From 2a24b94b8d39cd038aef06ee9e3358d9031d89e2 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E4=B8=96=E7=95=8C?= Date: Fri, 11 Apr 2025 10:24:46 +0800 Subject: [PATCH] Minor fixes --- common/tls/reality_server.go | 22 +++++++++++++--------- common/tls/std_server.go | 7 ++++++- 2 files changed, 19 insertions(+), 10 deletions(-) diff --git a/common/tls/reality_server.go b/common/tls/reality_server.go index cf429815..48a17e63 100644 --- a/common/tls/reality_server.go +++ b/common/tls/reality_server.go @@ -89,16 +89,20 @@ func NewRealityServer(ctx context.Context, logger log.Logger, options option.Inb tlsConfig.MaxTimeDiff = time.Duration(options.Reality.MaxTimeDifference) tlsConfig.ShortIds = make(map[[8]byte]bool) - for i, shortIDString := range options.Reality.ShortID { - var shortID [8]byte - decodedLen, err := hex.Decode(shortID[:], []byte(shortIDString)) - if err != nil { - return nil, E.Cause(err, "decode short_id[", i, "]: ", shortIDString) + if len(options.Reality.ShortID) == 0 { + tlsConfig.ShortIds[[8]byte{0}] = true + } else { + for i, shortIDString := range options.Reality.ShortID { + var shortID [8]byte + decodedLen, err := hex.Decode(shortID[:], []byte(shortIDString)) + if err != nil { + return nil, E.Cause(err, "decode short_id[", i, "]: ", shortIDString) + } + if decodedLen > 8 { + return nil, E.New("invalid short_id[", i, "]: ", shortIDString) + } + tlsConfig.ShortIds[shortID] = true } - if decodedLen > 8 { - return nil, E.New("invalid short_id[", i, "]: ", shortIDString) - } - tlsConfig.ShortIds[shortID] = true } handshakeDialer, err := dialer.New(ctx, options.Reality.Handshake.DialerOptions) diff --git a/common/tls/std_server.go b/common/tls/std_server.go index 1e01bc50..949521d7 100644 --- a/common/tls/std_server.go +++ b/common/tls/std_server.go @@ -6,6 +6,7 @@ import ( "net" "os" "strings" + "time" "github.com/sagernet/fswatch" "github.com/sagernet/sing-box/adapter" @@ -221,8 +222,12 @@ func NewSTDServer(ctx context.Context, logger log.Logger, options option.Inbound key = content } if certificate == nil && key == nil && options.Insecure { + timeFunc := ntp.TimeFuncFromContext(ctx) + if timeFunc == nil { + timeFunc = time.Now + } tlsConfig.GetCertificate = func(info *tls.ClientHelloInfo) (*tls.Certificate, error) { - return GenerateKeyPair(nil, nil, ntp.TimeFuncFromContext(ctx), info.ServerName) + return GenerateKeyPair(nil, nil, timeFunc, info.ServerName) } } else { if certificate == nil {