Add seed padding logic

- Seed is decoupled with XTLS Vision, which means Seed can turn on without flow - XTLS Vision now use Seed config to configure its padding only mode
2025-05-17 17:48:40 +00:00 · 2024-04-21 15:23:47 -04:00 · 2024-04-21 15:23:47 -04:00 · 5abdc38437
commit 5abdc38437
parent 68881b531e
8 changed files with 632 additions and 51 deletions
--- a/proxy/vless/encoding/addons.go
+++ b/proxy/vless/encoding/addons.go
@ -13,7 +13,7 @@ import (
 	"google.golang.org/protobuf/proto"
 )

-func EncodeHeaderAddons(buffer *buf.Buffer, addons *Addons) error {
+func EncodeHeaderAddons(buffer *buf.Buffer, addons *proxy.Addons) error {
 	if addons.Flow == vless.XRV || len(addons.Seed) > 0 {
 		bytes, err := proto.Marshal(addons)
 		if err != nil {
@ -33,8 +33,8 @@ func EncodeHeaderAddons(buffer *buf.Buffer, addons *Addons) error {
 	return nil
 }

-func DecodeHeaderAddons(buffer *buf.Buffer, reader io.Reader) (*Addons, error) {
-	addons := new(Addons)
+func DecodeHeaderAddons(buffer *buf.Buffer, reader io.Reader) (*proxy.Addons, error) {
+	addons := new(proxy.Addons)
 	buffer.Clear()
 	if _, err := buffer.ReadFullFrom(reader, 1); err != nil {
 		return nil, errors.New("failed to read addons protobuf length").Base(err)
@ -55,8 +55,8 @@ func DecodeHeaderAddons(buffer *buf.Buffer, reader io.Reader) (*Addons, error) {
 }

 // EncodeBodyAddons returns a Writer that auto-encrypt content written by caller.
-func EncodeBodyAddons(writer buf.Writer, request *protocol.RequestHeader, requestAddons *Addons, state *proxy.TrafficState, isUplink bool, context context.Context) buf.Writer {
-	w := proxy.NewVisionWriter(writer, state, isUplink, context)
+func EncodeBodyAddons(writer buf.Writer, request *protocol.RequestHeader, addons *proxy.Addons, state *proxy.TrafficState, isUplink bool, context context.Context) buf.Writer {
+	w := proxy.NewVisionWriter(writer, addons, state, isUplink, context)
 	if request.Command == protocol.RequestCommandUDP {
 		return NewMultiLengthPacketWriter(w)
 	}
@ -64,8 +64,8 @@ func EncodeBodyAddons(writer buf.Writer, request *protocol.RequestHeader, reques
 }

 // DecodeBodyAddons returns a Reader from which caller can fetch decrypted body.
-func DecodeBodyAddons(reader io.Reader, request *protocol.RequestHeader, addons *Addons, state *proxy.TrafficState, isUplink bool, context context.Context) buf.Reader {
-	r := proxy.NewVisionReader(buf.NewReader(reader), state, isUplink, context)
+func DecodeBodyAddons(reader io.Reader, request *protocol.RequestHeader, addons *proxy.Addons, state *proxy.TrafficState, isUplink bool, context context.Context) buf.Reader {
+	r := proxy.NewVisionReader(buf.NewReader(reader), addons, state, isUplink, context)
 	if request.Command == protocol.RequestCommandUDP {
 		return NewLengthPacketReader(&buf.BufferedReader{Reader: r})
 	}
@ -178,32 +178,46 @@ func (r *LengthPacketReader) ReadMultiBuffer() (buf.MultiBuffer, error) {
 	return mb, nil
 }

-func PopulateSeed(seed string, addons *Addons) {
+func PopulateSeed(seed string, addons *proxy.Addons) {
 	if len(seed) > 0 {
 		addons.Seed = []byte {1} // only turn on, more TBD
-		addons.Mode = SeedMode_PaddingPlusDelay
+		addons.Mode = proxy.SeedMode_PaddingPlusDelay
 		addons.Duration = "0-8"
-		addons.Padding = &PaddingConfig{
+		addons.Padding = &proxy.PaddingConfig{
 			RegularMin: 0,
 			RegularMax: 256,
 			LongMin:    900,
 			LongMax:    1400,
 		}
-		addons.Delay = &DelayConfig{
+		addons.Delay = &proxy.DelayConfig{
 			IsRandom: true,
 			MinMillis: 100,
 			MaxMillis: 500,
 		}
-		addons.Scheduler = &SchedulerConfig{
+		addons.Scheduler = &proxy.SchedulerConfig{
 			TimeoutMillis: 600,
 		}
+	} else if addons.Flow == vless.XRV {
+		addons.Seed = []byte {1} // only turn on, more TBD
+		addons.Mode = proxy.SeedMode_PaddingOnly
+		addons.Duration = "0-8"
+		addons.Padding = &proxy.PaddingConfig{
+			RegularMin: 0,
+			RegularMax: 256,
+			LongMin:    900,
+			LongMax:    1400,
+		}
 	}
 }

-func CheckSeed(requestAddons *Addons, responseAddons *Addons) error {
+func CheckSeed(requestAddons *proxy.Addons, responseAddons *proxy.Addons) error {
 	if !bytes.Equal(requestAddons.Seed, responseAddons.Seed) {
 		return errors.New("Seed bytes not match", requestAddons.Seed, responseAddons.Seed)
 	}
+	if responseAddons.Flow == vless.XRV && len(responseAddons.Seed) == 0 && requestAddons.Mode == proxy.SeedMode_Unknown {
+		// old vision server config allow empty seed from clients for backwards compatibility
+		return nil
+	}
 	if requestAddons.Mode != responseAddons.Mode {
 		return errors.New("Mode not match", requestAddons.Mode, responseAddons.Mode)
 	}
--- a/proxy/vless/encoding/addons.proto
+++ b/proxy/vless/encoding/addons.proto
@ -1,42 +0,0 @@
-syntax = "proto3";
-
-package xray.proxy.vless.encoding;
-option csharp_namespace = "Xray.Proxy.Vless.Encoding";
-option go_package = "github.com/xtls/xray-core/proxy/vless/encoding";
-option java_package = "com.xray.proxy.vless.encoding";
-option java_multiple_files = true;
-
-message Addons {
-  string Flow = 1;
-  bytes Seed = 2;
-  SeedMode Mode = 3;
-  string Duration = 4;  // "0-8" means apply to number of packets, "1kb-" means start applying once both side exchange 1kb data, counting two-ways
-  PaddingConfig Padding = 5;
-  DelayConfig Delay = 6;
-  SchedulerConfig Scheduler = 7;
-}
-
-enum SeedMode {
-  Unknown = 0;
-  PaddingOnly = 1;
-  PaddingPlusDelay = 2;
-  IndependentScheduler = 3;
-}
-
-message PaddingConfig {
-  uint32 RegularMin = 1;
-  uint32 RegularMax = 2;
-  uint32 LongMin = 3;
-  uint32 LongMax = 4;
-}
-
-message DelayConfig {
-  bool IsRandom = 1;
-  uint32 MinMillis = 2;
-  uint32 MaxMillis = 3;
-}
-
-message SchedulerConfig {
-  uint32 TimeoutMillis = 1; // original traffic will not be sent right away but when scheduler want to send or pending buffer times out
-  // Other TBD  
-}
--- a/proxy/vless/encoding/encoding.go
+++ b/proxy/vless/encoding/encoding.go
@ -28,7 +28,7 @@ var addrParser = protocol.NewAddressParser(
 )

 // EncodeRequestHeader writes encoded request header into the given writer.
-func EncodeRequestHeader(writer io.Writer, request *protocol.RequestHeader, requestAddons *Addons) error {
+func EncodeRequestHeader(writer io.Writer, request *protocol.RequestHeader, requestAddons *proxy.Addons) error {
 	buffer := buf.StackNew()
 	defer buffer.Release()

@ -62,7 +62,7 @@ func EncodeRequestHeader(writer io.Writer, request *protocol.RequestHeader, requ
 }

 // DecodeRequestHeader decodes and returns (if successful) a RequestHeader from an input stream.
-func DecodeRequestHeader(isfb bool, first *buf.Buffer, reader io.Reader, validator vless.Validator) (*protocol.RequestHeader, *Addons, bool, error) {
+func DecodeRequestHeader(isfb bool, first *buf.Buffer, reader io.Reader, validator vless.Validator) (*protocol.RequestHeader, *proxy.Addons, bool, error) {
 	buffer := buf.StackNew()
 	defer buffer.Release()

@ -131,7 +131,7 @@ func DecodeRequestHeader(isfb bool, first *buf.Buffer, reader io.Reader, validat
 }

 // EncodeResponseHeader writes encoded response header into the given writer.
-func EncodeResponseHeader(writer io.Writer, request *protocol.RequestHeader, responseAddons *Addons) error {
+func EncodeResponseHeader(writer io.Writer, request *protocol.RequestHeader, responseAddons *proxy.Addons) error {
 	buffer := buf.StackNew()
 	defer buffer.Release()

@ -151,7 +151,7 @@ func EncodeResponseHeader(writer io.Writer, request *protocol.RequestHeader, res
 }

 // DecodeResponseHeader decodes and returns (if successful) a ResponseHeader from an input stream.
-func DecodeResponseHeader(reader io.Reader, request *protocol.RequestHeader) (*Addons, error) {
+func DecodeResponseHeader(reader io.Reader, request *protocol.RequestHeader) (*proxy.Addons, error) {
 	buffer := buf.StackNew()
 	defer buffer.Release()

--- a/proxy/vless/encoding/encoding_test.go
+++ b/proxy/vless/encoding/encoding_test.go
@ -9,6 +9,7 @@ import (
 	"github.com/xtls/xray-core/common/net"
 	"github.com/xtls/xray-core/common/protocol"
 	"github.com/xtls/xray-core/common/uuid"
+	"github.com/xtls/xray-core/proxy"
 	"github.com/xtls/xray-core/proxy/vless"
 	. "github.com/xtls/xray-core/proxy/vless/encoding"
 )
@ -37,7 +38,7 @@ func TestRequestSerialization(t *testing.T) {
 		Address: net.DomainAddress("www.example.com"),
 		Port:    net.Port(443),
 	}
-	expectedAddons := &Addons{}
+	expectedAddons := &proxy.Addons{}

 	buffer := buf.StackNew()
 	common.Must(EncodeRequestHeader(&buffer, expectedRequest, expectedAddons))
@ -52,7 +53,7 @@ func TestRequestSerialization(t *testing.T) {
 		t.Error(r)
 	}

-	addonsComparer := func(x, y *Addons) bool {
+	addonsComparer := func(x, y *proxy.Addons) bool {
 		return (x.Flow == y.Flow) && (cmp.Equal(x.Seed, y.Seed))
 	}
 	if r := cmp.Diff(actualAddons, expectedAddons, cmp.Comparer(addonsComparer)); r != "" {
@ -78,7 +79,7 @@ func TestInvalidRequest(t *testing.T) {
 		Address: net.DomainAddress("www.example.com"),
 		Port:    net.Port(443),
 	}
-	expectedAddons := &Addons{}
+	expectedAddons := &proxy.Addons{}

 	buffer := buf.StackNew()
 	common.Must(EncodeRequestHeader(&buffer, expectedRequest, expectedAddons))
@ -109,7 +110,7 @@ func TestMuxRequest(t *testing.T) {
 		Command: protocol.RequestCommandMux,
 		Address: net.DomainAddress("v1.mux.cool"),
 	}
-	expectedAddons := &Addons{}
+	expectedAddons := &proxy.Addons{}

 	buffer := buf.StackNew()
 	common.Must(EncodeRequestHeader(&buffer, expectedRequest, expectedAddons))
@ -124,7 +125,7 @@ func TestMuxRequest(t *testing.T) {
 		t.Error(r)
 	}

-	addonsComparer := func(x, y *Addons) bool {
+	addonsComparer := func(x, y *proxy.Addons) bool {
 		return (x.Flow == y.Flow) && (cmp.Equal(x.Seed, y.Seed))
 	}
 	if r := cmp.Diff(actualAddons, expectedAddons, cmp.Comparer(addonsComparer)); r != "" {