Xray-core

mirror of https://github.com/XTLS/Xray-core.git synced 2024-06-30 19:13:41 +00:00

Author	SHA1	Message	Date
xqzr	c8b4580869	add `V6Only` (#1677 ) * add `V6Only` * add `V6Only`	2023-02-24 11:54:40 -05:00
Yue Yin	03b8c094de	Support SPKI Fingerprint Pinning Support SPKI Fingerprint Pinning for TLSObject	2023-02-24 11:47:00 -05:00
RPRX	9d3de59d3f	Check "serverNames" and "shortIds" (client side) Prevents https://github.com/XTLS/Xray-core/issues/1675	2023-02-21 13:43:13 +00:00
RPRX	c7358a32f5	Allow empty "spiderX" (client side)	2023-02-17 21:07:27 +08:00
RPRX	e1cd1fd33e	Allow empty "shortId" (client side)	2023-02-17 12:39:18 +00:00
RPRX	4d2e2b24d3	THE NEXT FUTURE becomes THE REALITY NOW Thank @yuhan6665 for testing	2023-02-15 16:07:12 +00:00
RPRX	fa7300e910	Add warning on using old version of XTLS And checks param `fingerprint` also	2023-02-03 23:29:46 +08:00
RPRX	dc72cf2c78	Refine fingerprints Fixes https://github.com/XTLS/Xray-core/issues/1577	2023-02-01 12:58:17 +00:00
aeeq	620eb63c1b	Add sockopt interface setting for binding outbound to a particular device like "eth0" (#1494 ) * Update sockopt_linux.go add Interface Name * Update config.pb.go add Interface Name * Update transport_internet.go add Interface Name * Update config.pb.go * update config.proto add interface * Update config.pb.go	2023-01-09 09:45:30 -05:00
RPRX	ff5ce767df	Revert "add file soft link path resolve support (#1482 )" (#1495 ) This reverts commit `eaf401eda9`.	2023-01-07 15:11:23 +00:00
Nanyu	eaf401eda9	add file soft link path resolve support (#1482 ) * add file soft link path resolve * add configuration file soft link path resolve support	2023-01-03 10:52:11 -05:00
yuhan6665	c4fbdf1b78	Run core/format.go	2022-12-25 19:47:53 -05:00
PMExtra	c9b6fc0104	Add custom header support for HTTP proxy	2022-12-18 21:48:23 -05:00
yuhan6665	2e30093ffd	Enforce specific none flow for xtls vision In the past, when user open xtls vision on the server side, plain vless+tls can connect. Pure tls is known to have certain tls in tls characters. Now server need to specify "xtls-rprx-vision,none" for it be able usable on the same port.	2022-12-04 23:15:36 -05:00
nanoda0523	e18b52a5df	Implement WireGuard protocol as outbound (client) (#1344 ) * implement WireGuard protocol for Outbound * upload license * fix build for openbsd & dragonfly os * updated wireguard-go * fix up * switch to another wireguard fork * fix * switch to upstream * open connection through internet.Dialer (#1) * use internet.Dialer * maybe better code * fix * real fix Co-authored-by: nanoda0523 <nanoda0523@users.noreply.github.com> * fix bugs & add ability to recover during connection reset on UDP over TCP parent protocols * improve performance improve performance * dns lookup endpoint && remove unused code * interface address fallback * better code && add config test case Co-authored-by: nanoda0523 <nanoda0523@users.noreply.github.com>	2022-11-21 20:05:54 -05:00
yuhan6665	5e695327b1	Add XTLS RPRX's Vision (#1235 ) * Add XTLS RPRX's Vision * Add helpful warning when security is wrong * Add XTLS padding (draft) * Fix number of packet to filter * Xtls padding version 1.0 and unpadding logic	2022-10-29 00:51:59 -04:00
xqzr	8cf23f1947	add `tcpcongestion` (#1234 ) * add `tcpcongestion` * Update sockopt_linux.go * Update config.pb.go * Update transport_internet.go * Update config.pb.go * Update transport_internet.go * Update config.proto	2022-10-10 13:13:50 -04:00
yuhan6665	debd2e3ba8	Remove compatibility code The minimum support go version is already 1.18	2022-09-16 20:39:07 -04:00
Mocking	4140bcd11a	Enhancement of "redirect" function, adding support for MacOS Added the function of "MacOS" FreeBSD firewall traffic forwarding and resolving destination address example: "inbounds": [ { "listen": "127.0.0.1", "port": 1122, "protocol": "dokodemo-door", "tag": "dokodemo", "settings": { "network": "tcp", "followRedirect": true, "userLevel": 0 }, "streamSettings": { "sockopt": { "tproxy": "Redirect" } } } ] 还原#1189 提交	2022-08-22 10:33:58 -04:00
S-Mocking	59602db02d	Add "tproxy" option (#1189 ) * Add "tproxy" option Added the function of "MacOS" FreeBSD firewall traffic forwarding and resolving destination address example: "inbounds": [ { "listen": "127.0.0.1", "port": 1122, "protocol": "dokodemo-door", "tag": "dokodemo", "settings": { "network": "tcp", "followRedirect": true, "userLevel": 0 }, "streamSettings": { "sockopt": { "tproxy": "pf" } } } ] * Add "tproxy" option Added the function of "MacOS" FreeBSD firewall traffic forwarding and resolving destination address example: "inbounds": [ { "listen": "127.0.0.1", "port": 1122, "protocol": "dokodemo-door", "tag": "dokodemo", "settings": { "network": "tcp", "followRedirect": true, "userLevel": 0 }, "streamSettings": { "sockopt": { "tproxy": "pf" } } } ] * Add "tproxy" option Added the function of "MacOS" FreeBSD firewall traffic forwarding and resolving destination address example: "inbounds": [ { "listen": "127.0.0.1", "port": 1122, "protocol": "dokodemo-door", "tag": "dokodemo", "settings": { "network": "tcp", "followRedirect": true, "userLevel": 0 }, "streamSettings": { "sockopt": { "tproxy": "pf" } } } ] Co-authored-by: Mocking <fanhaiwang0817@gmail.com>	2022-08-20 09:02:18 -04:00
yuhan6665	b67314796f	Add shadowsocks 2022 relay config	2022-08-09 10:37:21 -04:00
yuhan6665	340234166b	Add TCPKeepAliveIdle in Sockopt option (#1166 ) * Add TCP keep alive idle setting * Add TCP keep alive idle setting: auto generated * Add TCP keep alive support in Linux * Add TCP keep alive support in MacOS, FreeBSD * Add TCP keep alive support in Windows * fix bug introduced in adding tcp keep alive adjustment * embed macOS const to avoid platform inconsistency * embed macOS const to avoid platform inconsistency(again) * add TCP Keep Alive support in config * use sys/unix instead of syscall Suggestion from: https://github.com/v2fly/v2ray-core/pull/1395#issuecomment-974761647 * use sys/unix instead of syscall Suggestion from: https://github.com/v2fly/v2ray-core/pull/1395#issuecomment-974761647 * Separate TcpKeepAliveIdle and TcpKeepAliveInterval check logic * Disable tcp keepAlive when TcpKeepAliveIdle < 0 and TcpKeepAliveInterval <= 0 Co-authored-by: xqzr <34030394+xqzr@users.noreply.github.com> Co-authored-by: ValdikSS <iam@valdikss.org.ru> Co-authored-by: Shelikhoo <xiaokangwang@outlook.com> Co-authored-by: xqzr <34030394+xqzr@users.noreply.github.com>	2022-07-31 09:55:40 -04:00
yuhan6665	9480bc0379	Fix ss2022 user stat for single user	2022-07-02 11:27:26 -04:00
世界	c3505632fd	Add udp over tcp support for shadowsocks-2022	2022-06-01 11:49:02 +08:00
世界	f1d753f069	Fix build in legacy golang version	2022-05-31 15:55:38 +08:00
世界	79f3057687	Migrate shadowsocks-2022 to protocol library	2022-05-26 07:35:17 +08:00
世界	cf7e675c45	Add shadowsocks 2022 multi-user inbound	2022-05-24 07:37:14 +08:00
世界	b6391cbbe1	Fix shadowsocks config	2022-05-24 07:01:47 +08:00
世界	3b77e26fa7	Merge shadowsocks 2022 config	2022-05-23 22:18:33 +08:00
世界	087f0d1240	Add shadowsocks-2022 inbound/outbound (#1061 )	2022-05-22 23:55:48 -04:00
yuhan6665	3f64f3206c	Quic sniffer (#1074 ) * Add quic sniffer * Fix quic sniffer * Add uTP sniffer * rename buf pool membership status to unmanaged * rename buf type adaptor into FromBytes Co-authored-by: 世界 <i@sekai.icu> Co-authored-by: Shelikhoo <xiaokangwang@outlook.com>	2022-05-22 23:48:10 -04:00
世界	f046feb9ca	Reformat code	2022-05-18 15:29:01 +08:00
yichya QC	2f86c7c795	fix: read port from environment variable	2022-04-26 10:27:42 -04:00
yuhan6665	b413066012	Fakedns fix xUDP destination override (#1011 ) * Fix UDP destination override * Fix code style * Fix fakedns object init Do type convertion at runtime in case if user don't use fakedns in config. Since dispatcher now depend on fakedns object, move the injection order of fakedns to top (As a temporary solution) * Amend logic for handing fakedns client A map is used by server side when client turn on fakedns Client will send domain address in the buffer.UDP.Address, server record all possible target IP addrs. When target replies, server will restore the domain and send back to client. Co-authored-by: hmol233 <82594500+hmol233@users.noreply.github.com>	2022-04-23 19:24:46 -04:00
yichya	35eb165f63	feat: metrics including pprof, expvars	2022-03-29 00:01:14 -04:00
hmol233	63da3a5481	grpc: add initial_windows_size option	2021-12-19 21:14:14 -05:00
xqzr	c8e2a99e68	fix unsupported cipher method: xChaCha20-IETF-Poly1305	2021-12-16 18:57:06 -05:00
yuhan6665	e93da4bd02	Fix some tests and format code (#830 ) * Increase some tls test timeout * Fix TestUserValidator * Change all tests to VMessAEAD Old VMess MD5 tests will be rejected and fail in 2022 * Chore: auto format code	2021-12-14 19:28:47 -05:00
lucifer9	d6ae4e9ba2	Make it easier to configure multiple listening ports	2021-11-17 23:13:15 -05:00
Zhu Sheng Li	28b17b529d	Add concurrency option for outbound observation Add `enableConcurrency` option, false by default. If it's set as `true`, start probing outbounds concurrently in every circle of observation. Wait `probeInterval` between observation circles.	2021-10-26 13:09:03 +08:00
yuhan6665	abb8ba8b0e	Observatory related fixes (#788 ) * fix:observatory not supported by multi-json * Fix: observatory starts with empty config & fails to close (#957) * Update strategy_leastping.go (#1019) * add custom probe URL support for observatory * add custom probe interval for observer * apply coding style * Fix: observatory log & JSON config(#1211) Co-authored-by: ihotte <ihotte@yeah.net> * Change default probe url from api.v2fly.org to www.google.com * Cherry-pick missing code from branch 'dev-advloadblancer-2' Co-authored-by: Shelikhoo <xiaokangwang@outlook.com> Co-authored-by: Loyalsoldier <10487845+Loyalsoldier@users.noreply.github.com> Co-authored-by: fanyiguan <52657276+fanyiguang@users.noreply.github.com> Co-authored-by: ihotte <3087168217@qq.com> Co-authored-by: ihotte <ihotte@yeah.net>	2021-10-26 13:00:31 +08:00
Shelikhoo	ff35118af5	VMess AEAD based packet length (cherry picked from commit 08221600082a79376bdc262f2ffec1a3129ae98d)	2021-10-22 18:34:57 +08:00
世界	707efd6d12	Add loopback outound	2021-10-22 17:58:37 +08:00
世界	5c366db847	Add observatory / latestPing balancing strategy Co-authored-by: Shelikhoo <xiaokangwang@outlook.com>	2021-10-22 17:16:20 +08:00
世界	77d0419aca	Add socks4/4a support	2021-10-22 13:27:31 +08:00
maskedeken	238bd5d050	Add xchacha20-ietf-poly1305 for Shadowsocks	2021-10-22 13:24:29 +08:00
Loyalsoldier	3fe61ed4a2	Feat: add reverse match for GeoIP (cherry picked from commit 3a50affa0a7316a9ad249f1b2b2996cb88948551)	2021-10-22 13:06:57 +08:00
yuhan6665	acb81ebe3d	Verify peer cert function for better man in the middle prevention (#746 ) * verify peer cert function for better man in the middle prevention * publish cert chain hash generation algorithm * added calculation of certificate hash as separate command and tlsping, use base64 to represent fingerprint to align with jsonPb * apply coding style * added test case for pinned certificates * refactored cert pin * pinned cert test * added json loading of the PinnedPeerCertificateChainSha256 * removed tool to prepare for v5 * Add server cert pinning for Xtls Change command "xray tls certChainHash" to xray style Co-authored-by: Shelikhoo <xiaokangwang@outlook.com>	2021-10-22 12:38:40 +08:00
yuhan6665	45dc97e2b6	Use shadowsocket's bloomring for shadowsocket's replay protection (#764 ) * use shadowsocket's bloomring for shadowsocket's replay protection * added shadowsockets iv check for tcp socket * Rename to shadowsockets iv check * shadowsocks iv check config file * iv check should proceed after decryption * use shadowsocket's bloomring for shadowsocket's replay protection * Chore: format code (#842) Co-authored-by: Shelikhoo <xiaokangwang@outlook.com> Co-authored-by: Loyalsoldier <10487845+Loyalsoldier@users.noreply.github.com>	2021-10-22 12:38:40 +08:00
yuhan6665	3bf3d96472	Fix: JSON tag case (#1212 ) (#778 ) JSON unmarshal is case insensitive in Golang Co-authored-by: Loyalsoldier <10487845+Loyalsoldier@users.noreply.github.com>	2021-10-22 12:38:40 +08:00
世界	a3023e43ef	Add routeOnly sniffing option	2021-10-22 11:57:23 +08:00
yuhan6665	6b6974c804	Fakedns improvements (#731 ) Co-authored-by: Shelikhoo <xiaokangwang@outlook.com> Co-authored-by: sixg0000d <sixg0000d@gmail.com> Co-authored-by: Loyalsoldier <10487845+Loyalsoldier@users.noreply.github.com>	2021-10-20 13:15:49 +08:00
yuhan6665	e286cdcaa8	Style: format code by gofumpt (#761 )	2021-10-20 00:57:14 +08:00
世界	cd4631ce99	Merge dns (#722 ) * DNS: add clientip for specific nameserver * Refactoring: DNS App * DNS: add DNS over QUIC support * Feat: add disableCache option for DNS * Feat: add queryStrategy option for DNS * Feat: add disableFallback & skipFallback option for DNS * Feat: DNS hosts support multiple addresses * Feat: DNS transport over TCP * DNS: fix typo & refine code * DNS: refine code * Add disableFallbackIfMatch dns option * Feat: routing and freedom outbound ignore Fake DNS Turn off fake DNS for request sent from Routing and Freedom outbound. Fake DNS now only apply to DNS outbound. This is important for Android, where VPN service take over all system DNS traffic and pass it to core. "UseIp" option can be used in Freedom outbound to avoid getting fake IP and fail connection. * Fix test * Fix dns return * Fix local dns return empty * Apply timeout to dns outbound * Update app/dns/config.go Co-authored-by: Loyalsoldier <10487845+loyalsoldier@users.noreply.github.com> Co-authored-by: Ye Zhihao <vigilans@foxmail.com> Co-authored-by: maskedeken <52683904+maskedeken@users.noreply.github.com> Co-authored-by: V2Fly Team <51714622+vcptr@users.noreply.github.com> Co-authored-by: CalmLong <37164399+calmlong@users.noreply.github.com> Co-authored-by: Shelikhoo <xiaokangwang@outlook.com> Co-authored-by: 秋のかえで <autmaple@protonmail.com> Co-authored-by: 朱聖黎 <digglife@gmail.com> Co-authored-by: rurirei <72071920+rurirei@users.noreply.github.com> Co-authored-by: yuhan6665 <1588741+yuhan6665@users.noreply.github.com> Co-authored-by: Arthur Morgan <4637240+badO1a5A90@users.noreply.github.com>	2021-10-16 21:02:51 +08:00
yuhan6665	e6711d1b48	Add header and method support to http2 transport (#755 ) Co-authored-by: Shelikhoo <xiaokangwang@outlook.com>	2021-10-12 15:58:12 +00:00
yuhan6665	4bb61701b5	Add tcpKeepAliveInterval in transport sockopt (#754 ) Co-authored-by: Ahmad Karimi <ak12hastam@gmail.com> Co-authored-by: Shelikhoo <xiaokangwang@outlook.com>	2021-10-12 15:39:08 +00:00
KallyDev	4abf98c1be	Move from deprecated ioutil to os and io packages (#744 )	2021-09-29 02:49:34 +08:00
hmol233	7033f7cf5f	Fix: protobuf file (#724 )	2021-09-20 22:41:09 +08:00
Arthur Morgan	ffc2f7c4e2	Style: format code	2021-09-20 21:00:55 +08:00
yuhan6665	00bcd40c34	remove deprecate ciphers in shadowsocks (#710 ) * remove deprecate ciphers in shadowsocks Co-authored-by: Kslr <kslrwang@gmail.com>	2021-09-17 04:13:07 +08:00
yuhan6665	1adfc2720a	Allow bulk definition of domain matcher at parent level (#713 ) Co-authored-by: Shelikhoo <xiaokangwang@outlook.com>	2021-09-17 04:07:35 +08:00
Arthur Morgan	d9d239750b	Merge pull request #633 from XTLS/feature/h2-health-check Add health check for h2 & gRPC	2021-09-08 00:52:10 +08:00
hmol233	31c7141fef	gRPC: add keepalive option `PermitWithoutStream`	2021-07-05 21:25:21 +08:00
hmol233	d9d04a230f	Add h2 & gRPC health check	2021-07-03 16:01:59 +08:00
hmol233	53b99efe78	Add: reject unknown SNI Co-Authored-By: 玖柒Max <60207794+jiuqi9997@users.noreply.github.com>	2021-05-09 23:47:21 +08:00
秋のかえで	7b7084f825	Refactor: A faster DomainMatcher implementation (#348 ) Co-authored-by: DarthVader <61409963+darsvador@users.noreply.github.com>	2021-04-18 13:21:17 +08:00
risetechlab	b63049f404	Fix: TFO AsIs bug (#452 )	2021-03-30 16:42:02 +00:00
RPRX	a9e11075d1	Add uTLS fingerprints support (#451 )	2021-03-29 10:08:29 +00:00
Jim Han	3fe85449a9	Use 198.18.0.0/16 as default Fake IP Pool (#377 )	2021-03-14 15:58:27 +00:00
RPRX	a0a32ee00d	Add gRPC Transport support (#356 ) Co-authored-by: JimhHan <50871214+JimhHan@users.noreply.github.com>	2021-03-14 15:02:07 +00:00
RPRX	60b06877bf	Add WebSocket 0-RTT support (#375 )	2021-03-14 07:10:10 +00:00
Raymond Luo	fcc9d97074	Do not cause error when `json:"fallback"` is `null` (#361 ) Co-authored-by: RPRX <63339210+rprx@users.noreply.github.com>	2021-03-10 16:17:27 +00:00
yuhan6665	f50eff5ebb	Add Fake DNS support (#309 ) Co-authored-by: Xiaokang Wang <xiaokangwang@outlook.com> Co-authored-by: loyalsoldier <10487845+Loyalsoldier@users.noreply.github.com> Co-authored-by: kslr <kslrwang@gmail.com>	2021-03-07 04:39:50 +00:00
Jim Han	db32ce6fd9	Enhance DNS and Dialer (#341 )	2021-03-06 16:29:17 +00:00
risetechlab	ad1807dd99	Enhance TCP Fast Open (#310 )	2021-03-06 14:45:12 +00:00
秋のかえで	1dae2c5636	feat: vmess zero encryption (#333 )	2021-03-05 08:41:18 +00:00
RPRX	8b9c0ae593	Enable (X)TLS hot reloading by default (#281 ) Super BiuBiu	2021-02-20 02:15:57 +00:00
eMeab	81d993158f	Support hot reloading of certificate and key files (#225 )	2021-02-12 15:33:19 +00:00
Monsoon	1b87264c53	Support loading config from different formats (#228 )	2021-02-12 14:12:58 +00:00
Jim Han	4cd343f2d5	Fix tests (#201 ) Co-authored-by: RPRX <63339210+rprx@users.noreply.github.com>	2021-01-30 13:01:20 +00:00
Arthur Morgan	ba41513967	Changes from v2fly-core (#173 )	2021-01-22 03:35:56 +00:00
秋のかえで	0b4858d016	Feature: Exclude some domains in sniffing destOverride (#151 ) Co-authored-by: RPRX <63339210+rprx@users.noreply.github.com>	2021-01-21 20:50:09 +00:00
RPRX	33755d6e90	Refactor: Shadowsocks AEAD Single-port Multi-user (Needs Optimizations) https://t.me/projectXray/170851	2021-01-18 22:52:35 +00:00
RPRX	99863aa2ac	Add SNI shunt support for Trojan fallbacks	2021-01-18 07:41:00 +00:00
eMeab	d85162ea44	Add SNI shunt support for VLESS (#141 )	2021-01-13 15:13:51 +00:00
RPRX	157918859f	Add pre-checking conversion for VLESS & VMess UUID https://github.com/XTLS/Xray-core/issues/158	2021-01-12 11:31:02 +00:00
秋のかえで	38ec9208d8	Change TOML package to github.com/pelletier/go-toml (#119 )	2021-01-01 11:37:38 +00:00
RPRX	7df135a5c4	Disable session resumption by default https://github.com/v2fly/v2ray-core/issues/557#issuecomment-751962569	2021-01-01 11:33:09 +00:00
RPRX	a78db47571	Adjust OCSP Stapling	2020-12-25 15:10:12 +00:00
RPRX	ffd8fd1d8a	Adjust JSON & TOML & YAML	2020-12-25 18:53:17 +08:00
eMeab	3d7e86efba	Add OCSP Stapling for TLS & XTLS (#92 )	2020-12-25 08:01:20 +00:00
Arthur Morgan	6f25191822	Changes from v2ray-core (#93 )	2020-12-24 19:45:35 +00:00
Monsoon	85619b5a29	Add YAML Support (#86 )	2020-12-24 19:30:26 +00:00
秋のかえで	f073456ac0	Add TOML Support (#98 )	2020-12-24 19:11:32 +00:00
RPRX	38faac5ffc	Adjust config loader of TLS & XTLS	2020-12-16 15:59:04 +00:00
eMeab	88dfed931b	Add cipherSuites setting for TLS & XTLS (#78 )	2020-12-16 12:53:55 +00:00
eMeab	dab978749c	Add minVersion setting for TLS & XTLS (#77 )	2020-12-16 05:20:24 +00:00
RPRX	45f44c401a	Refactor: Optimize Memory Usage At Startup https://github.com/XTLS/Xray-core/issues/68#issuecomment-745231528	2020-12-15 20:27:18 +08:00
RPRX	2e942e0303	Fix Trojan XTLS	2020-12-14 17:05:15 +08:00
RPRX	98da186471	Allow Splice on Android	2020-12-04 03:25:25 +00:00

1 2 3 4

152 Commits