feat: enforcing VMessAEAD via environment variable (#334)

This commit is contained in:
秋のかえで 2021-03-05 16:41:51 +08:00 committed by GitHub
parent 1dae2c5636
commit 6380abca73
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 16 additions and 0 deletions

View file

@ -118,6 +118,11 @@ func NewServerSession(validator *vmess.TimedUserValidator, sessionHistory *Sessi
}
}
// SetAEADForced sets isAEADForced for a ServerSession.
func (s *ServerSession) SetAEADForced(isAEADForced bool) {
s.isAEADForced = isAEADForced
}
func parseSecurityType(b byte) protocol.SecurityType {
if _, f := protocol.SecurityType_name[int32(b)]; f {
st := protocol.SecurityType(b)

View file

@ -14,6 +14,7 @@ import (
"github.com/xtls/xray-core/common/errors"
"github.com/xtls/xray-core/common/log"
"github.com/xtls/xray-core/common/net"
"github.com/xtls/xray-core/common/platform"
"github.com/xtls/xray-core/common/protocol"
"github.com/xtls/xray-core/common/session"
"github.com/xtls/xray-core/common/signal"
@ -28,6 +29,10 @@ import (
"github.com/xtls/xray-core/transport/internet"
)
var (
aeadForced = false
)
type userByEmail struct {
sync.Mutex
cache map[string]*protocol.MemoryUser
@ -231,6 +236,7 @@ func (h *Handler) Process(ctx context.Context, network net.Network, connection i
reader := &buf.BufferedReader{Reader: buf.NewReader(connection)}
svrSession := encoding.NewServerSession(h.clients, h.sessionHistory)
svrSession.SetAEADForced(aeadForced)
request, err := svrSession.DecodeRequestHeader(reader, isDrain)
if err != nil {
if errors.Cause(err) != io.EOF {
@ -361,4 +367,9 @@ func init() {
common.Must(common.RegisterConfig((*Config)(nil), func(ctx context.Context, config interface{}) (interface{}, error) {
return New(ctx, config.(*Config))
}))
const defaultFlagValue = "NOT_DEFINED_AT_ALL"
isAeadForced := platform.NewEnvFlag("xray.vmess.aead.forced").GetValue(func() string { return defaultFlagValue })
aeadForced = (isAeadForced == "true")
}