v1.0.0

2025-04-30 17:38:41 +00:00 · 2020-11-25 19:01:53 +08:00 · 2020-11-25 19:01:53 +08:00 · c7f7c08ead
commit c7f7c08ead
parent 47d23e9972
711 changed files with 82154 additions and 2 deletions
--- a/transport/internet/http/config.go
+++ b/transport/internet/http/config.go
@ -0,0 +1,49 @@
+// +build !confonly
+
+package http
+
+import (
+	"github.com/xtls/xray-core/v1/common"
+	"github.com/xtls/xray-core/v1/common/dice"
+	"github.com/xtls/xray-core/v1/transport/internet"
+)
+
+const protocolName = "http"
+
+func (c *Config) getHosts() []string {
+	if len(c.Host) == 0 {
+		return []string{"www.example.com"}
+	}
+	return c.Host
+}
+
+func (c *Config) isValidHost(host string) bool {
+	hosts := c.getHosts()
+	for _, h := range hosts {
+		if h == host {
+			return true
+		}
+	}
+	return false
+}
+
+func (c *Config) getRandomHost() string {
+	hosts := c.getHosts()
+	return hosts[dice.Roll(len(hosts))]
+}
+
+func (c *Config) getNormalizedPath() string {
+	if c.Path == "" {
+		return "/"
+	}
+	if c.Path[0] != '/' {
+		return "/" + c.Path
+	}
+	return c.Path
+}
+
+func init() {
+	common.Must(internet.RegisterProtocolConfigCreator(protocolName, func() interface{} {
+		return new(Config)
+	}))
+}
--- a/transport/internet/http/config.pb.go
+++ b/transport/internet/http/config.pb.go
@ -0,0 +1,165 @@
+// Code generated by protoc-gen-go. DO NOT EDIT.
+// versions:
+// 	protoc-gen-go v1.25.0
+// 	protoc        v3.14.0
+// source: transport/internet/http/config.proto
+
+package http
+
+import (
+	proto "github.com/golang/protobuf/proto"
+	protoreflect "google.golang.org/protobuf/reflect/protoreflect"
+	protoimpl "google.golang.org/protobuf/runtime/protoimpl"
+	reflect "reflect"
+	sync "sync"
+)
+
+const (
+	// Verify that this generated code is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion)
+	// Verify that runtime/protoimpl is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20)
+)
+
+// This is a compile-time assertion that a sufficiently up-to-date version
+// of the legacy proto package is being used.
+const _ = proto.ProtoPackageIsVersion4
+
+type Config struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	Host []string `protobuf:"bytes,1,rep,name=host,proto3" json:"host,omitempty"`
+	Path string   `protobuf:"bytes,2,opt,name=path,proto3" json:"path,omitempty"`
+}
+
+func (x *Config) Reset() {
+	*x = Config{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_transport_internet_http_config_proto_msgTypes[0]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *Config) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*Config) ProtoMessage() {}
+
+func (x *Config) ProtoReflect() protoreflect.Message {
+	mi := &file_transport_internet_http_config_proto_msgTypes[0]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use Config.ProtoReflect.Descriptor instead.
+func (*Config) Descriptor() ([]byte, []int) {
+	return file_transport_internet_http_config_proto_rawDescGZIP(), []int{0}
+}
+
+func (x *Config) GetHost() []string {
+	if x != nil {
+		return x.Host
+	}
+	return nil
+}
+
+func (x *Config) GetPath() string {
+	if x != nil {
+		return x.Path
+	}
+	return ""
+}
+
+var File_transport_internet_http_config_proto protoreflect.FileDescriptor
+
+var file_transport_internet_http_config_proto_rawDesc = []byte{
+	0x0a, 0x24, 0x74, 0x72, 0x61, 0x6e, 0x73, 0x70, 0x6f, 0x72, 0x74, 0x2f, 0x69, 0x6e, 0x74, 0x65,
+	0x72, 0x6e, 0x65, 0x74, 0x2f, 0x68, 0x74, 0x74, 0x70, 0x2f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67,
+	0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x1c, 0x78, 0x72, 0x61, 0x79, 0x2e, 0x74, 0x72, 0x61,
+	0x6e, 0x73, 0x70, 0x6f, 0x72, 0x74, 0x2e, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x6e, 0x65, 0x74, 0x2e,
+	0x68, 0x74, 0x74, 0x70, 0x22, 0x30, 0x0a, 0x06, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x12,
+	0x0a, 0x04, 0x68, 0x6f, 0x73, 0x74, 0x18, 0x01, 0x20, 0x03, 0x28, 0x09, 0x52, 0x04, 0x68, 0x6f,
+	0x73, 0x74, 0x12, 0x12, 0x0a, 0x04, 0x70, 0x61, 0x74, 0x68, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09,
+	0x52, 0x04, 0x70, 0x61, 0x74, 0x68, 0x42, 0x79, 0x0a, 0x20, 0x63, 0x6f, 0x6d, 0x2e, 0x78, 0x72,
+	0x61, 0x79, 0x2e, 0x74, 0x72, 0x61, 0x6e, 0x73, 0x70, 0x6f, 0x72, 0x74, 0x2e, 0x69, 0x6e, 0x74,
+	0x65, 0x72, 0x6e, 0x65, 0x74, 0x2e, 0x68, 0x74, 0x74, 0x70, 0x50, 0x01, 0x5a, 0x34, 0x67, 0x69,
+	0x74, 0x68, 0x75, 0x62, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x78, 0x74, 0x6c, 0x73, 0x2f, 0x78, 0x72,
+	0x61, 0x79, 0x2d, 0x63, 0x6f, 0x72, 0x65, 0x2f, 0x76, 0x31, 0x2f, 0x74, 0x72, 0x61, 0x6e, 0x73,
+	0x70, 0x6f, 0x72, 0x74, 0x2f, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x6e, 0x65, 0x74, 0x2f, 0x68, 0x74,
+	0x74, 0x70, 0xaa, 0x02, 0x1c, 0x58, 0x72, 0x61, 0x79, 0x2e, 0x54, 0x72, 0x61, 0x6e, 0x73, 0x70,
+	0x6f, 0x72, 0x74, 0x2e, 0x49, 0x6e, 0x74, 0x65, 0x72, 0x6e, 0x65, 0x74, 0x2e, 0x48, 0x74, 0x74,
+	0x70, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33,
+}
+
+var (
+	file_transport_internet_http_config_proto_rawDescOnce sync.Once
+	file_transport_internet_http_config_proto_rawDescData = file_transport_internet_http_config_proto_rawDesc
+)
+
+func file_transport_internet_http_config_proto_rawDescGZIP() []byte {
+	file_transport_internet_http_config_proto_rawDescOnce.Do(func() {
+		file_transport_internet_http_config_proto_rawDescData = protoimpl.X.CompressGZIP(file_transport_internet_http_config_proto_rawDescData)
+	})
+	return file_transport_internet_http_config_proto_rawDescData
+}
+
+var file_transport_internet_http_config_proto_msgTypes = make([]protoimpl.MessageInfo, 1)
+var file_transport_internet_http_config_proto_goTypes = []interface{}{
+	(*Config)(nil), // 0: xray.transport.internet.http.Config
+}
+var file_transport_internet_http_config_proto_depIdxs = []int32{
+	0, // [0:0] is the sub-list for method output_type
+	0, // [0:0] is the sub-list for method input_type
+	0, // [0:0] is the sub-list for extension type_name
+	0, // [0:0] is the sub-list for extension extendee
+	0, // [0:0] is the sub-list for field type_name
+}
+
+func init() { file_transport_internet_http_config_proto_init() }
+func file_transport_internet_http_config_proto_init() {
+	if File_transport_internet_http_config_proto != nil {
+		return
+	}
+	if !protoimpl.UnsafeEnabled {
+		file_transport_internet_http_config_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*Config); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+	}
+	type x struct{}
+	out := protoimpl.TypeBuilder{
+		File: protoimpl.DescBuilder{
+			GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
+			RawDescriptor: file_transport_internet_http_config_proto_rawDesc,
+			NumEnums:      0,
+			NumMessages:   1,
+			NumExtensions: 0,
+			NumServices:   0,
+		},
+		GoTypes:           file_transport_internet_http_config_proto_goTypes,
+		DependencyIndexes: file_transport_internet_http_config_proto_depIdxs,
+		MessageInfos:      file_transport_internet_http_config_proto_msgTypes,
+	}.Build()
+	File_transport_internet_http_config_proto = out.File
+	file_transport_internet_http_config_proto_rawDesc = nil
+	file_transport_internet_http_config_proto_goTypes = nil
+	file_transport_internet_http_config_proto_depIdxs = nil
+}
--- a/transport/internet/http/config.proto
+++ b/transport/internet/http/config.proto
@ -0,0 +1,12 @@
+syntax = "proto3";
+
+package xray.transport.internet.http;
+option csharp_namespace = "Xray.Transport.Internet.Http";
+option go_package = "github.com/xtls/xray-core/v1/transport/internet/http";
+option java_package = "com.xray.transport.internet.http";
+option java_multiple_files = true;
+
+message Config {
+  repeated string host = 1;
+  string path = 2;
+}
--- a/transport/internet/http/dialer.go
+++ b/transport/internet/http/dialer.go
@ -0,0 +1,138 @@
+// +build !confonly
+
+package http
+
+import (
+	"context"
+	gotls "crypto/tls"
+	"net/http"
+	"net/url"
+	"sync"
+
+	"github.com/xtls/xray-core/v1/common"
+	"github.com/xtls/xray-core/v1/common/buf"
+	"github.com/xtls/xray-core/v1/common/net"
+	"github.com/xtls/xray-core/v1/transport/internet"
+	"github.com/xtls/xray-core/v1/transport/internet/tls"
+	"github.com/xtls/xray-core/v1/transport/pipe"
+	"golang.org/x/net/http2"
+)
+
+var (
+	globalDialerMap    map[net.Destination]*http.Client
+	globalDialerAccess sync.Mutex
+)
+
+func getHTTPClient(_ context.Context, dest net.Destination, tlsSettings *tls.Config) (*http.Client, error) {
+	globalDialerAccess.Lock()
+	defer globalDialerAccess.Unlock()
+
+	if globalDialerMap == nil {
+		globalDialerMap = make(map[net.Destination]*http.Client)
+	}
+
+	if client, found := globalDialerMap[dest]; found {
+		return client, nil
+	}
+
+	transport := &http2.Transport{
+		DialTLS: func(network string, addr string, tlsConfig *gotls.Config) (net.Conn, error) {
+			rawHost, rawPort, err := net.SplitHostPort(addr)
+			if err != nil {
+				return nil, err
+			}
+			if len(rawPort) == 0 {
+				rawPort = "443"
+			}
+			port, err := net.PortFromString(rawPort)
+			if err != nil {
+				return nil, err
+			}
+			address := net.ParseAddress(rawHost)
+
+			pconn, err := internet.DialSystem(context.Background(), net.TCPDestination(address, port), nil)
+			if err != nil {
+				return nil, err
+			}
+
+			cn := gotls.Client(pconn, tlsConfig)
+			if err := cn.Handshake(); err != nil {
+				return nil, err
+			}
+			if !tlsConfig.InsecureSkipVerify {
+				if err := cn.VerifyHostname(tlsConfig.ServerName); err != nil {
+					return nil, err
+				}
+			}
+			state := cn.ConnectionState()
+			if p := state.NegotiatedProtocol; p != http2.NextProtoTLS {
+				return nil, newError("http2: unexpected ALPN protocol " + p + "; want q" + http2.NextProtoTLS).AtError()
+			}
+			if !state.NegotiatedProtocolIsMutual {
+				return nil, newError("http2: could not negotiate protocol mutually").AtError()
+			}
+			return cn, nil
+		},
+		TLSClientConfig: tlsSettings.GetTLSConfig(tls.WithDestination(dest)),
+	}
+
+	client := &http.Client{
+		Transport: transport,
+	}
+
+	globalDialerMap[dest] = client
+	return client, nil
+}
+
+// Dial dials a new TCP connection to the given destination.
+func Dial(ctx context.Context, dest net.Destination, streamSettings *internet.MemoryStreamConfig) (internet.Connection, error) {
+	httpSettings := streamSettings.ProtocolSettings.(*Config)
+	tlsConfig := tls.ConfigFromStreamSettings(streamSettings)
+	if tlsConfig == nil {
+		return nil, newError("TLS must be enabled for http transport.").AtWarning()
+	}
+	client, err := getHTTPClient(ctx, dest, tlsConfig)
+	if err != nil {
+		return nil, err
+	}
+
+	opts := pipe.OptionsFromContext(ctx)
+	preader, pwriter := pipe.New(opts...)
+	breader := &buf.BufferedReader{Reader: preader}
+	request := &http.Request{
+		Method: "PUT",
+		Host:   httpSettings.getRandomHost(),
+		Body:   breader,
+		URL: &url.URL{
+			Scheme: "https",
+			Host:   dest.NetAddr(),
+			Path:   httpSettings.getNormalizedPath(),
+		},
+		Proto:      "HTTP/2",
+		ProtoMajor: 2,
+		ProtoMinor: 0,
+		Header:     make(http.Header),
+	}
+	// Disable any compression method from server.
+	request.Header.Set("Accept-Encoding", "identity")
+
+	response, err := client.Do(request)
+	if err != nil {
+		return nil, newError("failed to dial to ", dest).Base(err).AtWarning()
+	}
+	if response.StatusCode != 200 {
+		return nil, newError("unexpected status", response.StatusCode).AtWarning()
+	}
+
+	bwriter := buf.NewBufferedWriter(pwriter)
+	common.Must(bwriter.SetBuffered(false))
+	return net.NewConnection(
+		net.ConnectionOutput(response.Body),
+		net.ConnectionInput(bwriter),
+		net.ConnectionOnClose(common.ChainedClosable{breader, bwriter, response.Body}),
+	), nil
+}
+
+func init() {
+	common.Must(internet.RegisterTransportDialer(protocolName, Dial))
+}
--- a/transport/internet/http/errors.generated.go
+++ b/transport/internet/http/errors.generated.go
@ -0,0 +1,9 @@
+package http
+
+import "github.com/xtls/xray-core/v1/common/errors"
+
+type errPathObjHolder struct{}
+
+func newError(values ...interface{}) *errors.Error {
+	return errors.New(values...).WithPathObj(errPathObjHolder{})
+}
--- a/transport/internet/http/http.go
+++ b/transport/internet/http/http.go
@ -0,0 +1,3 @@
+package http
+
+//go:generate go run github.com/xtls/xray-core/v1/common/errors/errorgen
--- a/transport/internet/http/http_test.go
+++ b/transport/internet/http/http_test.go
@ -0,0 +1,94 @@
+package http_test
+
+import (
+	"context"
+	"crypto/rand"
+	"testing"
+	"time"
+
+	"github.com/google/go-cmp/cmp"
+
+	"github.com/xtls/xray-core/v1/common"
+	"github.com/xtls/xray-core/v1/common/buf"
+	"github.com/xtls/xray-core/v1/common/net"
+	"github.com/xtls/xray-core/v1/common/protocol/tls/cert"
+	"github.com/xtls/xray-core/v1/testing/servers/tcp"
+	"github.com/xtls/xray-core/v1/transport/internet"
+	. "github.com/xtls/xray-core/v1/transport/internet/http"
+	"github.com/xtls/xray-core/v1/transport/internet/tls"
+)
+
+func TestHTTPConnection(t *testing.T) {
+	port := tcp.PickPort()
+
+	listener, err := Listen(context.Background(), net.LocalHostIP, port, &internet.MemoryStreamConfig{
+		ProtocolName:     "http",
+		ProtocolSettings: &Config{},
+		SecurityType:     "tls",
+		SecuritySettings: &tls.Config{
+			Certificate: []*tls.Certificate{tls.ParseCertificate(cert.MustGenerate(nil, cert.CommonName("www.example.com")))},
+		},
+	}, func(conn internet.Connection) {
+		go func() {
+			defer conn.Close()
+
+			b := buf.New()
+			defer b.Release()
+
+			for {
+				if _, err := b.ReadFrom(conn); err != nil {
+					return
+				}
+				_, err := conn.Write(b.Bytes())
+				common.Must(err)
+			}
+		}()
+	})
+	common.Must(err)
+
+	defer listener.Close()
+
+	time.Sleep(time.Second)
+
+	dctx := context.Background()
+	conn, err := Dial(dctx, net.TCPDestination(net.LocalHostIP, port), &internet.MemoryStreamConfig{
+		ProtocolName:     "http",
+		ProtocolSettings: &Config{},
+		SecurityType:     "tls",
+		SecuritySettings: &tls.Config{
+			ServerName:    "www.example.com",
+			AllowInsecure: true,
+		},
+	})
+	common.Must(err)
+	defer conn.Close()
+
+	const N = 1024
+	b1 := make([]byte, N)
+	common.Must2(rand.Read(b1))
+	b2 := buf.New()
+
+	nBytes, err := conn.Write(b1)
+	common.Must(err)
+	if nBytes != N {
+		t.Error("write: ", nBytes)
+	}
+
+	b2.Clear()
+	common.Must2(b2.ReadFullFrom(conn, N))
+	if r := cmp.Diff(b2.Bytes(), b1); r != "" {
+		t.Error(r)
+	}
+
+	nBytes, err = conn.Write(b1)
+	common.Must(err)
+	if nBytes != N {
+		t.Error("write: ", nBytes)
+	}
+
+	b2.Clear()
+	common.Must2(b2.ReadFullFrom(conn, N))
+	if r := cmp.Diff(b2.Bytes(), b1); r != "" {
+		t.Error(r)
+	}
+}
--- a/transport/internet/http/hub.go
+++ b/transport/internet/http/hub.go
@ -0,0 +1,205 @@
+// +build !confonly
+
+package http
+
+import (
+	"context"
+	"fmt"
+	"io"
+	"net/http"
+	"os"
+	"strings"
+	"time"
+
+	"golang.org/x/net/http2"
+	"golang.org/x/net/http2/h2c"
+
+	"github.com/xtls/xray-core/v1/common"
+	"github.com/xtls/xray-core/v1/common/net"
+	http_proto "github.com/xtls/xray-core/v1/common/protocol/http"
+	"github.com/xtls/xray-core/v1/common/serial"
+	"github.com/xtls/xray-core/v1/common/session"
+	"github.com/xtls/xray-core/v1/common/signal/done"
+	"github.com/xtls/xray-core/v1/transport/internet"
+	"github.com/xtls/xray-core/v1/transport/internet/tls"
+)
+
+type Listener struct {
+	server  *http.Server
+	handler internet.ConnHandler
+	local   net.Addr
+	config  *Config
+	locker  *internet.FileLocker // for unix domain socket
+}
+
+func (l *Listener) Addr() net.Addr {
+	return l.local
+}
+
+func (l *Listener) Close() error {
+	if l.locker != nil {
+		fmt.Fprintln(os.Stderr, "RELEASE LOCK")
+		l.locker.Release()
+	}
+	return l.server.Close()
+}
+
+type flushWriter struct {
+	w io.Writer
+	d *done.Instance
+}
+
+func (fw flushWriter) Write(p []byte) (n int, err error) {
+	if fw.d.Done() {
+		return 0, io.ErrClosedPipe
+	}
+
+	n, err = fw.w.Write(p)
+	if f, ok := fw.w.(http.Flusher); ok {
+		f.Flush()
+	}
+	return
+}
+
+func (l *Listener) ServeHTTP(writer http.ResponseWriter, request *http.Request) {
+	host := request.Host
+	if !l.config.isValidHost(host) {
+		writer.WriteHeader(404)
+		return
+	}
+	path := l.config.getNormalizedPath()
+	if !strings.HasPrefix(request.URL.Path, path) {
+		writer.WriteHeader(404)
+		return
+	}
+
+	writer.Header().Set("Cache-Control", "no-store")
+	writer.WriteHeader(200)
+	if f, ok := writer.(http.Flusher); ok {
+		f.Flush()
+	}
+
+	remoteAddr := l.Addr()
+	dest, err := net.ParseDestination(request.RemoteAddr)
+	if err != nil {
+		newError("failed to parse request remote addr: ", request.RemoteAddr).Base(err).WriteToLog()
+	} else {
+		remoteAddr = &net.TCPAddr{
+			IP:   dest.Address.IP(),
+			Port: int(dest.Port),
+		}
+	}
+
+	forwardedAddrs := http_proto.ParseXForwardedFor(request.Header)
+	if len(forwardedAddrs) > 0 && forwardedAddrs[0].Family().IsIP() {
+		remoteAddr = &net.TCPAddr{
+			IP:   forwardedAddrs[0].IP(),
+			Port: int(0),
+		}
+	}
+
+	done := done.New()
+	conn := net.NewConnection(
+		net.ConnectionOutput(request.Body),
+		net.ConnectionInput(flushWriter{w: writer, d: done}),
+		net.ConnectionOnClose(common.ChainedClosable{done, request.Body}),
+		net.ConnectionLocalAddr(l.Addr()),
+		net.ConnectionRemoteAddr(remoteAddr),
+	)
+	l.handler(conn)
+	<-done.Wait()
+}
+
+func Listen(ctx context.Context, address net.Address, port net.Port, streamSettings *internet.MemoryStreamConfig, handler internet.ConnHandler) (internet.Listener, error) {
+	httpSettings := streamSettings.ProtocolSettings.(*Config)
+	var listener *Listener
+	if port == net.Port(0) { // unix
+		listener = &Listener{
+			handler: handler,
+			local: &net.UnixAddr{
+				Name: address.Domain(),
+				Net:  "unix",
+			},
+			config: httpSettings,
+		}
+	} else { // tcp
+		listener = &Listener{
+			handler: handler,
+			local: &net.TCPAddr{
+				IP:   address.IP(),
+				Port: int(port),
+			},
+			config: httpSettings,
+		}
+	}
+
+	var server *http.Server
+	config := tls.ConfigFromStreamSettings(streamSettings)
+	if config == nil {
+		h2s := &http2.Server{}
+
+		server = &http.Server{
+			Addr:              serial.Concat(address, ":", port),
+			Handler:           h2c.NewHandler(listener, h2s),
+			ReadHeaderTimeout: time.Second * 4,
+		}
+	} else {
+		server = &http.Server{
+			Addr:              serial.Concat(address, ":", port),
+			TLSConfig:         config.GetTLSConfig(tls.WithNextProto("h2")),
+			Handler:           listener,
+			ReadHeaderTimeout: time.Second * 4,
+		}
+	}
+
+	if streamSettings.SocketSettings != nil && streamSettings.SocketSettings.AcceptProxyProtocol {
+		newError("accepting PROXY protocol").AtWarning().WriteToLog(session.ExportIDToError(ctx))
+	}
+
+	listener.server = server
+	go func() {
+		var streamListener net.Listener
+		var err error
+		if port == net.Port(0) { // unix
+			streamListener, err = internet.ListenSystem(ctx, &net.UnixAddr{
+				Name: address.Domain(),
+				Net:  "unix",
+			}, streamSettings.SocketSettings)
+			if err != nil {
+				newError("failed to listen on ", address).Base(err).WriteToLog(session.ExportIDToError(ctx))
+				return
+			}
+			locker := ctx.Value(address.Domain())
+			if locker != nil {
+				listener.locker = locker.(*internet.FileLocker)
+			}
+		} else { // tcp
+			streamListener, err = internet.ListenSystem(ctx, &net.TCPAddr{
+				IP:   address.IP(),
+				Port: int(port),
+			}, streamSettings.SocketSettings)
+			if err != nil {
+				newError("failed to listen on ", address, ":", port).Base(err).WriteToLog(session.ExportIDToError(ctx))
+				return
+			}
+		}
+
+		if config == nil {
+			err = server.Serve(streamListener)
+			if err != nil {
+				newError("stoping serving H2C").Base(err).WriteToLog(session.ExportIDToError(ctx))
+			}
+		} else {
+			err = server.ServeTLS(streamListener, "", "")
+			if err != nil {
+				newError("stoping serving TLS").Base(err).WriteToLog(session.ExportIDToError(ctx))
+			}
+		}
+	}()
+
+	return listener, nil
+}
+
+func init() {
+	common.Must(internet.RegisterTransportListener(protocolName, Listen))
+}