feat(ss): support none/dummy cipher via no-op AEAD implementation
The go-gost fork of go-shadowsocks2 dropped built-in support for the none/dummy cipher that was present in the original go-shadowsocks2. Combined with the SS components' hard requirement for auth (and therefore a valid cipher), this made gost fail to start with method=none or method=dummy. Add a no-op cipher in x/internal/util/ss/none/ that implements the core.ShadowCipher interface using the standard go-shadowsocks2 AEAD framing (salt + length-prefixed chunks, target address embedding) without actual encryption. SaltSize=16 ensures random salts on every connection to avoid bloom-ring replay detection. Update SS TCP connector/handler and SS UDP connector/handler to detect method=none/dummy (case-insensitive) and use the no-op cipher instead of utils.NewClientConfig/NewServerConfig. Fixes go-gost/x#105
This commit is contained in:
@@ -6,6 +6,7 @@ import (
|
||||
"fmt"
|
||||
"net"
|
||||
"net/netip"
|
||||
"strings"
|
||||
"time"
|
||||
|
||||
"github.com/go-gost/core/connector"
|
||||
@@ -16,6 +17,7 @@ import (
|
||||
ctxvalue "github.com/go-gost/x/ctx"
|
||||
"github.com/go-gost/x/internal/util/relay"
|
||||
"github.com/go-gost/x/internal/util/ss"
|
||||
ssnone "github.com/go-gost/x/internal/util/ss/none"
|
||||
"github.com/go-gost/x/registry"
|
||||
)
|
||||
|
||||
@@ -52,6 +54,13 @@ func (c *ssuConnector) Init(md md.Metadata) (err error) {
|
||||
|
||||
method := c.options.Auth.Username()
|
||||
password, _ := c.options.Auth.Password()
|
||||
|
||||
if strings.EqualFold(method, "none") || strings.EqualFold(method, "dummy") {
|
||||
c.clientCfg = core.ClientConfig{Cipher: ssnone.Cipher, UDPTimeout: time.Minute}
|
||||
c.tcpClient = core.NewTCPClient(core.ClientConfig{Cipher: ssnone.Cipher})
|
||||
return
|
||||
}
|
||||
|
||||
clientConfig, err := utils.NewClientConfig(method, password)
|
||||
if err != nil {
|
||||
return err
|
||||
|
||||
Reference in New Issue
Block a user