mirror of
https://github.com/XTLS/Xray-core.git
synced 2025-04-29 16:58:34 +00:00
yuhan6665
GitHub
parent
bf4b1fab3c
commit
9112cfd39c
25 changed files with 150 additions and 761 deletions
|
|
@ -73,8 +73,7 @@ type DefaultConfig struct {
|
|||
sizeCache protoimpl.SizeCache
|
||||
unknownFields protoimpl.UnknownFields
|
||||
|
||||
AlterId uint32 `protobuf:"varint,1,opt,name=alter_id,json=alterId,proto3" json:"alter_id,omitempty"`
|
||||
Level uint32 `protobuf:"varint,2,opt,name=level,proto3" json:"level,omitempty"`
|
||||
Level uint32 `protobuf:"varint,2,opt,name=level,proto3" json:"level,omitempty"`
|
||||
}
|
||||
|
||||
func (x *DefaultConfig) Reset() {
|
||||
|
|
@ -109,13 +108,6 @@ func (*DefaultConfig) Descriptor() ([]byte, []int) {
|
|||
return file_proxy_vmess_inbound_config_proto_rawDescGZIP(), []int{1}
|
||||
}
|
||||
|
||||
func (x *DefaultConfig) GetAlterId() uint32 {
|
||||
if x != nil {
|
||||
return x.AlterId
|
||||
}
|
||||
return 0
|
||||
}
|
||||
|
||||
func (x *DefaultConfig) GetLevel() uint32 {
|
||||
if x != nil {
|
||||
return x.Level
|
||||
|
|
@ -128,10 +120,9 @@ type Config struct {
|
|||
sizeCache protoimpl.SizeCache
|
||||
unknownFields protoimpl.UnknownFields
|
||||
|
||||
User []*protocol.User `protobuf:"bytes,1,rep,name=user,proto3" json:"user,omitempty"`
|
||||
Default *DefaultConfig `protobuf:"bytes,2,opt,name=default,proto3" json:"default,omitempty"`
|
||||
Detour *DetourConfig `protobuf:"bytes,3,opt,name=detour,proto3" json:"detour,omitempty"`
|
||||
SecureEncryptionOnly bool `protobuf:"varint,4,opt,name=secure_encryption_only,json=secureEncryptionOnly,proto3" json:"secure_encryption_only,omitempty"`
|
||||
User []*protocol.User `protobuf:"bytes,1,rep,name=user,proto3" json:"user,omitempty"`
|
||||
Default *DefaultConfig `protobuf:"bytes,2,opt,name=default,proto3" json:"default,omitempty"`
|
||||
Detour *DetourConfig `protobuf:"bytes,3,opt,name=detour,proto3" json:"detour,omitempty"` // 4 is for legacy setting
|
||||
}
|
||||
|
||||
func (x *Config) Reset() {
|
||||
|
|
@ -187,13 +178,6 @@ func (x *Config) GetDetour() *DetourConfig {
|
|||
return nil
|
||||
}
|
||||
|
||||
func (x *Config) GetSecureEncryptionOnly() bool {
|
||||
if x != nil {
|
||||
return x.SecureEncryptionOnly
|
||||
}
|
||||
return false
|
||||
}
|
||||
|
||||
var File_proxy_vmess_inbound_config_proto protoreflect.FileDescriptor
|
||||
|
||||
var file_proxy_vmess_inbound_config_proto_rawDesc = []byte{
|
||||
|
|
@ -204,34 +188,29 @@ var file_proxy_vmess_inbound_config_proto_rawDesc = []byte{
|
|||
0x6d, 0x6d, 0x6f, 0x6e, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x63, 0x6f, 0x6c, 0x2f, 0x75, 0x73,
|
||||
0x65, 0x72, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x22, 0x1e, 0x0a, 0x0c, 0x44, 0x65, 0x74, 0x6f,
|
||||
0x75, 0x72, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x0e, 0x0a, 0x02, 0x74, 0x6f, 0x18, 0x01,
|
||||
0x20, 0x01, 0x28, 0x09, 0x52, 0x02, 0x74, 0x6f, 0x22, 0x40, 0x0a, 0x0d, 0x44, 0x65, 0x66, 0x61,
|
||||
0x75, 0x6c, 0x74, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x19, 0x0a, 0x08, 0x61, 0x6c, 0x74,
|
||||
0x65, 0x72, 0x5f, 0x69, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0d, 0x52, 0x07, 0x61, 0x6c, 0x74,
|
||||
0x65, 0x72, 0x49, 0x64, 0x12, 0x14, 0x0a, 0x05, 0x6c, 0x65, 0x76, 0x65, 0x6c, 0x18, 0x02, 0x20,
|
||||
0x01, 0x28, 0x0d, 0x52, 0x05, 0x6c, 0x65, 0x76, 0x65, 0x6c, 0x22, 0xf1, 0x01, 0x0a, 0x06, 0x43,
|
||||
0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x2e, 0x0a, 0x04, 0x75, 0x73, 0x65, 0x72, 0x18, 0x01, 0x20,
|
||||
0x03, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x78, 0x72, 0x61, 0x79, 0x2e, 0x63, 0x6f, 0x6d, 0x6d, 0x6f,
|
||||
0x6e, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x63, 0x6f, 0x6c, 0x2e, 0x55, 0x73, 0x65, 0x72, 0x52,
|
||||
0x04, 0x75, 0x73, 0x65, 0x72, 0x12, 0x41, 0x0a, 0x07, 0x64, 0x65, 0x66, 0x61, 0x75, 0x6c, 0x74,
|
||||
0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x27, 0x2e, 0x78, 0x72, 0x61, 0x79, 0x2e, 0x70, 0x72,
|
||||
0x6f, 0x78, 0x79, 0x2e, 0x76, 0x6d, 0x65, 0x73, 0x73, 0x2e, 0x69, 0x6e, 0x62, 0x6f, 0x75, 0x6e,
|
||||
0x64, 0x2e, 0x44, 0x65, 0x66, 0x61, 0x75, 0x6c, 0x74, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x52,
|
||||
0x07, 0x64, 0x65, 0x66, 0x61, 0x75, 0x6c, 0x74, 0x12, 0x3e, 0x0a, 0x06, 0x64, 0x65, 0x74, 0x6f,
|
||||
0x75, 0x72, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x26, 0x2e, 0x78, 0x72, 0x61, 0x79, 0x2e,
|
||||
0x70, 0x72, 0x6f, 0x78, 0x79, 0x2e, 0x76, 0x6d, 0x65, 0x73, 0x73, 0x2e, 0x69, 0x6e, 0x62, 0x6f,
|
||||
0x75, 0x6e, 0x64, 0x2e, 0x44, 0x65, 0x74, 0x6f, 0x75, 0x72, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67,
|
||||
0x52, 0x06, 0x64, 0x65, 0x74, 0x6f, 0x75, 0x72, 0x12, 0x34, 0x0a, 0x16, 0x73, 0x65, 0x63, 0x75,
|
||||
0x72, 0x65, 0x5f, 0x65, 0x6e, 0x63, 0x72, 0x79, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x5f, 0x6f, 0x6e,
|
||||
0x6c, 0x79, 0x18, 0x04, 0x20, 0x01, 0x28, 0x08, 0x52, 0x14, 0x73, 0x65, 0x63, 0x75, 0x72, 0x65,
|
||||
0x45, 0x6e, 0x63, 0x72, 0x79, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x4f, 0x6e, 0x6c, 0x79, 0x42, 0x6a,
|
||||
0x0a, 0x1c, 0x63, 0x6f, 0x6d, 0x2e, 0x78, 0x72, 0x61, 0x79, 0x2e, 0x70, 0x72, 0x6f, 0x78, 0x79,
|
||||
0x2e, 0x76, 0x6d, 0x65, 0x73, 0x73, 0x2e, 0x69, 0x6e, 0x62, 0x6f, 0x75, 0x6e, 0x64, 0x50, 0x01,
|
||||
0x5a, 0x2d, 0x67, 0x69, 0x74, 0x68, 0x75, 0x62, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x78, 0x74, 0x6c,
|
||||
0x73, 0x2f, 0x78, 0x72, 0x61, 0x79, 0x2d, 0x63, 0x6f, 0x72, 0x65, 0x2f, 0x70, 0x72, 0x6f, 0x78,
|
||||
0x79, 0x2f, 0x76, 0x6d, 0x65, 0x73, 0x73, 0x2f, 0x69, 0x6e, 0x62, 0x6f, 0x75, 0x6e, 0x64, 0xaa,
|
||||
0x02, 0x18, 0x58, 0x72, 0x61, 0x79, 0x2e, 0x50, 0x72, 0x6f, 0x78, 0x79, 0x2e, 0x56, 0x6d, 0x65,
|
||||
0x73, 0x73, 0x2e, 0x49, 0x6e, 0x62, 0x6f, 0x75, 0x6e, 0x64, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74,
|
||||
0x6f, 0x33,
|
||||
0x20, 0x01, 0x28, 0x09, 0x52, 0x02, 0x74, 0x6f, 0x22, 0x25, 0x0a, 0x0d, 0x44, 0x65, 0x66, 0x61,
|
||||
0x75, 0x6c, 0x74, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x14, 0x0a, 0x05, 0x6c, 0x65, 0x76,
|
||||
0x65, 0x6c, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0d, 0x52, 0x05, 0x6c, 0x65, 0x76, 0x65, 0x6c, 0x22,
|
||||
0xbb, 0x01, 0x0a, 0x06, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x2e, 0x0a, 0x04, 0x75, 0x73,
|
||||
0x65, 0x72, 0x18, 0x01, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x78, 0x72, 0x61, 0x79, 0x2e,
|
||||
0x63, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x63, 0x6f, 0x6c, 0x2e,
|
||||
0x55, 0x73, 0x65, 0x72, 0x52, 0x04, 0x75, 0x73, 0x65, 0x72, 0x12, 0x41, 0x0a, 0x07, 0x64, 0x65,
|
||||
0x66, 0x61, 0x75, 0x6c, 0x74, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x27, 0x2e, 0x78, 0x72,
|
||||
0x61, 0x79, 0x2e, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x2e, 0x76, 0x6d, 0x65, 0x73, 0x73, 0x2e, 0x69,
|
||||
0x6e, 0x62, 0x6f, 0x75, 0x6e, 0x64, 0x2e, 0x44, 0x65, 0x66, 0x61, 0x75, 0x6c, 0x74, 0x43, 0x6f,
|
||||
0x6e, 0x66, 0x69, 0x67, 0x52, 0x07, 0x64, 0x65, 0x66, 0x61, 0x75, 0x6c, 0x74, 0x12, 0x3e, 0x0a,
|
||||
0x06, 0x64, 0x65, 0x74, 0x6f, 0x75, 0x72, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x26, 0x2e,
|
||||
0x78, 0x72, 0x61, 0x79, 0x2e, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x2e, 0x76, 0x6d, 0x65, 0x73, 0x73,
|
||||
0x2e, 0x69, 0x6e, 0x62, 0x6f, 0x75, 0x6e, 0x64, 0x2e, 0x44, 0x65, 0x74, 0x6f, 0x75, 0x72, 0x43,
|
||||
0x6f, 0x6e, 0x66, 0x69, 0x67, 0x52, 0x06, 0x64, 0x65, 0x74, 0x6f, 0x75, 0x72, 0x42, 0x6a, 0x0a,
|
||||
0x1c, 0x63, 0x6f, 0x6d, 0x2e, 0x78, 0x72, 0x61, 0x79, 0x2e, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x2e,
|
||||
0x76, 0x6d, 0x65, 0x73, 0x73, 0x2e, 0x69, 0x6e, 0x62, 0x6f, 0x75, 0x6e, 0x64, 0x50, 0x01, 0x5a,
|
||||
0x2d, 0x67, 0x69, 0x74, 0x68, 0x75, 0x62, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x78, 0x74, 0x6c, 0x73,
|
||||
0x2f, 0x78, 0x72, 0x61, 0x79, 0x2d, 0x63, 0x6f, 0x72, 0x65, 0x2f, 0x70, 0x72, 0x6f, 0x78, 0x79,
|
||||
0x2f, 0x76, 0x6d, 0x65, 0x73, 0x73, 0x2f, 0x69, 0x6e, 0x62, 0x6f, 0x75, 0x6e, 0x64, 0xaa, 0x02,
|
||||
0x18, 0x58, 0x72, 0x61, 0x79, 0x2e, 0x50, 0x72, 0x6f, 0x78, 0x79, 0x2e, 0x56, 0x6d, 0x65, 0x73,
|
||||
0x73, 0x2e, 0x49, 0x6e, 0x62, 0x6f, 0x75, 0x6e, 0x64, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f,
|
||||
0x33,
|
||||
}
|
||||
|
||||
var (
|
||||
|
|
|
|||
|
|
@ -13,7 +13,6 @@ message DetourConfig {
|
|||
}
|
||||
|
||||
message DefaultConfig {
|
||||
uint32 alter_id = 1;
|
||||
uint32 level = 2;
|
||||
}
|
||||
|
||||
|
|
@ -21,5 +20,5 @@ message Config {
|
|||
repeated xray.common.protocol.User user = 1;
|
||||
DefaultConfig default = 2;
|
||||
DetourConfig detour = 3;
|
||||
bool secure_encryption_only = 4;
|
||||
// 4 is for legacy setting
|
||||
}
|
||||
|
|
|
|||
|
|
@ -14,7 +14,6 @@ import (
|
|||
"github.com/xtls/xray-core/common/errors"
|
||||
"github.com/xtls/xray-core/common/log"
|
||||
"github.com/xtls/xray-core/common/net"
|
||||
"github.com/xtls/xray-core/common/platform"
|
||||
"github.com/xtls/xray-core/common/protocol"
|
||||
"github.com/xtls/xray-core/common/session"
|
||||
"github.com/xtls/xray-core/common/signal"
|
||||
|
|
@ -29,23 +28,16 @@ import (
|
|||
"github.com/xtls/xray-core/transport/internet/stat"
|
||||
)
|
||||
|
||||
var (
|
||||
aeadForced = false
|
||||
aeadForced2022 = false
|
||||
)
|
||||
|
||||
type userByEmail struct {
|
||||
sync.Mutex
|
||||
cache map[string]*protocol.MemoryUser
|
||||
defaultLevel uint32
|
||||
defaultAlterIDs uint16
|
||||
}
|
||||
|
||||
func newUserByEmail(config *DefaultConfig) *userByEmail {
|
||||
return &userByEmail{
|
||||
cache: make(map[string]*protocol.MemoryUser),
|
||||
defaultLevel: config.Level,
|
||||
defaultAlterIDs: uint16(config.AlterId),
|
||||
}
|
||||
}
|
||||
|
||||
|
|
@ -77,7 +69,6 @@ func (v *userByEmail) Get(email string) (*protocol.MemoryUser, bool) {
|
|||
id := uuid.New()
|
||||
rawAccount := &vmess.Account{
|
||||
Id: id.String(),
|
||||
AlterId: uint32(v.defaultAlterIDs),
|
||||
}
|
||||
account, err := rawAccount.AsAccount()
|
||||
common.Must(err)
|
||||
|
|
@ -112,7 +103,6 @@ type Handler struct {
|
|||
usersByEmail *userByEmail
|
||||
detours *DetourConfig
|
||||
sessionHistory *encoding.SessionHistory
|
||||
secure bool
|
||||
}
|
||||
|
||||
// New creates a new VMess inbound handler.
|
||||
|
|
@ -121,11 +111,10 @@ func New(ctx context.Context, config *Config) (*Handler, error) {
|
|||
handler := &Handler{
|
||||
policyManager: v.GetFeature(policy.ManagerType()).(policy.Manager),
|
||||
inboundHandlerManager: v.GetFeature(feature_inbound.ManagerType()).(feature_inbound.Manager),
|
||||
clients: vmess.NewTimedUserValidator(protocol.DefaultIDHash),
|
||||
clients: vmess.NewTimedUserValidator(),
|
||||
detours: config.Detour,
|
||||
usersByEmail: newUserByEmail(config.GetDefaultValue()),
|
||||
sessionHistory: encoding.NewSessionHistory(),
|
||||
secure: config.SecureEncryptionOnly,
|
||||
}
|
||||
|
||||
for _, user := range config.User {
|
||||
|
|
@ -145,7 +134,6 @@ func New(ctx context.Context, config *Config) (*Handler, error) {
|
|||
// Close implements common.Closable.
|
||||
func (h *Handler) Close() error {
|
||||
return errors.Combine(
|
||||
h.clients.Close(),
|
||||
h.sessionHistory.Close(),
|
||||
common.Close(h.usersByEmail))
|
||||
}
|
||||
|
|
@ -219,10 +207,6 @@ func transferResponse(timer signal.ActivityUpdater, session *encoding.ServerSess
|
|||
return nil
|
||||
}
|
||||
|
||||
func isInsecureEncryption(s protocol.SecurityType) bool {
|
||||
return s == protocol.SecurityType_NONE || s == protocol.SecurityType_LEGACY || s == protocol.SecurityType_UNKNOWN
|
||||
}
|
||||
|
||||
// Process implements proxy.Inbound.Process().
|
||||
func (h *Handler) Process(ctx context.Context, network net.Network, connection stat.Connection, dispatcher routing.Dispatcher) error {
|
||||
sessionPolicy := h.policyManager.ForLevel(0)
|
||||
|
|
@ -241,7 +225,6 @@ func (h *Handler) Process(ctx context.Context, network net.Network, connection s
|
|||
|
||||
reader := &buf.BufferedReader{Reader: buf.NewReader(connection)}
|
||||
svrSession := encoding.NewServerSession(h.clients, h.sessionHistory)
|
||||
svrSession.SetAEADForced(aeadForced)
|
||||
request, err := svrSession.DecodeRequestHeader(reader, isDrain)
|
||||
if err != nil {
|
||||
if errors.Cause(err) != io.EOF {
|
||||
|
|
@ -256,17 +239,6 @@ func (h *Handler) Process(ctx context.Context, network net.Network, connection s
|
|||
return err
|
||||
}
|
||||
|
||||
if h.secure && isInsecureEncryption(request.Security) {
|
||||
log.Record(&log.AccessMessage{
|
||||
From: connection.RemoteAddr(),
|
||||
To: "",
|
||||
Status: log.AccessRejected,
|
||||
Reason: "Insecure encryption",
|
||||
Email: request.User.Email,
|
||||
})
|
||||
return newError("client is using insecure encryption: ", request.Security)
|
||||
}
|
||||
|
||||
if request.Command != protocol.RequestCommandMux {
|
||||
ctx = log.ContextWithAccessMessage(ctx, &log.AccessMessage{
|
||||
From: connection.RemoteAddr(),
|
||||
|
|
@ -361,7 +333,6 @@ func (h *Handler) generateCommand(ctx context.Context, request *protocol.Request
|
|||
return &protocol.CommandSwitchAccount{
|
||||
Port: port,
|
||||
ID: account.ID.UUID(),
|
||||
AlterIds: uint16(len(account.AlterIDs)),
|
||||
Level: user.Level,
|
||||
ValidMin: byte(availableMin),
|
||||
}
|
||||
|
|
@ -376,18 +347,4 @@ func init() {
|
|||
common.Must(common.RegisterConfig((*Config)(nil), func(ctx context.Context, config interface{}) (interface{}, error) {
|
||||
return New(ctx, config.(*Config))
|
||||
}))
|
||||
|
||||
defaultFlagValue := "NOT_DEFINED_AT_ALL"
|
||||
|
||||
if time.Now().Year() >= 2022 {
|
||||
defaultFlagValue = "true_by_default_2022"
|
||||
}
|
||||
|
||||
isAeadForced := platform.NewEnvFlag("xray.vmess.aead.forced").GetValue(func() string { return defaultFlagValue })
|
||||
aeadForced = (isAeadForced == "true")
|
||||
|
||||
if isAeadForced == "true_by_default_2022" {
|
||||
aeadForced = true
|
||||
aeadForced2022 = true
|
||||
}
|
||||
}
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue