特殊密码会报错message authentication failed

[amano0-0]

Describe the bug 使用下面这个密码会导致服务端报错，详细报错见ScreenShots部分。 罪魁祸首： "Imakethis_LongPassPhraseFor_safety_20190928@@!"

To Reproduce 使用v2fly server：

{
"log": {
"loglevel": "debug",
"access": "/var/log/v2ray/access.log",
"error": "/var/log/v2ray/error.log"
    },
    "routing": {
        "domainStrategy": "AsIs",
        "rules": [
            {
                "type": "field",
                "ip": [
                    "geoip:private"
                ],
                "outboundTag": "block"
            }
        ]
    },
    "inbounds": [
        {
            "listen": "0.0.0.0",
            "port": 1234,
            "protocol": "shadowsocks",
            "settings": {
                "method": "chacha20-ietf-poly1305",
                "password": "Imakethis_LongPassPhraseFor_safety_2019_0928@_@!"
        },
            "streamSettings": {
                "network": "tcp"
            }
        }
    ],
    "outbounds": [
        {
            "protocol": "freedom",
            "tag": "direct"
        },
        {
            "protocol": "blackhole",
            "tag": "block"
        }
    ]
}

Screenshots 服务端报错：

2021/04/14 04:05:44 192.168.1.23:42844 rejected github.com/v2fly/v2ray-core/v4/proxy/shadowsocks: failed to read address > chacha20poly1305: message authentication failed
2021/04/14 04:05:44 192.168.1.23:42846 rejected github.com/v2fly/v2ray-core/v4/proxy/shadowsocks: failed to read address > chacha20poly1305: message authentication failed

客户端行为： 只有发送流量没有接受流量。过段时间后会报错cp.cloudflare没法正常resolve的字样

Smartphone (please complete the following information):

• Android/Chrome OS version: LineageOS
• Device: Redmi Note5
• Version: v5.2.2
• Last version that did not exhibit the issue: [not applicable]

Additional context 去掉感叹号后就没问题了。 因为同样的密码，使用ss windows和旧版ss Android 5.1.7连接即使带感叹号也正常。所以怀疑是ss安卓这边的原因，就到这里提issue了 第一次在本地机子测试的时候使用的"test@_@!"做密码却也正常连通。

[zonyitoo]

I tested with shadowsocks-rust's sslocal:

{
    "password": "Imakethis_LongPassPhraseFor_safety_2019_0928@_@!"
}

and it can read it properly:

2021-04-14T07:38:46.990969+08:00 TRACE [73791:4447292928] [shadowsocks_service::local] Config { server: [ServerConfig { addr: SocketAddr(127.0.0.1:8288), password: "Imakethis_LongPassPhraseFor_safety_2019_0928@_@!", method: AES_128_GCM, enc_key: [75, 1, 162, 215, 98, 250, 218, 158, 222, 77, 16, 52, 161, 61, 198, 156], timeout: None, plugin: None, plugin_addr: None, remarks: None, id: None, mode: TcpAndUdp }], local_addr: None, local: [LocalConfig { addr: SocketAddr(127.0.0.1:1300), protocol: Socks, mode: TcpAndUdp, udp_addr: None, forward_addr: None }], dns: System, ipv6_first: false, no_delay: false, nofile: None, outbound_bind_interface: None, inbound_send_buffer_size: None, inbound_recv_buffer_size: None, outbound_send_buffer_size: None, outbound_recv_buffer_size: None, manager: None, config_type: Local, udp_timeout: Some(10s), udp_max_associations: Some(10), acl: None }

[zonyitoo]

Can reproduce with:

# shadowsocks-rust local
$ sslocal -b 127.0.0.1:1080 -s 127.0.0.1:8388 -k 'Imakethis_LongPassPhraseFor_safety_2019_0928@_@!' -m 'chacha20-ietf-poly1305'

# shadowsocks-libev server
$ ss-server -s 127.0.0.1 -p 8388 -k 'Imakethis_LongPassPhraseFor_safety_2019_0928@_@!' -m 'chacha20-ietf-poly1305'

It should be a BUG.

There must be something wrong in shadowsocks-rust's openssl_bytes_to_key.

# shadowsocks-rust
75, 1, 162, 215, 98, 250, 218, 158, 222, 77, 16, 52, 161, 61, 198, 156, 99, 235, 48, 219, 144, 110, 60, 222, 165, 177, 104, 123, 236, 54, 131, 137

# shadowsocks-libev
75, 1,1 62, 215, 98, 250, 218, 158, 222, 77, 16, 52, 161, 61, 198, 156, 59, 82, 139, 115, 130, 54, 185, 156, 211, 164, 114, 210, 147, 53, 128, 214

It differs from offset 17.

[DuckSoft]

Upstream bug (crypto2 md5):

Reported.

[zonyitoo]

Bug confirmed in crypto2, will be fixed by https://github.com/shadowsocks/crypto2/commit/bb3dd2ce007a38933a327ae632272b42d3b89a18

[zonyitoo]

fixed in shadowsocks-rust v1.10.6. Please @madeye update to this version.