection with OTA enabled, while server disables OTA") return nil, nil, newError("rejecting connection with OTA enabled, while server disables OTA")
} }
if !account.Cipher.IsAEAD() && !request.Option.Has(RequestOptionOneTimeAuth) && account.OneTimeAuth == Account_Enabled { if !request.Option.Has(RequestOptionOneTimeAuth) && account.OneTimeAuth == Account_Enabled {
return nil, nil, newError("rejecting connection with OTA disabled, while server enables OTA") return nil, nil, newError("rejecting connection with OTA disabled, while server enables OTA")
} }
}
addrType := (buffer.Byte(0) & 0x0F)
switch addrType { switch addrType {
case AddrTypeIPv4: case AddrTypeIPv4:
if err := buffer.AppendSupplier(buf.ReadFullFrom(reader, 4)); err != nil { if err := buffer.AppendSupplier(buf.ReadFullFrom(reader, 4)); err != nil {