fix: Vmess auto/none cipher parsed incorrectly

2025-08-10 00:52:40 +00:00 · 2022-07-11 23:33:06 +08:00
parent b143476e71
commit de892aaa2b
12 changed files with 41 additions and 37 deletions
--- a/backend/src/core/proxy-utils/parsers/peggy/loon.js
+++ b/backend/src/core/proxy-utils/parsers/peggy/loon.js
@@ -56,7 +56,7 @@ shadowsocks = tag equals "shadowsocks"i address method password (obfs_ss/obfs_ho
 }
 vmess = tag equals "vmess"i address method uuid (transport/transport_host/transport_path/over_tls/tls_host/tls_verification/vmess_alterId/fast_open/udp_relay/others)* {
    proxy.type = "vmess";
-    proxy.cipher = proxy.cipher || "auto";
+    proxy.cipher = proxy.cipher || "none";
    proxy.alterId = proxy.alterId || 0;
    handleTransport();
 }
@@ -112,10 +112,9 @@ port = digits:[0-9]+ {
 }

 method = comma cipher:cipher { 
-    if (cipher !== 'none') proxy.cipher = cipher;
-    else proxy.cipher = 'auto';
- }
-cipher = ("aes-128-gcm"/"aes-192-gcm"/"aes-256-gcm"/"aes-128-cfb"/"aes-192-cfb"/"aes-256-cfb"/"aes-128-ctr"/"aes-192-ctr"/"aes-256-ctr"/"rc4-md5"/"chacha20-ietf-poly1305"/"chacha20-ietf"/"chacha20-poly1305"/"chacha20"/"none");
+    proxy.cipher = cipher;
+}
+cipher = ("aes-128-gcm"/"aes-192-gcm"/"aes-256-gcm"/"aes-128-cfb"/"aes-192-cfb"/"aes-256-cfb"/"aes-128-ctr"/"aes-192-ctr"/"aes-256-ctr"/"rc4-md5"/"chacha20-ietf-poly1305"/"chacha20-ietf"/"chacha20-poly1305"/"chacha20"/"none"/"auto");

 username = & {
    let j = peg$currPos; 
--- a/backend/src/core/proxy-utils/parsers/peggy/loon.peg
+++ b/backend/src/core/proxy-utils/parsers/peggy/loon.peg
@@ -54,7 +54,7 @@ shadowsocks = tag equals "shadowsocks"i address method password (obfs_ss/obfs_ho
 }
 vmess = tag equals "vmess"i address method uuid (transport/transport_host/transport_path/over_tls/tls_host/tls_verification/vmess_alterId/fast_open/udp_relay/others)* {
    proxy.type = "vmess";
-    proxy.cipher = proxy.cipher || "auto";
+    proxy.cipher = proxy.cipher || "none";
    proxy.alterId = proxy.alterId || 0;
    handleTransport();
 }
@@ -110,10 +110,9 @@ port = digits:[0-9]+ {
 }

 method = comma cipher:cipher { 
-    if (cipher !== 'none') proxy.cipher = cipher;
-    else proxy.cipher = 'auto';
- }
-cipher = ("aes-128-gcm"/"aes-192-gcm"/"aes-256-gcm"/"aes-128-cfb"/"aes-192-cfb"/"aes-256-cfb"/"aes-128-ctr"/"aes-192-ctr"/"aes-256-ctr"/"rc4-md5"/"chacha20-ietf-poly1305"/"chacha20-ietf"/"chacha20-poly1305"/"chacha20"/"none");
+    proxy.cipher = cipher;
+}
+cipher = ("aes-128-gcm"/"aes-192-gcm"/"aes-256-gcm"/"aes-128-cfb"/"aes-192-cfb"/"aes-256-cfb"/"aes-128-ctr"/"aes-192-ctr"/"aes-256-ctr"/"rc4-md5"/"chacha20-ietf-poly1305"/"chacha20-ietf"/"chacha20-poly1305"/"chacha20"/"none"/"auto");

 username = & {
    let j = peg$currPos; 
--- a/backend/src/core/proxy-utils/parsers/peggy/qx.js
+++ b/backend/src/core/proxy-utils/parsers/peggy/qx.js
@@ -82,7 +82,7 @@ shadowsocks = "shadowsocks" equals address
 vmess = "vmess" equals address
    (uuid/method/over_tls/tls_host/tls_fingerprint/tls_verification/tag/obfs/obfs_host/obfs_uri/udp_relay/udp_over_tcp/fast_open/aead/others)* {
    proxy.type = "vmess";
-    proxy.cipher = proxy.cipher || "auto";
+    proxy.cipher = proxy.cipher || "none";
    if (proxy.aead) {
        proxy.alterId = 0;
    } else {
@@ -140,8 +140,7 @@ password = comma "password" equals password:[^=,]+ { proxy.password = password.j
 uuid = comma "password" equals uuid:[^=,]+ { proxy.uuid = uuid.join("").trim(); }

 method = comma "method" equals cipher:cipher { 
-    if (cipher !== 'none') proxy.cipher = cipher;
-    else proxy.cipher = 'auto';
+    proxy.cipher = cipher;
 };
 cipher = ("aes-128-gcm"/"aes-192-gcm"/"aes-256-gcm"/"aes-128-cfb"/"aes-192-cfb"/"aes-256-cfb"/"aes-128-ctr"/"aes-192-ctr"/"aes-256-ctr"/"rc4-md5"/"chacha20-ietf-poly1305"/"chacha20-ietf"/"chacha20-poly1305"/"chacha20"/"none");
 aead = comma "aead" equals flag:bool { proxy.aead = flag; }
--- a/backend/src/core/proxy-utils/parsers/peggy/qx.peg
+++ b/backend/src/core/proxy-utils/parsers/peggy/qx.peg
@@ -80,7 +80,7 @@ shadowsocks = "shadowsocks" equals address
 vmess = "vmess" equals address
    (uuid/method/over_tls/tls_host/tls_fingerprint/tls_verification/tag/obfs/obfs_host/obfs_uri/udp_relay/udp_over_tcp/fast_open/aead/others)* {
    proxy.type = "vmess";
-    proxy.cipher = proxy.cipher || "auto";
+    proxy.cipher = proxy.cipher || "none";
    if (proxy.aead) {
        proxy.alterId = 0;
    } else {
@@ -138,8 +138,7 @@ password = comma "password" equals password:[^=,]+ { proxy.password = password.j
 uuid = comma "password" equals uuid:[^=,]+ { proxy.uuid = uuid.join("").trim(); }

 method = comma "method" equals cipher:cipher { 
-    if (cipher !== 'none') proxy.cipher = cipher;
-    else proxy.cipher = 'auto';
+    proxy.cipher = cipher;
 };
 cipher = ("aes-128-gcm"/"aes-192-gcm"/"aes-256-gcm"/"aes-128-cfb"/"aes-192-cfb"/"aes-256-cfb"/"aes-128-ctr"/"aes-192-ctr"/"aes-256-ctr"/"rc4-md5"/"chacha20-ietf-poly1305"/"chacha20-ietf"/"chacha20-poly1305"/"chacha20"/"none");
 aead = comma "aead" equals flag:bool { proxy.aead = flag; }
--- a/backend/src/core/proxy-utils/parsers/peggy/surge.js
+++ b/backend/src/core/proxy-utils/parsers/peggy/surge.js
@@ -45,7 +45,7 @@ shadowsocks = tag equals "ss" address (method/passwordk/obfs/obfs_host/obfs_uri/
 }
 vmess = tag equals "vmess" address (vmess_uuid/vmess_aead/ws/ws_path/ws_headers/method/tls/sni/tls_fingerprint/tls_verification/fast_open/udp_relay/others)* {
    proxy.type = "vmess";
-    proxy.cipher = proxy.cipher || "auto";
+    proxy.cipher = proxy.cipher || "none";
    if (proxy.aead) {
        proxy.alterId = 0;
    } else {
@@ -152,8 +152,7 @@ vmess_uuid = comma "username" equals match:[^,]+ { proxy.uuid = match.join("");
 vmess_aead = comma "vmess-aead" equals flag:bool { proxy.aead = flag; }

 method = comma "encrypt-method" equals cipher:cipher {
-    if (cipher !== 'none') proxy.cipher = cipher;
-    else proxy.cipher = 'auto';
+    proxy.cipher = cipher;
 }
 cipher = ("aes-128-gcm"/"aes-192-gcm"/"aes-256-gcm"/"aes-128-cfb"/"aes-192-cfb"/"aes-256-cfb"/"aes-128-ctr"/"aes-192-ctr"/"aes-256-ctr"/"rc4-md5"/"chacha20-ietf-poly1305"/"chacha20-ietf"/"chacha20-poly1305"/"chacha20"/"none");

--- a/backend/src/core/proxy-utils/parsers/peggy/surge.peg
+++ b/backend/src/core/proxy-utils/parsers/peggy/surge.peg
@@ -43,7 +43,7 @@ shadowsocks = tag equals "ss" address (method/passwordk/obfs/obfs_host/obfs_uri/
 }
 vmess = tag equals "vmess" address (vmess_uuid/vmess_aead/ws/ws_path/ws_headers/method/tls/sni/tls_fingerprint/tls_verification/fast_open/udp_relay/others)* {
    proxy.type = "vmess";
-    proxy.cipher = proxy.cipher || "auto";
+    proxy.cipher = proxy.cipher || "none";
    if (proxy.aead) {
        proxy.alterId = 0;
    } else {
@@ -150,8 +150,7 @@ vmess_uuid = comma "username" equals match:[^,]+ { proxy.uuid = match.join("");
 vmess_aead = comma "vmess-aead" equals flag:bool { proxy.aead = flag; }

 method = comma "encrypt-method" equals cipher:cipher {
-    if (cipher !== 'none') proxy.cipher = cipher;
-    else proxy.cipher = 'auto';
+    proxy.cipher = cipher;
 }
 cipher = ("aes-128-gcm"/"aes-192-gcm"/"aes-256-gcm"/"aes-128-cfb"/"aes-192-cfb"/"aes-256-cfb"/"aes-128-ctr"/"aes-192-ctr"/"aes-256-ctr"/"rc4-md5"/"chacha20-ietf-poly1305"/"chacha20-ietf"/"chacha20-poly1305"/"chacha20"/"none");

--- a/backend/src/core/proxy-utils/producers/qx.js
+++ b/backend/src/core/proxy-utils/producers/qx.js
@@ -1,4 +1,5 @@
 import { isPresent, Result } from './utils';
+
 const targetPlatform = 'QX';

 export default function QX_Producer() {
@@ -180,7 +181,16 @@ function vmess(proxy) {
    const appendIfPresent = result.appendIfPresent.bind(result);

    append(`vmess=${proxy.server}:${proxy.port}`);
-    append(`,method=${proxy.cipher === 'auto' ? 'none' : proxy.cipher}`);
+
+    // cipher
+    let cipher;
+    if (proxy.cipher === 'auto') {
+        cipher = 'chacha20-ietf-poly1305';
+    } else {
+        cipher = proxy.cipher;
+    }
+    append(`,method=${cipher}`);
+
    append(`,password=${proxy.uuid}`);

    // obfs
--- a/backend/src/test/proxy-parsers/testcases.js
+++ b/backend/src/test/proxy-parsers/testcases.js
@@ -251,7 +251,7 @@ function createTestCases() {
                    server,
                    port,
                    uuid,
-                    cipher: 'auto', // Surge lacks support for specifying cipher for vmess protocol!
+                    cipher: 'none', // Surge lacks support for specifying cipher for vmess protocol!
                    alterId: 0,
                },
            },
@@ -288,7 +288,7 @@ function createTestCases() {
                    server,
                    port,
                    uuid,
-                    cipher: 'auto', // Surge lacks support for specifying cipher for vmess protocol!
+                    cipher: 'none', // Surge lacks support for specifying cipher for vmess protocol!
                    alterId: 0,
                    aead: true,
                },
@@ -339,7 +339,7 @@ function createTestCases() {
                    server,
                    port,
                    uuid,
-                    cipher: 'auto', // Surge lacks support for specifying cipher for vmess protocol!
+                    cipher: 'none', // Surge lacks support for specifying cipher for vmess protocol!
                    network: 'ws',
                    'ws-opts': {
                        path: obfs_path,
@@ -402,7 +402,7 @@ function createTestCases() {
                    server,
                    port,
                    uuid,
-                    cipher: 'auto', // Surge lacks support for specifying cipher for vmess protocol!
+                    cipher: 'none', // Surge lacks support for specifying cipher for vmess protocol!
                    network: 'ws',
                    'ws-opts': {
                        path: obfs_path,