From aaabeeb33c802c2ea679afbfa2208d26dc6f7f6f Mon Sep 17 00:00:00 2001
From: HamidReza <hamidrezasz@proton.me>
Date: Thu, 19 Mar 2026 00:13:15 +0330
Subject: [PATCH] fix: Ensure the required "cipher" field is present  in the
 shadowsocks protocol

---
 web/job/check_client_ip_job.go | 13 +++++++++++++
 1 file changed, 13 insertions(+)

diff --git a/web/job/check_client_ip_job.go b/web/job/check_client_ip_job.go
index 19c22e6d..d55050a0 100644
--- a/web/job/check_client_ip_job.go
+++ b/web/job/check_client_ip_job.go
@@ -424,6 +424,19 @@ func (j *CheckClientIpJob) disconnectClientTemporarily(inbound *model.Inbound, c
  		return
  	}
 
+	// For Shadowsocks, ensure the required "cipher" field is present by
+ 	// reading it from the inbound settings (e.g., settings["method"]).
+ 	if string(inbound.Protocol) == "shadowsocks" {
+ 		var inboundSettings map[string]any
+ 		if err := json.Unmarshal([]byte(inbound.Settings), &inboundSettings); err != nil {
+ 			logger.Warningf("[LIMIT_IP] Failed to parse inbound settings for shadowsocks cipher: %v", err)
+ 		} else {
+ 			if method, ok := inboundSettings["method"].(string); ok && method != "" {
+ 				clientConfig["cipher"] = method
+ 			}
+ 		}
+ 	}
+
 	// Remove user to disconnect all connections
 	err = xrayAPI.RemoveUser(inbound.Tag, clientEmail)
 	if err != nil {