mirror of
https://github.com/XTLS/Xray-core.git
synced 2026-07-02 17:58:46 +00:00
Fix Vision SSL errors by not reading encrypted rawInput buffer
The issue occurs when switching to direct copy mode - Vision was incorrectly reading from rawInput buffer which contains ENCRYPTED outer TLS/Reality records and merging them with decrypted application data. This caused SSL protocol errors, especially with testpre where pre-established connections may have TLS session tickets or other post-handshake messages in rawInput. The fix: Only read from input buffer (decrypted application data), skip rawInput (encrypted TLS records). Fixes #4878 Co-authored-by: RPRX <63339210+RPRX@users.noreply.github.com>
This commit is contained in:
+4
-4
@@ -256,13 +256,13 @@ func (w *VisionReader) ReadMultiBuffer() (buf.MultiBuffer, error) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
if *switchToDirectCopy {
|
if *switchToDirectCopy {
|
||||||
// XTLS Vision processes TLS-like conn's input and rawInput
|
// XTLS Vision processes TLS-like conn's input
|
||||||
|
// Only read from input (decrypted application data), not rawInput (encrypted TLS records)
|
||||||
if inputBuffer, err := buf.ReadFrom(w.input); err == nil && !inputBuffer.IsEmpty() {
|
if inputBuffer, err := buf.ReadFrom(w.input); err == nil && !inputBuffer.IsEmpty() {
|
||||||
buffer, _ = buf.MergeMulti(buffer, inputBuffer)
|
buffer, _ = buf.MergeMulti(buffer, inputBuffer)
|
||||||
}
|
}
|
||||||
if rawInputBuffer, err := buf.ReadFrom(w.rawInput); err == nil && !rawInputBuffer.IsEmpty() {
|
// Do not read from rawInput - it contains encrypted outer TLS records that would corrupt the stream
|
||||||
buffer, _ = buf.MergeMulti(buffer, rawInputBuffer)
|
// Just clear the buffers to release memory
|
||||||
}
|
|
||||||
*w.input = bytes.Reader{} // release memory
|
*w.input = bytes.Reader{} // release memory
|
||||||
w.input = nil
|
w.input = nil
|
||||||
*w.rawInput = bytes.Buffer{} // release memory
|
*w.rawInput = bytes.Buffer{} // release memory
|
||||||
|
|||||||
Reference in New Issue
Block a user