Browse Source

fix accept any size of Finish message

dev
破娃酱 8 years ago
parent
commit
6712dd62c0
  1. 8
      shadowsocks/obfsplugin/obfs_tls.py

8
shadowsocks/obfsplugin/obfs_tls.py

@ -210,7 +210,6 @@ class tls_ticket_auth(plain.plain):
self.recv_buffer += buf self.recv_buffer += buf
buf = self.recv_buffer buf = self.recv_buffer
verify = buf verify = buf
verify_len = 43 - 10
if len(buf) < 43: if len(buf) < 43:
raise Exception('server_decode data error') raise Exception('server_decode data error')
if not match_begin(buf, b"\x14" + self.tls_version + b"\x00\x01\x01"): #ChangeCipherSpec if not match_begin(buf, b"\x14" + self.tls_version + b"\x00\x01\x01"): #ChangeCipherSpec
@ -218,11 +217,12 @@ class tls_ticket_auth(plain.plain):
buf = buf[6:] buf = buf[6:]
if not match_begin(buf, b"\x16" + self.tls_version + b"\x00"): #Finished if not match_begin(buf, b"\x16" + self.tls_version + b"\x00"): #Finished
raise Exception('server_decode data error') raise Exception('server_decode data error')
if hmac.new(self.server_info.key + self.client_id, verify[:verify_len], hashlib.sha1).digest()[:10] != verify[verify_len:verify_len+10]: verify_len = struct.unpack('>H', buf[3:5])[0] + 1 # 11 - 10
if len(verify) < verify_len + 10:
raise Exception('server_decode data error') raise Exception('server_decode data error')
if len(buf) < 37: if hmac.new(self.server_info.key + self.client_id, verify[:verify_len], hashlib.sha1).digest()[:10] != verify[verify_len:verify_len+10]:
raise Exception('server_decode data error') raise Exception('server_decode data error')
self.recv_buffer = buf[37:] self.recv_buffer = verify[verify_len + 10:]
self.handshake_status = 8 self.handshake_status = 8
return self.server_decode(b'') return self.server_decode(b'')

Loading…
Cancel
Save