пре 5 година · 3fa301f879
--- a/vendor/github.com/Psiphon-Labs/tls-tris/handshake_server.go
+++ b/vendor/github.com/Psiphon-Labs/tls-tris/handshake_server.go
@@ -101,12 +101,13 @@ func (c *Conn) serverHandshake() error {
 
				 			err = fmt.Errorf("passthrough: %s", err)
			
 
				 		}
			
 
				 
			
 
				+		clientAddr := c.conn.RemoteAddr().String()
			
 
				+		clientIP, _, _ := net.SplitHostPort(clientAddr)
			
 
				+
			
 
				 		if !doPassthrough {
			
 
				 			if !obfuscator.VerifyTLSPassthroughMessage(
			
 
				 				c.config.PassthroughKey, hs.clientHello.random) {
			
 
				 
			
 
				-				clientAddr := c.conn.RemoteAddr().String()
			
 
				-				clientIP, _, _ := net.SplitHostPort(clientAddr)
			
 
				 				c.config.PassthroughLogInvalidMessage(clientIP)
			
 
				 
			
 
				 				doPassthrough = true
			
@@ -116,13 +117,18 @@ func (c *Conn) serverHandshake() error {
 
				 
			
 
				 		if !doPassthrough {
			
 
				 			if !c.config.PassthroughHistoryAddNew(
			
 
				-				c.conn.RemoteAddr().String(), hs.clientHello.random) {
			
 
				+				clientIP, hs.clientHello.random) {
			
 
				 
			
 
				 				doPassthrough = true
			
 
				 				err = errors.New("passthrough: duplicate client random")
			
 
				 			}
			
 
				 		}
			
 
				 
			
 
				+		// Call GetReadBuffer, in both passthrough and non-passthrough cases, to
			
 
				+		// stop buffering all read bytes.
			
 
				+
			
 
				+		passthroughReadBuffer := c.conn.(*recorderConn).GetReadBuffer().Bytes()
			
 
				+
			
 
				 		if doPassthrough {
			
 
				 
			
 
				 			// When performing passthrough, we must exit at the "return err" below.
			
@@ -131,8 +137,6 @@ func (c *Conn) serverHandshake() error {
 
				 				err = errors.New("passthrough: missing error")
			
 
				 			}
			
 
				 
			
 
				-			passthroughReadBuffer := c.conn.(*recorderConn).GetReadBuffer().Bytes()
			
 
				-
			
 
				 			// Modifying c.conn directly is safe only because Conn.Handshake, which
			
 
				 			// calls Conn.serverHandshake, is holding c.handshakeMutex and c.in locks,
			
 
				 			// and because of the serial nature of c.conn access during the handshake
			
--- a/vendor/vendor.json
+++ b/vendor/vendor.json
@@ -141,10 +141,10 @@
 
				 			"revisionTime": "2020-01-16T02:28:06Z"
			
 
				 		},
			
 
				 		{
			
 
				-			"checksumSHA1": "vK+EtAIPYfEe9M9rSoGZYffUsxo=",
			
 
				+			"checksumSHA1": "udq1ER8m9FUb3+G39Li2Q3bBi7g=",
			
 
				 			"path": "github.com/Psiphon-Labs/tls-tris",
			
 
				-			"revision": "16ab4b2ea797315638cb1ee75f438ef9502b617c",
			
 
				-			"revisionTime": "2020-05-04T18:37:24Z"
			
 
				+			"revision": "7d791789810f0e7bd780cd3846e419171739dbf8",
			
 
				+			"revisionTime": "2020-06-10T16:11:56Z"
			
 
				 		},
			
 
				 		{
			
 
				 			"checksumSHA1": "30PBqj9BW03KCVqASvLg3bR+xYc=",