Salamander finalmask: Support packetSize (Gecko in Hysteria v2.9.2) (#6198)

And some other refinements

https://github.com/XTLS/Xray-core/pull/6198#issuecomment-4567438813

Example: https://github.com/XTLS/Xray-core/pull/6198#issue-4522226670
This commit is contained in:
LjhAUMEM
2026-05-29 16:36:45 +08:00
committed by RPRX
parent 36303694d1
commit 66a8100737
17 changed files with 587 additions and 361 deletions
+56 -53
View File
@@ -3,9 +3,8 @@ package finalmask
import (
"context"
"net"
"sync"
"github.com/xtls/xray-core/common/bytespool"
"github.com/xtls/xray-core/common/buf"
"github.com/xtls/xray-core/common/errors"
)
@@ -105,61 +104,60 @@ type headerSize interface {
}
type headerManagerConn struct {
sync.Mutex
net.PacketConn
sizes []int
conns []net.PacketConn
writeBuf [UDPSize]byte
sizes []int
conns []net.PacketConn
}
func (c *headerManagerConn) ReadFrom(p []byte) (n int, addr net.Addr, err error) {
buf := p
if len(buf) < UDPSize {
b := bytespool.Alloc(UDPSize)
b = b[:UDPSize]
defer bytespool.Free(b)
buf = b
b := p
if len(b) < UDPSize {
buf := buf.New()
buf.Resize(0, UDPSize)
b = buf.Bytes()
defer buf.Release()
}
n, addr, err = c.PacketConn.ReadFrom(buf)
if n == 0 || err != nil {
return 0, addr, err
}
newBuf := buf[:n]
sum := 0
for _, size := range c.sizes {
sum += size
}
if n < sum {
errors.LogDebug(context.Background(), addr, " mask read err short length")
return 0, addr, nil
}
for i := range c.conns {
n, _, err = c.conns[i].ReadFrom(newBuf)
if n == 0 || err != nil {
errors.LogDebug(context.Background(), addr, " mask read err ", err)
return 0, addr, nil
for {
n, addr, err = c.PacketConn.ReadFrom(b)
if err != nil {
return n, addr, err
}
newBuf = newBuf[c.sizes[i] : n+c.sizes[i]]
b = b[:n]
sum := 0
for _, size := range c.sizes {
sum += size
}
if n < sum {
errors.LogError(context.Background(), "[mask] drop packet from ", addr, " with size ", len(b))
continue
}
for i := range c.conns {
n, _, err = c.conns[i].ReadFrom(b)
if err != nil {
errors.LogErrorInner(context.Background(), err, "[mask] drop packet from ", addr, " with size ", len(b))
break
}
b = b[c.sizes[i] : n+c.sizes[i]]
}
if err != nil {
continue
}
return copy(p, b), addr, nil
}
if len(p) < n {
errors.LogDebug(context.Background(), addr, " mask read err short buffer")
return 0, addr, nil
}
copy(p, buf[sum:sum+n])
return n, addr, nil
}
func (c *headerManagerConn) WriteTo(p []byte, addr net.Addr) (n int, err error) {
c.Lock()
defer c.Unlock()
buf := buf.New()
buf.Resize(0, UDPSize)
b := buf.Bytes()
defer buf.Release()
sum := 0
for _, size := range c.sizes {
@@ -167,24 +165,29 @@ func (c *headerManagerConn) WriteTo(p []byte, addr net.Addr) (n int, err error)
}
if sum+len(p) > UDPSize {
errors.LogDebug(context.Background(), addr, " mask write err short write")
errors.LogError(context.Background(), "[mask] drop packet to ", addr, " with size ", len(p))
return 0, nil
}
n = copy(c.writeBuf[sum:], p)
n = copy(b[sum:], p)
for i := len(c.conns) - 1; i >= 0; i-- {
n, err = c.conns[i].WriteTo(c.writeBuf[sum-c.sizes[i]:n+sum], nil)
if n == 0 || err != nil {
errors.LogDebug(context.Background(), addr, " mask write err ", err)
n, err = c.conns[i].WriteTo(b[sum-c.sizes[i]:n+sum], nil)
if err != nil {
errors.LogErrorInner(context.Background(), err, "[mask] drop packet to ", addr, " with size ", len(p))
return 0, nil
}
sum -= c.sizes[i]
}
n, err = c.PacketConn.WriteTo(c.writeBuf[:n], addr)
if n == 0 || err != nil {
return n, err
if n > UDPSize {
errors.LogError(context.Background(), "[mask] drop packet to ", addr, " with size ", len(p))
return 0, nil
}
_, err = c.PacketConn.WriteTo(b[:n], addr)
if err != nil {
return 0, err
}
return len(p), nil
@@ -1,70 +0,0 @@
package aes128gcm_test
import (
"crypto/rand"
"crypto/sha256"
"testing"
"github.com/stretchr/testify/assert"
"github.com/xtls/xray-core/common/crypto"
)
func TestAes128GcmSealInPlace(t *testing.T) {
hashedPsk := sha256.Sum256([]byte("psk"))
aead := crypto.NewAesGcm(hashedPsk[:16])
text := []byte("0123456789012")
buf := make([]byte, 8192)
nonceSize := aead.NonceSize()
nonce := buf[:nonceSize]
rand.Read(nonce)
copy(buf[nonceSize:], text)
plaintext := buf[nonceSize : nonceSize+len(text)]
sealed := aead.Seal(nil, nonce, plaintext, nil)
_ = aead.Seal(plaintext[:0], nonce, plaintext, nil)
assert.Equal(t, sealed, buf[nonceSize:nonceSize+aead.Overhead()+len(text)])
}
func encrypted(plain []byte) ([]byte, []byte) {
hashedPsk := sha256.Sum256([]byte("psk"))
aead := crypto.NewAesGcm(hashedPsk[:16])
nonce := make([]byte, 12)
rand.Read(nonce)
return nonce, aead.Seal(nil, nonce, plain, nil)
}
func TestAes128GcmOpenInPlace(t *testing.T) {
a, b := encrypted([]byte("0123456789012"))
buf := make([]byte, 8192)
copy(buf, a)
copy(buf[len(a):], b)
hashedPsk := sha256.Sum256([]byte("psk"))
aead := crypto.NewAesGcm(hashedPsk[:16])
nonceSize := aead.NonceSize()
nonce := buf[:nonceSize]
ciphertext := buf[nonceSize : nonceSize+len(b)]
opened, _ := aead.Open(nil, nonce, ciphertext, nil)
_, _ = aead.Open(ciphertext[:0], nonce, ciphertext, nil)
assert.Equal(t, opened, ciphertext[:len(ciphertext)-aead.Overhead()])
}
func TestAes128GcmBounce(t *testing.T) {
hashedPsk := sha256.Sum256([]byte("psk"))
aead := crypto.NewAesGcm(hashedPsk[:16])
buf := make([]byte, aead.NonceSize()+aead.Overhead())
for i := 0; i < 1000; i++ {
_, _ = rand.Read(buf)
_, err := aead.Open(buf[aead.NonceSize():aead.NonceSize()], buf[:aead.NonceSize()], buf[aead.NonceSize():], nil)
assert.NotEqual(t, err, nil)
}
}
@@ -4,8 +4,9 @@ import (
"net"
)
func (c *Config) UDP() {
}
func (c *Config) UDP() {}
func (c *Config) HeaderConn() {}
func (c *Config) WrapPacketConnClient(raw net.PacketConn, level int, levelCount int) (net.PacketConn, error) {
return NewConnClient(c, raw)
@@ -14,6 +15,3 @@ func (c *Config) WrapPacketConnClient(raw net.PacketConn, level int, levelCount
func (c *Config) WrapPacketConnServer(raw net.PacketConn, level int, levelCount int) (net.PacketConn, error) {
return NewConnServer(c, raw)
}
func (c *Config) HeaderConn() {
}
@@ -8,8 +8,6 @@ import (
"github.com/xtls/xray-core/common"
"github.com/xtls/xray-core/common/crypto"
"github.com/xtls/xray-core/common/errors"
"github.com/xtls/xray-core/transport/internet/finalmask"
)
type aes128gcmConn struct {
@@ -19,13 +17,10 @@ type aes128gcmConn struct {
func NewConnClient(c *Config, raw net.PacketConn) (net.PacketConn, error) {
hashedPsk := sha256.Sum256([]byte(c.Password))
conn := &aes128gcmConn{
return &aes128gcmConn{
PacketConn: raw,
aead: crypto.NewAesGcm(hashedPsk[:16]),
}
return conn, nil
}, nil
}
func NewConnServer(c *Config, raw net.PacketConn) (net.PacketConn, error) {
@@ -37,31 +32,19 @@ func (c *aes128gcmConn) Size() int {
}
func (c *aes128gcmConn) ReadFrom(p []byte) (n int, addr net.Addr, err error) {
if len(p) < c.aead.NonceSize()+c.aead.Overhead() {
return 0, addr, errors.New("aead short lenth")
}
nonceSize := c.aead.NonceSize()
nonce := p[:nonceSize]
ciphertext := p[nonceSize:]
_, err = c.aead.Open(ciphertext[:0], nonce, ciphertext, nil)
overhead := c.aead.Overhead()
_, err = c.aead.Open(p[nonceSize:nonceSize], p[:nonceSize], p[nonceSize:], nil)
if err != nil {
return 0, addr, errors.New("aead open").Base(err)
return 0, nil, err
}
return len(p) - c.aead.NonceSize() - c.aead.Overhead(), addr, nil
return len(p) - nonceSize - overhead, nil, nil
}
func (c *aes128gcmConn) WriteTo(p []byte, addr net.Addr) (n int, err error) {
if c.aead.Overhead()+len(p) > finalmask.UDPSize {
return 0, errors.New("aead short write")
}
nonceSize := c.aead.NonceSize()
nonce := p[:nonceSize]
common.Must2(rand.Read(nonce))
plaintext := p[nonceSize:]
_ = c.aead.Seal(plaintext[:0], nonce, plaintext, nil)
return len(p) + c.aead.Overhead(), nil
overhead := c.aead.Overhead()
common.Must2(rand.Read(p[:nonceSize]))
_ = c.aead.Seal(p[nonceSize:nonceSize], p[:nonceSize], p[nonceSize:], nil)
return len(p) + overhead, nil
}
@@ -4,8 +4,9 @@ import (
"net"
)
func (c *Config) UDP() {
}
func (c *Config) UDP() {}
func (c *Config) HeaderConn() {}
func (c *Config) WrapPacketConnClient(raw net.PacketConn, level int, levelCount int) (net.PacketConn, error) {
return NewConnClient(c, raw)
@@ -14,6 +15,3 @@ func (c *Config) WrapPacketConnClient(raw net.PacketConn, level int, levelCount
func (c *Config) WrapPacketConnServer(raw net.PacketConn, level int, levelCount int) (net.PacketConn, error) {
return NewConnServer(c, raw)
}
func (c *Config) HeaderConn() {
}
@@ -77,12 +77,10 @@ type simpleConn struct {
}
func NewConnClient(c *Config, raw net.PacketConn) (net.PacketConn, error) {
conn := &simpleConn{
return &simpleConn{
PacketConn: raw,
aead: &simple{},
}
return conn, nil
}, nil
}
func NewConnServer(c *Config, raw net.PacketConn) (net.PacketConn, error) {
@@ -96,14 +94,12 @@ func (c *simpleConn) Size() int {
func (c *simpleConn) ReadFrom(p []byte) (n int, addr net.Addr, err error) {
_, err = c.aead.Open(p[:0], nil, p, nil)
if err != nil {
return 0, addr, errors.New("aead open").Base(err)
return 0, nil, err
}
return len(p) - c.aead.Overhead(), addr, nil
return len(p) - c.aead.Overhead(), nil, nil
}
func (c *simpleConn) WriteTo(p []byte, addr net.Addr) (n int, err error) {
_ = c.aead.Seal(p[:0], nil, p[c.aead.Overhead():], nil)
return len(p), nil
}
@@ -1,35 +0,0 @@
package original_test
import (
"crypto/rand"
"testing"
"github.com/stretchr/testify/assert"
"github.com/xtls/xray-core/transport/internet/finalmask/mkcp/original"
)
func TestSimpleSealInPlace(t *testing.T) {
aead := original.NewSimple()
text := []byte("0123456789012")
buf := make([]byte, 8192)
copy(buf[aead.Overhead():], text)
plaintext := buf[aead.Overhead() : aead.Overhead()+len(text)]
sealed := aead.Seal(nil, nil, plaintext, nil)
_ = aead.Seal(buf[:0], nil, plaintext, nil)
assert.Equal(t, sealed, buf[:aead.Overhead()+len(text)])
}
func TestOriginalBounce(t *testing.T) {
aead := original.NewSimple()
buf := make([]byte, aead.NonceSize()+aead.Overhead())
for i := 0; i < 1000; i++ {
_, _ = rand.Read(buf)
_, err := aead.Open(buf[:0], nil, buf, nil)
assert.NotEqual(t, err, nil)
}
}
@@ -4,16 +4,24 @@ import (
"net"
)
func (c *Config) UDP() {
}
func (c *Config) UDP() {}
func (c *Config) HeaderConn() {}
func (c *Config) WrapPacketConnClient(raw net.PacketConn, level int, levelCount int) (net.PacketConn, error) {
return NewConnClient(c, raw)
return NewSalamanderConnClient(c, raw)
}
func (c *Config) WrapPacketConnServer(raw net.PacketConn, level int, levelCount int) (net.PacketConn, error) {
return NewConnServer(c, raw)
return NewSalamanderConnServer(c, raw)
}
func (c *Config) HeaderConn() {
func (c *GeckoConfig) UDP() {}
func (c *GeckoConfig) WrapPacketConnClient(raw net.PacketConn, level int, levelCount int) (net.PacketConn, error) {
return NewGeckoConnClient(c, raw)
}
func (c *GeckoConfig) WrapPacketConnServer(raw net.PacketConn, level int, levelCount int) (net.PacketConn, error) {
return NewGeckoConnServer(c, raw)
}
@@ -65,13 +65,77 @@ func (x *Config) GetPassword() string {
return ""
}
type GeckoConfig struct {
state protoimpl.MessageState `protogen:"open.v1"`
Password string `protobuf:"bytes,1,opt,name=password,proto3" json:"password,omitempty"`
MinPacketSize int32 `protobuf:"varint,2,opt,name=MinPacketSize,proto3" json:"MinPacketSize,omitempty"`
MaxPacketSize int32 `protobuf:"varint,3,opt,name=MaxPacketSize,proto3" json:"MaxPacketSize,omitempty"`
unknownFields protoimpl.UnknownFields
sizeCache protoimpl.SizeCache
}
func (x *GeckoConfig) Reset() {
*x = GeckoConfig{}
mi := &file_transport_internet_finalmask_salamander_config_proto_msgTypes[1]
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
ms.StoreMessageInfo(mi)
}
func (x *GeckoConfig) String() string {
return protoimpl.X.MessageStringOf(x)
}
func (*GeckoConfig) ProtoMessage() {}
func (x *GeckoConfig) ProtoReflect() protoreflect.Message {
mi := &file_transport_internet_finalmask_salamander_config_proto_msgTypes[1]
if x != nil {
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
if ms.LoadMessageInfo() == nil {
ms.StoreMessageInfo(mi)
}
return ms
}
return mi.MessageOf(x)
}
// Deprecated: Use GeckoConfig.ProtoReflect.Descriptor instead.
func (*GeckoConfig) Descriptor() ([]byte, []int) {
return file_transport_internet_finalmask_salamander_config_proto_rawDescGZIP(), []int{1}
}
func (x *GeckoConfig) GetPassword() string {
if x != nil {
return x.Password
}
return ""
}
func (x *GeckoConfig) GetMinPacketSize() int32 {
if x != nil {
return x.MinPacketSize
}
return 0
}
func (x *GeckoConfig) GetMaxPacketSize() int32 {
if x != nil {
return x.MaxPacketSize
}
return 0
}
var File_transport_internet_finalmask_salamander_config_proto protoreflect.FileDescriptor
const file_transport_internet_finalmask_salamander_config_proto_rawDesc = "" +
"\n" +
"4transport/internet/finalmask/salamander/config.proto\x12,xray.transport.internet.finalmask.salamander\"$\n" +
"\x06Config\x12\x1a\n" +
"\bpassword\x18\x01 \x01(\tR\bpasswordB\xa6\x01\n" +
"\bpassword\x18\x01 \x01(\tR\bpassword\"u\n" +
"\vGeckoConfig\x12\x1a\n" +
"\bpassword\x18\x01 \x01(\tR\bpassword\x12$\n" +
"\rMinPacketSize\x18\x02 \x01(\x05R\rMinPacketSize\x12$\n" +
"\rMaxPacketSize\x18\x03 \x01(\x05R\rMaxPacketSizeB\xa6\x01\n" +
"0com.xray.transport.internet.finalmask.salamanderP\x01ZAgithub.com/xtls/xray-core/transport/internet/finalmask/salamander\xaa\x02,Xray.Transport.Internet.Finalmask.Salamanderb\x06proto3"
var (
@@ -86,9 +150,10 @@ func file_transport_internet_finalmask_salamander_config_proto_rawDescGZIP() []b
return file_transport_internet_finalmask_salamander_config_proto_rawDescData
}
var file_transport_internet_finalmask_salamander_config_proto_msgTypes = make([]protoimpl.MessageInfo, 1)
var file_transport_internet_finalmask_salamander_config_proto_msgTypes = make([]protoimpl.MessageInfo, 2)
var file_transport_internet_finalmask_salamander_config_proto_goTypes = []any{
(*Config)(nil), // 0: xray.transport.internet.finalmask.salamander.Config
(*Config)(nil), // 0: xray.transport.internet.finalmask.salamander.Config
(*GeckoConfig)(nil), // 1: xray.transport.internet.finalmask.salamander.GeckoConfig
}
var file_transport_internet_finalmask_salamander_config_proto_depIdxs = []int32{
0, // [0:0] is the sub-list for method output_type
@@ -109,7 +174,7 @@ func file_transport_internet_finalmask_salamander_config_proto_init() {
GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
RawDescriptor: unsafe.Slice(unsafe.StringData(file_transport_internet_finalmask_salamander_config_proto_rawDesc), len(file_transport_internet_finalmask_salamander_config_proto_rawDesc)),
NumEnums: 0,
NumMessages: 1,
NumMessages: 2,
NumExtensions: 0,
NumServices: 0,
},
@@ -10,3 +10,8 @@ message Config {
string password = 1;
}
message GeckoConfig {
string password = 1;
int32 MinPacketSize = 2;
int32 MaxPacketSize = 3;
}
+308 -13
View File
@@ -1,9 +1,16 @@
package salamander
import (
"crypto/rand"
"encoding/binary"
"errors"
"net"
"sync"
"sync/atomic"
"time"
"github.com/xtls/xray-core/common/errors"
"github.com/xtls/xray-core/common/buf"
"github.com/xtls/xray-core/transport/internet/finalmask"
)
type salamanderConn struct {
@@ -11,22 +18,19 @@ type salamanderConn struct {
obfs *SalamanderObfuscator
}
func NewConnClient(c *Config, raw net.PacketConn) (net.PacketConn, error) {
func NewSalamanderConnClient(c *Config, raw net.PacketConn) (net.PacketConn, error) {
ob, err := NewSalamanderObfuscator([]byte(c.Password))
if err != nil {
return nil, errors.New("salamander err").Base(err)
return nil, err
}
conn := &salamanderConn{
return &salamanderConn{
PacketConn: raw,
obfs: ob,
}
return conn, nil
}, nil
}
func NewConnServer(c *Config, raw net.PacketConn) (net.PacketConn, error) {
return NewConnClient(c, raw)
func NewSalamanderConnServer(c *Config, raw net.PacketConn) (net.PacketConn, error) {
return NewSalamanderConnClient(c, raw)
}
func (c *salamanderConn) Size() int {
@@ -35,12 +39,303 @@ func (c *salamanderConn) Size() int {
func (c *salamanderConn) ReadFrom(p []byte) (n int, addr net.Addr, err error) {
c.obfs.Deobfuscate(p, p[smSaltLen:])
return len(p) - smSaltLen, addr, nil
return len(p) - smSaltLen, nil, nil
}
func (c *salamanderConn) WriteTo(p []byte, addr net.Addr) (n int, err error) {
c.obfs.Obfuscate(p[smSaltLen:], p)
return len(p), nil
}
const (
geckoReassemblyTTL = 8 * time.Second
geckoMaxReassembly = 4096
geckoMaxPerSource = 8
geckoBufferSize = 2048
geckoDefaultMinPacket = 512
geckoDefaultMaxPacket = 1200
)
type reassemblyKey struct {
addr string
msgID uint8
}
type reassemblyEntry struct {
chunks [][]byte
received int
total uint8
deadline time.Time
}
type geckoConn struct {
net.PacketConn
obfs *SalamanderObfuscator
minPkt, maxPkt int
msgID atomic.Uint32
mu sync.Mutex
reassembly map[reassemblyKey]*reassemblyEntry
perSource map[string]int
closeCh chan struct{}
closeOnce sync.Once
}
func NewGeckoConnClient(c *GeckoConfig, raw net.PacketConn) (net.PacketConn, error) {
ob, err := NewSalamanderObfuscator([]byte(c.Password))
if err != nil {
return nil, err
}
minPkt, maxPkt := c.MinPacketSize, c.MaxPacketSize
if minPkt == 0 {
minPkt = geckoDefaultMinPacket
}
if maxPkt == 0 {
maxPkt = geckoDefaultMaxPacket
}
if minPkt <= 0 || minPkt > maxPkt || maxPkt > geckoBufferSize {
return nil, errors.New("gecko: invalid min/max packet size")
}
g := &geckoConn{
PacketConn: raw,
obfs: ob,
minPkt: int(minPkt),
maxPkt: int(maxPkt),
reassembly: make(map[reassemblyKey]*reassemblyEntry),
perSource: make(map[string]int),
closeCh: make(chan struct{}),
}
go g.gcLoop()
return g, nil
}
func NewGeckoConnServer(c *GeckoConfig, raw net.PacketConn) (net.PacketConn, error) {
return NewGeckoConnClient(c, raw)
}
func (c *geckoConn) readObfs(p []byte) (n int, addr net.Addr, err error) {
for {
n, addr, err = c.PacketConn.ReadFrom(p)
if err != nil {
return n, addr, err
}
if n < smSaltLen {
continue
}
c.obfs.Deobfuscate(p[:n], p)
return n - smSaltLen, addr, nil
}
}
func (c *geckoConn) writeObfs(p []byte, addr net.Addr) (n int, err error) {
b := buf.New()
b.Resize(0, int32(len(p)+smSaltLen))
defer b.Release()
c.obfs.Obfuscate(p, b.Bytes())
return c.PacketConn.WriteTo(b.Bytes(), addr)
}
func (g *geckoConn) WriteTo(p []byte, addr net.Addr) (int, error) {
if len(p) == 0 {
return 0, nil
}
if p[0]&0x80 != 0 {
// QUIC long header, do fragmentation.
return g.writeFragmented(p, addr)
}
// QUIC short header (data), pass through.
return g.writeObfs(p, addr)
}
func (g *geckoConn) writeFragmented(p []byte, addr net.Addr) (int, error) {
chunks := randomFragmentChunks()
chunkSize := len(p) / chunks
msgID := uint8(g.msgID.Add(1))
for i := range chunks {
start := i * chunkSize
end := len(p)
if i < chunks-1 {
end = start + chunkSize
}
chunk := p[start:end]
padLen := g.randomPadLen(len(chunk))
buf := make([]byte, geckoHeaderSize+int(padLen)+len(chunk))
n, err := encodeFrame(frameHeader{
padLen: padLen,
msgID: msgID,
chunkIdx: uint8(i),
totalChunks: uint8(chunks),
}, chunk, buf)
if err != nil {
return 0, err
}
if _, err := g.writeObfs(buf[:n], addr); err != nil {
return 0, err
}
}
return len(p), nil
}
func (g *geckoConn) randomPadLen(chunkLen int) uint16 {
base := smSaltLen + geckoHeaderSize + chunkLen
lo := max(g.minPkt, base)
if lo > g.maxPkt {
return 0
}
return uint16(lo - base + randIntn(g.maxPkt-lo+1))
}
func randomFragmentChunks() int {
return geckoMinFragmentChunks + randIntn(geckoMaxFragmentChunks-geckoMinFragmentChunks+1)
}
func randIntn(n int) int {
if n <= 1 {
return 0
}
var b [4]byte
_, _ = rand.Read(b[:])
return int(binary.BigEndian.Uint32(b[:]) % uint32(n))
}
func (g *geckoConn) ReadFrom(p []byte) (int, net.Addr, error) {
b := buf.New()
b.Resize(0, finalmask.UDPSize)
buf := b.Bytes()
defer b.Release()
for {
n, addr, err := g.readObfs(buf)
if err != nil {
return 0, addr, err
}
if n <= 0 {
continue
}
// Top bit set → Gecko fragment frame; clear → short-header packet
// or garbage, passed through for QUIC to handle.
if buf[0]&0x80 == 0 {
return copy(p, buf[:n]), addr, nil
}
h, payload, decErr := decodeFrame(buf[:n])
if decErr != nil {
// Malformed frame; drop silently.
continue
}
out, ready := g.acceptChunk(addr, h, payload)
if !ready {
continue
}
return copy(p, out), addr, nil
}
}
func (g *geckoConn) acceptChunk(addr net.Addr, h frameHeader, payload []byte) ([]byte, bool) {
key := reassemblyKey{addr: addr.String(), msgID: h.msgID}
g.mu.Lock()
defer g.mu.Unlock()
e, exists := g.reassembly[key]
if !exists {
// Per-source cap.
if g.perSource[key.addr] >= geckoMaxPerSource {
return nil, false
}
// Global cap with eviction.
if len(g.reassembly) >= geckoMaxReassembly {
g.evictOldestLocked()
}
e = &reassemblyEntry{
chunks: make([][]byte, h.totalChunks),
total: h.totalChunks,
deadline: time.Now().Add(geckoReassemblyTTL),
}
g.reassembly[key] = e
g.perSource[key.addr]++
} else if e.total != h.totalChunks {
// Inconsistent chunk count; drop.
return nil, false
}
if int(h.chunkIdx) >= len(e.chunks) || e.chunks[h.chunkIdx] != nil {
// Bad index or duplicate; drop.
return nil, false
}
cp := make([]byte, len(payload))
copy(cp, payload)
e.chunks[h.chunkIdx] = cp
e.received++
if e.received < int(e.total) {
return nil, false
}
total := 0
for _, c := range e.chunks {
total += len(c)
}
out := make([]byte, total)
off := 0
for _, c := range e.chunks {
off += copy(out[off:], c)
}
g.dropEntryLocked(key)
return out, true
}
func (g *geckoConn) gcLoop() {
t := time.NewTicker(geckoReassemblyTTL / 2)
defer t.Stop()
for {
select {
case <-g.closeCh:
return
case now := <-t.C:
g.gcExpired(now)
}
}
}
func (g *geckoConn) gcExpired(now time.Time) {
g.mu.Lock()
defer g.mu.Unlock()
for k, e := range g.reassembly {
if now.After(e.deadline) {
g.dropEntryLocked(k)
}
}
}
func (g *geckoConn) dropEntryLocked(k reassemblyKey) {
if _, ok := g.reassembly[k]; !ok {
return
}
delete(g.reassembly, k)
g.perSource[k.addr]--
if g.perSource[k.addr] <= 0 {
delete(g.perSource, k.addr)
}
}
func (g *geckoConn) evictOldestLocked() {
var oldestKey reassemblyKey
var oldestDeadline time.Time
first := true
for k, e := range g.reassembly {
if first || e.deadline.Before(oldestDeadline) {
oldestKey = k
oldestDeadline = e.deadline
first = false
}
}
if !first {
g.dropEntryLocked(oldestKey)
}
}
func (g *geckoConn) Close() error {
g.closeOnce.Do(func() { close(g.closeCh) })
return g.PacketConn.Close()
}
@@ -0,0 +1,86 @@
package salamander
import (
"crypto/rand"
"encoding/binary"
"errors"
)
const (
geckoFlagFragment = 0x80
geckoHeaderSize = 5
geckoMinFragmentChunks = 2
geckoMaxFragmentChunks = 8
)
var (
errFrameTruncated = errors.New("gecko frame truncated")
errFrameInvalid = errors.New("gecko frame invalid")
)
// frameHeader is a Gecko fragment frame header.
// Wire layout (after Salamander decryption):
//
// byte 0: 0x80 (fragment marker; low 7 bits reserved)
// byte 1: msgID
// byte 2: chunkIdx:4 | totalChunks:4
// byte 3-4: padLen (uint16, big-endian)
// then padLen random padding bytes, then the chunk payload
type frameHeader struct {
padLen uint16
msgID uint8
chunkIdx uint8 // < totalChunks
totalChunks uint8 // [2, 8]
}
// encodeFrame writes a frame into out, filling the padding region with random
// bytes. out must be at least geckoHeaderSize + h.padLen + len(payload) long.
func encodeFrame(h frameHeader, payload, out []byte) (int, error) {
if h.totalChunks < geckoMinFragmentChunks || h.totalChunks > geckoMaxFragmentChunks {
return 0, errFrameInvalid
}
if h.chunkIdx >= h.totalChunks {
return 0, errFrameInvalid
}
needed := geckoHeaderSize + int(h.padLen) + len(payload)
if len(out) < needed {
return 0, errFrameTruncated
}
out[0] = geckoFlagFragment
out[1] = h.msgID
out[2] = h.chunkIdx<<4 | h.totalChunks&0x0f
binary.BigEndian.PutUint16(out[3:5], h.padLen)
if _, err := rand.Read(out[geckoHeaderSize : geckoHeaderSize+int(h.padLen)]); err != nil {
return 0, err
}
copy(out[geckoHeaderSize+int(h.padLen):], payload)
return needed, nil
}
// decodeFrame parses a frame from in. The returned payload is a sub-slice of
// in (zero-copy) covering the bytes after the header and padding.
func decodeFrame(in []byte) (frameHeader, []byte, error) {
if len(in) < geckoHeaderSize {
return frameHeader{}, nil, errFrameTruncated
}
if in[0]&geckoFlagFragment == 0 {
return frameHeader{}, nil, errFrameInvalid
}
h := frameHeader{
msgID: in[1],
chunkIdx: in[2] >> 4,
totalChunks: in[2] & 0x0f,
padLen: binary.BigEndian.Uint16(in[3:5]),
}
if h.totalChunks < geckoMinFragmentChunks || h.totalChunks > geckoMaxFragmentChunks {
return frameHeader{}, nil, errFrameInvalid
}
if h.chunkIdx >= h.totalChunks {
return frameHeader{}, nil, errFrameInvalid
}
if geckoHeaderSize+int(h.padLen) > len(in) {
return frameHeader{}, nil, errFrameTruncated
}
return h, in[geckoHeaderSize+int(h.padLen):], nil
}
@@ -24,16 +24,21 @@ type SalamanderObfuscator struct {
PSK []byte
RandSrc *rand.Rand
lk sync.Mutex
lk sync.Mutex
keyInput []byte
}
func NewSalamanderObfuscator(psk []byte) (*SalamanderObfuscator, error) {
if len(psk) < smPSKMinLen {
return nil, ErrPSKTooShort
}
pskCopy := append([]byte(nil), psk...)
keyInput := make([]byte, len(pskCopy)+smSaltLen)
copy(keyInput, pskCopy)
return &SalamanderObfuscator{
PSK: psk,
RandSrc: rand.New(rand.NewSource(time.Now().UnixNano())),
PSK: pskCopy,
RandSrc: rand.New(rand.NewSource(time.Now().UnixNano())),
keyInput: keyInput,
}, nil
}
@@ -44,8 +49,8 @@ func (o *SalamanderObfuscator) Obfuscate(in, out []byte) int {
}
o.lk.Lock()
_, _ = o.RandSrc.Read(out[:smSaltLen])
key := o.keyLocked(out[:smSaltLen])
o.lk.Unlock()
key := o.key(out[:smSaltLen])
for i, c := range in {
out[i+smSaltLen] = c ^ key[i%smKeyLen]
}
@@ -57,13 +62,16 @@ func (o *SalamanderObfuscator) Deobfuscate(in, out []byte) int {
if outLen <= 0 || len(out) < outLen {
return 0
}
key := o.key(in[:smSaltLen])
o.lk.Lock()
key := o.keyLocked(in[:smSaltLen])
o.lk.Unlock()
for i, c := range in[smSaltLen:] {
out[i] = c ^ key[i%smKeyLen]
}
return outLen
}
func (o *SalamanderObfuscator) key(salt []byte) [smKeyLen]byte {
return blake2b.Sum256(append(o.PSK, salt...))
func (o *SalamanderObfuscator) keyLocked(salt []byte) [smKeyLen]byte {
copy(o.keyInput[len(o.PSK):], salt[:smSaltLen])
return blake2b.Sum256(o.keyInput)
}
@@ -1,81 +0,0 @@
package salamander_test
import (
"crypto/rand"
"testing"
"github.com/stretchr/testify/assert"
"github.com/xtls/xray-core/transport/internet/finalmask/salamander"
)
const (
smSaltLen = 8
)
func BenchmarkSalamanderObfuscator_Obfuscate(b *testing.B) {
o, _ := salamander.NewSalamanderObfuscator([]byte("average_password"))
in := make([]byte, 1200)
_, _ = rand.Read(in)
out := make([]byte, 2048)
b.ResetTimer()
for i := 0; i < b.N; i++ {
o.Obfuscate(in, out)
}
}
func BenchmarkSalamanderObfuscator_Deobfuscate(b *testing.B) {
o, _ := salamander.NewSalamanderObfuscator([]byte("average_password"))
in := make([]byte, 1200)
_, _ = rand.Read(in)
out := make([]byte, 2048)
b.ResetTimer()
for i := 0; i < b.N; i++ {
o.Deobfuscate(in, out)
}
}
func TestSalamanderObfuscator(t *testing.T) {
o, _ := salamander.NewSalamanderObfuscator([]byte("average_password"))
in := make([]byte, 1200)
oOut := make([]byte, 2048)
dOut := make([]byte, 2048)
for i := 0; i < 1000; i++ {
_, _ = rand.Read(in)
n := o.Obfuscate(in, oOut)
assert.Equal(t, len(in)+smSaltLen, n)
n = o.Deobfuscate(oOut[:n], dOut)
assert.Equal(t, len(in), n)
assert.Equal(t, in, dOut[:n])
}
}
func TestSalamanderInPlace(t *testing.T) {
o, _ := salamander.NewSalamanderObfuscator([]byte("average_password"))
in := make([]byte, 1200)
out := make([]byte, 2048)
_, _ = rand.Read(in)
o.Obfuscate(in, out)
out2 := make([]byte, 2048)
copy(out2[smSaltLen:], in)
o.Obfuscate(out2[smSaltLen:], out2)
dOut := make([]byte, 2048)
o.Deobfuscate(out, dOut)
o.Deobfuscate(out2, out2)
assert.Equal(t, in, dOut[:1200])
assert.Equal(t, in, out2[:1200])
}
func TestSalamanderBounce(t *testing.T) {
o, _ := salamander.NewSalamanderObfuscator([]byte("average_password"))
buf := make([]byte, 8)
for i := 0; i < 1000; i++ {
_, _ = rand.Read(buf)
n := o.Deobfuscate(buf, buf)
assert.Equal(t, 0, n)
}
}
-44
View File
@@ -462,50 +462,6 @@ func TestUDPcustomStaticHeaderWireShape(t *testing.T) {
}
}
func TestUDPcustomServerRejectsMismatchedStaticHeader(t *testing.T) {
cfg := &custom.UDPConfig{
Client: []*custom.UDPItem{
{Packet: []byte{0x01, 0x02}},
},
Server: []*custom.UDPItem{
{Packet: []byte{0x03}},
},
}
maskManager := finalmask.NewUdpmaskManager([]finalmask.Udpmask{cfg})
clientRaw, err := net.ListenPacket("udp", "127.0.0.1:0")
if err != nil {
t.Fatal(err)
}
defer clientRaw.Close()
serverRaw, err := net.ListenPacket("udp", "127.0.0.1:0")
if err != nil {
t.Fatal(err)
}
defer serverRaw.Close()
server, err := maskManager.WrapPacketConnServer(serverRaw)
if err != nil {
t.Fatal(err)
}
_ = server.SetDeadline(time.Now().Add(200 * time.Millisecond))
if _, err := clientRaw.WriteTo([]byte{0x09, 0x09, 'b', 'a', 'd'}, server.LocalAddr()); err != nil {
t.Fatal(err)
}
buf := make([]byte, 128)
n, _, err := server.ReadFrom(buf)
if n != 0 {
t.Fatalf("expected no payload on mismatched header, got %d bytes", n)
}
if err != nil {
t.Fatalf("expected mismatch to be dropped without surfaced error, got %v", err)
}
}
func TestUDPcustomStandaloneClientSendsDetachedHandshakeBeforePayload(t *testing.T) {
_, serverRaw, client, _ := newUDPClientServerPair(t, newStandaloneEchoUDPConfig())