fix proxy ss2022 client lints

v2fly · Nov 19, 2023 · 39851b3 · 39851b3
1 parent 8a1777c
commit 39851b3
Show file tree

Hide file tree

Showing 10 changed files with 89 additions and 71 deletions.
diff --git a/proxy/shadowsocks2022/client.go b/proxy/shadowsocks2022/client.go
@@ -2,6 +2,10 @@ package shadowsocks2022
 
 import (
 	"context"
+	gonet "net"
+	"sync"
+	"time"
+
 	"github.com/v2fly/v2ray-core/v5/common"
 	"github.com/v2fly/v2ray-core/v5/common/buf"
 	"github.com/v2fly/v2ray-core/v5/common/environment"
@@ -15,9 +19,6 @@ import (
 	"github.com/v2fly/v2ray-core/v5/transport"
 	"github.com/v2fly/v2ray-core/v5/transport/internet"
 	"github.com/v2fly/v2ray-core/v5/transport/internet/udp"
-	gonet "net"
-	"sync"
-	"time"
 )
 
 type Client struct {
@@ -33,17 +34,17 @@ type ClientUDPConnState struct {
 }
 
 func (c *ClientUDPConnState) GetOrCreateSession(create func() (*ClientUDPSession, error)) (*ClientUDPSession, error) {
-	var err error
+	var errOuter error
 	c.initOnce.Do(func() {
 		sessionState, err := create()
 		if err != nil {
-			err = newError("failed to create UDP session").Base(err)
+			errOuter = newError("failed to create UDP session").Base(err)
 			return
 		}
 		c.session = sessionState
 	})
-	if err != nil {
-		return nil, newError("failed to initialize UDP State").Base(err)
+	if errOuter != nil {
+		return nil, newError("failed to initialize UDP State").Base(errOuter)
 	}
 	return c.session, nil
 }
@@ -60,7 +61,7 @@ func (c *Client) Process(ctx context.Context, link *transport.Link, dialer inter
 	destination := outbound.Target
 	network := destination.Network
 
-	var keyDerivation = newBLAKE3KeyDerivation()
+	keyDerivation := newBLAKE3KeyDerivation()
 	var method Method
 	switch c.config.Method {
 	case "2022-blake3-aes-128-gcm":
@@ -107,7 +108,6 @@ func (c *Client) Process(ctx context.Context, link *transport.Link, dialer inter
 
 			return nil
 		})
-
 		if err != nil {
 			return newError("failed to find an available destination").AtWarning().Base(err)
 		}
@@ -222,7 +222,6 @@ func (c *Client) getUDPSession(ctx context.Context, network net.Network, dialer
 }
 
 func NewClient(ctx context.Context, config *ClientConfig) (*Client, error) {
-
 	storage := envctx.EnvironmentFromContext(ctx).(environment.ProxyEnvironment).TransientStorage()
 
 	udpState, err := NewClientUDPConnState()

diff --git a/proxy/shadowsocks2022/client_session.go b/proxy/shadowsocks2022/client_session.go
@@ -3,13 +3,14 @@ package shadowsocks2022
 import (
 	"context"
 	"crypto/rand"
-	"github.com/v2fly/v2ray-core/v5/common/buf"
-	"github.com/v2fly/v2ray-core/v5/common/net"
-	"github.com/v2fly/v2ray-core/v5/transport/internet"
 	"io"
 	gonet "net"
 	"sync"
 	"time"
+
+	"github.com/v2fly/v2ray-core/v5/common/buf"
+	"github.com/v2fly/v2ray-core/v5/common/net"
+	"github.com/v2fly/v2ray-core/v5/transport/internet"
 )
 
 func NewClientUDPSession(ctx context.Context, conn io.ReadWriteCloser, packetProcessor UDPClientPacketProcessor) *ClientUDPSession {
@@ -165,7 +166,7 @@ func (c *ClientUDPSessionConn) ReadFrom(p []byte) (n int, addr net.Addr, err err
 	case resp := <-c.readChan:
 		n = copy(p, resp.Payload.Bytes())
 		resp.Payload.Release()
-		addr = &net.UDPAddr{IP: resp.Address.IP(), Port: int(resp.Port)}
+		addr = &net.UDPAddr{IP: resp.Address.IP(), Port: resp.Port}
 	}
 	return
 }
diff --git a/proxy/shadowsocks2022/eih_aes.go b/proxy/shadowsocks2022/eih_aes.go
@@ -2,9 +2,12 @@ package shadowsocks2022
 
 import (
 	"crypto/subtle"
+	"io"
+
 	"github.com/lunixbochs/struc"
+
 	"github.com/v2fly/v2ray-core/v5/common/buf"
-	"io"
+
 	"lukechampine.com/blake3"
 )
 

diff --git a/proxy/shadowsocks2022/encoding.go b/proxy/shadowsocks2022/encoding.go
@@ -9,6 +9,7 @@ import (
 	"time"
 
 	"github.com/lunixbochs/struc"
+
 	"github.com/v2fly/v2ray-core/v5/common/buf"
 	"github.com/v2fly/v2ray-core/v5/common/crypto"
 	"github.com/v2fly/v2ray-core/v5/common/net"
@@ -32,7 +33,8 @@ type TCPRequest struct {
 }
 
 func (t *TCPRequest) EncodeTCPRequestHeader(effectivePsk []byte,
-	eih [][]byte, address DestinationAddress, destPort int, initialPayload []byte, Out *buf.Buffer) error {
+	eih [][]byte, address DestinationAddress, destPort int, initialPayload []byte, out *buf.Buffer,
+) error {
 	requestSalt := newRequestSaltWithLength(t.method.GetSessionSubKeyAndSaltLength())
 	{
 		err := requestSalt.FillAllFrom(cryptoRand.Reader)
@@ -41,7 +43,7 @@ func (t *TCPRequest) EncodeTCPRequestHeader(effectivePsk []byte,
 		}
 	}
 	t.c2sSalt = requestSalt
-	var sessionKey = make([]byte, t.method.GetSessionSubKeyAndSaltLength())
+	sessionKey := make([]byte, t.method.GetSessionSubKeyAndSaltLength())
 	{
 		err := t.keyDerivation.GetSessionSubKey(effectivePsk, requestSalt.Bytes(), sessionKey)
 		if err != nil {
@@ -54,7 +56,7 @@ func (t *TCPRequest) EncodeTCPRequestHeader(effectivePsk []byte,
 		return newError("failed to get stream AEAD").Base(err)
 	}
 	t.c2sAEAD = aead
-	var paddingLength = TCPMinPaddingLength
+	paddingLength := TCPMinPaddingLength
 	if initialPayload == nil {
 		initialPayload = []byte{}
 		paddingLength += rand.Intn(TCPMaxPaddingLength) // TODO INSECURE RANDOM USED
@@ -128,7 +130,7 @@ func (t *TCPRequest) EncodeTCPRequestHeader(effectivePsk []byte,
 	requestNonce := crypto.GenerateInitialAEADNonce()
 	t.c2sNonce = requestNonce
 	{
-		n, err := Out.Write(preSessionKeyHeaderBuffer.BytesFrom(0))
+		n, err := out.Write(preSessionKeyHeaderBuffer.BytesFrom(0))
 		if err != nil {
 			return newError("failed to write pre session key header").Base(err)
 		}
@@ -137,28 +139,28 @@ func (t *TCPRequest) EncodeTCPRequestHeader(effectivePsk []byte,
 		}
 	}
 	{
-		fixedLengthEncrypted := Out.Extend(fixedLengthHeaderBuffer.Len() + int32(aead.Overhead()))
+		fixedLengthEncrypted := out.Extend(fixedLengthHeaderBuffer.Len() + int32(aead.Overhead()))
 		aead.Seal(fixedLengthEncrypted[:0], requestNonce(), fixedLengthHeaderBuffer.Bytes(), nil)
 	}
 	{
-		variableLengthEncrypted := Out.Extend(variableLengthHeaderBuffer.Len() + int32(aead.Overhead()))
+		variableLengthEncrypted := out.Extend(variableLengthHeaderBuffer.Len() + int32(aead.Overhead()))
 		aead.Seal(variableLengthEncrypted[:0], requestNonce(), variableLengthHeaderBuffer.Bytes(), nil)
 	}
 	return nil
 }
 
-func (t *TCPRequest) DecodeTCPResponseHeader(effectivePsk []byte, In io.Reader) error {
+func (t *TCPRequest) DecodeTCPResponseHeader(effectivePsk []byte, in io.Reader) error {
 	var preSessionKeyHeader TCPResponseHeader1PreSessionKey
 	preSessionKeyHeader.Salt = newRequestSaltWithLength(t.method.GetSessionSubKeyAndSaltLength())
 	{
-		err := struc.Unpack(In, &preSessionKeyHeader)
+		err := struc.Unpack(in, &preSessionKeyHeader)
 		if err != nil {
 			return newError("failed to unpack pre session key header").Base(err)
 		}
 	}
-	var s2cSalt = preSessionKeyHeader.Salt.Bytes()
+	s2cSalt := preSessionKeyHeader.Salt.Bytes()
 	t.s2cSalt = preSessionKeyHeader.Salt
-	var sessionKey = make([]byte, t.method.GetSessionSubKeyAndSaltLength())
+	sessionKey := make([]byte, t.method.GetSessionSubKeyAndSaltLength())
 	{
 		err := t.keyDerivation.GetSessionSubKey(effectivePsk, s2cSalt, sessionKey)
 		if err != nil {
@@ -171,17 +173,17 @@ func (t *TCPRequest) DecodeTCPResponseHeader(effectivePsk []byte, In io.Reader)
 	}
 	t.s2cAEAD = aead
 
-	var fixedLengthHeaderEncryptedBuffer = buf.New()
+	fixedLengthHeaderEncryptedBuffer := buf.New()
 	defer fixedLengthHeaderEncryptedBuffer.Release()
 	{
-		_, err := fixedLengthHeaderEncryptedBuffer.ReadFullFrom(In, 11+int32(t.method.GetSessionSubKeyAndSaltLength())+int32(aead.Overhead()))
+		_, err := fixedLengthHeaderEncryptedBuffer.ReadFullFrom(in, 11+int32(t.method.GetSessionSubKeyAndSaltLength())+int32(aead.Overhead()))
 		if err != nil {
 			return newError("failed to read fixed length header encrypted").Base(err)
 		}
 	}
 	s2cNonce := crypto.GenerateInitialAEADNonce()
 	t.s2cNonce = s2cNonce
-	var fixedLengthHeaderDecryptedBuffer = buf.New()
+	fixedLengthHeaderDecryptedBuffer := buf.New()
 	defer fixedLengthHeaderDecryptedBuffer.Release()
 	{
 		decryptionBuffer := fixedLengthHeaderDecryptedBuffer.Extend(11 + int32(t.method.GetSessionSubKeyAndSaltLength()))
@@ -213,13 +215,13 @@ func (t *TCPRequest) DecodeTCPResponseHeader(effectivePsk []byte, In io.Reader)
 }
 
 func (t *TCPRequest) CheckC2SConnectionConstraint() error {
-	if bytes.Compare(t.c2sSalt.Bytes(), t.s2cSaltAssert.Bytes()) != 0 {
+	if !bytes.Equal(t.c2sSalt.Bytes(), t.s2cSaltAssert.Bytes()) {
 		return newError("c2s salt not equal to s2c salt assert")
 	}
 	return nil
 }
 
-func (t *TCPRequest) CreateClientS2CReader(In io.Reader, initialPayload *buf.Buffer) (buf.Reader, error) {
+func (t *TCPRequest) CreateClientS2CReader(in io.Reader, initialPayload *buf.Buffer) (buf.Reader, error) {
 	AEADAuthenticator := &crypto.AEADAuthenticator{
 		AEAD:                    t.s2cAEAD,
 		NonceGenerator:          t.s2cNonce,
@@ -228,7 +230,7 @@ func (t *TCPRequest) CreateClientS2CReader(In io.Reader, initialPayload *buf.Buf
 	initialPayloadEncrypted := buf.NewWithSize(65535)
 	defer initialPayloadEncrypted.Release()
 	initialPayloadEncryptedBytes := initialPayloadEncrypted.Extend(int32(t.s2cAEAD.Overhead()) + int32(t.s2cInitialPayloadSize))
-	_, err := io.ReadFull(In, initialPayloadEncryptedBytes)
+	_, err := io.ReadFull(in, initialPayloadEncryptedBytes)
 	if err != nil {
 		return nil, newError("failed to read initial payload").Base(err)
 	}
@@ -239,7 +241,7 @@ func (t *TCPRequest) CreateClientS2CReader(In io.Reader, initialPayload *buf.Buf
 	}
 	return crypto.NewAuthenticationReader(AEADAuthenticator, &crypto.AEADChunkSizeParser{
 		Auth: AEADAuthenticator,
-	}, In, protocol.TransferTypeStream, nil), nil
+	}, in, protocol.TransferTypeStream, nil), nil
 }
 
 func (t *TCPRequest) CreateClientC2SWriter(writer io.Writer) buf.Writer {

diff --git a/proxy/shadowsocks2022/kdf_blake3.go b/proxy/shadowsocks2022/kdf_blake3.go
@@ -1,31 +1,31 @@
 package shadowsocks2022
 
 import (
-	"github.com/v2fly/v2ray-core/v5/common/buf"
 	"lukechampine.com/blake3"
+
+	"github.com/v2fly/v2ray-core/v5/common/buf"
 )
 
 func newBLAKE3KeyDerivation() *BLAKE3KeyDerivation {
 	return &BLAKE3KeyDerivation{}
 }
 
-type BLAKE3KeyDerivation struct {
-}
+type BLAKE3KeyDerivation struct{}
 
-func (B BLAKE3KeyDerivation) GetSessionSubKey(effectivePsk, Salt []byte, OutKey []byte) error {
+func (b BLAKE3KeyDerivation) GetSessionSubKey(effectivePsk, salt []byte, outKey []byte) error {
 	keyingMaterialBuffer := buf.New()
 	keyingMaterialBuffer.Write(effectivePsk)
-	keyingMaterialBuffer.Write(Salt)
-	blake3.DeriveKey(OutKey, "shadowsocks 2022 session subkey", keyingMaterialBuffer.Bytes())
+	keyingMaterialBuffer.Write(salt)
+	blake3.DeriveKey(outKey, "shadowsocks 2022 session subkey", keyingMaterialBuffer.Bytes())
 	keyingMaterialBuffer.Release()
 	return nil
 }
 
-func (B BLAKE3KeyDerivation) GetIdentitySubKey(effectivePsk, Salt []byte, OutKey []byte) error {
+func (b BLAKE3KeyDerivation) GetIdentitySubKey(effectivePsk, salt []byte, outKey []byte) error {
 	keyingMaterialBuffer := buf.New()
 	keyingMaterialBuffer.Write(effectivePsk)
-	keyingMaterialBuffer.Write(Salt)
-	blake3.DeriveKey(OutKey, "shadowsocks 2022 identity subkey", keyingMaterialBuffer.Bytes())
+	keyingMaterialBuffer.Write(salt)
+	blake3.DeriveKey(outKey, "shadowsocks 2022 identity subkey", keyingMaterialBuffer.Bytes())
 	keyingMaterialBuffer.Release()
 	return nil
 }
diff --git a/proxy/shadowsocks2022/method_aes128gcm.go b/proxy/shadowsocks2022/method_aes128gcm.go
@@ -9,15 +9,14 @@ func newAES128GCMMethod() *AES128GCMMethod {
 	return &AES128GCMMethod{}
 }
 
-type AES128GCMMethod struct {
-}
+type AES128GCMMethod struct{}
 
-func (A AES128GCMMethod) GetSessionSubKeyAndSaltLength() int {
+func (a AES128GCMMethod) GetSessionSubKeyAndSaltLength() int {
 	return 16
 }
 
-func (A AES128GCMMethod) GetStreamAEAD(SessionSubKey []byte) (cipher.AEAD, error) {
-	aesCipher, err := aes.NewCipher(SessionSubKey)
+func (a AES128GCMMethod) GetStreamAEAD(sessionSubKey []byte) (cipher.AEAD, error) {
+	aesCipher, err := aes.NewCipher(sessionSubKey)
 	if err != nil {
 		return nil, newError("failed to create AES cipher").Base(err)
 	}
@@ -28,16 +27,16 @@ func (A AES128GCMMethod) GetStreamAEAD(SessionSubKey []byte) (cipher.AEAD, error
 	return aead, nil
 }
 
-func (A AES128GCMMethod) GenerateEIH(CurrentIdentitySubKey []byte, nextPskHash []byte, out []byte) error {
-	aesCipher, err := aes.NewCipher(CurrentIdentitySubKey)
+func (a AES128GCMMethod) GenerateEIH(currentIdentitySubKey []byte, nextPskHash []byte, out []byte) error {
+	aesCipher, err := aes.NewCipher(currentIdentitySubKey)
 	if err != nil {
 		return newError("failed to create AES cipher").Base(err)
 	}
 	aesCipher.Encrypt(out, nextPskHash)
 	return nil
 }
 
-func (A AES128GCMMethod) GetUDPClientProcessor(ipsk [][]byte, psk []byte, derivation KeyDerivation) (UDPClientPacketProcessor, error) {
+func (a AES128GCMMethod) GetUDPClientProcessor(ipsk [][]byte, psk []byte, derivation KeyDerivation) (UDPClientPacketProcessor, error) {
 	reqSeparateHeaderPsk := psk
 	if ipsk != nil {
 		reqSeparateHeaderPsk = ipsk[0]
@@ -51,9 +50,12 @@ func (A AES128GCMMethod) GetUDPClientProcessor(ipsk [][]byte, psk []byte, deriva
 		return nil, newError("failed to create AES cipher").Base(err)
 	}
 	getPacketAEAD := func(sessionID []byte) cipher.AEAD {
-		sessionKey := make([]byte, A.GetSessionSubKeyAndSaltLength())
+		sessionKey := make([]byte, a.GetSessionSubKeyAndSaltLength())
 		derivation.GetSessionSubKey(psk, sessionID, sessionKey)
 		block, err := aes.NewCipher(sessionKey)
+		if err != nil {
+			panic(err)
+		}
 		aead, err := cipher.NewGCM(block)
 		if err != nil {
 			panic(err)
@@ -62,7 +64,7 @@ func (A AES128GCMMethod) GetUDPClientProcessor(ipsk [][]byte, psk []byte, deriva
 	}
 	eihGenerator := newAESEIHGeneratorContainer(len(ipsk), psk, ipsk)
 	getEIH := func(mask []byte) ExtensibleIdentityHeaders {
-		eih, err := eihGenerator.GenerateEIHUDP(derivation, A, mask)
+		eih, err := eihGenerator.GenerateEIHUDP(derivation, a, mask)
 		if err != nil {
 			newError("failed to generate EIH").Base(err).WriteToLog()
 		}