Refactor: Fragmentation

5f5ae37571 9122d0f056
2025-04-30 17:38:41 +00:00 · 2023-07-06 16:30:39 +00:00 · 2023-07-06 16:30:39 +00:00 · f0f3b417f7
commit f0f3b417f7
parent 6d4194415d
4 changed files with 161 additions and 218 deletions
--- a/proxy/freedom/freedom.go
+++ b/proxy/freedom/freedom.go
@ -5,7 +5,6 @@ package freedom
 import (
 	"context"
 	"crypto/rand"
-	"encoding/binary"
 	"io"
 	"math/big"
 	"time"
@ -13,7 +12,6 @@ import (
 	"github.com/xtls/xray-core/common"
 	"github.com/xtls/xray-core/common/buf"
 	"github.com/xtls/xray-core/common/dice"
-	"github.com/xtls/xray-core/common/errors"
 	"github.com/xtls/xray-core/common/net"
 	"github.com/xtls/xray-core/common/retry"
 	"github.com/xtls/xray-core/common/session"
@ -175,28 +173,12 @@ func (h *Handler) Process(ctx context.Context, link *transport.Link, dialer inte
 		var writer buf.Writer
 		if destination.Network == net.Network_TCP {
 			if h.config.Fragment != nil {
-				if h.config.Fragment.StartPacket == 0 && h.config.Fragment.EndPacket == 1 {
-					newError("FRAGMENT", int(h.config.Fragment.MaxLength)).WriteToLog(session.ExportIDToError(ctx))
-					writer = buf.NewWriter(
-						&FragmentedClientHelloConn{
-							Conn:        conn,
-							maxLength:   int(h.config.Fragment.MaxLength),
-							minInterval: time.Duration(h.config.Fragment.MinInterval) * time.Millisecond,
-							maxInterval: time.Duration(h.config.Fragment.MaxInterval) * time.Millisecond,
-						})
-				} else {
-					writer = buf.NewWriter(
-						&FragmentWriter{
-							Writer:      conn,
-							minLength:   int(h.config.Fragment.MinLength),
-							maxLength:   int(h.config.Fragment.MaxLength),
-							minInterval: time.Duration(h.config.Fragment.MinInterval) * time.Millisecond,
-							maxInterval: time.Duration(h.config.Fragment.MaxInterval) * time.Millisecond,
-							startPacket: int(h.config.Fragment.StartPacket),
-							endPacket:   int(h.config.Fragment.EndPacket),
-							PacketCount: 0,
-						})
-				}
+				newError("FRAGMENT", h.config.Fragment.PacketsFrom, h.config.Fragment.PacketsTo, h.config.Fragment.LengthMin, h.config.Fragment.LengthMax,
+					h.config.Fragment.IntervalMin, h.config.Fragment.IntervalMax).AtDebug().WriteToLog(session.ExportIDToError(ctx))
+				writer = buf.NewWriter(&FragmentWriter{
+					fragment: h.config.Fragment,
+					writer:   conn,
+				})
 			} else {
 				writer = buf.NewWriter(conn)
 			}
@ -356,40 +338,66 @@ func (w *PacketWriter) WriteMultiBuffer(mb buf.MultiBuffer) error {
 }

 type FragmentWriter struct {
-	io.Writer
-	minLength   int
-	maxLength   int
-	minInterval time.Duration
-	maxInterval time.Duration
-	startPacket int
-	endPacket   int
-	PacketCount int
+	fragment *Fragment
+	writer   io.Writer
+	count    uint64
 }

-func (w *FragmentWriter) Write(buf []byte) (int, error) {
-	w.PacketCount += 1
-	if (w.startPacket != 0 && (w.PacketCount < w.startPacket || w.PacketCount > w.endPacket)) || len(buf) <= w.minLength {
-		return w.Writer.Write(buf)
+func (f *FragmentWriter) Write(b []byte) (int, error) {
+	f.count++
+
+	if f.fragment.PacketsFrom == 0 && f.fragment.PacketsTo == 1 {
+		if f.count != 1 || len(b) <= 5 || b[0] != 22 {
+			return f.writer.Write(b)
+		}
+		recordLen := 5 + ((int(b[3]) << 8) | int(b[4]))
+		data := b[5:recordLen]
+		buf := make([]byte, 1024)
+		for from := 0; ; {
+			to := from + int(randBetween(int64(f.fragment.LengthMin), int64(f.fragment.LengthMax)))
+			if to > len(data) {
+				to = len(data)
+			}
+			copy(buf[:3], b)
+			copy(buf[5:], data[from:to])
+			l := to - from
+			from = to
+			buf[3] = byte(l >> 8)
+			buf[4] = byte(l)
+			_, err := f.writer.Write(buf[:5+l])
+			time.Sleep(time.Duration(randBetween(int64(f.fragment.IntervalMin), int64(f.fragment.IntervalMax))) * time.Millisecond)
+			if err != nil {
+				return 0, err
+			}
+			if from == len(data) {
+				if len(b) > recordLen {
+					n, err := f.writer.Write(b[recordLen:])
+					if err != nil {
+						return recordLen + n, err
+					}
+				}
+				return len(b), nil
+			}
+		}
 	}

-	nTotal := 0
-	for {
-		randomBytesTo := int(randBetween(int64(w.minLength), int64(w.maxLength))) + nTotal
-		if randomBytesTo > len(buf) {
-			randomBytesTo = len(buf)
+	if f.fragment.PacketsFrom != 0 && (f.count < f.fragment.PacketsFrom || f.count > f.fragment.PacketsTo) {
+		return f.writer.Write(b)
+	}
+	for from := 0; ; {
+		to := from + int(randBetween(int64(f.fragment.LengthMin), int64(f.fragment.LengthMax)))
+		if to > len(b) {
+			to = len(b)
 		}
-		n, err := w.Writer.Write(buf[nTotal:randomBytesTo])
+		n, err := f.writer.Write(b[from:to])
+		from += n
+		time.Sleep(time.Duration(randBetween(int64(f.fragment.IntervalMin), int64(f.fragment.IntervalMax))) * time.Millisecond)
 		if err != nil {
-			return nTotal + n, err
+			return from, err
 		}
-		nTotal += n
-
-		if nTotal >= len(buf) {
-			return nTotal, nil
+		if from >= len(b) {
+			return from, nil
 		}
-
-		randomInterval := randBetween(int64(w.minInterval), int64(w.maxInterval))
-		time.Sleep(time.Duration(randomInterval))
 	}
 }

@ -401,66 +409,3 @@ func randBetween(left int64, right int64) int64 {
 	bigInt, _ := rand.Int(rand.Reader, big.NewInt(right-left))
 	return left + bigInt.Int64()
 }
-
-type FragmentedClientHelloConn struct {
-	net.Conn
-	PacketCount int
-	minLength   int
-	maxLength   int
-	minInterval time.Duration
-	maxInterval time.Duration
-}
-
-func (c *FragmentedClientHelloConn) Write(b []byte) (n int, err error) {
-	if len(b) >= 5 && b[0] == 22 && c.PacketCount == 0 {
-		n, err = sendFragmentedClientHello(c, b, c.minLength, c.maxLength)
-
-		if err == nil {
-			c.PacketCount++
-			return n, err
-		}
-	}
-
-	return c.Conn.Write(b)
-}
-
-func sendFragmentedClientHello(conn *FragmentedClientHelloConn, clientHello []byte, minFragmentSize, maxFragmentSize int) (n int, err error) {
-	if len(clientHello) < 5 || clientHello[0] != 22 {
-		return 0, errors.New("not a valid TLS ClientHello message")
-	}
-
-	clientHelloLen := (int(clientHello[3]) << 8) | int(clientHello[4])
-
-	clientHelloData := clientHello[5:]
-	for i := 0; i < clientHelloLen; {
-		fragmentEnd := i + int(randBetween(int64(minFragmentSize), int64(maxFragmentSize)))
-		if fragmentEnd > clientHelloLen {
-			fragmentEnd = clientHelloLen
-		}
-
-		fragment := clientHelloData[i:fragmentEnd]
-		i = fragmentEnd
-
-		err = writeFragmentedRecord(conn, 22, fragment, clientHello)
-		if err != nil {
-			return 0, err
-		}
-	}
-
-	return len(clientHello), nil
-}
-
-func writeFragmentedRecord(c *FragmentedClientHelloConn, contentType uint8, data []byte, clientHello []byte) error {
-	header := make([]byte, 5)
-	header[0] = byte(clientHello[0])
-
-	tlsVersion := (int(clientHello[1]) << 8) | int(clientHello[2])
-	binary.BigEndian.PutUint16(header[1:], uint16(tlsVersion))
-
-	binary.BigEndian.PutUint16(header[3:], uint16(len(data)))
-	_, err := c.Conn.Write(append(header, data...))
-	randomInterval := randBetween(int64(c.minInterval), int64(c.maxInterval))
-	time.Sleep(time.Duration(randomInterval))
-
-	return err
-}