From 70cf681ff280bc4ced593bce7005bea60c583454 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E4=B8=96=E7=95=8C?= Date: Mon, 13 Mar 2023 13:34:11 +0800 Subject: [PATCH] Remove length limit on short_id for reality TLS config --- common/tls/reality_client.go | 9 +++++---- common/tls/reality_server.go | 14 +++++++------- docs/configuration/shared/tls.md | 2 +- docs/configuration/shared/tls.zh.md | 2 +- 4 files changed, 14 insertions(+), 13 deletions(-) diff --git a/common/tls/reality_client.go b/common/tls/reality_client.go index f9c17fcf..436351cd 100644 --- a/common/tls/reality_client.go +++ b/common/tls/reality_client.go @@ -42,7 +42,7 @@ var _ ConfigCompat = (*RealityClientConfig)(nil) type RealityClientConfig struct { uClient *UTLSClientConfig publicKey []byte - shortID []byte + shortID [8]byte } func NewRealityClient(router adapter.Router, serverAddress string, options option.OutboundTLSOptions) (*RealityClientConfig, error) { @@ -62,11 +62,12 @@ func NewRealityClient(router adapter.Router, serverAddress string, options optio if len(publicKey) != 32 { return nil, E.New("invalid public_key") } - shortID, err := hex.DecodeString(options.Reality.ShortID) + var shortID [8]byte + decodedLen, err := hex.Decode(shortID[:], []byte(options.Reality.ShortID)) if err != nil { return nil, E.Cause(err, "decode short_id") } - if len(shortID) != 8 { + if decodedLen > 8 { return nil, E.New("invalid short_id") } return &RealityClientConfig{uClient, publicKey, shortID}, nil @@ -125,7 +126,7 @@ func (e *RealityClientConfig) ClientHandshake(ctx context.Context, conn net.Conn hello.SessionId[0] = 1 hello.SessionId[1] = 7 hello.SessionId[2] = 5 - copy(hello.SessionId[8:], e.shortID) + copy(hello.SessionId[8:], e.shortID[:]) if debug.Enabled { fmt.Printf("REALITY hello.sessionId[:16]: %v\n", hello.SessionId[:16]) diff --git a/common/tls/reality_server.go b/common/tls/reality_server.go index 1724f1cc..0cd339c9 100644 --- a/common/tls/reality_server.go +++ b/common/tls/reality_server.go @@ -89,16 +89,16 @@ func NewRealityServer(ctx context.Context, router adapter.Router, logger log.Log tlsConfig.MaxTimeDiff = time.Duration(options.Reality.MaxTimeDifference) tlsConfig.ShortIds = make(map[[8]byte]bool) - for i, shortID := range options.Reality.ShortID { - var shortIDBytesArray [8]byte - decodedLen, err := hex.Decode(shortIDBytesArray[:], []byte(shortID)) + for i, shortIDString := range options.Reality.ShortID { + var shortID [8]byte + decodedLen, err := hex.Decode(shortID[:], []byte(shortIDString)) if err != nil { - return nil, E.Cause(err, "decode short_id[", i, "]: ", shortID) + return nil, E.Cause(err, "decode short_id[", i, "]: ", shortIDString) } - if decodedLen != 8 { - return nil, E.New("invalid short_id[", i, "]: ", shortID) + if decodedLen > 8 { + return nil, E.New("invalid short_id[", i, "]: ", shortIDString) } - tlsConfig.ShortIds[shortIDBytesArray] = true + tlsConfig.ShortIds[shortID] = true } handshakeDialer := dialer.New(router, options.Reality.Handshake.DialerOptions) diff --git a/docs/configuration/shared/tls.md b/docs/configuration/shared/tls.md index 00f50b13..7b39a045 100644 --- a/docs/configuration/shared/tls.md +++ b/docs/configuration/shared/tls.md @@ -333,7 +333,7 @@ Public key, generated by `sing-box generate reality-keypair`. ==Required== -A 8-bit hex string. +A hexadecimal string with zero to eight digits. #### max_time_difference diff --git a/docs/configuration/shared/tls.zh.md b/docs/configuration/shared/tls.zh.md index 5f8c2721..21620c49 100644 --- a/docs/configuration/shared/tls.zh.md +++ b/docs/configuration/shared/tls.zh.md @@ -329,7 +329,7 @@ MAC 密钥。 ==必填== -一个八位十六进制的字符串。 +一个零到八位的十六进制字符串。 #### max_time_difference