mirror of
https://github.com/XTLS/Xray-core.git
synced 2025-05-01 01:44:15 +00:00
yuhan6665
GitHub
parent
bf4b1fab3c
commit
9112cfd39c
25 changed files with 150 additions and 761 deletions
|
|
@ -14,7 +14,6 @@ import (
|
|||
"github.com/xtls/xray-core/common/errors"
|
||||
"github.com/xtls/xray-core/common/log"
|
||||
"github.com/xtls/xray-core/common/net"
|
||||
"github.com/xtls/xray-core/common/platform"
|
||||
"github.com/xtls/xray-core/common/protocol"
|
||||
"github.com/xtls/xray-core/common/session"
|
||||
"github.com/xtls/xray-core/common/signal"
|
||||
|
|
@ -29,23 +28,16 @@ import (
|
|||
"github.com/xtls/xray-core/transport/internet/stat"
|
||||
)
|
||||
|
||||
var (
|
||||
aeadForced = false
|
||||
aeadForced2022 = false
|
||||
)
|
||||
|
||||
type userByEmail struct {
|
||||
sync.Mutex
|
||||
cache map[string]*protocol.MemoryUser
|
||||
defaultLevel uint32
|
||||
defaultAlterIDs uint16
|
||||
}
|
||||
|
||||
func newUserByEmail(config *DefaultConfig) *userByEmail {
|
||||
return &userByEmail{
|
||||
cache: make(map[string]*protocol.MemoryUser),
|
||||
defaultLevel: config.Level,
|
||||
defaultAlterIDs: uint16(config.AlterId),
|
||||
}
|
||||
}
|
||||
|
||||
|
|
@ -77,7 +69,6 @@ func (v *userByEmail) Get(email string) (*protocol.MemoryUser, bool) {
|
|||
id := uuid.New()
|
||||
rawAccount := &vmess.Account{
|
||||
Id: id.String(),
|
||||
AlterId: uint32(v.defaultAlterIDs),
|
||||
}
|
||||
account, err := rawAccount.AsAccount()
|
||||
common.Must(err)
|
||||
|
|
@ -112,7 +103,6 @@ type Handler struct {
|
|||
usersByEmail *userByEmail
|
||||
detours *DetourConfig
|
||||
sessionHistory *encoding.SessionHistory
|
||||
secure bool
|
||||
}
|
||||
|
||||
// New creates a new VMess inbound handler.
|
||||
|
|
@ -121,11 +111,10 @@ func New(ctx context.Context, config *Config) (*Handler, error) {
|
|||
handler := &Handler{
|
||||
policyManager: v.GetFeature(policy.ManagerType()).(policy.Manager),
|
||||
inboundHandlerManager: v.GetFeature(feature_inbound.ManagerType()).(feature_inbound.Manager),
|
||||
clients: vmess.NewTimedUserValidator(protocol.DefaultIDHash),
|
||||
clients: vmess.NewTimedUserValidator(),
|
||||
detours: config.Detour,
|
||||
usersByEmail: newUserByEmail(config.GetDefaultValue()),
|
||||
sessionHistory: encoding.NewSessionHistory(),
|
||||
secure: config.SecureEncryptionOnly,
|
||||
}
|
||||
|
||||
for _, user := range config.User {
|
||||
|
|
@ -145,7 +134,6 @@ func New(ctx context.Context, config *Config) (*Handler, error) {
|
|||
// Close implements common.Closable.
|
||||
func (h *Handler) Close() error {
|
||||
return errors.Combine(
|
||||
h.clients.Close(),
|
||||
h.sessionHistory.Close(),
|
||||
common.Close(h.usersByEmail))
|
||||
}
|
||||
|
|
@ -219,10 +207,6 @@ func transferResponse(timer signal.ActivityUpdater, session *encoding.ServerSess
|
|||
return nil
|
||||
}
|
||||
|
||||
func isInsecureEncryption(s protocol.SecurityType) bool {
|
||||
return s == protocol.SecurityType_NONE || s == protocol.SecurityType_LEGACY || s == protocol.SecurityType_UNKNOWN
|
||||
}
|
||||
|
||||
// Process implements proxy.Inbound.Process().
|
||||
func (h *Handler) Process(ctx context.Context, network net.Network, connection stat.Connection, dispatcher routing.Dispatcher) error {
|
||||
sessionPolicy := h.policyManager.ForLevel(0)
|
||||
|
|
@ -241,7 +225,6 @@ func (h *Handler) Process(ctx context.Context, network net.Network, connection s
|
|||
|
||||
reader := &buf.BufferedReader{Reader: buf.NewReader(connection)}
|
||||
svrSession := encoding.NewServerSession(h.clients, h.sessionHistory)
|
||||
svrSession.SetAEADForced(aeadForced)
|
||||
request, err := svrSession.DecodeRequestHeader(reader, isDrain)
|
||||
if err != nil {
|
||||
if errors.Cause(err) != io.EOF {
|
||||
|
|
@ -256,17 +239,6 @@ func (h *Handler) Process(ctx context.Context, network net.Network, connection s
|
|||
return err
|
||||
}
|
||||
|
||||
if h.secure && isInsecureEncryption(request.Security) {
|
||||
log.Record(&log.AccessMessage{
|
||||
From: connection.RemoteAddr(),
|
||||
To: "",
|
||||
Status: log.AccessRejected,
|
||||
Reason: "Insecure encryption",
|
||||
Email: request.User.Email,
|
||||
})
|
||||
return newError("client is using insecure encryption: ", request.Security)
|
||||
}
|
||||
|
||||
if request.Command != protocol.RequestCommandMux {
|
||||
ctx = log.ContextWithAccessMessage(ctx, &log.AccessMessage{
|
||||
From: connection.RemoteAddr(),
|
||||
|
|
@ -361,7 +333,6 @@ func (h *Handler) generateCommand(ctx context.Context, request *protocol.Request
|
|||
return &protocol.CommandSwitchAccount{
|
||||
Port: port,
|
||||
ID: account.ID.UUID(),
|
||||
AlterIds: uint16(len(account.AlterIDs)),
|
||||
Level: user.Level,
|
||||
ValidMin: byte(availableMin),
|
||||
}
|
||||
|
|
@ -376,18 +347,4 @@ func init() {
|
|||
common.Must(common.RegisterConfig((*Config)(nil), func(ctx context.Context, config interface{}) (interface{}, error) {
|
||||
return New(ctx, config.(*Config))
|
||||
}))
|
||||
|
||||
defaultFlagValue := "NOT_DEFINED_AT_ALL"
|
||||
|
||||
if time.Now().Year() >= 2022 {
|
||||
defaultFlagValue = "true_by_default_2022"
|
||||
}
|
||||
|
||||
isAeadForced := platform.NewEnvFlag("xray.vmess.aead.forced").GetValue(func() string { return defaultFlagValue })
|
||||
aeadForced = (isAeadForced == "true")
|
||||
|
||||
if isAeadForced == "true_by_default_2022" {
|
||||
aeadForced = true
|
||||
aeadForced2022 = true
|
||||
}
|
||||
}
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue