Commit Graph

124 Commits

Author SHA1 Message Date
yuhan6665
acb81ebe3d
Verify peer cert function for better man in the middle prevention (#746)
* verify peer cert function for better man in the middle prevention

* publish cert chain hash generation algorithm

* added calculation of certificate hash as separate command and tlsping, use base64 to represent fingerprint to align with jsonPb

* apply coding style

* added test case for pinned certificates

* refactored cert pin

* pinned cert test

* added json loading of the PinnedPeerCertificateChainSha256

* removed tool to prepare for v5

* Add server cert pinning for Xtls

Change command "xray tls certChainHash" to xray style

Co-authored-by: Shelikhoo <xiaokangwang@outlook.com>
2021-10-22 12:38:40 +08:00
yuhan6665
c4fc277758
add comment for gRPC TLS silent failure behavior (#779)
When gRPC transport have been configured to use TLS, it may silently ignore TLS failure. This may make it harder to diagnose TLS setting issues when gRPC transport is used. This comment is added to help other developers be aware of this caveat.

Co-authored-by: Shelikhoo <xiaokangwang@outlook.com>
2021-10-22 12:38:40 +08:00
世界
50e576081e
Add DispatchLink 2021-10-22 12:38:40 +08:00
世界
625cf7361a
Export PacketConnWrapper 2021-10-22 11:57:38 +08:00
yuhan6665
e286cdcaa8
Style: format code by gofumpt (#761) 2021-10-20 00:57:14 +08:00
yuhan6665
a229a7f85e
Revert "cancel failed grpc connection (#707)" (#768)
This reverts commit 0f79126379.
2021-10-16 21:07:45 +08:00
lucifer
5e606169f1
gRPC: Parse X-Real-IP header, fix #766 (#769) 2021-10-14 12:10:19 +08:00
Arthur Morgan
575c7a9687 adjust 2021-10-13 00:49:31 +08:00
yuhan6665
e6711d1b48
Add header and method support to http2 transport (#755)
Co-authored-by: Shelikhoo <xiaokangwang@outlook.com>
2021-10-12 15:58:12 +00:00
yuhan6665
4bb61701b5
Add tcpKeepAliveInterval in transport sockopt (#754)
Co-authored-by: Ahmad Karimi <ak12hastam@gmail.com>
Co-authored-by: Shelikhoo <xiaokangwang@outlook.com>
2021-10-12 15:39:08 +00:00
yuhan6665
ef4c63812b
Fix: nullcheck on alternative systemDialer (#752)
* fix: null-check on alternative systemDialer
* delete deprecated option DualStack

Co-authored-by: rurirei <72071920+rurirei@users.noreply.github.com>
2021-10-12 15:32:45 +00:00
yuhan6665
3554886ce1
vformat supports multi-core processing (#757)
* Feat: vformat supports multi-core processing (#996)

Co-authored-by: Loyalsoldier <10487845+Loyalsoldier@users.noreply.github.com>
2021-10-12 15:29:22 +00:00
hmol233
7033f7cf5f
Fix: protobuf file (#724) 2021-09-20 22:41:09 +08:00
Arthur Morgan
ffc2f7c4e2 Style: format code 2021-09-20 21:00:55 +08:00
Arthur Morgan
24b637cd5e
Fix: CounterConnection with ReadV/WriteV (#720)
Co-authored-by: JimhHan <50871214+JimhHan@users.noreply.github.com>
2021-09-20 20:11:21 +08:00
WeidiDeng
b0b2aaa70c
Fixed refresh error when multiple certificates exist (#663)
* Fix when there are multiple certs, after refresh from file all will be the same as the last.
2021-09-18 03:48:22 +08:00
yuhan6665
42d158bd85
vprotogen refine (#717)
* Update all proto files with existing vprotogen
* Chore: remove protoc-gen-gofast
* Feat: vprotogen adds version detector to block generation code from old protobuf version
* Feat: vprotogen refine logic

Co-authored-by: Loyalsoldier <10487845+Loyalsoldier@users.noreply.github.com>
2021-09-18 01:16:14 +08:00
yuhan6665
0f79126379
cancel failed grpc connection (#707)
Co-authored-by: Shelikhoo <xiaokangwang@outlook.com>
2021-09-15 01:40:38 +08:00
Arthur Morgan
e6019a89c9 adjust for go1.17 2021-09-08 01:30:20 +08:00
Arthur Morgan
c950edede2
Merge pull request #618 from XTLS/fix/service-name
gRPC: Use `PathEscape` encoded service name
2021-09-08 00:53:55 +08:00
Arthur Morgan
64892fb2c3
Merge pull request #609 from XTLS/fix/dialer
Move `DomainStrategy` & `DialerProxy` to `DialSystem`
2021-09-08 00:53:37 +08:00
Arthur Morgan
d9d239750b
Merge pull request #633 from XTLS/feature/h2-health-check
Add health check for h2 & gRPC
2021-09-08 00:52:10 +08:00
Arthur Morgan
7a9e72b133
Merge pull request #589 from bhoppi/main
Fix: new cert issuing is incorrectly delayed
2021-09-08 00:50:32 +08:00
hmol233
31c7141fef
gRPC: add keepalive option PermitWithoutStream 2021-07-05 21:25:21 +08:00
hmol233
57b9006d26
gRPC: add keepalive option for server 2021-07-05 21:25:03 +08:00
hmol233
d9d04a230f
Add h2 & gRPC health check 2021-07-03 16:01:59 +08:00
hmol233
3dc9fba20d
gRPC: Use PathEscape encoded service name 2021-06-27 16:46:26 +08:00
hmol233
86a8fb5d84
Move DomainStrategy & DialerProxy to DialSystem
Fix https://github.com/XTLS/Xray-core/issues/608
2021-06-18 19:28:02 +08:00
Bhoppi Chaw
2220411644 fix new cert issuing is incorrectly delayed 2021-06-05 23:32:05 +08:00
hmol233
3b8618b379
Fix linkname 2021-05-10 07:11:27 +08:00
hmol233
e8a8465220
Fix reject unknown sni with single cert 2021-05-10 00:28:40 +08:00
hmol233
1f92b948c0
Fix errNoCertificates 2021-05-10 00:11:45 +08:00
hmol233
53b99efe78
Add: reject unknown SNI
Co-Authored-By: 玖柒Max <60207794+jiuqi9997@users.noreply.github.com>
2021-05-09 23:47:21 +08:00
Bhoppi Chaw
bf94fb53ca
Fix QUIC disconnecting issue (#475)
Co-authored-by: RPRX <63339210+rprx@users.noreply.github.com>
2021-04-06 16:37:28 +00:00
lucifer
1d13a8da49
fix grpc dial ipv6 address (#476) 2021-04-05 09:00:46 +08:00
RPRX
4bf8b6d89c
Fix uTLS fingerprints support
Thank @HirbodBehnam https://github.com/XTLS/Xray-core/issues/461
2021-04-01 09:15:18 +00:00
秋のかえで
7f2fad73d4
Chore: Upgrade dependencies (#432)
Co-authored-by: RPRX <63339210+rprx@users.noreply.github.com>
2021-03-31 06:18:34 +00:00
Jim Han
3ed14c2fcd
Fix: gRPC & HTTP/2 dialer (#445) 2021-03-30 16:43:31 +00:00
risetechlab
b63049f404
Fix: TFO AsIs bug (#452) 2021-03-30 16:42:02 +00:00
RPRX
a9e11075d1
Add uTLS fingerprints support (#451) 2021-03-29 10:08:29 +00:00
Jim Han
e564d9ef7e
Fix: TCP & WS override AcceptProxyProtocol (#425) 2021-03-28 16:16:07 +00:00
RPRX
e0910ab4d9
Update dialer.html 2021-03-23 16:55:05 +00:00
RPRX
d46af8b5d4
Add WSS Browser Dialer support (#421) 2021-03-23 09:25:35 +00:00
Jim Han
0470381fe2
Fix: gRPC multi accepting empty bytes (#411) 2021-03-21 09:16:52 +00:00
maskedeken
36961ed882
Add remote addr to gRPC transport layer conn (#382)
Co-authored-by: RPRX <63339210+rprx@users.noreply.github.com>
2021-03-17 17:55:51 +00:00
RPRX
a0a32ee00d
Add gRPC Transport support (#356)
Co-authored-by: JimhHan <50871214+JimhHan@users.noreply.github.com>
2021-03-14 15:02:07 +00:00
RPRX
60b06877bf
Add WebSocket 0-RTT support (#375) 2021-03-14 07:10:10 +00:00
RPRX
819717d278
Fix https://github.com/XTLS/Xray-core/issues/366 2021-03-12 11:38:36 +00:00
Jim Han
d7cd71b741
Resolve conflicting changes in DNS #309 #341 (#346)
Co-authored-by: yuhan6665 <1588741+yuhan6665@users.noreply.github.com>
2021-03-07 07:12:50 +00:00
Jim Han
db32ce6fd9
Enhance DNS and Dialer (#341) 2021-03-06 16:29:17 +00:00
risetechlab
ad1807dd99
Enhance TCP Fast Open (#310) 2021-03-06 14:45:12 +00:00
Jim Han
7fb1f65354
Fix https://github.com/XTLS/Xray-core/issues/289 (#300) 2021-03-01 02:43:27 +00:00
RPRX
8b9c0ae593
Enable (X)TLS hot reloading by default (#281)
Super BiuBiu
2021-02-20 02:15:57 +00:00
秋のかえで
347d9735da
Remove (x)tls.WithNextProto("h2") in tcp/hub.go (#260) 2021-02-18 11:50:09 +00:00
eMeab
81d993158f
Support hot reloading of certificate and key files (#225) 2021-02-12 15:33:19 +00:00
eMeab
c13b8ec9bb
Fix OCSP Stapling (#172)
Co-authored-by: RPRX <63339210+rprx@users.noreply.github.com>
2021-01-30 23:17:07 +00:00
Arthur Morgan
ba41513967
Changes from v2fly-core (#173) 2021-01-22 03:35:56 +00:00
RPRX
7df135a5c4
Disable session resumption by default
https://github.com/v2fly/v2ray-core/issues/557#issuecomment-751962569
2021-01-01 11:33:09 +00:00
RPRX
13ad3fddf6
Refactor: *net.UDPAddr -> *net.Destination
https://t.me/projectXray/111998
2020-12-28 09:40:28 +00:00
RPRX
6bcac6cb10 Move common/net/connection.go into cnc folder 2020-12-28 03:20:39 +08:00
RPRX
a78db47571
Adjust OCSP Stapling 2020-12-25 15:10:12 +00:00
eMeab
3d7e86efba
Add OCSP Stapling for TLS & XTLS (#92) 2020-12-25 08:01:20 +00:00
Arthur Morgan
6f25191822
Changes from v2ray-core (#93) 2020-12-24 19:45:35 +00:00
RPRX
8f8f7dd66f
Refactor: Shadowsocks & Trojan UDP FullCone NAT
https://t.me/projectXray/95704
2020-12-23 13:06:21 +00:00
RPRX
ff9bb2d8df
Optimize cipherSuites setting loader 2020-12-17 09:25:30 +00:00
RPRX
38faac5ffc
Adjust config loader of TLS & XTLS 2020-12-16 15:59:04 +00:00
eMeab
88dfed931b
Add cipherSuites setting for TLS & XTLS (#78) 2020-12-16 12:53:55 +00:00
Jim Han
fe445f8e1a
Fix: HTTP dialer uses ctx instead of context.Background() (#79) 2020-12-16 11:52:45 +00:00
RPRX
ed0e9b12dc
Adjust ProtoBuf of TLS & XTLS 2020-12-16 08:50:18 +00:00
eMeab
dab978749c
Add minVersion setting for TLS & XTLS (#77) 2020-12-16 05:20:24 +00:00
RPRX
f8faf3c8b8 Removal: confonly 2020-12-11 13:05:29 +08:00
RPRX
f1eb5e3d08
Refactor: Support TCP/IPv6 in REDIRECT mode
十分感谢 @badO1a5A90 @LGA1150 协助测试

https://github.com/XTLS/Xray-core/issues/48#issuecomment-741509789

https://github.com/v2ray/v2ray-core/issues/1309#issuecomment-447432696
2020-12-09 12:16:38 +00:00
RPRX
16544c18ab v1.1.0 2020-12-04 09:36:16 +08:00
RPRX
c7f7c08ead v1.0.0 2020-11-25 19:01:53 +08:00