feat(shadowsocks): implement support for SIP022 AEAD-2022 ciphers

2025-05-31 11:28:06 -04:00 · 2025-05-31 11:28:06 -04:00 · 0fb0aac2fa
commit 0fb0aac2fa
parent 1a21984c27
10 changed files with 85 additions and 28 deletions
--- a/pkg/adapter/clash/parse.go
+++ b/pkg/adapter/clash/parse.go
@ -2,6 +2,7 @@ package clash
 import (
 	"fmt"
 	"strings"
 	"github.com/perfect-panel/server/pkg/adapter/proxy"
 )
@ -21,6 +22,11 @@ func parseShadowsocks(s proxy.Proxy, uuid string) (*Proxy, error) {
 		UDP:      true,
 	}
 	if strings.Contains(p.Cipher, "2022") {
 		serverKey, userKey := proxy.GenerateShadowsocks2022Password(config, uuid)
 		p.Password = fmt.Sprintf("%s:%s", serverKey, userKey)
 	}
 	return p, nil
 }
--- a/pkg/adapter/clash/tool.go
+++ b/pkg/adapter/clash/tool.go
@ -1,6 +1,8 @@
 package clash
-import "github.com/perfect-panel/server/pkg/adapter/proxy"
+import (
 	"github.com/perfect-panel/server/pkg/adapter/proxy"
 )
 func clashTransport(c *Proxy, transportType string, transportConfig proxy.TransportConfig) {
--- a/pkg/adapter/general/uri.go
+++ b/pkg/adapter/general/uri.go
@ -73,11 +73,17 @@ func ShadowsocksUri(data proxy.Proxy, uuid string) string {
 	if !ok {
 		return ""
 	}
-	// sip002
+
 	password := uuid
 	// SIP022 AEAD-2022 Ciphers
 	if strings.Contains(ss.Method, "2022") {
 		serverKey, userKey := proxy.GenerateShadowsocks2022Password(ss, uuid)
 		password = fmt.Sprintf("%s:%s", serverKey, userKey)
 	}
 	u := &url.URL{
-		Scheme: "ss",
+		Scheme:   "ss",
-		// 还没有写 2022 的
+		User:     url.User(strings.TrimSuffix(base64.URLEncoding.EncodeToString([]byte(ss.Method+":"+password)), "=")),
 		User:     url.User(strings.TrimSuffix(base64.URLEncoding.EncodeToString([]byte(ss.Method+":"+uuid)), "=")),
 		Host:     net.JoinHostPort(data.Server, strconv.Itoa(data.Port)),
 		Fragment: data.Name,
 	}
--- a/pkg/adapter/loon/shadowsocks.go
+++ b/pkg/adapter/loon/shadowsocks.go
@ -6,8 +6,6 @@ import (
 	"strings"
 	"github.com/perfect-panel/server/pkg/adapter/proxy"
 	"github.com/perfect-panel/server/pkg/tool"
 	"github.com/perfect-panel/server/pkg/uuidx"
 )
 func buildShadowsocks(data proxy.Proxy, password string) string {
@ -18,7 +16,7 @@ func buildShadowsocks(data proxy.Proxy, password string) string {
 	}
 	if strings.Contains(shadowsocks.Method, "2022") {
-		serverKey, userKey := generateShadowsocks2022Password(shadowsocks, password)
+		serverKey, userKey := proxy.GenerateShadowsocks2022Password(shadowsocks, password)
 		password = fmt.Sprintf("%s:%s", serverKey, userKey)
 	}
@ -34,16 +32,3 @@ func buildShadowsocks(data proxy.Proxy, password string) string {
 	uri := strings.Join(configs, ",")
 	return uri + "\r\n"
 }
 func generateShadowsocks2022Password(ss proxy.Shadowsocks, password string) (string, string) {
 	// server key
 	var serverKey string
 	if ss.Method == "2022-blake3-aes-128-gcm" {
 		serverKey = tool.GenerateCipher(ss.ServerKey, 16)
 		password = uuidx.UUIDToBase64(password, 16)
 	} else {
 		serverKey = tool.GenerateCipher(ss.ServerKey, 32)
 		password = uuidx.UUIDToBase64(password, 32)
 	}
 	return serverKey, password
 }
--- a/pkg/adapter/proxy/tool.go
+++ b/pkg/adapter/proxy/tool.go
@ -0,0 +1,19 @@
 package proxy
 import (
 	"github.com/perfect-panel/server/pkg/tool"
 	"github.com/perfect-panel/server/pkg/uuidx"
 )
 func GenerateShadowsocks2022Password(ss Shadowsocks, password string) (string, string) {
 	// server key
 	var serverKey string
 	if ss.Method == "2022-blake3-aes-128-gcm" {
 		serverKey = tool.GenerateCipher(ss.ServerKey, 16)
 		password = uuidx.UUIDToBase64(password, 16)
 	} else {
 		serverKey = tool.GenerateCipher(ss.ServerKey, 32)
 		password = uuidx.UUIDToBase64(password, 32)
 	}
 	return serverKey, password
 }
--- a/pkg/adapter/quantumultx/shadowsocks.go
+++ b/pkg/adapter/quantumultx/shadowsocks.go
@ -11,10 +11,17 @@ func buildShadowsocks(data proxy.Proxy, uuid string) string {
 	ss := data.Option.(proxy.Shadowsocks)
 	addr := fmt.Sprintf("%s:%d", data.Server, data.Port)
 	password := uuid
 	if strings.Contains(ss.Method, "2022") {
 		serverKey, userKey := proxy.GenerateShadowsocks2022Password(ss, uuid)
 		password = fmt.Sprintf("%s:%s", serverKey, userKey)
 	}
 	config := []string{
 		addr,
 		fmt.Sprintf("method=%s", ss.Method),
-		fmt.Sprintf("password=%s", uuid),
+		fmt.Sprintf("password=%s", password),
 		"fast-open=true",
 		"udp-relay=true",
 		fmt.Sprintf("tag=%s", data.Name),
--- a/pkg/adapter/singbox/shadowsocks.go
+++ b/pkg/adapter/singbox/shadowsocks.go
@ -1,6 +1,9 @@
 package singbox
 import (
 	"fmt"
 	"strings"
 	"github.com/perfect-panel/server/pkg/adapter/proxy"
 )
@ -14,7 +17,15 @@ type ShadowsocksOptions struct {
 }
 func ParseShadowsocks(data proxy.Proxy, uuid string) (*Proxy, error) {
-	config := data.Option.(proxy.Shadowsocks)
+	ss := data.Option.(proxy.Shadowsocks)
 	password := uuid
 	// SIP022 AEAD-2022 Ciphers
 	if strings.Contains(ss.Method, "2022") {
 		serverKey, userKey := proxy.GenerateShadowsocks2022Password(ss, uuid)
 		password = fmt.Sprintf("%s:%s", serverKey, userKey)
 	}
 	p := &Proxy{
 		Tag:  data.Name,
 		Type: Shadowsocks,
@ -25,8 +36,8 @@ func ParseShadowsocks(data proxy.Proxy, uuid string) (*Proxy, error) {
 				Server:     data.Server,
 				ServerPort: data.Port,
 			},
-			Method:   config.Method,
+			Method:   ss.Method,
-			Password: uuid,
+			Password: password,
 			Network:  "tcp",
 		},
 	}
--- a/pkg/adapter/surfboard/shadowsocks.go
+++ b/pkg/adapter/surfboard/shadowsocks.go
@ -12,6 +12,10 @@ func buildShadowsocks(data proxy.Proxy, uuid string) string {
 	if !ok {
 		return ""
 	}
 	// Not supporting SIP022 AEAD-2022 Ciphers
 	if strings.Contains(ss.Method, "2022") {
 		return ""
 	}
 	addr := fmt.Sprintf("%s=ss, %s, %d", data.Name, data.Server, data.Port)
 	config := []string{
 		addr,
--- a/pkg/adapter/surge/shadowsocks.go
+++ b/pkg/adapter/surge/shadowsocks.go
@ -12,11 +12,19 @@ func buildShadowsocks(data proxy.Proxy, uuid string) string {
 	if !ok {
 		return ""
 	}
 	password := uuid
 	// SIP022 AEAD-2022 Ciphers
 	if strings.Contains(ss.Method, "2022") {
 		serverKey, userKey := proxy.GenerateShadowsocks2022Password(ss, uuid)
 		password = fmt.Sprintf("%s:%s", serverKey, userKey)
 	}
 	addr := fmt.Sprintf("%s=ss, %s, %d", data.Name, data.Server, data.Port)
 	config := []string{
 		addr,
 		fmt.Sprintf("encrypt-method=%s", ss.Method),
-		fmt.Sprintf("password=%s", uuid),
+		fmt.Sprintf("password=%s", password),
 		"tfo=true",
 		"udp-relay=true",
 	}
--- a/pkg/adapter/v2rayn/v2rayN.go
+++ b/pkg/adapter/v2rayn/v2rayN.go
@ -4,11 +4,12 @@ import (
 	"encoding/base64"
 	"encoding/json"
 	"fmt"
 	"github.com/perfect-panel/server/pkg/adapter/proxy"
 	"net"
 	"net/url"
 	"strconv"
 	"strings"
 	"github.com/perfect-panel/server/pkg/adapter/proxy"
 )
 type v2rayShareLink struct {
@ -69,11 +70,19 @@ func (m *V2rayN) buildShadowsocks(uuid string, data proxy.Proxy) string {
 	if !ok {
 		return ""
 	}
 	password := uuid
 	// SIP022 AEAD-2022 Ciphers
 	if strings.Contains(ss.Method, "2022") {
 		serverKey, userKey := proxy.GenerateShadowsocks2022Password(ss, uuid)
 		password = fmt.Sprintf("%s:%s", serverKey, userKey)
 	}
 	// sip002
 	u := &url.URL{
 		Scheme: "ss",
 		// 还没有写 2022 的
-		User:     url.User(strings.TrimSuffix(base64.URLEncoding.EncodeToString([]byte(ss.Method+":"+uuid)), "=")),
+		User:     url.User(strings.TrimSuffix(base64.URLEncoding.EncodeToString([]byte(ss.Method+":"+password)), "=")),
 		Host:     net.JoinHostPort(data.Server, strconv.Itoa(data.Port)),
 		Fragment: data.Name,
 	}