Commit Graph

196 Commits

Author SHA1 Message Date
风扇滑翔翼
9ee9a0634e
Add UDPFilter to Socks5 server when auth == password (#3371)
Co-authored-by: RPRX <63339210+RPRX@users.noreply.github.com>
2024-05-22 03:02:45 +00:00
yuhan6665
121eb7b4fc Splice update timer to 8 hours for inbound timer 2024-05-19 23:56:42 -04:00
yuhan6665
3168d27b0b Splice update timer to 8 hours 2024-05-18 11:57:11 -04:00
yuhan6665
1d450cfbd2 Fix nil in inbound handler 2024-05-14 21:42:40 -04:00
yuhan6665
017f53b5fc
Add session context outbounds as slice (#3356)
* Add session context outbounds as slice

slice is needed for dialer proxy where two outbounds work on top of each other
There are two sets of target addr for example
It also enable Xtls to correctly do splice copy by checking both outbounds are ready to do direct copy

* Fill outbound tag info

* Splice now checks capalibility from all outbounds

* Fix unit tests
2024-05-13 21:52:24 -04:00
yuhan6665
548646fb06 Fix an edge case with tls hello fragment 2024-04-04 02:50:34 -04:00
yuhan6665
657c5c8570 Update HTTPUpgrade spelling and proto 2024-03-20 13:08:43 -04:00
yuhan6665
9b5c3f417e Fix user download stats with splice 2024-03-09 23:40:42 -05:00
A1lo
a994bf8b04
chore: fix some errors detected by staticcheck (#3089)
* chore: fix some errors detected by staticcheck

* feat: remove `rand.Seed()` usage for possibly using "fastrand64" runtime to avoid locking

ref: https://pkg.go.dev/math/rand#Seed
2024-03-03 10:52:22 -05:00
yuhan6665
a0f1e1f377 FakeDNS return TTL=1 and drop HTTPS QType 65 request
Co-authored-by: qwerr0
2024-02-21 11:09:51 -05:00
deorth-kku
cae94570df Fixing tcp connestions leak
- always use HandshakeContext instead of Handshake

- pickup dailer dropped ctx

- rename HandshakeContextAddress to HandshakeAddressContext
2024-02-19 09:32:40 -05:00
yuhan6665
fa5d7a255b
Least load balancer (#2999)
* v5: Health Check & LeastLoad Strategy (rebased from 2c5a71490368500a982018a74a6d519c7e121816)

Some changes will be necessary to integrate it into V2Ray

* Update proto

* parse duration conf with time.Parse()

* moving health ping to observatory as a standalone component

* moving health ping to observatory as a standalone component: auto generated file

* add initialization for health ping

* incorporate changes in router implementation

* support principle target output

* add v4 json support for BurstObservatory & fix balancer reference

* update API command

* remove cancelled API

* return zero length value when observer is not found

* remove duplicated targeted dispatch

* adjust test with updated structure

* bug fix for observer

* fix strategy selector

* fix strategy least load

* Fix ticker usage

ticker.Close does not close ticker.C

* feat: Replace default Health Ping URL to HTTPS (#1991)

* fix selectLeastLoad() returns wrong number of nodes (#2083)

* Test: fix leastload strategy unit test

* fix(router): panic caused by concurrent map read and write (#2678)

* Clean up code

---------

Co-authored-by: Jebbs <qjebbs@gmail.com>
Co-authored-by: Shelikhoo <xiaokangwang@outlook.com>
Co-authored-by: 世界 <i@sekai.icu>
Co-authored-by: Bernd Eichelberger <46166740+4-FLOSS-Free-Libre-Open-Source-Software@users.noreply.github.com>
Co-authored-by: 秋のかえで <autmaple@protonmail.com>
Co-authored-by: Rinka <kujourinka@gmail.com>
2024-02-17 22:51:37 -05:00
yuhan6665
a15334b395 Go back to first fix (revet d21e9b0abd)
Xtls is magic, don't play with it ;)

A knowledged guess is the timing to switch to splice is very sensitive. Now both Xtls and Freedom outound do the switching when pipe just finished one buffer
2024-02-17 11:16:37 -05:00
yuhan6665
09656bd5d1 Add back sleep for freedom splice 2024-02-15 21:18:56 -05:00
lunafe
b091076bae fix #2970 parsing IPv6 address in wireguard peers configure 2024-02-12 10:45:12 -05:00
Iain Lau
3a99520370 Add PROXY Protocol support for freedom outbound 2024-02-05 10:08:51 -05:00
RPRX
ad3d347cfc
XTLS Vision: Apply padding to single XUDP by default at client side
Requires Xray-core v1.8.1+ at server side: 242f3b0e0b
2024-02-02 20:32:46 +00:00
yuhan6665
d21e9b0abd Try a better fix for rare ssl error with freedom splice
It seems the root cause is if the flag set at the inbound pipe reader, it is a race condition and freedom outbound can possibly do splice at the same time with inbound xtls writer.
Now we set the flag at the earliest and always do splice at the next buffer cycle.
2024-01-26 04:42:45 -05:00
yuhan6665
3167a70ff8 Try to fix rare ssl error with freedom splice 2024-01-26 02:29:26 -05:00
yuhan6665
d60281d0a5 Add DestIpAddress() in Dialer interface
Android client prepares an IP before proxy connection is established. It is useful when connecting to wireguard (or quic) outbound with domain address. E.g. engage.cloudflareclient.com:2408
2023-12-18 18:36:56 -05:00
H1JK
c01a30e8f4 Cleanup sing buffer usage 2023-12-17 17:37:08 -05:00
wyx2685
31a8fae764 Fix deprecated StackNew() function 2023-12-12 11:28:26 -05:00
yuhan6665
6f092bd212
Add "masterKeyLog" in TLS config (#2758)
* Add "enableMasterKeyLog" in TLS config

Turn on the debug option for Wireshark to decrypt traffic

* Change to "masterKeyLog" to configure a path
2023-11-27 10:08:34 -05:00
yuhan6665
2570855cd7 Update v1.8.6 2023-11-17 20:11:40 -05:00
hax0r31337
0ac7da2fc8
WireGuard Inbound (User-space WireGuard server) (#2477)
* feat: wireguard inbound

* feat(command): generate wireguard compatible keypair

* feat(wireguard): connection idle timeout

* fix(wireguard): close endpoint after connection closed

* fix(wireguard): resolve conflicts

* feat(wireguard): set cubic as default cc algorithm in gVisor TUN

* chore(wireguard): resolve conflict

* chore(wireguard): remove redurant code

* chore(wireguard): remove redurant code

* feat: rework server for gvisor tun

* feat: keep user-space tun as an option

* fix: exclude android from native tun build

* feat: auto kernel tun

* fix: build

* fix: regulate function name & fix test
2023-11-17 22:27:17 -05:00
yuhan6665
d9fd3f8eb1
Freedom xdomain strategy (#2719)
* 统一 `domainStrategy` 行为.

* aliases NG.

* 化简.

* 调整.

* Let it crash.

* Update proto

---------

Co-authored-by: rui0572 <125641819+rui0572@users.noreply.github.com>
2023-11-12 16:27:39 -05:00
yuhan6665
a109389efb
Wireguard resolve strategy (#2717)
* 增加 wireguard 出站选项 `resolveStrategy`.

* They become a part of you.

* 移除不必要的选项别名.

* aliases NG.

* 微调.

---------

Co-authored-by: rui0572 <125641819+rui0572@users.noreply.github.com>
2023-11-12 15:52:09 -05:00
yuhan6665
5ae3791a8e
feat : upgrade wireguard go sdk (#2716)
Co-authored-by: kunson <kunson@kunsondeMacBook-Pro-3.local>
Co-authored-by: 世界 <i@sekai.icu>
2023-11-12 15:10:01 -05:00
yuhan6665
999bdc58d3 Turn on freedom splice by default 2023-10-29 15:16:57 -04:00
yuhan6665
4f05e0ac2b Unify environment var readers 2023-10-29 15:16:57 -04:00
yuhan6665
291061e9da Fix an edge case reshaping buffer too long 2023-10-21 03:20:51 -04:00
yuhan6665
cf575be678 Fix unwrap tls conn 2023-09-21 15:35:56 -04:00
yuhan6665
585d5ba7c8 Fix Vision reader 2023-09-17 12:56:29 -04:00
yuhan6665
d6d225c698 Refactor Vision reader writer
- Vision now use traffic states to capture two-way info about a connection
- XTLS is de-couple with Vision, it only read traffic states to switch to direct copy mode
- fix a edge case error when Vision unpadding read 5 command bytes
2023-09-13 08:01:34 -04:00
yuhan6665
efd32b0fb2 Enable splice for freedom outbound (downlink only)
- Add outbound name
- Add outbound conn in ctx
- Refactor splice: it can be turn on from all inbounds and outbounds
- Refactor splice: Add splice copy to vless inbound
- Fix http error test
- Add freedom splice toggle via env var
- Populate outbound obj in context
- Use CanSpliceCopy to mark a connection
- Turn off splice by default
2023-09-07 14:17:39 -04:00
douglarek
d616f6160d Fix go 1.21 build, see https://github.com/XTLS/Xray-core/issues/2466 2023-08-24 11:17:31 -04:00
cty123
a343d68944 fix(proxy): removed the udp payload length check when encryption is disabled 2023-08-19 23:13:43 -04:00
hax0r31337
f67167bb3b refactor(deps): replace github.com/golang/protobuf with google.golang.org/protobuf 2023-08-10 10:43:27 -04:00
cty123
b68a43f4fc fix: correct the logic of converting SocksAddr into net.Destination. 2023-07-19 16:01:35 -04:00
cty123
8eb3cfe144 fix: Patch potential nil pointer deference in proxy::http::client::fillRequestHeader(). 2023-07-15 20:17:11 -04:00
RPRX
f0f3b417f7
Refactor: Fragmentation
5f5ae37571
9122d0f056
2023-07-06 16:30:39 +00:00
RPRX
6d4194415d
Clean unnecessary code in Trojan 2023-07-06 15:18:05 +00:00
Eken Chan
6d8fe7315f XRV should work without rawConn 2023-06-22 10:21:27 -04:00
RPRX
ee21763928 Run "go fmt ./..." 2023-06-18 09:46:57 -04:00
RPRX
667279af57 Add "nonIPQuery" to DNS outbound ("drop" by default)
And fixed a memory leak
And regenerated *.pb.go
2023-06-18 09:45:32 -04:00
rrouzbeh
9122d0f056 Add TLS Hello Fragmentation for freedom outbound (#2131)
* Replace TCP Segmentation with TLS Hello Fragmentation

* Update infra/conf/freedom.go

* Refine proxy/freedom/freedom.go

---------

Co-authored-by: RPRX <63339210+RPRX@users.noreply.github.com>
2023-06-18 09:27:55 -04:00
yuhan6665
9112cfd39c
Clean legacy vmess (#2199)
* Remove legacy Vmess

* validators

* protos
2023-06-12 10:32:25 -04:00
yuhan6665
d11d72be6c Update proto file and fix protoc version parsing
The new protoc cli return version v23.1,
so we parse the file version v4.23.1 without "4."
2023-06-11 13:36:06 -04:00
yuhan6665
c9f517108c Remove mtproto 2023-06-06 23:38:34 -04:00
sambali9
5f5ae37571
Added tcp fragmentation for freedom outbound (#2021)
* Added tcp fragmentation for freedom outbound

* Added TCP_NODELAY to outbound sockopt

* Changed fragment parameters to accept ranges and changed strategy to use length

* Changed packetNumber to packets, supporting range.

* Refactored the freedom fragment logic

* Refine Write()

---------

Co-authored-by: RPRX <63339210+RPRX@users.noreply.github.com>
2023-05-22 02:59:58 +00:00