Legends never die (#1725)

2025-04-29 16:58:34 +00:00 · 2023-03-04 05:39:26 -05:00 · 2023-03-04 05:39:26 -05:00 · 9e5bc07bf2
commit 9e5bc07bf2
parent 4c8ee0af50
34 changed files with 71 additions and 1773 deletions
--- a/proxy/vless/account.go
+++ b/proxy/vless/account.go
@ -22,7 +22,7 @@ func (a *Account) AsAccount() (protocol.Account, error) {
 type MemoryAccount struct {
 	// ID of the account.
 	ID *protocol.ID
-	// Flow of the account. May be "xtls-rprx-direct".
+	// Flow of the account. May be "xtls-rprx-vision".
 	Flow string
 	// Encryption of the account. Used for client connections, and only accepts "none" for now.
 	Encryption string
--- a/proxy/vless/account.pb.go
+++ b/proxy/vless/account.pb.go
@ -27,7 +27,7 @@ type Account struct {

 	// ID of the account, in the form of a UUID, e.g., "66ad4540-b58c-4ad2-9926-ea63445a9b57".
 	Id string `protobuf:"bytes,1,opt,name=id,proto3" json:"id,omitempty"`
-	// Flow settings. May be "xtls-rprx-direct".
+	// Flow settings. May be "xtls-rprx-vision".
 	Flow string `protobuf:"bytes,2,opt,name=flow,proto3" json:"flow,omitempty"`
 	// Encryption settings. Only applies to client side, and only accepts "none" for now.
 	Encryption string `protobuf:"bytes,3,opt,name=encryption,proto3" json:"encryption,omitempty"`
--- a/proxy/vless/account.proto
+++ b/proxy/vless/account.proto
@ -9,7 +9,7 @@ option java_multiple_files = true;
 message Account {
  // ID of the account, in the form of a UUID, e.g., "66ad4540-b58c-4ad2-9926-ea63445a9b57".
  string id = 1;
-  // Flow settings. May be "xtls-rprx-direct".
+  // Flow settings. May be "xtls-rprx-vision".
  string flow = 2;
  // Encryption settings. Only applies to client side, and only accepts "none" for now.
  string encryption = 3;
--- a/proxy/vless/encoding/addons.go
+++ b/proxy/vless/encoding/addons.go
@ -11,7 +11,7 @@ import (

 func EncodeHeaderAddons(buffer *buf.Buffer, addons *Addons) error {
 	switch addons.Flow {
-	case vless.XRO, vless.XRD, vless.XRV:
+	case vless.XRV:
 		bytes, err := proto.Marshal(addons)
 		if err != nil {
 			return newError("failed to marshal addons protobuf value").Base(err)
--- a/proxy/vless/encoding/encoding.go
+++ b/proxy/vless/encoding/encoding.go
@ -6,7 +6,6 @@ import (
 	"bytes"
 	"context"
 	"crypto/rand"
-	"fmt"
 	"io"
 	"math/big"
 	"runtime"
@ -24,7 +23,6 @@ import (
 	"github.com/xtls/xray-core/proxy/vless"
 	"github.com/xtls/xray-core/transport/internet/stat"
 	"github.com/xtls/xray-core/transport/internet/tls"
-	"github.com/xtls/xray-core/transport/internet/xtls"
 )

 const (
@ -206,65 +204,6 @@ func DecodeResponseHeader(reader io.Reader, request *protocol.RequestHeader) (*A
 	return responseAddons, nil
 }

-func ReadV(reader buf.Reader, writer buf.Writer, timer signal.ActivityUpdater, conn *xtls.Conn, rawConn syscall.RawConn, counter stats.Counter, ctx context.Context) error {
-	err := func() error {
-		var ct stats.Counter
-		for {
-			if conn.DirectIn {
-				conn.DirectIn = false
-				if inbound := session.InboundFromContext(ctx); inbound != nil && inbound.Conn != nil {
-					iConn := inbound.Conn
-					statConn, ok := iConn.(*stat.CounterConnection)
-					if ok {
-						iConn = statConn.Connection
-					}
-					if xc, ok := iConn.(*xtls.Conn); ok {
-						iConn = xc.NetConn()
-					}
-					if tc, ok := iConn.(*net.TCPConn); ok {
-						if conn.SHOW {
-							fmt.Println(conn.MARK, "Splice")
-						}
-						runtime.Gosched() // necessary
-						w, err := tc.ReadFrom(conn.NetConn())
-						if counter != nil {
-							counter.Add(w)
-						}
-						if statConn != nil && statConn.WriteCounter != nil {
-							statConn.WriteCounter.Add(w)
-						}
-						return err
-					} else {
-						panic("XTLS Splice: not TCP inbound")
-					}
-				}
-				reader = buf.NewReadVReader(conn.NetConn(), rawConn, nil)
-				ct = counter
-				if conn.SHOW {
-					fmt.Println(conn.MARK, "ReadV")
-				}
-			}
-			buffer, err := reader.ReadMultiBuffer()
-			if !buffer.IsEmpty() {
-				if ct != nil {
-					ct.Add(int64(buffer.Len()))
-				}
-				timer.Update()
-				if werr := writer.WriteMultiBuffer(buffer); werr != nil {
-					return werr
-				}
-			}
-			if err != nil {
-				return err
-			}
-		}
-	}()
-	if err != nil && errors.Cause(err) != io.EOF {
-		return err
-	}
-	return nil
-}
-
 // XtlsRead filter and read xtls protocol
 func XtlsRead(reader buf.Reader, writer buf.Writer, timer signal.ActivityUpdater, conn net.Conn, rawConn syscall.RawConn,
 	input *bytes.Reader, rawInput *bytes.Buffer,
--- a/proxy/vless/inbound/inbound.go
+++ b/proxy/vless/inbound/inbound.go
@ -20,7 +20,6 @@ import (
 	"github.com/xtls/xray-core/common/errors"
 	"github.com/xtls/xray-core/common/log"
 	"github.com/xtls/xray-core/common/net"
-	"github.com/xtls/xray-core/common/platform"
 	"github.com/xtls/xray-core/common/protocol"
 	"github.com/xtls/xray-core/common/retry"
 	"github.com/xtls/xray-core/common/session"
@ -37,11 +36,8 @@ import (
 	"github.com/xtls/xray-core/transport/internet/reality"
 	"github.com/xtls/xray-core/transport/internet/stat"
 	"github.com/xtls/xray-core/transport/internet/tls"
-	"github.com/xtls/xray-core/transport/internet/xtls"
 )

-var xtls_show = false
-
 func init() {
 	common.Must(common.RegisterConfig((*Config)(nil), func(ctx context.Context, config interface{}) (interface{}, error) {
 		var dc dns.Client
@ -53,13 +49,6 @@ func init() {
 		}
 		return New(ctx, config.(*Config), dc)
 	}))
-
-	const defaultFlagValue = "NOT_DEFINED_AT_ALL"
-
-	xtlsShow := platform.NewEnvFlag("xray.vless.xtls.show").GetValue(func() string { return defaultFlagValue })
-	if xtlsShow == "true" {
-		xtls_show = true
-	}
 }

 // Handler is an inbound connection handler that handles messages in VLess protocol.
@ -241,12 +230,6 @@ func (h *Handler) Process(ctx context.Context, network net.Network, connection s
 				alpn = cs.NegotiatedProtocol
 				newError("realName = " + name).AtInfo().WriteToLog(sid)
 				newError("realAlpn = " + alpn).AtInfo().WriteToLog(sid)
-			} else if xtlsConn, ok := iConn.(*xtls.Conn); ok {
-				cs := xtlsConn.ConnectionState()
-				name = cs.ServerName
-				alpn = cs.NegotiatedProtocol
-				newError("realName = " + name).AtInfo().WriteToLog(sid)
-				newError("realAlpn = " + alpn).AtInfo().WriteToLog(sid)
 			} else if realityConn, ok := iConn.(*reality.Conn); ok {
 				cs := realityConn.ConnectionState()
 				name = cs.ServerName
@ -479,7 +462,7 @@ func (h *Handler) Process(ctx context.Context, network net.Network, connection s
 		}
 	}
 	switch requestAddons.Flow {
-	case vless.XRO, vless.XRD, vless.XRV:
+	case vless.XRV:
 		if accountFlow == requestAddons.Flow {
 			switch request.Command {
 			case protocol.RequestCommandMux:
@ -487,51 +470,35 @@ func (h *Handler) Process(ctx context.Context, network net.Network, connection s
 			case protocol.RequestCommandUDP:
 				return newError(requestAddons.Flow + " doesn't support UDP").AtWarning()
 			case protocol.RequestCommandTCP:
-				if requestAddons.Flow == vless.XRV {
-					var t reflect.Type
-					var p uintptr
-					if tlsConn, ok := iConn.(*tls.Conn); ok {
-						if tlsConn.ConnectionState().Version != gotls.VersionTLS13 {
-							return newError(`failed to use `+requestAddons.Flow+`, found outer tls version `, tlsConn.ConnectionState().Version).AtWarning()
-						}
-						netConn = tlsConn.NetConn()
-						t = reflect.TypeOf(tlsConn.Conn).Elem()
-						p = uintptr(unsafe.Pointer(tlsConn.Conn))
-					} else if realityConn, ok := iConn.(*reality.Conn); ok {
-						netConn = realityConn.NetConn()
-						t = reflect.TypeOf(realityConn.Conn).Elem()
-						p = uintptr(unsafe.Pointer(realityConn.Conn))
-					} else if _, ok := iConn.(*tls.UConn); ok {
-						return newError("XTLS only supports UTLS fingerprint for the outbound.").AtWarning()
-					} else if _, ok := iConn.(*xtls.Conn); ok {
-						return newError(`failed to use ` + requestAddons.Flow + `, vision "security" must be "tls" or "reality"`).AtWarning()
-					} else {
-						return newError("XTLS only supports TCP, mKCP and DomainSocket for now.").AtWarning()
-					}
-					if pc, ok := netConn.(*proxyproto.Conn); ok {
-						netConn = pc.Raw()
-						// 8192 > 4096, there is no need to process pc's bufReader
-					}
-					if sc, ok := netConn.(syscall.Conn); ok {
-						rawConn, _ = sc.SyscallConn()
-					}
-					i, _ := t.FieldByName("input")
-					r, _ := t.FieldByName("rawInput")
-					input = (*bytes.Reader)(unsafe.Pointer(p + i.Offset))
-					rawInput = (*bytes.Buffer)(unsafe.Pointer(p + r.Offset))
-				} else if xtlsConn, ok := iConn.(*xtls.Conn); ok {
-					xtlsConn.RPRX = true
-					xtlsConn.SHOW = xtls_show
-					xtlsConn.MARK = "XTLS"
-					if requestAddons.Flow == vless.XRD {
-						xtlsConn.DirectMode = true
-						if sc, ok := xtlsConn.NetConn().(syscall.Conn); ok {
-							rawConn, _ = sc.SyscallConn()
-						}
+				var t reflect.Type
+				var p uintptr
+				if tlsConn, ok := iConn.(*tls.Conn); ok {
+					if tlsConn.ConnectionState().Version != gotls.VersionTLS13 {
+						return newError(`failed to use `+requestAddons.Flow+`, found outer tls version `, tlsConn.ConnectionState().Version).AtWarning()
 					}
+					netConn = tlsConn.NetConn()
+					t = reflect.TypeOf(tlsConn.Conn).Elem()
+					p = uintptr(unsafe.Pointer(tlsConn.Conn))
+				} else if realityConn, ok := iConn.(*reality.Conn); ok {
+					netConn = realityConn.NetConn()
+					t = reflect.TypeOf(realityConn.Conn).Elem()
+					p = uintptr(unsafe.Pointer(realityConn.Conn))
+				} else if _, ok := iConn.(*tls.UConn); ok {
+					return newError("XTLS only supports UTLS fingerprint for the outbound.").AtWarning()
 				} else {
-					return newError(`failed to use ` + requestAddons.Flow + `, maybe "security" is not "xtls"`).AtWarning()
+					return newError("XTLS only supports TCP, mKCP and DomainSocket for now.").AtWarning()
 				}
+				if pc, ok := netConn.(*proxyproto.Conn); ok {
+					netConn = pc.Raw()
+					// 8192 > 4096, there is no need to process pc's bufReader
+				}
+				if sc, ok := netConn.(syscall.Conn); ok {
+					rawConn, _ = sc.SyscallConn()
+				}
+				i, _ := t.FieldByName("input")
+				r, _ := t.FieldByName("rawInput")
+				input = (*bytes.Reader)(unsafe.Pointer(p + i.Offset))
+				rawInput = (*bytes.Buffer)(unsafe.Pointer(p + r.Offset))
 			}
 		} else {
 			return newError(account.ID.String() + " is not able to use " + requestAddons.Flow).AtWarning()
@ -589,12 +556,8 @@ func (h *Handler) Process(ctx context.Context, network net.Network, connection s
 			}
 			// TODO enable splice
 			ctx = session.ContextWithInbound(ctx, nil)
-			if requestAddons.Flow == vless.XRV {
-				err = encoding.XtlsRead(clientReader, serverWriter, timer, netConn, rawConn, input, rawInput, counter, ctx, account.ID.Bytes(),
-					&numberOfPacketToFilter, &enableXtls, &isTLS12orAbove, &isTLS, &cipher, &remainingServerHello)
-			} else {
-				err = encoding.ReadV(clientReader, serverWriter, timer, iConn.(*xtls.Conn), rawConn, counter, ctx)
-			}
+			err = encoding.XtlsRead(clientReader, serverWriter, timer, netConn, rawConn, input, rawInput, counter, ctx, account.ID.Bytes(),
+			&numberOfPacketToFilter, &enableXtls, &isTLS12orAbove, &isTLS, &cipher, &remainingServerHello)
 		} else {
 			// from clientReader.ReadMultiBuffer to serverWriter.WriteMultiBufer
 			err = buf.Copy(clientReader, serverWriter, buf.UpdateActivity(timer))
--- a/proxy/vless/outbound/outbound.go
+++ b/proxy/vless/outbound/outbound.go
@ -15,7 +15,6 @@ import (
 	"github.com/xtls/xray-core/common"
 	"github.com/xtls/xray-core/common/buf"
 	"github.com/xtls/xray-core/common/net"
-	"github.com/xtls/xray-core/common/platform"
 	"github.com/xtls/xray-core/common/protocol"
 	"github.com/xtls/xray-core/common/retry"
 	"github.com/xtls/xray-core/common/session"
@ -32,22 +31,12 @@ import (
 	"github.com/xtls/xray-core/transport/internet/reality"
 	"github.com/xtls/xray-core/transport/internet/stat"
 	"github.com/xtls/xray-core/transport/internet/tls"
-	"github.com/xtls/xray-core/transport/internet/xtls"
 )

-var xtls_show = false
-
 func init() {
 	common.Must(common.RegisterConfig((*Config)(nil), func(ctx context.Context, config interface{}) (interface{}, error) {
 		return New(ctx, config.(*Config))
 	}))
-
-	const defaultFlagValue = "NOT_DEFINED_AT_ALL"
-
-	xtlsShow := platform.NewEnvFlag("xray.vless.xtls.show").GetValue(func() string { return defaultFlagValue })
-	if xtlsShow == "true" {
-		xtls_show = true
-	}
 }

 // Handler is an outbound connection handler for VLess protocol.
@ -140,11 +129,11 @@ func (h *Handler) Process(ctx context.Context, link *transport.Link, dialer inte
 	var rawInput *bytes.Buffer
 	allowUDP443 := false
 	switch requestAddons.Flow {
-	case vless.XRO + "-udp443", vless.XRD + "-udp443", vless.XRS + "-udp443", vless.XRV + "-udp443":
+	case vless.XRV + "-udp443":
 		allowUDP443 = true
 		requestAddons.Flow = requestAddons.Flow[:16]
 		fallthrough
-	case vless.XRO, vless.XRD, vless.XRS, vless.XRV:
+	case vless.XRV:
 		switch request.Command {
 		case protocol.RequestCommandMux:
 			return newError(requestAddons.Flow + " doesn't support Mux").AtWarning()
@ -154,53 +143,30 @@ func (h *Handler) Process(ctx context.Context, link *transport.Link, dialer inte
 			}
 			requestAddons.Flow = ""
 		case protocol.RequestCommandTCP:
-			if requestAddons.Flow == vless.XRV {
-				var t reflect.Type
-				var p uintptr
-				if tlsConn, ok := iConn.(*tls.Conn); ok {
-					netConn = tlsConn.NetConn()
-					t = reflect.TypeOf(tlsConn.Conn).Elem()
-					p = uintptr(unsafe.Pointer(tlsConn.Conn))
-				} else if utlsConn, ok := iConn.(*tls.UConn); ok {
-					netConn = utlsConn.NetConn()
-					t = reflect.TypeOf(utlsConn.Conn).Elem()
-					p = uintptr(unsafe.Pointer(utlsConn.Conn))
-				} else if realityConn, ok := iConn.(*reality.UConn); ok {
-					netConn = realityConn.NetConn()
-					t = reflect.TypeOf(realityConn.Conn).Elem()
-					p = uintptr(unsafe.Pointer(realityConn.Conn))
-				} else if _, ok := iConn.(*xtls.Conn); ok {
-					return newError(`failed to use ` + requestAddons.Flow + `, vision "security" must be "tls" or "reality"`).AtWarning()
-				} else {
-					return newError("XTLS only supports TCP, mKCP and DomainSocket for now.").AtWarning()
-				}
-				if sc, ok := netConn.(syscall.Conn); ok {
-					rawConn, _ = sc.SyscallConn()
-				}
-				i, _ := t.FieldByName("input")
-				r, _ := t.FieldByName("rawInput")
-				input = (*bytes.Reader)(unsafe.Pointer(p + i.Offset))
-				rawInput = (*bytes.Buffer)(unsafe.Pointer(p + r.Offset))
-			} else if xtlsConn, ok := iConn.(*xtls.Conn); ok {
-				xtlsConn.RPRX = true
-				xtlsConn.SHOW = xtls_show
-				xtlsConn.MARK = "XTLS"
-				if requestAddons.Flow == vless.XRS {
-					requestAddons.Flow = vless.XRD
-				}
-				if requestAddons.Flow == vless.XRD {
-					xtlsConn.DirectMode = true
-					if sc, ok := xtlsConn.NetConn().(syscall.Conn); ok {
-						rawConn, _ = sc.SyscallConn()
-					}
-				}
+			var t reflect.Type
+			var p uintptr
+			if tlsConn, ok := iConn.(*tls.Conn); ok {
+				netConn = tlsConn.NetConn()
+				t = reflect.TypeOf(tlsConn.Conn).Elem()
+				p = uintptr(unsafe.Pointer(tlsConn.Conn))
+			} else if utlsConn, ok := iConn.(*tls.UConn); ok {
+				netConn = utlsConn.NetConn()
+				t = reflect.TypeOf(utlsConn.Conn).Elem()
+				p = uintptr(unsafe.Pointer(utlsConn.Conn))
+			} else if realityConn, ok := iConn.(*reality.UConn); ok {
+				netConn = realityConn.NetConn()
+				t = reflect.TypeOf(realityConn.Conn).Elem()
+				p = uintptr(unsafe.Pointer(realityConn.Conn))
 			} else {
-				return newError(`failed to use ` + requestAddons.Flow + `, maybe "security" is not "xtls"`).AtWarning()
+				return newError("XTLS only supports TCP, mKCP and DomainSocket for now.").AtWarning()
 			}
-		}
-	default:
-		if _, ok := iConn.(*xtls.Conn); ok {
-			panic(`To avoid misunderstanding, you must fill in VLESS "flow" when using XTLS.`)
+			if sc, ok := netConn.(syscall.Conn); ok {
+				rawConn, _ = sc.SyscallConn()
+			}
+			i, _ := t.FieldByName("input")
+			r, _ := t.FieldByName("rawInput")
+			input = (*bytes.Reader)(unsafe.Pointer(p + i.Offset))
+			rawInput = (*bytes.Buffer)(unsafe.Pointer(p + r.Offset))
 		}
 	}

@ -320,15 +286,8 @@ func (h *Handler) Process(ctx context.Context, link *transport.Link, dialer inte
 			if statConn != nil {
 				counter = statConn.ReadCounter
 			}
-			if requestAddons.Flow == vless.XRV {
-				err = encoding.XtlsRead(serverReader, clientWriter, timer, netConn, rawConn, input, rawInput, counter, ctx, account.ID.Bytes(),
-					&numberOfPacketToFilter, &enableXtls, &isTLS12orAbove, &isTLS, &cipher, &remainingServerHello)
-			} else {
-				if requestAddons.Flow != vless.XRS {
-					ctx = session.ContextWithInbound(ctx, nil)
-				}
-				err = encoding.ReadV(serverReader, clientWriter, timer, iConn.(*xtls.Conn), rawConn, counter, ctx)
-			}
+			err = encoding.XtlsRead(serverReader, clientWriter, timer, netConn, rawConn, input, rawInput, counter, ctx, account.ID.Bytes(),
+			&numberOfPacketToFilter, &enableXtls, &isTLS12orAbove, &isTLS, &cipher, &remainingServerHello)
 		} else {
 			// from serverReader.ReadMultiBuffer to clientWriter.WriteMultiBufer
 			err = buf.Copy(serverReader, clientWriter, buf.UpdateActivity(timer))
--- a/proxy/vless/vless.go
+++ b/proxy/vless/vless.go
@ -8,8 +8,5 @@ package vless
 //go:generate go run github.com/xtls/xray-core/common/errors/errorgen

 const (
-	XRO = "xtls-rprx-origin"
-	XRD = "xtls-rprx-direct"
-	XRS = "xtls-rprx-splice"
 	XRV = "xtls-rprx-vision"
 )