Use shadowsocket's bloomring for shadowsocket's replay protection (#764)

* use shadowsocket's bloomring for shadowsocket's replay protection * added shadowsockets iv check for tcp socket * Rename to shadowsockets iv check * shadowsocks iv check config file * iv check should proceed after decryption * use shadowsocket's bloomring for shadowsocket's replay protection * Chore: format code (#842) Co-authored-by: Shelikhoo <xiaokangwang@outlook.com> Co-authored-by: Loyalsoldier <10487845+Loyalsoldier@users.noreply.github.com>
2025-04-29 16:58:34 +00:00 · 2021-10-22 00:03:09 -04:00 · 2021-10-22 00:03:09 -04:00 · 45dc97e2b6
commit 45dc97e2b6
parent 0f0a424e8c
9 changed files with 138 additions and 53 deletions
--- a/common/antireplay/antireplay.go
+++ b/common/antireplay/antireplay.go
@ -0,0 +1,6 @@
+package antireplay
+
+type GeneralizedReplayFilter interface {
+	Interval() int64
+	Check(sum []byte) bool
+}
--- a/common/antireplay/bloomring.go
+++ b/common/antireplay/bloomring.go
@ -0,0 +1,36 @@
+package antireplay
+
+import (
+	"sync"
+
+	ss_bloomring "github.com/v2fly/ss-bloomring"
+)
+
+type BloomRing struct {
+	*ss_bloomring.BloomRing
+	lock *sync.Mutex
+}
+
+func (b BloomRing) Interval() int64 {
+	return 9999999
+}
+
+func (b BloomRing) Check(sum []byte) bool {
+	b.lock.Lock()
+	defer b.lock.Unlock()
+	if b.Test(sum) {
+		return false
+	}
+	b.Add(sum)
+	return true
+}
+
+func NewBloomRing() BloomRing {
+	const (
+		DefaultSFCapacity = 1e6
+		// FalsePositiveRate
+		DefaultSFFPR  = 1e-6
+		DefaultSFSlot = 10
+	)
+	return BloomRing{ss_bloomring.NewBloomRing(DefaultSFSlot, DefaultSFCapacity, DefaultSFFPR), &sync.Mutex{}}
+}