mirrors/XTLS_REALITY
0
0
Fork 0
mirror of https://github.com/XTLS/REALITY.git synced 2025-08-22 22:48:36 +00:00
Code

Refactor post-handshake records detection & imitation again

Browse Source 
https://github.com/XTLS/Xray-core/issues/4843#issuecomment-3013196642
This commit is contained in:
RPRX 2025-06-27 14:14:58 +00:00 committed by GitHub
parent dc28cce21c
commit e62c4aed0d
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
2 changed files with 60 additions and 56 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

42
record_detect.go
View File

@ -12,49 +12,47 @@ import (
utls "github.com/refraction-networking/utls" utls "github.com/refraction-networking/utls"
) )
var GlobalPostHandshakeRecordsLock sync.Mutex var GlobalPostHandshakeRecordsLens sync.Map
var GlobalPostHandshakeRecordsLens map[*Config]map[string][]int func DetectPostHandshakeRecordsLens(config *Config) {
func DetectPostHandshakeRecordsLens(config *Config) map[string][]int {
GlobalPostHandshakeRecordsLock.Lock()
defer GlobalPostHandshakeRecordsLock.Unlock()
if GlobalPostHandshakeRecordsLens == nil {
GlobalPostHandshakeRecordsLens = make(map[*Config]map[string][]int)
}
if GlobalPostHandshakeRecordsLens[config] == nil {
GlobalPostHandshakeRecordsLens[config] = make(map[string][]int)
for sni := range config.ServerNames { for sni := range config.ServerNames {
key := config.Dest + " " + sni
if _, loaded := GlobalPostHandshakeRecordsLens.LoadOrStore(key, false); !loaded {
go func() {
defer func() {
val, _ := GlobalPostHandshakeRecordsLens.Load(key)
if _, ok := val.(bool); ok {
GlobalPostHandshakeRecordsLens.Store(key, []int{})
}
}()
target, err := net.Dial("tcp", config.Dest) target, err := net.Dial("tcp", config.Dest)
if err != nil { if err != nil {
continue return
} }
if config.Xver == 1 || config.Xver == 2 { if config.Xver == 1 || config.Xver == 2 {
if _, err = proxyproto.HeaderProxyFromAddrs(config.Xver, target.LocalAddr(), target.RemoteAddr()).WriteTo(target); err != nil { if _, err = proxyproto.HeaderProxyFromAddrs(config.Xver, target.LocalAddr(), target.RemoteAddr()).WriteTo(target); err != nil {
continue return
} }
} }
detectConn := &DetectConn{ detectConn := &DetectConn{
Conn: target, Conn: target,
PostHandshakeRecordsLens: GlobalPostHandshakeRecordsLens[config], Key: key,
Sni: sni,
} }
uConn := utls.UClient(detectConn, &utls.Config{ uConn := utls.UClient(detectConn, &utls.Config{
ServerName: sni, ServerName: sni, // needs new loopvar behaviour
}, utls.HelloChrome_Auto) }, utls.HelloChrome_Auto)
if err = uConn.Handshake(); err != nil { if err = uConn.Handshake(); err != nil {
continue return
} }
io.Copy(io.Discard, uConn) io.Copy(io.Discard, uConn)
}()
} }
} }
return GlobalPostHandshakeRecordsLens[config]
} }
type DetectConn struct { type DetectConn struct {
net.Conn net.Conn
PostHandshakeRecordsLens map[string][]int Key string
Sni string
CcsSent bool CcsSent bool
} }
@ -71,14 +69,16 @@ func (c *DetectConn) Read(b []byte) (n int, err error) {
} }
c.Conn.SetReadDeadline(time.Now().Add(5 * time.Second)) c.Conn.SetReadDeadline(time.Now().Add(5 * time.Second))
data, _ := io.ReadAll(c.Conn) data, _ := io.ReadAll(c.Conn)
var postHandshakeRecordsLens []int
for { for {
if len(data) >= 5 && bytes.Equal(data[:3], []byte{23, 3, 3}) { if len(data) >= 5 && bytes.Equal(data[:3], []byte{23, 3, 3}) {
length := int(binary.BigEndian.Uint16(data[3:5])) + 5 length := int(binary.BigEndian.Uint16(data[3:5])) + 5
c.PostHandshakeRecordsLens[c.Sni] = append(c.PostHandshakeRecordsLens[c.Sni], length) postHandshakeRecordsLens = append(postHandshakeRecordsLens, length)
data = data[length:] data = data[length:]
} else { } else {
break break
} }
} }
GlobalPostHandshakeRecordsLens.Store(c.Key, postHandshakeRecordsLens)
return 0, io.EOF return 0, io.EOF
} }

18
tls.go
View File

@ -157,13 +157,9 @@ func Value(vals ...byte) (value int) {
return return
} }
// Server returns a new TLS server side connection // You MUST call `DetectPostHandshakeRecordsLens(config)` in advance manually
// using conn as the underlying transport. // if you don't use REALITY's listener, e.g., Xray-core's RAW transport.
// The configuration config must be non-nil and must include
// at least one certificate or else set GetCertificate.
func Server(ctx context.Context, conn net.Conn, config *Config) (*Conn, error) { func Server(ctx context.Context, conn net.Conn, config *Config) (*Conn, error) {
postHandshakeRecordsLens := DetectPostHandshakeRecordsLens(config)
remoteAddr := conn.RemoteAddr().String() remoteAddr := conn.RemoteAddr().String()
if config.Show { if config.Show {
fmt.Printf("REALITY remoteAddr: %v\n", remoteAddr) fmt.Printf("REALITY remoteAddr: %v\n", remoteAddr)
@ -374,7 +370,10 @@ func Server(ctx context.Context, conn net.Conn, config *Config) (*Conn, error) {
if err != nil { if err != nil {
break break
} }
for _, length := range postHandshakeRecordsLens[hs.clientHello.serverName] { for {
if val, ok := GlobalPostHandshakeRecordsLens.Load(config.Dest + " " + hs.clientHello.serverName); ok {
if postHandshakeRecordsLens, ok := val.([]int); ok {
for _, length := range postHandshakeRecordsLens {
plainText := make([]byte, length-16) plainText := make([]byte, length-16)
plainText[0] = 23 plainText[0] = 23
plainText[1] = 3 plainText[1] = 3
@ -389,6 +388,11 @@ func Server(ctx context.Context, conn net.Conn, config *Config) (*Conn, error) {
fmt.Printf("REALITY remoteAddr: %v\tlen(postHandshakeRecord): %v\n", remoteAddr, len(postHandshakeRecord)) fmt.Printf("REALITY remoteAddr: %v\tlen(postHandshakeRecord): %v\n", remoteAddr, len(postHandshakeRecord))
} }
} }
break
}
}
time.Sleep(5 * time.Second)
}
hs.c.isHandshakeComplete.Store(true) hs.c.isHandshakeComplete.Store(true)
break break
} }