other_mirrors/Xray-core
1
0
Fork 0
mirror of https://github.com/XTLS/Xray-core.git synced 2025-03-20 22:43:33 +02:00
Code Issues Projects Releases Packages Wiki Activity

Insert padding with empty content to camouflage VLESS header ()

Browse source 
This only affects the Vision client for protocols expecting server to send data first.
The change is compatible with existing version of Vision server.
This commit is contained in:
yuhan6665 2023-02-06 01:45:09 -05:00 committed by GitHub
parent 00c9576118
commit c3faa8b7ac
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 22 additions and 9 deletions
proxy/vless
encoding
encoding.go
outbound
outbound.go

18
proxy/vless/encoding/encoding.go
View file

@ -506,25 +506,31 @@ func ReshapeMultiBuffer(ctx context.Context, buffer buf.MultiBuffer) buf.MultiBu
// XtlsPadding add padding to eliminate length siganature during tls handshake // XtlsPadding add padding to eliminate length siganature during tls handshake
func XtlsPadding(b *buf.Buffer, command byte, userUUID *[]byte, ctx context.Context) *buf.Buffer { func XtlsPadding(b *buf.Buffer, command byte, userUUID *[]byte, ctx context.Context) *buf.Buffer {
var length int32 = 0 var contantLen int32 = 0
if b.Len() < 900 { var paddingLen int32 = 0
if b != nil {
contantLen = b.Len()
}
if contantLen < 900 {
l, err := rand.Int(rand.Reader, big.NewInt(500)) l, err := rand.Int(rand.Reader, big.NewInt(500))
if err != nil { if err != nil {
newError("failed to generate padding").Base(err).WriteToLog(session.ExportIDToError(ctx)) newError("failed to generate padding").Base(err).WriteToLog(session.ExportIDToError(ctx))
} }
length = int32(l.Int64()) + 900 - b.Len() paddingLen = int32(l.Int64()) + 900 - contantLen
} }
newbuffer := buf.New() newbuffer := buf.New()
if userUUID != nil { if userUUID != nil {
newbuffer.Write(*userUUID) newbuffer.Write(*userUUID)
*userUUID = nil *userUUID = nil
} }
newbuffer.Write([]byte{command, byte(b.Len() >> 8), byte(b.Len()), byte(length >> 8), byte(length)}) newbuffer.Write([]byte{command, byte(contantLen >> 8), byte(contantLen), byte(paddingLen >> 8), byte(paddingLen)})
if (b != nil) {
newbuffer.Write(b.Bytes()) newbuffer.Write(b.Bytes())
newbuffer.Extend(length)
newError("XtlsPadding ", b.Len(), " ", length, " ", command).WriteToLog(session.ExportIDToError(ctx))
b.Release() b.Release()
b = nil b = nil
}
newbuffer.Extend(paddingLen)
newError("XtlsPadding ", contantLen, " ", paddingLen, " ", command).WriteToLog(session.ExportIDToError(ctx))
return newbuffer return newbuffer
} }

7
proxy/vless/outbound/outbound.go
View file

@ -249,6 +249,13 @@ func (h *Handler) Process(ctx context.Context, link *transport.Link, dialer inte
} }
} else if err1 != buf.ErrReadTimeout { } else if err1 != buf.ErrReadTimeout {
return err1 return err1
} else if requestAddons.Flow == vless.XRV {
mb := make(buf.MultiBuffer, 1)
mb[0] = encoding.XtlsPadding(nil, 0x01, &userUUID, ctx) // it must not be tls so padding finish with it (command 1)
newError("Insert padding with empty content to camouflage VLESS header ", mb.Len()).WriteToLog(session.ExportIDToError(ctx))
if err := serverWriter.WriteMultiBuffer(mb); err != nil {
return err
}
} }
} else { } else {
newError("Reader is not timeout reader, will send out vless header separately from first payload").AtDebug().WriteToLog(session.ExportIDToError(ctx)) newError("Reader is not timeout reader, will send out vless header separately from first payload").AtDebug().WriteToLog(session.ExportIDToError(ctx))