mirror of
https://github.com/XTLS/Xray-core.git
synced 2024-11-26 10:31:27 +00:00
Fix xtls vision issue with big server hello
This commit is contained in:
parent
34b3f0204a
commit
494a10971b
|
@ -406,7 +406,7 @@ func XtlsFilterTls(buffer buf.MultiBuffer, numberOfPacketToFilter *int, enableXt
|
||||||
startsBytes := b.BytesTo(6)
|
startsBytes := b.BytesTo(6)
|
||||||
if bytes.Equal(tlsServerHandShakeStart, startsBytes[:3]) && startsBytes[5] == 0x02 {
|
if bytes.Equal(tlsServerHandShakeStart, startsBytes[:3]) && startsBytes[5] == 0x02 {
|
||||||
total := (int(startsBytes[3])<<8 | int(startsBytes[4])) + 5
|
total := (int(startsBytes[3])<<8 | int(startsBytes[4])) + 5
|
||||||
if b.Len() >= int32(total) && total >= 74 {
|
if b.Len() >= 74 && total >= 74 {
|
||||||
if bytes.Contains(b.BytesTo(int32(total)), tls13SupportedVersions) {
|
if bytes.Contains(b.BytesTo(int32(total)), tls13SupportedVersions) {
|
||||||
sessionIdLen := int32(b.Byte(43))
|
sessionIdLen := int32(b.Byte(43))
|
||||||
cipherSuite := b.BytesRange(43 + sessionIdLen + 1, 43 + sessionIdLen + 3)
|
cipherSuite := b.BytesRange(43 + sessionIdLen + 1, 43 + sessionIdLen + 3)
|
||||||
|
@ -417,22 +417,24 @@ func XtlsFilterTls(buffer buf.MultiBuffer, numberOfPacketToFilter *int, enableXt
|
||||||
} else if (v != "TLS_AES_128_CCM_8_SHA256") {
|
} else if (v != "TLS_AES_128_CCM_8_SHA256") {
|
||||||
*enableXtls = true
|
*enableXtls = true
|
||||||
}
|
}
|
||||||
newError("XtlsFilterTls13 found tls 1.3! ", buffer.Len(), " ", v).WriteToLog(session.ExportIDToError(ctx))
|
newError("XtlsFilterTls found tls 1.3! ", buffer.Len(), " ", v).WriteToLog(session.ExportIDToError(ctx))
|
||||||
} else {
|
} else {
|
||||||
newError("XtlsFilterTls13 found tls 1.2! ", buffer.Len()).WriteToLog(session.ExportIDToError(ctx))
|
newError("XtlsFilterTls found tls 1.2! ", buffer.Len()).WriteToLog(session.ExportIDToError(ctx))
|
||||||
}
|
}
|
||||||
*isTLS12orAbove = true
|
*isTLS12orAbove = true
|
||||||
*isTLS = true
|
*isTLS = true
|
||||||
*numberOfPacketToFilter = 0
|
*numberOfPacketToFilter = 0
|
||||||
return
|
return
|
||||||
|
} else {
|
||||||
|
newError("XtlsFilterTls short server hello, tls 1.2 or older? ", b.Len(), " ", total).WriteToLog(session.ExportIDToError(ctx))
|
||||||
}
|
}
|
||||||
} else if bytes.Equal(tlsClientHandShakeStart, startsBytes[:2]) && startsBytes[5] == 0x01 {
|
} else if bytes.Equal(tlsClientHandShakeStart, startsBytes[:2]) && startsBytes[5] == 0x01 {
|
||||||
*isTLS = true
|
*isTLS = true
|
||||||
newError("XtlsFilterTls13 found tls client hello! ", buffer.Len()).WriteToLog(session.ExportIDToError(ctx))
|
newError("XtlsFilterTls found tls client hello! ", buffer.Len()).WriteToLog(session.ExportIDToError(ctx))
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
if *numberOfPacketToFilter <= 0 {
|
if *numberOfPacketToFilter <= 0 {
|
||||||
newError("XtlsFilterTls13 stop filtering", buffer.Len()).WriteToLog(session.ExportIDToError(ctx))
|
newError("XtlsFilterTls stop filtering", buffer.Len()).WriteToLog(session.ExportIDToError(ctx))
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue