Files
x/internal/util/ss/none/aead.go
T
ginuerzh a86b5ab66b feat(ss): support none/dummy cipher via no-op AEAD implementation
The go-gost fork of go-shadowsocks2 dropped built-in support for the
none/dummy cipher that was present in the original go-shadowsocks2.
Combined with the SS components' hard requirement for auth (and
therefore a valid cipher), this made gost fail to start with
method=none or method=dummy.

Add a no-op cipher in x/internal/util/ss/none/ that implements the
core.ShadowCipher interface using the standard go-shadowsocks2 AEAD
framing (salt + length-prefixed chunks, target address embedding)
without actual encryption.  SaltSize=16 ensures random salts on every
connection to avoid bloom-ring replay detection.

Update SS TCP connector/handler and SS UDP connector/handler to detect
method=none/dummy (case-insensitive) and use the no-op cipher instead
of utils.NewClientConfig/NewServerConfig.

Fixes go-gost/x#105
2026-06-17 22:18:23 +08:00

26 lines
984 B
Go

// Package none provides a no-op cipher for Shadowsocks that passes data
// through without encryption. It implements the go-shadowsocks2 core.ShadowCipher
// interface. This cipher is intended for debugging, testing, and compatibility
// purposes and MUST NOT be used in production.
package none
// noopAEAD is a cipher.AEAD that performs no encryption or authentication.
// All data passes through unchanged.
type noopAEAD struct{}
// NonceSize returns 0 since no nonce is needed.
func (noopAEAD) NonceSize() int { return 0 }
// Overhead returns 0 since no authentication tag is added.
func (noopAEAD) Overhead() int { return 0 }
// Seal appends plaintext to dst without encryption.
func (noopAEAD) Seal(dst, nonce, plaintext, additionalData []byte) []byte {
return append(dst, plaintext...)
}
// Open appends ciphertext to dst without decryption.
func (noopAEAD) Open(dst, nonce, ciphertext, additionalData []byte) ([]byte, error) {
return append(dst, ciphertext...), nil
}