github
/
v2ray-core
mirror of https://github.com/v2ray/v2ray-core
1
0
Fork 0
Code Issues Releases Wiki Activity

Detailed AEAD Auth Error

pull/2561/head
Shelikhoo 2020-06-06 18:57:49 +08:00
parent 9bf07b1f26
commit 6007e4cc6f
No known key found for this signature in database
GPG Key ID: C4D5E79D22B25316
3 changed files with 10 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
proxy/vmess/aead/authid.go
View File

@ -90,7 +90,7 @@ func (a *AuthIDDecoderHolder) RemoveUser(key [16]byte) {
func (a *AuthIDDecoderHolder) Match(AuthID [16]byte) (interface{}, error) { func (a *AuthIDDecoderHolder) Match(AuthID [16]byte) (interface{}, error) {
if !a.apw.Check(AuthID[:]) { if !a.apw.Check(AuthID[:]) {
return nil, errReplay return nil, ErrReplay
} }
for _, v := range a.aidhi { for _, v := range a.aidhi {
@ -106,9 +106,9 @@ func (a *AuthIDDecoderHolder) Match(AuthID [16]byte) (interface{}, error) {
return v.ticket, nil return v.ticket, nil
} }
return nil, errNotFound return nil, ErrNotFound
} }
var errNotFound = errors.New("user do not exist") var ErrNotFound = errors.New("user do not exist")
var errReplay = errors.New("replayed request") var ErrReplay = errors.New("replayed request")

6
proxy/vmess/encoding/server.go
View File

@ -165,7 +165,7 @@ func (s *ServerSession) DecodeRequestHeader(reader io.Reader) (*protocol.Request
var decryptor io.Reader var decryptor io.Reader
var vmessAccount *vmess.MemoryAccount var vmessAccount *vmess.MemoryAccount
user, foundAEAD := s.userValidator.GetAEAD(buffer.Bytes()) user, foundAEAD, errorAEAD := s.userValidator.GetAEAD(buffer.Bytes())
var fixedSizeAuthID [16]byte var fixedSizeAuthID [16]byte
copy(fixedSizeAuthID[:], buffer.Bytes()) copy(fixedSizeAuthID[:], buffer.Bytes())
@ -185,7 +185,7 @@ func (s *ServerSession) DecodeRequestHeader(reader io.Reader) (*protocol.Request
} }
decryptor = bytes.NewReader(aeadData) decryptor = bytes.NewReader(aeadData)
s.isAEADRequest = true s.isAEADRequest = true
} else if !s.isAEADForced { } else if !s.isAEADForced && errorAEAD == vmessaead.ErrNotFound {
userLegacy, timestamp, valid, userValidationError := s.userValidator.Get(buffer.Bytes()) userLegacy, timestamp, valid, userValidationError := s.userValidator.Get(buffer.Bytes())
if !valid || userValidationError != nil { if !valid || userValidationError != nil {
return nil, drainConnection(newError("invalid user").Base(userValidationError)) return nil, drainConnection(newError("invalid user").Base(userValidationError))
@ -197,7 +197,7 @@ func (s *ServerSession) DecodeRequestHeader(reader io.Reader) (*protocol.Request
aesStream := crypto.NewAesDecryptionStream(vmessAccount.ID.CmdKey(), iv[:]) aesStream := crypto.NewAesDecryptionStream(vmessAccount.ID.CmdKey(), iv[:])
decryptor = crypto.NewCryptionReader(aesStream, reader) decryptor = crypto.NewCryptionReader(aesStream, reader)
} else { } else {
return nil, drainConnection(newError("invalid user")) return nil, drainConnection(newError("invalid user").Base(errorAEAD))
} }
readSizeRemain -= int(buffer.Len()) readSizeRemain -= int(buffer.Len())

6
proxy/vmess/validator.go
View File

@ -168,7 +168,7 @@ func (v *TimedUserValidator) Get(userHash []byte) (*protocol.MemoryUser, protoco
return nil, 0, false, ErrNotFound return nil, 0, false, ErrNotFound
} }
func (v *TimedUserValidator) GetAEAD(userHash []byte) (*protocol.MemoryUser, bool) { func (v *TimedUserValidator) GetAEAD(userHash []byte) (*protocol.MemoryUser, bool, error) {
defer v.RUnlock() defer v.RUnlock()
v.RLock() v.RLock()
var userHashFL [16]byte var userHashFL [16]byte
@ -176,9 +176,9 @@ func (v *TimedUserValidator) GetAEAD(userHash []byte) (*protocol.MemoryUser, boo
userd, err := v.aeadDecoderHolder.Match(userHashFL) userd, err := v.aeadDecoderHolder.Match(userHashFL)
if err != nil { if err != nil {
return nil, false return nil, false, err
} }
return userd.(*protocol.MemoryUser), true return userd.(*protocol.MemoryUser), true, err
} }
func (v *TimedUserValidator) Remove(email string) bool { func (v *TimedUserValidator) Remove(email string) bool {