bughz/glider
1
0
Fork 0
mirror of https://github.com/nadoo/glider.git synced 2025-11-05 00:02:38 +08:00
Code Issues Actions Packages Projects Releases Wiki Activity

Compare commits

base: bughz:8e81e09a8f79198a832a4eb53e58b7b9a746e129
Branches Tags
bughz:main
bughz:dev
bughz:v0.16.4
bughz:v0.16.3
bughz:v0.16.2
bughz:v0.16.1
bughz:v0.16.0
bughz:v0.15.3
bughz:v0.15.2
bughz:v0.15.1
bughz:v0.15.0
bughz:v0.14.0
bughz:v0.13.2
bughz:v0.13.1
bughz:v0.13.0
bughz:v0.12.3
bughz:v0.12.2
bughz:v0.12.1
bughz:v0.12.0
bughz:v0.11.1
bughz:v0.11.0
bughz:v0.10.4
bughz:v0.10.3
bughz:v0.10.2
bughz:v0.10.1
bughz:v0.10.0
bughz:v0.9.3
bughz:v0.9.2
bughz:v0.8.3
bughz:v0.8.2
bughz:v0.7.0
bughz:v0.6.11
bughz:v0.6.10
bughz:v0.6.9
bughz:v0.6.8
bughz:v0.6.7
bughz:v0.6.6
bughz:v0.6.5
bughz:v0.6.3
bughz:v0.6.2
bughz:v0.6.1
bughz:v0.6.0
bughz:v0.5.3
bughz:v0.5.2
bughz:v0.5.1
bughz:v0.5.0
bughz:v0.4.3
bughz:v0.4.2
bughz:v0.4.1
bughz:v0.3.2
bughz:v0.3.1
bughz:v0.3.0
bughz:v0.2.1
bughz:v0.2.0
bughz:v0.1.3
...
compare: bughz:bb439c9345b6c9e1a7374b82f6102f11ede17a3f
Branches Tags
bughz:dev
bughz:main
bughz:v0.16.4
bughz:v0.16.3
bughz:v0.16.2
bughz:v0.16.1
bughz:v0.16.0
bughz:v0.15.3
bughz:v0.15.2
bughz:v0.15.1
bughz:v0.15.0
bughz:v0.14.0
bughz:v0.13.2
bughz:v0.13.1
bughz:v0.13.0
bughz:v0.12.3
bughz:v0.12.2
bughz:v0.12.1
bughz:v0.12.0
bughz:v0.11.1
bughz:v0.11.0
bughz:v0.10.4
bughz:v0.10.3
bughz:v0.10.2
bughz:v0.10.1
bughz:v0.10.0
bughz:v0.9.3
bughz:v0.9.2
bughz:v0.8.3
bughz:v0.8.2
bughz:v0.7.0
bughz:v0.6.11
bughz:v0.6.10
bughz:v0.6.9
bughz:v0.6.8
bughz:v0.6.7
bughz:v0.6.6
bughz:v0.6.5
bughz:v0.6.3
bughz:v0.6.2
bughz:v0.6.1
bughz:v0.6.0
bughz:v0.5.3
bughz:v0.5.2
bughz:v0.5.1
bughz:v0.5.0
bughz:v0.4.3
bughz:v0.4.2
bughz:v0.4.1
bughz:v0.3.2
bughz:v0.3.1
bughz:v0.3.0
bughz:v0.2.1
bughz:v0.2.0
bughz:v0.1.3

2 Commits
8e81e09a8f ... bb439c9345

Author SHA1 Message Date
nadoo
bb439c9345 redir: fix test error
Some checks failed
Build / Build (push) Has been cancelled
Details
2025-02-28 00:42:46 +08:00
nadoo
6aee7b35c0 chore: update math/rand to math/rand/v2 2025-02-28 00:40:20 +08:00
23 changed files with 76 additions and 81 deletions
Show Stats Expand all files Collapse all files

2
.github/workflows/build.yml vendored
View File

@ -35,7 +35,7 @@ jobs:
cache: true cache: true
- name: Test - name: Test
run: go test -v . run: go test -v ./...
- name: Build - name: Build
uses: goreleaser/goreleaser-action@v6 uses: goreleaser/goreleaser-action@v6

2
.gitignore vendored
View File

@ -17,12 +17,14 @@
# custom # custom
.idea .idea
.vscode .vscode
.zed
.DS_Store .DS_Store
# dev test only # dev test only
/dev/ /dev/
dev*.go dev*.go
*_test.go
dist dist

2
dns/client.go
View File

@ -179,7 +179,7 @@ func (c *Client) exchange(qname string, reqBytes []byte, preferTCP bool) (
ups := c.UpStream(qname) ups := c.UpStream(qname)
server = ups.Server() server = ups.Server()
for i := 0; i < ups.Len(); i++ { for range ups.Len() {
var rc net.Conn var rc net.Conn
rc, err = dialer.Dial(network, server) rc, err = dialer.Dial(network, server)
if err != nil { if err != nil {

4
dns/message.go
View File

@ -5,7 +5,7 @@ import (
"encoding/binary" "encoding/binary"
"errors" "errors"
"io" "io"
"math/rand" "math/rand/v2"
"net/netip" "net/netip"
"strings" "strings"
) )
@ -146,7 +146,7 @@ func UnmarshalMessage(b []byte) (*Message, error) {
// resp answers // resp answers
rrIdx := HeaderLen + qLen rrIdx := HeaderLen + qLen
for i := 0; i < int(m.Header.ANCOUNT); i++ { for range int(m.Header.ANCOUNT) {
rr := &RR{} rr := &RR{}
rrLen, err := m.UnmarshalRR(rrIdx, rr) rrLen, err := m.UnmarshalRR(rrIdx, rr)
if err != nil { if err != nil {

5
proxy/obfs/tls.go
View File

@ -64,10 +64,7 @@ func (c *TLSObfsConn) Write(b []byte) (int, error) {
n := len(b) n := len(b)
for i := 0; i < n; i += chunkSize { for i := 0; i < n; i += chunkSize {
buf.Reset() buf.Reset()
end := i + chunkSize end := min(i+chunkSize, n)
if end > n {
end = n
}
buf.Write([]byte{0x17, 0x03, 0x03}) buf.Write([]byte{0x17, 0x03, 0x03})
binary.Write(buf, binary.BigEndian, uint16(len(b[i:end]))) binary.Write(buf, binary.BigEndian, uint16(len(b[i:end])))

2
proxy/redir/redir_linux.go
View File

@ -60,7 +60,7 @@ func (s *RedirProxy) ListenAndServe() {
return return
} }
log.F("[redir] listening TCP on " + s.addr) log.F("[redir] listening TCP on %s", s.addr)
for { for {
c, err := l.Accept() c, err := l.Accept()

2
proxy/ssr/internal/cipher/cipher.go
View File

@ -5,10 +5,10 @@ import (
"crypto/cipher" "crypto/cipher"
"crypto/des" "crypto/des"
"crypto/md5" "crypto/md5"
"crypto/rand"
"crypto/rc4" "crypto/rc4"
"encoding/binary" "encoding/binary"
"errors" "errors"
"math/rand"
"github.com/aead/chacha20" "github.com/aead/chacha20"
"github.com/dgryski/go-camellia" "github.com/dgryski/go-camellia"

6
proxy/ssr/internal/client.go
View File

@ -8,9 +8,7 @@ import (
"bytes" "bytes"
"errors" "errors"
"fmt" "fmt"
"math/rand"
"net" "net"
"time"
"github.com/nadoo/glider/pkg/pool" "github.com/nadoo/glider/pkg/pool"
"github.com/nadoo/glider/proxy" "github.com/nadoo/glider/proxy"
@ -21,10 +19,6 @@ import (
var bufSize = proxy.TCPBufSize var bufSize = proxy.TCPBufSize
func init() {
rand.Seed(time.Now().UnixNano())
}
// SSTCPConn the struct that override the net.Conn methods // SSTCPConn the struct that override the net.Conn methods
type SSTCPConn struct { type SSTCPConn struct {
net.Conn net.Conn

4
proxy/ssr/internal/obfs/http_post.go
View File

@ -1,7 +1,7 @@
package obfs package obfs
import ( import (
"math/rand" "math/rand/v2"
) )
func init() { func init() {
@ -13,7 +13,7 @@ func newHttpPost() IObfs {
// newHttpSimple create a http_simple object // newHttpSimple create a http_simple object
t := &httpSimplePost{ t := &httpSimplePost{
userAgentIndex: rand.Intn(len(requestUserAgent)), userAgentIndex: rand.IntN(len(requestUserAgent)),
methodGet: false, methodGet: false,
} }
return t return t

16
proxy/ssr/internal/obfs/http_simple.go
View File

@ -4,7 +4,7 @@ import (
"bytes" "bytes"
"encoding/hex" "encoding/hex"
"fmt" "fmt"
"math/rand" "math/rand/v2"
"strings" "strings"
"github.com/nadoo/glider/proxy/ssr/internal/ssr" "github.com/nadoo/glider/proxy/ssr/internal/ssr"
@ -55,7 +55,7 @@ func newHttpSimple() IObfs {
t := &httpSimplePost{ t := &httpSimplePost{
rawTransSent: false, rawTransSent: false,
rawTransReceived: false, rawTransReceived: false,
userAgentIndex: rand.Intn(len(requestUserAgent)), userAgentIndex: rand.IntN(len(requestUserAgent)),
methodGet: true, methodGet: true,
} }
return t return t
@ -80,14 +80,14 @@ func (t *httpSimplePost) GetData() any {
func (t *httpSimplePost) boundary() (ret string) { func (t *httpSimplePost) boundary() (ret string) {
set := "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789" set := "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789"
for i := 0; i < 32; i++ { for range 32 {
ret = fmt.Sprintf("%s%c", ret, set[rand.Intn(len(set))]) ret = fmt.Sprintf("%s%c", ret, set[rand.IntN(len(set))])
} }
return return
} }
func (t *httpSimplePost) data2URLEncode(data []byte) (ret string) { func (t *httpSimplePost) data2URLEncode(data []byte) (ret string) {
for i := 0; i < len(data); i++ { for i := range data {
ret = fmt.Sprintf("%s%%%s", ret, hex.EncodeToString([]byte{data[i]})) ret = fmt.Sprintf("%s%%%s", ret, hex.EncodeToString([]byte{data[i]}))
} }
return return
@ -101,12 +101,12 @@ func (t *httpSimplePost) Encode(data []byte) (encodedData []byte, err error) {
dataLength := len(data) dataLength := len(data)
var headData []byte var headData []byte
if headSize := t.IVLen + t.HeadLen; dataLength-headSize > 64 { if headSize := t.IVLen + t.HeadLen; dataLength-headSize > 64 {
headData = make([]byte, headSize+rand.Intn(64)) headData = make([]byte, headSize+rand.IntN(64))
} else { } else {
headData = make([]byte, dataLength) headData = make([]byte, dataLength)
} }
copy(headData, data[0:len(headData)]) copy(headData, data[0:len(headData)])
requestPathIndex := rand.Intn(len(requestPath)/2) * 2 requestPathIndex := rand.IntN(len(requestPath)/2) * 2
host := t.Host host := t.Host
var customHead string var customHead string
@ -122,7 +122,7 @@ func (t *httpSimplePost) Encode(data []byte) (encodedData []byte, err error) {
} }
hosts := strings.Split(param, ",") hosts := strings.Split(param, ",")
if len(hosts) > 0 { if len(hosts) > 0 {
host = strings.TrimSpace(hosts[rand.Intn(len(hosts))]) host = strings.TrimSpace(hosts[rand.IntN(len(hosts))])
} }
} }
method := "GET /" method := "GET /"

7
proxy/ssr/internal/obfs/random_head.go
View File

@ -1,7 +1,8 @@
package obfs package obfs
import ( import (
"math/rand" crand "crypto/rand"
"math/rand/v2"
"github.com/nadoo/glider/proxy/ssr/internal/ssr" "github.com/nadoo/glider/proxy/ssr/internal/ssr"
) )
@ -57,9 +58,9 @@ func (r *randomHead) Encode(data []byte) (encodedData []byte, err error) {
r.rawTransSent = true r.rawTransSent = true
} }
} else { } else {
size := rand.Intn(96) + 8 size := rand.IntN(96) + 8
encodedData = make([]byte, size) encodedData = make([]byte, size)
rand.Read(encodedData) crand.Read(encodedData)
ssr.SetCRC32(encodedData, size) ssr.SetCRC32(encodedData, size)
d := make([]byte, dataLength) d := make([]byte, dataLength)

20
proxy/ssr/internal/obfs/tls12_ticket_auth.go
View File

@ -3,10 +3,11 @@ package obfs
import ( import (
"bytes" "bytes"
"crypto/hmac" "crypto/hmac"
crand "crypto/rand"
"encoding/binary" "encoding/binary"
"fmt" "fmt"
"log" "log"
"math/rand" "math/rand/v2"
"strings" "strings"
"time" "time"
@ -64,7 +65,7 @@ func (t *tls12TicketAuth) GetData() any {
t.data = &tlsAuthData{} t.data = &tlsAuthData{}
b := make([]byte, 32) b := make([]byte, 32)
rand.Read(b) crand.Read(b)
copy(t.data.localClientID[:], b) copy(t.data.localClientID[:], b)
} }
return t.data return t.data
@ -76,7 +77,7 @@ func (t *tls12TicketAuth) getHost() string {
hosts := strings.Split(t.Param, ",") hosts := strings.Split(t.Param, ",")
if len(hosts) > 0 { if len(hosts) > 0 {
host = hosts[rand.Intn(len(hosts))] host = hosts[rand.IntN(len(hosts))]
host = strings.TrimSpace(host) host = strings.TrimSpace(host)
} }
} }
@ -96,7 +97,6 @@ func packData(prefixData []byte, suffixData []byte) (outData []byte) {
func (t *tls12TicketAuth) Encode(data []byte) (encodedData []byte, err error) { func (t *tls12TicketAuth) Encode(data []byte) (encodedData []byte, err error) {
encodedData = make([]byte, 0) encodedData = make([]byte, 0)
rand.Seed(time.Now().UnixNano())
switch t.handshakeStatus { switch t.handshakeStatus {
case 8: case 8:
if len(data) < 1024 { if len(data) < 1024 {
@ -108,7 +108,7 @@ func (t *tls12TicketAuth) Encode(data []byte) (encodedData []byte, err error) {
start := 0 start := 0
var l int var l int
for len(data)-start > 2048 { for len(data)-start > 2048 {
l = rand.Intn(4096) + 100 l = rand.IntN(4096) + 100
if l > len(data)-start { if l > len(data)-start {
l = len(data) - start l = len(data) - start
} }
@ -129,7 +129,7 @@ func (t *tls12TicketAuth) Encode(data []byte) (encodedData []byte, err error) {
start := 0 start := 0
var l int var l int
for len(data)-start > 2048 { for len(data)-start > 2048 {
l = rand.Intn(4096) + 100 l = rand.IntN(4096) + 100
if l > len(data)-start { if l > len(data)-start {
l = len(data) - start l = len(data) - start
} }
@ -148,7 +148,7 @@ func (t *tls12TicketAuth) Encode(data []byte) (encodedData []byte, err error) {
hmacData := make([]byte, 43) hmacData := make([]byte, 43)
handshakeFinish := []byte("\x14\x03\x03\x00\x01\x01\x16\x03\x03\x00\x20") handshakeFinish := []byte("\x14\x03\x03\x00\x01\x01\x16\x03\x03\x00\x20")
copy(hmacData, handshakeFinish) copy(hmacData, handshakeFinish)
rand.Read(hmacData[11:33]) crand.Read(hmacData[11:33])
h := t.hmacSHA1(hmacData[:33]) h := t.hmacSHA1(hmacData[:33])
copy(hmacData[33:], h) copy(hmacData[33:], h)
encodedData = append(hmacData, t.sendSaver...) encodedData = append(hmacData, t.sendSaver...)
@ -169,11 +169,11 @@ func (t *tls12TicketAuth) Encode(data []byte) (encodedData []byte, err error) {
tlsDataLen += len(sni) tlsDataLen += len(sni)
copy(tlsData[tlsDataLen:], tlsData2) copy(tlsData[tlsDataLen:], tlsData2)
tlsDataLen += len(tlsData2) tlsDataLen += len(tlsData2)
ticketLen := rand.Intn(164)*2 + 64 ticketLen := rand.IntN(164)*2 + 64
tlsData[tlsDataLen-1] = uint8(ticketLen & 0xff) tlsData[tlsDataLen-1] = uint8(ticketLen & 0xff)
tlsData[tlsDataLen-2] = uint8(ticketLen >> 8) tlsData[tlsDataLen-2] = uint8(ticketLen >> 8)
//ticketLen := 208 //ticketLen := 208
rand.Read(tlsData[tlsDataLen : tlsDataLen+ticketLen]) crand.Read(tlsData[tlsDataLen : tlsDataLen+ticketLen])
tlsDataLen += ticketLen tlsDataLen += ticketLen
copy(tlsData[tlsDataLen:], tlsData3) copy(tlsData[tlsDataLen:], tlsData3)
tlsDataLen += len(tlsData3) tlsDataLen += len(tlsData3)
@ -278,7 +278,7 @@ func (t *tls12TicketAuth) packAuthData() (outData []byte) {
now := time.Now().Unix() now := time.Now().Unix()
binary.BigEndian.PutUint32(outData[0:4], uint32(now)) binary.BigEndian.PutUint32(outData[0:4], uint32(now))
rand.Read(outData[4 : 4+18]) crand.Read(outData[4 : 4+18])
hash := t.hmacSHA1(outData[:outSize-ssr.ObfsHMACSHA1Len]) hash := t.hmacSHA1(outData[:outSize-ssr.ObfsHMACSHA1Len])
copy(outData[outSize-ssr.ObfsHMACSHA1Len:], hash) copy(outData[outSize-ssr.ObfsHMACSHA1Len:], hash)

29
proxy/ssr/internal/protocol/auth_aes128_md5.go
View File

@ -4,9 +4,10 @@ import (
"bytes" "bytes"
"crypto/aes" "crypto/aes"
"crypto/cipher" "crypto/cipher"
crand "crypto/rand"
"encoding/base64" "encoding/base64"
"encoding/binary" "encoding/binary"
"math/rand" "math/rand/v2"
"strconv" "strconv"
"strings" "strings"
"time" "time"
@ -74,15 +75,14 @@ func (a *authAES128) GetData() any {
func (a *authAES128) packData(data []byte) (outData []byte) { func (a *authAES128) packData(data []byte) (outData []byte) {
dataLength := len(data) dataLength := len(data)
randLength := 1 randLength := 1
rand.Seed(time.Now().UnixNano())
if dataLength <= 1200 { if dataLength <= 1200 {
if a.packID > 4 { if a.packID > 4 {
randLength += rand.Intn(32) randLength += rand.IntN(32)
} else { } else {
if dataLength > 900 { if dataLength > 900 {
randLength += rand.Intn(128) randLength += rand.IntN(128)
} else { } else {
randLength += rand.Intn(512) randLength += rand.IntN(512)
} }
} }
} }
@ -98,7 +98,7 @@ func (a *authAES128) packData(data []byte) (outData []byte) {
h := a.hmac(key, outData[0:2]) h := a.hmac(key, outData[0:2])
copy(outData[2:4], h[:2]) copy(outData[2:4], h[:2])
// 4~rand length+4, rand number // 4~rand length+4, rand number
rand.Read(outData[4 : 4+randLength]) crand.Read(outData[4 : 4+randLength])
// 4, rand length // 4, rand length
if randLength < 128 { if randLength < 128 {
outData[4] = byte(randLength & 0xFF) outData[4] = byte(randLength & 0xFF)
@ -121,11 +121,10 @@ func (a *authAES128) packData(data []byte) (outData []byte) {
func (a *authAES128) packAuthData(data []byte) (outData []byte) { func (a *authAES128) packAuthData(data []byte) (outData []byte) {
dataLength := len(data) dataLength := len(data)
var randLength int var randLength int
rand.Seed(time.Now().UnixNano())
if dataLength > 400 { if dataLength > 400 {
randLength = rand.Intn(512) randLength = rand.IntN(512)
} else { } else {
randLength = rand.Intn(1024) randLength = rand.IntN(1024)
} }
dataOffset := randLength + 16 + 4 + 4 + 7 dataOffset := randLength + 16 + 4 + 4 + 7
@ -136,7 +135,7 @@ func (a *authAES128) packAuthData(data []byte) (outData []byte) {
copy(key, a.IV) copy(key, a.IV)
copy(key[a.IVLen:], a.Key) copy(key[a.IVLen:], a.Key)
rand.Read(outData[dataOffset-randLength:]) crand.Read(outData[dataOffset-randLength:])
a.data.mutex.Lock() a.data.mutex.Lock()
a.data.connectionID++ a.data.connectionID++
if a.data.connectionID > 0xFF000000 { if a.data.connectionID > 0xFF000000 {
@ -144,9 +143,9 @@ func (a *authAES128) packAuthData(data []byte) (outData []byte) {
} }
if len(a.data.clientID) == 0 { if len(a.data.clientID) == 0 {
a.data.clientID = make([]byte, 8) a.data.clientID = make([]byte, 8)
rand.Read(a.data.clientID) crand.Read(a.data.clientID)
b := make([]byte, 4) b := make([]byte, 4)
rand.Read(b) crand.Read(b)
a.data.connectionID = binary.LittleEndian.Uint32(b) & 0xFFFFFF a.data.connectionID = binary.LittleEndian.Uint32(b) & 0xFFFFFF
} }
copy(encrypt[4:], a.data.clientID) copy(encrypt[4:], a.data.clientID)
@ -163,13 +162,13 @@ func (a *authAES128) packAuthData(data []byte) (outData []byte) {
uid := make([]byte, 4) uid := make([]byte, 4)
if len(params) >= 2 { if len(params) >= 2 {
if userID, err := strconv.ParseUint(params[0], 10, 32); err != nil { if userID, err := strconv.ParseUint(params[0], 10, 32); err != nil {
rand.Read(uid) crand.Read(uid)
} else { } else {
binary.LittleEndian.PutUint32(uid, uint32(userID)) binary.LittleEndian.PutUint32(uid, uint32(userID))
a.userKey = a.hashDigest([]byte(params[1])) a.userKey = a.hashDigest([]byte(params[1]))
} }
} else { } else {
rand.Read(uid) crand.Read(uid)
} }
if a.userKey == nil { if a.userKey == nil {
@ -196,7 +195,7 @@ func (a *authAES128) packAuthData(data []byte) (outData []byte) {
h := a.hmac(key, encrypt[0:20]) h := a.hmac(key, encrypt[0:20])
copy(encrypt[20:], h[:4]) copy(encrypt[20:], h[:4])
rand.Read(outData[0:1]) crand.Read(outData[0:1])
h = a.hmac(key, outData[0:1]) h = a.hmac(key, outData[0:1])
copy(outData[1:], h[0:7-1]) copy(outData[1:], h[0:7-1])

4
proxy/ssr/internal/protocol/auth_chain_a.go
View File

@ -6,9 +6,9 @@ import (
"bytes" "bytes"
"crypto/aes" "crypto/aes"
stdCipher "crypto/cipher" stdCipher "crypto/cipher"
"crypto/rand"
"encoding/base64" "encoding/base64"
"encoding/binary" "encoding/binary"
"math/rand"
"strconv" "strconv"
"strings" "strings"
"time" "time"
@ -194,7 +194,7 @@ func (a *authChainA) packAuthData(data []byte) (outData []byte) {
copy(a.userKey, a.Key) copy(a.userKey, a.Key)
} }
} }
for i := 0; i < 4; i++ { for i := range 4 {
uid[i] = a.uid[i] ^ a.lastClientHash[8+i] uid[i] = a.uid[i] ^ a.lastClientHash[8+i]
} }
base64UserKey = base64.StdEncoding.EncodeToString(a.userKey) base64UserKey = base64.StdEncoding.EncodeToString(a.userKey)

4
proxy/ssr/internal/protocol/auth_chain_b.go
View File

@ -34,14 +34,14 @@ func (a *authChainA) authChainBInitDataSize() {
random.InitFromBin(a.Key) random.InitFromBin(a.Key)
length := random.Next()%8 + 4 length := random.Next()%8 + 4
a.dataSizeList = make([]int, length) a.dataSizeList = make([]int, length)
for i := 0; i < int(length); i++ { for i := range int(length) {
a.dataSizeList[i] = int(random.Next() % 2340 % 2040 % 1440) a.dataSizeList[i] = int(random.Next() % 2340 % 2040 % 1440)
} }
sort.Ints(a.dataSizeList) sort.Ints(a.dataSizeList)
length = random.Next()%16 + 8 length = random.Next()%16 + 8
a.dataSizeList2 = make([]int, length) a.dataSizeList2 = make([]int, length)
for i := 0; i < int(length); i++ { for i := range int(length) {
a.dataSizeList2[i] = int(random.Next() % 2340 % 2040 % 1440) a.dataSizeList2[i] = int(random.Next() % 2340 % 2040 % 1440)
} }
sort.Ints(a.dataSizeList2) sort.Ints(a.dataSizeList2)

17
proxy/ssr/internal/protocol/auth_sha1_v4.go
View File

@ -2,8 +2,9 @@ package protocol
import ( import (
"bytes" "bytes"
crand "crypto/rand"
"encoding/binary" "encoding/binary"
"math/rand" "math/rand/v2"
"time" "time"
"github.com/nadoo/glider/proxy/ssr/internal/ssr" "github.com/nadoo/glider/proxy/ssr/internal/ssr"
@ -53,9 +54,9 @@ func (a *authSHA1v4) packData(data []byte) (outData []byte) {
if dataLength <= 1300 { if dataLength <= 1300 {
if dataLength > 400 { if dataLength > 400 {
randLength += rand.Intn(128) randLength += rand.IntN(128)
} else { } else {
randLength += rand.Intn(1024) randLength += rand.IntN(1024)
} }
} }
@ -90,9 +91,9 @@ func (a *authSHA1v4) packAuthData(data []byte) (outData []byte) {
randLength := 1 randLength := 1
if dataLength <= 1300 { if dataLength <= 1300 {
if dataLength > 400 { if dataLength > 400 {
randLength += rand.Intn(128) randLength += rand.IntN(128)
} else { } else {
randLength += rand.Intn(1024) randLength += rand.IntN(1024)
} }
} }
dataOffset := randLength + 4 + 2 dataOffset := randLength + 4 + 2
@ -104,9 +105,9 @@ func (a *authSHA1v4) packAuthData(data []byte) (outData []byte) {
} }
if len(a.data.clientID) == 0 { if len(a.data.clientID) == 0 {
a.data.clientID = make([]byte, 8) a.data.clientID = make([]byte, 8)
rand.Read(a.data.clientID) crand.Read(a.data.clientID)
b := make([]byte, 4) b := make([]byte, 4)
rand.Read(b) crand.Read(b)
a.data.connectionID = binary.LittleEndian.Uint32(b) & 0xFFFFFF a.data.connectionID = binary.LittleEndian.Uint32(b) & 0xFFFFFF
} }
// 0-1, out length // 0-1, out length
@ -122,7 +123,7 @@ func (a *authSHA1v4) packAuthData(data []byte) (outData []byte) {
// 2~6, crc of out length+salt+key // 2~6, crc of out length+salt+key
binary.LittleEndian.PutUint32(outData[2:], crc32) binary.LittleEndian.PutUint32(outData[2:], crc32)
// 6~rand length+6, rand numbers // 6~rand length+6, rand numbers
rand.Read(outData[dataOffset-randLength : dataOffset]) crand.Read(outData[dataOffset-randLength : dataOffset])
// 6, rand length // 6, rand length
if randLength < 128 { if randLength < 128 {
outData[6] = byte(randLength & 0xFF) outData[6] = byte(randLength & 0xFF)

2
proxy/ssr/internal/ssr/crc32.go
View File

@ -11,7 +11,7 @@ func init() {
} }
func createCRC32Table() { func createCRC32Table() {
for i := 0; i < 256; i++ { for i := range 256 {
crc := uint32(i) crc := uint32(i)
for j := 8; j > 0; j-- { for j := 8; j > 0; j-- {
if crc&1 == 1 { if crc&1 == 1 {

2
proxy/ssr/internal/tools/obfsutil.go
View File

@ -37,7 +37,7 @@ func (ctx *Shift128plusContext) InitFromBinDatalen(bin []byte, datalen int) {
ctx.v[0] = binary.LittleEndian.Uint64(fillBin[:8]) ctx.v[0] = binary.LittleEndian.Uint64(fillBin[:8])
ctx.v[1] = binary.LittleEndian.Uint64(fillBin[8:]) ctx.v[1] = binary.LittleEndian.Uint64(fillBin[8:])
for i := 0; i < 4; i++ { for range 4 {
ctx.Next() ctx.Next()
} }
} }

13
proxy/vmess/client.go
View File

@ -5,13 +5,14 @@ import (
"crypto/cipher" "crypto/cipher"
"crypto/hmac" "crypto/hmac"
"crypto/md5" "crypto/md5"
crand "crypto/rand"
"crypto/sha256" "crypto/sha256"
"encoding/binary" "encoding/binary"
"errors" "errors"
"fmt" "fmt"
"hash/fnv" "hash/fnv"
"io" "io"
"math/rand" "math/rand/v2"
"net" "net"
"runtime" "runtime"
"strings" "strings"
@ -121,7 +122,7 @@ func NewClient(uuidStr, security string, alterID int, aead bool) (*Client, error
// NewConn returns a new vmess conn. // NewConn returns a new vmess conn.
func (c *Client) NewConn(rc net.Conn, target string, cmd CmdType) (*Conn, error) { func (c *Client) NewConn(rc net.Conn, target string, cmd CmdType) (*Conn, error) {
r := rand.Intn(c.count) r := rand.IntN(c.count)
conn := &Conn{user: c.users[r], opt: c.opt, aead: c.aead, security: c.security, Conn: rc} conn := &Conn{user: c.users[r], opt: c.opt, aead: c.aead, security: c.security, Conn: rc}
var err error var err error
@ -131,12 +132,12 @@ func (c *Client) NewConn(rc net.Conn, target string, cmd CmdType) (*Conn, error)
} }
randBytes := pool.GetBuffer(32) randBytes := pool.GetBuffer(32)
rand.Read(randBytes) crand.Read(randBytes)
copy(conn.reqBodyIV[:], randBytes[:16]) copy(conn.reqBodyIV[:], randBytes[:16])
copy(conn.reqBodyKey[:], randBytes[16:32]) copy(conn.reqBodyKey[:], randBytes[16:32])
pool.PutBuffer(randBytes) pool.PutBuffer(randBytes)
conn.reqRespV = byte(rand.Intn(1 << 8)) conn.reqRespV = byte(rand.IntN(1 << 8))
if conn.aead { if conn.aead {
bodyIV := sha256.Sum256(conn.reqBodyIV[:]) bodyIV := sha256.Sum256(conn.reqBodyIV[:])
@ -192,7 +193,7 @@ func (c *Conn) Request(cmd CmdType) error {
buf.WriteByte(c.opt) // Opt buf.WriteByte(c.opt) // Opt
// pLen and Sec // pLen and Sec
paddingLen := rand.Intn(16) paddingLen := rand.IntN(16)
pSec := byte(paddingLen<<4) | c.security // P(4bit) and Sec(4bit) pSec := byte(paddingLen<<4) | c.security // P(4bit) and Sec(4bit)
buf.WriteByte(pSec) buf.WriteByte(pSec)
@ -207,7 +208,7 @@ func (c *Conn) Request(cmd CmdType) error {
// padding // padding
if paddingLen > 0 { if paddingLen > 0 {
padding := pool.GetBuffer(paddingLen) padding := pool.GetBuffer(paddingLen)
rand.Read(padding) crand.Read(padding)
buf.Write(padding) buf.Write(padding)
pool.PutBuffer(padding) pool.PutBuffer(padding)
} }

2
proxy/vmess/user.go
View File

@ -43,7 +43,7 @@ func nextID(oldID [16]byte) (newID [16]byte) {
func (u *User) GenAlterIDUsers(alterID int) []*User { func (u *User) GenAlterIDUsers(alterID int) []*User {
users := make([]*User, alterID) users := make([]*User, alterID)
preID := u.UUID preID := u.UUID
for i := 0; i < alterID; i++ { for i := range alterID {
newID := nextID(preID) newID := nextID(preID)
// NOTE: alterID user is a user which have a different uuid but a same cmdkey with the primary user. // NOTE: alterID user is a user which have a different uuid but a same cmdkey with the primary user.
users[i] = &User{UUID: newID, CmdKey: u.CmdKey} users[i] = &User{UUID: newID, CmdKey: u.CmdKey}

4
proxy/ws/frame.go
View File

@ -25,7 +25,7 @@ package ws
import ( import (
"encoding/binary" "encoding/binary"
"io" "io"
"math/rand" "math/rand/v2"
"net" "net"
"github.com/nadoo/glider/pkg/pool" "github.com/nadoo/glider/pkg/pool"
@ -93,7 +93,7 @@ func (w *frameWriter) Write(b []byte) (int, error) {
defer pool.PutBuffer(payload) defer pool.PutBuffer(payload)
// payload with mask // payload with mask
for i := 0; i < nPayload; i++ { for i := range nPayload {
payload[i] = b[i] ^ w.maskKey[i%4] payload[i] = b[i] ^ w.maskKey[i%4]
} }

2
rule/group.go
View File

@ -225,7 +225,7 @@ func (p *FwdrGroup) Check() {
log.F("[group] %s: using check config: %s", p.name, p.config.Check) log.F("[group] %s: using check config: %s", p.name, p.config.Check)
for i := 0; i < len(p.fwdrs); i++ { for i := range p.fwdrs {
go p.check(p.fwdrs[i], checker) go p.check(p.fwdrs[i], checker)
} }
} }

6
service/dhcpd/pool.go
View File

@ -5,7 +5,7 @@ package dhcpd
import ( import (
"bytes" "bytes"
"errors" "errors"
"math/rand" "math/rand/v2"
"net" "net"
"net/netip" "net/netip"
"sync" "sync"
@ -45,7 +45,7 @@ func NewPool(lease time.Duration, start, end netip.Addr) (*Pool, error) {
go func() { go func() {
for now := range time.Tick(time.Second) { for now := range time.Tick(time.Second) {
p.mutex.Lock() p.mutex.Lock()
for i := 0; i < len(items); i++ { for i := range len(items) {
if !items[i].expire.IsZero() && now.After(items[i].expire) { if !items[i].expire.IsZero() && now.After(items[i].expire) {
items[i].mac = nil items[i].mac = nil
items[i].expire = time.Time{} items[i].expire = time.Time{}
@ -83,7 +83,7 @@ func (p *Pool) LeaseIP(mac net.HardwareAddr, ip netip.Addr) (netip.Addr, error)
} }
// lease new ip // lease new ip
idx := rand.Intn(len(p.items)) idx := rand.IntN(len(p.items))
for _, item := range p.items[idx:] { for _, item := range p.items[idx:] {
if item.mac == nil { if item.mac == nil {
item.mac = mac item.mac = mac