v1.0.0

transport/internet/tcp/config.go

@@ -0,0 +1,16 @@
+// +build !confonly
+
+package tcp
+
+import (
+	"github.com/xtls/xray-core/v1/common"
+	"github.com/xtls/xray-core/v1/transport/internet"
+)
+
+const protocolName = "tcp"
+
+func init() {
+	common.Must(internet.RegisterProtocolConfigCreator(protocolName, func() interface{} {
+		return new(Config)
+	}))
+}

transport/internet/tcp/config.pb.go

@@ -0,0 +1,176 @@
+// Code generated by protoc-gen-go. DO NOT EDIT.
+// versions:
+// 	protoc-gen-go v1.25.0
+// 	protoc        v3.14.0
+// source: transport/internet/tcp/config.proto
+
+package tcp
+
+import (
+	proto "github.com/golang/protobuf/proto"
+	serial "github.com/xtls/xray-core/v1/common/serial"
+	protoreflect "google.golang.org/protobuf/reflect/protoreflect"
+	protoimpl "google.golang.org/protobuf/runtime/protoimpl"
+	reflect "reflect"
+	sync "sync"
+)
+
+const (
+	// Verify that this generated code is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion)
+	// Verify that runtime/protoimpl is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20)
+)
+
+// This is a compile-time assertion that a sufficiently up-to-date version
+// of the legacy proto package is being used.
+const _ = proto.ProtoPackageIsVersion4
+
+type Config struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	HeaderSettings      *serial.TypedMessage `protobuf:"bytes,2,opt,name=header_settings,json=headerSettings,proto3" json:"header_settings,omitempty"`
+	AcceptProxyProtocol bool                 `protobuf:"varint,3,opt,name=accept_proxy_protocol,json=acceptProxyProtocol,proto3" json:"accept_proxy_protocol,omitempty"`
+}
+
+func (x *Config) Reset() {
+	*x = Config{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_transport_internet_tcp_config_proto_msgTypes[0]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *Config) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*Config) ProtoMessage() {}
+
+func (x *Config) ProtoReflect() protoreflect.Message {
+	mi := &file_transport_internet_tcp_config_proto_msgTypes[0]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use Config.ProtoReflect.Descriptor instead.
+func (*Config) Descriptor() ([]byte, []int) {
+	return file_transport_internet_tcp_config_proto_rawDescGZIP(), []int{0}
+}
+
+func (x *Config) GetHeaderSettings() *serial.TypedMessage {
+	if x != nil {
+		return x.HeaderSettings
+	}
+	return nil
+}
+
+func (x *Config) GetAcceptProxyProtocol() bool {
+	if x != nil {
+		return x.AcceptProxyProtocol
+	}
+	return false
+}
+
+var File_transport_internet_tcp_config_proto protoreflect.FileDescriptor
+
+var file_transport_internet_tcp_config_proto_rawDesc = []byte{
+	0x0a, 0x23, 0x74, 0x72, 0x61, 0x6e, 0x73, 0x70, 0x6f, 0x72, 0x74, 0x2f, 0x69, 0x6e, 0x74, 0x65,
+	0x72, 0x6e, 0x65, 0x74, 0x2f, 0x74, 0x63, 0x70, 0x2f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e,
+	0x70, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x1b, 0x78, 0x72, 0x61, 0x79, 0x2e, 0x74, 0x72, 0x61, 0x6e,
+	0x73, 0x70, 0x6f, 0x72, 0x74, 0x2e, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x6e, 0x65, 0x74, 0x2e, 0x74,
+	0x63, 0x70, 0x1a, 0x21, 0x63, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x2f, 0x73, 0x65, 0x72, 0x69, 0x61,
+	0x6c, 0x2f, 0x74, 0x79, 0x70, 0x65, 0x64, 0x5f, 0x6d, 0x65, 0x73, 0x73, 0x61, 0x67, 0x65, 0x2e,
+	0x70, 0x72, 0x6f, 0x74, 0x6f, 0x22, 0x8d, 0x01, 0x0a, 0x06, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67,
+	0x12, 0x49, 0x0a, 0x0f, 0x68, 0x65, 0x61, 0x64, 0x65, 0x72, 0x5f, 0x73, 0x65, 0x74, 0x74, 0x69,
+	0x6e, 0x67, 0x73, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x20, 0x2e, 0x78, 0x72, 0x61, 0x79,
+	0x2e, 0x63, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x2e, 0x73, 0x65, 0x72, 0x69, 0x61, 0x6c, 0x2e, 0x54,
+	0x79, 0x70, 0x65, 0x64, 0x4d, 0x65, 0x73, 0x73, 0x61, 0x67, 0x65, 0x52, 0x0e, 0x68, 0x65, 0x61,
+	0x64, 0x65, 0x72, 0x53, 0x65, 0x74, 0x74, 0x69, 0x6e, 0x67, 0x73, 0x12, 0x32, 0x0a, 0x15, 0x61,
+	0x63, 0x63, 0x65, 0x70, 0x74, 0x5f, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x5f, 0x70, 0x72, 0x6f, 0x74,
+	0x6f, 0x63, 0x6f, 0x6c, 0x18, 0x03, 0x20, 0x01, 0x28, 0x08, 0x52, 0x13, 0x61, 0x63, 0x63, 0x65,
+	0x70, 0x74, 0x50, 0x72, 0x6f, 0x78, 0x79, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x63, 0x6f, 0x6c, 0x4a,
+	0x04, 0x08, 0x01, 0x10, 0x02, 0x42, 0x76, 0x0a, 0x1f, 0x63, 0x6f, 0x6d, 0x2e, 0x78, 0x72, 0x61,
+	0x79, 0x2e, 0x74, 0x72, 0x61, 0x6e, 0x73, 0x70, 0x6f, 0x72, 0x74, 0x2e, 0x69, 0x6e, 0x74, 0x65,
+	0x72, 0x6e, 0x65, 0x74, 0x2e, 0x74, 0x63, 0x70, 0x50, 0x01, 0x5a, 0x33, 0x67, 0x69, 0x74, 0x68,
+	0x75, 0x62, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x78, 0x74, 0x6c, 0x73, 0x2f, 0x78, 0x72, 0x61, 0x79,
+	0x2d, 0x63, 0x6f, 0x72, 0x65, 0x2f, 0x76, 0x31, 0x2f, 0x74, 0x72, 0x61, 0x6e, 0x73, 0x70, 0x6f,
+	0x72, 0x74, 0x2f, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x6e, 0x65, 0x74, 0x2f, 0x74, 0x63, 0x70, 0xaa,
+	0x02, 0x1b, 0x58, 0x72, 0x61, 0x79, 0x2e, 0x54, 0x72, 0x61, 0x6e, 0x73, 0x70, 0x6f, 0x72, 0x74,
+	0x2e, 0x49, 0x6e, 0x74, 0x65, 0x72, 0x6e, 0x65, 0x74, 0x2e, 0x54, 0x63, 0x70, 0x62, 0x06, 0x70,
+	0x72, 0x6f, 0x74, 0x6f, 0x33,
+}
+
+var (
+	file_transport_internet_tcp_config_proto_rawDescOnce sync.Once
+	file_transport_internet_tcp_config_proto_rawDescData = file_transport_internet_tcp_config_proto_rawDesc
+)
+
+func file_transport_internet_tcp_config_proto_rawDescGZIP() []byte {
+	file_transport_internet_tcp_config_proto_rawDescOnce.Do(func() {
+		file_transport_internet_tcp_config_proto_rawDescData = protoimpl.X.CompressGZIP(file_transport_internet_tcp_config_proto_rawDescData)
+	})
+	return file_transport_internet_tcp_config_proto_rawDescData
+}
+
+var file_transport_internet_tcp_config_proto_msgTypes = make([]protoimpl.MessageInfo, 1)
+var file_transport_internet_tcp_config_proto_goTypes = []interface{}{
+	(*Config)(nil),              // 0: xray.transport.internet.tcp.Config
+	(*serial.TypedMessage)(nil), // 1: xray.common.serial.TypedMessage
+}
+var file_transport_internet_tcp_config_proto_depIdxs = []int32{
+	1, // 0: xray.transport.internet.tcp.Config.header_settings:type_name -> xray.common.serial.TypedMessage
+	1, // [1:1] is the sub-list for method output_type
+	1, // [1:1] is the sub-list for method input_type
+	1, // [1:1] is the sub-list for extension type_name
+	1, // [1:1] is the sub-list for extension extendee
+	0, // [0:1] is the sub-list for field type_name
+}
+
+func init() { file_transport_internet_tcp_config_proto_init() }
+func file_transport_internet_tcp_config_proto_init() {
+	if File_transport_internet_tcp_config_proto != nil {
+		return
+	}
+	if !protoimpl.UnsafeEnabled {
+		file_transport_internet_tcp_config_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*Config); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+	}
+	type x struct{}
+	out := protoimpl.TypeBuilder{
+		File: protoimpl.DescBuilder{
+			GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
+			RawDescriptor: file_transport_internet_tcp_config_proto_rawDesc,
+			NumEnums:      0,
+			NumMessages:   1,
+			NumExtensions: 0,
+			NumServices:   0,
+		},
+		GoTypes:           file_transport_internet_tcp_config_proto_goTypes,
+		DependencyIndexes: file_transport_internet_tcp_config_proto_depIdxs,
+		MessageInfos:      file_transport_internet_tcp_config_proto_msgTypes,
+	}.Build()
+	File_transport_internet_tcp_config_proto = out.File
+	file_transport_internet_tcp_config_proto_rawDesc = nil
+	file_transport_internet_tcp_config_proto_goTypes = nil
+	file_transport_internet_tcp_config_proto_depIdxs = nil
+}

transport/internet/tcp/config.proto

@@ -0,0 +1,15 @@
+syntax = "proto3";
+
+package xray.transport.internet.tcp;
+option csharp_namespace = "Xray.Transport.Internet.Tcp";
+option go_package = "github.com/xtls/xray-core/v1/transport/internet/tcp";
+option java_package = "com.xray.transport.internet.tcp";
+option java_multiple_files = true;
+
+import "common/serial/typed_message.proto";
+
+message Config {
+  reserved 1;
+  xray.common.serial.TypedMessage header_settings = 2;
+  bool accept_proxy_protocol = 3;
+}

transport/internet/tcp/dialer.go

@@ -0,0 +1,56 @@
+// +build !confonly
+
+package tcp
+
+import (
+	"context"
+
+	"github.com/xtls/xray-core/v1/common"
+	"github.com/xtls/xray-core/v1/common/net"
+	"github.com/xtls/xray-core/v1/common/session"
+	"github.com/xtls/xray-core/v1/transport/internet"
+	"github.com/xtls/xray-core/v1/transport/internet/tls"
+	"github.com/xtls/xray-core/v1/transport/internet/xtls"
+)
+
+// Dial dials a new TCP connection to the given destination.
+func Dial(ctx context.Context, dest net.Destination, streamSettings *internet.MemoryStreamConfig) (internet.Connection, error) {
+	newError("dialing TCP to ", dest).WriteToLog(session.ExportIDToError(ctx))
+	conn, err := internet.DialSystem(ctx, dest, streamSettings.SocketSettings)
+	if err != nil {
+		return nil, err
+	}
+
+	if config := tls.ConfigFromStreamSettings(streamSettings); config != nil {
+		tlsConfig := config.GetTLSConfig(tls.WithDestination(dest))
+		/*
+			if config.IsExperiment8357() {
+				conn = tls.UClient(conn, tlsConfig)
+			} else {
+				conn = tls.Client(conn, tlsConfig)
+			}
+		*/
+		conn = tls.Client(conn, tlsConfig)
+	} else if config := xtls.ConfigFromStreamSettings(streamSettings); config != nil {
+		xtlsConfig := config.GetXTLSConfig(xtls.WithDestination(dest))
+		conn = xtls.Client(conn, xtlsConfig)
+	}
+
+	tcpSettings := streamSettings.ProtocolSettings.(*Config)
+	if tcpSettings.HeaderSettings != nil {
+		headerConfig, err := tcpSettings.HeaderSettings.GetInstance()
+		if err != nil {
+			return nil, newError("failed to get header settings").Base(err).AtError()
+		}
+		auth, err := internet.CreateConnectionAuthenticator(headerConfig)
+		if err != nil {
+			return nil, newError("failed to create header authenticator").Base(err).AtError()
+		}
+		conn = auth.Client(conn)
+	}
+	return internet.Connection(conn), nil
+}
+
+func init() {
+	common.Must(internet.RegisterTransportDialer(protocolName, Dial))
+}

transport/internet/tcp/errors.generated.go

@@ -0,0 +1,9 @@
+package tcp
+
+import "github.com/xtls/xray-core/v1/common/errors"
+
+type errPathObjHolder struct{}
+
+func newError(values ...interface{}) *errors.Error {
+	return errors.New(values...).WithPathObj(errPathObjHolder{})
+}

transport/internet/tcp/hub.go

@@ -0,0 +1,143 @@
+// +build !confonly
+
+package tcp
+
+import (
+	"context"
+	gotls "crypto/tls"
+	"strings"
+	"time"
+
+	goxtls "github.com/xtls/go"
+
+	"github.com/xtls/xray-core/v1/common"
+	"github.com/xtls/xray-core/v1/common/net"
+	"github.com/xtls/xray-core/v1/common/session"
+	"github.com/xtls/xray-core/v1/transport/internet"
+	"github.com/xtls/xray-core/v1/transport/internet/tls"
+	"github.com/xtls/xray-core/v1/transport/internet/xtls"
+)
+
+// Listener is an internet.Listener that listens for TCP connections.
+type Listener struct {
+	listener   net.Listener
+	tlsConfig  *gotls.Config
+	xtlsConfig *goxtls.Config
+	authConfig internet.ConnectionAuthenticator
+	config     *Config
+	addConn    internet.ConnHandler
+	locker     *internet.FileLocker // for unix domain socket
+}
+
+// ListenTCP creates a new Listener based on configurations.
+func ListenTCP(ctx context.Context, address net.Address, port net.Port, streamSettings *internet.MemoryStreamConfig, handler internet.ConnHandler) (internet.Listener, error) {
+	l := &Listener{
+		addConn: handler,
+	}
+	tcpSettings := streamSettings.ProtocolSettings.(*Config)
+	l.config = tcpSettings
+	if l.config != nil {
+		if streamSettings.SocketSettings == nil {
+			streamSettings.SocketSettings = &internet.SocketConfig{}
+		}
+		streamSettings.SocketSettings.AcceptProxyProtocol = l.config.AcceptProxyProtocol
+	}
+	var listener net.Listener
+	var err error
+	if port == net.Port(0) { //unix
+		listener, err = internet.ListenSystem(ctx, &net.UnixAddr{
+			Name: address.Domain(),
+			Net:  "unix",
+		}, streamSettings.SocketSettings)
+		if err != nil {
+			return nil, newError("failed to listen Unix Doman Socket on ", address).Base(err)
+		}
+		newError("listening Unix Domain Socket on ", address).WriteToLog(session.ExportIDToError(ctx))
+		locker := ctx.Value(address.Domain())
+		if locker != nil {
+			l.locker = locker.(*internet.FileLocker)
+		}
+	} else {
+		listener, err = internet.ListenSystem(ctx, &net.TCPAddr{
+			IP:   address.IP(),
+			Port: int(port),
+		}, streamSettings.SocketSettings)
+		if err != nil {
+			return nil, newError("failed to listen TCP on ", address, ":", port).Base(err)
+		}
+		newError("listening TCP on ", address, ":", port).WriteToLog(session.ExportIDToError(ctx))
+	}
+
+	if streamSettings.SocketSettings != nil && streamSettings.SocketSettings.AcceptProxyProtocol {
+		newError("accepting PROXY protocol").AtWarning().WriteToLog(session.ExportIDToError(ctx))
+	}
+
+	l.listener = listener
+
+	if config := tls.ConfigFromStreamSettings(streamSettings); config != nil {
+		l.tlsConfig = config.GetTLSConfig(tls.WithNextProto("h2"))
+	}
+	if config := xtls.ConfigFromStreamSettings(streamSettings); config != nil {
+		l.xtlsConfig = config.GetXTLSConfig(xtls.WithNextProto("h2"))
+	}
+
+	if tcpSettings.HeaderSettings != nil {
+		headerConfig, err := tcpSettings.HeaderSettings.GetInstance()
+		if err != nil {
+			return nil, newError("invalid header settings").Base(err).AtError()
+		}
+		auth, err := internet.CreateConnectionAuthenticator(headerConfig)
+		if err != nil {
+			return nil, newError("invalid header settings.").Base(err).AtError()
+		}
+		l.authConfig = auth
+	}
+
+	go l.keepAccepting()
+	return l, nil
+}
+
+func (v *Listener) keepAccepting() {
+	for {
+		conn, err := v.listener.Accept()
+		if err != nil {
+			errStr := err.Error()
+			if strings.Contains(errStr, "closed") {
+				break
+			}
+			newError("failed to accepted raw connections").Base(err).AtWarning().WriteToLog()
+			if strings.Contains(errStr, "too many") {
+				time.Sleep(time.Millisecond * 500)
+			}
+			continue
+		}
+
+		if v.tlsConfig != nil {
+			conn = tls.Server(conn, v.tlsConfig)
+		} else if v.xtlsConfig != nil {
+			conn = xtls.Server(conn, v.xtlsConfig)
+		}
+		if v.authConfig != nil {
+			conn = v.authConfig.Server(conn)
+		}
+
+		v.addConn(internet.Connection(conn))
+	}
+}
+
+// Addr implements internet.Listener.Addr.
+func (v *Listener) Addr() net.Addr {
+	return v.listener.Addr()
+}
+
+// Close implements internet.Listener.Close.
+func (v *Listener) Close() error {
+	if v.locker != nil {
+		v.locker.Release()
+	}
+	return v.listener.Close()
+}
+
+func init() {
+	common.Must(internet.RegisterTransportListener(protocolName, ListenTCP))
+}

transport/internet/tcp/sockopt_freebsd.go

@@ -0,0 +1,24 @@
+// +build freebsd
+// +build !confonly
+
+package tcp
+
+import (
+	"github.com/xtls/xray-core/v1/common/net"
+	"github.com/xtls/xray-core/v1/transport/internet"
+)
+
+// GetOriginalDestination from tcp conn
+func GetOriginalDestination(conn internet.Connection) (net.Destination, error) {
+	la := conn.LocalAddr()
+	ra := conn.RemoteAddr()
+	ip, port, err := internet.OriginalDst(la, ra)
+	if err != nil {
+		return net.Destination{}, newError("failed to get destination").Base(err)
+	}
+	dest := net.TCPDestination(net.IPAddress(ip), net.Port(port))
+	if !dest.IsValid() {
+		return net.Destination{}, newError("failed to parse destination.")
+	}
+	return dest, nil
+}

transport/internet/tcp/sockopt_linux.go

@@ -0,0 +1,42 @@
+// +build linux
+// +build !confonly
+
+package tcp
+
+import (
+	"syscall"
+
+	"github.com/xtls/xray-core/v1/common/net"
+	"github.com/xtls/xray-core/v1/transport/internet"
+)
+
+const SO_ORIGINAL_DST = 80
+
+func GetOriginalDestination(conn internet.Connection) (net.Destination, error) {
+	sysrawconn, f := conn.(syscall.Conn)
+	if !f {
+		return net.Destination{}, newError("unable to get syscall.Conn")
+	}
+	rawConn, err := sysrawconn.SyscallConn()
+	if err != nil {
+		return net.Destination{}, newError("failed to get sys fd").Base(err)
+	}
+	var dest net.Destination
+	err = rawConn.Control(func(fd uintptr) {
+		addr, err := syscall.GetsockoptIPv6Mreq(int(fd), syscall.IPPROTO_IP, SO_ORIGINAL_DST)
+		if err != nil {
+			newError("failed to call getsockopt").Base(err).WriteToLog()
+			return
+		}
+		ip := net.IPAddress(addr.Multiaddr[4:8])
+		port := uint16(addr.Multiaddr[2])<<8 + uint16(addr.Multiaddr[3])
+		dest = net.TCPDestination(ip, net.Port(port))
+	})
+	if err != nil {
+		return net.Destination{}, newError("failed to control connection").Base(err)
+	}
+	if !dest.IsValid() {
+		return net.Destination{}, newError("failed to call getsockopt")
+	}
+	return dest, nil
+}

transport/internet/tcp/sockopt_linux_test.go

@@ -0,0 +1,32 @@
+// +build linux
+
+package tcp_test
+
+import (
+	"context"
+	"strings"
+	"testing"
+
+	"github.com/xtls/xray-core/v1/common"
+	"github.com/xtls/xray-core/v1/testing/servers/tcp"
+	"github.com/xtls/xray-core/v1/transport/internet"
+	. "github.com/xtls/xray-core/v1/transport/internet/tcp"
+)
+
+func TestGetOriginalDestination(t *testing.T) {
+	tcpServer := tcp.Server{}
+	dest, err := tcpServer.Start()
+	common.Must(err)
+	defer tcpServer.Close()
+
+	config, err := internet.ToMemoryStreamConfig(nil)
+	common.Must(err)
+	conn, err := Dial(context.Background(), dest, config)
+	common.Must(err)
+	defer conn.Close()
+
+	originalDest, err := GetOriginalDestination(conn)
+	if !(dest == originalDest || strings.Contains(err.Error(), "failed to call getsockopt")) {
+		t.Error("unexpected state")
+	}
+}

transport/internet/tcp/sockopt_other.go

@@ -0,0 +1,13 @@
+// +build !linux,!freebsd
+// +build !confonly
+
+package tcp
+
+import (
+	"github.com/xtls/xray-core/v1/common/net"
+	"github.com/xtls/xray-core/v1/transport/internet"
+)
+
+func GetOriginalDestination(conn internet.Connection) (net.Destination, error) {
+	return net.Destination{}, nil
+}

transport/internet/tcp/tcp.go

@@ -0,0 +1,3 @@
+package tcp
+
+//go:generate go run github.com/xtls/xray-core/v1/common/errors/errorgen