Remove length limit on short_id for reality TLS config

This commit is contained in:
世界 2023-03-13 13:34:11 +08:00
parent b004b9ec81
commit 70cf681ff2
No known key found for this signature in database
GPG key ID: CD109927C34A63C4
4 changed files with 14 additions and 13 deletions

View file

@ -42,7 +42,7 @@ var _ ConfigCompat = (*RealityClientConfig)(nil)
type RealityClientConfig struct { type RealityClientConfig struct {
uClient *UTLSClientConfig uClient *UTLSClientConfig
publicKey []byte publicKey []byte
shortID []byte shortID [8]byte
} }
func NewRealityClient(router adapter.Router, serverAddress string, options option.OutboundTLSOptions) (*RealityClientConfig, error) { func NewRealityClient(router adapter.Router, serverAddress string, options option.OutboundTLSOptions) (*RealityClientConfig, error) {
@ -62,11 +62,12 @@ func NewRealityClient(router adapter.Router, serverAddress string, options optio
if len(publicKey) != 32 { if len(publicKey) != 32 {
return nil, E.New("invalid public_key") return nil, E.New("invalid public_key")
} }
shortID, err := hex.DecodeString(options.Reality.ShortID) var shortID [8]byte
decodedLen, err := hex.Decode(shortID[:], []byte(options.Reality.ShortID))
if err != nil { if err != nil {
return nil, E.Cause(err, "decode short_id") return nil, E.Cause(err, "decode short_id")
} }
if len(shortID) != 8 { if decodedLen > 8 {
return nil, E.New("invalid short_id") return nil, E.New("invalid short_id")
} }
return &RealityClientConfig{uClient, publicKey, shortID}, nil return &RealityClientConfig{uClient, publicKey, shortID}, nil
@ -125,7 +126,7 @@ func (e *RealityClientConfig) ClientHandshake(ctx context.Context, conn net.Conn
hello.SessionId[0] = 1 hello.SessionId[0] = 1
hello.SessionId[1] = 7 hello.SessionId[1] = 7
hello.SessionId[2] = 5 hello.SessionId[2] = 5
copy(hello.SessionId[8:], e.shortID) copy(hello.SessionId[8:], e.shortID[:])
if debug.Enabled { if debug.Enabled {
fmt.Printf("REALITY hello.sessionId[:16]: %v\n", hello.SessionId[:16]) fmt.Printf("REALITY hello.sessionId[:16]: %v\n", hello.SessionId[:16])

View file

@ -89,16 +89,16 @@ func NewRealityServer(ctx context.Context, router adapter.Router, logger log.Log
tlsConfig.MaxTimeDiff = time.Duration(options.Reality.MaxTimeDifference) tlsConfig.MaxTimeDiff = time.Duration(options.Reality.MaxTimeDifference)
tlsConfig.ShortIds = make(map[[8]byte]bool) tlsConfig.ShortIds = make(map[[8]byte]bool)
for i, shortID := range options.Reality.ShortID { for i, shortIDString := range options.Reality.ShortID {
var shortIDBytesArray [8]byte var shortID [8]byte
decodedLen, err := hex.Decode(shortIDBytesArray[:], []byte(shortID)) decodedLen, err := hex.Decode(shortID[:], []byte(shortIDString))
if err != nil { if err != nil {
return nil, E.Cause(err, "decode short_id[", i, "]: ", shortID) return nil, E.Cause(err, "decode short_id[", i, "]: ", shortIDString)
} }
if decodedLen != 8 { if decodedLen > 8 {
return nil, E.New("invalid short_id[", i, "]: ", shortID) return nil, E.New("invalid short_id[", i, "]: ", shortIDString)
} }
tlsConfig.ShortIds[shortIDBytesArray] = true tlsConfig.ShortIds[shortID] = true
} }
handshakeDialer := dialer.New(router, options.Reality.Handshake.DialerOptions) handshakeDialer := dialer.New(router, options.Reality.Handshake.DialerOptions)

View file

@ -333,7 +333,7 @@ Public key, generated by `sing-box generate reality-keypair`.
==Required== ==Required==
A 8-bit hex string. A hexadecimal string with zero to eight digits.
#### max_time_difference #### max_time_difference

View file

@ -329,7 +329,7 @@ MAC 密钥。
==必填== ==必填==
一个八位十六进制字符串。 一个零到八位十六进制字符串。
#### max_time_difference #### max_time_difference