Add shadowsocks reducedIvHeadEntropy option v2fly#1552

Author: nekohasekai

infra/conf/v4/shadowsocks.go

@@ -55,14 +55,15 @@ func (v *ShadowsocksServerConfig) Build() (proto.Message, error) {
 }
 
 type ShadowsocksServerTarget struct {
-	Address  *cfgcommon.Address `json:"address"`
-	Port     uint16             `json:"port"`
-	Cipher   string             `json:"method"`
-	Password string             `json:"password"`
-	Email    string             `json:"email"`
-	Ota      bool               `json:"ota"`
-	Level    byte               `json:"level"`
-	IVCheck  bool               `json:"ivCheck"`
+	Address                        *cfgcommon.Address `json:"address"`
+	Port                           uint16             `json:"port"`
+	Cipher                         string             `json:"method"`
+	Password                       string             `json:"password"`
+	Email                          string             `json:"email"`
+	Ota                            bool               `json:"ota"`
+	Level                          byte               `json:"level"`
+	IVCheck                        bool               `json:"ivCheck"`
+	ExperimentReducedIvHeadEntropy bool               `json:"experimentReducedIvHeadEntropy"`
 }
 
 type ShadowsocksClientConfig struct {
@@ -91,7 +92,8 @@ func (v *ShadowsocksClientConfig) Build() (proto.Message, error) {
 			return nil, newError("Shadowsocks password is not specified.")
 		}
 		account := &shadowsocks.Account{
-			Password: server.Password,
+			Password:                       server.Password,
+			ExperimentReducedIvHeadEntropy: server.ExperimentReducedIvHeadEntropy,
 		}
 		account.CipherType = shadowsocks.CipherFromString(server.Cipher)
 		if account.CipherType == shadowsocks.CipherType_UNKNOWN {

proxy/shadowsocks/client.go

@@ -176,6 +176,9 @@ func (c *Client) Process(ctx context.Context, link *transport.Link, dialer inter
 	if account.Cipher.IVSize() > 0 {
 		iv = make([]byte, account.Cipher.IVSize())
 		common.Must2(rand.Read(iv))
+		if account.ReducedIVEntropy && len(iv) > 6 {
+			remapToPrintable(iv[:6])
+		}
 		if ivError := account.CheckIV(iv); ivError != nil {
 			return newError("failed to mark outgoing iv").Base(ivError)
 		}

proxy/shadowsocks/config.go

@@ -36,6 +36,8 @@ type MemoryAccount struct {
 	Key    []byte
 
 	replayFilter antireplay.GeneralizedReplayFilter
+
+	ReducedIVEntropy bool
 }
 
 // Equals implements protocol.Account.Equals().
@@ -367,6 +369,7 @@ func (a *Account) AsAccount() (protocol.Account, error) {
 			}
 			return nil
 		}(),
+		ReducedIVEntropy: a.ExperimentReducedIvHeadEntropy,
 	}, nil
 }
 

proxy/shadowsocks/config.pb.go

@@ -16,6 +16,7 @@ message Account {
   CipherType cipher_type = 2;
 
   bool iv_check = 3;
+  bool experiment_reduced_iv_head_entropy = 90001;
 }
 
 enum CipherType {
@@ -80,4 +81,5 @@ message ClientConfig {
   string plugin = 2;
   string plugin_opts = 3;
   repeated string plugin_args = 4;
+  bool experiment_reduced_iv_head_entropy = 90001;
 }

proxy/shadowsocks/config.proto

@@ -6,6 +6,7 @@ import (
 	"crypto/sha256"
 	"hash/crc32"
 	"io"
+	mrand "math/rand"
 	gonet "net"
 
 	"github.com/v2fly/v2ray-core/v5/common"
@@ -365,3 +366,11 @@ func (w *UDPWriter) WriteTo(payload []byte, addr gonet.Addr) (n int, err error)
 	packet.Release()
 	return len(payload), err
 }
+
+func remapToPrintable(input []byte) {
+	const charSet = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789!#$%&()*+,./:;<=>?@[]^_`{|}~\\\""
+	seed := mrand.New(mrand.NewSource(int64(crc32.ChecksumIEEE(input))))
+	for i := range input {
+		input[i] = charSet[seed.Intn(len(charSet))]
+	}
+}

proxy/shadowsocks/protocol.go

@@ -40,8 +40,9 @@ func init() {
 					User: []*protocol.User{
 						{
 							Account: serial.ToTypedMessage(&shadowsocks.Account{
-								Password:   simplifiedClient.Password,
-								CipherType: shadowsocks.CipherFromString(simplifiedClient.Method),
+								Password:                       simplifiedClient.Password,
+								CipherType:                     shadowsocks.CipherFromString(simplifiedClient.Method),
+								ExperimentReducedIvHeadEntropy: simplifiedClient.ExperimentReducedIvHeadEntropy,
 							}),
 						},
 					},

proxy/shadowsocks/simplified/config.go

@@ -34,4 +34,5 @@ message ClientConfig {
   string plugin = 5;
   string plugin_opts = 6;
   repeated string plugin_args = 7;
+  bool experiment_reduced_iv_head_entropy = 90001;
 }