From 1e1ee5e39b3f4f4222674d07f06b0ec391d5bbee Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 6 Oct 2023 00:20:01 +0000 Subject: [PATCH 001/100] Bump golang.org/x/net from 0.15.0 to 0.16.0 Bumps [golang.org/x/net](https://github.com/golang/net) from 0.15.0 to 0.16.0. - [Commits](https://github.com/golang/net/compare/v0.15.0...v0.16.0) --- updated-dependencies: - dependency-name: golang.org/x/net dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- go.mod | 6 +++--- go.sum | 12 ++++++------ 2 files changed, 9 insertions(+), 9 deletions(-) diff --git a/go.mod b/go.mod index a9dae3b6..d47ac1bf 100644 --- a/go.mod +++ b/go.mod @@ -20,10 +20,10 @@ require ( github.com/v2fly/ss-bloomring v0.0.0-20210312155135-28617310f63e github.com/xtls/reality v0.0.0-20230828171259-e426190d57f6 go4.org/netipx v0.0.0-20230824141953-6213f710f925 - golang.org/x/crypto v0.13.0 - golang.org/x/net v0.15.0 + golang.org/x/crypto v0.14.0 + golang.org/x/net v0.16.0 golang.org/x/sync v0.3.0 - golang.org/x/sys v0.12.0 + golang.org/x/sys v0.13.0 google.golang.org/grpc v1.58.2 google.golang.org/protobuf v1.31.0 gvisor.dev/gvisor v0.0.0-20230822212503-5bf4e5f98744 diff --git a/go.sum b/go.sum index faa51913..fb1cec48 100644 --- a/go.sum +++ b/go.sum @@ -184,8 +184,8 @@ golang.org/x/crypto v0.0.0-20181030102418-4d3f4d9ffa16/go.mod h1:6SG95UA2DQfeDnf golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= golang.org/x/crypto v0.0.0-20190313024323-a1f597ede03a/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= -golang.org/x/crypto v0.13.0 h1:mvySKfSWJ+UKUii46M40LOvyWfN0s2U+46/jDd0e6Ck= -golang.org/x/crypto v0.13.0/go.mod h1:y6Z2r+Rw4iayiXXAIxJIDAJ1zMW4yaTpebo8fPOliYc= +golang.org/x/crypto v0.14.0 h1:wBqGXzWJW6m1XrIKlAH0Hs1JJ7+9KBwnIO8v66Q9cHc= +golang.org/x/crypto v0.14.0/go.mod h1:MVFd36DqK4CsrnJYDkBA3VC4m2GkXAM0PvzMCn4JQf4= golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20230905200255-921286631fa9 h1:GoHiUyI/Tp2nVkLI2mCxVkOjsbSXD66ic0XW0js0R9g= golang.org/x/exp v0.0.0-20230905200255-921286631fa9/go.mod h1:S2oDrQGGwySpoQPVqRShND87VCbxmc6bL1Yd2oYrm6k= @@ -206,8 +206,8 @@ golang.org/x/net v0.0.0-20190313220215-9f648a60d977/go.mod h1:t9HGtf8HONx5eT2rtn golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20210405180319-a5a99cb37ef4/go.mod h1:p54w0d4576C0XHj96bSt6lcn1PtDYWL6XObtHCRCNQM= -golang.org/x/net v0.15.0 h1:ugBLEUaxABaB5AJqW9enI0ACdci2RUd4eP51NTBvuJ8= -golang.org/x/net v0.15.0/go.mod h1:idbUs1IY1+zTqbi8yxTbhexhEEk5ur9LInksu6HrEpk= +golang.org/x/net v0.16.0 h1:7eBu7KsSvFDtSXUIDbh3aqlK4DPsZ1rByC8PFfBThos= +golang.org/x/net v0.16.0/go.mod h1:NxSsAGuq816PNPmqtQdLE42eU2Fs7NoRIZrHJAlaCOE= golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= golang.org/x/oauth2 v0.0.0-20181017192945-9dcd33a902f4/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= golang.org/x/oauth2 v0.0.0-20181203162652-d668ce993890/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= @@ -231,8 +231,8 @@ golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7w golang.org/x/sys v0.0.0-20210330210617-4fbd30eecc44/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210510120138-977fb7262007/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.5.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.12.0 h1:CM0HF96J0hcLAwsHPJZjfdNzs0gftsLfgKt57wWHJ0o= -golang.org/x/sys v0.12.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.13.0 h1:Af8nKPmuFypiUBjVoU9V20FiaFXOcuZI21p0ycVYYGE= +golang.org/x/sys v0.13.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.1-0.20180807135948-17ff2d5776d2/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= From 73df64a9f28b542cd1cb1c6394f5a8495fad9cfb Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 9 Oct 2023 01:15:06 +0000 Subject: [PATCH 002/100] Bump github.com/sagernet/sing from 0.2.12 to 0.2.13 Bumps [github.com/sagernet/sing](https://github.com/sagernet/sing) from 0.2.12 to 0.2.13. - [Commits](https://github.com/sagernet/sing/compare/v0.2.12...v0.2.13) --- updated-dependencies: - dependency-name: github.com/sagernet/sing dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- go.mod | 2 +- go.sum | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/go.mod b/go.mod index d47ac1bf..97b11ee6 100644 --- a/go.mod +++ b/go.mod @@ -12,7 +12,7 @@ require ( github.com/pires/go-proxyproto v0.7.0 github.com/quic-go/quic-go v0.39.0 github.com/refraction-networking/utls v1.5.3 - github.com/sagernet/sing v0.2.12 + github.com/sagernet/sing v0.2.13 github.com/sagernet/sing-shadowsocks v0.2.5 github.com/sagernet/wireguard-go v0.0.0-20221116151939-c99467f53f2c github.com/seiflotfy/cuckoofilter v0.0.0-20220411075957-e3b120b3f5fb diff --git a/go.sum b/go.sum index fb1cec48..55bfa5a4 100644 --- a/go.sum +++ b/go.sum @@ -125,8 +125,8 @@ github.com/refraction-networking/utls v1.5.3/go.mod h1:SPuDbBmgLGp8s+HLNc83Fuavw github.com/riobard/go-bloom v0.0.0-20200614022211-cdc8013cb5b3 h1:f/FNXud6gA3MNr8meMVVGxhp+QBTqY91tM8HjEuMjGg= github.com/riobard/go-bloom v0.0.0-20200614022211-cdc8013cb5b3/go.mod h1:HgjTstvQsPGkxUsCd2KWxErBblirPizecHcpD3ffK+s= github.com/russross/blackfriday v1.5.2/go.mod h1:JO/DiYxRf+HjHt06OyowR9PTA263kcR/rfWxYHBV53g= -github.com/sagernet/sing v0.2.12 h1:wwdLm3c4qvU4hW8tNtadh60V5z2FGlDZSYYGRzHhD74= -github.com/sagernet/sing v0.2.12/go.mod h1:GQ673iPfUnkbK/dIPkfd1Xh1MjOGo36gkl/mkiHY7Jg= +github.com/sagernet/sing v0.2.13 h1:ohczGKWP+Yn3zlQXSvFn+6EKSELGggBi66D5rqpYRQ0= +github.com/sagernet/sing v0.2.13/go.mod h1:AhNEHu0GXrpqkuzvTwvC8+j2cQUU/dh+zLEmq4C99pg= github.com/sagernet/sing-shadowsocks v0.2.5 h1:qxIttos4xu6ii7MTVJYA8EFQR7Q3KG6xMqmLJIFtBaY= github.com/sagernet/sing-shadowsocks v0.2.5/go.mod h1:MGWGkcU2xW2G2mfArT9/QqpVLOGU+dBaahZCtPHdt7A= github.com/sagernet/wireguard-go v0.0.0-20221116151939-c99467f53f2c h1:vK2wyt9aWYHHvNLWniwijBu/n4pySypiKRhN32u/JGo= From 707ef51fb11ad126578e32cfcbbb95b96f3fa454 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 11 Oct 2023 00:24:35 +0000 Subject: [PATCH 003/100] Bump golang.org/x/net from 0.16.0 to 0.17.0 Bumps [golang.org/x/net](https://github.com/golang/net) from 0.16.0 to 0.17.0. - [Commits](https://github.com/golang/net/compare/v0.16.0...v0.17.0) --- updated-dependencies: - dependency-name: golang.org/x/net dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- go.mod | 2 +- go.sum | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/go.mod b/go.mod index 97b11ee6..65392e2d 100644 --- a/go.mod +++ b/go.mod @@ -21,7 +21,7 @@ require ( github.com/xtls/reality v0.0.0-20230828171259-e426190d57f6 go4.org/netipx v0.0.0-20230824141953-6213f710f925 golang.org/x/crypto v0.14.0 - golang.org/x/net v0.16.0 + golang.org/x/net v0.17.0 golang.org/x/sync v0.3.0 golang.org/x/sys v0.13.0 google.golang.org/grpc v1.58.2 diff --git a/go.sum b/go.sum index 55bfa5a4..d32a33a9 100644 --- a/go.sum +++ b/go.sum @@ -206,8 +206,8 @@ golang.org/x/net v0.0.0-20190313220215-9f648a60d977/go.mod h1:t9HGtf8HONx5eT2rtn golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20210405180319-a5a99cb37ef4/go.mod h1:p54w0d4576C0XHj96bSt6lcn1PtDYWL6XObtHCRCNQM= -golang.org/x/net v0.16.0 h1:7eBu7KsSvFDtSXUIDbh3aqlK4DPsZ1rByC8PFfBThos= -golang.org/x/net v0.16.0/go.mod h1:NxSsAGuq816PNPmqtQdLE42eU2Fs7NoRIZrHJAlaCOE= +golang.org/x/net v0.17.0 h1:pVaXccu2ozPjCXewfr1S7xza/zcXTity9cCdXQYSjIM= +golang.org/x/net v0.17.0/go.mod h1:NxSsAGuq816PNPmqtQdLE42eU2Fs7NoRIZrHJAlaCOE= golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= golang.org/x/oauth2 v0.0.0-20181017192945-9dcd33a902f4/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= golang.org/x/oauth2 v0.0.0-20181203162652-d668ce993890/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= From c0af4f85c28fdbf9abf922fb97b46b7fbb5034e9 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 11 Oct 2023 00:24:40 +0000 Subject: [PATCH 004/100] Bump github.com/google/go-cmp from 0.5.9 to 0.6.0 Bumps [github.com/google/go-cmp](https://github.com/google/go-cmp) from 0.5.9 to 0.6.0. - [Release notes](https://github.com/google/go-cmp/releases) - [Commits](https://github.com/google/go-cmp/compare/v0.5.9...v0.6.0) --- updated-dependencies: - dependency-name: github.com/google/go-cmp dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- go.mod | 2 +- go.sum | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/go.mod b/go.mod index 65392e2d..f51942ed 100644 --- a/go.mod +++ b/go.mod @@ -5,7 +5,7 @@ go 1.21 require ( github.com/ghodss/yaml v1.0.1-0.20220118164431-d8423dcdf344 github.com/golang/mock v1.6.0 - github.com/google/go-cmp v0.5.9 + github.com/google/go-cmp v0.6.0 github.com/gorilla/websocket v1.5.0 github.com/miekg/dns v1.1.56 github.com/pelletier/go-toml v1.9.5 diff --git a/go.sum b/go.sum index d32a33a9..42b05cf7 100644 --- a/go.sum +++ b/go.sum @@ -57,8 +57,8 @@ github.com/google/btree v1.1.2 h1:xf4v41cLI2Z6FxbKm+8Bu+m8ifhj15JuZ9sa0jZCMUU= github.com/google/btree v1.1.2/go.mod h1:qOPhT0dTNdNzV6Z/lhRX0YXUafgPLFUh+gZMl761Gm4= github.com/google/go-cmp v0.2.0/go.mod h1:oXzfMopK8JAjlY9xF4vHSVASa0yLyX7SntLO5aqRK0M= github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= -github.com/google/go-cmp v0.5.9 h1:O2Tfq5qg4qc4AmwVlvv0oLiVAGB7enBSJ2x2DqQFi38= -github.com/google/go-cmp v0.5.9/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= +github.com/google/go-cmp v0.6.0 h1:ofyhxvXcZhMsU5ulbFiLKl/XBFqE1GSq7atu8tAmTRI= +github.com/google/go-cmp v0.6.0/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= github.com/google/go-github v17.0.0+incompatible/go.mod h1:zLgOLi98H3fifZn+44m+umXrS52loVEgC2AApnigrVQ= github.com/google/go-querystring v1.0.0/go.mod h1:odCYkC5MyYFN7vkCjXpyrEuKhc/BUO6wN/zVPAxq5ck= github.com/google/martian v2.1.0+incompatible/go.mod h1:9I4somxYTbIHy5NJKHRl3wXiIaQGbYVAs8BPL6v8lEs= From 394fac6c6cc47c68f0861d944f37b907831d2f49 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 11 Oct 2023 00:24:46 +0000 Subject: [PATCH 005/100] Bump github.com/refraction-networking/utls from 1.5.3 to 1.5.4 Bumps [github.com/refraction-networking/utls](https://github.com/refraction-networking/utls) from 1.5.3 to 1.5.4. - [Release notes](https://github.com/refraction-networking/utls/releases) - [Commits](https://github.com/refraction-networking/utls/compare/v1.5.3...v1.5.4) --- updated-dependencies: - dependency-name: github.com/refraction-networking/utls dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- go.mod | 2 +- go.sum | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/go.mod b/go.mod index f51942ed..6b36121a 100644 --- a/go.mod +++ b/go.mod @@ -11,7 +11,7 @@ require ( github.com/pelletier/go-toml v1.9.5 github.com/pires/go-proxyproto v0.7.0 github.com/quic-go/quic-go v0.39.0 - github.com/refraction-networking/utls v1.5.3 + github.com/refraction-networking/utls v1.5.4 github.com/sagernet/sing v0.2.13 github.com/sagernet/sing-shadowsocks v0.2.5 github.com/sagernet/wireguard-go v0.0.0-20221116151939-c99467f53f2c diff --git a/go.sum b/go.sum index 42b05cf7..7dd810c2 100644 --- a/go.sum +++ b/go.sum @@ -120,8 +120,8 @@ github.com/quic-go/qtls-go1-20 v0.3.4 h1:MfFAPULvst4yoMgY9QmtpYmfij/em7O8UUi+bNV github.com/quic-go/qtls-go1-20 v0.3.4/go.mod h1:X9Nh97ZL80Z+bX/gUXMbipO6OxdiDi58b/fMC9mAL+k= github.com/quic-go/quic-go v0.39.0 h1:AgP40iThFMY0bj8jGxROhw3S0FMGa8ryqsmi9tBH3So= github.com/quic-go/quic-go v0.39.0/go.mod h1:T09QsDQWjLiQ74ZmacDfqZmhY/NLnw5BC40MANNNZ1Q= -github.com/refraction-networking/utls v1.5.3 h1:Ds5Ocg1+MC1ahNx5iBEcHe0jHeLaA/fLey61EENm7ro= -github.com/refraction-networking/utls v1.5.3/go.mod h1:SPuDbBmgLGp8s+HLNc83FuavwZCFoMmExj+ltUHiHUw= +github.com/refraction-networking/utls v1.5.4 h1:9k6EO2b8TaOGsQ7Pl7p9w6PUhx18/ZCeT0WNTZ7Uw4o= +github.com/refraction-networking/utls v1.5.4/go.mod h1:SPuDbBmgLGp8s+HLNc83FuavwZCFoMmExj+ltUHiHUw= github.com/riobard/go-bloom v0.0.0-20200614022211-cdc8013cb5b3 h1:f/FNXud6gA3MNr8meMVVGxhp+QBTqY91tM8HjEuMjGg= github.com/riobard/go-bloom v0.0.0-20200614022211-cdc8013cb5b3/go.mod h1:HgjTstvQsPGkxUsCd2KWxErBblirPizecHcpD3ffK+s= github.com/russross/blackfriday v1.5.2/go.mod h1:JO/DiYxRf+HjHt06OyowR9PTA263kcR/rfWxYHBV53g= From aeec8dfe253c4eac98e23a0d78e2e957fb168dac Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 11 Oct 2023 00:24:55 +0000 Subject: [PATCH 006/100] Bump google.golang.org/grpc from 1.58.2 to 1.58.3 Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go) from 1.58.2 to 1.58.3. - [Release notes](https://github.com/grpc/grpc-go/releases) - [Commits](https://github.com/grpc/grpc-go/compare/v1.58.2...v1.58.3) --- updated-dependencies: - dependency-name: google.golang.org/grpc dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- go.mod | 2 +- go.sum | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/go.mod b/go.mod index 6b36121a..8837a652 100644 --- a/go.mod +++ b/go.mod @@ -24,7 +24,7 @@ require ( golang.org/x/net v0.17.0 golang.org/x/sync v0.3.0 golang.org/x/sys v0.13.0 - google.golang.org/grpc v1.58.2 + google.golang.org/grpc v1.58.3 google.golang.org/protobuf v1.31.0 gvisor.dev/gvisor v0.0.0-20230822212503-5bf4e5f98744 h12.io/socks v1.0.3 diff --git a/go.sum b/go.sum index 7dd810c2..a068f14e 100644 --- a/go.sum +++ b/go.sum @@ -274,8 +274,8 @@ google.golang.org/grpc v1.14.0/go.mod h1:yo6s7OP7yaDglbqo1J04qKzAhqBH6lvTonzMVmE google.golang.org/grpc v1.16.0/go.mod h1:0JHn/cJsOMiMfNA9+DeHDlAU7KAAB5GDlYFpa9MZMio= google.golang.org/grpc v1.17.0/go.mod h1:6QZJwpn2B+Zp71q/5VxRsJ6NXXVCE5NRUHRo+f3cWCs= google.golang.org/grpc v1.19.0/go.mod h1:mqu4LbDTu4XGKhr4mRzUsmM4RtVoemTSY81AxZiDr8c= -google.golang.org/grpc v1.58.2 h1:SXUpjxeVF3FKrTYQI4f4KvbGD5u2xccdYdurwowix5I= -google.golang.org/grpc v1.58.2/go.mod h1:tgX3ZQDlNJGU96V6yHh1T/JeoBQ2TXdr43YbYSsCJk0= +google.golang.org/grpc v1.58.3 h1:BjnpXut1btbtgN/6sp+brB2Kbm2LjNXnidYujAVbSoQ= +google.golang.org/grpc v1.58.3/go.mod h1:tgX3ZQDlNJGU96V6yHh1T/JeoBQ2TXdr43YbYSsCJk0= google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw= google.golang.org/protobuf v1.26.0/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc= google.golang.org/protobuf v1.31.0 h1:g0LDEJHgrBl9N9r17Ru3sqWhkIx2NB67okBHPwC7hs8= From 3ffdf93fc259e3b6cba5f6d9f4b90cb2a98ed551 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 16 Oct 2023 00:47:20 +0000 Subject: [PATCH 007/100] Bump github.com/sagernet/sing from 0.2.13 to 0.2.14 Bumps [github.com/sagernet/sing](https://github.com/sagernet/sing) from 0.2.13 to 0.2.14. - [Commits](https://github.com/sagernet/sing/compare/v0.2.13...v0.2.14) --- updated-dependencies: - dependency-name: github.com/sagernet/sing dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- go.mod | 2 +- go.sum | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/go.mod b/go.mod index 8837a652..043fc6ee 100644 --- a/go.mod +++ b/go.mod @@ -12,7 +12,7 @@ require ( github.com/pires/go-proxyproto v0.7.0 github.com/quic-go/quic-go v0.39.0 github.com/refraction-networking/utls v1.5.4 - github.com/sagernet/sing v0.2.13 + github.com/sagernet/sing v0.2.14 github.com/sagernet/sing-shadowsocks v0.2.5 github.com/sagernet/wireguard-go v0.0.0-20221116151939-c99467f53f2c github.com/seiflotfy/cuckoofilter v0.0.0-20220411075957-e3b120b3f5fb diff --git a/go.sum b/go.sum index a068f14e..d347c02f 100644 --- a/go.sum +++ b/go.sum @@ -125,8 +125,8 @@ github.com/refraction-networking/utls v1.5.4/go.mod h1:SPuDbBmgLGp8s+HLNc83Fuavw github.com/riobard/go-bloom v0.0.0-20200614022211-cdc8013cb5b3 h1:f/FNXud6gA3MNr8meMVVGxhp+QBTqY91tM8HjEuMjGg= github.com/riobard/go-bloom v0.0.0-20200614022211-cdc8013cb5b3/go.mod h1:HgjTstvQsPGkxUsCd2KWxErBblirPizecHcpD3ffK+s= github.com/russross/blackfriday v1.5.2/go.mod h1:JO/DiYxRf+HjHt06OyowR9PTA263kcR/rfWxYHBV53g= -github.com/sagernet/sing v0.2.13 h1:ohczGKWP+Yn3zlQXSvFn+6EKSELGggBi66D5rqpYRQ0= -github.com/sagernet/sing v0.2.13/go.mod h1:AhNEHu0GXrpqkuzvTwvC8+j2cQUU/dh+zLEmq4C99pg= +github.com/sagernet/sing v0.2.14 h1:L3AXDh22nsOOYz2nTRU1JvpRsmzViWKI1B8TsQYG1eY= +github.com/sagernet/sing v0.2.14/go.mod h1:AhNEHu0GXrpqkuzvTwvC8+j2cQUU/dh+zLEmq4C99pg= github.com/sagernet/sing-shadowsocks v0.2.5 h1:qxIttos4xu6ii7MTVJYA8EFQR7Q3KG6xMqmLJIFtBaY= github.com/sagernet/sing-shadowsocks v0.2.5/go.mod h1:MGWGkcU2xW2G2mfArT9/QqpVLOGU+dBaahZCtPHdt7A= github.com/sagernet/wireguard-go v0.0.0-20221116151939-c99467f53f2c h1:vK2wyt9aWYHHvNLWniwijBu/n4pySypiKRhN32u/JGo= From 6177ec7fafb7281a1945e63633ec580831e02abf Mon Sep 17 00:00:00 2001 From: hossinasaadi Date: Tue, 3 Oct 2023 15:53:02 +0400 Subject: [PATCH 008/100] add bindAddr for darwin --- transport/internet/sockopt_darwin.go | 32 ++++++++++++++++++++++++++-- 1 file changed, 30 insertions(+), 2 deletions(-) diff --git a/transport/internet/sockopt_darwin.go b/transport/internet/sockopt_darwin.go index d8724c77..de405538 100644 --- a/transport/internet/sockopt_darwin.go +++ b/transport/internet/sockopt_darwin.go @@ -165,7 +165,7 @@ func applyInboundSocketOptions(network string, fd uintptr, config *SocketConfig) } } } - + if config.TcpKeepAliveIdle > 0 || config.TcpKeepAliveInterval > 0 { if config.TcpKeepAliveIdle > 0 { if err := unix.SetsockoptInt(int(fd), unix.IPPROTO_TCP, unix.TCP_KEEPALIVE, int(config.TcpKeepAliveInterval)); err != nil { @@ -191,14 +191,42 @@ func applyInboundSocketOptions(network string, fd uintptr, config *SocketConfig) } func bindAddr(fd uintptr, address []byte, port uint32) error { - return nil + setReuseAddr(fd) + setReusePort(fd) + + var sockaddr unix.Sockaddr + + switch len(address) { + case net.IPv4len: + a4 := &unix.SockaddrInet4{ + Port: int(port), + } + copy(a4.Addr[:], address) + sockaddr = a4 + case net.IPv6len: + a6 := &unix.SockaddrInet6{ + Port: int(port), + } + copy(a6.Addr[:], address) + sockaddr = a6 + default: + return newError("unexpected length of ip") + } + + return unix.Bind(int(fd), sockaddr) } func setReuseAddr(fd uintptr) error { + if err := unix.SetsockoptInt(int(fd), unix.SOL_SOCKET, unix.SO_REUSEADDR, 1); err != nil { + return newError("failed to set SO_REUSEADDR").Base(err).AtWarning() + } return nil } func setReusePort(fd uintptr) error { + if err := unix.SetsockoptInt(int(fd), unix.SOL_SOCKET, unix.SO_REUSEPORT, 1); err != nil { + return newError("failed to set SO_REUSEPORT").Base(err).AtWarning() + } return nil } func getInterfaceIndexByName(name string) int { From e4c0fd7c001bb32c441711878970dd2446edd292 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 18 Oct 2023 00:55:33 +0000 Subject: [PATCH 009/100] Bump github.com/quic-go/quic-go from 0.39.0 to 0.39.1 Bumps [github.com/quic-go/quic-go](https://github.com/quic-go/quic-go) from 0.39.0 to 0.39.1. - [Release notes](https://github.com/quic-go/quic-go/releases) - [Changelog](https://github.com/quic-go/quic-go/blob/master/Changelog.md) - [Commits](https://github.com/quic-go/quic-go/compare/v0.39.0...v0.39.1) --- updated-dependencies: - dependency-name: github.com/quic-go/quic-go dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- go.mod | 2 +- go.sum | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/go.mod b/go.mod index 043fc6ee..9ef527d7 100644 --- a/go.mod +++ b/go.mod @@ -10,7 +10,7 @@ require ( github.com/miekg/dns v1.1.56 github.com/pelletier/go-toml v1.9.5 github.com/pires/go-proxyproto v0.7.0 - github.com/quic-go/quic-go v0.39.0 + github.com/quic-go/quic-go v0.39.1 github.com/refraction-networking/utls v1.5.4 github.com/sagernet/sing v0.2.14 github.com/sagernet/sing-shadowsocks v0.2.5 diff --git a/go.sum b/go.sum index d347c02f..c675cbc4 100644 --- a/go.sum +++ b/go.sum @@ -118,8 +118,8 @@ github.com/prometheus/common v0.0.0-20180801064454-c7de2306084e/go.mod h1:daVV7q github.com/prometheus/procfs v0.0.0-20180725123919-05ee40e3a273/go.mod h1:c3At6R/oaqEKCNdg8wHV1ftS6bRYblBhIjjI8uT2IGk= github.com/quic-go/qtls-go1-20 v0.3.4 h1:MfFAPULvst4yoMgY9QmtpYmfij/em7O8UUi+bNVm7Cg= github.com/quic-go/qtls-go1-20 v0.3.4/go.mod h1:X9Nh97ZL80Z+bX/gUXMbipO6OxdiDi58b/fMC9mAL+k= -github.com/quic-go/quic-go v0.39.0 h1:AgP40iThFMY0bj8jGxROhw3S0FMGa8ryqsmi9tBH3So= -github.com/quic-go/quic-go v0.39.0/go.mod h1:T09QsDQWjLiQ74ZmacDfqZmhY/NLnw5BC40MANNNZ1Q= +github.com/quic-go/quic-go v0.39.1 h1:d/m3oaN/SD2c+f7/yEjZxe2zEVotXprnrCCJ2y/ZZFE= +github.com/quic-go/quic-go v0.39.1/go.mod h1:T09QsDQWjLiQ74ZmacDfqZmhY/NLnw5BC40MANNNZ1Q= github.com/refraction-networking/utls v1.5.4 h1:9k6EO2b8TaOGsQ7Pl7p9w6PUhx18/ZCeT0WNTZ7Uw4o= github.com/refraction-networking/utls v1.5.4/go.mod h1:SPuDbBmgLGp8s+HLNc83FuavwZCFoMmExj+ltUHiHUw= github.com/riobard/go-bloom v0.0.0-20200614022211-cdc8013cb5b3 h1:f/FNXud6gA3MNr8meMVVGxhp+QBTqY91tM8HjEuMjGg= From f5e71b9db7f102323c15dc97fd0f5b7fa96bfd0b Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 18 Oct 2023 00:55:44 +0000 Subject: [PATCH 010/100] Bump google.golang.org/grpc from 1.58.3 to 1.59.0 Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go) from 1.58.3 to 1.59.0. - [Release notes](https://github.com/grpc/grpc-go/releases) - [Commits](https://github.com/grpc/grpc-go/compare/v1.58.3...v1.59.0) --- updated-dependencies: - dependency-name: google.golang.org/grpc dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- go.mod | 2 +- go.sum | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/go.mod b/go.mod index 9ef527d7..213b174f 100644 --- a/go.mod +++ b/go.mod @@ -24,7 +24,7 @@ require ( golang.org/x/net v0.17.0 golang.org/x/sync v0.3.0 golang.org/x/sys v0.13.0 - google.golang.org/grpc v1.58.3 + google.golang.org/grpc v1.59.0 google.golang.org/protobuf v1.31.0 gvisor.dev/gvisor v0.0.0-20230822212503-5bf4e5f98744 h12.io/socks v1.0.3 diff --git a/go.sum b/go.sum index c675cbc4..e4d07989 100644 --- a/go.sum +++ b/go.sum @@ -274,8 +274,8 @@ google.golang.org/grpc v1.14.0/go.mod h1:yo6s7OP7yaDglbqo1J04qKzAhqBH6lvTonzMVmE google.golang.org/grpc v1.16.0/go.mod h1:0JHn/cJsOMiMfNA9+DeHDlAU7KAAB5GDlYFpa9MZMio= google.golang.org/grpc v1.17.0/go.mod h1:6QZJwpn2B+Zp71q/5VxRsJ6NXXVCE5NRUHRo+f3cWCs= google.golang.org/grpc v1.19.0/go.mod h1:mqu4LbDTu4XGKhr4mRzUsmM4RtVoemTSY81AxZiDr8c= -google.golang.org/grpc v1.58.3 h1:BjnpXut1btbtgN/6sp+brB2Kbm2LjNXnidYujAVbSoQ= -google.golang.org/grpc v1.58.3/go.mod h1:tgX3ZQDlNJGU96V6yHh1T/JeoBQ2TXdr43YbYSsCJk0= +google.golang.org/grpc v1.59.0 h1:Z5Iec2pjwb+LEOqzpB2MR12/eKFhDPhuqW91O+4bwUk= +google.golang.org/grpc v1.59.0/go.mod h1:aUPDwccQo6OTjy7Hct4AfBPD1GptF4fyUjIkQ9YtF98= google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw= google.golang.org/protobuf v1.26.0/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc= google.golang.org/protobuf v1.31.0 h1:g0LDEJHgrBl9N9r17Ru3sqWhkIx2NB67okBHPwC7hs8= From 291061e9da6a5e1777f79c76e8c0859df8db821c Mon Sep 17 00:00:00 2001 From: yuhan6665 <1588741+yuhan6665@users.noreply.github.com> Date: Sat, 21 Oct 2023 03:12:46 -0400 Subject: [PATCH 011/100] Fix an edge case reshaping buffer too long --- proxy/proxy.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/proxy/proxy.go b/proxy/proxy.go index a14ddace..4dcb6bf9 100644 --- a/proxy/proxy.go +++ b/proxy/proxy.go @@ -257,7 +257,7 @@ func ReshapeMultiBuffer(ctx context.Context, buffer buf.MultiBuffer) buf.MultiBu for i, buffer1 := range buffer { if buffer1.Len() >= buf.Size-21 { index := int32(bytes.LastIndex(buffer1.Bytes(), TlsApplicationDataStart)) - if index <= 0 || index > buf.Size-21 { + if index < 21 || index > buf.Size-21 { index = buf.Size / 2 } buffer2 := buf.New() From 4f8b73bb1f482e04bd5f946e8c1de95a8688dbf1 Mon Sep 17 00:00:00 2001 From: hossinasaadi Date: Sat, 21 Oct 2023 15:43:37 +0400 Subject: [PATCH 012/100] fix override Inbounds in multi config --- infra/conf/xray.go | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/infra/conf/xray.go b/infra/conf/xray.go index 7bfc53e3..c5459c44 100644 --- a/infra/conf/xray.go +++ b/infra/conf/xray.go @@ -489,16 +489,16 @@ func (c *Config) Override(o *Config, fn string) { // update the Inbound in slice if the only one in overide config has same tag if len(o.InboundConfigs) > 0 { - if len(c.InboundConfigs) > 0 && len(o.InboundConfigs) == 1 { - if idx := c.findInboundTag(o.InboundConfigs[0].Tag); idx > -1 { - c.InboundConfigs[idx] = o.InboundConfigs[0] + for i := range o.InboundConfigs { + if idx := c.findInboundTag(o.InboundConfigs[i].Tag); idx > -1 { + c.InboundConfigs[idx] = o.InboundConfigs[i] ctllog.Println("[", fn, "] updated inbound with tag: ", o.InboundConfigs[0].Tag) + } else { - c.InboundConfigs = append(c.InboundConfigs, o.InboundConfigs[0]) + c.InboundConfigs = append(c.InboundConfigs, o.InboundConfigs[i]) ctllog.Println("[", fn, "] appended inbound with tag: ", o.InboundConfigs[0].Tag) } - } else { - c.InboundConfigs = o.InboundConfigs + } } From 42d586df091a7871e820917232fa27b2e2829866 Mon Sep 17 00:00:00 2001 From: hossinasaadi Date: Sat, 21 Oct 2023 15:43:58 +0400 Subject: [PATCH 013/100] log inbound override status --- infra/conf/xray.go | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/infra/conf/xray.go b/infra/conf/xray.go index c5459c44..e1f1f48c 100644 --- a/infra/conf/xray.go +++ b/infra/conf/xray.go @@ -492,11 +492,11 @@ func (c *Config) Override(o *Config, fn string) { for i := range o.InboundConfigs { if idx := c.findInboundTag(o.InboundConfigs[i].Tag); idx > -1 { c.InboundConfigs[idx] = o.InboundConfigs[i] - ctllog.Println("[", fn, "] updated inbound with tag: ", o.InboundConfigs[0].Tag) + newError("[", fn, "] updated inbound with tag: ", o.InboundConfigs[i].Tag).AtInfo().WriteToLog() } else { c.InboundConfigs = append(c.InboundConfigs, o.InboundConfigs[i]) - ctllog.Println("[", fn, "] appended inbound with tag: ", o.InboundConfigs[0].Tag) + newError("[", fn, "] appended inbound with tag: ", o.InboundConfigs[i].Tag).AtInfo().WriteToLog() } } From 71fee07175360d31460267414903cc249bb6d9e1 Mon Sep 17 00:00:00 2001 From: hossinasaadi Date: Mon, 23 Oct 2023 00:23:56 +0400 Subject: [PATCH 014/100] fix inbounds-replaceall test --- infra/conf/xray_test.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/infra/conf/xray_test.go b/infra/conf/xray_test.go index c7e20ed4..fef9ab58 100644 --- a/infra/conf/xray_test.go +++ b/infra/conf/xray_test.go @@ -427,7 +427,7 @@ func TestConfig_Override(t *testing.T) { &Config{InboundConfigs: []InboundDetourConfig{{Tag: "pos0"}, {Protocol: "vmess", Tag: "pos1"}}}, &Config{InboundConfigs: []InboundDetourConfig{{Tag: "pos1", Protocol: "kcp"}, {Tag: "pos2", Protocol: "kcp"}}}, "", - &Config{InboundConfigs: []InboundDetourConfig{{Tag: "pos1", Protocol: "kcp"}, {Tag: "pos2", Protocol: "kcp"}}}, + &Config{InboundConfigs: []InboundDetourConfig{{Tag: "pos0"}, {Tag: "pos1", Protocol: "kcp"}, {Tag: "pos2", Protocol: "kcp"}}}, }, { "replace/notag-append", From 67c66faaed7203fc0020183f8ae024b55da35f60 Mon Sep 17 00:00:00 2001 From: Hossin Asaadi Date: Tue, 24 Oct 2023 05:04:58 +0330 Subject: [PATCH 015/100] Override outbounds in multi config files (#2659) * fix override outbounds in multi config * log outbounds override status * fix prepend bug * improve outbounds-prepend test * fix prepend outbound * fix outbounds-prepend test --- infra/conf/xray.go | 22 ++++++++++++---------- infra/conf/xray_test.go | 6 +++--- 2 files changed, 15 insertions(+), 13 deletions(-) diff --git a/infra/conf/xray.go b/infra/conf/xray.go index e1f1f48c..558e2baa 100644 --- a/infra/conf/xray.go +++ b/infra/conf/xray.go @@ -504,21 +504,23 @@ func (c *Config) Override(o *Config, fn string) { // update the Outbound in slice if the only one in overide config has same tag if len(o.OutboundConfigs) > 0 { - if len(c.OutboundConfigs) > 0 && len(o.OutboundConfigs) == 1 { - if idx := c.findOutboundTag(o.OutboundConfigs[0].Tag); idx > -1 { - c.OutboundConfigs[idx] = o.OutboundConfigs[0] - ctllog.Println("[", fn, "] updated outbound with tag: ", o.OutboundConfigs[0].Tag) + outboundPrepends := []OutboundDetourConfig{} + for i := range o.OutboundConfigs { + if idx := c.findOutboundTag(o.OutboundConfigs[i].Tag); idx > -1 { + c.OutboundConfigs[idx] = o.OutboundConfigs[i] + newError("[", fn, "] updated outbound with tag: ", o.OutboundConfigs[i].Tag).AtInfo().WriteToLog() } else { if strings.Contains(strings.ToLower(fn), "tail") { - c.OutboundConfigs = append(c.OutboundConfigs, o.OutboundConfigs[0]) - ctllog.Println("[", fn, "] appended outbound with tag: ", o.OutboundConfigs[0].Tag) + c.OutboundConfigs = append(c.OutboundConfigs, o.OutboundConfigs[i]) + newError("[", fn, "] appended outbound with tag: ", o.OutboundConfigs[i].Tag).AtInfo().WriteToLog() } else { - c.OutboundConfigs = append(o.OutboundConfigs, c.OutboundConfigs...) - ctllog.Println("[", fn, "] prepended outbound with tag: ", o.OutboundConfigs[0].Tag) + outboundPrepends = append(outboundPrepends, o.OutboundConfigs[i]) + newError("[", fn, "] prepend outbound with tag: ", o.OutboundConfigs[i].Tag).AtInfo().WriteToLog() } } - } else { - c.OutboundConfigs = o.OutboundConfigs + } + if !strings.Contains(strings.ToLower(fn), "tail") && len(outboundPrepends) > 0 { + c.OutboundConfigs = append(outboundPrepends, c.OutboundConfigs...) } } } diff --git a/infra/conf/xray_test.go b/infra/conf/xray_test.go index fef9ab58..a53cd216 100644 --- a/infra/conf/xray_test.go +++ b/infra/conf/xray_test.go @@ -445,10 +445,10 @@ func TestConfig_Override(t *testing.T) { }, { "replace/outbounds-prepend", - &Config{OutboundConfigs: []OutboundDetourConfig{{Tag: "pos0"}, {Protocol: "vmess", Tag: "pos1"}}}, - &Config{OutboundConfigs: []OutboundDetourConfig{{Tag: "pos1", Protocol: "kcp"}, {Tag: "pos2", Protocol: "kcp"}}}, + &Config{OutboundConfigs: []OutboundDetourConfig{{Tag: "pos0"}, {Protocol: "vmess", Tag: "pos1"}, {Tag: "pos3"}}}, + &Config{OutboundConfigs: []OutboundDetourConfig{{Tag: "pos1", Protocol: "kcp"}, {Tag: "pos2", Protocol: "kcp"}, {Tag: "pos4", Protocol: "kcp"}}}, "config.json", - &Config{OutboundConfigs: []OutboundDetourConfig{{Tag: "pos1", Protocol: "kcp"}, {Tag: "pos2", Protocol: "kcp"}}}, + &Config{OutboundConfigs: []OutboundDetourConfig{{Tag: "pos2", Protocol: "kcp"}, {Tag: "pos4", Protocol: "kcp"}, {Tag: "pos0"}, {Tag: "pos1", Protocol: "kcp"}, {Tag: "pos3"}}}, }, { "replace/outbounds-append", From 3eba6a78fe7ccf0cc4834e644741d20bd0b8acfc Mon Sep 17 00:00:00 2001 From: lilendian0x00 Date: Tue, 24 Oct 2023 12:15:03 -0700 Subject: [PATCH 016/100] Added xray-knife tool to the README.md file --- README.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/README.md b/README.md index a91c4373..7d84f044 100644 --- a/README.md +++ b/README.md @@ -91,6 +91,8 @@ - iOS & macOS arm64 - [Shadowrocket](https://apps.apple.com/app/shadowrocket/id932747118) +- Xray Tools + - [xray-knife](https://github.com/lilendian0x00/xray-knife) - Xray Wrapper - [XTLS/libXray](https://github.com/XTLS/libXray) - [xtlsapi](https://github.com/hiddify/xtlsapi) From 3d92f3f8b5d18f949b11ccd5b6bc7e63b3e6c482 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 26 Oct 2023 00:44:34 +0000 Subject: [PATCH 017/100] Bump github.com/quic-go/quic-go from 0.39.1 to 0.39.2 Bumps [github.com/quic-go/quic-go](https://github.com/quic-go/quic-go) from 0.39.1 to 0.39.2. - [Release notes](https://github.com/quic-go/quic-go/releases) - [Changelog](https://github.com/quic-go/quic-go/blob/master/Changelog.md) - [Commits](https://github.com/quic-go/quic-go/compare/v0.39.1...v0.39.2) --- updated-dependencies: - dependency-name: github.com/quic-go/quic-go dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- go.mod | 2 +- go.sum | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/go.mod b/go.mod index 213b174f..45d4d0f2 100644 --- a/go.mod +++ b/go.mod @@ -10,7 +10,7 @@ require ( github.com/miekg/dns v1.1.56 github.com/pelletier/go-toml v1.9.5 github.com/pires/go-proxyproto v0.7.0 - github.com/quic-go/quic-go v0.39.1 + github.com/quic-go/quic-go v0.39.2 github.com/refraction-networking/utls v1.5.4 github.com/sagernet/sing v0.2.14 github.com/sagernet/sing-shadowsocks v0.2.5 diff --git a/go.sum b/go.sum index e4d07989..54c3512f 100644 --- a/go.sum +++ b/go.sum @@ -118,8 +118,8 @@ github.com/prometheus/common v0.0.0-20180801064454-c7de2306084e/go.mod h1:daVV7q github.com/prometheus/procfs v0.0.0-20180725123919-05ee40e3a273/go.mod h1:c3At6R/oaqEKCNdg8wHV1ftS6bRYblBhIjjI8uT2IGk= github.com/quic-go/qtls-go1-20 v0.3.4 h1:MfFAPULvst4yoMgY9QmtpYmfij/em7O8UUi+bNVm7Cg= github.com/quic-go/qtls-go1-20 v0.3.4/go.mod h1:X9Nh97ZL80Z+bX/gUXMbipO6OxdiDi58b/fMC9mAL+k= -github.com/quic-go/quic-go v0.39.1 h1:d/m3oaN/SD2c+f7/yEjZxe2zEVotXprnrCCJ2y/ZZFE= -github.com/quic-go/quic-go v0.39.1/go.mod h1:T09QsDQWjLiQ74ZmacDfqZmhY/NLnw5BC40MANNNZ1Q= +github.com/quic-go/quic-go v0.39.2 h1:hmwAf8zAHlvan0Y5PXxeeBFZEW17IW99sXLry8I2kjk= +github.com/quic-go/quic-go v0.39.2/go.mod h1:T09QsDQWjLiQ74ZmacDfqZmhY/NLnw5BC40MANNNZ1Q= github.com/refraction-networking/utls v1.5.4 h1:9k6EO2b8TaOGsQ7Pl7p9w6PUhx18/ZCeT0WNTZ7Uw4o= github.com/refraction-networking/utls v1.5.4/go.mod h1:SPuDbBmgLGp8s+HLNc83FuavwZCFoMmExj+ltUHiHUw= github.com/riobard/go-bloom v0.0.0-20200614022211-cdc8013cb5b3 h1:f/FNXud6gA3MNr8meMVVGxhp+QBTqY91tM8HjEuMjGg= From e241e5bda626354d70a1ca473b2058df338a3435 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 26 Oct 2023 14:15:04 +0000 Subject: [PATCH 018/100] Bump github.com/sagernet/sing from 0.2.14 to 0.2.15 Bumps [github.com/sagernet/sing](https://github.com/sagernet/sing) from 0.2.14 to 0.2.15. - [Commits](https://github.com/sagernet/sing/compare/v0.2.14...v0.2.15) --- updated-dependencies: - dependency-name: github.com/sagernet/sing dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- go.mod | 2 +- go.sum | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/go.mod b/go.mod index 45d4d0f2..6acee6a1 100644 --- a/go.mod +++ b/go.mod @@ -12,7 +12,7 @@ require ( github.com/pires/go-proxyproto v0.7.0 github.com/quic-go/quic-go v0.39.2 github.com/refraction-networking/utls v1.5.4 - github.com/sagernet/sing v0.2.14 + github.com/sagernet/sing v0.2.15 github.com/sagernet/sing-shadowsocks v0.2.5 github.com/sagernet/wireguard-go v0.0.0-20221116151939-c99467f53f2c github.com/seiflotfy/cuckoofilter v0.0.0-20220411075957-e3b120b3f5fb diff --git a/go.sum b/go.sum index 54c3512f..b4e00a97 100644 --- a/go.sum +++ b/go.sum @@ -125,8 +125,8 @@ github.com/refraction-networking/utls v1.5.4/go.mod h1:SPuDbBmgLGp8s+HLNc83Fuavw github.com/riobard/go-bloom v0.0.0-20200614022211-cdc8013cb5b3 h1:f/FNXud6gA3MNr8meMVVGxhp+QBTqY91tM8HjEuMjGg= github.com/riobard/go-bloom v0.0.0-20200614022211-cdc8013cb5b3/go.mod h1:HgjTstvQsPGkxUsCd2KWxErBblirPizecHcpD3ffK+s= github.com/russross/blackfriday v1.5.2/go.mod h1:JO/DiYxRf+HjHt06OyowR9PTA263kcR/rfWxYHBV53g= -github.com/sagernet/sing v0.2.14 h1:L3AXDh22nsOOYz2nTRU1JvpRsmzViWKI1B8TsQYG1eY= -github.com/sagernet/sing v0.2.14/go.mod h1:AhNEHu0GXrpqkuzvTwvC8+j2cQUU/dh+zLEmq4C99pg= +github.com/sagernet/sing v0.2.15 h1:PFwyiMzkyJkq+YGOVznJUsRVOT6EoVxRGIsllLuvHXA= +github.com/sagernet/sing v0.2.15/go.mod h1:AhNEHu0GXrpqkuzvTwvC8+j2cQUU/dh+zLEmq4C99pg= github.com/sagernet/sing-shadowsocks v0.2.5 h1:qxIttos4xu6ii7MTVJYA8EFQR7Q3KG6xMqmLJIFtBaY= github.com/sagernet/sing-shadowsocks v0.2.5/go.mod h1:MGWGkcU2xW2G2mfArT9/QqpVLOGU+dBaahZCtPHdt7A= github.com/sagernet/wireguard-go v0.0.0-20221116151939-c99467f53f2c h1:vK2wyt9aWYHHvNLWniwijBu/n4pySypiKRhN32u/JGo= From 4f05e0ac2bedf3faccf6732a5eaee55116ccabb3 Mon Sep 17 00:00:00 2001 From: yuhan6665 <1588741+yuhan6665@users.noreply.github.com> Date: Sat, 28 Oct 2023 17:24:54 -0400 Subject: [PATCH 019/100] Unify environment var readers --- common/buf/readv_reader.go | 2 +- common/platform/others.go | 6 ++---- common/platform/platform.go | 14 ++++++++++++++ common/xudp/xudp.go | 13 ++++--------- core/xray.go | 5 +++-- infra/conf/common.go | 6 +++--- proxy/freedom/freedom.go | 2 +- proxy/vmess/outbound/outbound.go | 2 +- transport/internet/websocket/dialer.go | 5 +++-- 9 files changed, 32 insertions(+), 23 deletions(-) diff --git a/common/buf/readv_reader.go b/common/buf/readv_reader.go index f897ccca..bcd0f0ed 100644 --- a/common/buf/readv_reader.go +++ b/common/buf/readv_reader.go @@ -147,7 +147,7 @@ var useReadv bool func init() { const defaultFlagValue = "NOT_DEFINED_AT_ALL" - value := platform.NewEnvFlag("xray.buf.readv").GetValue(func() string { return defaultFlagValue }) + value := platform.NewEnvFlag(platform.UseReadV).GetValue(func() string { return defaultFlagValue }) switch value { case defaultFlagValue, "auto", "enable": useReadv = true diff --git a/common/platform/others.go b/common/platform/others.go index ff45a054..fe22d1de 100644 --- a/common/platform/others.go +++ b/common/platform/others.go @@ -17,15 +17,13 @@ func LineSeparator() string { } func GetToolLocation(file string) string { - const name = "xray.location.tool" - toolPath := EnvFlag{Name: name, AltName: NormalizeEnvName(name)}.GetValue(getExecutableDir) + toolPath := NewEnvFlag(UnixToolLocation).GetValue(getExecutableDir) return filepath.Join(toolPath, file) } // GetAssetLocation searches for `file` in certain locations func GetAssetLocation(file string) string { - const name = "xray.location.asset" - assetPath := NewEnvFlag(name).GetValue(getExecutableDir) + assetPath := NewEnvFlag(UnixAssetLocation).GetValue(getExecutableDir) defPath := filepath.Join(assetPath, file) for _, p := range []string{ defPath, diff --git a/common/platform/platform.go b/common/platform/platform.go index d5149db4..bccf6f9d 100644 --- a/common/platform/platform.go +++ b/common/platform/platform.go @@ -84,3 +84,17 @@ func GetConfDirPath() string { configPath := NewEnvFlag(name).GetValue(func() string { return "" }) return configPath } + +const ( + UnixToolLocation = "xray.location.tool" + UnixAssetLocation = "xray.location.asset" + + UseReadV = "xray.buf.readv" + UseFreedomSplice = "xray.buf.splice" + UseVmessPadding = "xray.vmess.padding" + UseCone = "xray.cone.disabled" + + BrowserDialerAddress = "xray.browser.dialer" + XUDPLog = "xray.xudp.show" + XUDPBaseKey = "xray.xudp.basekey" +) diff --git a/common/xudp/xudp.go b/common/xudp/xudp.go index 513247c3..2fc5166c 100644 --- a/common/xudp/xudp.go +++ b/common/xudp/xudp.go @@ -6,11 +6,11 @@ import ( "encoding/base64" "fmt" "io" - "os" "strings" "github.com/xtls/xray-core/common/buf" "github.com/xtls/xray-core/common/net" + "github.com/xtls/xray-core/common/platform" "github.com/xtls/xray-core/common/protocol" "github.com/xtls/xray-core/common/session" "lukechampine.com/blake3" @@ -28,20 +28,15 @@ var ( BaseKey []byte ) -const ( - EnvShow = "XRAY_XUDP_SHOW" - EnvBaseKey = "XRAY_XUDP_BASEKEY" -) - func init() { - if strings.ToLower(os.Getenv(EnvShow)) == "true" { + if strings.ToLower(platform.NewEnvFlag(platform.XUDPLog).GetValue(func() string { return "" })) == "true" { Show = true } - if raw, found := os.LookupEnv(EnvBaseKey); found { + if raw := platform.NewEnvFlag(platform.XUDPBaseKey).GetValue(func() string { return "" }); raw != "" { if BaseKey, _ = base64.RawURLEncoding.DecodeString(raw); len(BaseKey) == 32 { return } - panic(EnvBaseKey + ": invalid value: " + raw) + panic(platform.XUDPBaseKey + ": invalid value: " + raw) } rand.Read(BaseKey) } diff --git a/core/xray.go b/core/xray.go index 5c7518f9..20484c60 100644 --- a/core/xray.go +++ b/core/xray.go @@ -2,11 +2,11 @@ package core import ( "context" - "os" "reflect" "sync" "github.com/xtls/xray-core/common" + "github.com/xtls/xray-core/common/platform" "github.com/xtls/xray-core/common/serial" "github.com/xtls/xray-core/features" "github.com/xtls/xray-core/features/dns" @@ -181,7 +181,8 @@ func NewWithContext(ctx context.Context, config *Config) (*Instance, error) { } func initInstanceWithConfig(config *Config, server *Instance) (bool, error) { - server.ctx = context.WithValue(server.ctx, "cone", os.Getenv("XRAY_CONE_DISABLED") != "true") + server.ctx = context.WithValue(server.ctx, "cone", + platform.NewEnvFlag(platform.UseCone).GetValue(func() string { return "" }) != "true") if config.Transport != nil { features.PrintDeprecatedFeatureWarning("global transport settings") diff --git a/infra/conf/common.go b/infra/conf/common.go index f8f56056..20868b83 100644 --- a/infra/conf/common.go +++ b/infra/conf/common.go @@ -2,10 +2,10 @@ package conf import ( "encoding/json" - "os" "strings" "github.com/xtls/xray-core/common/net" + "github.com/xtls/xray-core/common/platform" "github.com/xtls/xray-core/common/protocol" ) @@ -46,7 +46,7 @@ func (v *Address) UnmarshalJSON(data []byte) error { return newError("invalid address: ", string(data)).Base(err) } if strings.HasPrefix(rawStr, "env:") { - rawStr = os.Getenv(rawStr[4:]) + rawStr = platform.NewEnvFlag(rawStr[4:]).GetValue(func() string { return "" }) } v.Address = net.ParseAddress(rawStr) @@ -118,7 +118,7 @@ func parseIntPort(data []byte) (net.Port, error) { func parseStringPort(s string) (net.Port, net.Port, error) { if strings.HasPrefix(s, "env:") { - s = os.Getenv(s[4:]) + s = platform.NewEnvFlag(s[4:]).GetValue(func() string { return "" }) } pair := strings.SplitN(s, "-", 2) diff --git a/proxy/freedom/freedom.go b/proxy/freedom/freedom.go index 808f837f..9af57e01 100644 --- a/proxy/freedom/freedom.go +++ b/proxy/freedom/freedom.go @@ -41,7 +41,7 @@ func init() { return h, nil })) const defaultFlagValue = "NOT_DEFINED_AT_ALL" - value := platform.NewEnvFlag("xray.buf.splice").GetValue(func() string { return defaultFlagValue }) + value := platform.NewEnvFlag(platform.UseFreedomSplice).GetValue(func() string { return defaultFlagValue }) switch value { case "auto", "enable": useSplice = true diff --git a/proxy/vmess/outbound/outbound.go b/proxy/vmess/outbound/outbound.go index 5e228d68..c3c55d95 100644 --- a/proxy/vmess/outbound/outbound.go +++ b/proxy/vmess/outbound/outbound.go @@ -245,7 +245,7 @@ func init() { const defaultFlagValue = "NOT_DEFINED_AT_ALL" - paddingValue := platform.NewEnvFlag("xray.vmess.padding").GetValue(func() string { return defaultFlagValue }) + paddingValue := platform.NewEnvFlag(platform.UseVmessPadding).GetValue(func() string { return defaultFlagValue }) if paddingValue != defaultFlagValue { enablePadding = true } diff --git a/transport/internet/websocket/dialer.go b/transport/internet/websocket/dialer.go index 5017cb50..1ab9379e 100644 --- a/transport/internet/websocket/dialer.go +++ b/transport/internet/websocket/dialer.go @@ -8,12 +8,12 @@ import ( "io" gonet "net" "net/http" - "os" "time" "github.com/gorilla/websocket" "github.com/xtls/xray-core/common" "github.com/xtls/xray-core/common/net" + "github.com/xtls/xray-core/common/platform" "github.com/xtls/xray-core/common/session" "github.com/xtls/xray-core/transport/internet" "github.com/xtls/xray-core/transport/internet/stat" @@ -26,7 +26,8 @@ var webpage []byte var conns chan *websocket.Conn func init() { - if addr := os.Getenv("XRAY_BROWSER_DIALER"); addr != "" { + addr := platform.NewEnvFlag(platform.BrowserDialerAddress).GetValue(func() string { return "" }) + if addr != "" { conns = make(chan *websocket.Conn, 256) go http.ListenAndServe(addr, http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { if r.URL.Path == "/websocket" { From 999bdc58d348e359f4b75ecb165d311c0b476795 Mon Sep 17 00:00:00 2001 From: yuhan6665 <1588741+yuhan6665@users.noreply.github.com> Date: Sat, 28 Oct 2023 17:25:25 -0400 Subject: [PATCH 020/100] Turn on freedom splice by default --- proxy/freedom/freedom.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/proxy/freedom/freedom.go b/proxy/freedom/freedom.go index 9af57e01..3eb5b8a3 100644 --- a/proxy/freedom/freedom.go +++ b/proxy/freedom/freedom.go @@ -43,7 +43,7 @@ func init() { const defaultFlagValue = "NOT_DEFINED_AT_ALL" value := platform.NewEnvFlag(platform.UseFreedomSplice).GetValue(func() string { return defaultFlagValue }) switch value { - case "auto", "enable": + case defaultFlagValue, "auto", "enable": useSplice = true } } From 11b61b02c8c64f7fa8b38cf527a2632e3787c50f Mon Sep 17 00:00:00 2001 From: yuhan6665 <1588741+yuhan6665@users.noreply.github.com> Date: Sat, 28 Oct 2023 18:21:57 -0400 Subject: [PATCH 021/100] Refine environment var Address some review comments --- common/platform/others.go | 4 ++-- common/platform/platform.go | 41 +++++++++++++++++++------------------ common/platform/windows.go | 6 ++---- features/policy/policy.go | 6 +----- 4 files changed, 26 insertions(+), 31 deletions(-) diff --git a/common/platform/others.go b/common/platform/others.go index fe22d1de..7401a526 100644 --- a/common/platform/others.go +++ b/common/platform/others.go @@ -17,13 +17,13 @@ func LineSeparator() string { } func GetToolLocation(file string) string { - toolPath := NewEnvFlag(UnixToolLocation).GetValue(getExecutableDir) + toolPath := NewEnvFlag(ToolLocation).GetValue(getExecutableDir) return filepath.Join(toolPath, file) } // GetAssetLocation searches for `file` in certain locations func GetAssetLocation(file string) string { - assetPath := NewEnvFlag(UnixAssetLocation).GetValue(getExecutableDir) + assetPath := NewEnvFlag(AssetLocation).GetValue(getExecutableDir) defPath := filepath.Join(assetPath, file) for _, p := range []string{ defPath, diff --git a/common/platform/platform.go b/common/platform/platform.go index bccf6f9d..51e25447 100644 --- a/common/platform/platform.go +++ b/common/platform/platform.go @@ -7,6 +7,24 @@ import ( "strings" ) +const ( + PluginLocation = "xray.location.plugin" + ConfigLocation = "xray.location.config" + ConfdirLocation = "xray.location.confdir" + ToolLocation = "xray.location.tool" + AssetLocation = "xray.location.asset" + + UseReadV = "xray.buf.readv" + UseFreedomSplice = "xray.buf.splice" + UseVmessPadding = "xray.vmess.padding" + UseCone = "xray.cone.disabled" + + BufferSize = "xray.ray.buffer.size" + BrowserDialerAddress = "xray.browser.dialer" + XUDPLog = "xray.xudp.show" + XUDPBaseKey = "xray.xudp.basekey" +) + type EnvFlag struct { Name string AltName string @@ -67,34 +85,17 @@ func getExecutableSubDir(dir string) func() string { } func GetPluginDirectory() string { - const name = "xray.location.plugin" - pluginDir := NewEnvFlag(name).GetValue(getExecutableSubDir("plugins")) + pluginDir := NewEnvFlag(PluginLocation).GetValue(getExecutableSubDir("plugins")) return pluginDir } func GetConfigurationPath() string { - const name = "xray.location.config" - configPath := NewEnvFlag(name).GetValue(getExecutableDir) + configPath := NewEnvFlag(ConfigLocation).GetValue(getExecutableDir) return filepath.Join(configPath, "config.json") } // GetConfDirPath reads "xray.location.confdir" func GetConfDirPath() string { - const name = "xray.location.confdir" - configPath := NewEnvFlag(name).GetValue(func() string { return "" }) + configPath := NewEnvFlag(ConfdirLocation).GetValue(func() string { return "" }) return configPath } - -const ( - UnixToolLocation = "xray.location.tool" - UnixAssetLocation = "xray.location.asset" - - UseReadV = "xray.buf.readv" - UseFreedomSplice = "xray.buf.splice" - UseVmessPadding = "xray.vmess.padding" - UseCone = "xray.cone.disabled" - - BrowserDialerAddress = "xray.browser.dialer" - XUDPLog = "xray.xudp.show" - XUDPBaseKey = "xray.xudp.basekey" -) diff --git a/common/platform/windows.go b/common/platform/windows.go index a568d5ae..2aeca80c 100644 --- a/common/platform/windows.go +++ b/common/platform/windows.go @@ -15,14 +15,12 @@ func LineSeparator() string { } func GetToolLocation(file string) string { - const name = "xray.location.tool" - toolPath := EnvFlag{Name: name, AltName: NormalizeEnvName(name)}.GetValue(getExecutableDir) + toolPath := NewEnvFlag(ToolLocation).GetValue(getExecutableDir) return filepath.Join(toolPath, file+".exe") } // GetAssetLocation searches for `file` in the excutable dir func GetAssetLocation(file string) string { - const name = "xray.location.asset" - assetPath := NewEnvFlag(name).GetValue(getExecutableDir) + assetPath := NewEnvFlag(AssetLocation).GetValue(getExecutableDir) return filepath.Join(assetPath, file) } diff --git a/features/policy/policy.go b/features/policy/policy.go index c3d48e6a..4d3f7ecf 100644 --- a/features/policy/policy.go +++ b/features/policy/policy.go @@ -83,12 +83,8 @@ func ManagerType() interface{} { var defaultBufferSize int32 func init() { - const key = "xray.ray.buffer.size" const defaultValue = -17 - size := platform.EnvFlag{ - Name: key, - AltName: platform.NormalizeEnvName(key), - }.GetValueAsInt(defaultValue) + size := platform.NewEnvFlag(platform.BufferSize).GetValueAsInt(defaultValue) switch size { case 0: From f86fe6f91a9eec42f8f044a08bac063d06e01efe Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 30 Oct 2023 00:18:03 +0000 Subject: [PATCH 022/100] Bump github.com/quic-go/quic-go from 0.39.2 to 0.39.3 Bumps [github.com/quic-go/quic-go](https://github.com/quic-go/quic-go) from 0.39.2 to 0.39.3. - [Release notes](https://github.com/quic-go/quic-go/releases) - [Changelog](https://github.com/quic-go/quic-go/blob/master/Changelog.md) - [Commits](https://github.com/quic-go/quic-go/compare/v0.39.2...v0.39.3) --- updated-dependencies: - dependency-name: github.com/quic-go/quic-go dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- go.mod | 2 +- go.sum | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/go.mod b/go.mod index 6acee6a1..4ed26d5e 100644 --- a/go.mod +++ b/go.mod @@ -10,7 +10,7 @@ require ( github.com/miekg/dns v1.1.56 github.com/pelletier/go-toml v1.9.5 github.com/pires/go-proxyproto v0.7.0 - github.com/quic-go/quic-go v0.39.2 + github.com/quic-go/quic-go v0.39.3 github.com/refraction-networking/utls v1.5.4 github.com/sagernet/sing v0.2.15 github.com/sagernet/sing-shadowsocks v0.2.5 diff --git a/go.sum b/go.sum index b4e00a97..628abbe5 100644 --- a/go.sum +++ b/go.sum @@ -118,8 +118,8 @@ github.com/prometheus/common v0.0.0-20180801064454-c7de2306084e/go.mod h1:daVV7q github.com/prometheus/procfs v0.0.0-20180725123919-05ee40e3a273/go.mod h1:c3At6R/oaqEKCNdg8wHV1ftS6bRYblBhIjjI8uT2IGk= github.com/quic-go/qtls-go1-20 v0.3.4 h1:MfFAPULvst4yoMgY9QmtpYmfij/em7O8UUi+bNVm7Cg= github.com/quic-go/qtls-go1-20 v0.3.4/go.mod h1:X9Nh97ZL80Z+bX/gUXMbipO6OxdiDi58b/fMC9mAL+k= -github.com/quic-go/quic-go v0.39.2 h1:hmwAf8zAHlvan0Y5PXxeeBFZEW17IW99sXLry8I2kjk= -github.com/quic-go/quic-go v0.39.2/go.mod h1:T09QsDQWjLiQ74ZmacDfqZmhY/NLnw5BC40MANNNZ1Q= +github.com/quic-go/quic-go v0.39.3 h1:o3YB6t2SR+HU/pgwF29kJ6g4jJIJEwEZ8CKia1h1TKg= +github.com/quic-go/quic-go v0.39.3/go.mod h1:T09QsDQWjLiQ74ZmacDfqZmhY/NLnw5BC40MANNNZ1Q= github.com/refraction-networking/utls v1.5.4 h1:9k6EO2b8TaOGsQ7Pl7p9w6PUhx18/ZCeT0WNTZ7Uw4o= github.com/refraction-networking/utls v1.5.4/go.mod h1:SPuDbBmgLGp8s+HLNc83FuavwZCFoMmExj+ltUHiHUw= github.com/riobard/go-bloom v0.0.0-20200614022211-cdc8013cb5b3 h1:f/FNXud6gA3MNr8meMVVGxhp+QBTqY91tM8HjEuMjGg= From d24a636c7523a6830327344a610cd3c40afddd2a Mon Sep 17 00:00:00 2001 From: yuhan6665 <1588741+yuhan6665@users.noreply.github.com> Date: Sat, 28 Oct 2023 21:31:08 -0400 Subject: [PATCH 023/100] Move some log from stdout to ray log --- common/xudp/errors.generated.go | 9 +++++++++ common/xudp/xudp.go | 2 +- transport/internet/reality/reality.go | 17 +++++++++-------- transport/internet/websocket/dialer.go | 3 +-- 4 files changed, 20 insertions(+), 11 deletions(-) create mode 100644 common/xudp/errors.generated.go diff --git a/common/xudp/errors.generated.go b/common/xudp/errors.generated.go new file mode 100644 index 00000000..e14625a8 --- /dev/null +++ b/common/xudp/errors.generated.go @@ -0,0 +1,9 @@ +package xudp + +import "github.com/xtls/xray-core/common/errors" + +type errPathObjHolder struct{} + +func newError(values ...interface{}) *errors.Error { + return errors.New(values...).WithPathObj(errPathObjHolder{}) +} diff --git a/common/xudp/xudp.go b/common/xudp/xudp.go index 2fc5166c..af18119f 100644 --- a/common/xudp/xudp.go +++ b/common/xudp/xudp.go @@ -51,7 +51,7 @@ func GetGlobalID(ctx context.Context) (globalID [8]byte) { h.Write([]byte(inbound.Source.String())) copy(globalID[:], h.Sum(nil)) if Show { - fmt.Printf("XUDP inbound.Source.String(): %v\tglobalID: %v\n", inbound.Source.String(), globalID) + newError(fmt.Sprintf("XUDP inbound.Source.String(): %v\tglobalID: %v\n", inbound.Source.String(), globalID)).WriteToLog(session.ExportIDToError(ctx)) } } return diff --git a/transport/internet/reality/reality.go b/transport/internet/reality/reality.go index 30d4e2ae..de8a6ac6 100644 --- a/transport/internet/reality/reality.go +++ b/transport/internet/reality/reality.go @@ -29,6 +29,7 @@ import ( "github.com/xtls/reality" "github.com/xtls/xray-core/common/errors" "github.com/xtls/xray-core/common/net" + "github.com/xtls/xray-core/common/session" "github.com/xtls/xray-core/core" "github.com/xtls/xray-core/transport/internet/tls" "golang.org/x/crypto/chacha20poly1305" @@ -133,7 +134,7 @@ func UClient(c net.Conn, config *Config, ctx context.Context, dest net.Destinati binary.BigEndian.PutUint32(hello.SessionId[4:], uint32(time.Now().Unix())) copy(hello.SessionId[8:], config.ShortId) if config.Show { - fmt.Printf("REALITY localAddr: %v\thello.SessionId[:16]: %v\n", localAddr, hello.SessionId[:16]) + newError(fmt.Sprintf("REALITY localAddr: %v\thello.SessionId[:16]: %v\n", localAddr, hello.SessionId[:16])).WriteToLog(session.ExportIDToError(ctx)) } publicKey, _ := ecdh.X25519().NewPublicKey(config.PublicKey) uConn.AuthKey, _ = uConn.HandshakeState.State13.EcdheKey.ECDH(publicKey) @@ -151,7 +152,7 @@ func UClient(c net.Conn, config *Config, ctx context.Context, dest net.Destinati aead, _ = chacha20poly1305.New(uConn.AuthKey) } if config.Show { - fmt.Printf("REALITY localAddr: %v\tuConn.AuthKey[:16]: %v\tAEAD: %T\n", localAddr, uConn.AuthKey[:16], aead) + newError(fmt.Sprintf("REALITY localAddr: %v\tuConn.AuthKey[:16]: %v\tAEAD: %T\n", localAddr, uConn.AuthKey[:16], aead)).WriteToLog(session.ExportIDToError(ctx)) } aead.Seal(hello.SessionId[:0], hello.Random[20:], hello.SessionId[:16], hello.Raw) copy(hello.Raw[39:], hello.SessionId) @@ -160,14 +161,14 @@ func UClient(c net.Conn, config *Config, ctx context.Context, dest net.Destinati return nil, err } if config.Show { - fmt.Printf("REALITY localAddr: %v\tuConn.Verified: %v\n", localAddr, uConn.Verified) + newError(fmt.Sprintf("REALITY localAddr: %v\tuConn.Verified: %v\n", localAddr, uConn.Verified)).WriteToLog(session.ExportIDToError(ctx)) } if !uConn.Verified { go func() { client := &http.Client{ Transport: &http2.Transport{ DialTLSContext: func(ctx context.Context, network, addr string, cfg *gotls.Config) (net.Conn, error) { - fmt.Printf("REALITY localAddr: %v\tDialTLSContext\n", localAddr) + newError(fmt.Sprintf("REALITY localAddr: %v\tDialTLSContext\n", localAddr)).WriteToLog(session.ExportIDToError(ctx)) return uConn, nil }, }, @@ -201,7 +202,7 @@ func UClient(c net.Conn, config *Config, ctx context.Context, dest net.Destinati } req.Header.Set("User-Agent", fingerprint.Client) // TODO: User-Agent map if first && config.Show { - fmt.Printf("REALITY localAddr: %v\treq.UserAgent(): %v\n", localAddr, req.UserAgent()) + newError(fmt.Sprintf("REALITY localAddr: %v\treq.UserAgent(): %v\n", localAddr, req.UserAgent())).WriteToLog(session.ExportIDToError(ctx)) } times := 1 if !first { @@ -228,9 +229,9 @@ func UClient(c net.Conn, config *Config, ctx context.Context, dest net.Destinati } req.URL.Path = getPathLocked(paths) if config.Show { - fmt.Printf("REALITY localAddr: %v\treq.Referer(): %v\n", localAddr, req.Referer()) - fmt.Printf("REALITY localAddr: %v\tlen(body): %v\n", localAddr, len(body)) - fmt.Printf("REALITY localAddr: %v\tlen(paths): %v\n", localAddr, len(paths)) + newError(fmt.Sprintf("REALITY localAddr: %v\treq.Referer(): %v\n", localAddr, req.Referer())).WriteToLog(session.ExportIDToError(ctx)) + newError(fmt.Sprintf("REALITY localAddr: %v\tlen(body): %v\n", localAddr, len(body))).WriteToLog(session.ExportIDToError(ctx)) + newError(fmt.Sprintf("REALITY localAddr: %v\tlen(paths): %v\n", localAddr, len(paths))).WriteToLog(session.ExportIDToError(ctx)) } maps.Unlock() if !first { diff --git a/transport/internet/websocket/dialer.go b/transport/internet/websocket/dialer.go index 1ab9379e..02b73a66 100644 --- a/transport/internet/websocket/dialer.go +++ b/transport/internet/websocket/dialer.go @@ -4,7 +4,6 @@ import ( "context" _ "embed" "encoding/base64" - "fmt" "io" gonet "net" "net/http" @@ -34,7 +33,7 @@ func init() { if conn, err := upgrader.Upgrade(w, r, nil); err == nil { conns <- conn } else { - fmt.Println("unexpected error") + newError("Browser dialer http upgrade unexpected error").AtError().WriteToLog() } } else { w.Write(webpage) From 3500f5b577ce9f29810507f88d5bd5c3513ecafa Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 1 Nov 2023 00:38:05 +0000 Subject: [PATCH 024/100] Bump github.com/quic-go/quic-go from 0.39.3 to 0.40.0 Bumps [github.com/quic-go/quic-go](https://github.com/quic-go/quic-go) from 0.39.3 to 0.40.0. - [Release notes](https://github.com/quic-go/quic-go/releases) - [Changelog](https://github.com/quic-go/quic-go/blob/master/Changelog.md) - [Commits](https://github.com/quic-go/quic-go/compare/v0.39.3...v0.40.0) --- updated-dependencies: - dependency-name: github.com/quic-go/quic-go dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- go.mod | 4 ++-- go.sum | 8 ++++---- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/go.mod b/go.mod index 4ed26d5e..917ad184 100644 --- a/go.mod +++ b/go.mod @@ -10,7 +10,7 @@ require ( github.com/miekg/dns v1.1.56 github.com/pelletier/go-toml v1.9.5 github.com/pires/go-proxyproto v0.7.0 - github.com/quic-go/quic-go v0.39.3 + github.com/quic-go/quic-go v0.40.0 github.com/refraction-networking/utls v1.5.4 github.com/sagernet/sing v0.2.15 github.com/sagernet/sing-shadowsocks v0.2.5 @@ -46,7 +46,7 @@ require ( github.com/klauspost/cpuid/v2 v2.2.5 // indirect github.com/onsi/ginkgo/v2 v2.12.1 // indirect github.com/pmezard/go-difflib v1.0.0 // indirect - github.com/quic-go/qtls-go1-20 v0.3.4 // indirect + github.com/quic-go/qtls-go1-20 v0.4.1 // indirect github.com/riobard/go-bloom v0.0.0-20200614022211-cdc8013cb5b3 // indirect go.uber.org/atomic v1.11.0 // indirect go.uber.org/mock v0.3.0 // indirect diff --git a/go.sum b/go.sum index 628abbe5..a009a4bb 100644 --- a/go.sum +++ b/go.sum @@ -116,10 +116,10 @@ github.com/prometheus/client_golang v0.8.0/go.mod h1:7SWBe2y4D6OKWSNQJUaRYU/AaXP github.com/prometheus/client_model v0.0.0-20180712105110-5c3871d89910/go.mod h1:MbSGuTsp3dbXC40dX6PRTWyKYBIrTGTE9sqQNg2J8bo= github.com/prometheus/common v0.0.0-20180801064454-c7de2306084e/go.mod h1:daVV7qP5qjZbuso7PdcryaAu0sAZbrN9i7WWcTMWvro= github.com/prometheus/procfs v0.0.0-20180725123919-05ee40e3a273/go.mod h1:c3At6R/oaqEKCNdg8wHV1ftS6bRYblBhIjjI8uT2IGk= -github.com/quic-go/qtls-go1-20 v0.3.4 h1:MfFAPULvst4yoMgY9QmtpYmfij/em7O8UUi+bNVm7Cg= -github.com/quic-go/qtls-go1-20 v0.3.4/go.mod h1:X9Nh97ZL80Z+bX/gUXMbipO6OxdiDi58b/fMC9mAL+k= -github.com/quic-go/quic-go v0.39.3 h1:o3YB6t2SR+HU/pgwF29kJ6g4jJIJEwEZ8CKia1h1TKg= -github.com/quic-go/quic-go v0.39.3/go.mod h1:T09QsDQWjLiQ74ZmacDfqZmhY/NLnw5BC40MANNNZ1Q= +github.com/quic-go/qtls-go1-20 v0.4.1 h1:D33340mCNDAIKBqXuAvexTNMUByrYmFYVfKfDN5nfFs= +github.com/quic-go/qtls-go1-20 v0.4.1/go.mod h1:X9Nh97ZL80Z+bX/gUXMbipO6OxdiDi58b/fMC9mAL+k= +github.com/quic-go/quic-go v0.40.0 h1:GYd1iznlKm7dpHD7pOVpUvItgMPo/jrMgDWZhMCecqw= +github.com/quic-go/quic-go v0.40.0/go.mod h1:PeN7kuVJ4xZbxSv/4OX6S1USOX8MJvydwpTx31vx60c= github.com/refraction-networking/utls v1.5.4 h1:9k6EO2b8TaOGsQ7Pl7p9w6PUhx18/ZCeT0WNTZ7Uw4o= github.com/refraction-networking/utls v1.5.4/go.mod h1:SPuDbBmgLGp8s+HLNc83FuavwZCFoMmExj+ltUHiHUw= github.com/riobard/go-bloom v0.0.0-20200614022211-cdc8013cb5b3 h1:f/FNXud6gA3MNr8meMVVGxhp+QBTqY91tM8HjEuMjGg= From 1d89ae2847f951cb1c4105e6aba4c4163c672731 Mon Sep 17 00:00:00 2001 From: Ikko Eltociear Ashimine Date: Mon, 6 Nov 2023 03:49:08 +0900 Subject: [PATCH 025/100] Fix typo in xray.go overide -> override --- infra/conf/xray.go | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/infra/conf/xray.go b/infra/conf/xray.go index 558e2baa..dfc34a8c 100644 --- a/infra/conf/xray.go +++ b/infra/conf/xray.go @@ -487,7 +487,7 @@ func (c *Config) Override(o *Config, fn string) { } // deprecated attrs - // update the Inbound in slice if the only one in overide config has same tag + // update the Inbound in slice if the only one in override config has same tag if len(o.InboundConfigs) > 0 { for i := range o.InboundConfigs { if idx := c.findInboundTag(o.InboundConfigs[i].Tag); idx > -1 { @@ -502,7 +502,7 @@ func (c *Config) Override(o *Config, fn string) { } } - // update the Outbound in slice if the only one in overide config has same tag + // update the Outbound in slice if the only one in override config has same tag if len(o.OutboundConfigs) > 0 { outboundPrepends := []OutboundDetourConfig{} for i := range o.OutboundConfigs { From d25a2e0224ae34eacd25f5dedbbf221fa56a596c Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 6 Nov 2023 01:11:27 +0000 Subject: [PATCH 026/100] Bump github.com/gorilla/websocket from 1.5.0 to 1.5.1 Bumps [github.com/gorilla/websocket](https://github.com/gorilla/websocket) from 1.5.0 to 1.5.1. - [Release notes](https://github.com/gorilla/websocket/releases) - [Commits](https://github.com/gorilla/websocket/compare/v1.5.0...v1.5.1) --- updated-dependencies: - dependency-name: github.com/gorilla/websocket dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- go.mod | 2 +- go.sum | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/go.mod b/go.mod index 917ad184..707b3b3a 100644 --- a/go.mod +++ b/go.mod @@ -6,7 +6,7 @@ require ( github.com/ghodss/yaml v1.0.1-0.20220118164431-d8423dcdf344 github.com/golang/mock v1.6.0 github.com/google/go-cmp v0.6.0 - github.com/gorilla/websocket v1.5.0 + github.com/gorilla/websocket v1.5.1 github.com/miekg/dns v1.1.56 github.com/pelletier/go-toml v1.9.5 github.com/pires/go-proxyproto v0.7.0 diff --git a/go.sum b/go.sum index a009a4bb..754220d4 100644 --- a/go.sum +++ b/go.sum @@ -68,8 +68,8 @@ github.com/google/pprof v0.0.0-20230926050212-f7f687d19a98/go.mod h1:czg5+yv1E0Z github.com/googleapis/gax-go v2.0.0+incompatible/go.mod h1:SFVmujtThgffbyetf+mdk2eWhX2bMyUtNHzFKcPA9HY= github.com/googleapis/gax-go/v2 v2.0.3/go.mod h1:LLvjysVCY1JZeum8Z6l8qUty8fiNwE08qbEPm1M08qg= github.com/gopherjs/gopherjs v0.0.0-20181017120253-0766667cb4d1/go.mod h1:wJfORRmW1u3UXTncJ5qlYoELFm8eSnnEO6hX4iZ3EWY= -github.com/gorilla/websocket v1.5.0 h1:PPwGk2jz7EePpoHN/+ClbZu8SPxiqlu12wZP/3sWmnc= -github.com/gorilla/websocket v1.5.0/go.mod h1:YR8l580nyteQvAITg2hZ9XVh4b55+EU/adAjf1fMHhE= +github.com/gorilla/websocket v1.5.1 h1:gmztn0JnHVt9JZquRuzLw3g4wouNVzKL15iLr/zn/QY= +github.com/gorilla/websocket v1.5.1/go.mod h1:x3kM2JMyaluk02fnUJpQuwD2dCS5NDG2ZHL0uE0tcaY= github.com/gregjones/httpcache v0.0.0-20180305231024-9cad4c3443a7/go.mod h1:FecbI9+v66THATjSRHfNgh1IVFe/9kFxbXtjV0ctIMA= github.com/grpc-ecosystem/grpc-gateway v1.5.0/go.mod h1:RSKVYQBd5MCa4OVpNdGskqpgL2+G+NZTnrVHpWWfpdw= github.com/h12w/go-socks5 v0.0.0-20200522160539-76189e178364 h1:5XxdakFhqd9dnXoAZy1Mb2R/DZ6D1e+0bGC/JhucGYI= From ee981524b0e9c6d37c16b867efc85a7a474d0a3d Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 6 Nov 2023 01:11:33 +0000 Subject: [PATCH 027/100] Bump golang.org/x/sync from 0.3.0 to 0.5.0 Bumps [golang.org/x/sync](https://github.com/golang/sync) from 0.3.0 to 0.5.0. - [Commits](https://github.com/golang/sync/compare/v0.3.0...v0.5.0) --- updated-dependencies: - dependency-name: golang.org/x/sync dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- go.mod | 2 +- go.sum | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/go.mod b/go.mod index 707b3b3a..d3d61604 100644 --- a/go.mod +++ b/go.mod @@ -22,7 +22,7 @@ require ( go4.org/netipx v0.0.0-20230824141953-6213f710f925 golang.org/x/crypto v0.14.0 golang.org/x/net v0.17.0 - golang.org/x/sync v0.3.0 + golang.org/x/sync v0.5.0 golang.org/x/sys v0.13.0 google.golang.org/grpc v1.59.0 google.golang.org/protobuf v1.31.0 diff --git a/go.sum b/go.sum index 754220d4..77053871 100644 --- a/go.sum +++ b/go.sum @@ -219,8 +219,8 @@ golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod h1:RxMgew5VJxzue5/jJ golang.org/x/sync v0.0.0-20190227155943-e225da77a7e6/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20210220032951-036812b2e83c/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.3.0 h1:ftCYgMx6zT/asHUrPw8BLLscYtGznsLAnjq5RH9P66E= -golang.org/x/sync v0.3.0/go.mod h1:FU7BRWz2tNW+3quACPkgCx/L+uEAv1htQ0V83Z9Rj+Y= +golang.org/x/sync v0.5.0 h1:60k92dhOjHxJkrqnwsfl8KuaHbn/5dl0lUPUklKo3qE= +golang.org/x/sync v0.5.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk= golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20180909124046-d0be0721c37e/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20181029174526-d69651ed3497/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= From 631301a6e134c9154d9a9fe9e6e69d4ebca55fea Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 6 Nov 2023 22:55:35 +0000 Subject: [PATCH 028/100] Bump golang.org/x/sys from 0.13.0 to 0.14.0 Bumps [golang.org/x/sys](https://github.com/golang/sys) from 0.13.0 to 0.14.0. - [Commits](https://github.com/golang/sys/compare/v0.13.0...v0.14.0) --- updated-dependencies: - dependency-name: golang.org/x/sys dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- go.mod | 2 +- go.sum | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/go.mod b/go.mod index d3d61604..084ef7f0 100644 --- a/go.mod +++ b/go.mod @@ -23,7 +23,7 @@ require ( golang.org/x/crypto v0.14.0 golang.org/x/net v0.17.0 golang.org/x/sync v0.5.0 - golang.org/x/sys v0.13.0 + golang.org/x/sys v0.14.0 google.golang.org/grpc v1.59.0 google.golang.org/protobuf v1.31.0 gvisor.dev/gvisor v0.0.0-20230822212503-5bf4e5f98744 diff --git a/go.sum b/go.sum index 77053871..1e099d82 100644 --- a/go.sum +++ b/go.sum @@ -231,8 +231,8 @@ golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7w golang.org/x/sys v0.0.0-20210330210617-4fbd30eecc44/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210510120138-977fb7262007/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.5.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.13.0 h1:Af8nKPmuFypiUBjVoU9V20FiaFXOcuZI21p0ycVYYGE= -golang.org/x/sys v0.13.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.14.0 h1:Vz7Qs629MkJkGyHxUlRHizWJRG2j8fbQKjELVSNhy7Q= +golang.org/x/sys v0.14.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.1-0.20180807135948-17ff2d5776d2/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= From 7f8ddda1c245d34b208191f907911db745247624 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 6 Nov 2023 22:56:10 +0000 Subject: [PATCH 029/100] Bump github.com/sagernet/sing from 0.2.15 to 0.2.17 Bumps [github.com/sagernet/sing](https://github.com/sagernet/sing) from 0.2.15 to 0.2.17. - [Commits](https://github.com/sagernet/sing/compare/v0.2.15...v0.2.17) --- updated-dependencies: - dependency-name: github.com/sagernet/sing dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- go.mod | 2 +- go.sum | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/go.mod b/go.mod index 084ef7f0..985d7ed5 100644 --- a/go.mod +++ b/go.mod @@ -12,7 +12,7 @@ require ( github.com/pires/go-proxyproto v0.7.0 github.com/quic-go/quic-go v0.40.0 github.com/refraction-networking/utls v1.5.4 - github.com/sagernet/sing v0.2.15 + github.com/sagernet/sing v0.2.17 github.com/sagernet/sing-shadowsocks v0.2.5 github.com/sagernet/wireguard-go v0.0.0-20221116151939-c99467f53f2c github.com/seiflotfy/cuckoofilter v0.0.0-20220411075957-e3b120b3f5fb diff --git a/go.sum b/go.sum index 1e099d82..64f712bd 100644 --- a/go.sum +++ b/go.sum @@ -125,8 +125,8 @@ github.com/refraction-networking/utls v1.5.4/go.mod h1:SPuDbBmgLGp8s+HLNc83Fuavw github.com/riobard/go-bloom v0.0.0-20200614022211-cdc8013cb5b3 h1:f/FNXud6gA3MNr8meMVVGxhp+QBTqY91tM8HjEuMjGg= github.com/riobard/go-bloom v0.0.0-20200614022211-cdc8013cb5b3/go.mod h1:HgjTstvQsPGkxUsCd2KWxErBblirPizecHcpD3ffK+s= github.com/russross/blackfriday v1.5.2/go.mod h1:JO/DiYxRf+HjHt06OyowR9PTA263kcR/rfWxYHBV53g= -github.com/sagernet/sing v0.2.15 h1:PFwyiMzkyJkq+YGOVznJUsRVOT6EoVxRGIsllLuvHXA= -github.com/sagernet/sing v0.2.15/go.mod h1:AhNEHu0GXrpqkuzvTwvC8+j2cQUU/dh+zLEmq4C99pg= +github.com/sagernet/sing v0.2.17 h1:vMPKb3MV0Aa5ws4dCJkRI8XEjrsUcDn810czd0FwmzI= +github.com/sagernet/sing v0.2.17/go.mod h1:OL6k2F0vHmEzXz2KW19qQzu172FDgSbUSODylighuVo= github.com/sagernet/sing-shadowsocks v0.2.5 h1:qxIttos4xu6ii7MTVJYA8EFQR7Q3KG6xMqmLJIFtBaY= github.com/sagernet/sing-shadowsocks v0.2.5/go.mod h1:MGWGkcU2xW2G2mfArT9/QqpVLOGU+dBaahZCtPHdt7A= github.com/sagernet/wireguard-go v0.0.0-20221116151939-c99467f53f2c h1:vK2wyt9aWYHHvNLWniwijBu/n4pySypiKRhN32u/JGo= From ea67c98eaf1cfd4108fbf1d99075427b3f63a5b7 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 9 Nov 2023 00:36:48 +0000 Subject: [PATCH 030/100] Bump golang.org/x/net from 0.17.0 to 0.18.0 Bumps [golang.org/x/net](https://github.com/golang/net) from 0.17.0 to 0.18.0. - [Commits](https://github.com/golang/net/compare/v0.17.0...v0.18.0) --- updated-dependencies: - dependency-name: golang.org/x/net dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- go.mod | 6 +++--- go.sum | 12 ++++++------ 2 files changed, 9 insertions(+), 9 deletions(-) diff --git a/go.mod b/go.mod index 985d7ed5..81d90e10 100644 --- a/go.mod +++ b/go.mod @@ -20,8 +20,8 @@ require ( github.com/v2fly/ss-bloomring v0.0.0-20210312155135-28617310f63e github.com/xtls/reality v0.0.0-20230828171259-e426190d57f6 go4.org/netipx v0.0.0-20230824141953-6213f710f925 - golang.org/x/crypto v0.14.0 - golang.org/x/net v0.17.0 + golang.org/x/crypto v0.15.0 + golang.org/x/net v0.18.0 golang.org/x/sync v0.5.0 golang.org/x/sys v0.14.0 google.golang.org/grpc v1.59.0 @@ -52,7 +52,7 @@ require ( go.uber.org/mock v0.3.0 // indirect golang.org/x/exp v0.0.0-20230905200255-921286631fa9 // indirect golang.org/x/mod v0.12.0 // indirect - golang.org/x/text v0.13.0 // indirect + golang.org/x/text v0.14.0 // indirect golang.org/x/time v0.3.0 // indirect golang.org/x/tools v0.13.0 // indirect google.golang.org/genproto/googleapis/rpc v0.0.0-20230920204549-e6e6cdab5c13 // indirect diff --git a/go.sum b/go.sum index 64f712bd..4876802d 100644 --- a/go.sum +++ b/go.sum @@ -184,8 +184,8 @@ golang.org/x/crypto v0.0.0-20181030102418-4d3f4d9ffa16/go.mod h1:6SG95UA2DQfeDnf golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= golang.org/x/crypto v0.0.0-20190313024323-a1f597ede03a/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= -golang.org/x/crypto v0.14.0 h1:wBqGXzWJW6m1XrIKlAH0Hs1JJ7+9KBwnIO8v66Q9cHc= -golang.org/x/crypto v0.14.0/go.mod h1:MVFd36DqK4CsrnJYDkBA3VC4m2GkXAM0PvzMCn4JQf4= +golang.org/x/crypto v0.15.0 h1:frVn1TEaCEaZcn3Tmd7Y2b5KKPaZ+I32Q2OA3kYp5TA= +golang.org/x/crypto v0.15.0/go.mod h1:4ChreQoLWfG3xLDer1WdlH5NdlQ3+mwnQq1YTKY+72g= golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20230905200255-921286631fa9 h1:GoHiUyI/Tp2nVkLI2mCxVkOjsbSXD66ic0XW0js0R9g= golang.org/x/exp v0.0.0-20230905200255-921286631fa9/go.mod h1:S2oDrQGGwySpoQPVqRShND87VCbxmc6bL1Yd2oYrm6k= @@ -206,8 +206,8 @@ golang.org/x/net v0.0.0-20190313220215-9f648a60d977/go.mod h1:t9HGtf8HONx5eT2rtn golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20210405180319-a5a99cb37ef4/go.mod h1:p54w0d4576C0XHj96bSt6lcn1PtDYWL6XObtHCRCNQM= -golang.org/x/net v0.17.0 h1:pVaXccu2ozPjCXewfr1S7xza/zcXTity9cCdXQYSjIM= -golang.org/x/net v0.17.0/go.mod h1:NxSsAGuq816PNPmqtQdLE42eU2Fs7NoRIZrHJAlaCOE= +golang.org/x/net v0.18.0 h1:mIYleuAkSbHh0tCv7RvjL3F6ZVbLjq4+R7zbOn3Kokg= +golang.org/x/net v0.18.0/go.mod h1:/czyP5RqHAH4odGYxBJ1qz0+CE5WZ+2j1YgoEo8F2jQ= golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= golang.org/x/oauth2 v0.0.0-20181017192945-9dcd33a902f4/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= golang.org/x/oauth2 v0.0.0-20181203162652-d668ce993890/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= @@ -237,8 +237,8 @@ golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9sn golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.1-0.20180807135948-17ff2d5776d2/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= -golang.org/x/text v0.13.0 h1:ablQoSUd0tRdKxZewP80B+BaqeKJuVhuRxj/dkrun3k= -golang.org/x/text v0.13.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE= +golang.org/x/text v0.14.0 h1:ScX5w1eTa3QqT8oi6+ziP7dTV1S2+ALU0bI+0zXKWiQ= +golang.org/x/text v0.14.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU= golang.org/x/time v0.0.0-20180412165947-fbb02b2291d2/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.3.0 h1:rg5rLMjNzMS1RkNLzCG38eapWhnYLFYXDXj2gOlr8j4= From 5ae3791a8e62cdb6ef7efdf6489a74679d8528b0 Mon Sep 17 00:00:00 2001 From: yuhan6665 <1588741+yuhan6665@users.noreply.github.com> Date: Sun, 12 Nov 2023 15:10:01 -0500 Subject: [PATCH 031/100] feat : upgrade wireguard go sdk (#2716) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Co-authored-by: kunson Co-authored-by: 世界 --- go.mod | 10 +- go.sum | 23 ++- proxy/wireguard/bind.go | 78 ++++++-- proxy/wireguard/tun.go | 348 +++++++-------------------------- proxy/wireguard/tun_default.go | 42 ++++ proxy/wireguard/tun_linux.go | 223 +++++++++++++++++++++ proxy/wireguard/wireguard.go | 152 ++++++++------ 7 files changed, 514 insertions(+), 362 deletions(-) create mode 100644 proxy/wireguard/tun_default.go create mode 100644 proxy/wireguard/tun_linux.go diff --git a/go.mod b/go.mod index 81d90e10..f3abbad1 100644 --- a/go.mod +++ b/go.mod @@ -14,19 +14,19 @@ require ( github.com/refraction-networking/utls v1.5.4 github.com/sagernet/sing v0.2.17 github.com/sagernet/sing-shadowsocks v0.2.5 - github.com/sagernet/wireguard-go v0.0.0-20221116151939-c99467f53f2c github.com/seiflotfy/cuckoofilter v0.0.0-20220411075957-e3b120b3f5fb github.com/stretchr/testify v1.8.4 github.com/v2fly/ss-bloomring v0.0.0-20210312155135-28617310f63e + github.com/vishvananda/netlink v1.2.1-beta.2.0.20230316163032-ced5aaba43e3 github.com/xtls/reality v0.0.0-20230828171259-e426190d57f6 go4.org/netipx v0.0.0-20230824141953-6213f710f925 golang.org/x/crypto v0.15.0 golang.org/x/net v0.18.0 golang.org/x/sync v0.5.0 golang.org/x/sys v0.14.0 + golang.zx2c4.com/wireguard v0.0.0-20231022001213-2e0774f246fb google.golang.org/grpc v1.59.0 google.golang.org/protobuf v1.31.0 - gvisor.dev/gvisor v0.0.0-20230822212503-5bf4e5f98744 h12.io/socks v1.0.3 lukechampine.com/blake3 v1.2.1 ) @@ -48,14 +48,16 @@ require ( github.com/pmezard/go-difflib v1.0.0 // indirect github.com/quic-go/qtls-go1-20 v0.4.1 // indirect github.com/riobard/go-bloom v0.0.0-20200614022211-cdc8013cb5b3 // indirect - go.uber.org/atomic v1.11.0 // indirect + github.com/vishvananda/netns v0.0.0-20211101163701-50045581ed74 // indirect go.uber.org/mock v0.3.0 // indirect golang.org/x/exp v0.0.0-20230905200255-921286631fa9 // indirect golang.org/x/mod v0.12.0 // indirect golang.org/x/text v0.14.0 // indirect golang.org/x/time v0.3.0 // indirect golang.org/x/tools v0.13.0 // indirect - google.golang.org/genproto/googleapis/rpc v0.0.0-20230920204549-e6e6cdab5c13 // indirect + golang.zx2c4.com/wintun v0.0.0-20230126152724-0fa3db229ce2 // indirect + google.golang.org/genproto/googleapis/rpc v0.0.0-20230822172742-b8732ec3820d // indirect gopkg.in/yaml.v2 v2.4.0 // indirect gopkg.in/yaml.v3 v3.0.1 // indirect + gvisor.dev/gvisor v0.0.0-20230927004350-cbd86285d259 // indirect ) diff --git a/go.sum b/go.sum index 4876802d..3195b2b6 100644 --- a/go.sum +++ b/go.sum @@ -129,8 +129,6 @@ github.com/sagernet/sing v0.2.17 h1:vMPKb3MV0Aa5ws4dCJkRI8XEjrsUcDn810czd0FwmzI= github.com/sagernet/sing v0.2.17/go.mod h1:OL6k2F0vHmEzXz2KW19qQzu172FDgSbUSODylighuVo= github.com/sagernet/sing-shadowsocks v0.2.5 h1:qxIttos4xu6ii7MTVJYA8EFQR7Q3KG6xMqmLJIFtBaY= github.com/sagernet/sing-shadowsocks v0.2.5/go.mod h1:MGWGkcU2xW2G2mfArT9/QqpVLOGU+dBaahZCtPHdt7A= -github.com/sagernet/wireguard-go v0.0.0-20221116151939-c99467f53f2c h1:vK2wyt9aWYHHvNLWniwijBu/n4pySypiKRhN32u/JGo= -github.com/sagernet/wireguard-go v0.0.0-20221116151939-c99467f53f2c/go.mod h1:euOmN6O5kk9dQmgSS8Df4psAl3TCjxOz0NW60EWkSaI= github.com/seiflotfy/cuckoofilter v0.0.0-20220411075957-e3b120b3f5fb h1:XfLJSPIOUX+osiMraVgIrMR27uMXnRJWGm1+GL8/63U= github.com/seiflotfy/cuckoofilter v0.0.0-20220411075957-e3b120b3f5fb/go.mod h1:bR6DqgcAl1zTcOX8/pE2Qkj9XO00eCNqmKb7lXP8EAg= github.com/sergi/go-diff v1.0.0/go.mod h1:0CfEIISq7TuYL3j771MWULgwwjU+GofnZX9QAmXWZgo= @@ -168,12 +166,15 @@ github.com/v2fly/ss-bloomring v0.0.0-20210312155135-28617310f63e h1:5QefA066A1tF github.com/v2fly/ss-bloomring v0.0.0-20210312155135-28617310f63e/go.mod h1:5t19P9LBIrNamL6AcMQOncg/r10y3Pc01AbHeMhwlpU= github.com/viant/assertly v0.4.8/go.mod h1:aGifi++jvCrUaklKEKT0BU95igDNaqkvz+49uaYMPRU= github.com/viant/toolbox v0.24.0/go.mod h1:OxMCG57V0PXuIP2HNQrtJf2CjqdmbrOx5EkMILuUhzM= +github.com/vishvananda/netlink v1.2.1-beta.2.0.20230316163032-ced5aaba43e3 h1:tkMT5pTye+1NlKIXETU78NXw0fyjnaNHmJyyLyzw8+U= +github.com/vishvananda/netlink v1.2.1-beta.2.0.20230316163032-ced5aaba43e3/go.mod h1:cAAsePK2e15YDAMJNyOpGYEWNe4sIghTY7gpz4cX/Ik= +github.com/vishvananda/netns v0.0.0-20200728191858-db3c7e526aae/go.mod h1:DD4vA1DwXk04H54A1oHXtwZmA0grkVMdPxx/VGLCah0= +github.com/vishvananda/netns v0.0.0-20211101163701-50045581ed74 h1:gga7acRE695APm9hlsSMoOoE65U4/TcqNj90mc69Rlg= +github.com/vishvananda/netns v0.0.0-20211101163701-50045581ed74/go.mod h1:DD4vA1DwXk04H54A1oHXtwZmA0grkVMdPxx/VGLCah0= github.com/xtls/reality v0.0.0-20230828171259-e426190d57f6 h1:T+YCYGfFdzyaKTDCdZn/hEiKvsw6yUfd+e4hze0rCUw= github.com/xtls/reality v0.0.0-20230828171259-e426190d57f6/go.mod h1:rkuAY1S9F8eI8gDiPDYvACE8e2uwkyg8qoOTuwWov7Y= github.com/yuin/goldmark v1.3.5/go.mod h1:mwnBkeHKe2W/ZEtQ+71ViKU8L12m81fl3OWwC1Zlc8k= go.opencensus.io v0.18.0/go.mod h1:vKdFvxhtzZ9onBp9VKHK8z/sRpBMnKAsufL7wlDrCOA= -go.uber.org/atomic v1.11.0 h1:ZvwS0R+56ePWxUNi+Atn9dWONBPp/AUETXlHW0DxSjE= -go.uber.org/atomic v1.11.0/go.mod h1:LUxbIzbOniOlMKjJjyPfpl4v+PKK2cNJn91OQbhoJI0= go.uber.org/mock v0.3.0 h1:3mUxI1No2/60yUYax92Pt8eNOEecx2D3lcXZh2NEZJo= go.uber.org/mock v0.3.0/go.mod h1:a6FSlNadKUHUa9IP5Vyt1zh4fC7uAwxMutEAscFbkZc= go4.org v0.0.0-20180809161055-417644f6feb5/go.mod h1:MkTOUMDaeVYJUOUsaDXIhWPZYa1yOyC1qaOBpL57BhE= @@ -227,9 +228,11 @@ golang.org/x/sys v0.0.0-20181029174526-d69651ed3497/go.mod h1:STP8DvDyc/dI5b8T5h golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20190316082340-a2f829d7f35f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20200217220822-9197077df867/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210330210617-4fbd30eecc44/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210510120138-977fb7262007/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20220804214406-8e32c043e418/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.5.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.14.0 h1:Vz7Qs629MkJkGyHxUlRHizWJRG2j8fbQKjELVSNhy7Q= golang.org/x/sys v0.14.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= @@ -256,6 +259,10 @@ golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8T golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= +golang.zx2c4.com/wintun v0.0.0-20230126152724-0fa3db229ce2 h1:B82qJJgjvYKsXS9jeunTOisW56dUokqW/FOteYJJ/yg= +golang.zx2c4.com/wintun v0.0.0-20230126152724-0fa3db229ce2/go.mod h1:deeaetjYA+DHMHg+sMSMI58GrEteJUUzzw7en6TJQcI= +golang.zx2c4.com/wireguard v0.0.0-20231022001213-2e0774f246fb h1:c5tyN8sSp8jSDxdCCDXVOpJwYXXhmTkNMt+g0zTSOic= +golang.zx2c4.com/wireguard v0.0.0-20231022001213-2e0774f246fb/go.mod h1:tkCQ4FQXmpAgYVh++1cq16/dH4QJtmvpRv19DWGAHSA= google.golang.org/api v0.0.0-20180910000450-7ca32eb868bf/go.mod h1:4mhQ8q/RsB7i+udVvVy5NUi08OU8ZlA0gRVgrF7VFY0= google.golang.org/api v0.0.0-20181030000543-1d582fd0359e/go.mod h1:4mhQ8q/RsB7i+udVvVy5NUi08OU8ZlA0gRVgrF7VFY0= google.golang.org/api v0.1.0/go.mod h1:UGEZY7KEX120AnNLIHFMKIo4obdJhkp2tPbaPlQx13Y= @@ -268,8 +275,8 @@ google.golang.org/genproto v0.0.0-20180831171423-11092d34479b/go.mod h1:JiN7NxoA google.golang.org/genproto v0.0.0-20181029155118-b69ba1387ce2/go.mod h1:JiN7NxoALGmiZfu7CAH4rXhgtRTLTxftemlI0sWmxmc= google.golang.org/genproto v0.0.0-20181202183823-bd91e49a0898/go.mod h1:7Ep/1NZk928CDR8SjdVbjWNpdIf6nzjE3BTgJDr2Atg= google.golang.org/genproto v0.0.0-20190306203927-b5d61aea6440/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE= -google.golang.org/genproto/googleapis/rpc v0.0.0-20230920204549-e6e6cdab5c13 h1:N3bU/SQDCDyD6R528GJ/PwW9KjYcJA3dgyH+MovAkIM= -google.golang.org/genproto/googleapis/rpc v0.0.0-20230920204549-e6e6cdab5c13/go.mod h1:KSqppvjFjtoCI+KGd4PELB0qLNxdJHRGqRI09mB6pQA= +google.golang.org/genproto/googleapis/rpc v0.0.0-20230822172742-b8732ec3820d h1:uvYuEyMHKNt+lT4K3bN6fGswmK8qSvcreM3BwjDh+y4= +google.golang.org/genproto/googleapis/rpc v0.0.0-20230822172742-b8732ec3820d/go.mod h1:+Bk1OCOj40wS2hwAMA+aCW9ypzm63QTBBHp6lQ3p+9M= google.golang.org/grpc v1.14.0/go.mod h1:yo6s7OP7yaDglbqo1J04qKzAhqBH6lvTonzMVmEdcZw= google.golang.org/grpc v1.16.0/go.mod h1:0JHn/cJsOMiMfNA9+DeHDlAU7KAAB5GDlYFpa9MZMio= google.golang.org/grpc v1.17.0/go.mod h1:6QZJwpn2B+Zp71q/5VxRsJ6NXXVCE5NRUHRo+f3cWCs= @@ -293,8 +300,8 @@ gopkg.in/yaml.v3 v3.0.0-20200605160147-a5ece683394c/go.mod h1:K4uyk7z7BCEPqu6E+C gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA= gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= grpc.go4.org v0.0.0-20170609214715-11d0a25b4919/go.mod h1:77eQGdRu53HpSqPFJFmuJdjuHRquDANNeA4x7B8WQ9o= -gvisor.dev/gvisor v0.0.0-20230822212503-5bf4e5f98744 h1:tE44CyJgxEGzoPtHs9GI7ddKdgEGCREQBP54AmaVM+I= -gvisor.dev/gvisor v0.0.0-20230822212503-5bf4e5f98744/go.mod h1:lYEMhXbxgudVhALYsMQrBaUAjM3NMinh8mKL1CJv7rc= +gvisor.dev/gvisor v0.0.0-20230927004350-cbd86285d259 h1:TbRPT0HtzFP3Cno1zZo7yPzEEnfu8EjLfl6IU9VfqkQ= +gvisor.dev/gvisor v0.0.0-20230927004350-cbd86285d259/go.mod h1:AVgIgHMwK63XvmAzWG9vLQ41YnVHN0du0tEC46fI7yY= h12.io/socks v1.0.3 h1:Ka3qaQewws4j4/eDQnOdpr4wXsC//dXtWvftlIcCQUo= h12.io/socks v1.0.3/go.mod h1:AIhxy1jOId/XCz9BO+EIgNL2rQiPTBNnOfnVnQ+3Eck= honnef.co/go/tools v0.0.0-20180728063816-88497007e858/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= diff --git a/proxy/wireguard/bind.go b/proxy/wireguard/bind.go index 527f0e74..c224dc56 100644 --- a/proxy/wireguard/bind.go +++ b/proxy/wireguard/bind.go @@ -9,7 +9,8 @@ import ( "strconv" "sync" - "github.com/sagernet/wireguard-go/conn" + "golang.zx2c4.com/wireguard/conn" + xnet "github.com/xtls/xray-core/common/net" "github.com/xtls/xray-core/features/dns" "github.com/xtls/xray-core/transport/internet" @@ -36,7 +37,7 @@ type netBindClient struct { readQueue chan *netReadInfo } -func (n *netBindClient) ParseEndpoint(s string) (conn.Endpoint, error) { +func (bind *netBindClient) ParseEndpoint(s string) (conn.Endpoint, error) { ipStr, port, _, err := splitAddrPort(s) if err != nil { return nil, err @@ -44,7 +45,7 @@ func (n *netBindClient) ParseEndpoint(s string) (conn.Endpoint, error) { var addr net.IP if IsDomainName(ipStr) { - ips, err := n.dns.LookupIP(ipStr, n.dnsOption) + ips, err := bind.dns.LookupIP(ipStr, bind.dnsOption) if err != nil { return nil, err } else if len(ips) == 0 { @@ -79,22 +80,22 @@ func (n *netBindClient) ParseEndpoint(s string) (conn.Endpoint, error) { func (bind *netBindClient) Open(uport uint16) ([]conn.ReceiveFunc, uint16, error) { bind.readQueue = make(chan *netReadInfo) - fun := func(buff []byte) (cap int, ep conn.Endpoint, err error) { + fun := func(bufs [][]byte, sizes []int, eps []conn.Endpoint) (n int, err error) { defer func() { if r := recover(); r != nil { - cap = 0 - ep = nil + n = 0 err = errors.New("channel closed") } }() r := &netReadInfo{ - buff: buff, + buff: bufs[0], } r.waiter.Add(1) bind.readQueue <- r r.waiter.Wait() // wait read goroutine done, or we will miss the result - return r.bytes, r.endpoint, r.err + sizes[0], eps[0] = r.bytes, r.endpoint + return 1, r.err } workers := bind.workers if workers <= 0 { @@ -150,7 +151,7 @@ func (bind *netBindClient) connectTo(endpoint *netEndpoint) error { return nil } -func (bind *netBindClient) Send(buff []byte, endpoint conn.Endpoint) error { +func (bind *netBindClient) Send(buff [][]byte, endpoint conn.Endpoint) error { var err error nend, ok := endpoint.(*netEndpoint) @@ -165,19 +166,25 @@ func (bind *netBindClient) Send(buff []byte, endpoint conn.Endpoint) error { } } - if len(buff) > 3 && len(bind.reserved) == 3 { - copy(buff[1:], bind.reserved) + for _, buff := range buff { + if len(buff) > 3 && len(bind.reserved) == 3 { + copy(buff[1:], bind.reserved) + } + if _, err = nend.conn.Write(buff); err != nil { + return err + } } - - _, err = nend.conn.Write(buff) - - return err + return nil } func (bind *netBindClient) SetMark(mark uint32) error { return nil } +func (bind *netBindClient) BatchSize() int { + return 1 +} + type netEndpoint struct { dst xnet.Destination conn net.Conn @@ -264,3 +271,44 @@ func splitAddrPort(s string) (ip string, port uint16, v6 bool, err error) { return ip, port, v6, nil } + +func IsDomainName(s string) bool { + l := len(s) + if l == 0 || l > 254 || l == 254 && s[l-1] != '.' { + return false + } + last := byte('.') + nonNumeric := false + partlen := 0 + for i := 0; i < len(s); i++ { + c := s[i] + switch { + default: + return false + case 'a' <= c && c <= 'z' || 'A' <= c && c <= 'Z' || c == '_': + nonNumeric = true + partlen++ + case '0' <= c && c <= '9': + partlen++ + case c == '-': + if last == '.' { + return false + } + partlen++ + nonNumeric = true + case c == '.': + if last == '.' || last == '-' { + return false + } + if partlen > 63 || partlen == 0 { + return false + } + partlen = 0 + } + last = c + } + if last == '-' || partlen > 63 { + return false + } + return nonNumeric +} diff --git a/proxy/wireguard/tun.go b/proxy/wireguard/tun.go index ed6e434f..c320d0d0 100644 --- a/proxy/wireguard/tun.go +++ b/proxy/wireguard/tun.go @@ -1,303 +1,105 @@ -/* SPDX-License-Identifier: MIT - * - * Copyright (C) 2017-2022 WireGuard LLC. All Rights Reserved. - */ - package wireguard import ( "context" + "errors" "fmt" "net" "net/netip" - "os" + "runtime" + "strconv" + "strings" + "sync" - "github.com/sagernet/wireguard-go/tun" - "github.com/xtls/xray-core/features/dns" - "gvisor.dev/gvisor/pkg/buffer" - "gvisor.dev/gvisor/pkg/tcpip" - "gvisor.dev/gvisor/pkg/tcpip/adapters/gonet" - "gvisor.dev/gvisor/pkg/tcpip/header" - "gvisor.dev/gvisor/pkg/tcpip/link/channel" - "gvisor.dev/gvisor/pkg/tcpip/network/ipv4" - "gvisor.dev/gvisor/pkg/tcpip/network/ipv6" - "gvisor.dev/gvisor/pkg/tcpip/stack" - "gvisor.dev/gvisor/pkg/tcpip/transport/tcp" - "gvisor.dev/gvisor/pkg/tcpip/transport/udp" + "github.com/xtls/xray-core/common/log" + + "golang.zx2c4.com/wireguard/conn" + "golang.zx2c4.com/wireguard/device" + "golang.zx2c4.com/wireguard/tun" ) -type netTun struct { - ep *channel.Endpoint - stack *stack.Stack - events chan tun.Event - incomingPacket chan *buffer.View - mtu int - dnsClient dns.Client - hasV4, hasV6 bool +type Tunnel interface { + BuildDevice(ipc string, bind conn.Bind) error + DialContextTCPAddrPort(ctx context.Context, addr netip.AddrPort) (net.Conn, error) + DialUDPAddrPort(laddr, raddr netip.AddrPort) (net.Conn, error) + Close() error } -type Net netTun - -func CreateNetTUN(localAddresses []netip.Addr, dnsClient dns.Client, mtu int) (tun.Device, *Net, error) { - opts := stack.Options{ - NetworkProtocols: []stack.NetworkProtocolFactory{ipv4.NewProtocol, ipv6.NewProtocol}, - TransportProtocols: []stack.TransportProtocolFactory{tcp.NewProtocol, udp.NewProtocol}, - HandleLocal: true, - } - dev := &netTun{ - ep: channel.New(1024, uint32(mtu), ""), - stack: stack.New(opts), - events: make(chan tun.Event, 10), - incomingPacket: make(chan *buffer.View), - dnsClient: dnsClient, - mtu: mtu, - } - dev.ep.AddNotify(dev) - tcpipErr := dev.stack.CreateNIC(1, dev.ep) - if tcpipErr != nil { - return nil, nil, fmt.Errorf("CreateNIC: %v", tcpipErr) - } - for _, ip := range localAddresses { - var protoNumber tcpip.NetworkProtocolNumber - if ip.Is4() { - protoNumber = ipv4.ProtocolNumber - } else if ip.Is6() { - protoNumber = ipv6.ProtocolNumber - } - protoAddr := tcpip.ProtocolAddress{ - Protocol: protoNumber, - AddressWithPrefix: tcpip.AddrFromSlice(ip.AsSlice()).WithPrefix(), - } - tcpipErr := dev.stack.AddProtocolAddress(1, protoAddr, stack.AddressProperties{}) - if tcpipErr != nil { - return nil, nil, fmt.Errorf("AddProtocolAddress(%v): %v", ip, tcpipErr) - } - if ip.Is4() { - dev.hasV4 = true - } else if ip.Is6() { - dev.hasV6 = true - } - } - if dev.hasV4 { - dev.stack.AddRoute(tcpip.Route{Destination: header.IPv4EmptySubnet, NIC: 1}) - } - if dev.hasV6 { - dev.stack.AddRoute(tcpip.Route{Destination: header.IPv6EmptySubnet, NIC: 1}) - } - - dev.events <- tun.EventUp - return dev, (*Net)(dev), nil +type tunnel struct { + tun tun.Device + device *device.Device + rw sync.Mutex } -func (tun *netTun) Name() (string, error) { - return "go", nil -} +func (t *tunnel) BuildDevice(ipc string, bind conn.Bind) (err error) { + t.rw.Lock() + defer t.rw.Unlock() -func (tun *netTun) File() *os.File { + if t.device != nil { + return errors.New("device is already initialized") + } + + logger := &device.Logger{ + Verbosef: func(format string, args ...any) { + log.Record(&log.GeneralMessage{ + Severity: log.Severity_Debug, + Content: fmt.Sprintf(format, args...), + }) + }, + Errorf: func(format string, args ...any) { + log.Record(&log.GeneralMessage{ + Severity: log.Severity_Error, + Content: fmt.Sprintf(format, args...), + }) + }, + } + + t.device = device.NewDevice(t.tun, bind, logger) + if err = t.device.IpcSet(ipc); err != nil { + return err + } + if err = t.device.Up(); err != nil { + return err + } return nil } -func (tun *netTun) Events() chan tun.Event { - return tun.events -} +func (t *tunnel) Close() (err error) { + t.rw.Lock() + defer t.rw.Unlock() -func (tun *netTun) Read(buf []byte, offset int) (int, error) { - view, ok := <-tun.incomingPacket - if !ok { - return 0, os.ErrClosed + if t.device == nil { + return nil } - return view.Read(buf[offset:]) + t.device.Close() + t.device = nil + err = t.tun.Close() + t.tun = nil + return nil } -func (tun *netTun) Write(buf []byte, offset int) (int, error) { - packet := buf[offset:] - if len(packet) == 0 { - return 0, nil +func CalculateInterfaceName(name string) (tunName string) { + if runtime.GOOS == "darwin" { + tunName = "utun" + } else if name != "" { + tunName = name + } else { + tunName = "tun" } - - pkb := stack.NewPacketBuffer(stack.PacketBufferOptions{Payload: buffer.MakeWithData(packet)}) - switch packet[0] >> 4 { - case 4: - tun.ep.InjectInbound(header.IPv4ProtocolNumber, pkb) - case 6: - tun.ep.InjectInbound(header.IPv6ProtocolNumber, pkb) - } - - return len(buf), nil -} - -func (tun *netTun) WriteNotify() { - pkt := tun.ep.Read() - if pkt == nil { + interfaces, err := net.Interfaces() + if err != nil { return } - - view := pkt.ToView() - pkt.DecRef() - - tun.incomingPacket <- view -} - -func (tun *netTun) Flush() error { - return nil -} - -func (tun *netTun) Close() error { - tun.stack.RemoveNIC(1) - - if tun.events != nil { - close(tun.events) - } - - tun.ep.Close() - - if tun.incomingPacket != nil { - close(tun.incomingPacket) - } - - return nil -} - -func (tun *netTun) MTU() (int, error) { - return tun.mtu, nil -} - -func convertToFullAddr(endpoint netip.AddrPort) (tcpip.FullAddress, tcpip.NetworkProtocolNumber) { - var protoNumber tcpip.NetworkProtocolNumber - if endpoint.Addr().Is4() { - protoNumber = ipv4.ProtocolNumber - } else { - protoNumber = ipv6.ProtocolNumber - } - return tcpip.FullAddress{ - NIC: 1, - Addr: tcpip.AddrFromSlice(endpoint.Addr().AsSlice()), - Port: endpoint.Port(), - }, protoNumber -} - -func (net *Net) DialContextTCPAddrPort(ctx context.Context, addr netip.AddrPort) (*gonet.TCPConn, error) { - fa, pn := convertToFullAddr(addr) - return gonet.DialContextTCP(ctx, net.stack, fa, pn) -} - -func (net *Net) DialContextTCP(ctx context.Context, addr *net.TCPAddr) (*gonet.TCPConn, error) { - if addr == nil { - return net.DialContextTCPAddrPort(ctx, netip.AddrPort{}) - } - ip, _ := netip.AddrFromSlice(addr.IP) - return net.DialContextTCPAddrPort(ctx, netip.AddrPortFrom(ip, uint16(addr.Port))) -} - -func (net *Net) DialTCPAddrPort(addr netip.AddrPort) (*gonet.TCPConn, error) { - fa, pn := convertToFullAddr(addr) - return gonet.DialTCP(net.stack, fa, pn) -} - -func (net *Net) DialTCP(addr *net.TCPAddr) (*gonet.TCPConn, error) { - if addr == nil { - return net.DialTCPAddrPort(netip.AddrPort{}) - } - ip, _ := netip.AddrFromSlice(addr.IP) - return net.DialTCPAddrPort(netip.AddrPortFrom(ip, uint16(addr.Port))) -} - -func (net *Net) ListenTCPAddrPort(addr netip.AddrPort) (*gonet.TCPListener, error) { - fa, pn := convertToFullAddr(addr) - return gonet.ListenTCP(net.stack, fa, pn) -} - -func (net *Net) ListenTCP(addr *net.TCPAddr) (*gonet.TCPListener, error) { - if addr == nil { - return net.ListenTCPAddrPort(netip.AddrPort{}) - } - ip, _ := netip.AddrFromSlice(addr.IP) - return net.ListenTCPAddrPort(netip.AddrPortFrom(ip, uint16(addr.Port))) -} - -func (net *Net) DialUDPAddrPort(laddr, raddr netip.AddrPort) (*gonet.UDPConn, error) { - var lfa, rfa *tcpip.FullAddress - var pn tcpip.NetworkProtocolNumber - if laddr.IsValid() || laddr.Port() > 0 { - var addr tcpip.FullAddress - addr, pn = convertToFullAddr(laddr) - lfa = &addr - } - if raddr.IsValid() || raddr.Port() > 0 { - var addr tcpip.FullAddress - addr, pn = convertToFullAddr(raddr) - rfa = &addr - } - return gonet.DialUDP(net.stack, lfa, rfa, pn) -} - -func (net *Net) ListenUDPAddrPort(laddr netip.AddrPort) (*gonet.UDPConn, error) { - return net.DialUDPAddrPort(laddr, netip.AddrPort{}) -} - -func (net *Net) DialUDP(laddr, raddr *net.UDPAddr) (*gonet.UDPConn, error) { - var la, ra netip.AddrPort - if laddr != nil { - ip, _ := netip.AddrFromSlice(laddr.IP) - la = netip.AddrPortFrom(ip, uint16(laddr.Port)) - } - if raddr != nil { - ip, _ := netip.AddrFromSlice(raddr.IP) - ra = netip.AddrPortFrom(ip, uint16(raddr.Port)) - } - return net.DialUDPAddrPort(la, ra) -} - -func (net *Net) ListenUDP(laddr *net.UDPAddr) (*gonet.UDPConn, error) { - return net.DialUDP(laddr, nil) -} - -func (n *Net) HasV4() bool { - return n.hasV4 -} - -func (n *Net) HasV6() bool { - return n.hasV6 -} - -func IsDomainName(s string) bool { - l := len(s) - if l == 0 || l > 254 || l == 254 && s[l-1] != '.' { - return false - } - last := byte('.') - nonNumeric := false - partlen := 0 - for i := 0; i < len(s); i++ { - c := s[i] - switch { - default: - return false - case 'a' <= c && c <= 'z' || 'A' <= c && c <= 'Z' || c == '_': - nonNumeric = true - partlen++ - case '0' <= c && c <= '9': - partlen++ - case c == '-': - if last == '.' { - return false + var tunIndex int + for _, netInterface := range interfaces { + if strings.HasPrefix(netInterface.Name, tunName) { + index, parseErr := strconv.ParseInt(netInterface.Name[len(tunName):], 10, 16) + if parseErr == nil { + tunIndex = int(index) + 1 } - partlen++ - nonNumeric = true - case c == '.': - if last == '.' || last == '-' { - return false - } - if partlen > 63 || partlen == 0 { - return false - } - partlen = 0 } - last = c } - if last == '-' || partlen > 63 { - return false - } - return nonNumeric + tunName = fmt.Sprintf("%s%d", tunName, tunIndex) + return } diff --git a/proxy/wireguard/tun_default.go b/proxy/wireguard/tun_default.go new file mode 100644 index 00000000..07f21272 --- /dev/null +++ b/proxy/wireguard/tun_default.go @@ -0,0 +1,42 @@ +//go:build !linux + +package wireguard + +import ( + "context" + "net" + "net/netip" + + "golang.zx2c4.com/wireguard/tun/netstack" +) + +var _ Tunnel = (*gvisorNet)(nil) + +type gvisorNet struct { + tunnel + net *netstack.Net +} + +func (g *gvisorNet) Close() error { + return g.tunnel.Close() +} + +func (g *gvisorNet) DialContextTCPAddrPort(ctx context.Context, addr netip.AddrPort) ( + net.Conn, error, +) { + return g.net.DialContextTCPAddrPort(ctx, addr) +} + +func (g *gvisorNet) DialUDPAddrPort(laddr, raddr netip.AddrPort) (net.Conn, error) { + return g.net.DialUDPAddrPort(laddr, raddr) +} + +func CreateTun(localAddresses []netip.Addr, mtu int) (Tunnel, error) { + out := &gvisorNet{} + tun, n, err := netstack.CreateNetTUN(localAddresses, nil, mtu) + if err != nil { + return nil, err + } + out.tun, out.net = tun, n + return out, nil +} diff --git a/proxy/wireguard/tun_linux.go b/proxy/wireguard/tun_linux.go new file mode 100644 index 00000000..ec940c56 --- /dev/null +++ b/proxy/wireguard/tun_linux.go @@ -0,0 +1,223 @@ +package wireguard + +import ( + "context" + "errors" + "fmt" + "net" + "net/netip" + "os" + + "golang.org/x/sys/unix" + + "github.com/sagernet/sing/common/control" + "github.com/vishvananda/netlink" + wgtun "golang.zx2c4.com/wireguard/tun" +) + +type deviceNet struct { + tunnel + dialer net.Dialer + + handle *netlink.Handle + linkAddrs []netlink.Addr + routes []*netlink.Route + rules []*netlink.Rule +} + +func newDeviceNet(interfaceName string) *deviceNet { + var dialer net.Dialer + bindControl := control.BindToInterface(control.DefaultInterfaceFinder(), interfaceName, -1) + dialer.Control = control.Append(dialer.Control, bindControl) + return &deviceNet{dialer: dialer} +} + +func (d *deviceNet) DialContextTCPAddrPort(ctx context.Context, addr netip.AddrPort) ( + net.Conn, error, +) { + return d.dialer.DialContext(ctx, "tcp", addr.String()) +} + +func (d *deviceNet) DialUDPAddrPort(laddr, raddr netip.AddrPort) (net.Conn, error) { + dialer := d.dialer + dialer.LocalAddr = &net.UDPAddr{IP: laddr.Addr().AsSlice(), Port: int(laddr.Port())} + return dialer.DialContext(context.Background(), "udp", raddr.String()) +} + +func (d *deviceNet) Close() (err error) { + var errs []error + for _, rule := range d.rules { + if err = d.handle.RuleDel(rule); err != nil { + errs = append(errs, fmt.Errorf("failed to delete rule: %w", err)) + } + } + for _, route := range d.routes { + if err = d.handle.RouteDel(route); err != nil { + errs = append(errs, fmt.Errorf("failed to delete route: %w", err)) + } + } + if err = d.tunnel.Close(); err != nil { + errs = append(errs, fmt.Errorf("failed to close tunnel: %w", err)) + } + if d.handle != nil { + d.handle.Close() + d.handle = nil + } + if len(errs) == 0 { + return nil + } + return errors.Join(errs...) +} + +func CreateTun(localAddresses []netip.Addr, mtu int) (t Tunnel, err error) { + var v4, v6 *netip.Addr + for _, prefixes := range localAddresses { + if v4 == nil && prefixes.Is4() { + x := prefixes + v4 = &x + } + if v6 == nil && prefixes.Is6() { + x := prefixes + v6 = &x + } + } + + writeSysctlZero := func(path string) error { + _, err := os.Stat(path) + if os.IsNotExist(err) { + return nil + } + if err != nil { + return err + } + return os.WriteFile(path, []byte("0"), 0o644) + } + + // system configs. + if v4 != nil { + if err = writeSysctlZero("/proc/sys/net/ipv4/conf/all/rp_filter"); err != nil { + return nil, fmt.Errorf("failed to disable ipv4 rp_filter for all: %w", err) + } + } + if v6 != nil { + if err = writeSysctlZero("/proc/sys/net/ipv6/conf/all/disable_ipv6"); err != nil { + return nil, fmt.Errorf("failed to enable ipv6: %w", err) + } + if err = writeSysctlZero("/proc/sys/net/ipv6/conf/all/rp_filter"); err != nil { + return nil, fmt.Errorf("failed to disable ipv6 rp_filter for all: %w", err) + } + } + + n := CalculateInterfaceName("wg") + wgt, err := wgtun.CreateTUN(n, mtu) + if err != nil { + return nil, err + } + defer func() { + if err != nil { + _ = wgt.Close() + } + }() + + // disable linux rp_filter for tunnel device to avoid packet drop. + // the operation require root privilege on container require '--privileged' flag. + if v4 != nil { + if err = writeSysctlZero("/proc/sys/net/ipv4/conf/" + n + "/rp_filter"); err != nil { + return nil, fmt.Errorf("failed to disable ipv4 rp_filter for tunnel: %w", err) + } + } + if v6 != nil { + if err = writeSysctlZero("/proc/sys/net/ipv6/conf/" + n + "/rp_filter"); err != nil { + return nil, fmt.Errorf("failed to disable ipv6 rp_filter for tunnel: %w", err) + } + } + + ipv6TableIndex := 1023 + if v6 != nil { + r := &netlink.Route{Table: ipv6TableIndex} + for { + routeList, fErr := netlink.RouteListFiltered(netlink.FAMILY_V6, r, netlink.RT_FILTER_TABLE) + if len(routeList) == 0 || fErr != nil { + break + } + ipv6TableIndex-- + if ipv6TableIndex < 0 { + return nil, fmt.Errorf("failed to find available ipv6 table index") + } + } + } + + out := newDeviceNet(n) + out.handle, err = netlink.NewHandle() + if err != nil { + return nil, err + } + defer func() { + if err != nil { + _ = out.Close() + } + }() + + l, err := netlink.LinkByName(n) + if err != nil { + return nil, err + } + + if v4 != nil { + addr := netlink.Addr{ + IPNet: &net.IPNet{ + IP: v4.AsSlice(), + Mask: net.CIDRMask(v4.BitLen(), v4.BitLen()), + }, + } + out.linkAddrs = append(out.linkAddrs, addr) + } + if v6 != nil { + addr := netlink.Addr{ + IPNet: &net.IPNet{ + IP: v6.AsSlice(), + Mask: net.CIDRMask(v6.BitLen(), v6.BitLen()), + }, + } + out.linkAddrs = append(out.linkAddrs, addr) + + rt := &netlink.Route{ + LinkIndex: l.Attrs().Index, + Dst: &net.IPNet{ + IP: net.IPv6zero, + Mask: net.CIDRMask(0, 128), + }, + Table: ipv6TableIndex, + } + out.routes = append(out.routes, rt) + + r := netlink.NewRule() + r.Table, r.Family, r.Src = ipv6TableIndex, unix.AF_INET6, addr.IPNet + out.rules = append(out.rules, r) + } + + for _, addr := range out.linkAddrs { + if err = out.handle.AddrAdd(l, &addr); err != nil { + return nil, fmt.Errorf("failed to add address %s to %s: %w", addr, n, err) + } + } + if err = out.handle.LinkSetMTU(l, mtu); err != nil { + return nil, err + } + if err = out.handle.LinkSetUp(l); err != nil { + return nil, err + } + + for _, route := range out.routes { + if err = out.handle.RouteAdd(route); err != nil { + return nil, fmt.Errorf("failed to add route %s: %w", route, err) + } + } + for _, rule := range out.rules { + if err = out.handle.RuleAdd(rule); err != nil { + return nil, fmt.Errorf("failed to add rule %s: %w", rule, err) + } + } + out.tun = wgt + return out, nil +} diff --git a/proxy/wireguard/wireguard.go b/proxy/wireguard/wireguard.go index 899dcac5..231776e7 100644 --- a/proxy/wireguard/wireguard.go +++ b/proxy/wireguard/wireguard.go @@ -24,10 +24,11 @@ import ( "bytes" "context" "fmt" + stdnet "net" "net/netip" "strings" + "sync" - "github.com/sagernet/wireguard-go/device" "github.com/xtls/xray-core/common" "github.com/xtls/xray-core/common/buf" "github.com/xtls/xray-core/common/log" @@ -46,13 +47,15 @@ import ( // Handler is an outbound connection that silently swallow the entire payload. type Handler struct { conf *DeviceConfig - net *Net + net Tunnel bind *netBindClient policyManager policy.Manager dns dns.Client // cached configuration - ipc string - endpoints []netip.Addr + ipc string + endpoints []netip.Addr + hasIPv4, hasIPv6 bool + wgLock sync.Mutex } // New creates a new wireguard handler. @@ -64,15 +67,71 @@ func New(ctx context.Context, conf *DeviceConfig) (*Handler, error) { return nil, err } + hasIPv4, hasIPv6 := false, false + for _, e := range endpoints { + if e.Is4() { + hasIPv4 = true + } + if e.Is6() { + hasIPv6 = true + } + } + + d := v.GetFeature(dns.ClientType()).(dns.Client) return &Handler{ conf: conf, policyManager: v.GetFeature(policy.ManagerType()).(policy.Manager), - dns: v.GetFeature(dns.ClientType()).(dns.Client), - ipc: createIPCRequest(conf), + dns: d, + ipc: createIPCRequest(conf, d, hasIPv6), endpoints: endpoints, + hasIPv4: hasIPv4, + hasIPv6: hasIPv6, }, nil } +func (h *Handler) processWireGuard(dialer internet.Dialer) (err error) { + h.wgLock.Lock() + defer h.wgLock.Unlock() + + if h.bind != nil && h.bind.dialer == dialer && h.net != nil { + return nil + } + + log.Record(&log.GeneralMessage{ + Severity: log.Severity_Info, + Content: "switching dialer", + }) + + if h.net != nil { + _ = h.net.Close() + h.net = nil + } + if h.bind != nil { + _ = h.bind.Close() + h.bind = nil + } + + // bind := conn.NewStdNetBind() // TODO: conn.Bind wrapper for dialer + bind := &netBindClient{ + dialer: dialer, + workers: int(h.conf.NumWorkers), + dns: h.dns, + reserved: h.conf.Reserved, + } + defer func() { + if err != nil { + _ = bind.Close() + } + }() + + h.net, err = h.makeVirtualTun(bind) + if err != nil { + return newError("failed to create virtual tun interface").Base(err) + } + h.bind = bind + return nil +} + // Process implements OutboundHandler.Dispatch(). func (h *Handler) Process(ctx context.Context, link *transport.Link, dialer internet.Dialer) error { outbound := session.OutboundFromContext(ctx) @@ -85,30 +144,8 @@ func (h *Handler) Process(ctx context.Context, link *transport.Link, dialer inte inbound.SetCanSpliceCopy(3) } - if h.bind == nil || h.bind.dialer != dialer || h.net == nil { - log.Record(&log.GeneralMessage{ - Severity: log.Severity_Info, - Content: "switching dialer", - }) - // bind := conn.NewStdNetBind() // TODO: conn.Bind wrapper for dialer - bind := &netBindClient{ - dialer: dialer, - workers: int(h.conf.NumWorkers), - dns: h.dns, - reserved: h.conf.Reserved, - } - - net, err := h.makeVirtualTun(bind) - if err != nil { - bind.Close() - return newError("failed to create virtual tun interface").Base(err) - } - - h.net = net - if h.bind != nil { - h.bind.Close() - } - h.bind = bind + if err := h.processWireGuard(dialer); err != nil { + return err } // Destination of the inner request. @@ -122,8 +159,8 @@ func (h *Handler) Process(ctx context.Context, link *transport.Link, dialer inte addr := destination.Address if addr.Family().IsDomain() { ips, err := h.dns.LookupIP(addr.Domain(), dns.IPOption{ - IPv4Enable: h.net.HasV4(), - IPv6Enable: h.net.HasV6(), + IPv4Enable: h.hasIPv4, + IPv6Enable: h.hasIPv6, }) if err != nil { return newError("failed to lookup DNS").Base(err) @@ -200,14 +237,26 @@ func (h *Handler) Process(ctx context.Context, link *transport.Link, dialer inte } // serialize the config into an IPC request -func createIPCRequest(conf *DeviceConfig) string { +func createIPCRequest(conf *DeviceConfig, d dns.Client, resolveEndPointToV4 bool) string { var request bytes.Buffer request.WriteString(fmt.Sprintf("private_key=%s\n", conf.SecretKey)) for _, peer := range conf.Peers { + endpoint := peer.Endpoint + host, port, err := net.SplitHostPort(endpoint) + if resolveEndPointToV4 && err == nil { + _, err = netip.ParseAddr(host) + if err != nil { + ipList, err := d.LookupIP(host, dns.IPOption{IPv4Enable: true, IPv6Enable: false}) + if err == nil && len(ipList) > 0 { + endpoint = stdnet.JoinHostPort(ipList[0].String(), port) + } + } + } + request.WriteString(fmt.Sprintf("public_key=%s\nendpoint=%s\npersistent_keepalive_interval=%d\npreshared_key=%s\n", - peer.PublicKey, peer.Endpoint, peer.KeepAlive, peer.PreSharedKey)) + peer.PublicKey, endpoint, peer.KeepAlive, peer.PreSharedKey)) for _, ip := range peer.AllowedIps { request.WriteString(fmt.Sprintf("allowed_ip=%s\n", ip)) @@ -245,41 +294,20 @@ func parseEndpoints(conf *DeviceConfig) ([]netip.Addr, error) { } // creates a tun interface on netstack given a configuration -func (h *Handler) makeVirtualTun(bind *netBindClient) (*Net, error) { - tun, tnet, err := CreateNetTUN(h.endpoints, h.dns, int(h.conf.Mtu)) +func (h *Handler) makeVirtualTun(bind *netBindClient) (Tunnel, error) { + t, err := CreateTun(h.endpoints, int(h.conf.Mtu)) if err != nil { return nil, err } - bind.dnsOption.IPv4Enable = tnet.HasV4() - bind.dnsOption.IPv6Enable = tnet.HasV6() + bind.dnsOption.IPv4Enable = h.hasIPv4 + bind.dnsOption.IPv6Enable = h.hasIPv6 - // dev := device.NewDevice(tun, conn.NewDefaultBind(), nil /* device.NewLogger(device.LogLevelVerbose, "") */) - dev := device.NewDevice(tun, bind, &device.Logger{ - Verbosef: func(format string, args ...any) { - log.Record(&log.GeneralMessage{ - Severity: log.Severity_Debug, - Content: fmt.Sprintf(format, args...), - }) - }, - Errorf: func(format string, args ...any) { - log.Record(&log.GeneralMessage{ - Severity: log.Severity_Error, - Content: fmt.Sprintf(format, args...), - }) - }, - }, int(h.conf.NumWorkers)) - err = dev.IpcSet(h.ipc) - if err != nil { + if err = t.BuildDevice(h.ipc, bind); err != nil { + _ = t.Close() return nil, err } - - err = dev.Up() - if err != nil { - return nil, err - } - - return tnet, nil + return t, nil } func init() { From cc4b28b15900dc80211fb78fdbeb203b527976a5 Mon Sep 17 00:00:00 2001 From: yuhan6665 <1588741+yuhan6665@users.noreply.github.com> Date: Sun, 12 Nov 2023 14:28:36 -0500 Subject: [PATCH 032/100] Remove dragonfly build --- .github/build/friendly-filenames.json | 1 - .github/workflows/release.yml | 6 ++---- transport/internet/sockopt_other.go | 4 ++-- 3 files changed, 4 insertions(+), 7 deletions(-) diff --git a/.github/build/friendly-filenames.json b/.github/build/friendly-filenames.json index f7a3e526..d4001f70 100644 --- a/.github/build/friendly-filenames.json +++ b/.github/build/friendly-filenames.json @@ -2,7 +2,6 @@ "android-arm64": { "friendlyName": "android-arm64-v8a" }, "darwin-amd64": { "friendlyName": "macos-64" }, "darwin-arm64": { "friendlyName": "macos-arm64-v8a" }, - "dragonfly-amd64": { "friendlyName": "dragonfly-64" }, "freebsd-386": { "friendlyName": "freebsd-32" }, "freebsd-amd64": { "friendlyName": "freebsd-64" }, "freebsd-arm64": { "friendlyName": "freebsd-arm64-v8a" }, diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 30b96142..57e14693 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -70,12 +70,10 @@ jobs: strategy: matrix: # Include amd64 on all platforms. - goos: [windows, freebsd, openbsd, linux, dragonfly, darwin] + goos: [windows, freebsd, openbsd, linux, darwin] goarch: [amd64, 386] exclude: - # Exclude i386 on darwin and dragonfly. - - goarch: 386 - goos: dragonfly + # Exclude i386 on darwin - goarch: 386 goos: darwin include: diff --git a/transport/internet/sockopt_other.go b/transport/internet/sockopt_other.go index ebcf4e26..7e91110e 100644 --- a/transport/internet/sockopt_other.go +++ b/transport/internet/sockopt_other.go @@ -1,5 +1,5 @@ -//go:build js || dragonfly || netbsd || openbsd || solaris -// +build js dragonfly netbsd openbsd solaris +//go:build js || netbsd || openbsd || solaris +// +build js netbsd openbsd solaris package internet From a109389efb17a1fabd7c79872dbfb5b3997799fb Mon Sep 17 00:00:00 2001 From: yuhan6665 <1588741+yuhan6665@users.noreply.github.com> Date: Sun, 12 Nov 2023 15:52:09 -0500 Subject: [PATCH 033/100] Wireguard resolve strategy (#2717) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * 增加 wireguard 出站选项 `resolveStrategy`. * They become a part of you. * 移除不必要的选项别名. * aliases NG. * 微调. --------- Co-authored-by: rui0572 <125641819+rui0572@users.noreply.github.com> --- infra/conf/wireguard.go | 29 ++++++-- infra/conf/wireguard_test.go | 8 ++- proxy/wireguard/config.go | 25 +++++++ proxy/wireguard/config.pb.go | 125 ++++++++++++++++++++++++++++------- proxy/wireguard/config.proto | 8 +++ proxy/wireguard/wireguard.go | 15 ++++- 6 files changed, 175 insertions(+), 35 deletions(-) create mode 100644 proxy/wireguard/config.go diff --git a/infra/conf/wireguard.go b/infra/conf/wireguard.go index 0c79297b..7b2b6bbf 100644 --- a/infra/conf/wireguard.go +++ b/infra/conf/wireguard.go @@ -3,6 +3,7 @@ package conf import ( "encoding/base64" "encoding/hex" + "strings" "github.com/xtls/xray-core/proxy/wireguard" "google.golang.org/protobuf/proto" @@ -47,12 +48,13 @@ func (c *WireGuardPeerConfig) Build() (proto.Message, error) { } type WireGuardConfig struct { - SecretKey string `json:"secretKey"` - Address []string `json:"address"` - Peers []*WireGuardPeerConfig `json:"peers"` - MTU int `json:"mtu"` - NumWorkers int `json:"workers"` - Reserved []byte `json:"reserved"` + SecretKey string `json:"secretKey"` + Address []string `json:"address"` + Peers []*WireGuardPeerConfig `json:"peers"` + MTU int `json:"mtu"` + NumWorkers int `json:"workers"` + Reserved []byte `json:"reserved"` + DomainStrategy string `json:"domainStrategy"` } func (c *WireGuardConfig) Build() (proto.Message, error) { @@ -96,6 +98,21 @@ func (c *WireGuardConfig) Build() (proto.Message, error) { } config.Reserved = c.Reserved + switch strings.ToLower(c.DomainStrategy) { + case "forceip", "": + config.DomainStrategy = wireguard.DeviceConfig_FORCE_IP + case "forceipv4": + config.DomainStrategy = wireguard.DeviceConfig_FORCE_IP4 + case "forceipv6": + config.DomainStrategy = wireguard.DeviceConfig_FORCE_IP6 + case "forceipv4v6": + config.DomainStrategy = wireguard.DeviceConfig_FORCE_IP46 + case "forceipv6v4": + config.DomainStrategy = wireguard.DeviceConfig_FORCE_IP64 + default: + return nil, newError("unsupported domain strategy: ", c.DomainStrategy) + } + return config, nil } diff --git a/infra/conf/wireguard_test.go b/infra/conf/wireguard_test.go index f0136bf0..7a4adf36 100644 --- a/infra/conf/wireguard_test.go +++ b/infra/conf/wireguard_test.go @@ -24,7 +24,8 @@ func TestWireGuardOutbound(t *testing.T) { } ], "mtu": 1300, - "workers": 2 + "workers": 2, + "domainStrategy": "ForceIPv6v4" }`, Parser: loadJSON(creator), Output: &wireguard.DeviceConfig{ @@ -41,8 +42,9 @@ func TestWireGuardOutbound(t *testing.T) { AllowedIps: []string{"0.0.0.0/0", "::0/0"}, }, }, - Mtu: 1300, - NumWorkers: 2, + Mtu: 1300, + NumWorkers: 2, + DomainStrategy: wireguard.DeviceConfig_FORCE_IP64, }, }, }) diff --git a/proxy/wireguard/config.go b/proxy/wireguard/config.go new file mode 100644 index 00000000..75622753 --- /dev/null +++ b/proxy/wireguard/config.go @@ -0,0 +1,25 @@ +package wireguard + +func (c *DeviceConfig) preferIP4() bool { + return c.DomainStrategy == DeviceConfig_FORCE_IP || + c.DomainStrategy == DeviceConfig_FORCE_IP4 || + c.DomainStrategy == DeviceConfig_FORCE_IP46 +} + +func (c *DeviceConfig) preferIP6() bool { + return c.DomainStrategy == DeviceConfig_FORCE_IP || + c.DomainStrategy == DeviceConfig_FORCE_IP6 || + c.DomainStrategy == DeviceConfig_FORCE_IP64 +} + +func (c *DeviceConfig) hasFallback() bool { + return c.DomainStrategy == DeviceConfig_FORCE_IP46 || c.DomainStrategy == DeviceConfig_FORCE_IP64 +} + +func (c *DeviceConfig) fallbackIP4() bool { + return c.DomainStrategy == DeviceConfig_FORCE_IP64 +} + +func (c *DeviceConfig) fallbackIP6() bool { + return c.DomainStrategy == DeviceConfig_FORCE_IP46 +} diff --git a/proxy/wireguard/config.pb.go b/proxy/wireguard/config.pb.go index 442d78f0..6af1f41c 100644 --- a/proxy/wireguard/config.pb.go +++ b/proxy/wireguard/config.pb.go @@ -20,6 +20,61 @@ const ( _ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20) ) +type DeviceConfig_DomainStrategy int32 + +const ( + DeviceConfig_FORCE_IP DeviceConfig_DomainStrategy = 0 + DeviceConfig_FORCE_IP4 DeviceConfig_DomainStrategy = 1 + DeviceConfig_FORCE_IP6 DeviceConfig_DomainStrategy = 2 + DeviceConfig_FORCE_IP46 DeviceConfig_DomainStrategy = 3 + DeviceConfig_FORCE_IP64 DeviceConfig_DomainStrategy = 4 +) + +// Enum value maps for DeviceConfig_DomainStrategy. +var ( + DeviceConfig_DomainStrategy_name = map[int32]string{ + 0: "FORCE_IP", + 1: "FORCE_IP4", + 2: "FORCE_IP6", + 3: "FORCE_IP46", + 4: "FORCE_IP64", + } + DeviceConfig_DomainStrategy_value = map[string]int32{ + "FORCE_IP": 0, + "FORCE_IP4": 1, + "FORCE_IP6": 2, + "FORCE_IP46": 3, + "FORCE_IP64": 4, + } +) + +func (x DeviceConfig_DomainStrategy) Enum() *DeviceConfig_DomainStrategy { + p := new(DeviceConfig_DomainStrategy) + *p = x + return p +} + +func (x DeviceConfig_DomainStrategy) String() string { + return protoimpl.X.EnumStringOf(x.Descriptor(), protoreflect.EnumNumber(x)) +} + +func (DeviceConfig_DomainStrategy) Descriptor() protoreflect.EnumDescriptor { + return file_proxy_wireguard_config_proto_enumTypes[0].Descriptor() +} + +func (DeviceConfig_DomainStrategy) Type() protoreflect.EnumType { + return &file_proxy_wireguard_config_proto_enumTypes[0] +} + +func (x DeviceConfig_DomainStrategy) Number() protoreflect.EnumNumber { + return protoreflect.EnumNumber(x) +} + +// Deprecated: Use DeviceConfig_DomainStrategy.Descriptor instead. +func (DeviceConfig_DomainStrategy) EnumDescriptor() ([]byte, []int) { + return file_proxy_wireguard_config_proto_rawDescGZIP(), []int{1, 0} +} + type PeerConfig struct { state protoimpl.MessageState sizeCache protoimpl.SizeCache @@ -104,12 +159,13 @@ type DeviceConfig struct { sizeCache protoimpl.SizeCache unknownFields protoimpl.UnknownFields - SecretKey string `protobuf:"bytes,1,opt,name=secret_key,json=secretKey,proto3" json:"secret_key,omitempty"` - Endpoint []string `protobuf:"bytes,2,rep,name=endpoint,proto3" json:"endpoint,omitempty"` - Peers []*PeerConfig `protobuf:"bytes,3,rep,name=peers,proto3" json:"peers,omitempty"` - Mtu int32 `protobuf:"varint,4,opt,name=mtu,proto3" json:"mtu,omitempty"` - NumWorkers int32 `protobuf:"varint,5,opt,name=num_workers,json=numWorkers,proto3" json:"num_workers,omitempty"` - Reserved []byte `protobuf:"bytes,6,opt,name=reserved,proto3" json:"reserved,omitempty"` + SecretKey string `protobuf:"bytes,1,opt,name=secret_key,json=secretKey,proto3" json:"secret_key,omitempty"` + Endpoint []string `protobuf:"bytes,2,rep,name=endpoint,proto3" json:"endpoint,omitempty"` + Peers []*PeerConfig `protobuf:"bytes,3,rep,name=peers,proto3" json:"peers,omitempty"` + Mtu int32 `protobuf:"varint,4,opt,name=mtu,proto3" json:"mtu,omitempty"` + NumWorkers int32 `protobuf:"varint,5,opt,name=num_workers,json=numWorkers,proto3" json:"num_workers,omitempty"` + Reserved []byte `protobuf:"bytes,6,opt,name=reserved,proto3" json:"reserved,omitempty"` + DomainStrategy DeviceConfig_DomainStrategy `protobuf:"varint,7,opt,name=domain_strategy,json=domainStrategy,proto3,enum=xray.proxy.wireguard.DeviceConfig_DomainStrategy" json:"domain_strategy,omitempty"` } func (x *DeviceConfig) Reset() { @@ -186,6 +242,13 @@ func (x *DeviceConfig) GetReserved() []byte { return nil } +func (x *DeviceConfig) GetDomainStrategy() DeviceConfig_DomainStrategy { + if x != nil { + return x.DomainStrategy + } + return DeviceConfig_FORCE_IP +} + var File_proxy_wireguard_config_proto protoreflect.FileDescriptor var file_proxy_wireguard_config_proto_rawDesc = []byte{ @@ -203,7 +266,7 @@ var file_proxy_wireguard_config_proto_rawDesc = []byte{ 0x76, 0x65, 0x18, 0x04, 0x20, 0x01, 0x28, 0x05, 0x52, 0x09, 0x6b, 0x65, 0x65, 0x70, 0x41, 0x6c, 0x69, 0x76, 0x65, 0x12, 0x1f, 0x0a, 0x0b, 0x61, 0x6c, 0x6c, 0x6f, 0x77, 0x65, 0x64, 0x5f, 0x69, 0x70, 0x73, 0x18, 0x05, 0x20, 0x03, 0x28, 0x09, 0x52, 0x0a, 0x61, 0x6c, 0x6c, 0x6f, 0x77, 0x65, - 0x64, 0x49, 0x70, 0x73, 0x22, 0xd0, 0x01, 0x0a, 0x0c, 0x44, 0x65, 0x76, 0x69, 0x63, 0x65, 0x43, + 0x64, 0x49, 0x70, 0x73, 0x22, 0x8a, 0x03, 0x0a, 0x0c, 0x44, 0x65, 0x76, 0x69, 0x63, 0x65, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x1d, 0x0a, 0x0a, 0x73, 0x65, 0x63, 0x72, 0x65, 0x74, 0x5f, 0x6b, 0x65, 0x79, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x09, 0x73, 0x65, 0x63, 0x72, 0x65, 0x74, 0x4b, 0x65, 0x79, 0x12, 0x1a, 0x0a, 0x08, 0x65, 0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74, @@ -216,13 +279,25 @@ var file_proxy_wireguard_config_proto_rawDesc = []byte{ 0x6d, 0x5f, 0x77, 0x6f, 0x72, 0x6b, 0x65, 0x72, 0x73, 0x18, 0x05, 0x20, 0x01, 0x28, 0x05, 0x52, 0x0a, 0x6e, 0x75, 0x6d, 0x57, 0x6f, 0x72, 0x6b, 0x65, 0x72, 0x73, 0x12, 0x1a, 0x0a, 0x08, 0x72, 0x65, 0x73, 0x65, 0x72, 0x76, 0x65, 0x64, 0x18, 0x06, 0x20, 0x01, 0x28, 0x0c, 0x52, 0x08, 0x72, - 0x65, 0x73, 0x65, 0x72, 0x76, 0x65, 0x64, 0x42, 0x5e, 0x0a, 0x18, 0x63, 0x6f, 0x6d, 0x2e, 0x78, - 0x72, 0x61, 0x79, 0x2e, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x2e, 0x77, 0x69, 0x72, 0x65, 0x67, 0x75, - 0x61, 0x72, 0x64, 0x50, 0x01, 0x5a, 0x29, 0x67, 0x69, 0x74, 0x68, 0x75, 0x62, 0x2e, 0x63, 0x6f, - 0x6d, 0x2f, 0x78, 0x74, 0x6c, 0x73, 0x2f, 0x78, 0x72, 0x61, 0x79, 0x2d, 0x63, 0x6f, 0x72, 0x65, - 0x2f, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x2f, 0x77, 0x69, 0x72, 0x65, 0x67, 0x75, 0x61, 0x72, 0x64, - 0xaa, 0x02, 0x14, 0x58, 0x72, 0x61, 0x79, 0x2e, 0x50, 0x72, 0x6f, 0x78, 0x79, 0x2e, 0x57, 0x69, - 0x72, 0x65, 0x47, 0x75, 0x61, 0x72, 0x64, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33, + 0x65, 0x73, 0x65, 0x72, 0x76, 0x65, 0x64, 0x12, 0x5a, 0x0a, 0x0f, 0x64, 0x6f, 0x6d, 0x61, 0x69, + 0x6e, 0x5f, 0x73, 0x74, 0x72, 0x61, 0x74, 0x65, 0x67, 0x79, 0x18, 0x07, 0x20, 0x01, 0x28, 0x0e, + 0x32, 0x31, 0x2e, 0x78, 0x72, 0x61, 0x79, 0x2e, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x2e, 0x77, 0x69, + 0x72, 0x65, 0x67, 0x75, 0x61, 0x72, 0x64, 0x2e, 0x44, 0x65, 0x76, 0x69, 0x63, 0x65, 0x43, 0x6f, + 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x44, 0x6f, 0x6d, 0x61, 0x69, 0x6e, 0x53, 0x74, 0x72, 0x61, 0x74, + 0x65, 0x67, 0x79, 0x52, 0x0e, 0x64, 0x6f, 0x6d, 0x61, 0x69, 0x6e, 0x53, 0x74, 0x72, 0x61, 0x74, + 0x65, 0x67, 0x79, 0x22, 0x5c, 0x0a, 0x0e, 0x44, 0x6f, 0x6d, 0x61, 0x69, 0x6e, 0x53, 0x74, 0x72, + 0x61, 0x74, 0x65, 0x67, 0x79, 0x12, 0x0c, 0x0a, 0x08, 0x46, 0x4f, 0x52, 0x43, 0x45, 0x5f, 0x49, + 0x50, 0x10, 0x00, 0x12, 0x0d, 0x0a, 0x09, 0x46, 0x4f, 0x52, 0x43, 0x45, 0x5f, 0x49, 0x50, 0x34, + 0x10, 0x01, 0x12, 0x0d, 0x0a, 0x09, 0x46, 0x4f, 0x52, 0x43, 0x45, 0x5f, 0x49, 0x50, 0x36, 0x10, + 0x02, 0x12, 0x0e, 0x0a, 0x0a, 0x46, 0x4f, 0x52, 0x43, 0x45, 0x5f, 0x49, 0x50, 0x34, 0x36, 0x10, + 0x03, 0x12, 0x0e, 0x0a, 0x0a, 0x46, 0x4f, 0x52, 0x43, 0x45, 0x5f, 0x49, 0x50, 0x36, 0x34, 0x10, + 0x04, 0x42, 0x5e, 0x0a, 0x18, 0x63, 0x6f, 0x6d, 0x2e, 0x78, 0x72, 0x61, 0x79, 0x2e, 0x70, 0x72, + 0x6f, 0x78, 0x79, 0x2e, 0x77, 0x69, 0x72, 0x65, 0x67, 0x75, 0x61, 0x72, 0x64, 0x50, 0x01, 0x5a, + 0x29, 0x67, 0x69, 0x74, 0x68, 0x75, 0x62, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x78, 0x74, 0x6c, 0x73, + 0x2f, 0x78, 0x72, 0x61, 0x79, 0x2d, 0x63, 0x6f, 0x72, 0x65, 0x2f, 0x70, 0x72, 0x6f, 0x78, 0x79, + 0x2f, 0x77, 0x69, 0x72, 0x65, 0x67, 0x75, 0x61, 0x72, 0x64, 0xaa, 0x02, 0x14, 0x58, 0x72, 0x61, + 0x79, 0x2e, 0x50, 0x72, 0x6f, 0x78, 0x79, 0x2e, 0x57, 0x69, 0x72, 0x65, 0x47, 0x75, 0x61, 0x72, + 0x64, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33, } var ( @@ -237,18 +312,21 @@ func file_proxy_wireguard_config_proto_rawDescGZIP() []byte { return file_proxy_wireguard_config_proto_rawDescData } +var file_proxy_wireguard_config_proto_enumTypes = make([]protoimpl.EnumInfo, 1) var file_proxy_wireguard_config_proto_msgTypes = make([]protoimpl.MessageInfo, 2) var file_proxy_wireguard_config_proto_goTypes = []interface{}{ - (*PeerConfig)(nil), // 0: xray.proxy.wireguard.PeerConfig - (*DeviceConfig)(nil), // 1: xray.proxy.wireguard.DeviceConfig + (DeviceConfig_DomainStrategy)(0), // 0: xray.proxy.wireguard.DeviceConfig.DomainStrategy + (*PeerConfig)(nil), // 1: xray.proxy.wireguard.PeerConfig + (*DeviceConfig)(nil), // 2: xray.proxy.wireguard.DeviceConfig } var file_proxy_wireguard_config_proto_depIdxs = []int32{ - 0, // 0: xray.proxy.wireguard.DeviceConfig.peers:type_name -> xray.proxy.wireguard.PeerConfig - 1, // [1:1] is the sub-list for method output_type - 1, // [1:1] is the sub-list for method input_type - 1, // [1:1] is the sub-list for extension type_name - 1, // [1:1] is the sub-list for extension extendee - 0, // [0:1] is the sub-list for field type_name + 1, // 0: xray.proxy.wireguard.DeviceConfig.peers:type_name -> xray.proxy.wireguard.PeerConfig + 0, // 1: xray.proxy.wireguard.DeviceConfig.domain_strategy:type_name -> xray.proxy.wireguard.DeviceConfig.DomainStrategy + 2, // [2:2] is the sub-list for method output_type + 2, // [2:2] is the sub-list for method input_type + 2, // [2:2] is the sub-list for extension type_name + 2, // [2:2] is the sub-list for extension extendee + 0, // [0:2] is the sub-list for field type_name } func init() { file_proxy_wireguard_config_proto_init() } @@ -287,13 +365,14 @@ func file_proxy_wireguard_config_proto_init() { File: protoimpl.DescBuilder{ GoPackagePath: reflect.TypeOf(x{}).PkgPath(), RawDescriptor: file_proxy_wireguard_config_proto_rawDesc, - NumEnums: 0, + NumEnums: 1, NumMessages: 2, NumExtensions: 0, NumServices: 0, }, GoTypes: file_proxy_wireguard_config_proto_goTypes, DependencyIndexes: file_proxy_wireguard_config_proto_depIdxs, + EnumInfos: file_proxy_wireguard_config_proto_enumTypes, MessageInfos: file_proxy_wireguard_config_proto_msgTypes, }.Build() File_proxy_wireguard_config_proto = out.File diff --git a/proxy/wireguard/config.proto b/proxy/wireguard/config.proto index 810a1126..0a12c009 100644 --- a/proxy/wireguard/config.proto +++ b/proxy/wireguard/config.proto @@ -15,10 +15,18 @@ message PeerConfig { } message DeviceConfig { + enum DomainStrategy { + FORCE_IP = 0; + FORCE_IP4 = 1; + FORCE_IP6 = 2; + FORCE_IP46 = 3; + FORCE_IP64 = 4; + } string secret_key = 1; repeated string endpoint = 2; repeated PeerConfig peers = 3; int32 mtu = 4; int32 num_workers = 5; bytes reserved = 6; + DomainStrategy domain_strategy = 7; } \ No newline at end of file diff --git a/proxy/wireguard/wireguard.go b/proxy/wireguard/wireguard.go index 231776e7..48e2ace3 100644 --- a/proxy/wireguard/wireguard.go +++ b/proxy/wireguard/wireguard.go @@ -31,6 +31,7 @@ import ( "github.com/xtls/xray-core/common" "github.com/xtls/xray-core/common/buf" + "github.com/xtls/xray-core/common/dice" "github.com/xtls/xray-core/common/log" "github.com/xtls/xray-core/common/net" "github.com/xtls/xray-core/common/protocol" @@ -159,15 +160,23 @@ func (h *Handler) Process(ctx context.Context, link *transport.Link, dialer inte addr := destination.Address if addr.Family().IsDomain() { ips, err := h.dns.LookupIP(addr.Domain(), dns.IPOption{ - IPv4Enable: h.hasIPv4, - IPv6Enable: h.hasIPv6, + IPv4Enable: h.hasIPv4 && h.conf.preferIP4(), + IPv6Enable: h.hasIPv6 && h.conf.preferIP6(), }) + { // Resolve fallback + if (len(ips) == 0 || err != nil) && h.conf.hasFallback() { + ips, err = h.dns.LookupIP(addr.Domain(), dns.IPOption{ + IPv4Enable: h.hasIPv4 && h.conf.fallbackIP4(), + IPv6Enable: h.hasIPv6 && h.conf.fallbackIP6(), + }) + } + } if err != nil { return newError("failed to lookup DNS").Base(err) } else if len(ips) == 0 { return dns.ErrEmptyResponse } - addr = net.IPAddress(ips[0]) + addr = net.IPAddress(ips[dice.Roll(len(ips))]) } var newCtx context.Context From d9fd3f8eb147e28c16a75419b930c9ce6df67497 Mon Sep 17 00:00:00 2001 From: yuhan6665 <1588741+yuhan6665@users.noreply.github.com> Date: Sun, 12 Nov 2023 16:27:39 -0500 Subject: [PATCH 034/100] Freedom xdomain strategy (#2719) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * 统一 `domainStrategy` 行为. * aliases NG. * 化简. * 调整. * Let it crash. * Update proto --------- Co-authored-by: rui0572 <125641819+rui0572@users.noreply.github.com> --- app/commander/config.pb.go | 2 +- app/dispatcher/config.pb.go | 2 +- app/dns/config.pb.go | 2 +- app/dns/fakedns/fakedns.pb.go | 2 +- app/log/command/config.pb.go | 2 +- app/log/config.pb.go | 2 +- app/metrics/config.pb.go | 2 +- app/observatory/command/command.pb.go | 2 +- app/observatory/config.pb.go | 2 +- app/policy/config.pb.go | 2 +- app/proxyman/command/command.pb.go | 2 +- app/proxyman/config.pb.go | 2 +- app/reverse/config.pb.go | 2 +- app/router/command/command.pb.go | 2 +- app/router/config.pb.go | 2 +- app/stats/command/command.pb.go | 2 +- app/stats/config.pb.go | 2 +- common/log/log.pb.go | 2 +- common/net/address.pb.go | 2 +- common/net/destination.pb.go | 2 +- common/net/network.pb.go | 2 +- common/net/port.pb.go | 2 +- common/protocol/headers.pb.go | 2 +- common/protocol/server_spec.pb.go | 2 +- common/protocol/user.pb.go | 2 +- common/serial/typed_message.pb.go | 2 +- core/config.pb.go | 2 +- infra/conf/freedom.go | 25 +++++- proxy/blackhole/config.pb.go | 2 +- proxy/dns/config.pb.go | 2 +- proxy/dokodemo/config.pb.go | 2 +- proxy/freedom/config.go | 43 +++++++++- proxy/freedom/config.pb.go | 79 +++++++++++++------ proxy/freedom/config.proto | 7 ++ proxy/freedom/freedom.go | 34 ++++---- proxy/http/config.pb.go | 2 +- proxy/loopback/config.pb.go | 2 +- proxy/shadowsocks/config.pb.go | 2 +- proxy/shadowsocks_2022/config.pb.go | 2 +- proxy/socks/config.pb.go | 2 +- proxy/trojan/config.pb.go | 2 +- proxy/vless/account.pb.go | 2 +- proxy/vless/encoding/addons.pb.go | 2 +- proxy/vless/inbound/config.pb.go | 2 +- proxy/vless/outbound/config.pb.go | 2 +- proxy/vmess/account.pb.go | 2 +- proxy/vmess/inbound/config.pb.go | 2 +- proxy/vmess/outbound/config.pb.go | 2 +- proxy/wireguard/config.pb.go | 2 +- transport/global/config.pb.go | 2 +- transport/internet/config.pb.go | 2 +- transport/internet/domainsocket/config.pb.go | 2 +- transport/internet/grpc/config.pb.go | 2 +- transport/internet/grpc/encoding/stream.pb.go | 2 +- transport/internet/headers/dns/config.pb.go | 2 +- transport/internet/headers/http/config.pb.go | 2 +- transport/internet/headers/noop/config.pb.go | 2 +- transport/internet/headers/srtp/config.pb.go | 2 +- transport/internet/headers/tls/config.pb.go | 2 +- transport/internet/headers/utp/config.pb.go | 2 +- .../internet/headers/wechat/config.pb.go | 2 +- .../internet/headers/wireguard/config.pb.go | 2 +- transport/internet/http/config.pb.go | 2 +- transport/internet/kcp/config.pb.go | 2 +- transport/internet/quic/config.pb.go | 2 +- transport/internet/reality/config.pb.go | 2 +- transport/internet/tcp/config.pb.go | 2 +- transport/internet/tls/config.pb.go | 2 +- transport/internet/udp/config.pb.go | 2 +- transport/internet/websocket/config.pb.go | 2 +- 70 files changed, 201 insertions(+), 117 deletions(-) diff --git a/app/commander/config.pb.go b/app/commander/config.pb.go index 73037653..32dd608a 100644 --- a/app/commander/config.pb.go +++ b/app/commander/config.pb.go @@ -1,6 +1,6 @@ // Code generated by protoc-gen-go. DO NOT EDIT. // versions: -// protoc-gen-go v1.30.0 +// protoc-gen-go v1.31.0 // protoc v4.23.1 // source: app/commander/config.proto diff --git a/app/dispatcher/config.pb.go b/app/dispatcher/config.pb.go index e0a55ab2..1512f186 100644 --- a/app/dispatcher/config.pb.go +++ b/app/dispatcher/config.pb.go @@ -1,6 +1,6 @@ // Code generated by protoc-gen-go. DO NOT EDIT. // versions: -// protoc-gen-go v1.30.0 +// protoc-gen-go v1.31.0 // protoc v4.23.1 // source: app/dispatcher/config.proto diff --git a/app/dns/config.pb.go b/app/dns/config.pb.go index 8a066a9e..2d84fe72 100644 --- a/app/dns/config.pb.go +++ b/app/dns/config.pb.go @@ -1,6 +1,6 @@ // Code generated by protoc-gen-go. DO NOT EDIT. // versions: -// protoc-gen-go v1.30.0 +// protoc-gen-go v1.31.0 // protoc v4.23.1 // source: app/dns/config.proto diff --git a/app/dns/fakedns/fakedns.pb.go b/app/dns/fakedns/fakedns.pb.go index dc9970f9..dea59f99 100644 --- a/app/dns/fakedns/fakedns.pb.go +++ b/app/dns/fakedns/fakedns.pb.go @@ -1,6 +1,6 @@ // Code generated by protoc-gen-go. DO NOT EDIT. // versions: -// protoc-gen-go v1.30.0 +// protoc-gen-go v1.31.0 // protoc v4.23.1 // source: app/dns/fakedns/fakedns.proto diff --git a/app/log/command/config.pb.go b/app/log/command/config.pb.go index 6a3d6602..21637a8b 100644 --- a/app/log/command/config.pb.go +++ b/app/log/command/config.pb.go @@ -1,6 +1,6 @@ // Code generated by protoc-gen-go. DO NOT EDIT. // versions: -// protoc-gen-go v1.30.0 +// protoc-gen-go v1.31.0 // protoc v4.23.1 // source: app/log/command/config.proto diff --git a/app/log/config.pb.go b/app/log/config.pb.go index 0bc09d40..7829713c 100644 --- a/app/log/config.pb.go +++ b/app/log/config.pb.go @@ -1,6 +1,6 @@ // Code generated by protoc-gen-go. DO NOT EDIT. // versions: -// protoc-gen-go v1.30.0 +// protoc-gen-go v1.31.0 // protoc v4.23.1 // source: app/log/config.proto diff --git a/app/metrics/config.pb.go b/app/metrics/config.pb.go index 2cf67618..a93bbb64 100644 --- a/app/metrics/config.pb.go +++ b/app/metrics/config.pb.go @@ -1,6 +1,6 @@ // Code generated by protoc-gen-go. DO NOT EDIT. // versions: -// protoc-gen-go v1.30.0 +// protoc-gen-go v1.31.0 // protoc v4.23.1 // source: app/metrics/config.proto diff --git a/app/observatory/command/command.pb.go b/app/observatory/command/command.pb.go index 9eab1533..df531537 100644 --- a/app/observatory/command/command.pb.go +++ b/app/observatory/command/command.pb.go @@ -1,6 +1,6 @@ // Code generated by protoc-gen-go. DO NOT EDIT. // versions: -// protoc-gen-go v1.30.0 +// protoc-gen-go v1.31.0 // protoc v4.23.1 // source: app/observatory/command/command.proto diff --git a/app/observatory/config.pb.go b/app/observatory/config.pb.go index 741da506..43eb7196 100644 --- a/app/observatory/config.pb.go +++ b/app/observatory/config.pb.go @@ -1,6 +1,6 @@ // Code generated by protoc-gen-go. DO NOT EDIT. // versions: -// protoc-gen-go v1.30.0 +// protoc-gen-go v1.31.0 // protoc v4.23.1 // source: app/observatory/config.proto diff --git a/app/policy/config.pb.go b/app/policy/config.pb.go index 9841fff0..c8b4311c 100644 --- a/app/policy/config.pb.go +++ b/app/policy/config.pb.go @@ -1,6 +1,6 @@ // Code generated by protoc-gen-go. DO NOT EDIT. // versions: -// protoc-gen-go v1.30.0 +// protoc-gen-go v1.31.0 // protoc v4.23.1 // source: app/policy/config.proto diff --git a/app/proxyman/command/command.pb.go b/app/proxyman/command/command.pb.go index 9add8afb..458179e5 100644 --- a/app/proxyman/command/command.pb.go +++ b/app/proxyman/command/command.pb.go @@ -1,6 +1,6 @@ // Code generated by protoc-gen-go. DO NOT EDIT. // versions: -// protoc-gen-go v1.30.0 +// protoc-gen-go v1.31.0 // protoc v4.23.1 // source: app/proxyman/command/command.proto diff --git a/app/proxyman/config.pb.go b/app/proxyman/config.pb.go index cabc09dd..db41ad75 100644 --- a/app/proxyman/config.pb.go +++ b/app/proxyman/config.pb.go @@ -1,6 +1,6 @@ // Code generated by protoc-gen-go. DO NOT EDIT. // versions: -// protoc-gen-go v1.30.0 +// protoc-gen-go v1.31.0 // protoc v4.23.1 // source: app/proxyman/config.proto diff --git a/app/reverse/config.pb.go b/app/reverse/config.pb.go index 0e1bc941..83c0709b 100644 --- a/app/reverse/config.pb.go +++ b/app/reverse/config.pb.go @@ -1,6 +1,6 @@ // Code generated by protoc-gen-go. DO NOT EDIT. // versions: -// protoc-gen-go v1.30.0 +// protoc-gen-go v1.31.0 // protoc v4.23.1 // source: app/reverse/config.proto diff --git a/app/router/command/command.pb.go b/app/router/command/command.pb.go index eb7c8530..18296ff9 100644 --- a/app/router/command/command.pb.go +++ b/app/router/command/command.pb.go @@ -1,6 +1,6 @@ // Code generated by protoc-gen-go. DO NOT EDIT. // versions: -// protoc-gen-go v1.30.0 +// protoc-gen-go v1.31.0 // protoc v4.23.1 // source: app/router/command/command.proto diff --git a/app/router/config.pb.go b/app/router/config.pb.go index 3fd01cc7..cfe5a8fc 100644 --- a/app/router/config.pb.go +++ b/app/router/config.pb.go @@ -1,6 +1,6 @@ // Code generated by protoc-gen-go. DO NOT EDIT. // versions: -// protoc-gen-go v1.30.0 +// protoc-gen-go v1.31.0 // protoc v4.23.1 // source: app/router/config.proto diff --git a/app/stats/command/command.pb.go b/app/stats/command/command.pb.go index 6d4d0d38..089dd183 100644 --- a/app/stats/command/command.pb.go +++ b/app/stats/command/command.pb.go @@ -1,6 +1,6 @@ // Code generated by protoc-gen-go. DO NOT EDIT. // versions: -// protoc-gen-go v1.30.0 +// protoc-gen-go v1.31.0 // protoc v4.23.1 // source: app/stats/command/command.proto diff --git a/app/stats/config.pb.go b/app/stats/config.pb.go index 216da044..7c944e9b 100644 --- a/app/stats/config.pb.go +++ b/app/stats/config.pb.go @@ -1,6 +1,6 @@ // Code generated by protoc-gen-go. DO NOT EDIT. // versions: -// protoc-gen-go v1.30.0 +// protoc-gen-go v1.31.0 // protoc v4.23.1 // source: app/stats/config.proto diff --git a/common/log/log.pb.go b/common/log/log.pb.go index 92ea0811..871d019b 100644 --- a/common/log/log.pb.go +++ b/common/log/log.pb.go @@ -1,6 +1,6 @@ // Code generated by protoc-gen-go. DO NOT EDIT. // versions: -// protoc-gen-go v1.30.0 +// protoc-gen-go v1.31.0 // protoc v4.23.1 // source: common/log/log.proto diff --git a/common/net/address.pb.go b/common/net/address.pb.go index 82240db3..c0ebb72a 100644 --- a/common/net/address.pb.go +++ b/common/net/address.pb.go @@ -1,6 +1,6 @@ // Code generated by protoc-gen-go. DO NOT EDIT. // versions: -// protoc-gen-go v1.30.0 +// protoc-gen-go v1.31.0 // protoc v4.23.1 // source: common/net/address.proto diff --git a/common/net/destination.pb.go b/common/net/destination.pb.go index ea6339cb..ee775c7b 100644 --- a/common/net/destination.pb.go +++ b/common/net/destination.pb.go @@ -1,6 +1,6 @@ // Code generated by protoc-gen-go. DO NOT EDIT. // versions: -// protoc-gen-go v1.30.0 +// protoc-gen-go v1.31.0 // protoc v4.23.1 // source: common/net/destination.proto diff --git a/common/net/network.pb.go b/common/net/network.pb.go index 18e0df4b..39a1dcd3 100644 --- a/common/net/network.pb.go +++ b/common/net/network.pb.go @@ -1,6 +1,6 @@ // Code generated by protoc-gen-go. DO NOT EDIT. // versions: -// protoc-gen-go v1.30.0 +// protoc-gen-go v1.31.0 // protoc v4.23.1 // source: common/net/network.proto diff --git a/common/net/port.pb.go b/common/net/port.pb.go index 255bd940..791e4e7e 100644 --- a/common/net/port.pb.go +++ b/common/net/port.pb.go @@ -1,6 +1,6 @@ // Code generated by protoc-gen-go. DO NOT EDIT. // versions: -// protoc-gen-go v1.30.0 +// protoc-gen-go v1.31.0 // protoc v4.23.1 // source: common/net/port.proto diff --git a/common/protocol/headers.pb.go b/common/protocol/headers.pb.go index 96c427d4..f733c419 100644 --- a/common/protocol/headers.pb.go +++ b/common/protocol/headers.pb.go @@ -1,6 +1,6 @@ // Code generated by protoc-gen-go. DO NOT EDIT. // versions: -// protoc-gen-go v1.30.0 +// protoc-gen-go v1.31.0 // protoc v4.23.1 // source: common/protocol/headers.proto diff --git a/common/protocol/server_spec.pb.go b/common/protocol/server_spec.pb.go index da698518..5c8ed7de 100644 --- a/common/protocol/server_spec.pb.go +++ b/common/protocol/server_spec.pb.go @@ -1,6 +1,6 @@ // Code generated by protoc-gen-go. DO NOT EDIT. // versions: -// protoc-gen-go v1.30.0 +// protoc-gen-go v1.31.0 // protoc v4.23.1 // source: common/protocol/server_spec.proto diff --git a/common/protocol/user.pb.go b/common/protocol/user.pb.go index 6f063e73..77c26e22 100644 --- a/common/protocol/user.pb.go +++ b/common/protocol/user.pb.go @@ -1,6 +1,6 @@ // Code generated by protoc-gen-go. DO NOT EDIT. // versions: -// protoc-gen-go v1.30.0 +// protoc-gen-go v1.31.0 // protoc v4.23.1 // source: common/protocol/user.proto diff --git a/common/serial/typed_message.pb.go b/common/serial/typed_message.pb.go index b03f2aaa..09c71b0d 100644 --- a/common/serial/typed_message.pb.go +++ b/common/serial/typed_message.pb.go @@ -1,6 +1,6 @@ // Code generated by protoc-gen-go. DO NOT EDIT. // versions: -// protoc-gen-go v1.30.0 +// protoc-gen-go v1.31.0 // protoc v4.23.1 // source: common/serial/typed_message.proto diff --git a/core/config.pb.go b/core/config.pb.go index c36e7fd0..72ba2379 100644 --- a/core/config.pb.go +++ b/core/config.pb.go @@ -1,6 +1,6 @@ // Code generated by protoc-gen-go. DO NOT EDIT. // versions: -// protoc-gen-go v1.30.0 +// protoc-gen-go v1.31.0 // protoc v4.23.1 // source: core/config.proto diff --git a/infra/conf/freedom.go b/infra/conf/freedom.go index 21f0616a..dd812db6 100644 --- a/infra/conf/freedom.go +++ b/infra/conf/freedom.go @@ -28,14 +28,31 @@ type Fragment struct { // Build implements Buildable func (c *FreedomConfig) Build() (proto.Message, error) { config := new(freedom.Config) - config.DomainStrategy = freedom.Config_AS_IS switch strings.ToLower(c.DomainStrategy) { - case "useip", "use_ip", "use-ip": + case "asis", "": + config.DomainStrategy = freedom.Config_AS_IS + case "useip": config.DomainStrategy = freedom.Config_USE_IP - case "useip4", "useipv4", "use_ip4", "use_ipv4", "use_ip_v4", "use-ip4", "use-ipv4", "use-ip-v4": + case "useipv4": config.DomainStrategy = freedom.Config_USE_IP4 - case "useip6", "useipv6", "use_ip6", "use_ipv6", "use_ip_v6", "use-ip6", "use-ipv6", "use-ip-v6": + case "useipv6": config.DomainStrategy = freedom.Config_USE_IP6 + case "useipv4v6": + config.DomainStrategy = freedom.Config_USE_IP46 + case "useipv6v4": + config.DomainStrategy = freedom.Config_USE_IP64 + case "forceip": + config.DomainStrategy = freedom.Config_FORCE_IP + case "forceipv4": + config.DomainStrategy = freedom.Config_FORCE_IP4 + case "forceipv6": + config.DomainStrategy = freedom.Config_FORCE_IP6 + case "forceipv4v6": + config.DomainStrategy = freedom.Config_FORCE_IP46 + case "forceipv6v4": + config.DomainStrategy = freedom.Config_FORCE_IP64 + default: + return nil, newError("unsupported domain strategy: ", c.DomainStrategy) } if c.Fragment != nil { diff --git a/proxy/blackhole/config.pb.go b/proxy/blackhole/config.pb.go index 2bc838c6..0cdb33a7 100644 --- a/proxy/blackhole/config.pb.go +++ b/proxy/blackhole/config.pb.go @@ -1,6 +1,6 @@ // Code generated by protoc-gen-go. DO NOT EDIT. // versions: -// protoc-gen-go v1.30.0 +// protoc-gen-go v1.31.0 // protoc v4.23.1 // source: proxy/blackhole/config.proto diff --git a/proxy/dns/config.pb.go b/proxy/dns/config.pb.go index 24016460..767ad2ca 100644 --- a/proxy/dns/config.pb.go +++ b/proxy/dns/config.pb.go @@ -1,6 +1,6 @@ // Code generated by protoc-gen-go. DO NOT EDIT. // versions: -// protoc-gen-go v1.30.0 +// protoc-gen-go v1.31.0 // protoc v4.23.1 // source: proxy/dns/config.proto diff --git a/proxy/dokodemo/config.pb.go b/proxy/dokodemo/config.pb.go index 6e43def1..c56e74b9 100644 --- a/proxy/dokodemo/config.pb.go +++ b/proxy/dokodemo/config.pb.go @@ -1,6 +1,6 @@ // Code generated by protoc-gen-go. DO NOT EDIT. // versions: -// protoc-gen-go v1.30.0 +// protoc-gen-go v1.31.0 // protoc v4.23.1 // source: proxy/dokodemo/config.proto diff --git a/proxy/freedom/config.go b/proxy/freedom/config.go index 61cc6ad5..2e67244b 100644 --- a/proxy/freedom/config.go +++ b/proxy/freedom/config.go @@ -1,5 +1,44 @@ package freedom -func (c *Config) useIP() bool { - return c.DomainStrategy == Config_USE_IP || c.DomainStrategy == Config_USE_IP4 || c.DomainStrategy == Config_USE_IP6 +var strategy = [][]byte{ + // name strategy, prefer, fallback + {0, 0, 0}, // AsIs none, /, / + {1, 0, 0}, // UseIP use, both, none + {1, 4, 0}, // UseIPv4 use, 4, none + {1, 6, 0}, // UseIPv6 use, 6, none + {1, 4, 6}, // UseIPv4v6 use, 4, 6 + {1, 6, 4}, // UseIPv6v4 use, 6, 4 + {2, 0, 0}, // ForceIP force, both, none + {2, 4, 0}, // ForceIPv4 force, 4, none + {2, 6, 0}, // ForceIPv6 force, 6, none + {2, 4, 6}, // ForceIPv4v6 force, 4, 6 + {2, 6, 4}, // ForceIPv6v4 force, 6, 4 +} + +func (c *Config) hasStrategy() bool { + return strategy[c.DomainStrategy][0] != 0 +} + +func (c *Config) forceIP() bool { + return strategy[c.DomainStrategy][0] == 2 +} + +func (c *Config) preferIP4() bool { + return strategy[c.DomainStrategy][1] == 4 || strategy[c.DomainStrategy][1] == 0 +} + +func (c *Config) preferIP6() bool { + return strategy[c.DomainStrategy][1] == 6 || strategy[c.DomainStrategy][1] == 0 +} + +func (c *Config) hasFallback() bool { + return strategy[c.DomainStrategy][2] != 0 +} + +func (c *Config) fallbackIP4() bool { + return strategy[c.DomainStrategy][2] == 4 +} + +func (c *Config) fallbackIP6() bool { + return strategy[c.DomainStrategy][2] == 6 } diff --git a/proxy/freedom/config.pb.go b/proxy/freedom/config.pb.go index 7561f7fd..229630d4 100644 --- a/proxy/freedom/config.pb.go +++ b/proxy/freedom/config.pb.go @@ -1,6 +1,6 @@ // Code generated by protoc-gen-go. DO NOT EDIT. // versions: -// protoc-gen-go v1.30.0 +// protoc-gen-go v1.31.0 // protoc v4.23.1 // source: proxy/freedom/config.proto @@ -24,25 +24,46 @@ const ( type Config_DomainStrategy int32 const ( - Config_AS_IS Config_DomainStrategy = 0 - Config_USE_IP Config_DomainStrategy = 1 - Config_USE_IP4 Config_DomainStrategy = 2 - Config_USE_IP6 Config_DomainStrategy = 3 + Config_AS_IS Config_DomainStrategy = 0 + Config_USE_IP Config_DomainStrategy = 1 + Config_USE_IP4 Config_DomainStrategy = 2 + Config_USE_IP6 Config_DomainStrategy = 3 + Config_USE_IP46 Config_DomainStrategy = 4 + Config_USE_IP64 Config_DomainStrategy = 5 + Config_FORCE_IP Config_DomainStrategy = 6 + Config_FORCE_IP4 Config_DomainStrategy = 7 + Config_FORCE_IP6 Config_DomainStrategy = 8 + Config_FORCE_IP46 Config_DomainStrategy = 9 + Config_FORCE_IP64 Config_DomainStrategy = 10 ) // Enum value maps for Config_DomainStrategy. var ( Config_DomainStrategy_name = map[int32]string{ - 0: "AS_IS", - 1: "USE_IP", - 2: "USE_IP4", - 3: "USE_IP6", + 0: "AS_IS", + 1: "USE_IP", + 2: "USE_IP4", + 3: "USE_IP6", + 4: "USE_IP46", + 5: "USE_IP64", + 6: "FORCE_IP", + 7: "FORCE_IP4", + 8: "FORCE_IP6", + 9: "FORCE_IP46", + 10: "FORCE_IP64", } Config_DomainStrategy_value = map[string]int32{ - "AS_IS": 0, - "USE_IP": 1, - "USE_IP4": 2, - "USE_IP6": 3, + "AS_IS": 0, + "USE_IP": 1, + "USE_IP4": 2, + "USE_IP6": 3, + "USE_IP46": 4, + "USE_IP64": 5, + "FORCE_IP": 6, + "FORCE_IP4": 7, + "FORCE_IP6": 8, + "FORCE_IP46": 9, + "FORCE_IP64": 10, } ) @@ -314,7 +335,7 @@ var file_proxy_freedom_config_proto_rawDesc = []byte{ 0x6c, 0x5f, 0x6d, 0x69, 0x6e, 0x18, 0x05, 0x20, 0x01, 0x28, 0x04, 0x52, 0x0b, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x76, 0x61, 0x6c, 0x4d, 0x69, 0x6e, 0x12, 0x21, 0x0a, 0x0c, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x76, 0x61, 0x6c, 0x5f, 0x6d, 0x61, 0x78, 0x18, 0x06, 0x20, 0x01, 0x28, 0x04, 0x52, 0x0b, - 0x69, 0x6e, 0x74, 0x65, 0x72, 0x76, 0x61, 0x6c, 0x4d, 0x61, 0x78, 0x22, 0xf2, 0x02, 0x0a, 0x06, + 0x69, 0x6e, 0x74, 0x65, 0x72, 0x76, 0x61, 0x6c, 0x4d, 0x61, 0x78, 0x22, 0xdb, 0x03, 0x0a, 0x06, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x52, 0x0a, 0x0f, 0x64, 0x6f, 0x6d, 0x61, 0x69, 0x6e, 0x5f, 0x73, 0x74, 0x72, 0x61, 0x74, 0x65, 0x67, 0x79, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0e, 0x32, 0x29, 0x2e, 0x78, 0x72, 0x61, 0x79, 0x2e, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x2e, 0x66, 0x72, 0x65, @@ -333,18 +354,24 @@ var file_proxy_freedom_config_proto_rawDesc = []byte{ 0x76, 0x65, 0x6c, 0x12, 0x38, 0x0a, 0x08, 0x66, 0x72, 0x61, 0x67, 0x6d, 0x65, 0x6e, 0x74, 0x18, 0x05, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1c, 0x2e, 0x78, 0x72, 0x61, 0x79, 0x2e, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x2e, 0x66, 0x72, 0x65, 0x65, 0x64, 0x6f, 0x6d, 0x2e, 0x46, 0x72, 0x61, 0x67, 0x6d, - 0x65, 0x6e, 0x74, 0x52, 0x08, 0x66, 0x72, 0x61, 0x67, 0x6d, 0x65, 0x6e, 0x74, 0x22, 0x41, 0x0a, - 0x0e, 0x44, 0x6f, 0x6d, 0x61, 0x69, 0x6e, 0x53, 0x74, 0x72, 0x61, 0x74, 0x65, 0x67, 0x79, 0x12, - 0x09, 0x0a, 0x05, 0x41, 0x53, 0x5f, 0x49, 0x53, 0x10, 0x00, 0x12, 0x0a, 0x0a, 0x06, 0x55, 0x53, - 0x45, 0x5f, 0x49, 0x50, 0x10, 0x01, 0x12, 0x0b, 0x0a, 0x07, 0x55, 0x53, 0x45, 0x5f, 0x49, 0x50, - 0x34, 0x10, 0x02, 0x12, 0x0b, 0x0a, 0x07, 0x55, 0x53, 0x45, 0x5f, 0x49, 0x50, 0x36, 0x10, 0x03, - 0x42, 0x58, 0x0a, 0x16, 0x63, 0x6f, 0x6d, 0x2e, 0x78, 0x72, 0x61, 0x79, 0x2e, 0x70, 0x72, 0x6f, - 0x78, 0x79, 0x2e, 0x66, 0x72, 0x65, 0x65, 0x64, 0x6f, 0x6d, 0x50, 0x01, 0x5a, 0x27, 0x67, 0x69, - 0x74, 0x68, 0x75, 0x62, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x78, 0x74, 0x6c, 0x73, 0x2f, 0x78, 0x72, - 0x61, 0x79, 0x2d, 0x63, 0x6f, 0x72, 0x65, 0x2f, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x2f, 0x66, 0x72, - 0x65, 0x65, 0x64, 0x6f, 0x6d, 0xaa, 0x02, 0x12, 0x58, 0x72, 0x61, 0x79, 0x2e, 0x50, 0x72, 0x6f, - 0x78, 0x79, 0x2e, 0x46, 0x72, 0x65, 0x65, 0x64, 0x6f, 0x6d, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, - 0x6f, 0x33, + 0x65, 0x6e, 0x74, 0x52, 0x08, 0x66, 0x72, 0x61, 0x67, 0x6d, 0x65, 0x6e, 0x74, 0x22, 0xa9, 0x01, + 0x0a, 0x0e, 0x44, 0x6f, 0x6d, 0x61, 0x69, 0x6e, 0x53, 0x74, 0x72, 0x61, 0x74, 0x65, 0x67, 0x79, + 0x12, 0x09, 0x0a, 0x05, 0x41, 0x53, 0x5f, 0x49, 0x53, 0x10, 0x00, 0x12, 0x0a, 0x0a, 0x06, 0x55, + 0x53, 0x45, 0x5f, 0x49, 0x50, 0x10, 0x01, 0x12, 0x0b, 0x0a, 0x07, 0x55, 0x53, 0x45, 0x5f, 0x49, + 0x50, 0x34, 0x10, 0x02, 0x12, 0x0b, 0x0a, 0x07, 0x55, 0x53, 0x45, 0x5f, 0x49, 0x50, 0x36, 0x10, + 0x03, 0x12, 0x0c, 0x0a, 0x08, 0x55, 0x53, 0x45, 0x5f, 0x49, 0x50, 0x34, 0x36, 0x10, 0x04, 0x12, + 0x0c, 0x0a, 0x08, 0x55, 0x53, 0x45, 0x5f, 0x49, 0x50, 0x36, 0x34, 0x10, 0x05, 0x12, 0x0c, 0x0a, + 0x08, 0x46, 0x4f, 0x52, 0x43, 0x45, 0x5f, 0x49, 0x50, 0x10, 0x06, 0x12, 0x0d, 0x0a, 0x09, 0x46, + 0x4f, 0x52, 0x43, 0x45, 0x5f, 0x49, 0x50, 0x34, 0x10, 0x07, 0x12, 0x0d, 0x0a, 0x09, 0x46, 0x4f, + 0x52, 0x43, 0x45, 0x5f, 0x49, 0x50, 0x36, 0x10, 0x08, 0x12, 0x0e, 0x0a, 0x0a, 0x46, 0x4f, 0x52, + 0x43, 0x45, 0x5f, 0x49, 0x50, 0x34, 0x36, 0x10, 0x09, 0x12, 0x0e, 0x0a, 0x0a, 0x46, 0x4f, 0x52, + 0x43, 0x45, 0x5f, 0x49, 0x50, 0x36, 0x34, 0x10, 0x0a, 0x42, 0x58, 0x0a, 0x16, 0x63, 0x6f, 0x6d, + 0x2e, 0x78, 0x72, 0x61, 0x79, 0x2e, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x2e, 0x66, 0x72, 0x65, 0x65, + 0x64, 0x6f, 0x6d, 0x50, 0x01, 0x5a, 0x27, 0x67, 0x69, 0x74, 0x68, 0x75, 0x62, 0x2e, 0x63, 0x6f, + 0x6d, 0x2f, 0x78, 0x74, 0x6c, 0x73, 0x2f, 0x78, 0x72, 0x61, 0x79, 0x2d, 0x63, 0x6f, 0x72, 0x65, + 0x2f, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x2f, 0x66, 0x72, 0x65, 0x65, 0x64, 0x6f, 0x6d, 0xaa, 0x02, + 0x12, 0x58, 0x72, 0x61, 0x79, 0x2e, 0x50, 0x72, 0x6f, 0x78, 0x79, 0x2e, 0x46, 0x72, 0x65, 0x65, + 0x64, 0x6f, 0x6d, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33, } var ( diff --git a/proxy/freedom/config.proto b/proxy/freedom/config.proto index 53524e19..0f328022 100644 --- a/proxy/freedom/config.proto +++ b/proxy/freedom/config.proto @@ -27,6 +27,13 @@ message Config { USE_IP = 1; USE_IP4 = 2; USE_IP6 = 3; + USE_IP46 = 4; + USE_IP64 = 5; + FORCE_IP = 6; + FORCE_IP4 = 7; + FORCE_IP6 = 8; + FORCE_IP46 = 9; + FORCE_IP64 = 10; } DomainStrategy domain_strategy = 1; uint32 timeout = 2 [deprecated = true]; diff --git a/proxy/freedom/freedom.go b/proxy/freedom/freedom.go index 3eb5b8a3..809d4df8 100644 --- a/proxy/freedom/freedom.go +++ b/proxy/freedom/freedom.go @@ -73,26 +73,18 @@ func (h *Handler) policy() policy.Session { } func (h *Handler) resolveIP(ctx context.Context, domain string, localAddr net.Address) net.Address { - var option dns.IPOption = dns.IPOption{ - IPv4Enable: true, - IPv6Enable: true, - FakeEnable: false, - } - if h.config.DomainStrategy == Config_USE_IP4 || (localAddr != nil && localAddr.Family().IsIPv4()) { - option = dns.IPOption{ - IPv4Enable: true, - IPv6Enable: false, - FakeEnable: false, - } - } else if h.config.DomainStrategy == Config_USE_IP6 || (localAddr != nil && localAddr.Family().IsIPv6()) { - option = dns.IPOption{ - IPv4Enable: false, - IPv6Enable: true, - FakeEnable: false, + ips, err := h.dns.LookupIP(domain, dns.IPOption{ + IPv4Enable: (localAddr == nil || localAddr.Family().IsIPv4()) && h.config.preferIP4(), + IPv6Enable: (localAddr == nil || localAddr.Family().IsIPv6()) && h.config.preferIP6(), + }) + { // Resolve fallback + if (len(ips) == 0 || err != nil) && h.config.hasFallback() && localAddr == nil { + ips, err = h.dns.LookupIP(domain, dns.IPOption{ + IPv4Enable: h.config.fallbackIP4(), + IPv6Enable: h.config.fallbackIP6(), + }) } } - - ips, err := h.dns.LookupIP(domain, option) if err != nil { newError("failed to get IP address for domain ", domain).Base(err).WriteToLog(session.ExportIDToError(ctx)) } @@ -142,7 +134,7 @@ func (h *Handler) Process(ctx context.Context, link *transport.Link, dialer inte var conn stat.Connection err := retry.ExponentialBackoff(5, 100).On(func() error { dialDest := destination - if h.config.useIP() && dialDest.Address.Family().IsDomain() { + if h.config.hasStrategy() && dialDest.Address.Family().IsDomain() { ip := h.resolveIP(ctx, dialDest.Address.Domain(), dialer.Address()) if ip != nil { dialDest = net.Destination{ @@ -151,6 +143,8 @@ func (h *Handler) Process(ctx context.Context, link *transport.Link, dialer inte Port: dialDest.Port, } newError("dialing to ", dialDest).WriteToLog(session.ExportIDToError(ctx)) + } else if h.config.forceIP() { + return dns.ErrEmptyResponse } } @@ -325,7 +319,7 @@ func (w *PacketWriter) WriteMultiBuffer(mb buf.MultiBuffer) error { if w.UDPOverride.Port != 0 { b.UDP.Port = w.UDPOverride.Port } - if w.Handler.config.useIP() && b.UDP.Address.Family().IsDomain() { + if w.Handler.config.hasStrategy() && b.UDP.Address.Family().IsDomain() { ip := w.Handler.resolveIP(w.Context, b.UDP.Address.Domain(), nil) if ip != nil { b.UDP.Address = ip diff --git a/proxy/http/config.pb.go b/proxy/http/config.pb.go index 986a038a..6ae78777 100644 --- a/proxy/http/config.pb.go +++ b/proxy/http/config.pb.go @@ -1,6 +1,6 @@ // Code generated by protoc-gen-go. DO NOT EDIT. // versions: -// protoc-gen-go v1.30.0 +// protoc-gen-go v1.31.0 // protoc v4.23.1 // source: proxy/http/config.proto diff --git a/proxy/loopback/config.pb.go b/proxy/loopback/config.pb.go index e25f8425..3902e532 100644 --- a/proxy/loopback/config.pb.go +++ b/proxy/loopback/config.pb.go @@ -1,6 +1,6 @@ // Code generated by protoc-gen-go. DO NOT EDIT. // versions: -// protoc-gen-go v1.30.0 +// protoc-gen-go v1.31.0 // protoc v4.23.1 // source: proxy/loopback/config.proto diff --git a/proxy/shadowsocks/config.pb.go b/proxy/shadowsocks/config.pb.go index 5fc221da..86351df8 100644 --- a/proxy/shadowsocks/config.pb.go +++ b/proxy/shadowsocks/config.pb.go @@ -1,6 +1,6 @@ // Code generated by protoc-gen-go. DO NOT EDIT. // versions: -// protoc-gen-go v1.30.0 +// protoc-gen-go v1.31.0 // protoc v4.23.1 // source: proxy/shadowsocks/config.proto diff --git a/proxy/shadowsocks_2022/config.pb.go b/proxy/shadowsocks_2022/config.pb.go index 8ccb848a..633f3cda 100644 --- a/proxy/shadowsocks_2022/config.pb.go +++ b/proxy/shadowsocks_2022/config.pb.go @@ -1,6 +1,6 @@ // Code generated by protoc-gen-go. DO NOT EDIT. // versions: -// protoc-gen-go v1.30.0 +// protoc-gen-go v1.31.0 // protoc v4.23.1 // source: proxy/shadowsocks_2022/config.proto diff --git a/proxy/socks/config.pb.go b/proxy/socks/config.pb.go index a1daa276..c22af748 100644 --- a/proxy/socks/config.pb.go +++ b/proxy/socks/config.pb.go @@ -1,6 +1,6 @@ // Code generated by protoc-gen-go. DO NOT EDIT. // versions: -// protoc-gen-go v1.30.0 +// protoc-gen-go v1.31.0 // protoc v4.23.1 // source: proxy/socks/config.proto diff --git a/proxy/trojan/config.pb.go b/proxy/trojan/config.pb.go index 49374001..d90271d9 100644 --- a/proxy/trojan/config.pb.go +++ b/proxy/trojan/config.pb.go @@ -1,6 +1,6 @@ // Code generated by protoc-gen-go. DO NOT EDIT. // versions: -// protoc-gen-go v1.30.0 +// protoc-gen-go v1.31.0 // protoc v4.23.1 // source: proxy/trojan/config.proto diff --git a/proxy/vless/account.pb.go b/proxy/vless/account.pb.go index 1d055185..405d8811 100644 --- a/proxy/vless/account.pb.go +++ b/proxy/vless/account.pb.go @@ -1,6 +1,6 @@ // Code generated by protoc-gen-go. DO NOT EDIT. // versions: -// protoc-gen-go v1.30.0 +// protoc-gen-go v1.31.0 // protoc v4.23.1 // source: proxy/vless/account.proto diff --git a/proxy/vless/encoding/addons.pb.go b/proxy/vless/encoding/addons.pb.go index b78c878c..8c409cbc 100644 --- a/proxy/vless/encoding/addons.pb.go +++ b/proxy/vless/encoding/addons.pb.go @@ -1,6 +1,6 @@ // Code generated by protoc-gen-go. DO NOT EDIT. // versions: -// protoc-gen-go v1.30.0 +// protoc-gen-go v1.31.0 // protoc v4.23.1 // source: proxy/vless/encoding/addons.proto diff --git a/proxy/vless/inbound/config.pb.go b/proxy/vless/inbound/config.pb.go index f15f9114..c2ddd5e5 100644 --- a/proxy/vless/inbound/config.pb.go +++ b/proxy/vless/inbound/config.pb.go @@ -1,6 +1,6 @@ // Code generated by protoc-gen-go. DO NOT EDIT. // versions: -// protoc-gen-go v1.30.0 +// protoc-gen-go v1.31.0 // protoc v4.23.1 // source: proxy/vless/inbound/config.proto diff --git a/proxy/vless/outbound/config.pb.go b/proxy/vless/outbound/config.pb.go index 5bd8912a..3fb9ed75 100644 --- a/proxy/vless/outbound/config.pb.go +++ b/proxy/vless/outbound/config.pb.go @@ -1,6 +1,6 @@ // Code generated by protoc-gen-go. DO NOT EDIT. // versions: -// protoc-gen-go v1.30.0 +// protoc-gen-go v1.31.0 // protoc v4.23.1 // source: proxy/vless/outbound/config.proto diff --git a/proxy/vmess/account.pb.go b/proxy/vmess/account.pb.go index 9938cfb1..575ec583 100644 --- a/proxy/vmess/account.pb.go +++ b/proxy/vmess/account.pb.go @@ -1,6 +1,6 @@ // Code generated by protoc-gen-go. DO NOT EDIT. // versions: -// protoc-gen-go v1.30.0 +// protoc-gen-go v1.31.0 // protoc v4.23.1 // source: proxy/vmess/account.proto diff --git a/proxy/vmess/inbound/config.pb.go b/proxy/vmess/inbound/config.pb.go index 663256aa..67fa6461 100644 --- a/proxy/vmess/inbound/config.pb.go +++ b/proxy/vmess/inbound/config.pb.go @@ -1,6 +1,6 @@ // Code generated by protoc-gen-go. DO NOT EDIT. // versions: -// protoc-gen-go v1.30.0 +// protoc-gen-go v1.31.0 // protoc v4.23.1 // source: proxy/vmess/inbound/config.proto diff --git a/proxy/vmess/outbound/config.pb.go b/proxy/vmess/outbound/config.pb.go index b68cbffa..80492e05 100644 --- a/proxy/vmess/outbound/config.pb.go +++ b/proxy/vmess/outbound/config.pb.go @@ -1,6 +1,6 @@ // Code generated by protoc-gen-go. DO NOT EDIT. // versions: -// protoc-gen-go v1.30.0 +// protoc-gen-go v1.31.0 // protoc v4.23.1 // source: proxy/vmess/outbound/config.proto diff --git a/proxy/wireguard/config.pb.go b/proxy/wireguard/config.pb.go index 6af1f41c..dfe7dab5 100644 --- a/proxy/wireguard/config.pb.go +++ b/proxy/wireguard/config.pb.go @@ -1,6 +1,6 @@ // Code generated by protoc-gen-go. DO NOT EDIT. // versions: -// protoc-gen-go v1.30.0 +// protoc-gen-go v1.31.0 // protoc v4.23.1 // source: proxy/wireguard/config.proto diff --git a/transport/global/config.pb.go b/transport/global/config.pb.go index 1d763122..4bd8c84f 100644 --- a/transport/global/config.pb.go +++ b/transport/global/config.pb.go @@ -1,6 +1,6 @@ // Code generated by protoc-gen-go. DO NOT EDIT. // versions: -// protoc-gen-go v1.30.0 +// protoc-gen-go v1.31.0 // protoc v4.23.1 // source: transport/global/config.proto diff --git a/transport/internet/config.pb.go b/transport/internet/config.pb.go index 33519b63..9a5f78e8 100644 --- a/transport/internet/config.pb.go +++ b/transport/internet/config.pb.go @@ -1,7 +1,7 @@ // Code generated by protoc-gen-go. DO NOT EDIT. // versions: // protoc-gen-go v1.31.0 -// protoc v4.24.1 +// protoc v4.23.1 // source: transport/internet/config.proto package internet diff --git a/transport/internet/domainsocket/config.pb.go b/transport/internet/domainsocket/config.pb.go index 6089cf34..9d3eb25c 100644 --- a/transport/internet/domainsocket/config.pb.go +++ b/transport/internet/domainsocket/config.pb.go @@ -1,6 +1,6 @@ // Code generated by protoc-gen-go. DO NOT EDIT. // versions: -// protoc-gen-go v1.30.0 +// protoc-gen-go v1.31.0 // protoc v4.23.1 // source: transport/internet/domainsocket/config.proto diff --git a/transport/internet/grpc/config.pb.go b/transport/internet/grpc/config.pb.go index 91289606..4a794bb1 100644 --- a/transport/internet/grpc/config.pb.go +++ b/transport/internet/grpc/config.pb.go @@ -1,6 +1,6 @@ // Code generated by protoc-gen-go. DO NOT EDIT. // versions: -// protoc-gen-go v1.30.0 +// protoc-gen-go v1.31.0 // protoc v4.23.1 // source: transport/internet/grpc/config.proto diff --git a/transport/internet/grpc/encoding/stream.pb.go b/transport/internet/grpc/encoding/stream.pb.go index 96cf41bd..f8e7c7fb 100644 --- a/transport/internet/grpc/encoding/stream.pb.go +++ b/transport/internet/grpc/encoding/stream.pb.go @@ -1,6 +1,6 @@ // Code generated by protoc-gen-go. DO NOT EDIT. // versions: -// protoc-gen-go v1.30.0 +// protoc-gen-go v1.31.0 // protoc v4.23.1 // source: transport/internet/grpc/encoding/stream.proto diff --git a/transport/internet/headers/dns/config.pb.go b/transport/internet/headers/dns/config.pb.go index aeadae6a..34d37c33 100644 --- a/transport/internet/headers/dns/config.pb.go +++ b/transport/internet/headers/dns/config.pb.go @@ -1,6 +1,6 @@ // Code generated by protoc-gen-go. DO NOT EDIT. // versions: -// protoc-gen-go v1.30.0 +// protoc-gen-go v1.31.0 // protoc v4.23.1 // source: transport/internet/headers/dns/config.proto diff --git a/transport/internet/headers/http/config.pb.go b/transport/internet/headers/http/config.pb.go index 786bd928..69fefd8c 100644 --- a/transport/internet/headers/http/config.pb.go +++ b/transport/internet/headers/http/config.pb.go @@ -1,6 +1,6 @@ // Code generated by protoc-gen-go. DO NOT EDIT. // versions: -// protoc-gen-go v1.30.0 +// protoc-gen-go v1.31.0 // protoc v4.23.1 // source: transport/internet/headers/http/config.proto diff --git a/transport/internet/headers/noop/config.pb.go b/transport/internet/headers/noop/config.pb.go index cd8880a8..9777e46f 100644 --- a/transport/internet/headers/noop/config.pb.go +++ b/transport/internet/headers/noop/config.pb.go @@ -1,6 +1,6 @@ // Code generated by protoc-gen-go. DO NOT EDIT. // versions: -// protoc-gen-go v1.30.0 +// protoc-gen-go v1.31.0 // protoc v4.23.1 // source: transport/internet/headers/noop/config.proto diff --git a/transport/internet/headers/srtp/config.pb.go b/transport/internet/headers/srtp/config.pb.go index 553349e8..2d9c5354 100644 --- a/transport/internet/headers/srtp/config.pb.go +++ b/transport/internet/headers/srtp/config.pb.go @@ -1,6 +1,6 @@ // Code generated by protoc-gen-go. DO NOT EDIT. // versions: -// protoc-gen-go v1.30.0 +// protoc-gen-go v1.31.0 // protoc v4.23.1 // source: transport/internet/headers/srtp/config.proto diff --git a/transport/internet/headers/tls/config.pb.go b/transport/internet/headers/tls/config.pb.go index 8d940553..c0b77de4 100644 --- a/transport/internet/headers/tls/config.pb.go +++ b/transport/internet/headers/tls/config.pb.go @@ -1,6 +1,6 @@ // Code generated by protoc-gen-go. DO NOT EDIT. // versions: -// protoc-gen-go v1.30.0 +// protoc-gen-go v1.31.0 // protoc v4.23.1 // source: transport/internet/headers/tls/config.proto diff --git a/transport/internet/headers/utp/config.pb.go b/transport/internet/headers/utp/config.pb.go index 9dff1aed..b3bd9749 100644 --- a/transport/internet/headers/utp/config.pb.go +++ b/transport/internet/headers/utp/config.pb.go @@ -1,6 +1,6 @@ // Code generated by protoc-gen-go. DO NOT EDIT. // versions: -// protoc-gen-go v1.30.0 +// protoc-gen-go v1.31.0 // protoc v4.23.1 // source: transport/internet/headers/utp/config.proto diff --git a/transport/internet/headers/wechat/config.pb.go b/transport/internet/headers/wechat/config.pb.go index 02c4f50d..8bec6fe4 100644 --- a/transport/internet/headers/wechat/config.pb.go +++ b/transport/internet/headers/wechat/config.pb.go @@ -1,6 +1,6 @@ // Code generated by protoc-gen-go. DO NOT EDIT. // versions: -// protoc-gen-go v1.30.0 +// protoc-gen-go v1.31.0 // protoc v4.23.1 // source: transport/internet/headers/wechat/config.proto diff --git a/transport/internet/headers/wireguard/config.pb.go b/transport/internet/headers/wireguard/config.pb.go index 68c72d96..4274198c 100644 --- a/transport/internet/headers/wireguard/config.pb.go +++ b/transport/internet/headers/wireguard/config.pb.go @@ -1,6 +1,6 @@ // Code generated by protoc-gen-go. DO NOT EDIT. // versions: -// protoc-gen-go v1.30.0 +// protoc-gen-go v1.31.0 // protoc v4.23.1 // source: transport/internet/headers/wireguard/config.proto diff --git a/transport/internet/http/config.pb.go b/transport/internet/http/config.pb.go index 6abb97dd..baaa5630 100644 --- a/transport/internet/http/config.pb.go +++ b/transport/internet/http/config.pb.go @@ -1,6 +1,6 @@ // Code generated by protoc-gen-go. DO NOT EDIT. // versions: -// protoc-gen-go v1.30.0 +// protoc-gen-go v1.31.0 // protoc v4.23.1 // source: transport/internet/http/config.proto diff --git a/transport/internet/kcp/config.pb.go b/transport/internet/kcp/config.pb.go index 8b6dbd40..74537db7 100644 --- a/transport/internet/kcp/config.pb.go +++ b/transport/internet/kcp/config.pb.go @@ -1,6 +1,6 @@ // Code generated by protoc-gen-go. DO NOT EDIT. // versions: -// protoc-gen-go v1.30.0 +// protoc-gen-go v1.31.0 // protoc v4.23.1 // source: transport/internet/kcp/config.proto diff --git a/transport/internet/quic/config.pb.go b/transport/internet/quic/config.pb.go index 0b850900..f10998eb 100644 --- a/transport/internet/quic/config.pb.go +++ b/transport/internet/quic/config.pb.go @@ -1,6 +1,6 @@ // Code generated by protoc-gen-go. DO NOT EDIT. // versions: -// protoc-gen-go v1.30.0 +// protoc-gen-go v1.31.0 // protoc v4.23.1 // source: transport/internet/quic/config.proto diff --git a/transport/internet/reality/config.pb.go b/transport/internet/reality/config.pb.go index 799e30d4..2b44d9b7 100644 --- a/transport/internet/reality/config.pb.go +++ b/transport/internet/reality/config.pb.go @@ -1,6 +1,6 @@ // Code generated by protoc-gen-go. DO NOT EDIT. // versions: -// protoc-gen-go v1.30.0 +// protoc-gen-go v1.31.0 // protoc v4.23.1 // source: transport/internet/reality/config.proto diff --git a/transport/internet/tcp/config.pb.go b/transport/internet/tcp/config.pb.go index 1ff79f64..e7ecd49b 100644 --- a/transport/internet/tcp/config.pb.go +++ b/transport/internet/tcp/config.pb.go @@ -1,6 +1,6 @@ // Code generated by protoc-gen-go. DO NOT EDIT. // versions: -// protoc-gen-go v1.30.0 +// protoc-gen-go v1.31.0 // protoc v4.23.1 // source: transport/internet/tcp/config.proto diff --git a/transport/internet/tls/config.pb.go b/transport/internet/tls/config.pb.go index 65c18e6b..9bd5a84d 100644 --- a/transport/internet/tls/config.pb.go +++ b/transport/internet/tls/config.pb.go @@ -1,6 +1,6 @@ // Code generated by protoc-gen-go. DO NOT EDIT. // versions: -// protoc-gen-go v1.30.0 +// protoc-gen-go v1.31.0 // protoc v4.23.1 // source: transport/internet/tls/config.proto diff --git a/transport/internet/udp/config.pb.go b/transport/internet/udp/config.pb.go index b3921e46..b56c5fa4 100644 --- a/transport/internet/udp/config.pb.go +++ b/transport/internet/udp/config.pb.go @@ -1,6 +1,6 @@ // Code generated by protoc-gen-go. DO NOT EDIT. // versions: -// protoc-gen-go v1.30.0 +// protoc-gen-go v1.31.0 // protoc v4.23.1 // source: transport/internet/udp/config.proto diff --git a/transport/internet/websocket/config.pb.go b/transport/internet/websocket/config.pb.go index 7880a1a5..ab0aa373 100644 --- a/transport/internet/websocket/config.pb.go +++ b/transport/internet/websocket/config.pb.go @@ -1,6 +1,6 @@ // Code generated by protoc-gen-go. DO NOT EDIT. // versions: -// protoc-gen-go v1.30.0 +// protoc-gen-go v1.31.0 // protoc v4.23.1 // source: transport/internet/websocket/config.proto From 7523f7f440a3177977d65a79fba18bf6979182e3 Mon Sep 17 00:00:00 2001 From: yuhan6665 <1588741+yuhan6665@users.noreply.github.com> Date: Sun, 12 Nov 2023 16:37:02 -0500 Subject: [PATCH 035/100] =?UTF-8?q?=E7=BB=9F=E4=B8=80=20`domainStrategy`?= =?UTF-8?q?=20=E8=A1=8C=E4=B8=BA.=20(#2720)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * 统一 `domainStrategy` 行为. * Update proto --------- Co-authored-by: rui0572 <125641819+rui0572@users.noreply.github.com> --- infra/conf/transport_internet.go | 24 ++++++++-- transport/internet/config.go | 43 ++++++++++++++++++ transport/internet/config.pb.go | 75 ++++++++++++++++++++++---------- transport/internet/config.proto | 7 +++ transport/internet/dialer.go | 36 ++++++--------- 5 files changed, 135 insertions(+), 50 deletions(-) diff --git a/infra/conf/transport_internet.go b/infra/conf/transport_internet.go index 9e10feed..e1471bde 100644 --- a/infra/conf/transport_internet.go +++ b/infra/conf/transport_internet.go @@ -654,12 +654,30 @@ func (c *SocketConfig) Build() (*internet.SocketConfig, error) { dStrategy := internet.DomainStrategy_AS_IS switch strings.ToLower(c.DomainStrategy) { - case "useip", "use_ip": + case "asis", "": + dStrategy = internet.DomainStrategy_AS_IS + case "useip": dStrategy = internet.DomainStrategy_USE_IP - case "useip4", "useipv4", "use_ipv4", "use_ip_v4", "use_ip4": + case "useipv4": dStrategy = internet.DomainStrategy_USE_IP4 - case "useip6", "useipv6", "use_ipv6", "use_ip_v6", "use_ip6": + case "useipv6": dStrategy = internet.DomainStrategy_USE_IP6 + case "useipv4v6": + dStrategy = internet.DomainStrategy_USE_IP46 + case "useipv6v4": + dStrategy = internet.DomainStrategy_USE_IP64 + case "forceip": + dStrategy = internet.DomainStrategy_FORCE_IP + case "forceipv4": + dStrategy = internet.DomainStrategy_FORCE_IP4 + case "forceipv6": + dStrategy = internet.DomainStrategy_FORCE_IP6 + case "forceipv4v6": + dStrategy = internet.DomainStrategy_FORCE_IP46 + case "forceipv6v4": + dStrategy = internet.DomainStrategy_FORCE_IP64 + default: + return nil, newError("unsupported domain strategy: ", c.DomainStrategy) } return &internet.SocketConfig{ diff --git a/transport/internet/config.go b/transport/internet/config.go index a7ff96c6..6725a995 100644 --- a/transport/internet/config.go +++ b/transport/internet/config.go @@ -12,6 +12,21 @@ var ( globalTransportSettings []*TransportConfig ) +var strategy = [][]byte{ + // name strategy, prefer, fallback + {0, 0, 0}, // AsIs none, /, / + {1, 0, 0}, // UseIP use, both, none + {1, 4, 0}, // UseIPv4 use, 4, none + {1, 6, 0}, // UseIPv6 use, 6, none + {1, 4, 6}, // UseIPv4v6 use, 4, 6 + {1, 6, 4}, // UseIPv6v4 use, 6, 4 + {2, 0, 0}, // ForceIP force, both, none + {2, 4, 0}, // ForceIPv4 force, 4, none + {2, 6, 0}, // ForceIPv6 force, 6, none + {2, 4, 6}, // ForceIPv4v6 force, 4, 6 + {2, 6, 4}, // ForceIPv6v4 force, 6, 4 +} + const unknownProtocol = "unknown" func transportProtocolToString(protocol TransportProtocol) string { @@ -122,3 +137,31 @@ func (c *ProxyConfig) HasTag() bool { func (m SocketConfig_TProxyMode) IsEnabled() bool { return m != SocketConfig_Off } + +func (s DomainStrategy) hasStrategy() bool { + return strategy[s][0] != 0 +} + +func (s DomainStrategy) forceIP() bool { + return strategy[s][0] == 2 +} + +func (s DomainStrategy) preferIP4() bool { + return strategy[s][1] == 4 || strategy[s][1] == 0 +} + +func (s DomainStrategy) preferIP6() bool { + return strategy[s][1] == 6 || strategy[s][1] == 0 +} + +func (s DomainStrategy) hasFallback() bool { + return strategy[s][2] != 0 +} + +func (s DomainStrategy) fallbackIP4() bool { + return strategy[s][2] == 4 +} + +func (s DomainStrategy) fallbackIP6() bool { + return strategy[s][2] == 6 +} diff --git a/transport/internet/config.pb.go b/transport/internet/config.pb.go index 9a5f78e8..9636bfb4 100644 --- a/transport/internet/config.pb.go +++ b/transport/internet/config.pb.go @@ -82,25 +82,46 @@ func (TransportProtocol) EnumDescriptor() ([]byte, []int) { type DomainStrategy int32 const ( - DomainStrategy_AS_IS DomainStrategy = 0 - DomainStrategy_USE_IP DomainStrategy = 1 - DomainStrategy_USE_IP4 DomainStrategy = 2 - DomainStrategy_USE_IP6 DomainStrategy = 3 + DomainStrategy_AS_IS DomainStrategy = 0 + DomainStrategy_USE_IP DomainStrategy = 1 + DomainStrategy_USE_IP4 DomainStrategy = 2 + DomainStrategy_USE_IP6 DomainStrategy = 3 + DomainStrategy_USE_IP46 DomainStrategy = 4 + DomainStrategy_USE_IP64 DomainStrategy = 5 + DomainStrategy_FORCE_IP DomainStrategy = 6 + DomainStrategy_FORCE_IP4 DomainStrategy = 7 + DomainStrategy_FORCE_IP6 DomainStrategy = 8 + DomainStrategy_FORCE_IP46 DomainStrategy = 9 + DomainStrategy_FORCE_IP64 DomainStrategy = 10 ) // Enum value maps for DomainStrategy. var ( DomainStrategy_name = map[int32]string{ - 0: "AS_IS", - 1: "USE_IP", - 2: "USE_IP4", - 3: "USE_IP6", + 0: "AS_IS", + 1: "USE_IP", + 2: "USE_IP4", + 3: "USE_IP6", + 4: "USE_IP46", + 5: "USE_IP64", + 6: "FORCE_IP", + 7: "FORCE_IP4", + 8: "FORCE_IP6", + 9: "FORCE_IP46", + 10: "FORCE_IP64", } DomainStrategy_value = map[string]int32{ - "AS_IS": 0, - "USE_IP": 1, - "USE_IP4": 2, - "USE_IP6": 3, + "AS_IS": 0, + "USE_IP": 1, + "USE_IP4": 2, + "USE_IP6": 3, + "USE_IP46": 4, + "USE_IP64": 5, + "FORCE_IP": 6, + "FORCE_IP4": 7, + "FORCE_IP6": 8, + "FORCE_IP46": 9, + "FORCE_IP64": 10, } ) @@ -710,18 +731,24 @@ var file_transport_internet_config_proto_rawDesc = []byte{ 0x04, 0x4d, 0x4b, 0x43, 0x50, 0x10, 0x02, 0x12, 0x0d, 0x0a, 0x09, 0x57, 0x65, 0x62, 0x53, 0x6f, 0x63, 0x6b, 0x65, 0x74, 0x10, 0x03, 0x12, 0x08, 0x0a, 0x04, 0x48, 0x54, 0x54, 0x50, 0x10, 0x04, 0x12, 0x10, 0x0a, 0x0c, 0x44, 0x6f, 0x6d, 0x61, 0x69, 0x6e, 0x53, 0x6f, 0x63, 0x6b, 0x65, 0x74, - 0x10, 0x05, 0x2a, 0x41, 0x0a, 0x0e, 0x44, 0x6f, 0x6d, 0x61, 0x69, 0x6e, 0x53, 0x74, 0x72, 0x61, - 0x74, 0x65, 0x67, 0x79, 0x12, 0x09, 0x0a, 0x05, 0x41, 0x53, 0x5f, 0x49, 0x53, 0x10, 0x00, 0x12, - 0x0a, 0x0a, 0x06, 0x55, 0x53, 0x45, 0x5f, 0x49, 0x50, 0x10, 0x01, 0x12, 0x0b, 0x0a, 0x07, 0x55, - 0x53, 0x45, 0x5f, 0x49, 0x50, 0x34, 0x10, 0x02, 0x12, 0x0b, 0x0a, 0x07, 0x55, 0x53, 0x45, 0x5f, - 0x49, 0x50, 0x36, 0x10, 0x03, 0x42, 0x67, 0x0a, 0x1b, 0x63, 0x6f, 0x6d, 0x2e, 0x78, 0x72, 0x61, - 0x79, 0x2e, 0x74, 0x72, 0x61, 0x6e, 0x73, 0x70, 0x6f, 0x72, 0x74, 0x2e, 0x69, 0x6e, 0x74, 0x65, - 0x72, 0x6e, 0x65, 0x74, 0x50, 0x01, 0x5a, 0x2c, 0x67, 0x69, 0x74, 0x68, 0x75, 0x62, 0x2e, 0x63, - 0x6f, 0x6d, 0x2f, 0x78, 0x74, 0x6c, 0x73, 0x2f, 0x78, 0x72, 0x61, 0x79, 0x2d, 0x63, 0x6f, 0x72, - 0x65, 0x2f, 0x74, 0x72, 0x61, 0x6e, 0x73, 0x70, 0x6f, 0x72, 0x74, 0x2f, 0x69, 0x6e, 0x74, 0x65, - 0x72, 0x6e, 0x65, 0x74, 0xaa, 0x02, 0x17, 0x58, 0x72, 0x61, 0x79, 0x2e, 0x54, 0x72, 0x61, 0x6e, - 0x73, 0x70, 0x6f, 0x72, 0x74, 0x2e, 0x49, 0x6e, 0x74, 0x65, 0x72, 0x6e, 0x65, 0x74, 0x62, 0x06, - 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33, + 0x10, 0x05, 0x2a, 0xa9, 0x01, 0x0a, 0x0e, 0x44, 0x6f, 0x6d, 0x61, 0x69, 0x6e, 0x53, 0x74, 0x72, + 0x61, 0x74, 0x65, 0x67, 0x79, 0x12, 0x09, 0x0a, 0x05, 0x41, 0x53, 0x5f, 0x49, 0x53, 0x10, 0x00, + 0x12, 0x0a, 0x0a, 0x06, 0x55, 0x53, 0x45, 0x5f, 0x49, 0x50, 0x10, 0x01, 0x12, 0x0b, 0x0a, 0x07, + 0x55, 0x53, 0x45, 0x5f, 0x49, 0x50, 0x34, 0x10, 0x02, 0x12, 0x0b, 0x0a, 0x07, 0x55, 0x53, 0x45, + 0x5f, 0x49, 0x50, 0x36, 0x10, 0x03, 0x12, 0x0c, 0x0a, 0x08, 0x55, 0x53, 0x45, 0x5f, 0x49, 0x50, + 0x34, 0x36, 0x10, 0x04, 0x12, 0x0c, 0x0a, 0x08, 0x55, 0x53, 0x45, 0x5f, 0x49, 0x50, 0x36, 0x34, + 0x10, 0x05, 0x12, 0x0c, 0x0a, 0x08, 0x46, 0x4f, 0x52, 0x43, 0x45, 0x5f, 0x49, 0x50, 0x10, 0x06, + 0x12, 0x0d, 0x0a, 0x09, 0x46, 0x4f, 0x52, 0x43, 0x45, 0x5f, 0x49, 0x50, 0x34, 0x10, 0x07, 0x12, + 0x0d, 0x0a, 0x09, 0x46, 0x4f, 0x52, 0x43, 0x45, 0x5f, 0x49, 0x50, 0x36, 0x10, 0x08, 0x12, 0x0e, + 0x0a, 0x0a, 0x46, 0x4f, 0x52, 0x43, 0x45, 0x5f, 0x49, 0x50, 0x34, 0x36, 0x10, 0x09, 0x12, 0x0e, + 0x0a, 0x0a, 0x46, 0x4f, 0x52, 0x43, 0x45, 0x5f, 0x49, 0x50, 0x36, 0x34, 0x10, 0x0a, 0x42, 0x67, + 0x0a, 0x1b, 0x63, 0x6f, 0x6d, 0x2e, 0x78, 0x72, 0x61, 0x79, 0x2e, 0x74, 0x72, 0x61, 0x6e, 0x73, + 0x70, 0x6f, 0x72, 0x74, 0x2e, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x6e, 0x65, 0x74, 0x50, 0x01, 0x5a, + 0x2c, 0x67, 0x69, 0x74, 0x68, 0x75, 0x62, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x78, 0x74, 0x6c, 0x73, + 0x2f, 0x78, 0x72, 0x61, 0x79, 0x2d, 0x63, 0x6f, 0x72, 0x65, 0x2f, 0x74, 0x72, 0x61, 0x6e, 0x73, + 0x70, 0x6f, 0x72, 0x74, 0x2f, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x6e, 0x65, 0x74, 0xaa, 0x02, 0x17, + 0x58, 0x72, 0x61, 0x79, 0x2e, 0x54, 0x72, 0x61, 0x6e, 0x73, 0x70, 0x6f, 0x72, 0x74, 0x2e, 0x49, + 0x6e, 0x74, 0x65, 0x72, 0x6e, 0x65, 0x74, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33, } var ( diff --git a/transport/internet/config.proto b/transport/internet/config.proto index 550d00ec..f596d19f 100644 --- a/transport/internet/config.proto +++ b/transport/internet/config.proto @@ -22,6 +22,13 @@ enum DomainStrategy { USE_IP = 1; USE_IP4 = 2; USE_IP6 = 3; + USE_IP46 = 4; + USE_IP64 = 5; + FORCE_IP = 6; + FORCE_IP4 = 7; + FORCE_IP6 = 8; + FORCE_IP46 = 9; + FORCE_IP64 = 10; } message TransportConfig { diff --git a/transport/internet/dialer.go b/transport/internet/dialer.go index d178bdcd..deae4df0 100644 --- a/transport/internet/dialer.go +++ b/transport/internet/dialer.go @@ -78,37 +78,27 @@ func lookupIP(domain string, strategy DomainStrategy, localAddr net.Address) ([] return nil, nil } - option := dns.IPOption{ - IPv4Enable: true, - IPv6Enable: true, - FakeEnable: false, + ips, err := dnsClient.LookupIP(domain, dns.IPOption{ + IPv4Enable: (localAddr == nil || localAddr.Family().IsIPv4()) && strategy.preferIP4(), + IPv6Enable: (localAddr == nil || localAddr.Family().IsIPv6()) && strategy.preferIP6(), + }) + { // Resolve fallback + if (len(ips) == 0 || err != nil) && strategy.hasFallback() && localAddr == nil { + ips, err = dnsClient.LookupIP(domain, dns.IPOption{ + IPv4Enable: strategy.fallbackIP4(), + IPv6Enable: strategy.fallbackIP6(), + }) + } } - switch { - case strategy == DomainStrategy_USE_IP4 || (localAddr != nil && localAddr.Family().IsIPv4()): - option = dns.IPOption{ - IPv4Enable: true, - IPv6Enable: false, - FakeEnable: false, - } - case strategy == DomainStrategy_USE_IP6 || (localAddr != nil && localAddr.Family().IsIPv6()): - option = dns.IPOption{ - IPv4Enable: false, - IPv6Enable: true, - FakeEnable: false, - } - case strategy == DomainStrategy_AS_IS: - return nil, nil - } - - return dnsClient.LookupIP(domain, option) + return ips, err } func canLookupIP(ctx context.Context, dst net.Destination, sockopt *SocketConfig) bool { if dst.Address.Family().IsIP() || dnsClient == nil { return false } - return sockopt.DomainStrategy != DomainStrategy_AS_IS + return sockopt.DomainStrategy.hasStrategy() } func redirect(ctx context.Context, dst net.Destination, obt string) net.Conn { From 7205298474ef57821d87e5230430c6ccc1e19c4b Mon Sep 17 00:00:00 2001 From: yuhan6665 <1588741+yuhan6665@users.noreply.github.com> Date: Sun, 12 Nov 2023 16:07:26 -0500 Subject: [PATCH 036/100] Update dependencies --- go.mod | 30 +++++++++++++-------------- go.sum | 64 +++++++++++++++++++++++++++++----------------------------- 2 files changed, 47 insertions(+), 47 deletions(-) diff --git a/go.mod b/go.mod index f3abbad1..f0e15d8f 100644 --- a/go.mod +++ b/go.mod @@ -1,6 +1,6 @@ module github.com/xtls/xray-core -go 1.21 +go 1.21.4 require ( github.com/ghodss/yaml v1.0.1-0.20220118164431-d8423dcdf344 @@ -18,7 +18,7 @@ require ( github.com/stretchr/testify v1.8.4 github.com/v2fly/ss-bloomring v0.0.0-20210312155135-28617310f63e github.com/vishvananda/netlink v1.2.1-beta.2.0.20230316163032-ced5aaba43e3 - github.com/xtls/reality v0.0.0-20230828171259-e426190d57f6 + github.com/xtls/reality v0.0.0-20231112171332-de1173cf2b19 go4.org/netipx v0.0.0-20230824141953-6213f710f925 golang.org/x/crypto v0.15.0 golang.org/x/net v0.18.0 @@ -32,8 +32,8 @@ require ( ) require ( - github.com/andybalholm/brotli v1.0.5 // indirect - github.com/cloudflare/circl v1.3.3 // indirect + github.com/andybalholm/brotli v1.0.6 // indirect + github.com/cloudflare/circl v1.3.6 // indirect github.com/davecgh/go-spew v1.1.1 // indirect github.com/dgryski/go-metro v0.0.0-20211217172704-adc40b04c140 // indirect github.com/francoispqt/gojay v1.2.13 // indirect @@ -41,23 +41,23 @@ require ( github.com/go-task/slim-sprig v0.0.0-20230315185526-52ccab3ef572 // indirect github.com/golang/protobuf v1.5.3 // indirect github.com/google/btree v1.1.2 // indirect - github.com/google/pprof v0.0.0-20230926050212-f7f687d19a98 // indirect - github.com/klauspost/compress v1.17.0 // indirect - github.com/klauspost/cpuid/v2 v2.2.5 // indirect - github.com/onsi/ginkgo/v2 v2.12.1 // indirect + github.com/google/pprof v0.0.0-20231101202521-4ca4178f5c7a // indirect + github.com/klauspost/compress v1.17.2 // indirect + github.com/klauspost/cpuid/v2 v2.2.6 // indirect + github.com/onsi/ginkgo/v2 v2.13.1 // indirect github.com/pmezard/go-difflib v1.0.0 // indirect github.com/quic-go/qtls-go1-20 v0.4.1 // indirect github.com/riobard/go-bloom v0.0.0-20200614022211-cdc8013cb5b3 // indirect - github.com/vishvananda/netns v0.0.0-20211101163701-50045581ed74 // indirect + github.com/vishvananda/netns v0.0.4 // indirect go.uber.org/mock v0.3.0 // indirect - golang.org/x/exp v0.0.0-20230905200255-921286631fa9 // indirect - golang.org/x/mod v0.12.0 // indirect + golang.org/x/exp v0.0.0-20231110203233-9a3e6036ecaa // indirect + golang.org/x/mod v0.14.0 // indirect golang.org/x/text v0.14.0 // indirect - golang.org/x/time v0.3.0 // indirect - golang.org/x/tools v0.13.0 // indirect + golang.org/x/time v0.4.0 // indirect + golang.org/x/tools v0.15.0 // indirect golang.zx2c4.com/wintun v0.0.0-20230126152724-0fa3db229ce2 // indirect - google.golang.org/genproto/googleapis/rpc v0.0.0-20230822172742-b8732ec3820d // indirect + google.golang.org/genproto/googleapis/rpc v0.0.0-20231106174013-bbf56f31fb17 // indirect gopkg.in/yaml.v2 v2.4.0 // indirect gopkg.in/yaml.v3 v3.0.1 // indirect - gvisor.dev/gvisor v0.0.0-20230927004350-cbd86285d259 // indirect + gvisor.dev/gvisor v0.0.0-20231104011432-48a6d7d5bd0b // indirect ) diff --git a/go.sum b/go.sum index 3195b2b6..36a5e317 100644 --- a/go.sum +++ b/go.sum @@ -8,15 +8,15 @@ dmitri.shuralyov.com/service/change v0.0.0-20181023043359-a85b471d5412/go.mod h1 dmitri.shuralyov.com/state v0.0.0-20180228185332-28bcc343414c/go.mod h1:0PRwlb0D6DFvNNtx+9ybjezNCa8XF0xaYcETyp6rHWU= git.apache.org/thrift.git v0.0.0-20180902110319-2566ecd5d999/go.mod h1:fPE2ZNJGynbRyZ4dJvy6G277gSllfV2HJqblrnkyeyg= github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= -github.com/andybalholm/brotli v1.0.5 h1:8uQZIdzKmjc/iuPu7O2ioW48L81FgatrcpfFmiq/cCs= -github.com/andybalholm/brotli v1.0.5/go.mod h1:fO7iG3H7G2nSZ7m0zPUDn85XEX2GTukHGRSepvi9Eig= +github.com/andybalholm/brotli v1.0.6 h1:Yf9fFpf49Zrxb9NlQaluyE92/+X7UVHlhMNJN2sxfOI= +github.com/andybalholm/brotli v1.0.6/go.mod h1:fO7iG3H7G2nSZ7m0zPUDn85XEX2GTukHGRSepvi9Eig= github.com/anmitsu/go-shlex v0.0.0-20161002113705-648efa622239/go.mod h1:2FmKhYUyUczH0OGQWaF5ceTx0UBShxjsH6f8oGKYe2c= github.com/beorn7/perks v0.0.0-20180321164747-3a771d992973/go.mod h1:Dwedo/Wpr24TaqPxmxbtue+5NUziq4I4S80YR8gNf3Q= github.com/bradfitz/go-smtpd v0.0.0-20170404230938-deb6d6237625/go.mod h1:HYsPBTaaSFSlLx/70C2HPIMNZpVV8+vt/A+FMnYP11g= github.com/buger/jsonparser v0.0.0-20181115193947-bf1c66bbce23/go.mod h1:bbYlZJ7hK1yFx9hf58LP0zeX7UjIGs20ufpu3evjr+s= github.com/client9/misspell v0.3.4/go.mod h1:qj6jICC3Q7zFZvVWo7KLAzC3yx5G7kyvSDkc90ppPyw= -github.com/cloudflare/circl v1.3.3 h1:fE/Qz0QdIGqeWfnwq0RE0R7MI51s0M2E4Ga9kq5AEMs= -github.com/cloudflare/circl v1.3.3/go.mod h1:5XYMA4rFBvNIrhs50XuiBJ15vF2pZn4nnUKZrLbUZFA= +github.com/cloudflare/circl v1.3.6 h1:/xbKIqSHbZXHwkhbrhrt2YOHIwYJlXH94E3tI/gDlUg= +github.com/cloudflare/circl v1.3.6/go.mod h1:5XYMA4rFBvNIrhs50XuiBJ15vF2pZn4nnUKZrLbUZFA= github.com/coreos/go-systemd v0.0.0-20181012123002-c6f51f82210d/go.mod h1:F5haX7vjVVG0kc13fIWeqUViNPyEJxv/OmvnBo0Yme4= github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= @@ -36,8 +36,8 @@ github.com/ghodss/yaml v1.0.1-0.20220118164431-d8423dcdf344 h1:Arcl6UOIS/kgO2nW3 github.com/ghodss/yaml v1.0.1-0.20220118164431-d8423dcdf344/go.mod h1:GIjDIg/heH5DOkXY3YJ/wNhfHsQHoXGjl8G8amsYQ1I= github.com/gliderlabs/ssh v0.1.1/go.mod h1:U7qILu1NlMHj9FlMhZLlkCdDnU1DBEAqr0aevW3Awn0= github.com/go-errors/errors v1.0.1/go.mod h1:f4zRHt4oKfwPJE5k8C9vpYG+aDHdBFUsgrm6/TyX73Q= -github.com/go-logr/logr v1.2.4 h1:g01GSCwiDw2xSZfjJ2/T9M+S6pFdcNtFYsp+Y43HYDQ= -github.com/go-logr/logr v1.2.4/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A= +github.com/go-logr/logr v1.3.0 h1:2y3SDp0ZXuc6/cjLSZ+Q3ir+QB9T/iG5yYRXqsagWSY= +github.com/go-logr/logr v1.3.0/go.mod h1:9T104GzyrTigFIr8wt5mBrctHMim0Nb2HLGrmQ40KvY= github.com/go-task/slim-sprig v0.0.0-20230315185526-52ccab3ef572 h1:tfuBGBXKqDEevZMzYi5KSi8KkcZtzBcTgAUUtapy0OI= github.com/go-task/slim-sprig v0.0.0-20230315185526-52ccab3ef572/go.mod h1:9Pwr4B2jHnOSGXyyzV8ROjYa2ojvAY6HCGYYfMoC3Ls= github.com/gogo/protobuf v1.1.1/go.mod h1:r8qH/GZQm5c6nD/R0oafs1akxWv10x8SbQlK7atdtwQ= @@ -63,8 +63,8 @@ github.com/google/go-github v17.0.0+incompatible/go.mod h1:zLgOLi98H3fifZn+44m+u github.com/google/go-querystring v1.0.0/go.mod h1:odCYkC5MyYFN7vkCjXpyrEuKhc/BUO6wN/zVPAxq5ck= github.com/google/martian v2.1.0+incompatible/go.mod h1:9I4somxYTbIHy5NJKHRl3wXiIaQGbYVAs8BPL6v8lEs= github.com/google/pprof v0.0.0-20181206194817-3ea8567a2e57/go.mod h1:zfwlbNMJ+OItoe0UupaVj+oy1omPYYDuagoSzA8v9mc= -github.com/google/pprof v0.0.0-20230926050212-f7f687d19a98 h1:pUa4ghanp6q4IJHwE9RwLgmVFfReJN+KbQ8ExNEUUoQ= -github.com/google/pprof v0.0.0-20230926050212-f7f687d19a98/go.mod h1:czg5+yv1E0ZGTi6S6vVK1mke0fV+FaUhNGcd6VRS9Ik= +github.com/google/pprof v0.0.0-20231101202521-4ca4178f5c7a h1:fEBsGL/sjAuJrgah5XqmmYsTLzJp/TO9Lhy39gkverk= +github.com/google/pprof v0.0.0-20231101202521-4ca4178f5c7a/go.mod h1:czg5+yv1E0ZGTi6S6vVK1mke0fV+FaUhNGcd6VRS9Ik= github.com/googleapis/gax-go v2.0.0+incompatible/go.mod h1:SFVmujtThgffbyetf+mdk2eWhX2bMyUtNHzFKcPA9HY= github.com/googleapis/gax-go/v2 v2.0.3/go.mod h1:LLvjysVCY1JZeum8Z6l8qUty8fiNwE08qbEPm1M08qg= github.com/gopherjs/gopherjs v0.0.0-20181017120253-0766667cb4d1/go.mod h1:wJfORRmW1u3UXTncJ5qlYoELFm8eSnnEO6hX4iZ3EWY= @@ -78,10 +78,10 @@ github.com/jellevandenhooff/dkim v0.0.0-20150330215556-f50fe3d243e1/go.mod h1:E0 github.com/json-iterator/go v1.1.6/go.mod h1:+SdeFBvtyEkXs7REEP0seUULqWtbJapLOCVDaaPEHmU= github.com/jstemmer/go-junit-report v0.0.0-20190106144839-af01ea7f8024/go.mod h1:6v2b51hI/fHJwM22ozAgKL4VKDeJcHhJFhtBdhmNjmU= github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck= -github.com/klauspost/compress v1.17.0 h1:Rnbp4K9EjcDuVuHtd0dgA4qNuv9yKDYKK1ulpJwgrqM= -github.com/klauspost/compress v1.17.0/go.mod h1:ntbaceVETuRiXiv4DpjP66DpAtAGkEQskQzEyD//IeE= -github.com/klauspost/cpuid/v2 v2.2.5 h1:0E5MSMDEoAulmXNFquVs//DdoomxaoTY1kUhbc/qbZg= -github.com/klauspost/cpuid/v2 v2.2.5/go.mod h1:Lcz8mBdAVJIBVzewtcLocK12l3Y+JytZYpaMropDUws= +github.com/klauspost/compress v1.17.2 h1:RlWWUY/Dr4fL8qk9YG7DTZ7PDgME2V4csBXA8L/ixi4= +github.com/klauspost/compress v1.17.2/go.mod h1:ntbaceVETuRiXiv4DpjP66DpAtAGkEQskQzEyD//IeE= +github.com/klauspost/cpuid/v2 v2.2.6 h1:ndNyv040zDGIDh8thGkXYjnFtiN02M1PVVF+JE/48xc= +github.com/klauspost/cpuid/v2 v2.2.6/go.mod h1:Lcz8mBdAVJIBVzewtcLocK12l3Y+JytZYpaMropDUws= github.com/kr/pretty v0.1.0 h1:L/CwN0zerZDmRFUapSPitk6f+Q3+0za1rQkzVuMiMFI= github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo= github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ= @@ -98,10 +98,10 @@ github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd/go.mod h1:6dJ github.com/modern-go/reflect2 v1.0.1/go.mod h1:bx2lNnkwVCuqBIxFjflWJWanXIb3RllmbCylyMrvgv0= github.com/neelance/astrewrite v0.0.0-20160511093645-99348263ae86/go.mod h1:kHJEU3ofeGjhHklVoIGuVj85JJwZ6kWPaJwCIxgnFmo= github.com/neelance/sourcemap v0.0.0-20151028013722-8c68805598ab/go.mod h1:Qr6/a/Q4r9LP1IltGz7tA7iOK1WonHEYhu1HRBA7ZiM= -github.com/onsi/ginkgo/v2 v2.12.1 h1:uHNEO1RP2SpuZApSkel9nEh1/Mu+hmQe7Q+Pepg5OYA= -github.com/onsi/ginkgo/v2 v2.12.1/go.mod h1:TE309ZR8s5FsKKpuB1YAQYBzCaAfUgatB/xlT/ETL/o= -github.com/onsi/gomega v1.27.10 h1:naR28SdDFlqrG6kScpT8VWpu1xWY5nJRCF3XaYyBjhI= -github.com/onsi/gomega v1.27.10/go.mod h1:RsS8tutOdbdgzbPtzzATp12yT7kM5I5aElG3evPbQ0M= +github.com/onsi/ginkgo/v2 v2.13.1 h1:LNGfMbR2OVGBfXjvRZIZ2YCTQdGKtPLvuI1rMCCj3OU= +github.com/onsi/ginkgo/v2 v2.13.1/go.mod h1:XStQ8QcGwLyF4HdfcZB8SFOS/MWCgDuXMSBe6zrvLgM= +github.com/onsi/gomega v1.29.0 h1:KIA/t2t5UBzoirT4H9tsML45GEbo3ouUnBHsCfD2tVg= +github.com/onsi/gomega v1.29.0/go.mod h1:9sxs+SwGrKI0+PWe4Fxa9tFQQBG5xSsSbMXOI8PPpoQ= github.com/openzipkin/zipkin-go v0.1.1/go.mod h1:NtoC/o8u3JlF1lSlyPNswIbeQH9bJTmOf0Erfk+hxe8= github.com/pelletier/go-toml v1.9.5 h1:4yBQzkHv+7BHq2PQUZF3Mx0IYxG7LsP222s7Agd3ve8= github.com/pelletier/go-toml v1.9.5/go.mod h1:u1nR/EPcESfeI/szUZKdtJ0xRNbUoANCkoOuaOx1Y+c= @@ -169,10 +169,10 @@ github.com/viant/toolbox v0.24.0/go.mod h1:OxMCG57V0PXuIP2HNQrtJf2CjqdmbrOx5EkMI github.com/vishvananda/netlink v1.2.1-beta.2.0.20230316163032-ced5aaba43e3 h1:tkMT5pTye+1NlKIXETU78NXw0fyjnaNHmJyyLyzw8+U= github.com/vishvananda/netlink v1.2.1-beta.2.0.20230316163032-ced5aaba43e3/go.mod h1:cAAsePK2e15YDAMJNyOpGYEWNe4sIghTY7gpz4cX/Ik= github.com/vishvananda/netns v0.0.0-20200728191858-db3c7e526aae/go.mod h1:DD4vA1DwXk04H54A1oHXtwZmA0grkVMdPxx/VGLCah0= -github.com/vishvananda/netns v0.0.0-20211101163701-50045581ed74 h1:gga7acRE695APm9hlsSMoOoE65U4/TcqNj90mc69Rlg= -github.com/vishvananda/netns v0.0.0-20211101163701-50045581ed74/go.mod h1:DD4vA1DwXk04H54A1oHXtwZmA0grkVMdPxx/VGLCah0= -github.com/xtls/reality v0.0.0-20230828171259-e426190d57f6 h1:T+YCYGfFdzyaKTDCdZn/hEiKvsw6yUfd+e4hze0rCUw= -github.com/xtls/reality v0.0.0-20230828171259-e426190d57f6/go.mod h1:rkuAY1S9F8eI8gDiPDYvACE8e2uwkyg8qoOTuwWov7Y= +github.com/vishvananda/netns v0.0.4 h1:Oeaw1EM2JMxD51g9uhtC0D7erkIjgmj8+JZc26m1YX8= +github.com/vishvananda/netns v0.0.4/go.mod h1:SpkAiCQRtJ6TvvxPnOSyH3BMl6unz3xZlaprSwhNNJM= +github.com/xtls/reality v0.0.0-20231112171332-de1173cf2b19 h1:capMfFYRgH9BCLd6A3Er/cH3A9Nz3CU2KwxwOQZIePI= +github.com/xtls/reality v0.0.0-20231112171332-de1173cf2b19/go.mod h1:dm4y/1QwzjGaK17ofi0Vs6NpKAHegZky8qk6J2JJZAE= github.com/yuin/goldmark v1.3.5/go.mod h1:mwnBkeHKe2W/ZEtQ+71ViKU8L12m81fl3OWwC1Zlc8k= go.opencensus.io v0.18.0/go.mod h1:vKdFvxhtzZ9onBp9VKHK8z/sRpBMnKAsufL7wlDrCOA= go.uber.org/mock v0.3.0 h1:3mUxI1No2/60yUYax92Pt8eNOEecx2D3lcXZh2NEZJo= @@ -188,14 +188,14 @@ golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8U golang.org/x/crypto v0.15.0 h1:frVn1TEaCEaZcn3Tmd7Y2b5KKPaZ+I32Q2OA3kYp5TA= golang.org/x/crypto v0.15.0/go.mod h1:4ChreQoLWfG3xLDer1WdlH5NdlQ3+mwnQq1YTKY+72g= golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= -golang.org/x/exp v0.0.0-20230905200255-921286631fa9 h1:GoHiUyI/Tp2nVkLI2mCxVkOjsbSXD66ic0XW0js0R9g= -golang.org/x/exp v0.0.0-20230905200255-921286631fa9/go.mod h1:S2oDrQGGwySpoQPVqRShND87VCbxmc6bL1Yd2oYrm6k= +golang.org/x/exp v0.0.0-20231110203233-9a3e6036ecaa h1:FRnLl4eNAQl8hwxVVC17teOw8kdjVDVAiFMtgUdTSRQ= +golang.org/x/exp v0.0.0-20231110203233-9a3e6036ecaa/go.mod h1:zk2irFbV9DP96SEBUUAy67IdHUaZuSnrz1n472HUCLE= golang.org/x/lint v0.0.0-20180702182130-06c8688daad7/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE= golang.org/x/lint v0.0.0-20181026193005-c67002cb31c3/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE= golang.org/x/lint v0.0.0-20190227174305-5b3e6a55c961/go.mod h1:wehouNa3lNwaWXcvxsM5YxQ5yQlVC4a0KAMCusXpPoU= golang.org/x/mod v0.4.2/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= -golang.org/x/mod v0.12.0 h1:rmsUpXtvNzj340zd98LZ4KntptpfRHwpFOHG188oHXc= -golang.org/x/mod v0.12.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs= +golang.org/x/mod v0.14.0 h1:dGoOF9QVLYng8IHTm7BAyWqCqSheQ5pYWGhzW00YJr0= +golang.org/x/mod v0.14.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c= golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20180826012351-8a410e7b638d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20180906233101-161cd47e91fd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= @@ -244,8 +244,8 @@ golang.org/x/text v0.14.0 h1:ScX5w1eTa3QqT8oi6+ziP7dTV1S2+ALU0bI+0zXKWiQ= golang.org/x/text v0.14.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU= golang.org/x/time v0.0.0-20180412165947-fbb02b2291d2/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= -golang.org/x/time v0.3.0 h1:rg5rLMjNzMS1RkNLzCG38eapWhnYLFYXDXj2gOlr8j4= -golang.org/x/time v0.3.0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= +golang.org/x/time v0.4.0 h1:Z81tqI5ddIoXDPvVQ7/7CC9TnLM7ubaFG2qXYd5BbYY= +golang.org/x/time v0.4.0/go.mod h1:3BpzKBy/shNhVucY/MWOyx10tF3SFh9QdLuxbVysPQM= golang.org/x/tools v0.0.0-20180828015842-6cd1fcedba52/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/tools v0.0.0-20181030000716-a0a13e073c7b/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= @@ -253,8 +253,8 @@ golang.org/x/tools v0.0.0-20190114222345-bf090417da8b/go.mod h1:n7NCudcB/nEzxVGm golang.org/x/tools v0.0.0-20190226205152-f727befe758c/go.mod h1:9Yl7xja0Znq3iFh3HoIrodX9oNMXvdceNzlUR8zjMvY= golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.1.1/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk= -golang.org/x/tools v0.13.0 h1:Iey4qkscZuv0VvIt8E0neZjtPVQFSc870HQ448QgEmQ= -golang.org/x/tools v0.13.0/go.mod h1:HvlwmtVNQAhOuCjW7xxvovg8wbNq7LwfXh/k7wXUl58= +golang.org/x/tools v0.15.0 h1:zdAyfUGbYmuVokhzVmghFl2ZJh5QhcfebBgmVPFYA+8= +golang.org/x/tools v0.15.0/go.mod h1:hpksKq4dtpQWS1uQ61JkdqWM3LscIS6Slf+VVkm+wQk= golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= @@ -275,8 +275,8 @@ google.golang.org/genproto v0.0.0-20180831171423-11092d34479b/go.mod h1:JiN7NxoA google.golang.org/genproto v0.0.0-20181029155118-b69ba1387ce2/go.mod h1:JiN7NxoALGmiZfu7CAH4rXhgtRTLTxftemlI0sWmxmc= google.golang.org/genproto v0.0.0-20181202183823-bd91e49a0898/go.mod h1:7Ep/1NZk928CDR8SjdVbjWNpdIf6nzjE3BTgJDr2Atg= google.golang.org/genproto v0.0.0-20190306203927-b5d61aea6440/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE= -google.golang.org/genproto/googleapis/rpc v0.0.0-20230822172742-b8732ec3820d h1:uvYuEyMHKNt+lT4K3bN6fGswmK8qSvcreM3BwjDh+y4= -google.golang.org/genproto/googleapis/rpc v0.0.0-20230822172742-b8732ec3820d/go.mod h1:+Bk1OCOj40wS2hwAMA+aCW9ypzm63QTBBHp6lQ3p+9M= +google.golang.org/genproto/googleapis/rpc v0.0.0-20231106174013-bbf56f31fb17 h1:Jyp0Hsi0bmHXG6k9eATXoYtjd6e2UzZ1SCn/wIupY14= +google.golang.org/genproto/googleapis/rpc v0.0.0-20231106174013-bbf56f31fb17/go.mod h1:oQ5rr10WTTMvP4A36n8JpR1OrO1BEiV4f78CneXZxkA= google.golang.org/grpc v1.14.0/go.mod h1:yo6s7OP7yaDglbqo1J04qKzAhqBH6lvTonzMVmEdcZw= google.golang.org/grpc v1.16.0/go.mod h1:0JHn/cJsOMiMfNA9+DeHDlAU7KAAB5GDlYFpa9MZMio= google.golang.org/grpc v1.17.0/go.mod h1:6QZJwpn2B+Zp71q/5VxRsJ6NXXVCE5NRUHRo+f3cWCs= @@ -300,8 +300,8 @@ gopkg.in/yaml.v3 v3.0.0-20200605160147-a5ece683394c/go.mod h1:K4uyk7z7BCEPqu6E+C gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA= gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= grpc.go4.org v0.0.0-20170609214715-11d0a25b4919/go.mod h1:77eQGdRu53HpSqPFJFmuJdjuHRquDANNeA4x7B8WQ9o= -gvisor.dev/gvisor v0.0.0-20230927004350-cbd86285d259 h1:TbRPT0HtzFP3Cno1zZo7yPzEEnfu8EjLfl6IU9VfqkQ= -gvisor.dev/gvisor v0.0.0-20230927004350-cbd86285d259/go.mod h1:AVgIgHMwK63XvmAzWG9vLQ41YnVHN0du0tEC46fI7yY= +gvisor.dev/gvisor v0.0.0-20231104011432-48a6d7d5bd0b h1:yqkg3pTifuKukuWanp8spDsL4irJkHF5WI0J47hU87o= +gvisor.dev/gvisor v0.0.0-20231104011432-48a6d7d5bd0b/go.mod h1:10sU+Uh5KKNv1+2x2A0Gvzt8FjD3ASIhorV3YsauXhk= h12.io/socks v1.0.3 h1:Ka3qaQewws4j4/eDQnOdpr4wXsC//dXtWvftlIcCQUo= h12.io/socks v1.0.3/go.mod h1:AIhxy1jOId/XCz9BO+EIgNL2rQiPTBNnOfnVnQ+3Eck= honnef.co/go/tools v0.0.0-20180728063816-88497007e858/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= From ac52a226d16b77c400535feb5eddc395aa1113bd Mon Sep 17 00:00:00 2001 From: yuhan6665 <1588741+yuhan6665@users.noreply.github.com> Date: Sun, 12 Nov 2023 16:57:15 -0500 Subject: [PATCH 037/100] v1.8.5 --- core/core.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/core/core.go b/core/core.go index e1128775..dfcaac6d 100644 --- a/core/core.go +++ b/core/core.go @@ -21,7 +21,7 @@ import ( var ( Version_x byte = 1 Version_y byte = 8 - Version_z byte = 4 + Version_z byte = 5 ) var ( From f1c81557dcf8251e98f5a474931473dfa630fc1a Mon Sep 17 00:00:00 2001 From: cty123 Date: Tue, 14 Nov 2023 00:00:04 +0100 Subject: [PATCH 038/100] #2605: Add safety check for type casting for QUIC dialer Issue #2605 brought up real problem that QUIC dialer doesn't support sockopt at the moment. Inside `internet.DialSystem(...)` function, one of the branch that involves `redirect(...)` returns `cnc.connection` instance that is currently unhandled by the code logic, and thus caused program panic during runtime. It seems the sockopt support for QUIC protocol requires a couple changes including making `cnc.connection` public, such that we can handle in dialer, along with some thorough tests, this commit simply adds safety check to explicity state the fact that QUIC isn't working with sockopt. And the implementation of the feature can be scheduled later on. --- transport/internet/quic/dialer.go | 15 ++++++++++++--- 1 file changed, 12 insertions(+), 3 deletions(-) diff --git a/transport/internet/quic/dialer.go b/transport/internet/quic/dialer.go index 1358dac7..c6bc08aa 100644 --- a/transport/internet/quic/dialer.go +++ b/transport/internet/quic/dialer.go @@ -146,10 +146,19 @@ func (s *clientConnections) openConnection(ctx context.Context, destAddr net.Add return qlog.NewConnectionTracer(&QlogWriter{connID: ci}, p, ci) }, } - udpConn, _ := rawConn.(*net.UDPConn) - if udpConn == nil { - udpConn = rawConn.(*internet.PacketConnWrapper).Conn.(*net.UDPConn) + + var udpConn *net.UDPConn + switch conn := rawConn.(type) { + case *net.UDPConn: + udpConn = conn + case *internet.PacketConnWrapper: + udpConn = conn.Conn.(*net.UDPConn) + default: + // TODO: Support sockopt for QUIC + rawConn.Close() + return nil, newError("QUIC with sockopt is unsupported").AtWarning() } + sysConn, err := wrapSysConn(udpConn, config) if err != nil { rawConn.Close() From 0ac7da2fc8e26017c694c16bd2c2c2f1734c301c Mon Sep 17 00:00:00 2001 From: hax0r31337 <65506006+hax0r31337@users.noreply.github.com> Date: Sat, 18 Nov 2023 11:27:17 +0800 Subject: [PATCH 039/100] WireGuard Inbound (User-space WireGuard server) (#2477) * feat: wireguard inbound * feat(command): generate wireguard compatible keypair * feat(wireguard): connection idle timeout * fix(wireguard): close endpoint after connection closed * fix(wireguard): resolve conflicts * feat(wireguard): set cubic as default cc algorithm in gVisor TUN * chore(wireguard): resolve conflict * chore(wireguard): remove redurant code * chore(wireguard): remove redurant code * feat: rework server for gvisor tun * feat: keep user-space tun as an option * fix: exclude android from native tun build * feat: auto kernel tun * fix: build * fix: regulate function name & fix test --- go.mod | 4 +- go.sum | 3 +- infra/conf/wireguard.go | 71 ++++--- infra/conf/wireguard_test.go | 15 +- infra/conf/xray.go | 3 +- main/commands/all/x25519.go | 15 +- proxy/wireguard/bind.go | 170 ++++++--------- proxy/wireguard/client.go | 255 +++++++++++++++++++++++ proxy/wireguard/config.go | 7 + proxy/wireguard/config.pb.go | 58 ++++-- proxy/wireguard/config.proto | 40 ++-- proxy/wireguard/gvisortun/tun.go | 230 +++++++++++++++++++++ proxy/wireguard/server.go | 181 ++++++++++++++++ proxy/wireguard/tun.go | 100 +++++++++ proxy/wireguard/tun_default.go | 38 +--- proxy/wireguard/tun_linux.go | 16 +- proxy/wireguard/wireguard.go | 343 ++++++------------------------- 17 files changed, 1049 insertions(+), 500 deletions(-) create mode 100644 proxy/wireguard/client.go create mode 100644 proxy/wireguard/gvisortun/tun.go create mode 100644 proxy/wireguard/server.go diff --git a/go.mod b/go.mod index f0e15d8f..d7f43f89 100644 --- a/go.mod +++ b/go.mod @@ -27,6 +27,7 @@ require ( golang.zx2c4.com/wireguard v0.0.0-20231022001213-2e0774f246fb google.golang.org/grpc v1.59.0 google.golang.org/protobuf v1.31.0 + gvisor.dev/gvisor v0.0.0-20231104011432-48a6d7d5bd0b h12.io/socks v1.0.3 lukechampine.com/blake3 v1.2.1 ) @@ -48,7 +49,7 @@ require ( github.com/pmezard/go-difflib v1.0.0 // indirect github.com/quic-go/qtls-go1-20 v0.4.1 // indirect github.com/riobard/go-bloom v0.0.0-20200614022211-cdc8013cb5b3 // indirect - github.com/vishvananda/netns v0.0.4 // indirect + github.com/vishvananda/netns v0.0.0-20200728191858-db3c7e526aae // indirect go.uber.org/mock v0.3.0 // indirect golang.org/x/exp v0.0.0-20231110203233-9a3e6036ecaa // indirect golang.org/x/mod v0.14.0 // indirect @@ -59,5 +60,4 @@ require ( google.golang.org/genproto/googleapis/rpc v0.0.0-20231106174013-bbf56f31fb17 // indirect gopkg.in/yaml.v2 v2.4.0 // indirect gopkg.in/yaml.v3 v3.0.1 // indirect - gvisor.dev/gvisor v0.0.0-20231104011432-48a6d7d5bd0b // indirect ) diff --git a/go.sum b/go.sum index 36a5e317..22473052 100644 --- a/go.sum +++ b/go.sum @@ -168,9 +168,8 @@ github.com/viant/assertly v0.4.8/go.mod h1:aGifi++jvCrUaklKEKT0BU95igDNaqkvz+49u github.com/viant/toolbox v0.24.0/go.mod h1:OxMCG57V0PXuIP2HNQrtJf2CjqdmbrOx5EkMILuUhzM= github.com/vishvananda/netlink v1.2.1-beta.2.0.20230316163032-ced5aaba43e3 h1:tkMT5pTye+1NlKIXETU78NXw0fyjnaNHmJyyLyzw8+U= github.com/vishvananda/netlink v1.2.1-beta.2.0.20230316163032-ced5aaba43e3/go.mod h1:cAAsePK2e15YDAMJNyOpGYEWNe4sIghTY7gpz4cX/Ik= +github.com/vishvananda/netns v0.0.0-20200728191858-db3c7e526aae h1:4hwBBUfQCFe3Cym0ZtKyq7L16eZUtYKs+BaHDN6mAns= github.com/vishvananda/netns v0.0.0-20200728191858-db3c7e526aae/go.mod h1:DD4vA1DwXk04H54A1oHXtwZmA0grkVMdPxx/VGLCah0= -github.com/vishvananda/netns v0.0.4 h1:Oeaw1EM2JMxD51g9uhtC0D7erkIjgmj8+JZc26m1YX8= -github.com/vishvananda/netns v0.0.4/go.mod h1:SpkAiCQRtJ6TvvxPnOSyH3BMl6unz3xZlaprSwhNNJM= github.com/xtls/reality v0.0.0-20231112171332-de1173cf2b19 h1:capMfFYRgH9BCLd6A3Er/cH3A9Nz3CU2KwxwOQZIePI= github.com/xtls/reality v0.0.0-20231112171332-de1173cf2b19/go.mod h1:dm4y/1QwzjGaK17ofi0Vs6NpKAHegZky8qk6J2JJZAE= github.com/yuin/goldmark v1.3.5/go.mod h1:mwnBkeHKe2W/ZEtQ+71ViKU8L12m81fl3OWwC1Zlc8k= diff --git a/infra/conf/wireguard.go b/infra/conf/wireguard.go index 7b2b6bbf..a4f0eda6 100644 --- a/infra/conf/wireguard.go +++ b/infra/conf/wireguard.go @@ -13,7 +13,7 @@ type WireGuardPeerConfig struct { PublicKey string `json:"publicKey"` PreSharedKey string `json:"preSharedKey"` Endpoint string `json:"endpoint"` - KeepAlive int `json:"keepAlive"` + KeepAlive uint32 `json:"keepAlive"` AllowedIPs []string `json:"allowedIPs,omitempty"` } @@ -21,9 +21,11 @@ func (c *WireGuardPeerConfig) Build() (proto.Message, error) { var err error config := new(wireguard.PeerConfig) - config.PublicKey, err = parseWireGuardKey(c.PublicKey) - if err != nil { - return nil, err + if c.PublicKey != "" { + config.PublicKey, err = parseWireGuardKey(c.PublicKey) + if err != nil { + return nil, err + } } if c.PreSharedKey != "" { @@ -31,13 +33,11 @@ func (c *WireGuardPeerConfig) Build() (proto.Message, error) { if err != nil { return nil, err } - } else { - config.PreSharedKey = "0000000000000000000000000000000000000000000000000000000000000000" } config.Endpoint = c.Endpoint // default 0 - config.KeepAlive = int32(c.KeepAlive) + config.KeepAlive = c.KeepAlive if c.AllowedIPs == nil { config.AllowedIps = []string{"0.0.0.0/0", "::0/0"} } else { @@ -48,11 +48,14 @@ func (c *WireGuardPeerConfig) Build() (proto.Message, error) { } type WireGuardConfig struct { + IsClient bool `json:""` + + KernelMode *bool `json:"kernelMode"` SecretKey string `json:"secretKey"` Address []string `json:"address"` Peers []*WireGuardPeerConfig `json:"peers"` - MTU int `json:"mtu"` - NumWorkers int `json:"workers"` + MTU int32 `json:"mtu"` + NumWorkers int32 `json:"workers"` Reserved []byte `json:"reserved"` DomainStrategy string `json:"domainStrategy"` } @@ -87,11 +90,11 @@ func (c *WireGuardConfig) Build() (proto.Message, error) { if c.MTU == 0 { config.Mtu = 1420 } else { - config.Mtu = int32(c.MTU) + config.Mtu = c.MTU } - // these a fallback code exists in github.com/nanoda0523/wireguard-go code, + // these a fallback code exists in wireguard-go code, // we don't need to process fallback manually - config.NumWorkers = int32(c.NumWorkers) + config.NumWorkers = c.NumWorkers if len(c.Reserved) != 0 && len(c.Reserved) != 3 { return nil, newError(`"reserved" should be empty or 3 bytes`) @@ -113,22 +116,42 @@ func (c *WireGuardConfig) Build() (proto.Message, error) { return nil, newError("unsupported domain strategy: ", c.DomainStrategy) } + config.IsClient = c.IsClient + if c.KernelMode != nil { + config.KernelMode = *c.KernelMode + if config.KernelMode && !wireguard.KernelTunSupported() { + newError("kernel mode is not supported on your OS or permission is insufficient").AtWarning().WriteToLog() + } + } else { + config.KernelMode = wireguard.KernelTunSupported() + if config.KernelMode { + newError("kernel mode is enabled as it's supported and permission is sufficient").AtDebug().WriteToLog() + } + } + return config, nil } func parseWireGuardKey(str string) (string, error) { - if len(str) != 64 { - // may in base64 form - dat, err := base64.StdEncoding.DecodeString(str) - if err != nil { - return "", err + var err error + + if len(str)%2 == 0 { + _, err = hex.DecodeString(str) + if err == nil { + return str, nil } - if len(dat) != 32 { - return "", newError("key should be 32 bytes: " + str) - } - return hex.EncodeToString(dat), err - } else { - // already hex form - return str, nil } + + var dat []byte + str = strings.TrimSuffix(str, "=") + if strings.ContainsRune(str, '+') || strings.ContainsRune(str, '/') { + dat, err = base64.RawStdEncoding.DecodeString(str) + } else { + dat, err = base64.RawURLEncoding.DecodeString(str) + } + if err == nil { + return hex.EncodeToString(dat), nil + } + + return "", newError("failed to deserialize key").Base(err) } diff --git a/infra/conf/wireguard_test.go b/infra/conf/wireguard_test.go index 7a4adf36..57951105 100644 --- a/infra/conf/wireguard_test.go +++ b/infra/conf/wireguard_test.go @@ -7,7 +7,7 @@ import ( "github.com/xtls/xray-core/proxy/wireguard" ) -func TestWireGuardOutbound(t *testing.T) { +func TestWireGuardConfig(t *testing.T) { creator := func() Buildable { return new(WireGuardConfig) } @@ -25,7 +25,8 @@ func TestWireGuardOutbound(t *testing.T) { ], "mtu": 1300, "workers": 2, - "domainStrategy": "ForceIPv6v4" + "domainStrategy": "ForceIPv6v4", + "kernelMode": false }`, Parser: loadJSON(creator), Output: &wireguard.DeviceConfig{ @@ -35,16 +36,16 @@ func TestWireGuardOutbound(t *testing.T) { Peers: []*wireguard.PeerConfig{ { // also can read from hex form directly - PublicKey: "6e65ce0be17517110c17d77288ad87e7fd5252dcc7d09b95a39d61db03df832a", - PreSharedKey: "0000000000000000000000000000000000000000000000000000000000000000", - Endpoint: "127.0.0.1:1234", - KeepAlive: 0, - AllowedIps: []string{"0.0.0.0/0", "::0/0"}, + PublicKey: "6e65ce0be17517110c17d77288ad87e7fd5252dcc7d09b95a39d61db03df832a", + Endpoint: "127.0.0.1:1234", + KeepAlive: 0, + AllowedIps: []string{"0.0.0.0/0", "::0/0"}, }, }, Mtu: 1300, NumWorkers: 2, DomainStrategy: wireguard.DeviceConfig_FORCE_IP64, + KernelMode: false, }, }, }) diff --git a/infra/conf/xray.go b/infra/conf/xray.go index dfc34a8c..0935b1b0 100644 --- a/infra/conf/xray.go +++ b/infra/conf/xray.go @@ -24,6 +24,7 @@ var ( "vless": func() interface{} { return new(VLessInboundConfig) }, "vmess": func() interface{} { return new(VMessInboundConfig) }, "trojan": func() interface{} { return new(TrojanServerConfig) }, + "wireguard": func() interface{} { return &WireGuardConfig{IsClient: false} }, }, "protocol", "settings") outboundConfigLoader = NewJSONConfigLoader(ConfigCreatorCache{ @@ -37,7 +38,7 @@ var ( "vmess": func() interface{} { return new(VMessOutboundConfig) }, "trojan": func() interface{} { return new(TrojanClientConfig) }, "dns": func() interface{} { return new(DNSOutboundConfig) }, - "wireguard": func() interface{} { return new(WireGuardConfig) }, + "wireguard": func() interface{} { return &WireGuardConfig{IsClient: true} }, }, "protocol", "settings") ctllog = log.New(os.Stderr, "xctl> ", 0) diff --git a/main/commands/all/x25519.go b/main/commands/all/x25519.go index e7909d9b..814cca72 100644 --- a/main/commands/all/x25519.go +++ b/main/commands/all/x25519.go @@ -10,7 +10,7 @@ import ( ) var cmdX25519 = &base.Command{ - UsageLine: `{{.Exec}} x25519 [-i "private key (base64.RawURLEncoding)"]`, + UsageLine: `{{.Exec}} x25519 [-i "private key (base64.RawURLEncoding)"] [--std-encoding]`, Short: `Generate key pair for x25519 key exchange`, Long: ` Generate key pair for x25519 key exchange. @@ -18,6 +18,7 @@ Generate key pair for x25519 key exchange. Random: {{.Exec}} x25519 From private key: {{.Exec}} x25519 -i "private key (base64.RawURLEncoding)" +For Std Encoding: {{.Exec}} x25519 --std-encoding `, } @@ -26,12 +27,14 @@ func init() { } var input_base64 = cmdX25519.Flag.String("i", "", "") +var input_stdEncoding = cmdX25519.Flag.Bool("std-encoding", false, "") func executeX25519(cmd *base.Command, args []string) { var output string var err error var privateKey []byte var publicKey []byte + var encoding *base64.Encoding if len(*input_base64) > 0 { privateKey, err = base64.RawURLEncoding.DecodeString(*input_base64) if err != nil { @@ -63,9 +66,15 @@ func executeX25519(cmd *base.Command, args []string) { goto out } + if *input_stdEncoding { + encoding = base64.StdEncoding + } else { + encoding = base64.RawURLEncoding + } + output = fmt.Sprintf("Private key: %v\nPublic key: %v", - base64.RawURLEncoding.EncodeToString(privateKey), - base64.RawURLEncoding.EncodeToString(publicKey)) + encoding.EncodeToString(privateKey), + encoding.EncodeToString(publicKey)) out: fmt.Println(output) } diff --git a/proxy/wireguard/bind.go b/proxy/wireguard/bind.go index c224dc56..1fbcbc98 100644 --- a/proxy/wireguard/bind.go +++ b/proxy/wireguard/bind.go @@ -27,48 +27,45 @@ type netReadInfo struct { err error } -type netBindClient struct { - workers int - dialer internet.Dialer +// reduce duplicated code +type netBind struct { dns dns.Client dnsOption dns.IPOption - reserved []byte + workers int readQueue chan *netReadInfo } -func (bind *netBindClient) ParseEndpoint(s string) (conn.Endpoint, error) { - ipStr, port, _, err := splitAddrPort(s) +// SetMark implements conn.Bind +func (bind *netBind) SetMark(mark uint32) error { + return nil +} + +// ParseEndpoint implements conn.Bind +func (n *netBind) ParseEndpoint(s string) (conn.Endpoint, error) { + ipStr, port, err := net.SplitHostPort(s) + if err != nil { + return nil, err + } + portNum, err := strconv.Atoi(port) if err != nil { return nil, err } - var addr net.IP - if IsDomainName(ipStr) { - ips, err := bind.dns.LookupIP(ipStr, bind.dnsOption) + addr := xnet.ParseAddress(ipStr) + if addr.Family() == xnet.AddressFamilyDomain { + ips, err := n.dns.LookupIP(addr.Domain(), n.dnsOption) if err != nil { return nil, err } else if len(ips) == 0 { return nil, dns.ErrEmptyResponse } - addr = ips[0] - } else { - addr = net.ParseIP(ipStr) - } - if addr == nil { - return nil, errors.New("failed to parse ip: " + ipStr) - } - - var ip xnet.Address - if p4 := addr.To4(); len(p4) == net.IPv4len { - ip = xnet.IPAddress(p4[:]) - } else { - ip = xnet.IPAddress(addr[:]) + addr = xnet.IPAddress(ips[0]) } dst := xnet.Destination{ - Address: ip, - Port: xnet.Port(port), + Address: addr, + Port: xnet.Port(portNum), Network: xnet.Network_UDP, } @@ -77,7 +74,13 @@ func (bind *netBindClient) ParseEndpoint(s string) (conn.Endpoint, error) { }, nil } -func (bind *netBindClient) Open(uport uint16) ([]conn.ReceiveFunc, uint16, error) { +// BatchSize implements conn.Bind +func (bind *netBind) BatchSize() int { + return 1 +} + +// Open implements conn.Bind +func (bind *netBind) Open(uport uint16) ([]conn.ReceiveFunc, uint16, error) { bind.readQueue = make(chan *netReadInfo) fun := func(bufs [][]byte, sizes []int, eps []conn.Endpoint) (n int, err error) { @@ -109,13 +112,21 @@ func (bind *netBindClient) Open(uport uint16) ([]conn.ReceiveFunc, uint16, error return arr, uint16(uport), nil } -func (bind *netBindClient) Close() error { +// Close implements conn.Bind +func (bind *netBind) Close() error { if bind.readQueue != nil { close(bind.readQueue) } return nil } +type netBindClient struct { + netBind + + dialer internet.Dialer + reserved []byte +} + func (bind *netBindClient) connectTo(endpoint *netEndpoint) error { c, err := bind.dialer.Dial(context.Background(), endpoint.dst) if err != nil { @@ -177,12 +188,29 @@ func (bind *netBindClient) Send(buff [][]byte, endpoint conn.Endpoint) error { return nil } -func (bind *netBindClient) SetMark(mark uint32) error { - return nil +type netBindServer struct { + netBind } -func (bind *netBindClient) BatchSize() int { - return 1 +func (bind *netBindServer) Send(buff [][]byte, endpoint conn.Endpoint) error { + var err error + + nend, ok := endpoint.(*netEndpoint) + if !ok { + return conn.ErrWrongEndpointType + } + + if nend.conn == nil { + return newError("connection not open yet") + } + + for _, buff := range buff { + if _, err = nend.conn.Write(buff); err != nil { + return err + } + } + + return err } type netEndpoint struct { @@ -193,7 +221,7 @@ type netEndpoint struct { func (netEndpoint) ClearSrc() {} func (e netEndpoint) DstIP() netip.Addr { - return toNetIpAddr(e.dst.Address) + return netip.Addr{} } func (e netEndpoint) SrcIP() netip.Addr { @@ -232,83 +260,3 @@ func toNetIpAddr(addr xnet.Address) netip.Addr { return netip.AddrFrom16(arr) } } - -func stringsLastIndexByte(s string, b byte) int { - for i := len(s) - 1; i >= 0; i-- { - if s[i] == b { - return i - } - } - return -1 -} - -func splitAddrPort(s string) (ip string, port uint16, v6 bool, err error) { - i := stringsLastIndexByte(s, ':') - if i == -1 { - return "", 0, false, errors.New("not an ip:port") - } - - ip = s[:i] - portStr := s[i+1:] - if len(ip) == 0 { - return "", 0, false, errors.New("no IP") - } - if len(portStr) == 0 { - return "", 0, false, errors.New("no port") - } - port64, err := strconv.ParseUint(portStr, 10, 16) - if err != nil { - return "", 0, false, errors.New("invalid port " + strconv.Quote(portStr) + " parsing " + strconv.Quote(s)) - } - port = uint16(port64) - if ip[0] == '[' { - if len(ip) < 2 || ip[len(ip)-1] != ']' { - return "", 0, false, errors.New("missing ]") - } - ip = ip[1 : len(ip)-1] - v6 = true - } - - return ip, port, v6, nil -} - -func IsDomainName(s string) bool { - l := len(s) - if l == 0 || l > 254 || l == 254 && s[l-1] != '.' { - return false - } - last := byte('.') - nonNumeric := false - partlen := 0 - for i := 0; i < len(s); i++ { - c := s[i] - switch { - default: - return false - case 'a' <= c && c <= 'z' || 'A' <= c && c <= 'Z' || c == '_': - nonNumeric = true - partlen++ - case '0' <= c && c <= '9': - partlen++ - case c == '-': - if last == '.' { - return false - } - partlen++ - nonNumeric = true - case c == '.': - if last == '.' || last == '-' { - return false - } - if partlen > 63 || partlen == 0 { - return false - } - partlen = 0 - } - last = c - } - if last == '-' || partlen > 63 { - return false - } - return nonNumeric -} diff --git a/proxy/wireguard/client.go b/proxy/wireguard/client.go new file mode 100644 index 00000000..def07878 --- /dev/null +++ b/proxy/wireguard/client.go @@ -0,0 +1,255 @@ +/* + +Some of codes are copied from https://github.com/octeep/wireproxy, license below. + +Copyright (c) 2022 Wind T.F. Wong + +Permission to use, copy, modify, and distribute this software for any +purpose with or without fee is hereby granted, provided that the above +copyright notice and this permission notice appear in all copies. + +THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES +WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF +MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR +ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES +WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN +ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF +OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. + +*/ + +package wireguard + +import ( + "context" + "net/netip" + "sync" + + "github.com/xtls/xray-core/common" + "github.com/xtls/xray-core/common/buf" + "github.com/xtls/xray-core/common/dice" + "github.com/xtls/xray-core/common/log" + "github.com/xtls/xray-core/common/net" + "github.com/xtls/xray-core/common/protocol" + "github.com/xtls/xray-core/common/session" + "github.com/xtls/xray-core/common/signal" + "github.com/xtls/xray-core/common/task" + "github.com/xtls/xray-core/core" + "github.com/xtls/xray-core/features/dns" + "github.com/xtls/xray-core/features/policy" + "github.com/xtls/xray-core/transport" + "github.com/xtls/xray-core/transport/internet" +) + +// Handler is an outbound connection that silently swallow the entire payload. +type Handler struct { + conf *DeviceConfig + net Tunnel + bind *netBindClient + policyManager policy.Manager + dns dns.Client + // cached configuration + ipc string + endpoints []netip.Addr + hasIPv4, hasIPv6 bool + wgLock sync.Mutex +} + +// New creates a new wireguard handler. +func New(ctx context.Context, conf *DeviceConfig) (*Handler, error) { + v := core.MustFromContext(ctx) + + endpoints, hasIPv4, hasIPv6, err := parseEndpoints(conf) + if err != nil { + return nil, err + } + + d := v.GetFeature(dns.ClientType()).(dns.Client) + return &Handler{ + conf: conf, + policyManager: v.GetFeature(policy.ManagerType()).(policy.Manager), + dns: d, + ipc: createIPCRequest(conf), + endpoints: endpoints, + hasIPv4: hasIPv4, + hasIPv6: hasIPv6, + }, nil +} + +func (h *Handler) processWireGuard(dialer internet.Dialer) (err error) { + h.wgLock.Lock() + defer h.wgLock.Unlock() + + if h.bind != nil && h.bind.dialer == dialer && h.net != nil { + return nil + } + + log.Record(&log.GeneralMessage{ + Severity: log.Severity_Info, + Content: "switching dialer", + }) + + if h.net != nil { + _ = h.net.Close() + h.net = nil + } + if h.bind != nil { + _ = h.bind.Close() + h.bind = nil + } + + // bind := conn.NewStdNetBind() // TODO: conn.Bind wrapper for dialer + bind := &netBindClient{ + netBind: netBind{ + dns: h.dns, + dnsOption: dns.IPOption{ + IPv4Enable: h.hasIPv4, + IPv6Enable: h.hasIPv6, + }, + workers: int(h.conf.NumWorkers), + }, + dialer: dialer, + reserved: h.conf.Reserved, + } + defer func() { + if err != nil { + _ = bind.Close() + } + }() + + h.net, err = h.makeVirtualTun(bind) + if err != nil { + return newError("failed to create virtual tun interface").Base(err) + } + h.bind = bind + return nil +} + +// Process implements OutboundHandler.Dispatch(). +func (h *Handler) Process(ctx context.Context, link *transport.Link, dialer internet.Dialer) error { + outbound := session.OutboundFromContext(ctx) + if outbound == nil || !outbound.Target.IsValid() { + return newError("target not specified") + } + outbound.Name = "wireguard" + inbound := session.InboundFromContext(ctx) + if inbound != nil { + inbound.SetCanSpliceCopy(3) + } + + if err := h.processWireGuard(dialer); err != nil { + return err + } + + // Destination of the inner request. + destination := outbound.Target + command := protocol.RequestCommandTCP + if destination.Network == net.Network_UDP { + command = protocol.RequestCommandUDP + } + + // resolve dns + addr := destination.Address + if addr.Family().IsDomain() { + ips, err := h.dns.LookupIP(addr.Domain(), dns.IPOption{ + IPv4Enable: h.hasIPv4 && h.conf.preferIP4(), + IPv6Enable: h.hasIPv6 && h.conf.preferIP6(), + }) + { // Resolve fallback + if (len(ips) == 0 || err != nil) && h.conf.hasFallback() { + ips, err = h.dns.LookupIP(addr.Domain(), dns.IPOption{ + IPv4Enable: h.hasIPv4 && h.conf.fallbackIP4(), + IPv6Enable: h.hasIPv6 && h.conf.fallbackIP6(), + }) + } + } + if err != nil { + return newError("failed to lookup DNS").Base(err) + } else if len(ips) == 0 { + return dns.ErrEmptyResponse + } + addr = net.IPAddress(ips[dice.Roll(len(ips))]) + } + + var newCtx context.Context + var newCancel context.CancelFunc + if session.TimeoutOnlyFromContext(ctx) { + newCtx, newCancel = context.WithCancel(context.Background()) + } + + p := h.policyManager.ForLevel(0) + + ctx, cancel := context.WithCancel(ctx) + timer := signal.CancelAfterInactivity(ctx, func() { + cancel() + if newCancel != nil { + newCancel() + } + }, p.Timeouts.ConnectionIdle) + addrPort := netip.AddrPortFrom(toNetIpAddr(addr), destination.Port.Value()) + + var requestFunc func() error + var responseFunc func() error + + if command == protocol.RequestCommandTCP { + conn, err := h.net.DialContextTCPAddrPort(ctx, addrPort) + if err != nil { + return newError("failed to create TCP connection").Base(err) + } + defer conn.Close() + + requestFunc = func() error { + defer timer.SetTimeout(p.Timeouts.DownlinkOnly) + return buf.Copy(link.Reader, buf.NewWriter(conn), buf.UpdateActivity(timer)) + } + responseFunc = func() error { + defer timer.SetTimeout(p.Timeouts.UplinkOnly) + return buf.Copy(buf.NewReader(conn), link.Writer, buf.UpdateActivity(timer)) + } + } else if command == protocol.RequestCommandUDP { + conn, err := h.net.DialUDPAddrPort(netip.AddrPort{}, addrPort) + if err != nil { + return newError("failed to create UDP connection").Base(err) + } + defer conn.Close() + + requestFunc = func() error { + defer timer.SetTimeout(p.Timeouts.DownlinkOnly) + return buf.Copy(link.Reader, buf.NewWriter(conn), buf.UpdateActivity(timer)) + } + responseFunc = func() error { + defer timer.SetTimeout(p.Timeouts.UplinkOnly) + return buf.Copy(buf.NewReader(conn), link.Writer, buf.UpdateActivity(timer)) + } + } + + if newCtx != nil { + ctx = newCtx + } + + responseDonePost := task.OnSuccess(responseFunc, task.Close(link.Writer)) + if err := task.Run(ctx, requestFunc, responseDonePost); err != nil { + common.Interrupt(link.Reader) + common.Interrupt(link.Writer) + return newError("connection ends").Base(err) + } + + return nil +} + +// creates a tun interface on netstack given a configuration +func (h *Handler) makeVirtualTun(bind *netBindClient) (Tunnel, error) { + t, err := h.conf.createTun()(h.endpoints, int(h.conf.Mtu), nil) + if err != nil { + return nil, err + } + + bind.dnsOption.IPv4Enable = h.hasIPv4 + bind.dnsOption.IPv6Enable = h.hasIPv6 + + if err = t.BuildDevice(h.ipc, bind); err != nil { + _ = t.Close() + return nil, err + } + return t, nil +} diff --git a/proxy/wireguard/config.go b/proxy/wireguard/config.go index 75622753..2a316cdd 100644 --- a/proxy/wireguard/config.go +++ b/proxy/wireguard/config.go @@ -23,3 +23,10 @@ func (c *DeviceConfig) fallbackIP4() bool { func (c *DeviceConfig) fallbackIP6() bool { return c.DomainStrategy == DeviceConfig_FORCE_IP46 } + +func (c *DeviceConfig) createTun() tunCreator { + if c.KernelMode { + return createKernelTun + } + return createGVisorTun +} diff --git a/proxy/wireguard/config.pb.go b/proxy/wireguard/config.pb.go index dfe7dab5..ed8b135e 100644 --- a/proxy/wireguard/config.pb.go +++ b/proxy/wireguard/config.pb.go @@ -1,7 +1,7 @@ // Code generated by protoc-gen-go. DO NOT EDIT. // versions: -// protoc-gen-go v1.31.0 -// protoc v4.23.1 +// protoc-gen-go v1.28.1 +// protoc v4.25.0 // source: proxy/wireguard/config.proto package wireguard @@ -83,7 +83,7 @@ type PeerConfig struct { PublicKey string `protobuf:"bytes,1,opt,name=public_key,json=publicKey,proto3" json:"public_key,omitempty"` PreSharedKey string `protobuf:"bytes,2,opt,name=pre_shared_key,json=preSharedKey,proto3" json:"pre_shared_key,omitempty"` Endpoint string `protobuf:"bytes,3,opt,name=endpoint,proto3" json:"endpoint,omitempty"` - KeepAlive int32 `protobuf:"varint,4,opt,name=keep_alive,json=keepAlive,proto3" json:"keep_alive,omitempty"` + KeepAlive uint32 `protobuf:"varint,4,opt,name=keep_alive,json=keepAlive,proto3" json:"keep_alive,omitempty"` AllowedIps []string `protobuf:"bytes,5,rep,name=allowed_ips,json=allowedIps,proto3" json:"allowed_ips,omitempty"` } @@ -140,7 +140,7 @@ func (x *PeerConfig) GetEndpoint() string { return "" } -func (x *PeerConfig) GetKeepAlive() int32 { +func (x *PeerConfig) GetKeepAlive() uint32 { if x != nil { return x.KeepAlive } @@ -166,6 +166,8 @@ type DeviceConfig struct { NumWorkers int32 `protobuf:"varint,5,opt,name=num_workers,json=numWorkers,proto3" json:"num_workers,omitempty"` Reserved []byte `protobuf:"bytes,6,opt,name=reserved,proto3" json:"reserved,omitempty"` DomainStrategy DeviceConfig_DomainStrategy `protobuf:"varint,7,opt,name=domain_strategy,json=domainStrategy,proto3,enum=xray.proxy.wireguard.DeviceConfig_DomainStrategy" json:"domain_strategy,omitempty"` + IsClient bool `protobuf:"varint,8,opt,name=is_client,json=isClient,proto3" json:"is_client,omitempty"` + KernelMode bool `protobuf:"varint,9,opt,name=kernel_mode,json=kernelMode,proto3" json:"kernel_mode,omitempty"` } func (x *DeviceConfig) Reset() { @@ -249,6 +251,20 @@ func (x *DeviceConfig) GetDomainStrategy() DeviceConfig_DomainStrategy { return DeviceConfig_FORCE_IP } +func (x *DeviceConfig) GetIsClient() bool { + if x != nil { + return x.IsClient + } + return false +} + +func (x *DeviceConfig) GetKernelMode() bool { + if x != nil { + return x.KernelMode + } + return false +} + var File_proxy_wireguard_config_proto protoreflect.FileDescriptor var file_proxy_wireguard_config_proto_rawDesc = []byte{ @@ -263,10 +279,10 @@ var file_proxy_wireguard_config_proto_rawDesc = []byte{ 0x68, 0x61, 0x72, 0x65, 0x64, 0x4b, 0x65, 0x79, 0x12, 0x1a, 0x0a, 0x08, 0x65, 0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x52, 0x08, 0x65, 0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74, 0x12, 0x1d, 0x0a, 0x0a, 0x6b, 0x65, 0x65, 0x70, 0x5f, 0x61, 0x6c, 0x69, - 0x76, 0x65, 0x18, 0x04, 0x20, 0x01, 0x28, 0x05, 0x52, 0x09, 0x6b, 0x65, 0x65, 0x70, 0x41, 0x6c, + 0x76, 0x65, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0d, 0x52, 0x09, 0x6b, 0x65, 0x65, 0x70, 0x41, 0x6c, 0x69, 0x76, 0x65, 0x12, 0x1f, 0x0a, 0x0b, 0x61, 0x6c, 0x6c, 0x6f, 0x77, 0x65, 0x64, 0x5f, 0x69, 0x70, 0x73, 0x18, 0x05, 0x20, 0x03, 0x28, 0x09, 0x52, 0x0a, 0x61, 0x6c, 0x6c, 0x6f, 0x77, 0x65, - 0x64, 0x49, 0x70, 0x73, 0x22, 0x8a, 0x03, 0x0a, 0x0c, 0x44, 0x65, 0x76, 0x69, 0x63, 0x65, 0x43, + 0x64, 0x49, 0x70, 0x73, 0x22, 0xc8, 0x03, 0x0a, 0x0c, 0x44, 0x65, 0x76, 0x69, 0x63, 0x65, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x1d, 0x0a, 0x0a, 0x73, 0x65, 0x63, 0x72, 0x65, 0x74, 0x5f, 0x6b, 0x65, 0x79, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x09, 0x73, 0x65, 0x63, 0x72, 0x65, 0x74, 0x4b, 0x65, 0x79, 0x12, 0x1a, 0x0a, 0x08, 0x65, 0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74, @@ -285,19 +301,23 @@ var file_proxy_wireguard_config_proto_rawDesc = []byte{ 0x72, 0x65, 0x67, 0x75, 0x61, 0x72, 0x64, 0x2e, 0x44, 0x65, 0x76, 0x69, 0x63, 0x65, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x44, 0x6f, 0x6d, 0x61, 0x69, 0x6e, 0x53, 0x74, 0x72, 0x61, 0x74, 0x65, 0x67, 0x79, 0x52, 0x0e, 0x64, 0x6f, 0x6d, 0x61, 0x69, 0x6e, 0x53, 0x74, 0x72, 0x61, 0x74, - 0x65, 0x67, 0x79, 0x22, 0x5c, 0x0a, 0x0e, 0x44, 0x6f, 0x6d, 0x61, 0x69, 0x6e, 0x53, 0x74, 0x72, - 0x61, 0x74, 0x65, 0x67, 0x79, 0x12, 0x0c, 0x0a, 0x08, 0x46, 0x4f, 0x52, 0x43, 0x45, 0x5f, 0x49, - 0x50, 0x10, 0x00, 0x12, 0x0d, 0x0a, 0x09, 0x46, 0x4f, 0x52, 0x43, 0x45, 0x5f, 0x49, 0x50, 0x34, - 0x10, 0x01, 0x12, 0x0d, 0x0a, 0x09, 0x46, 0x4f, 0x52, 0x43, 0x45, 0x5f, 0x49, 0x50, 0x36, 0x10, - 0x02, 0x12, 0x0e, 0x0a, 0x0a, 0x46, 0x4f, 0x52, 0x43, 0x45, 0x5f, 0x49, 0x50, 0x34, 0x36, 0x10, - 0x03, 0x12, 0x0e, 0x0a, 0x0a, 0x46, 0x4f, 0x52, 0x43, 0x45, 0x5f, 0x49, 0x50, 0x36, 0x34, 0x10, - 0x04, 0x42, 0x5e, 0x0a, 0x18, 0x63, 0x6f, 0x6d, 0x2e, 0x78, 0x72, 0x61, 0x79, 0x2e, 0x70, 0x72, - 0x6f, 0x78, 0x79, 0x2e, 0x77, 0x69, 0x72, 0x65, 0x67, 0x75, 0x61, 0x72, 0x64, 0x50, 0x01, 0x5a, - 0x29, 0x67, 0x69, 0x74, 0x68, 0x75, 0x62, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x78, 0x74, 0x6c, 0x73, - 0x2f, 0x78, 0x72, 0x61, 0x79, 0x2d, 0x63, 0x6f, 0x72, 0x65, 0x2f, 0x70, 0x72, 0x6f, 0x78, 0x79, - 0x2f, 0x77, 0x69, 0x72, 0x65, 0x67, 0x75, 0x61, 0x72, 0x64, 0xaa, 0x02, 0x14, 0x58, 0x72, 0x61, - 0x79, 0x2e, 0x50, 0x72, 0x6f, 0x78, 0x79, 0x2e, 0x57, 0x69, 0x72, 0x65, 0x47, 0x75, 0x61, 0x72, - 0x64, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33, + 0x65, 0x67, 0x79, 0x12, 0x1b, 0x0a, 0x09, 0x69, 0x73, 0x5f, 0x63, 0x6c, 0x69, 0x65, 0x6e, 0x74, + 0x18, 0x08, 0x20, 0x01, 0x28, 0x08, 0x52, 0x08, 0x69, 0x73, 0x43, 0x6c, 0x69, 0x65, 0x6e, 0x74, + 0x12, 0x1f, 0x0a, 0x0b, 0x6b, 0x65, 0x72, 0x6e, 0x65, 0x6c, 0x5f, 0x6d, 0x6f, 0x64, 0x65, 0x18, + 0x09, 0x20, 0x01, 0x28, 0x08, 0x52, 0x0a, 0x6b, 0x65, 0x72, 0x6e, 0x65, 0x6c, 0x4d, 0x6f, 0x64, + 0x65, 0x22, 0x5c, 0x0a, 0x0e, 0x44, 0x6f, 0x6d, 0x61, 0x69, 0x6e, 0x53, 0x74, 0x72, 0x61, 0x74, + 0x65, 0x67, 0x79, 0x12, 0x0c, 0x0a, 0x08, 0x46, 0x4f, 0x52, 0x43, 0x45, 0x5f, 0x49, 0x50, 0x10, + 0x00, 0x12, 0x0d, 0x0a, 0x09, 0x46, 0x4f, 0x52, 0x43, 0x45, 0x5f, 0x49, 0x50, 0x34, 0x10, 0x01, + 0x12, 0x0d, 0x0a, 0x09, 0x46, 0x4f, 0x52, 0x43, 0x45, 0x5f, 0x49, 0x50, 0x36, 0x10, 0x02, 0x12, + 0x0e, 0x0a, 0x0a, 0x46, 0x4f, 0x52, 0x43, 0x45, 0x5f, 0x49, 0x50, 0x34, 0x36, 0x10, 0x03, 0x12, + 0x0e, 0x0a, 0x0a, 0x46, 0x4f, 0x52, 0x43, 0x45, 0x5f, 0x49, 0x50, 0x36, 0x34, 0x10, 0x04, 0x42, + 0x5e, 0x0a, 0x18, 0x63, 0x6f, 0x6d, 0x2e, 0x78, 0x72, 0x61, 0x79, 0x2e, 0x70, 0x72, 0x6f, 0x78, + 0x79, 0x2e, 0x77, 0x69, 0x72, 0x65, 0x67, 0x75, 0x61, 0x72, 0x64, 0x50, 0x01, 0x5a, 0x29, 0x67, + 0x69, 0x74, 0x68, 0x75, 0x62, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x78, 0x74, 0x6c, 0x73, 0x2f, 0x78, + 0x72, 0x61, 0x79, 0x2d, 0x63, 0x6f, 0x72, 0x65, 0x2f, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x2f, 0x77, + 0x69, 0x72, 0x65, 0x67, 0x75, 0x61, 0x72, 0x64, 0xaa, 0x02, 0x14, 0x58, 0x72, 0x61, 0x79, 0x2e, + 0x50, 0x72, 0x6f, 0x78, 0x79, 0x2e, 0x57, 0x69, 0x72, 0x65, 0x47, 0x75, 0x61, 0x72, 0x64, 0x62, + 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33, } var ( diff --git a/proxy/wireguard/config.proto b/proxy/wireguard/config.proto index 0a12c009..e7fd66f4 100644 --- a/proxy/wireguard/config.proto +++ b/proxy/wireguard/config.proto @@ -7,26 +7,28 @@ option java_package = "com.xray.proxy.wireguard"; option java_multiple_files = true; message PeerConfig { - string public_key = 1; - string pre_shared_key = 2; - string endpoint = 3; - int32 keep_alive = 4; - repeated string allowed_ips = 5; + string public_key = 1; + string pre_shared_key = 2; + string endpoint = 3; + uint32 keep_alive = 4; + repeated string allowed_ips = 5; } message DeviceConfig { - enum DomainStrategy { - FORCE_IP = 0; - FORCE_IP4 = 1; - FORCE_IP6 = 2; - FORCE_IP46 = 3; - FORCE_IP64 = 4; - } - string secret_key = 1; - repeated string endpoint = 2; - repeated PeerConfig peers = 3; - int32 mtu = 4; - int32 num_workers = 5; - bytes reserved = 6; - DomainStrategy domain_strategy = 7; + enum DomainStrategy { + FORCE_IP = 0; + FORCE_IP4 = 1; + FORCE_IP6 = 2; + FORCE_IP46 = 3; + FORCE_IP64 = 4; + } + string secret_key = 1; + repeated string endpoint = 2; + repeated PeerConfig peers = 3; + int32 mtu = 4; + int32 num_workers = 5; + bytes reserved = 6; + DomainStrategy domain_strategy = 7; + bool is_client = 8; + bool kernel_mode = 9; } \ No newline at end of file diff --git a/proxy/wireguard/gvisortun/tun.go b/proxy/wireguard/gvisortun/tun.go new file mode 100644 index 00000000..9e9a0b2b --- /dev/null +++ b/proxy/wireguard/gvisortun/tun.go @@ -0,0 +1,230 @@ +/* SPDX-License-Identifier: MIT + * + * Copyright (C) 2017-2022 WireGuard LLC. All Rights Reserved. + */ + +package gvisortun + +import ( + "context" + "fmt" + "net/netip" + "os" + "syscall" + + "golang.zx2c4.com/wireguard/tun" + "gvisor.dev/gvisor/pkg/buffer" + "gvisor.dev/gvisor/pkg/tcpip" + "gvisor.dev/gvisor/pkg/tcpip/adapters/gonet" + "gvisor.dev/gvisor/pkg/tcpip/header" + "gvisor.dev/gvisor/pkg/tcpip/link/channel" + "gvisor.dev/gvisor/pkg/tcpip/network/ipv4" + "gvisor.dev/gvisor/pkg/tcpip/network/ipv6" + "gvisor.dev/gvisor/pkg/tcpip/stack" + "gvisor.dev/gvisor/pkg/tcpip/transport/icmp" + "gvisor.dev/gvisor/pkg/tcpip/transport/tcp" + "gvisor.dev/gvisor/pkg/tcpip/transport/udp" +) + +type netTun struct { + ep *channel.Endpoint + stack *stack.Stack + events chan tun.Event + incomingPacket chan *buffer.View + mtu int + hasV4, hasV6 bool +} + +type Net netTun + +func CreateNetTUN(localAddresses []netip.Addr, mtu int, promiscuousMode bool) (tun.Device, *Net, *stack.Stack, error) { + opts := stack.Options{ + NetworkProtocols: []stack.NetworkProtocolFactory{ipv4.NewProtocol, ipv6.NewProtocol}, + TransportProtocols: []stack.TransportProtocolFactory{tcp.NewProtocol, udp.NewProtocol, icmp.NewProtocol6, icmp.NewProtocol4}, + HandleLocal: !promiscuousMode, + } + dev := &netTun{ + ep: channel.New(1024, uint32(mtu), ""), + stack: stack.New(opts), + events: make(chan tun.Event, 1), + incomingPacket: make(chan *buffer.View), + mtu: mtu, + } + dev.ep.AddNotify(dev) + tcpipErr := dev.stack.CreateNIC(1, dev.ep) + if tcpipErr != nil { + return nil, nil, dev.stack, fmt.Errorf("CreateNIC: %v", tcpipErr) + } + for _, ip := range localAddresses { + var protoNumber tcpip.NetworkProtocolNumber + if ip.Is4() { + protoNumber = ipv4.ProtocolNumber + } else if ip.Is6() { + protoNumber = ipv6.ProtocolNumber + } + protoAddr := tcpip.ProtocolAddress{ + Protocol: protoNumber, + AddressWithPrefix: tcpip.AddrFromSlice(ip.AsSlice()).WithPrefix(), + } + tcpipErr := dev.stack.AddProtocolAddress(1, protoAddr, stack.AddressProperties{}) + if tcpipErr != nil { + return nil, nil, dev.stack, fmt.Errorf("AddProtocolAddress(%v): %v", ip, tcpipErr) + } + if ip.Is4() { + dev.hasV4 = true + } else if ip.Is6() { + dev.hasV6 = true + } + } + if dev.hasV4 { + dev.stack.AddRoute(tcpip.Route{Destination: header.IPv4EmptySubnet, NIC: 1}) + } + if dev.hasV6 { + dev.stack.AddRoute(tcpip.Route{Destination: header.IPv6EmptySubnet, NIC: 1}) + } + if promiscuousMode { + // enable promiscuous mode to handle all packets processed by netstack + dev.stack.SetPromiscuousMode(1, true) + dev.stack.SetSpoofing(1, true) + } + + opt := tcpip.CongestionControlOption("cubic") + if err := dev.stack.SetTransportProtocolOption(tcp.ProtocolNumber, &opt); err != nil { + return nil, nil, dev.stack, fmt.Errorf("SetTransportProtocolOption(%d, &%T(%s)): %s", tcp.ProtocolNumber, opt, opt, err) + } + + dev.events <- tun.EventUp + return dev, (*Net)(dev), dev.stack, nil +} + +// BatchSize implements tun.Device +func (tun *netTun) BatchSize() int { + return 1 +} + +// Name implements tun.Device +func (tun *netTun) Name() (string, error) { + return "go", nil +} + +// File implements tun.Device +func (tun *netTun) File() *os.File { + return nil +} + +// Events implements tun.Device +func (tun *netTun) Events() <-chan tun.Event { + return tun.events +} + +// Read implements tun.Device + +func (tun *netTun) Read(buf [][]byte, sizes []int, offset int) (int, error) { + view, ok := <-tun.incomingPacket + if !ok { + return 0, os.ErrClosed + } + + n, err := view.Read(buf[0][offset:]) + if err != nil { + return 0, err + } + sizes[0] = n + return 1, nil +} + +// Write implements tun.Device +func (tun *netTun) Write(buf [][]byte, offset int) (int, error) { + for _, buf := range buf { + packet := buf[offset:] + if len(packet) == 0 { + continue + } + + pkb := stack.NewPacketBuffer(stack.PacketBufferOptions{Payload: buffer.MakeWithData(packet)}) + switch packet[0] >> 4 { + case 4: + tun.ep.InjectInbound(header.IPv4ProtocolNumber, pkb) + case 6: + tun.ep.InjectInbound(header.IPv6ProtocolNumber, pkb) + default: + return 0, syscall.EAFNOSUPPORT + } + } + return len(buf), nil +} + +// WriteNotify implements channel.Notification +func (tun *netTun) WriteNotify() { + pkt := tun.ep.Read() + if pkt.IsNil() { + return + } + + view := pkt.ToView() + pkt.DecRef() + + tun.incomingPacket <- view +} + +// Flush implements tun.Device +func (tun *netTun) Flush() error { + return nil +} + +// Close implements tun.Device +func (tun *netTun) Close() error { + tun.stack.RemoveNIC(1) + + if tun.events != nil { + close(tun.events) + } + + tun.ep.Close() + + if tun.incomingPacket != nil { + close(tun.incomingPacket) + } + + return nil +} + +// MTU implements tun.Device +func (tun *netTun) MTU() (int, error) { + return tun.mtu, nil +} + +func convertToFullAddr(endpoint netip.AddrPort) (tcpip.FullAddress, tcpip.NetworkProtocolNumber) { + var protoNumber tcpip.NetworkProtocolNumber + if endpoint.Addr().Is4() { + protoNumber = ipv4.ProtocolNumber + } else { + protoNumber = ipv6.ProtocolNumber + } + return tcpip.FullAddress{ + NIC: 1, + Addr: tcpip.AddrFromSlice(endpoint.Addr().AsSlice()), + Port: endpoint.Port(), + }, protoNumber +} + +func (net *Net) DialContextTCPAddrPort(ctx context.Context, addr netip.AddrPort) (*gonet.TCPConn, error) { + fa, pn := convertToFullAddr(addr) + return gonet.DialContextTCP(ctx, net.stack, fa, pn) +} + +func (net *Net) DialUDPAddrPort(laddr, raddr netip.AddrPort) (*gonet.UDPConn, error) { + var lfa, rfa *tcpip.FullAddress + var pn tcpip.NetworkProtocolNumber + if laddr.IsValid() || laddr.Port() > 0 { + var addr tcpip.FullAddress + addr, pn = convertToFullAddr(laddr) + lfa = &addr + } + if raddr.IsValid() || raddr.Port() > 0 { + var addr tcpip.FullAddress + addr, pn = convertToFullAddr(raddr) + rfa = &addr + } + return gonet.DialUDP(net.stack, lfa, rfa, pn) +} diff --git a/proxy/wireguard/server.go b/proxy/wireguard/server.go new file mode 100644 index 00000000..6cd2d7ad --- /dev/null +++ b/proxy/wireguard/server.go @@ -0,0 +1,181 @@ +package wireguard + +import ( + "context" + "errors" + "io" + + "github.com/xtls/xray-core/common" + "github.com/xtls/xray-core/common/buf" + "github.com/xtls/xray-core/common/log" + "github.com/xtls/xray-core/common/net" + "github.com/xtls/xray-core/common/session" + "github.com/xtls/xray-core/common/signal" + "github.com/xtls/xray-core/common/task" + "github.com/xtls/xray-core/core" + "github.com/xtls/xray-core/features/dns" + "github.com/xtls/xray-core/features/policy" + "github.com/xtls/xray-core/features/routing" + "github.com/xtls/xray-core/transport/internet/stat" +) + +var nullDestination = net.TCPDestination(net.AnyIP, 0) + +type Server struct { + bindServer *netBindServer + + info routingInfo + policyManager policy.Manager +} + +type routingInfo struct { + ctx context.Context + dispatcher routing.Dispatcher + inboundTag *session.Inbound + outboundTag *session.Outbound + contentTag *session.Content +} + +func NewServer(ctx context.Context, conf *DeviceConfig) (*Server, error) { + v := core.MustFromContext(ctx) + + endpoints, hasIPv4, hasIPv6, err := parseEndpoints(conf) + if err != nil { + return nil, err + } + + server := &Server{ + bindServer: &netBindServer{ + netBind: netBind{ + dns: v.GetFeature(dns.ClientType()).(dns.Client), + dnsOption: dns.IPOption{ + IPv4Enable: hasIPv4, + IPv6Enable: hasIPv6, + }, + }, + }, + policyManager: v.GetFeature(policy.ManagerType()).(policy.Manager), + } + + tun, err := conf.createTun()(endpoints, int(conf.Mtu), server.forwardConnection) + if err != nil { + return nil, err + } + + if err = tun.BuildDevice(createIPCRequest(conf), server.bindServer); err != nil { + _ = tun.Close() + return nil, err + } + + return server, nil +} + +// Network implements proxy.Inbound. +func (*Server) Network() []net.Network { + return []net.Network{net.Network_UDP} +} + +// Process implements proxy.Inbound. +func (s *Server) Process(ctx context.Context, network net.Network, conn stat.Connection, dispatcher routing.Dispatcher) error { + s.info = routingInfo{ + ctx: core.ToBackgroundDetachedContext(ctx), + dispatcher: dispatcher, + inboundTag: session.InboundFromContext(ctx), + outboundTag: session.OutboundFromContext(ctx), + contentTag: session.ContentFromContext(ctx), + } + + ep, err := s.bindServer.ParseEndpoint(conn.RemoteAddr().String()) + if err != nil { + return err + } + + nep := ep.(*netEndpoint) + nep.conn = conn + + reader := buf.NewPacketReader(conn) + for { + mpayload, err := reader.ReadMultiBuffer() + if err != nil { + return err + } + + for _, payload := range mpayload { + v, ok := <-s.bindServer.readQueue + if !ok { + return nil + } + i, err := payload.Read(v.buff) + + v.bytes = i + v.endpoint = nep + v.err = err + v.waiter.Done() + if err != nil && errors.Is(err, io.EOF) { + nep.conn = nil + return nil + } + } + } +} + +func (s *Server) forwardConnection(dest net.Destination, conn net.Conn) { + if s.info.dispatcher == nil { + newError("unexpected: dispatcher == nil").AtError().WriteToLog() + return + } + defer conn.Close() + + ctx, cancel := context.WithCancel(core.ToBackgroundDetachedContext(s.info.ctx)) + plcy := s.policyManager.ForLevel(0) + timer := signal.CancelAfterInactivity(ctx, cancel, plcy.Timeouts.ConnectionIdle) + + ctx = log.ContextWithAccessMessage(ctx, &log.AccessMessage{ + From: nullDestination, + To: dest, + Status: log.AccessAccepted, + Reason: "", + }) + + if s.info.inboundTag != nil { + ctx = session.ContextWithInbound(ctx, s.info.inboundTag) + } + if s.info.outboundTag != nil { + ctx = session.ContextWithOutbound(ctx, s.info.outboundTag) + } + if s.info.contentTag != nil { + ctx = session.ContextWithContent(ctx, s.info.contentTag) + } + + link, err := s.info.dispatcher.Dispatch(ctx, dest) + if err != nil { + newError("dispatch connection").Base(err).AtError().WriteToLog() + } + defer cancel() + + requestDone := func() error { + defer timer.SetTimeout(plcy.Timeouts.DownlinkOnly) + if err := buf.Copy(buf.NewReader(conn), link.Writer, buf.UpdateActivity(timer)); err != nil { + return newError("failed to transport all TCP request").Base(err) + } + + return nil + } + + responseDone := func() error { + defer timer.SetTimeout(plcy.Timeouts.UplinkOnly) + if err := buf.Copy(link.Reader, buf.NewWriter(conn), buf.UpdateActivity(timer)); err != nil { + return newError("failed to transport all TCP response").Base(err) + } + + return nil + } + + requestDonePost := task.OnSuccess(requestDone, task.Close(link.Writer)) + if err := task.Run(ctx, requestDonePost, responseDone); err != nil { + common.Interrupt(link.Reader) + common.Interrupt(link.Writer) + newError("connection ends").Base(err).AtDebug().WriteToLog() + return + } +} diff --git a/proxy/wireguard/tun.go b/proxy/wireguard/tun.go index c320d0d0..c2d30323 100644 --- a/proxy/wireguard/tun.go +++ b/proxy/wireguard/tun.go @@ -10,14 +10,26 @@ import ( "strconv" "strings" "sync" + "time" "github.com/xtls/xray-core/common/log" + xnet "github.com/xtls/xray-core/common/net" + "github.com/xtls/xray-core/proxy/wireguard/gvisortun" + "gvisor.dev/gvisor/pkg/tcpip" + "gvisor.dev/gvisor/pkg/tcpip/adapters/gonet" + "gvisor.dev/gvisor/pkg/tcpip/transport/tcp" + "gvisor.dev/gvisor/pkg/tcpip/transport/udp" + "gvisor.dev/gvisor/pkg/waiter" "golang.zx2c4.com/wireguard/conn" "golang.zx2c4.com/wireguard/device" "golang.zx2c4.com/wireguard/tun" ) +type tunCreator func(localAddresses []netip.Addr, mtu int, handler promiscuousModeHandler) (Tunnel, error) + +type promiscuousModeHandler func(dest xnet.Destination, conn net.Conn) + type Tunnel interface { BuildDevice(ipc string, bind conn.Bind) error DialContextTCPAddrPort(ctx context.Context, addr netip.AddrPort) (net.Conn, error) @@ -103,3 +115,91 @@ func CalculateInterfaceName(name string) (tunName string) { tunName = fmt.Sprintf("%s%d", tunName, tunIndex) return } + +var _ Tunnel = (*gvisorNet)(nil) + +type gvisorNet struct { + tunnel + net *gvisortun.Net +} + +func (g *gvisorNet) Close() error { + return g.tunnel.Close() +} + +func (g *gvisorNet) DialContextTCPAddrPort(ctx context.Context, addr netip.AddrPort) ( + net.Conn, error, +) { + return g.net.DialContextTCPAddrPort(ctx, addr) +} + +func (g *gvisorNet) DialUDPAddrPort(laddr, raddr netip.AddrPort) (net.Conn, error) { + return g.net.DialUDPAddrPort(laddr, raddr) +} + +func createGVisorTun(localAddresses []netip.Addr, mtu int, handler promiscuousModeHandler) (Tunnel, error) { + out := &gvisorNet{} + tun, n, stack, err := gvisortun.CreateNetTUN(localAddresses, mtu, handler != nil) + if err != nil { + return nil, err + } + + if handler != nil { + // handler is only used for promiscuous mode + // capture all packets and send to handler + + tcpForwarder := tcp.NewForwarder(stack, 0, 65535, func(r *tcp.ForwarderRequest) { + go func(r *tcp.ForwarderRequest) { + var ( + wq waiter.Queue + id = r.ID() + ) + + // Perform a TCP three-way handshake. + ep, err := r.CreateEndpoint(&wq) + if err != nil { + newError(err.String()).AtError().WriteToLog() + r.Complete(true) + return + } + r.Complete(false) + defer ep.Close() + + // enable tcp keep-alive to prevent hanging connections + ep.SocketOptions().SetKeepAlive(true) + + // local address is actually destination + handler(xnet.TCPDestination(xnet.IPAddress(id.LocalAddress.AsSlice()), xnet.Port(id.LocalPort)), gonet.NewTCPConn(&wq, ep)) + }(r) + }) + stack.SetTransportProtocolHandler(tcp.ProtocolNumber, tcpForwarder.HandlePacket) + + udpForwarder := udp.NewForwarder(stack, func(r *udp.ForwarderRequest) { + go func(r *udp.ForwarderRequest) { + var ( + wq waiter.Queue + id = r.ID() + ) + + ep, err := r.CreateEndpoint(&wq) + if err != nil { + newError(err.String()).AtError().WriteToLog() + return + } + defer ep.Close() + + // prevents hanging connections and ensure timely release + ep.SocketOptions().SetLinger(tcpip.LingerOption{ + Enabled: true, + Timeout: 15 * time.Second, + }) + + handler(xnet.UDPDestination(xnet.IPAddress(id.LocalAddress.AsSlice()), xnet.Port(id.LocalPort)), gonet.NewUDPConn(stack, &wq, ep)) + }(r) + }) + stack.SetTransportProtocolHandler(udp.ProtocolNumber, udpForwarder.HandlePacket) + } + + out.tun, out.net = tun, n + return out, nil +} diff --git a/proxy/wireguard/tun_default.go b/proxy/wireguard/tun_default.go index 07f21272..4d0567af 100644 --- a/proxy/wireguard/tun_default.go +++ b/proxy/wireguard/tun_default.go @@ -1,42 +1,16 @@ -//go:build !linux +//go:build !linux || android package wireguard import ( - "context" - "net" + "errors" "net/netip" - - "golang.zx2c4.com/wireguard/tun/netstack" ) -var _ Tunnel = (*gvisorNet)(nil) - -type gvisorNet struct { - tunnel - net *netstack.Net +func createKernelTun(localAddresses []netip.Addr, mtu int, handler promiscuousModeHandler) (t Tunnel, err error) { + return nil, errors.New("not implemented") } -func (g *gvisorNet) Close() error { - return g.tunnel.Close() -} - -func (g *gvisorNet) DialContextTCPAddrPort(ctx context.Context, addr netip.AddrPort) ( - net.Conn, error, -) { - return g.net.DialContextTCPAddrPort(ctx, addr) -} - -func (g *gvisorNet) DialUDPAddrPort(laddr, raddr netip.AddrPort) (net.Conn, error) { - return g.net.DialUDPAddrPort(laddr, raddr) -} - -func CreateTun(localAddresses []netip.Addr, mtu int) (Tunnel, error) { - out := &gvisorNet{} - tun, n, err := netstack.CreateNetTUN(localAddresses, nil, mtu) - if err != nil { - return nil, err - } - out.tun, out.net = tun, n - return out, nil +func KernelTunSupported() bool { + return false } diff --git a/proxy/wireguard/tun_linux.go b/proxy/wireguard/tun_linux.go index ec940c56..b85a9d09 100644 --- a/proxy/wireguard/tun_linux.go +++ b/proxy/wireguard/tun_linux.go @@ -1,3 +1,5 @@ +//go:build linux && !android + package wireguard import ( @@ -69,7 +71,11 @@ func (d *deviceNet) Close() (err error) { return errors.Join(errs...) } -func CreateTun(localAddresses []netip.Addr, mtu int) (t Tunnel, err error) { +func createKernelTun(localAddresses []netip.Addr, mtu int, handler promiscuousModeHandler) (t Tunnel, err error) { + if handler != nil { + return nil, newError("TODO: support promiscuous mode") + } + var v4, v6 *netip.Addr for _, prefixes := range localAddresses { if v4 == nil && prefixes.Is4() { @@ -221,3 +227,11 @@ func CreateTun(localAddresses []netip.Addr, mtu int) (t Tunnel, err error) { out.tun = wgt return out, nil } + +func KernelTunSupported() bool { + // run a superuser permission check to check + // if the current user has the sufficient permission + // to create a tun device. + + return unix.Geteuid() == 0 // 0 means root +} diff --git a/proxy/wireguard/wireguard.go b/proxy/wireguard/wireguard.go index 48e2ace3..2b3c3007 100644 --- a/proxy/wireguard/wireguard.go +++ b/proxy/wireguard/wireguard.go @@ -1,326 +1,111 @@ -/* - -Some of codes are copied from https://github.com/octeep/wireproxy, license below. - -Copyright (c) 2022 Wind T.F. Wong - -Permission to use, copy, modify, and distribute this software for any -purpose with or without fee is hereby granted, provided that the above -copyright notice and this permission notice appear in all copies. - -THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - -*/ - package wireguard import ( - "bytes" "context" "fmt" - stdnet "net" "net/netip" "strings" - "sync" "github.com/xtls/xray-core/common" - "github.com/xtls/xray-core/common/buf" - "github.com/xtls/xray-core/common/dice" "github.com/xtls/xray-core/common/log" - "github.com/xtls/xray-core/common/net" - "github.com/xtls/xray-core/common/protocol" - "github.com/xtls/xray-core/common/session" - "github.com/xtls/xray-core/common/signal" - "github.com/xtls/xray-core/common/task" - "github.com/xtls/xray-core/core" - "github.com/xtls/xray-core/features/dns" - "github.com/xtls/xray-core/features/policy" - "github.com/xtls/xray-core/transport" - "github.com/xtls/xray-core/transport/internet" + "golang.zx2c4.com/wireguard/device" ) -// Handler is an outbound connection that silently swallow the entire payload. -type Handler struct { - conf *DeviceConfig - net Tunnel - bind *netBindClient - policyManager policy.Manager - dns dns.Client - // cached configuration - ipc string - endpoints []netip.Addr - hasIPv4, hasIPv6 bool - wgLock sync.Mutex -} +//go:generate go run github.com/xtls/xray-core/common/errors/errorgen -// New creates a new wireguard handler. -func New(ctx context.Context, conf *DeviceConfig) (*Handler, error) { - v := core.MustFromContext(ctx) - - endpoints, err := parseEndpoints(conf) - if err != nil { - return nil, err - } - - hasIPv4, hasIPv6 := false, false - for _, e := range endpoints { - if e.Is4() { - hasIPv4 = true - } - if e.Is6() { - hasIPv6 = true - } - } - - d := v.GetFeature(dns.ClientType()).(dns.Client) - return &Handler{ - conf: conf, - policyManager: v.GetFeature(policy.ManagerType()).(policy.Manager), - dns: d, - ipc: createIPCRequest(conf, d, hasIPv6), - endpoints: endpoints, - hasIPv4: hasIPv4, - hasIPv6: hasIPv6, - }, nil -} - -func (h *Handler) processWireGuard(dialer internet.Dialer) (err error) { - h.wgLock.Lock() - defer h.wgLock.Unlock() - - if h.bind != nil && h.bind.dialer == dialer && h.net != nil { - return nil - } - - log.Record(&log.GeneralMessage{ - Severity: log.Severity_Info, - Content: "switching dialer", - }) - - if h.net != nil { - _ = h.net.Close() - h.net = nil - } - if h.bind != nil { - _ = h.bind.Close() - h.bind = nil - } - - // bind := conn.NewStdNetBind() // TODO: conn.Bind wrapper for dialer - bind := &netBindClient{ - dialer: dialer, - workers: int(h.conf.NumWorkers), - dns: h.dns, - reserved: h.conf.Reserved, - } - defer func() { - if err != nil { - _ = bind.Close() - } - }() - - h.net, err = h.makeVirtualTun(bind) - if err != nil { - return newError("failed to create virtual tun interface").Base(err) - } - h.bind = bind - return nil -} - -// Process implements OutboundHandler.Dispatch(). -func (h *Handler) Process(ctx context.Context, link *transport.Link, dialer internet.Dialer) error { - outbound := session.OutboundFromContext(ctx) - if outbound == nil || !outbound.Target.IsValid() { - return newError("target not specified") - } - outbound.Name = "wireguard" - inbound := session.InboundFromContext(ctx) - if inbound != nil { - inbound.SetCanSpliceCopy(3) - } - - if err := h.processWireGuard(dialer); err != nil { - return err - } - - // Destination of the inner request. - destination := outbound.Target - command := protocol.RequestCommandTCP - if destination.Network == net.Network_UDP { - command = protocol.RequestCommandUDP - } - - // resolve dns - addr := destination.Address - if addr.Family().IsDomain() { - ips, err := h.dns.LookupIP(addr.Domain(), dns.IPOption{ - IPv4Enable: h.hasIPv4 && h.conf.preferIP4(), - IPv6Enable: h.hasIPv6 && h.conf.preferIP6(), +var wgLogger = &device.Logger{ + Verbosef: func(format string, args ...any) { + log.Record(&log.GeneralMessage{ + Severity: log.Severity_Debug, + Content: fmt.Sprintf(format, args...), }) - { // Resolve fallback - if (len(ips) == 0 || err != nil) && h.conf.hasFallback() { - ips, err = h.dns.LookupIP(addr.Domain(), dns.IPOption{ - IPv4Enable: h.hasIPv4 && h.conf.fallbackIP4(), - IPv6Enable: h.hasIPv6 && h.conf.fallbackIP6(), - }) - } - } - if err != nil { - return newError("failed to lookup DNS").Base(err) - } else if len(ips) == 0 { - return dns.ErrEmptyResponse - } - addr = net.IPAddress(ips[dice.Roll(len(ips))]) - } - - var newCtx context.Context - var newCancel context.CancelFunc - if session.TimeoutOnlyFromContext(ctx) { - newCtx, newCancel = context.WithCancel(context.Background()) - } - - p := h.policyManager.ForLevel(0) - - ctx, cancel := context.WithCancel(ctx) - timer := signal.CancelAfterInactivity(ctx, func() { - cancel() - if newCancel != nil { - newCancel() - } - }, p.Timeouts.ConnectionIdle) - addrPort := netip.AddrPortFrom(toNetIpAddr(addr), destination.Port.Value()) - - var requestFunc func() error - var responseFunc func() error - - if command == protocol.RequestCommandTCP { - conn, err := h.net.DialContextTCPAddrPort(ctx, addrPort) - if err != nil { - return newError("failed to create TCP connection").Base(err) - } - defer conn.Close() - - requestFunc = func() error { - defer timer.SetTimeout(p.Timeouts.DownlinkOnly) - return buf.Copy(link.Reader, buf.NewWriter(conn), buf.UpdateActivity(timer)) - } - responseFunc = func() error { - defer timer.SetTimeout(p.Timeouts.UplinkOnly) - return buf.Copy(buf.NewReader(conn), link.Writer, buf.UpdateActivity(timer)) - } - } else if command == protocol.RequestCommandUDP { - conn, err := h.net.DialUDPAddrPort(netip.AddrPort{}, addrPort) - if err != nil { - return newError("failed to create UDP connection").Base(err) - } - defer conn.Close() - - requestFunc = func() error { - defer timer.SetTimeout(p.Timeouts.DownlinkOnly) - return buf.Copy(link.Reader, buf.NewWriter(conn), buf.UpdateActivity(timer)) - } - responseFunc = func() error { - defer timer.SetTimeout(p.Timeouts.UplinkOnly) - return buf.Copy(buf.NewReader(conn), link.Writer, buf.UpdateActivity(timer)) - } - } - - if newCtx != nil { - ctx = newCtx - } - - responseDonePost := task.OnSuccess(responseFunc, task.Close(link.Writer)) - if err := task.Run(ctx, requestFunc, responseDonePost); err != nil { - common.Interrupt(link.Reader) - common.Interrupt(link.Writer) - return newError("connection ends").Base(err) - } - - return nil + }, + Errorf: func(format string, args ...any) { + log.Record(&log.GeneralMessage{ + Severity: log.Severity_Error, + Content: fmt.Sprintf(format, args...), + }) + }, } -// serialize the config into an IPC request -func createIPCRequest(conf *DeviceConfig, d dns.Client, resolveEndPointToV4 bool) string { - var request bytes.Buffer - - request.WriteString(fmt.Sprintf("private_key=%s\n", conf.SecretKey)) - - for _, peer := range conf.Peers { - endpoint := peer.Endpoint - host, port, err := net.SplitHostPort(endpoint) - if resolveEndPointToV4 && err == nil { - _, err = netip.ParseAddr(host) - if err != nil { - ipList, err := d.LookupIP(host, dns.IPOption{IPv4Enable: true, IPv6Enable: false}) - if err == nil && len(ipList) > 0 { - endpoint = stdnet.JoinHostPort(ipList[0].String(), port) - } - } +func init() { + common.Must(common.RegisterConfig((*DeviceConfig)(nil), func(ctx context.Context, config interface{}) (interface{}, error) { + deviceConfig := config.(*DeviceConfig) + if deviceConfig.IsClient { + return New(ctx, deviceConfig) + } else { + return NewServer(ctx, deviceConfig) } - - request.WriteString(fmt.Sprintf("public_key=%s\nendpoint=%s\npersistent_keepalive_interval=%d\npreshared_key=%s\n", - peer.PublicKey, endpoint, peer.KeepAlive, peer.PreSharedKey)) - - for _, ip := range peer.AllowedIps { - request.WriteString(fmt.Sprintf("allowed_ip=%s\n", ip)) - } - } - - return request.String()[:request.Len()] + })) } // convert endpoint string to netip.Addr -func parseEndpoints(conf *DeviceConfig) ([]netip.Addr, error) { +func parseEndpoints(conf *DeviceConfig) ([]netip.Addr, bool, bool, error) { + var hasIPv4, hasIPv6 bool + endpoints := make([]netip.Addr, len(conf.Endpoint)) for i, str := range conf.Endpoint { var addr netip.Addr if strings.Contains(str, "/") { prefix, err := netip.ParsePrefix(str) if err != nil { - return nil, err + return nil, false, false, err } addr = prefix.Addr() if prefix.Bits() != addr.BitLen() { - return nil, newError("interface address subnet should be /32 for IPv4 and /128 for IPv6") + return nil, false, false, newError("interface address subnet should be /32 for IPv4 and /128 for IPv6") } } else { var err error addr, err = netip.ParseAddr(str) if err != nil { - return nil, err + return nil, false, false, err } } endpoints[i] = addr + + if addr.Is4() { + hasIPv4 = true + } else if addr.Is6() { + hasIPv6 = true + } } - return endpoints, nil + return endpoints, hasIPv4, hasIPv6, nil } -// creates a tun interface on netstack given a configuration -func (h *Handler) makeVirtualTun(bind *netBindClient) (Tunnel, error) { - t, err := CreateTun(h.endpoints, int(h.conf.Mtu)) - if err != nil { - return nil, err +// serialize the config into an IPC request +func createIPCRequest(conf *DeviceConfig) string { + var request strings.Builder + + request.WriteString(fmt.Sprintf("private_key=%s\n", conf.SecretKey)) + + if !conf.IsClient { + // placeholder, we'll handle actual port listening on Xray + request.WriteString("listen_port=1337\n") } - bind.dnsOption.IPv4Enable = h.hasIPv4 - bind.dnsOption.IPv6Enable = h.hasIPv6 + for _, peer := range conf.Peers { + if peer.PublicKey != "" { + request.WriteString(fmt.Sprintf("public_key=%s\n", peer.PublicKey)) + } - if err = t.BuildDevice(h.ipc, bind); err != nil { - _ = t.Close() - return nil, err + if peer.PreSharedKey != "" { + request.WriteString(fmt.Sprintf("preshared_key=%s\n", peer.PreSharedKey)) + } + + if peer.Endpoint != "" { + request.WriteString(fmt.Sprintf("endpoint=%s\n", peer.Endpoint)) + } + + for _, ip := range peer.AllowedIps { + request.WriteString(fmt.Sprintf("allowed_ip=%s\n", ip)) + } + + if peer.KeepAlive != 0 { + request.WriteString(fmt.Sprintf("persistent_keepalive_interval=%d\n", peer.KeepAlive)) + } } - return t, nil -} -func init() { - common.Must(common.RegisterConfig((*DeviceConfig)(nil), func(ctx context.Context, config interface{}) (interface{}, error) { - return New(ctx, config.(*DeviceConfig)) - })) + return request.String()[:request.Len()] } From 84014d7464a2d662c9576c2444a49b5df71bcab6 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 16 Nov 2023 00:40:27 +0000 Subject: [PATCH 040/100] Bump github.com/miekg/dns from 1.1.56 to 1.1.57 Bumps [github.com/miekg/dns](https://github.com/miekg/dns) from 1.1.56 to 1.1.57. - [Changelog](https://github.com/miekg/dns/blob/master/Makefile.release) - [Commits](https://github.com/miekg/dns/compare/v1.1.56...v1.1.57) --- updated-dependencies: - dependency-name: github.com/miekg/dns dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- go.mod | 2 +- go.sum | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/go.mod b/go.mod index d7f43f89..c0e7bfbe 100644 --- a/go.mod +++ b/go.mod @@ -7,7 +7,7 @@ require ( github.com/golang/mock v1.6.0 github.com/google/go-cmp v0.6.0 github.com/gorilla/websocket v1.5.1 - github.com/miekg/dns v1.1.56 + github.com/miekg/dns v1.1.57 github.com/pelletier/go-toml v1.9.5 github.com/pires/go-proxyproto v0.7.0 github.com/quic-go/quic-go v0.40.0 diff --git a/go.sum b/go.sum index 22473052..1239d8f0 100644 --- a/go.sum +++ b/go.sum @@ -92,8 +92,8 @@ github.com/lunixbochs/vtclean v1.0.0/go.mod h1:pHhQNgMf3btfWnGBVipUOjRYhoOsdGqdm github.com/mailru/easyjson v0.0.0-20190312143242-1de009706dbe/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc= github.com/matttproud/golang_protobuf_extensions v1.0.1/go.mod h1:D8He9yQNgCq6Z5Ld7szi9bcBfOoFv/3dc6xSMkL2PC0= github.com/microcosm-cc/bluemonday v1.0.1/go.mod h1:hsXNsILzKxV+sX77C5b8FSuKF00vh2OMYv+xgHpAMF4= -github.com/miekg/dns v1.1.56 h1:5imZaSeoRNvpM9SzWNhEcP9QliKiz20/dA2QabIGVnE= -github.com/miekg/dns v1.1.56/go.mod h1:cRm6Oo2C8TY9ZS/TqsSrseAcncm74lfK5G+ikN2SWWY= +github.com/miekg/dns v1.1.57 h1:Jzi7ApEIzwEPLHWRcafCN9LZSBbqQpxjt/wpgvg7wcM= +github.com/miekg/dns v1.1.57/go.mod h1:uqRjCRUuEAA6qsOiJvDd+CFo/vW+y5WR6SNmHE55hZk= github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q= github.com/modern-go/reflect2 v1.0.1/go.mod h1:bx2lNnkwVCuqBIxFjflWJWanXIb3RllmbCylyMrvgv0= github.com/neelance/astrewrite v0.0.0-20160511093645-99348263ae86/go.mod h1:kHJEU3ofeGjhHklVoIGuVj85JJwZ6kWPaJwCIxgnFmo= From 2570855cd780e34893ad31d8d5ff2338a396005a Mon Sep 17 00:00:00 2001 From: yuhan6665 <1588741+yuhan6665@users.noreply.github.com> Date: Fri, 17 Nov 2023 20:10:46 -0500 Subject: [PATCH 041/100] Update v1.8.6 --- core/core.go | 2 +- proxy/wireguard/server.go | 4 ++++ 2 files changed, 5 insertions(+), 1 deletion(-) diff --git a/core/core.go b/core/core.go index dfcaac6d..d11fa273 100644 --- a/core/core.go +++ b/core/core.go @@ -21,7 +21,7 @@ import ( var ( Version_x byte = 1 Version_y byte = 8 - Version_z byte = 5 + Version_z byte = 6 ) var ( diff --git a/proxy/wireguard/server.go b/proxy/wireguard/server.go index 6cd2d7ad..bdb4e801 100644 --- a/proxy/wireguard/server.go +++ b/proxy/wireguard/server.go @@ -77,6 +77,10 @@ func (*Server) Network() []net.Network { // Process implements proxy.Inbound. func (s *Server) Process(ctx context.Context, network net.Network, conn stat.Connection, dispatcher routing.Dispatcher) error { + inbound := session.InboundFromContext(ctx) + inbound.Name = "wireguard" + inbound.SetCanSpliceCopy(3) + s.info = routingInfo{ ctx: core.ToBackgroundDetachedContext(ctx), dispatcher: dispatcher, From 6f092bd21223b654465ccbfa1aaaafa59723f982 Mon Sep 17 00:00:00 2001 From: yuhan6665 <1588741+yuhan6665@users.noreply.github.com> Date: Mon, 27 Nov 2023 10:08:34 -0500 Subject: [PATCH 042/100] Add "masterKeyLog" in TLS config (#2758) * Add "enableMasterKeyLog" in TLS config Turn on the debug option for Wireshark to decrypt traffic * Change to "masterKeyLog" to configure a path --- infra/conf/transport_internet.go | 3 +++ proxy/wireguard/config.pb.go | 4 ++-- transport/internet/tls/config.go | 10 ++++++++++ transport/internet/tls/config.pb.go | 30 +++++++++++++++++++---------- transport/internet/tls/config.proto | 2 ++ 5 files changed, 37 insertions(+), 12 deletions(-) diff --git a/infra/conf/transport_internet.go b/infra/conf/transport_internet.go index e1471bde..318eb336 100644 --- a/infra/conf/transport_internet.go +++ b/infra/conf/transport_internet.go @@ -357,6 +357,7 @@ type TLSConfig struct { RejectUnknownSNI bool `json:"rejectUnknownSni"` PinnedPeerCertificateChainSha256 *[]string `json:"pinnedPeerCertificateChainSha256"` PinnedPeerCertificatePublicKeySha256 *[]string `json:"pinnedPeerCertificatePublicKeySha256"` + MasterKeyLog string `json:"masterKeyLog"` } // Build implements Buildable. @@ -412,6 +413,8 @@ func (c *TLSConfig) Build() (proto.Message, error) { } } + config.MasterKeyLog = c.MasterKeyLog + return config, nil } diff --git a/proxy/wireguard/config.pb.go b/proxy/wireguard/config.pb.go index ed8b135e..47bd2b77 100644 --- a/proxy/wireguard/config.pb.go +++ b/proxy/wireguard/config.pb.go @@ -1,7 +1,7 @@ // Code generated by protoc-gen-go. DO NOT EDIT. // versions: -// protoc-gen-go v1.28.1 -// protoc v4.25.0 +// protoc-gen-go v1.31.0 +// protoc v4.23.1 // source: proxy/wireguard/config.proto package wireguard diff --git a/transport/internet/tls/config.go b/transport/internet/tls/config.go index 2e2b784a..325909e3 100644 --- a/transport/internet/tls/config.go +++ b/transport/internet/tls/config.go @@ -5,6 +5,7 @@ import ( "crypto/tls" "crypto/x509" "encoding/base64" + "os" "strings" "sync" "time" @@ -364,6 +365,15 @@ func (c *Config) GetTLSConfig(opts ...Option) *tls.Config { config.PreferServerCipherSuites = c.PreferServerCipherSuites + if (len(c.MasterKeyLog) > 0 && c.MasterKeyLog != "none") { + writer, err := os.OpenFile(c.MasterKeyLog, os.O_CREATE|os.O_RDWR|os.O_APPEND, 0644) + if err != nil { + newError("failed to open ", c.MasterKeyLog, " as master key log").AtError().Base(err).WriteToLog() + } else { + config.KeyLogWriter = writer + } + } + return config } diff --git a/transport/internet/tls/config.pb.go b/transport/internet/tls/config.pb.go index 9bd5a84d..7602f3e9 100644 --- a/transport/internet/tls/config.pb.go +++ b/transport/internet/tls/config.pb.go @@ -208,6 +208,7 @@ type Config struct { // @Document This value replace allow_insecure. // @Critical PinnedPeerCertificatePublicKeySha256 [][]byte `protobuf:"bytes,14,rep,name=pinned_peer_certificate_public_key_sha256,json=pinnedPeerCertificatePublicKeySha256,proto3" json:"pinned_peer_certificate_public_key_sha256,omitempty"` + MasterKeyLog string `protobuf:"bytes,15,opt,name=master_key_log,json=masterKeyLog,proto3" json:"master_key_log,omitempty"` } func (x *Config) Reset() { @@ -340,6 +341,13 @@ func (x *Config) GetPinnedPeerCertificatePublicKeySha256() [][]byte { return nil } +func (x *Config) GetMasterKeyLog() string { + if x != nil { + return x.MasterKeyLog + } + return "" +} + var File_transport_internet_tls_config_proto protoreflect.FileDescriptor var file_transport_internet_tls_config_proto_rawDesc = []byte{ @@ -369,7 +377,7 @@ var file_transport_internet_tls_config_proto_rawDesc = []byte{ 0x43, 0x49, 0x50, 0x48, 0x45, 0x52, 0x4d, 0x45, 0x4e, 0x54, 0x10, 0x00, 0x12, 0x14, 0x0a, 0x10, 0x41, 0x55, 0x54, 0x48, 0x4f, 0x52, 0x49, 0x54, 0x59, 0x5f, 0x56, 0x45, 0x52, 0x49, 0x46, 0x59, 0x10, 0x01, 0x12, 0x13, 0x0a, 0x0f, 0x41, 0x55, 0x54, 0x48, 0x4f, 0x52, 0x49, 0x54, 0x59, 0x5f, - 0x49, 0x53, 0x53, 0x55, 0x45, 0x10, 0x02, 0x22, 0xcc, 0x05, 0x0a, 0x06, 0x43, 0x6f, 0x6e, 0x66, + 0x49, 0x53, 0x53, 0x55, 0x45, 0x10, 0x02, 0x22, 0xf2, 0x05, 0x0a, 0x06, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x25, 0x0a, 0x0e, 0x61, 0x6c, 0x6c, 0x6f, 0x77, 0x5f, 0x69, 0x6e, 0x73, 0x65, 0x63, 0x75, 0x72, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x08, 0x52, 0x0d, 0x61, 0x6c, 0x6c, 0x6f, 0x77, 0x49, 0x6e, 0x73, 0x65, 0x63, 0x75, 0x72, 0x65, 0x12, 0x4a, 0x0a, 0x0b, 0x63, 0x65, 0x72, @@ -414,15 +422,17 @@ var file_transport_internet_tls_config_proto_rawDesc = []byte{ 0x6b, 0x65, 0x79, 0x5f, 0x73, 0x68, 0x61, 0x32, 0x35, 0x36, 0x18, 0x0e, 0x20, 0x03, 0x28, 0x0c, 0x52, 0x24, 0x70, 0x69, 0x6e, 0x6e, 0x65, 0x64, 0x50, 0x65, 0x65, 0x72, 0x43, 0x65, 0x72, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x65, 0x50, 0x75, 0x62, 0x6c, 0x69, 0x63, 0x4b, 0x65, 0x79, - 0x53, 0x68, 0x61, 0x32, 0x35, 0x36, 0x42, 0x73, 0x0a, 0x1f, 0x63, 0x6f, 0x6d, 0x2e, 0x78, 0x72, - 0x61, 0x79, 0x2e, 0x74, 0x72, 0x61, 0x6e, 0x73, 0x70, 0x6f, 0x72, 0x74, 0x2e, 0x69, 0x6e, 0x74, - 0x65, 0x72, 0x6e, 0x65, 0x74, 0x2e, 0x74, 0x6c, 0x73, 0x50, 0x01, 0x5a, 0x30, 0x67, 0x69, 0x74, - 0x68, 0x75, 0x62, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x78, 0x74, 0x6c, 0x73, 0x2f, 0x78, 0x72, 0x61, - 0x79, 0x2d, 0x63, 0x6f, 0x72, 0x65, 0x2f, 0x74, 0x72, 0x61, 0x6e, 0x73, 0x70, 0x6f, 0x72, 0x74, - 0x2f, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x6e, 0x65, 0x74, 0x2f, 0x74, 0x6c, 0x73, 0xaa, 0x02, 0x1b, - 0x58, 0x72, 0x61, 0x79, 0x2e, 0x54, 0x72, 0x61, 0x6e, 0x73, 0x70, 0x6f, 0x72, 0x74, 0x2e, 0x49, - 0x6e, 0x74, 0x65, 0x72, 0x6e, 0x65, 0x74, 0x2e, 0x54, 0x6c, 0x73, 0x62, 0x06, 0x70, 0x72, 0x6f, - 0x74, 0x6f, 0x33, + 0x53, 0x68, 0x61, 0x32, 0x35, 0x36, 0x12, 0x24, 0x0a, 0x0e, 0x6d, 0x61, 0x73, 0x74, 0x65, 0x72, + 0x5f, 0x6b, 0x65, 0x79, 0x5f, 0x6c, 0x6f, 0x67, 0x18, 0x0f, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0c, + 0x6d, 0x61, 0x73, 0x74, 0x65, 0x72, 0x4b, 0x65, 0x79, 0x4c, 0x6f, 0x67, 0x42, 0x73, 0x0a, 0x1f, + 0x63, 0x6f, 0x6d, 0x2e, 0x78, 0x72, 0x61, 0x79, 0x2e, 0x74, 0x72, 0x61, 0x6e, 0x73, 0x70, 0x6f, + 0x72, 0x74, 0x2e, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x6e, 0x65, 0x74, 0x2e, 0x74, 0x6c, 0x73, 0x50, + 0x01, 0x5a, 0x30, 0x67, 0x69, 0x74, 0x68, 0x75, 0x62, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x78, 0x74, + 0x6c, 0x73, 0x2f, 0x78, 0x72, 0x61, 0x79, 0x2d, 0x63, 0x6f, 0x72, 0x65, 0x2f, 0x74, 0x72, 0x61, + 0x6e, 0x73, 0x70, 0x6f, 0x72, 0x74, 0x2f, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x6e, 0x65, 0x74, 0x2f, + 0x74, 0x6c, 0x73, 0xaa, 0x02, 0x1b, 0x58, 0x72, 0x61, 0x79, 0x2e, 0x54, 0x72, 0x61, 0x6e, 0x73, + 0x70, 0x6f, 0x72, 0x74, 0x2e, 0x49, 0x6e, 0x74, 0x65, 0x72, 0x6e, 0x65, 0x74, 0x2e, 0x54, 0x6c, + 0x73, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33, } var ( diff --git a/transport/internet/tls/config.proto b/transport/internet/tls/config.proto index 227840a2..b1c26a4c 100644 --- a/transport/internet/tls/config.proto +++ b/transport/internet/tls/config.proto @@ -83,4 +83,6 @@ message Config { @Critical */ repeated bytes pinned_peer_certificate_public_key_sha256 = 14; + + string master_key_log = 15; } From 69cbb4c47a2940d9ce08d0c2a3425e112fa3e5fa Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E9=A3=8E=E6=89=87=E6=BB=91=E7=BF=94=E7=BF=BC?= Date: Tue, 28 Nov 2023 18:25:37 +0800 Subject: [PATCH 043/100] Change WS upgraderBufferSize due to https://github.com/gorilla/websocket/issues/223 --- transport/internet/websocket/hub.go | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/transport/internet/websocket/hub.go b/transport/internet/websocket/hub.go index 7951b1f4..c907e224 100644 --- a/transport/internet/websocket/hub.go +++ b/transport/internet/websocket/hub.go @@ -28,8 +28,8 @@ type requestHandler struct { var replacer = strings.NewReplacer("+", "-", "/", "_", "=", "") var upgrader = &websocket.Upgrader{ - ReadBufferSize: 4 * 1024, - WriteBufferSize: 4 * 1024, + ReadBufferSize: 0, + WriteBufferSize: 0, HandshakeTimeout: time.Second * 4, CheckOrigin: func(r *http.Request) bool { return true From be21b1194b0413c5e864012d0b36716d788929e6 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 28 Nov 2023 00:54:23 +0000 Subject: [PATCH 044/100] Bump golang.org/x/net from 0.18.0 to 0.19.0 Bumps [golang.org/x/net](https://github.com/golang/net) from 0.18.0 to 0.19.0. - [Commits](https://github.com/golang/net/compare/v0.18.0...v0.19.0) --- updated-dependencies: - dependency-name: golang.org/x/net dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- go.mod | 6 +++--- go.sum | 12 ++++++------ 2 files changed, 9 insertions(+), 9 deletions(-) diff --git a/go.mod b/go.mod index c0e7bfbe..7ea4e1ce 100644 --- a/go.mod +++ b/go.mod @@ -20,10 +20,10 @@ require ( github.com/vishvananda/netlink v1.2.1-beta.2.0.20230316163032-ced5aaba43e3 github.com/xtls/reality v0.0.0-20231112171332-de1173cf2b19 go4.org/netipx v0.0.0-20230824141953-6213f710f925 - golang.org/x/crypto v0.15.0 - golang.org/x/net v0.18.0 + golang.org/x/crypto v0.16.0 + golang.org/x/net v0.19.0 golang.org/x/sync v0.5.0 - golang.org/x/sys v0.14.0 + golang.org/x/sys v0.15.0 golang.zx2c4.com/wireguard v0.0.0-20231022001213-2e0774f246fb google.golang.org/grpc v1.59.0 google.golang.org/protobuf v1.31.0 diff --git a/go.sum b/go.sum index 1239d8f0..0d8aef55 100644 --- a/go.sum +++ b/go.sum @@ -184,8 +184,8 @@ golang.org/x/crypto v0.0.0-20181030102418-4d3f4d9ffa16/go.mod h1:6SG95UA2DQfeDnf golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= golang.org/x/crypto v0.0.0-20190313024323-a1f597ede03a/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= -golang.org/x/crypto v0.15.0 h1:frVn1TEaCEaZcn3Tmd7Y2b5KKPaZ+I32Q2OA3kYp5TA= -golang.org/x/crypto v0.15.0/go.mod h1:4ChreQoLWfG3xLDer1WdlH5NdlQ3+mwnQq1YTKY+72g= +golang.org/x/crypto v0.16.0 h1:mMMrFzRSCF0GvB7Ne27XVtVAaXLrPmgPC7/v0tkwHaY= +golang.org/x/crypto v0.16.0/go.mod h1:gCAAfMLgwOJRpTjQ2zCCt2OcSfYMTeZVSRtQlPC7Nq4= golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20231110203233-9a3e6036ecaa h1:FRnLl4eNAQl8hwxVVC17teOw8kdjVDVAiFMtgUdTSRQ= golang.org/x/exp v0.0.0-20231110203233-9a3e6036ecaa/go.mod h1:zk2irFbV9DP96SEBUUAy67IdHUaZuSnrz1n472HUCLE= @@ -206,8 +206,8 @@ golang.org/x/net v0.0.0-20190313220215-9f648a60d977/go.mod h1:t9HGtf8HONx5eT2rtn golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20210405180319-a5a99cb37ef4/go.mod h1:p54w0d4576C0XHj96bSt6lcn1PtDYWL6XObtHCRCNQM= -golang.org/x/net v0.18.0 h1:mIYleuAkSbHh0tCv7RvjL3F6ZVbLjq4+R7zbOn3Kokg= -golang.org/x/net v0.18.0/go.mod h1:/czyP5RqHAH4odGYxBJ1qz0+CE5WZ+2j1YgoEo8F2jQ= +golang.org/x/net v0.19.0 h1:zTwKpTd2XuCqf8huc7Fo2iSy+4RHPd10s4KzeTnVr1c= +golang.org/x/net v0.19.0/go.mod h1:CfAk/cbD4CthTvqiEl8NpboMuiuOYsAr/7NOjZJtv1U= golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= golang.org/x/oauth2 v0.0.0-20181017192945-9dcd33a902f4/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= golang.org/x/oauth2 v0.0.0-20181203162652-d668ce993890/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= @@ -233,8 +233,8 @@ golang.org/x/sys v0.0.0-20210330210617-4fbd30eecc44/go.mod h1:h1NjWce9XRLGQEsW7w golang.org/x/sys v0.0.0-20210510120138-977fb7262007/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220804214406-8e32c043e418/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.5.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.14.0 h1:Vz7Qs629MkJkGyHxUlRHizWJRG2j8fbQKjELVSNhy7Q= -golang.org/x/sys v0.14.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= +golang.org/x/sys v0.15.0 h1:h48lPFYpsTvQJZF4EKyI4aLHaev3CxivZmv7yZig9pc= +golang.org/x/sys v0.15.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.1-0.20180807135948-17ff2d5776d2/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= From 2fd765ea4c31ed97d752f525f5f308f12cd04f45 Mon Sep 17 00:00:00 2001 From: yuhan6665 <1588741+yuhan6665@users.noreply.github.com> Date: Sun, 12 Nov 2023 12:28:21 -0500 Subject: [PATCH 045/100] Delay XUDP Basekey read --- common/xudp/xudp.go | 17 +++++++++++------ 1 file changed, 11 insertions(+), 6 deletions(-) diff --git a/common/xudp/xudp.go b/common/xudp/xudp.go index af18119f..566ba749 100644 --- a/common/xudp/xudp.go +++ b/common/xudp/xudp.go @@ -6,7 +6,9 @@ import ( "encoding/base64" "fmt" "io" + "strconv" "strings" + "time" "github.com/xtls/xray-core/common/buf" "github.com/xtls/xray-core/common/net" @@ -32,13 +34,16 @@ func init() { if strings.ToLower(platform.NewEnvFlag(platform.XUDPLog).GetValue(func() string { return "" })) == "true" { Show = true } - if raw := platform.NewEnvFlag(platform.XUDPBaseKey).GetValue(func() string { return "" }); raw != "" { - if BaseKey, _ = base64.RawURLEncoding.DecodeString(raw); len(BaseKey) == 32 { - return - } - panic(platform.XUDPBaseKey + ": invalid value: " + raw) - } rand.Read(BaseKey) + go func() { + time.Sleep(100 * time.Millisecond) // this is not nice, but need to give some time for Android to setup ENV + if raw := platform.NewEnvFlag(platform.XUDPBaseKey).GetValue(func() string { return "" }); raw != "" { + if BaseKey, _ = base64.RawURLEncoding.DecodeString(raw); len(BaseKey) == 32 { + return + } + panic(platform.XUDPBaseKey + ": invalid value (BaseKey must be 32 bytes): " + raw + " len " + strconv.Itoa(len(BaseKey))) + } + }() } func GetGlobalID(ctx context.Context) (globalID [8]byte) { From c590163f9ffb34c16a2da0096af07f625e7fb9ce Mon Sep 17 00:00:00 2001 From: Gorilla <147204357+gorilla800@users.noreply.github.com> Date: Thu, 30 Nov 2023 17:16:43 -0800 Subject: [PATCH 046/100] Update README.md Add link to tutorial for "Xray with WireGuard inbound" --- README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/README.md b/README.md index 7d84f044..4ad50458 100644 --- a/README.md +++ b/README.md @@ -56,6 +56,7 @@ - [REALITY (English)](https://cscot.pages.dev/2023/03/02/Xray-REALITY-tutorial/) - [XTLS-Iran-Reality (English)](https://github.com/SasukeFreestyle/XTLS-Iran-Reality) - [Xray REALITY with 'steal oneself' (English)](https://computerscot.github.io/vless-xtls-utls-reality-steal-oneself.html) + - [Xray with WireGuard inbound (English)](https://g800.pages.dev/wireguard) ## GUI Clients From 0c3e1d4bd9ca0fb6766322e0199688419e111274 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 5 Dec 2023 00:23:03 +0000 Subject: [PATCH 047/100] Bump github.com/sagernet/sing from 0.2.17 to 0.2.18 Bumps [github.com/sagernet/sing](https://github.com/sagernet/sing) from 0.2.17 to 0.2.18. - [Commits](https://github.com/sagernet/sing/compare/v0.2.17...v0.2.18) --- updated-dependencies: - dependency-name: github.com/sagernet/sing dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- go.mod | 2 +- go.sum | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/go.mod b/go.mod index 7ea4e1ce..2c3b3f3e 100644 --- a/go.mod +++ b/go.mod @@ -12,7 +12,7 @@ require ( github.com/pires/go-proxyproto v0.7.0 github.com/quic-go/quic-go v0.40.0 github.com/refraction-networking/utls v1.5.4 - github.com/sagernet/sing v0.2.17 + github.com/sagernet/sing v0.2.18 github.com/sagernet/sing-shadowsocks v0.2.5 github.com/seiflotfy/cuckoofilter v0.0.0-20220411075957-e3b120b3f5fb github.com/stretchr/testify v1.8.4 diff --git a/go.sum b/go.sum index 0d8aef55..a68e1b77 100644 --- a/go.sum +++ b/go.sum @@ -125,8 +125,8 @@ github.com/refraction-networking/utls v1.5.4/go.mod h1:SPuDbBmgLGp8s+HLNc83Fuavw github.com/riobard/go-bloom v0.0.0-20200614022211-cdc8013cb5b3 h1:f/FNXud6gA3MNr8meMVVGxhp+QBTqY91tM8HjEuMjGg= github.com/riobard/go-bloom v0.0.0-20200614022211-cdc8013cb5b3/go.mod h1:HgjTstvQsPGkxUsCd2KWxErBblirPizecHcpD3ffK+s= github.com/russross/blackfriday v1.5.2/go.mod h1:JO/DiYxRf+HjHt06OyowR9PTA263kcR/rfWxYHBV53g= -github.com/sagernet/sing v0.2.17 h1:vMPKb3MV0Aa5ws4dCJkRI8XEjrsUcDn810czd0FwmzI= -github.com/sagernet/sing v0.2.17/go.mod h1:OL6k2F0vHmEzXz2KW19qQzu172FDgSbUSODylighuVo= +github.com/sagernet/sing v0.2.18 h1:2Ce4dl0pkWft+4914NGXPb8OiQpgA8UHQ9xFOmgvKuY= +github.com/sagernet/sing v0.2.18/go.mod h1:OL6k2F0vHmEzXz2KW19qQzu172FDgSbUSODylighuVo= github.com/sagernet/sing-shadowsocks v0.2.5 h1:qxIttos4xu6ii7MTVJYA8EFQR7Q3KG6xMqmLJIFtBaY= github.com/sagernet/sing-shadowsocks v0.2.5/go.mod h1:MGWGkcU2xW2G2mfArT9/QqpVLOGU+dBaahZCtPHdt7A= github.com/seiflotfy/cuckoofilter v0.0.0-20220411075957-e3b120b3f5fb h1:XfLJSPIOUX+osiMraVgIrMR27uMXnRJWGm1+GL8/63U= From 1444552691b9f64f5152191be1d4c2c45c811cf5 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 7 Dec 2023 00:20:06 +0000 Subject: [PATCH 048/100] Bump actions/setup-go from 4 to 5 Bumps [actions/setup-go](https://github.com/actions/setup-go) from 4 to 5. - [Release notes](https://github.com/actions/setup-go/releases) - [Commits](https://github.com/actions/setup-go/compare/v4...v5) --- updated-dependencies: - dependency-name: actions/setup-go dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- .github/workflows/release.yml | 2 +- .github/workflows/test.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 57e14693..6ef8a74d 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -165,7 +165,7 @@ jobs: echo "ASSET_NAME=$_NAME" >> $GITHUB_ENV - name: Set up Go - uses: actions/setup-go@v4 + uses: actions/setup-go@v5 with: go-version: '1.21' check-latest: true diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 0ab32cd4..cf5d1259 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -28,7 +28,7 @@ jobs: os: [windows-latest, ubuntu-latest, macos-latest] steps: - name: Set up Go - uses: actions/setup-go@v4 + uses: actions/setup-go@v5 with: go-version: '1.21' check-latest: true From 06734d6f08287387441c42a1da8e97274812e4ab Mon Sep 17 00:00:00 2001 From: Lars Lehtonen Date: Fri, 8 Dec 2023 09:07:51 -0800 Subject: [PATCH 049/100] common/ocsp: fix dropped error --- common/ocsp/ocsp.go | 3 +++ 1 file changed, 3 insertions(+) diff --git a/common/ocsp/ocsp.go b/common/ocsp/ocsp.go index 02140c0d..b2c0bc58 100644 --- a/common/ocsp/ocsp.go +++ b/common/ocsp/ocsp.go @@ -28,6 +28,9 @@ func GetOCSPStapling(cert [][]byte, path string) ([]byte, error) { ocspData, err := GetOCSPForFile(path) if err != nil { ocspData, err = GetOCSPForCert(cert) + if err != nil { + return nil, err + } if !CheckOCSPFileIsNotExist(path) { err = os.Remove(path) if err != nil { From 4e7a57ef8641075e115a1081ab456ff56989a244 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 11 Dec 2023 00:29:38 +0000 Subject: [PATCH 050/100] Bump github.com/sagernet/sing-shadowsocks from 0.2.5 to 0.2.6 Bumps [github.com/sagernet/sing-shadowsocks](https://github.com/sagernet/sing-shadowsocks) from 0.2.5 to 0.2.6. - [Commits](https://github.com/sagernet/sing-shadowsocks/compare/v0.2.5...v0.2.6) --- updated-dependencies: - dependency-name: github.com/sagernet/sing-shadowsocks dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- go.mod | 2 +- go.sum | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/go.mod b/go.mod index 2c3b3f3e..1274e2b5 100644 --- a/go.mod +++ b/go.mod @@ -13,7 +13,7 @@ require ( github.com/quic-go/quic-go v0.40.0 github.com/refraction-networking/utls v1.5.4 github.com/sagernet/sing v0.2.18 - github.com/sagernet/sing-shadowsocks v0.2.5 + github.com/sagernet/sing-shadowsocks v0.2.6 github.com/seiflotfy/cuckoofilter v0.0.0-20220411075957-e3b120b3f5fb github.com/stretchr/testify v1.8.4 github.com/v2fly/ss-bloomring v0.0.0-20210312155135-28617310f63e diff --git a/go.sum b/go.sum index a68e1b77..a07f7093 100644 --- a/go.sum +++ b/go.sum @@ -127,8 +127,8 @@ github.com/riobard/go-bloom v0.0.0-20200614022211-cdc8013cb5b3/go.mod h1:HgjTstv github.com/russross/blackfriday v1.5.2/go.mod h1:JO/DiYxRf+HjHt06OyowR9PTA263kcR/rfWxYHBV53g= github.com/sagernet/sing v0.2.18 h1:2Ce4dl0pkWft+4914NGXPb8OiQpgA8UHQ9xFOmgvKuY= github.com/sagernet/sing v0.2.18/go.mod h1:OL6k2F0vHmEzXz2KW19qQzu172FDgSbUSODylighuVo= -github.com/sagernet/sing-shadowsocks v0.2.5 h1:qxIttos4xu6ii7MTVJYA8EFQR7Q3KG6xMqmLJIFtBaY= -github.com/sagernet/sing-shadowsocks v0.2.5/go.mod h1:MGWGkcU2xW2G2mfArT9/QqpVLOGU+dBaahZCtPHdt7A= +github.com/sagernet/sing-shadowsocks v0.2.6 h1:xr7ylAS/q1cQYS8oxKKajhuQcchd5VJJ4K4UZrrpp0s= +github.com/sagernet/sing-shadowsocks v0.2.6/go.mod h1:j2YZBIpWIuElPFL/5sJAj470bcn/3QQ5lxZUNKLDNAM= github.com/seiflotfy/cuckoofilter v0.0.0-20220411075957-e3b120b3f5fb h1:XfLJSPIOUX+osiMraVgIrMR27uMXnRJWGm1+GL8/63U= github.com/seiflotfy/cuckoofilter v0.0.0-20220411075957-e3b120b3f5fb/go.mod h1:bR6DqgcAl1zTcOX8/pE2Qkj9XO00eCNqmKb7lXP8EAg= github.com/sergi/go-diff v1.0.0/go.mod h1:0CfEIISq7TuYL3j771MWULgwwjU+GofnZX9QAmXWZgo= From 2c97beae4e0a9da30f912bce52aab8786fb90377 Mon Sep 17 00:00:00 2001 From: Yu FranzKafka <38254177+FranzKafkaYu@users.noreply.github.com> Date: Tue, 12 Dec 2023 00:43:13 +0800 Subject: [PATCH 051/100] delete my repo for unnecessary disputes MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit 写了半天英文,感觉挺别扭的,还是用中文吧。 因为闭源的缘故,很抱歉给社区带来了负面影响;同时也是由于生活所迫,自己再没有额外的精力维护项目。自此,我提议在README中删除我的项目,并推荐大家使用其他仍在维护的版本。 原本想说的话有很多,千言万语到此都作烟消云散。 相信我不会离开,我们总会以其他的方式再次见面。 --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 4ad50458..158487bf 100644 --- a/README.md +++ b/README.md @@ -26,7 +26,7 @@ - [iamybj/docker-xray](https://hub.docker.com/r/iamybj/docker-xray) - [teddysun/xray](https://hub.docker.com/r/teddysun/xray) - Web Panel - - [X-UI](https://github.com/FranzKafkaYu/x-ui), [X-UI-English](https://github.com/NidukaAkalanka/x-ui-english), [3X-UI](https://github.com/MHSanaei/3x-ui), [X-UI](https://github.com/alireza0/x-ui), [X-UI](https://github.com/diditra/x-ui) + - [X-UI-English](https://github.com/NidukaAkalanka/x-ui-english), [3X-UI](https://github.com/MHSanaei/3x-ui), [X-UI](https://github.com/alireza0/x-ui), [X-UI](https://github.com/diditra/x-ui) - [Xray-UI](https://github.com/qist/xray-ui), [X-UI](https://github.com/sing-web/x-ui) - [Hiddify](https://github.com/hiddify/hiddify-config) - [Marzban](https://github.com/Gozargah/Marzban) From 2da476eef426e7bbb42915aa2178ebb3cc5a553c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E3=83=81=E3=82=BB?= <123655015+chise0713@users.noreply.github.com> Date: Tue, 12 Dec 2023 09:52:10 +0800 Subject: [PATCH 052/100] Command: Add `wg` for wireguard key generation (#2794) * Command: Add `wg` for wireguard key generation * Command: Merge `x25519` and `wg` --- main/commands/all/commands.go | 1 + main/commands/all/curve25519.go | 57 +++++++++++++++++++++++++++++++++ main/commands/all/wg.go | 27 ++++++++++++++++ main/commands/all/x25519.go | 55 ++----------------------------- 4 files changed, 87 insertions(+), 53 deletions(-) create mode 100644 main/commands/all/curve25519.go create mode 100644 main/commands/all/wg.go diff --git a/main/commands/all/commands.go b/main/commands/all/commands.go index 9b8b49e0..41d0e0f1 100644 --- a/main/commands/all/commands.go +++ b/main/commands/all/commands.go @@ -16,5 +16,6 @@ func init() { tls.CmdTLS, cmdUUID, cmdX25519, + cmdWG, ) } diff --git a/main/commands/all/curve25519.go b/main/commands/all/curve25519.go new file mode 100644 index 00000000..25cc812e --- /dev/null +++ b/main/commands/all/curve25519.go @@ -0,0 +1,57 @@ +package all + +import ( + "crypto/rand" + "encoding/base64" + "fmt" + + "golang.org/x/crypto/curve25519" +) + +func Curve25519Genkey(StdEncoding bool, input_base64 string) { + var output string + var err error + var privateKey, publicKey []byte + var encoding *base64.Encoding + if *input_stdEncoding || StdEncoding { + encoding = base64.StdEncoding + } else { + encoding = base64.RawURLEncoding + } + + if len(input_base64) > 0 { + privateKey, err = encoding.DecodeString(input_base64) + if err != nil { + output = err.Error() + goto out + } + if len(privateKey) != curve25519.ScalarSize { + output = "Invalid length of private key." + goto out + } + } + + if privateKey == nil { + privateKey = make([]byte, curve25519.ScalarSize) + if _, err = rand.Read(privateKey); err != nil { + output = err.Error() + goto out + } + } + + // Modify random bytes using algorithm described at: + // https://cr.yp.to/ecdh.html. + privateKey[0] &= 248 + privateKey[31] &= 127 | 64 + + if publicKey, err = curve25519.X25519(privateKey, curve25519.Basepoint); err != nil { + output = err.Error() + goto out + } + + output = fmt.Sprintf("Private key: %v\nPublic key: %v", + encoding.EncodeToString(privateKey), + encoding.EncodeToString(publicKey)) +out: + fmt.Println(output) +} diff --git a/main/commands/all/wg.go b/main/commands/all/wg.go new file mode 100644 index 00000000..70da4668 --- /dev/null +++ b/main/commands/all/wg.go @@ -0,0 +1,27 @@ +package all + +import ( + "github.com/xtls/xray-core/main/commands/base" +) + +var cmdWG = &base.Command{ + UsageLine: `{{.Exec}} wg [-i "private key (base64.StdEncoding)"]`, + Short: `Generate key pair for wireguard key exchange`, + Long: ` +Generate key pair for wireguard key exchange. + +Random: {{.Exec}} wg + +From private key: {{.Exec}} wg -i "private key (base64.StdEncoding)" +`, +} + +func init() { + cmdWG.Run = executeWG // break init loop +} + +var input_wireguard = cmdWG.Flag.String("i", "", "") + +func executeWG(cmd *base.Command, args []string) { + Curve25519Genkey(true, *input_wireguard) +} diff --git a/main/commands/all/x25519.go b/main/commands/all/x25519.go index 814cca72..73f669b2 100644 --- a/main/commands/all/x25519.go +++ b/main/commands/all/x25519.go @@ -1,12 +1,7 @@ package all import ( - "crypto/rand" - "encoding/base64" - "fmt" - "github.com/xtls/xray-core/main/commands/base" - "golang.org/x/crypto/curve25519" ) var cmdX25519 = &base.Command{ @@ -26,55 +21,9 @@ func init() { cmdX25519.Run = executeX25519 // break init loop } -var input_base64 = cmdX25519.Flag.String("i", "", "") var input_stdEncoding = cmdX25519.Flag.Bool("std-encoding", false, "") +var input_x25519 = cmdX25519.Flag.String("i", "", "") func executeX25519(cmd *base.Command, args []string) { - var output string - var err error - var privateKey []byte - var publicKey []byte - var encoding *base64.Encoding - if len(*input_base64) > 0 { - privateKey, err = base64.RawURLEncoding.DecodeString(*input_base64) - if err != nil { - output = err.Error() - goto out - } - if len(privateKey) != curve25519.ScalarSize { - output = "Invalid length of private key." - goto out - } - } - - if privateKey == nil { - privateKey = make([]byte, curve25519.ScalarSize) - if _, err = rand.Read(privateKey); err != nil { - output = err.Error() - goto out - } - } - - // Modify random bytes using algorithm described at: - // https://cr.yp.to/ecdh.html. - privateKey[0] &= 248 - privateKey[31] &= 127 - privateKey[31] |= 64 - - if publicKey, err = curve25519.X25519(privateKey, curve25519.Basepoint); err != nil { - output = err.Error() - goto out - } - - if *input_stdEncoding { - encoding = base64.StdEncoding - } else { - encoding = base64.RawURLEncoding - } - - output = fmt.Sprintf("Private key: %v\nPublic key: %v", - encoding.EncodeToString(privateKey), - encoding.EncodeToString(publicKey)) -out: - fmt.Println(output) + Curve25519Genkey(false, *input_x25519) } From 921be3ac40dffb2404b8d28cc5a7861184e5894f Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 12 Dec 2023 00:12:39 +0000 Subject: [PATCH 053/100] Bump google.golang.org/grpc from 1.59.0 to 1.60.0 Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go) from 1.59.0 to 1.60.0. - [Release notes](https://github.com/grpc/grpc-go/releases) - [Commits](https://github.com/grpc/grpc-go/compare/v1.59.0...v1.60.0) --- updated-dependencies: - dependency-name: google.golang.org/grpc dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- go.mod | 2 +- go.sum | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/go.mod b/go.mod index 1274e2b5..a2cbf726 100644 --- a/go.mod +++ b/go.mod @@ -25,7 +25,7 @@ require ( golang.org/x/sync v0.5.0 golang.org/x/sys v0.15.0 golang.zx2c4.com/wireguard v0.0.0-20231022001213-2e0774f246fb - google.golang.org/grpc v1.59.0 + google.golang.org/grpc v1.60.0 google.golang.org/protobuf v1.31.0 gvisor.dev/gvisor v0.0.0-20231104011432-48a6d7d5bd0b h12.io/socks v1.0.3 diff --git a/go.sum b/go.sum index a07f7093..aedbe25b 100644 --- a/go.sum +++ b/go.sum @@ -280,8 +280,8 @@ google.golang.org/grpc v1.14.0/go.mod h1:yo6s7OP7yaDglbqo1J04qKzAhqBH6lvTonzMVmE google.golang.org/grpc v1.16.0/go.mod h1:0JHn/cJsOMiMfNA9+DeHDlAU7KAAB5GDlYFpa9MZMio= google.golang.org/grpc v1.17.0/go.mod h1:6QZJwpn2B+Zp71q/5VxRsJ6NXXVCE5NRUHRo+f3cWCs= google.golang.org/grpc v1.19.0/go.mod h1:mqu4LbDTu4XGKhr4mRzUsmM4RtVoemTSY81AxZiDr8c= -google.golang.org/grpc v1.59.0 h1:Z5Iec2pjwb+LEOqzpB2MR12/eKFhDPhuqW91O+4bwUk= -google.golang.org/grpc v1.59.0/go.mod h1:aUPDwccQo6OTjy7Hct4AfBPD1GptF4fyUjIkQ9YtF98= +google.golang.org/grpc v1.60.0 h1:6FQAR0kM31P6MRdeluor2w2gPaS4SVNrD/DNTxrQ15k= +google.golang.org/grpc v1.60.0/go.mod h1:OlCHIeLYqSSsLi6i49B5QGdzaMZK9+M7LXN2FKz4eGM= google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw= google.golang.org/protobuf v1.26.0/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc= google.golang.org/protobuf v1.31.0 h1:g0LDEJHgrBl9N9r17Ru3sqWhkIx2NB67okBHPwC7hs8= From 46d6b9f57a2c43934681d63d40f2527f48acb218 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 12 Dec 2023 00:12:42 +0000 Subject: [PATCH 054/100] Bump github.com/sagernet/sing from 0.2.18 to 0.2.19 Bumps [github.com/sagernet/sing](https://github.com/sagernet/sing) from 0.2.18 to 0.2.19. - [Commits](https://github.com/sagernet/sing/compare/v0.2.18...v0.2.19) --- updated-dependencies: - dependency-name: github.com/sagernet/sing dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- go.mod | 2 +- go.sum | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/go.mod b/go.mod index a2cbf726..6d5ab543 100644 --- a/go.mod +++ b/go.mod @@ -12,7 +12,7 @@ require ( github.com/pires/go-proxyproto v0.7.0 github.com/quic-go/quic-go v0.40.0 github.com/refraction-networking/utls v1.5.4 - github.com/sagernet/sing v0.2.18 + github.com/sagernet/sing v0.2.19 github.com/sagernet/sing-shadowsocks v0.2.6 github.com/seiflotfy/cuckoofilter v0.0.0-20220411075957-e3b120b3f5fb github.com/stretchr/testify v1.8.4 diff --git a/go.sum b/go.sum index aedbe25b..e00d5540 100644 --- a/go.sum +++ b/go.sum @@ -125,8 +125,8 @@ github.com/refraction-networking/utls v1.5.4/go.mod h1:SPuDbBmgLGp8s+HLNc83Fuavw github.com/riobard/go-bloom v0.0.0-20200614022211-cdc8013cb5b3 h1:f/FNXud6gA3MNr8meMVVGxhp+QBTqY91tM8HjEuMjGg= github.com/riobard/go-bloom v0.0.0-20200614022211-cdc8013cb5b3/go.mod h1:HgjTstvQsPGkxUsCd2KWxErBblirPizecHcpD3ffK+s= github.com/russross/blackfriday v1.5.2/go.mod h1:JO/DiYxRf+HjHt06OyowR9PTA263kcR/rfWxYHBV53g= -github.com/sagernet/sing v0.2.18 h1:2Ce4dl0pkWft+4914NGXPb8OiQpgA8UHQ9xFOmgvKuY= -github.com/sagernet/sing v0.2.18/go.mod h1:OL6k2F0vHmEzXz2KW19qQzu172FDgSbUSODylighuVo= +github.com/sagernet/sing v0.2.19 h1:Mdj/YJ5TtEyG+eIZaAlvX8j2cHxMN6eW4RF6Xh9iWyg= +github.com/sagernet/sing v0.2.19/go.mod h1:Ce5LNojQOgOiWhiD8pPD6E9H7e2KgtOe3Zxx4Ou5u80= github.com/sagernet/sing-shadowsocks v0.2.6 h1:xr7ylAS/q1cQYS8oxKKajhuQcchd5VJJ4K4UZrrpp0s= github.com/sagernet/sing-shadowsocks v0.2.6/go.mod h1:j2YZBIpWIuElPFL/5sJAj470bcn/3QQ5lxZUNKLDNAM= github.com/seiflotfy/cuckoofilter v0.0.0-20220411075957-e3b120b3f5fb h1:XfLJSPIOUX+osiMraVgIrMR27uMXnRJWGm1+GL8/63U= From 31a8fae76406eb4cbd9ec406947fd9f495b81bc5 Mon Sep 17 00:00:00 2001 From: wyx2685 Date: Tue, 12 Dec 2023 19:05:03 +0800 Subject: [PATCH 055/100] Fix deprecated StackNew() function --- proxy/shadowsocks_2022/outbound.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/proxy/shadowsocks_2022/outbound.go b/proxy/shadowsocks_2022/outbound.go index a06daac7..031e7fc5 100644 --- a/proxy/shadowsocks_2022/outbound.go +++ b/proxy/shadowsocks_2022/outbound.go @@ -102,7 +102,7 @@ func (o *Outbound) Process(ctx context.Context, link *transport.Link, dialer int if err != nil && err != buf.ErrNotTimeoutReader && err != buf.ErrReadTimeout { return newError("read payload").Base(err) } - _payload := B.StackNew() + _payload := B.New() payload := C.Dup(_payload) defer payload.Release() for { From 53ac4c031d7a42130bdb1c163a88f1b75ba36e05 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 14 Dec 2023 00:42:41 +0000 Subject: [PATCH 056/100] Bump github.com/quic-go/quic-go from 0.40.0 to 0.40.1 Bumps [github.com/quic-go/quic-go](https://github.com/quic-go/quic-go) from 0.40.0 to 0.40.1. - [Release notes](https://github.com/quic-go/quic-go/releases) - [Changelog](https://github.com/quic-go/quic-go/blob/master/Changelog.md) - [Commits](https://github.com/quic-go/quic-go/compare/v0.40.0...v0.40.1) --- updated-dependencies: - dependency-name: github.com/quic-go/quic-go dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- go.mod | 2 +- go.sum | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/go.mod b/go.mod index 6d5ab543..466bd673 100644 --- a/go.mod +++ b/go.mod @@ -10,7 +10,7 @@ require ( github.com/miekg/dns v1.1.57 github.com/pelletier/go-toml v1.9.5 github.com/pires/go-proxyproto v0.7.0 - github.com/quic-go/quic-go v0.40.0 + github.com/quic-go/quic-go v0.40.1 github.com/refraction-networking/utls v1.5.4 github.com/sagernet/sing v0.2.19 github.com/sagernet/sing-shadowsocks v0.2.6 diff --git a/go.sum b/go.sum index e00d5540..39a3041c 100644 --- a/go.sum +++ b/go.sum @@ -118,8 +118,8 @@ github.com/prometheus/common v0.0.0-20180801064454-c7de2306084e/go.mod h1:daVV7q github.com/prometheus/procfs v0.0.0-20180725123919-05ee40e3a273/go.mod h1:c3At6R/oaqEKCNdg8wHV1ftS6bRYblBhIjjI8uT2IGk= github.com/quic-go/qtls-go1-20 v0.4.1 h1:D33340mCNDAIKBqXuAvexTNMUByrYmFYVfKfDN5nfFs= github.com/quic-go/qtls-go1-20 v0.4.1/go.mod h1:X9Nh97ZL80Z+bX/gUXMbipO6OxdiDi58b/fMC9mAL+k= -github.com/quic-go/quic-go v0.40.0 h1:GYd1iznlKm7dpHD7pOVpUvItgMPo/jrMgDWZhMCecqw= -github.com/quic-go/quic-go v0.40.0/go.mod h1:PeN7kuVJ4xZbxSv/4OX6S1USOX8MJvydwpTx31vx60c= +github.com/quic-go/quic-go v0.40.1 h1:X3AGzUNFs0jVuO3esAGnTfvdgvL4fq655WaOi1snv1Q= +github.com/quic-go/quic-go v0.40.1/go.mod h1:PeN7kuVJ4xZbxSv/4OX6S1USOX8MJvydwpTx31vx60c= github.com/refraction-networking/utls v1.5.4 h1:9k6EO2b8TaOGsQ7Pl7p9w6PUhx18/ZCeT0WNTZ7Uw4o= github.com/refraction-networking/utls v1.5.4/go.mod h1:SPuDbBmgLGp8s+HLNc83FuavwZCFoMmExj+ltUHiHUw= github.com/riobard/go-bloom v0.0.0-20200614022211-cdc8013cb5b3 h1:f/FNXud6gA3MNr8meMVVGxhp+QBTqY91tM8HjEuMjGg= From 38b175d53e9043aa4fcda8fef9263d9ec313fbc1 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 15 Dec 2023 00:58:43 +0000 Subject: [PATCH 057/100] Bump actions/upload-artifact from 3 to 4 Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 3 to 4. - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](https://github.com/actions/upload-artifact/compare/v3...v4) --- updated-dependencies: - dependency-name: actions/upload-artifact dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- .github/workflows/release.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 6ef8a74d..e33b18b7 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -235,7 +235,7 @@ jobs: mv build_assets Xray-${{ env.ASSET_NAME }} - name: Upload files to Artifacts - uses: actions/upload-artifact@v3 + uses: actions/upload-artifact@v4 with: name: Xray-${{ env.ASSET_NAME }} path: | From c01a30e8f42ee67b31f6737ad5d05c3c2c721056 Mon Sep 17 00:00:00 2001 From: H1JK Date: Fri, 15 Dec 2023 23:45:41 +0800 Subject: [PATCH 058/100] Cleanup sing buffer usage --- go.mod | 2 +- go.sum | 4 ++-- proxy/shadowsocks_2022/inbound.go | 2 +- proxy/shadowsocks_2022/inbound_multi.go | 2 +- proxy/shadowsocks_2022/inbound_relay.go | 2 +- proxy/shadowsocks_2022/outbound.go | 13 +++++-------- 6 files changed, 11 insertions(+), 14 deletions(-) diff --git a/go.mod b/go.mod index 466bd673..3a8f1649 100644 --- a/go.mod +++ b/go.mod @@ -12,7 +12,7 @@ require ( github.com/pires/go-proxyproto v0.7.0 github.com/quic-go/quic-go v0.40.1 github.com/refraction-networking/utls v1.5.4 - github.com/sagernet/sing v0.2.19 + github.com/sagernet/sing v0.3.0-beta.2 github.com/sagernet/sing-shadowsocks v0.2.6 github.com/seiflotfy/cuckoofilter v0.0.0-20220411075957-e3b120b3f5fb github.com/stretchr/testify v1.8.4 diff --git a/go.sum b/go.sum index 39a3041c..a4920441 100644 --- a/go.sum +++ b/go.sum @@ -125,8 +125,8 @@ github.com/refraction-networking/utls v1.5.4/go.mod h1:SPuDbBmgLGp8s+HLNc83Fuavw github.com/riobard/go-bloom v0.0.0-20200614022211-cdc8013cb5b3 h1:f/FNXud6gA3MNr8meMVVGxhp+QBTqY91tM8HjEuMjGg= github.com/riobard/go-bloom v0.0.0-20200614022211-cdc8013cb5b3/go.mod h1:HgjTstvQsPGkxUsCd2KWxErBblirPizecHcpD3ffK+s= github.com/russross/blackfriday v1.5.2/go.mod h1:JO/DiYxRf+HjHt06OyowR9PTA263kcR/rfWxYHBV53g= -github.com/sagernet/sing v0.2.19 h1:Mdj/YJ5TtEyG+eIZaAlvX8j2cHxMN6eW4RF6Xh9iWyg= -github.com/sagernet/sing v0.2.19/go.mod h1:Ce5LNojQOgOiWhiD8pPD6E9H7e2KgtOe3Zxx4Ou5u80= +github.com/sagernet/sing v0.3.0-beta.2 h1:7wqgP+cMQeHS3M/64WWvJLeX07fLctBkE4+lguAFWeU= +github.com/sagernet/sing v0.3.0-beta.2/go.mod h1:9pfuAH6mZfgnz/YjP6xu5sxx882rfyjpcrTdUpd6w3g= github.com/sagernet/sing-shadowsocks v0.2.6 h1:xr7ylAS/q1cQYS8oxKKajhuQcchd5VJJ4K4UZrrpp0s= github.com/sagernet/sing-shadowsocks v0.2.6/go.mod h1:j2YZBIpWIuElPFL/5sJAj470bcn/3QQ5lxZUNKLDNAM= github.com/seiflotfy/cuckoofilter v0.0.0-20220411075957-e3b120b3f5fb h1:XfLJSPIOUX+osiMraVgIrMR27uMXnRJWGm1+GL8/63U= diff --git a/proxy/shadowsocks_2022/inbound.go b/proxy/shadowsocks_2022/inbound.go index 246fc7f1..00314c90 100644 --- a/proxy/shadowsocks_2022/inbound.go +++ b/proxy/shadowsocks_2022/inbound.go @@ -88,13 +88,13 @@ func (i *Inbound) Process(ctx context.Context, network net.Network, connection s } for _, buffer := range mb { packet := B.As(buffer.Bytes()).ToOwned() + buffer.Release() err = i.service.NewPacket(ctx, pc, packet, metadata) if err != nil { packet.Release() buf.ReleaseMulti(mb) return err } - buffer.Release() } } } diff --git a/proxy/shadowsocks_2022/inbound_multi.go b/proxy/shadowsocks_2022/inbound_multi.go index c3832a91..df837894 100644 --- a/proxy/shadowsocks_2022/inbound_multi.go +++ b/proxy/shadowsocks_2022/inbound_multi.go @@ -177,13 +177,13 @@ func (i *MultiUserInbound) Process(ctx context.Context, network net.Network, con } for _, buffer := range mb { packet := B.As(buffer.Bytes()).ToOwned() + buffer.Release() err = i.service.NewPacket(ctx, pc, packet, metadata) if err != nil { packet.Release() buf.ReleaseMulti(mb) return err } - buffer.Release() } } } diff --git a/proxy/shadowsocks_2022/inbound_relay.go b/proxy/shadowsocks_2022/inbound_relay.go index e2cb7d50..7317f8dd 100644 --- a/proxy/shadowsocks_2022/inbound_relay.go +++ b/proxy/shadowsocks_2022/inbound_relay.go @@ -109,13 +109,13 @@ func (i *RelayInbound) Process(ctx context.Context, network net.Network, connect } for _, buffer := range mb { packet := B.As(buffer.Bytes()).ToOwned() + buffer.Release() err = i.service.NewPacket(ctx, pc, packet, metadata) if err != nil { packet.Release() buf.ReleaseMulti(mb) return err } - buffer.Release() } } } diff --git a/proxy/shadowsocks_2022/outbound.go b/proxy/shadowsocks_2022/outbound.go index 031e7fc5..bc1eb556 100644 --- a/proxy/shadowsocks_2022/outbound.go +++ b/proxy/shadowsocks_2022/outbound.go @@ -2,7 +2,6 @@ package shadowsocks_2022 import ( "context" - "runtime" "time" shadowsocks "github.com/sagernet/sing-shadowsocks" @@ -102,27 +101,25 @@ func (o *Outbound) Process(ctx context.Context, link *transport.Link, dialer int if err != nil && err != buf.ErrNotTimeoutReader && err != buf.ErrReadTimeout { return newError("read payload").Base(err) } - _payload := B.New() - payload := C.Dup(_payload) - defer payload.Release() + payload := B.New() for { - payload.FullReset() + payload.Reset() nb, n := buf.SplitBytes(mb, payload.FreeBytes()) if n > 0 { payload.Truncate(n) _, err = serverConn.Write(payload.Bytes()) if err != nil { + payload.Release() return newError("write payload").Base(err) } handshake = true } if nb.IsEmpty() { break - } else { - mb = nb } + mb = nb } - runtime.KeepAlive(_payload) + payload.Release() } if !handshake { _, err = serverConn.Write(nil) From 5a5e615b46369579240dac1fdfe2b5e122c4c4ce Mon Sep 17 00:00:00 2001 From: Zhang San <52621825+zhangsan946@users.noreply.github.com> Date: Mon, 18 Dec 2023 06:56:15 +0800 Subject: [PATCH 059/100] Enable interface setting for socketopt under Windows (#2819) * allow set interface under windows Signed-off-by: San Zhang * polish code Signed-off-by: San Zhang --------- Signed-off-by: San Zhang Co-authored-by: San Zhang --- transport/internet/sockopt_windows.go | 27 ++++++++++++++++++++++++++- 1 file changed, 26 insertions(+), 1 deletion(-) diff --git a/transport/internet/sockopt_windows.go b/transport/internet/sockopt_windows.go index 703a53c2..e2f1f796 100644 --- a/transport/internet/sockopt_windows.go +++ b/transport/internet/sockopt_windows.go @@ -1,11 +1,16 @@ package internet import ( + "encoding/binary" + "net" "syscall" + "unsafe" ) const ( - TCP_FASTOPEN = 15 + TCP_FASTOPEN = 15 + IP_UNICAST_IF = 31 + IPV6_UNICAST_IF = 31 ) func setTFO(fd syscall.Handle, tfo int) error { @@ -21,6 +26,26 @@ func setTFO(fd syscall.Handle, tfo int) error { } func applyOutboundSocketOptions(network string, address string, fd uintptr, config *SocketConfig) error { + if config.Interface != "" { + inf, err := net.InterfaceByName(config.Interface) + if err != nil { + return newError("failed to find the interface").Base(err) + } + isV4 := (network == "tcp4") + if isV4 { + var bytes [4]byte + binary.BigEndian.PutUint32(bytes[:], uint32(inf.Index)) + idx := *(*uint32)(unsafe.Pointer(&bytes[0])) + if err := syscall.SetsockoptInt(syscall.Handle(fd), syscall.IPPROTO_IP, IP_UNICAST_IF, int(idx)); err != nil { + return newError("failed to set IP_UNICAST_IF").Base(err) + } + } else { + if err := syscall.SetsockoptInt(syscall.Handle(fd), syscall.IPPROTO_IPV6, IPV6_UNICAST_IF, inf.Index); err != nil { + return newError("failed to set IPV6_UNICAST_IF").Base(err) + } + } + } + if isTCPSocket(network) { if err := setTFO(syscall.Handle(fd), config.ParseTFOValue()); err != nil { return err From d60281d0a58643fb024cdb566b8b01c031a13a0a Mon Sep 17 00:00:00 2001 From: yuhan6665 <1588741+yuhan6665@users.noreply.github.com> Date: Sun, 17 Dec 2023 13:09:04 -0500 Subject: [PATCH 060/100] Add DestIpAddress() in Dialer interface Android client prepares an IP before proxy connection is established. It is useful when connecting to wireguard (or quic) outbound with domain address. E.g. engage.cloudflareclient.com:2408 --- app/proxyman/outbound/handler.go | 4 ++ proxy/wireguard/client.go | 73 +++++++++++++++++++++++++++-- transport/internet/dialer.go | 8 ++++ transport/internet/system_dialer.go | 9 ++++ 4 files changed, 91 insertions(+), 3 deletions(-) diff --git a/app/proxyman/outbound/handler.go b/app/proxyman/outbound/handler.go index d290b016..2df2b2c3 100644 --- a/app/proxyman/outbound/handler.go +++ b/app/proxyman/outbound/handler.go @@ -229,6 +229,10 @@ func (h *Handler) Address() net.Address { return h.senderSettings.Via.AsAddress() } +func (h *Handler) DestIpAddress() net.IP { + return internet.DestIpAddress() +} + // Dial implements internet.Dialer. func (h *Handler) Dial(ctx context.Context, dest net.Destination) (stat.Connection, error) { if h.senderSettings != nil { diff --git a/proxy/wireguard/client.go b/proxy/wireguard/client.go index def07878..2560c538 100644 --- a/proxy/wireguard/client.go +++ b/proxy/wireguard/client.go @@ -22,7 +22,9 @@ package wireguard import ( "context" + "fmt" "net/netip" + "strings" "sync" "github.com/xtls/xray-core/common" @@ -49,7 +51,6 @@ type Handler struct { policyManager policy.Manager dns dns.Client // cached configuration - ipc string endpoints []netip.Addr hasIPv4, hasIPv6 bool wgLock sync.Mutex @@ -69,7 +70,6 @@ func New(ctx context.Context, conf *DeviceConfig) (*Handler, error) { conf: conf, policyManager: v.GetFeature(policy.ManagerType()).(policy.Manager), dns: d, - ipc: createIPCRequest(conf), endpoints: endpoints, hasIPv4: hasIPv4, hasIPv6: hasIPv6, @@ -247,9 +247,76 @@ func (h *Handler) makeVirtualTun(bind *netBindClient) (Tunnel, error) { bind.dnsOption.IPv4Enable = h.hasIPv4 bind.dnsOption.IPv6Enable = h.hasIPv6 - if err = t.BuildDevice(h.ipc, bind); err != nil { + if err = t.BuildDevice(h.createIPCRequest(bind, h.conf), bind); err != nil { _ = t.Close() return nil, err } return t, nil } + + +// serialize the config into an IPC request +func (h *Handler) createIPCRequest(bind *netBindClient, conf *DeviceConfig) string { + var request strings.Builder + + request.WriteString(fmt.Sprintf("private_key=%s\n", conf.SecretKey)) + + if !conf.IsClient { + // placeholder, we'll handle actual port listening on Xray + request.WriteString("listen_port=1337\n") + } + + for _, peer := range conf.Peers { + if peer.PublicKey != "" { + request.WriteString(fmt.Sprintf("public_key=%s\n", peer.PublicKey)) + } + + if peer.PreSharedKey != "" { + request.WriteString(fmt.Sprintf("preshared_key=%s\n", peer.PreSharedKey)) + } + + split := strings.Split(peer.Endpoint, ":") + addr := net.ParseAddress(split[0]) + if addr.Family().IsDomain() { + dialerIp := bind.dialer.DestIpAddress() + if dialerIp != nil { + addr = net.ParseAddress(dialerIp.String()) + newError("createIPCRequest use dialer dest ip: ", addr).WriteToLog() + } else { + ips, err := h.dns.LookupIP(addr.Domain(), dns.IPOption{ + IPv4Enable: h.hasIPv4 && h.conf.preferIP4(), + IPv6Enable: h.hasIPv6 && h.conf.preferIP6(), + }) + { // Resolve fallback + if (len(ips) == 0 || err != nil) && h.conf.hasFallback() { + ips, err = h.dns.LookupIP(addr.Domain(), dns.IPOption{ + IPv4Enable: h.hasIPv4 && h.conf.fallbackIP4(), + IPv6Enable: h.hasIPv6 && h.conf.fallbackIP6(), + }) + } + } + if err != nil { + newError("createIPCRequest failed to lookup DNS").Base(err).WriteToLog() + } else if len(ips) == 0 { + newError("createIPCRequest empty lookup DNS").WriteToLog() + } else { + addr = net.IPAddress(ips[dice.Roll(len(ips))]) + } + } + } + + if peer.Endpoint != "" { + request.WriteString(fmt.Sprintf("endpoint=%s:%s\n", addr, split[1])) + } + + for _, ip := range peer.AllowedIps { + request.WriteString(fmt.Sprintf("allowed_ip=%s\n", ip)) + } + + if peer.KeepAlive != 0 { + request.WriteString(fmt.Sprintf("persistent_keepalive_interval=%d\n", peer.KeepAlive)) + } + } + + return request.String()[:request.Len()] +} diff --git a/transport/internet/dialer.go b/transport/internet/dialer.go index deae4df0..3d5d046f 100644 --- a/transport/internet/dialer.go +++ b/transport/internet/dialer.go @@ -22,6 +22,9 @@ type Dialer interface { // Address returns the address used by this Dialer. Maybe nil if not known. Address() net.Address + + // DestIpAddress returns the ip of proxy server. It is useful in case of Android client, which prepare an IP before proxy connection is established + DestIpAddress() net.IP } // dialFunc is an interface to dial network connection to a specific destination. @@ -68,6 +71,11 @@ func Dial(ctx context.Context, dest net.Destination, streamSettings *MemoryStrea return nil, newError("unknown network ", dest.Network) } +// DestIpAddress returns the ip of proxy server. It is useful in case of Android client, which prepare an IP before proxy connection is established +func DestIpAddress() net.IP { + return effectiveSystemDialer.DestIpAddress() +} + var ( dnsClient dns.Client obm outbound.Manager diff --git a/transport/internet/system_dialer.go b/transport/internet/system_dialer.go index 5304595f..cdb6cb9c 100644 --- a/transport/internet/system_dialer.go +++ b/transport/internet/system_dialer.go @@ -16,6 +16,7 @@ var effectiveSystemDialer SystemDialer = &DefaultSystemDialer{} type SystemDialer interface { Dial(ctx context.Context, source net.Address, destination net.Destination, sockopt *SocketConfig) (net.Conn, error) + DestIpAddress() net.IP } type DefaultSystemDialer struct { @@ -108,6 +109,10 @@ func (d *DefaultSystemDialer) Dial(ctx context.Context, src net.Address, dest ne return dialer.DialContext(ctx, dest.Network.SystemString(), dest.NetAddr()) } +func (d *DefaultSystemDialer) DestIpAddress() net.IP { + return nil +} + type PacketConnWrapper struct { Conn net.PacketConn Dest net.Addr @@ -172,6 +177,10 @@ func (v *SimpleSystemDialer) Dial(ctx context.Context, src net.Address, dest net return v.adapter.Dial(dest.Network.SystemString(), dest.NetAddr()) } +func (d *SimpleSystemDialer) DestIpAddress() net.IP { + return nil +} + // UseAlternativeSystemDialer replaces the current system dialer with a given one. // Caller must ensure there is no race condition. // From e03b78dcec4468ea7b559b2084f857d22f8daca2 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 18 Dec 2023 00:23:05 +0000 Subject: [PATCH 061/100] Bump github.com/refraction-networking/utls from 1.5.4 to 1.6.0 Bumps [github.com/refraction-networking/utls](https://github.com/refraction-networking/utls) from 1.5.4 to 1.6.0. - [Release notes](https://github.com/refraction-networking/utls/releases) - [Commits](https://github.com/refraction-networking/utls/compare/v1.5.4...v1.6.0) --- updated-dependencies: - dependency-name: github.com/refraction-networking/utls dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- go.mod | 3 +-- go.sum | 6 ++---- 2 files changed, 3 insertions(+), 6 deletions(-) diff --git a/go.mod b/go.mod index 3a8f1649..fff59a1b 100644 --- a/go.mod +++ b/go.mod @@ -11,7 +11,7 @@ require ( github.com/pelletier/go-toml v1.9.5 github.com/pires/go-proxyproto v0.7.0 github.com/quic-go/quic-go v0.40.1 - github.com/refraction-networking/utls v1.5.4 + github.com/refraction-networking/utls v1.6.0 github.com/sagernet/sing v0.3.0-beta.2 github.com/sagernet/sing-shadowsocks v0.2.6 github.com/seiflotfy/cuckoofilter v0.0.0-20220411075957-e3b120b3f5fb @@ -38,7 +38,6 @@ require ( github.com/davecgh/go-spew v1.1.1 // indirect github.com/dgryski/go-metro v0.0.0-20211217172704-adc40b04c140 // indirect github.com/francoispqt/gojay v1.2.13 // indirect - github.com/gaukas/godicttls v0.0.4 // indirect github.com/go-task/slim-sprig v0.0.0-20230315185526-52ccab3ef572 // indirect github.com/golang/protobuf v1.5.3 // indirect github.com/google/btree v1.1.2 // indirect diff --git a/go.sum b/go.sum index a4920441..710ab59c 100644 --- a/go.sum +++ b/go.sum @@ -29,8 +29,6 @@ github.com/flynn/go-shlex v0.0.0-20150515145356-3f9db97f8568/go.mod h1:xEzjJPgXI github.com/francoispqt/gojay v1.2.13 h1:d2m3sFjloqoIUQU3TsHBgj6qg/BVGlTBeHDUmyJnXKk= github.com/francoispqt/gojay v1.2.13/go.mod h1:ehT5mTG4ua4581f1++1WLG0vPdaA9HaiDsoyrBGkyDY= github.com/fsnotify/fsnotify v1.4.7/go.mod h1:jwhsz4b93w/PPRr/qN1Yymfu8t87LnFCMoQvtojpjFo= -github.com/gaukas/godicttls v0.0.4 h1:NlRaXb3J6hAnTmWdsEKb9bcSBD6BvcIjdGdeb0zfXbk= -github.com/gaukas/godicttls v0.0.4/go.mod h1:l6EenT4TLWgTdwslVb4sEMOCf7Bv0JAK67deKr9/NCI= github.com/ghodss/yaml v1.0.0/go.mod h1:4dBDuWmgqj2HViK6kFavaiC9ZROes6MMH2rRYeMEF04= github.com/ghodss/yaml v1.0.1-0.20220118164431-d8423dcdf344 h1:Arcl6UOIS/kgO2nW3A65HN+7CMjSDP/gofXL4CZt1V4= github.com/ghodss/yaml v1.0.1-0.20220118164431-d8423dcdf344/go.mod h1:GIjDIg/heH5DOkXY3YJ/wNhfHsQHoXGjl8G8amsYQ1I= @@ -120,8 +118,8 @@ github.com/quic-go/qtls-go1-20 v0.4.1 h1:D33340mCNDAIKBqXuAvexTNMUByrYmFYVfKfDN5 github.com/quic-go/qtls-go1-20 v0.4.1/go.mod h1:X9Nh97ZL80Z+bX/gUXMbipO6OxdiDi58b/fMC9mAL+k= github.com/quic-go/quic-go v0.40.1 h1:X3AGzUNFs0jVuO3esAGnTfvdgvL4fq655WaOi1snv1Q= github.com/quic-go/quic-go v0.40.1/go.mod h1:PeN7kuVJ4xZbxSv/4OX6S1USOX8MJvydwpTx31vx60c= -github.com/refraction-networking/utls v1.5.4 h1:9k6EO2b8TaOGsQ7Pl7p9w6PUhx18/ZCeT0WNTZ7Uw4o= -github.com/refraction-networking/utls v1.5.4/go.mod h1:SPuDbBmgLGp8s+HLNc83FuavwZCFoMmExj+ltUHiHUw= +github.com/refraction-networking/utls v1.6.0 h1:X5vQMqVx7dY7ehxxqkFER/W6DSjy8TMqSItXm8hRDYQ= +github.com/refraction-networking/utls v1.6.0/go.mod h1:kHJ6R9DFFA0WsRgBM35iiDku4O7AqPR6y79iuzW7b10= github.com/riobard/go-bloom v0.0.0-20200614022211-cdc8013cb5b3 h1:f/FNXud6gA3MNr8meMVVGxhp+QBTqY91tM8HjEuMjGg= github.com/riobard/go-bloom v0.0.0-20200614022211-cdc8013cb5b3/go.mod h1:HgjTstvQsPGkxUsCd2KWxErBblirPizecHcpD3ffK+s= github.com/russross/blackfriday v1.5.2/go.mod h1:JO/DiYxRf+HjHt06OyowR9PTA263kcR/rfWxYHBV53g= From 5e19c1a77842130c8efd46781301e19f0e2fecfc Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 19 Dec 2023 00:17:49 +0000 Subject: [PATCH 062/100] Bump google.golang.org/grpc from 1.60.0 to 1.60.1 Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go) from 1.60.0 to 1.60.1. - [Release notes](https://github.com/grpc/grpc-go/releases) - [Commits](https://github.com/grpc/grpc-go/compare/v1.60.0...v1.60.1) --- updated-dependencies: - dependency-name: google.golang.org/grpc dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- go.mod | 2 +- go.sum | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/go.mod b/go.mod index fff59a1b..214aacf7 100644 --- a/go.mod +++ b/go.mod @@ -25,7 +25,7 @@ require ( golang.org/x/sync v0.5.0 golang.org/x/sys v0.15.0 golang.zx2c4.com/wireguard v0.0.0-20231022001213-2e0774f246fb - google.golang.org/grpc v1.60.0 + google.golang.org/grpc v1.60.1 google.golang.org/protobuf v1.31.0 gvisor.dev/gvisor v0.0.0-20231104011432-48a6d7d5bd0b h12.io/socks v1.0.3 diff --git a/go.sum b/go.sum index 710ab59c..42268bc5 100644 --- a/go.sum +++ b/go.sum @@ -278,8 +278,8 @@ google.golang.org/grpc v1.14.0/go.mod h1:yo6s7OP7yaDglbqo1J04qKzAhqBH6lvTonzMVmE google.golang.org/grpc v1.16.0/go.mod h1:0JHn/cJsOMiMfNA9+DeHDlAU7KAAB5GDlYFpa9MZMio= google.golang.org/grpc v1.17.0/go.mod h1:6QZJwpn2B+Zp71q/5VxRsJ6NXXVCE5NRUHRo+f3cWCs= google.golang.org/grpc v1.19.0/go.mod h1:mqu4LbDTu4XGKhr4mRzUsmM4RtVoemTSY81AxZiDr8c= -google.golang.org/grpc v1.60.0 h1:6FQAR0kM31P6MRdeluor2w2gPaS4SVNrD/DNTxrQ15k= -google.golang.org/grpc v1.60.0/go.mod h1:OlCHIeLYqSSsLi6i49B5QGdzaMZK9+M7LXN2FKz4eGM= +google.golang.org/grpc v1.60.1 h1:26+wFr+cNqSGFcOXcabYC0lUVJVRa2Sb2ortSK7VrEU= +google.golang.org/grpc v1.60.1/go.mod h1:OlCHIeLYqSSsLi6i49B5QGdzaMZK9+M7LXN2FKz4eGM= google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw= google.golang.org/protobuf v1.26.0/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc= google.golang.org/protobuf v1.31.0 h1:g0LDEJHgrBl9N9r17Ru3sqWhkIx2NB67okBHPwC7hs8= From f51bf98714724cad273f853c8102f6bce64fd20f Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 19 Dec 2023 00:17:38 +0000 Subject: [PATCH 063/100] Bump golang.org/x/crypto from 0.16.0 to 0.17.0 Bumps [golang.org/x/crypto](https://github.com/golang/crypto) from 0.16.0 to 0.17.0. - [Commits](https://github.com/golang/crypto/compare/v0.16.0...v0.17.0) --- updated-dependencies: - dependency-name: golang.org/x/crypto dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- go.mod | 2 +- go.sum | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/go.mod b/go.mod index 214aacf7..b2d787af 100644 --- a/go.mod +++ b/go.mod @@ -20,7 +20,7 @@ require ( github.com/vishvananda/netlink v1.2.1-beta.2.0.20230316163032-ced5aaba43e3 github.com/xtls/reality v0.0.0-20231112171332-de1173cf2b19 go4.org/netipx v0.0.0-20230824141953-6213f710f925 - golang.org/x/crypto v0.16.0 + golang.org/x/crypto v0.17.0 golang.org/x/net v0.19.0 golang.org/x/sync v0.5.0 golang.org/x/sys v0.15.0 diff --git a/go.sum b/go.sum index 42268bc5..b1fa4a9c 100644 --- a/go.sum +++ b/go.sum @@ -182,8 +182,8 @@ golang.org/x/crypto v0.0.0-20181030102418-4d3f4d9ffa16/go.mod h1:6SG95UA2DQfeDnf golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= golang.org/x/crypto v0.0.0-20190313024323-a1f597ede03a/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= -golang.org/x/crypto v0.16.0 h1:mMMrFzRSCF0GvB7Ne27XVtVAaXLrPmgPC7/v0tkwHaY= -golang.org/x/crypto v0.16.0/go.mod h1:gCAAfMLgwOJRpTjQ2zCCt2OcSfYMTeZVSRtQlPC7Nq4= +golang.org/x/crypto v0.17.0 h1:r8bRNjWL3GshPW3gkd+RpvzWrZAwPS49OmTGZ/uhM4k= +golang.org/x/crypto v0.17.0/go.mod h1:gCAAfMLgwOJRpTjQ2zCCt2OcSfYMTeZVSRtQlPC7Nq4= golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20231110203233-9a3e6036ecaa h1:FRnLl4eNAQl8hwxVVC17teOw8kdjVDVAiFMtgUdTSRQ= golang.org/x/exp v0.0.0-20231110203233-9a3e6036ecaa/go.mod h1:zk2irFbV9DP96SEBUUAy67IdHUaZuSnrz1n472HUCLE= From 9becf02316472a186d99e507ce65345f19c8d71b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E9=A3=8E=E6=89=87=E6=BB=91=E7=BF=94=E7=BF=BC?= Date: Fri, 22 Dec 2023 18:27:03 +0800 Subject: [PATCH 064/100] allow empty route type default field --- infra/conf/router.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/infra/conf/router.go b/infra/conf/router.go index a9f57cd6..79176fa5 100644 --- a/infra/conf/router.go +++ b/infra/conf/router.go @@ -636,7 +636,7 @@ func ParseRule(msg json.RawMessage) (*router.RoutingRule, error) { if err != nil { return nil, newError("invalid router rule").Base(err) } - if strings.EqualFold(rawRule.Type, "field") { + if rawRule.Type == "" || strings.EqualFold(rawRule.Type, "field") { fieldrule, err := parseFieldRule(msg) if err != nil { return nil, newError("invalid field rule").Base(err) From 01c14a599450ffd576cced599098c895d5790c2d Mon Sep 17 00:00:00 2001 From: Hossin Asaadi Date: Sun, 24 Dec 2023 23:29:10 +0300 Subject: [PATCH 065/100] add Round-Robin Strategy to balancer (#2844) * add Round-Robin Strategy * clean up --- app/router/balancing.go | 34 ++++++++++++++++++++++++++++++++++ app/router/config.go | 6 ++++++ infra/conf/router.go | 2 ++ infra/conf/router_strategy.go | 5 +++-- 4 files changed, 45 insertions(+), 2 deletions(-) diff --git a/app/router/balancing.go b/app/router/balancing.go index 50b84388..ad0a3b36 100644 --- a/app/router/balancing.go +++ b/app/router/balancing.go @@ -2,6 +2,7 @@ package router import ( "context" + sync "sync" "github.com/xtls/xray-core/common/dice" "github.com/xtls/xray-core/features/extension" @@ -23,6 +24,39 @@ func (s *RandomStrategy) PickOutbound(tags []string) string { return tags[dice.Roll(n)] } +type RoundRobinStrategy struct { + mu sync.Mutex + tags []string + index int + roundRobin *RoundRobinStrategy +} + +func NewRoundRobin(tags []string) *RoundRobinStrategy { + return &RoundRobinStrategy{ + tags: tags, + } +} +func (r *RoundRobinStrategy) NextTag() string { + r.mu.Lock() + defer r.mu.Unlock() + + tags := r.tags[r.index] + r.index = (r.index + 1) % len(r.tags) + return tags +} + +func (s *RoundRobinStrategy) PickOutbound(tags []string) string { + if len(tags) == 0 { + panic("0 tags") + } + if s.roundRobin == nil { + s.roundRobin = NewRoundRobin(tags) + } + tag := s.roundRobin.NextTag() + + return tag +} + type Balancer struct { selectors []string strategy BalancingStrategy diff --git a/app/router/config.go b/app/router/config.go index f50f02a1..5dc32fa8 100644 --- a/app/router/config.go +++ b/app/router/config.go @@ -129,6 +129,12 @@ func (br *BalancingRule) Build(ohm outbound.Manager) (*Balancer, error) { strategy: &LeastPingStrategy{}, ohm: ohm, }, nil + case "roundRobin": + return &Balancer{ + selectors: br.OutboundSelector, + strategy: &RoundRobinStrategy{}, + ohm: ohm, + }, nil case "random": fallthrough default: diff --git a/infra/conf/router.go b/infra/conf/router.go index 79176fa5..a3285e85 100644 --- a/infra/conf/router.go +++ b/infra/conf/router.go @@ -43,6 +43,8 @@ func (r *BalancingRule) Build() (*router.BalancingRule, error) { strategy = strategyRandom case strategyLeastPing: strategy = "leastPing" + case strategyRoundRobin: + strategy = "roundRobin" default: return nil, newError("unknown balancing strategy: " + r.Strategy.Type) } diff --git a/infra/conf/router_strategy.go b/infra/conf/router_strategy.go index b8536330..ef2abc26 100644 --- a/infra/conf/router_strategy.go +++ b/infra/conf/router_strategy.go @@ -1,6 +1,7 @@ package conf const ( - strategyRandom string = "random" - strategyLeastPing string = "leastping" + strategyRandom string = "random" + strategyLeastPing string = "leastping" + strategyRoundRobin string = "roundrobin" ) From b7f21be8bcaaeb1d608f7b96d4ae62182896c094 Mon Sep 17 00:00:00 2001 From: hossinasaadi Date: Sat, 23 Dec 2023 11:38:43 +0400 Subject: [PATCH 066/100] fix ecdh crash in reality --- transport/internet/reality/reality.go | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/transport/internet/reality/reality.go b/transport/internet/reality/reality.go index de8a6ac6..75a668c9 100644 --- a/transport/internet/reality/reality.go +++ b/transport/internet/reality/reality.go @@ -136,7 +136,10 @@ func UClient(c net.Conn, config *Config, ctx context.Context, dest net.Destinati if config.Show { newError(fmt.Sprintf("REALITY localAddr: %v\thello.SessionId[:16]: %v\n", localAddr, hello.SessionId[:16])).WriteToLog(session.ExportIDToError(ctx)) } - publicKey, _ := ecdh.X25519().NewPublicKey(config.PublicKey) + publicKey, err := ecdh.X25519().NewPublicKey(config.PublicKey) + if err != nil { + return nil, errors.New("REALITY: publicKey == nil") + } uConn.AuthKey, _ = uConn.HandshakeState.State13.EcdheKey.ECDH(publicKey) if uConn.AuthKey == nil { return nil, errors.New("REALITY: SharedKey == nil") From b0bf0d7fd5e4942b063fd8f9d2080944189c803f Mon Sep 17 00:00:00 2001 From: Allo Date: Fri, 22 Dec 2023 17:42:04 +0800 Subject: [PATCH 067/100] fix(conf): add Windows support for Unix Domain Socket --- infra/conf/xray.go | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/infra/conf/xray.go b/infra/conf/xray.go index 0935b1b0..10944826 100644 --- a/infra/conf/xray.go +++ b/infra/conf/xray.go @@ -5,6 +5,7 @@ import ( "fmt" "log" "os" + "path/filepath" "strings" "github.com/xtls/xray-core/app/dispatcher" @@ -188,7 +189,7 @@ func (c *InboundDetourConfig) Build() (*core.InboundHandlerConfig, error) { } else { // Listen on specific IP or Unix Domain Socket receiverSettings.Listen = c.ListenOn.Build() - listenDS := c.ListenOn.Family().IsDomain() && (c.ListenOn.Domain()[0] == '/' || c.ListenOn.Domain()[0] == '@') + listenDS := c.ListenOn.Family().IsDomain() && (filepath.IsAbs(c.ListenOn.Domain()) || c.ListenOn.Domain()[0] == '@') listenIP := c.ListenOn.Family().IsIP() || (c.ListenOn.Family().IsDomain() && c.ListenOn.Domain() == "localhost") if listenIP { // Listen on specific IP, must set PortList From eacdda3c93184043a98aa1841947ad4d4f6f7c61 Mon Sep 17 00:00:00 2001 From: yuhan6665 <1588741+yuhan6665@users.noreply.github.com> Date: Sun, 24 Dec 2023 21:07:56 -0500 Subject: [PATCH 068/100] Fix connecting to quic outbound with domain address --- transport/internet/quic/dialer.go | 19 ++++++++++++++----- 1 file changed, 14 insertions(+), 5 deletions(-) diff --git a/transport/internet/quic/dialer.go b/transport/internet/quic/dialer.go index c6bc08aa..7c8122b6 100644 --- a/transport/internet/quic/dialer.go +++ b/transport/internet/quic/dialer.go @@ -208,12 +208,21 @@ func Dial(ctx context.Context, dest net.Destination, streamSettings *internet.Me IP: dest.Address.IP(), Port: int(dest.Port), } - } else { - addr, err := net.ResolveUDPAddr("udp", dest.NetAddr()) - if err != nil { - return nil, err + } else { + dialerIp := internet.DestIpAddress() + if dialerIp != nil { + destAddr = &net.UDPAddr{ + IP: dialerIp, + Port: int(dest.Port), + } + newError("quic Dial use dialer dest addr: ", destAddr).WriteToLog() + } else { + addr, err := net.ResolveUDPAddr("udp", dest.NetAddr()) + if err != nil { + return nil, err + } + destAddr = addr } - destAddr = addr } config := streamSettings.ProtocolSettings.(*Config) From 1dc9a720689f5748ef944a6004d52770c76b2034 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 25 Dec 2023 00:49:24 +0000 Subject: [PATCH 069/100] Bump google.golang.org/protobuf from 1.31.0 to 1.32.0 Bumps google.golang.org/protobuf from 1.31.0 to 1.32.0. --- updated-dependencies: - dependency-name: google.golang.org/protobuf dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- go.mod | 2 +- go.sum | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/go.mod b/go.mod index b2d787af..09a5a803 100644 --- a/go.mod +++ b/go.mod @@ -26,7 +26,7 @@ require ( golang.org/x/sys v0.15.0 golang.zx2c4.com/wireguard v0.0.0-20231022001213-2e0774f246fb google.golang.org/grpc v1.60.1 - google.golang.org/protobuf v1.31.0 + google.golang.org/protobuf v1.32.0 gvisor.dev/gvisor v0.0.0-20231104011432-48a6d7d5bd0b h12.io/socks v1.0.3 lukechampine.com/blake3 v1.2.1 diff --git a/go.sum b/go.sum index b1fa4a9c..d02298e3 100644 --- a/go.sum +++ b/go.sum @@ -282,8 +282,8 @@ google.golang.org/grpc v1.60.1 h1:26+wFr+cNqSGFcOXcabYC0lUVJVRa2Sb2ortSK7VrEU= google.golang.org/grpc v1.60.1/go.mod h1:OlCHIeLYqSSsLi6i49B5QGdzaMZK9+M7LXN2FKz4eGM= google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw= google.golang.org/protobuf v1.26.0/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc= -google.golang.org/protobuf v1.31.0 h1:g0LDEJHgrBl9N9r17Ru3sqWhkIx2NB67okBHPwC7hs8= -google.golang.org/protobuf v1.31.0/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I= +google.golang.org/protobuf v1.32.0 h1:pPC6BG5ex8PDFnkbrGU3EixyhKcQ2aDuBS36lqK/C7I= +google.golang.org/protobuf v1.32.0/go.mod h1:c6P6GXX6sHbq/GpV6MGZEdwhWPcYBgnhAHhKbcUYpos= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127 h1:qIbj1fsPNlZgppZ+VLlY7N33q108Sa+fhmuc+sWQYwY= gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= From 1dba70004fcea75fc3cf057d81081219e362a775 Mon Sep 17 00:00:00 2001 From: R8s6 <44877866+R8s6@users.noreply.github.com> Date: Wed, 27 Dec 2023 17:15:53 -0800 Subject: [PATCH 070/100] Update README.md Adding official docker repo. --- README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/README.md b/README.md index 158487bf..001654dc 100644 --- a/README.md +++ b/README.md @@ -23,6 +23,7 @@ - Linux Script - [XTLS/Xray-install](https://github.com/XTLS/Xray-install) - Docker + - Official: [ghcr.io/xtls/xray-core](https://ghcr.io/xtls/xray-core) - [iamybj/docker-xray](https://hub.docker.com/r/iamybj/docker-xray) - [teddysun/xray](https://hub.docker.com/r/teddysun/xray) - Web Panel From 006cf491e57c0e66bee1814251ecd293aaf9033f Mon Sep 17 00:00:00 2001 From: Allo Date: Wed, 27 Dec 2023 12:19:52 +0800 Subject: [PATCH 071/100] fix(conf): add Windows support for Unix Domain Socket in the fallback settings --- infra/conf/trojan.go | 29 ++++++++++++++--------------- infra/conf/vless.go | 29 ++++++++++++++--------------- 2 files changed, 28 insertions(+), 30 deletions(-) diff --git a/infra/conf/trojan.go b/infra/conf/trojan.go index 2cd1e520..6bc2385f 100644 --- a/infra/conf/trojan.go +++ b/infra/conf/trojan.go @@ -2,8 +2,10 @@ package conf import ( "encoding/json" + "path/filepath" "runtime" "strconv" + "strings" "syscall" "github.com/xtls/xray-core/common/net" @@ -147,22 +149,19 @@ func (c *TrojanServerConfig) Build() (proto.Message, error) { if fb.Type == "" && fb.Dest != "" { if fb.Dest == "serve-ws-none" { fb.Type = "serve" + } else if filepath.IsAbs(fb.Dest) || fb.Dest[0] == '@' { + fb.Type = "unix" + if strings.HasPrefix(fb.Dest, "@@") && (runtime.GOOS == "linux" || runtime.GOOS == "android") { + fullAddr := make([]byte, len(syscall.RawSockaddrUnix{}.Path)) // may need padding to work with haproxy + copy(fullAddr, fb.Dest[1:]) + fb.Dest = string(fullAddr) + } } else { - switch fb.Dest[0] { - case '@', '/': - fb.Type = "unix" - if fb.Dest[0] == '@' && len(fb.Dest) > 1 && fb.Dest[1] == '@' && (runtime.GOOS == "linux" || runtime.GOOS == "android") { - fullAddr := make([]byte, len(syscall.RawSockaddrUnix{}.Path)) // may need padding to work with haproxy - copy(fullAddr, fb.Dest[1:]) - fb.Dest = string(fullAddr) - } - default: - if _, err := strconv.Atoi(fb.Dest); err == nil { - fb.Dest = "127.0.0.1:" + fb.Dest - } - if _, _, err := net.SplitHostPort(fb.Dest); err == nil { - fb.Type = "tcp" - } + if _, err := strconv.Atoi(fb.Dest); err == nil { + fb.Dest = "127.0.0.1:" + fb.Dest + } + if _, _, err := net.SplitHostPort(fb.Dest); err == nil { + fb.Type = "tcp" } } } diff --git a/infra/conf/vless.go b/infra/conf/vless.go index 2e5c5d64..9d293555 100644 --- a/infra/conf/vless.go +++ b/infra/conf/vless.go @@ -2,8 +2,10 @@ package conf import ( "encoding/json" + "path/filepath" "runtime" "strconv" + "strings" "syscall" "github.com/xtls/xray-core/common/net" @@ -103,22 +105,19 @@ func (c *VLessInboundConfig) Build() (proto.Message, error) { if fb.Type == "" && fb.Dest != "" { if fb.Dest == "serve-ws-none" { fb.Type = "serve" + } else if filepath.IsAbs(fb.Dest) || fb.Dest[0] == '@' { + fb.Type = "unix" + if strings.HasPrefix(fb.Dest, "@@") && (runtime.GOOS == "linux" || runtime.GOOS == "android") { + fullAddr := make([]byte, len(syscall.RawSockaddrUnix{}.Path)) // may need padding to work with haproxy + copy(fullAddr, fb.Dest[1:]) + fb.Dest = string(fullAddr) + } } else { - switch fb.Dest[0] { - case '@', '/': - fb.Type = "unix" - if fb.Dest[0] == '@' && len(fb.Dest) > 1 && fb.Dest[1] == '@' && (runtime.GOOS == "linux" || runtime.GOOS == "android") { - fullAddr := make([]byte, len(syscall.RawSockaddrUnix{}.Path)) // may need padding to work with haproxy - copy(fullAddr, fb.Dest[1:]) - fb.Dest = string(fullAddr) - } - default: - if _, err := strconv.Atoi(fb.Dest); err == nil { - fb.Dest = "127.0.0.1:" + fb.Dest - } - if _, _, err := net.SplitHostPort(fb.Dest); err == nil { - fb.Type = "tcp" - } + if _, err := strconv.Atoi(fb.Dest); err == nil { + fb.Dest = "127.0.0.1:" + fb.Dest + } + if _, _, err := net.SplitHostPort(fb.Dest); err == nil { + fb.Type = "tcp" } } } From 44bb83033f238675b2e94024edf001e3720ae53f Mon Sep 17 00:00:00 2001 From: nobody <59990325+vrnobody@users.noreply.github.com> Date: Sat, 30 Dec 2023 00:16:48 +0800 Subject: [PATCH 072/100] Add sub-command "-dump" to "run". (#2854) * Add MarshalToJson(). * Add cmd arg -dump for printing out merged multiple json configs. --------- Co-authored-by: nobody --- common/log/logger.go | 32 ++++++ common/reflect/marshal.go | 173 ++++++++++++++++++++++++++++++ common/reflect/marshal_test.go | 187 +++++++++++++++++++++++++++++++++ core/config.go | 19 ++++ infra/conf/serial/builder.go | 26 ++++- main/run.go | 49 +++++++-- 6 files changed, 476 insertions(+), 10 deletions(-) create mode 100644 common/reflect/marshal.go create mode 100644 common/reflect/marshal_test.go diff --git a/common/log/logger.go b/common/log/logger.go index 79507964..d964a212 100644 --- a/common/log/logger.go +++ b/common/log/logger.go @@ -27,6 +27,11 @@ type generalLogger struct { done *done.Instance } +type serverityLogger struct { + inner *generalLogger + logLevel Severity +} + // NewLogger returns a generic log handler that can handle all type of messages. func NewLogger(logWriterCreator WriterCreator) Handler { return &generalLogger{ @@ -37,6 +42,32 @@ func NewLogger(logWriterCreator WriterCreator) Handler { } } +func ReplaceWithSeverityLogger(serverity Severity) { + w := CreateStdoutLogWriter() + g := &generalLogger{ + creator: w, + buffer: make(chan Message, 16), + access: semaphore.New(1), + done: done.New(), + } + s := &serverityLogger{ + inner: g, + logLevel: serverity, + } + RegisterHandler(s) +} + +func (l *serverityLogger) Handle(msg Message) { + switch msg := msg.(type) { + case *GeneralMessage: + if msg.Severity <= l.logLevel { + l.inner.Handle(msg) + } + default: + l.inner.Handle(msg) + } +} + func (l *generalLogger) run() { defer l.access.Signal() @@ -67,6 +98,7 @@ func (l *generalLogger) run() { } func (l *generalLogger) Handle(msg Message) { + select { case l.buffer <- msg: default: diff --git a/common/reflect/marshal.go b/common/reflect/marshal.go new file mode 100644 index 00000000..96e83351 --- /dev/null +++ b/common/reflect/marshal.go @@ -0,0 +1,173 @@ +package reflect + +import ( + "encoding/json" + "reflect" + "slices" + + cserial "github.com/xtls/xray-core/common/serial" +) + +func MarshalToJson(v interface{}) (string, bool) { + if itf := marshalInterface(v, true); itf != nil { + if b, err := json.MarshalIndent(itf, "", " "); err == nil { + return string(b[:]), true + } + } + return "", false +} + +func marshalTypedMessage(v *cserial.TypedMessage, ignoreNullValue bool) interface{} { + tmsg, err := v.GetInstance() + if err != nil { + return nil + } + r := marshalInterface(tmsg, ignoreNullValue) + if msg, ok := r.(map[string]interface{}); ok { + msg["_TypedMessage_"] = v.Type + } + return r +} + +func marshalSlice(v reflect.Value, ignoreNullValue bool) interface{} { + r := make([]interface{}, 0) + for i := 0; i < v.Len(); i++ { + rv := v.Index(i) + if rv.CanInterface() { + value := rv.Interface() + r = append(r, marshalInterface(value, ignoreNullValue)) + } + } + return r +} + +func marshalStruct(v reflect.Value, ignoreNullValue bool) interface{} { + r := make(map[string]interface{}) + t := v.Type() + for i := 0; i < v.NumField(); i++ { + rv := v.Field(i) + if rv.CanInterface() { + ft := t.Field(i) + name := ft.Name + value := rv.Interface() + tv := marshalInterface(value, ignoreNullValue) + if tv != nil || !ignoreNullValue { + r[name] = tv + } + } + } + return r +} + +func marshalMap(v reflect.Value, ignoreNullValue bool) interface{} { + // policy.level is map[uint32] *struct + kt := v.Type().Key() + vt := reflect.TypeOf((*interface{})(nil)) + mt := reflect.MapOf(kt, vt) + r := reflect.MakeMap(mt) + for _, key := range v.MapKeys() { + rv := v.MapIndex(key) + if rv.CanInterface() { + iv := rv.Interface() + tv := marshalInterface(iv, ignoreNullValue) + if tv != nil || !ignoreNullValue { + r.SetMapIndex(key, reflect.ValueOf(&tv)) + } + } + } + return r.Interface() +} + +func marshalIString(v interface{}) (r string, ok bool) { + defer func() { + if err := recover(); err != nil { + r = "" + ok = false + } + }() + + if iStringFn, ok := v.(interface{ String() string }); ok { + return iStringFn.String(), true + } + return "", false +} + +func marshalKnownType(v interface{}, ignoreNullValue bool) (interface{}, bool) { + switch ty := v.(type) { + case cserial.TypedMessage: + return marshalTypedMessage(&ty, ignoreNullValue), true + case *cserial.TypedMessage: + return marshalTypedMessage(ty, ignoreNullValue), true + case map[string]json.RawMessage: + return ty, true + case []json.RawMessage: + return ty, true + case *json.RawMessage: + return ty, true + case json.RawMessage: + return ty, true + default: + return nil, false + } +} + +var valueKinds = []reflect.Kind{ + reflect.Bool, + reflect.Int, + reflect.Int8, + reflect.Int16, + reflect.Int32, + reflect.Int64, + reflect.Uint, + reflect.Uint8, + reflect.Uint16, + reflect.Uint32, + reflect.Uint64, + reflect.Uintptr, + reflect.Float32, + reflect.Float64, + reflect.Complex64, + reflect.Complex128, + reflect.String, +} + +func isValueKind(kind reflect.Kind) bool { + return slices.Contains(valueKinds, kind) +} + +func marshalInterface(v interface{}, ignoreNullValue bool) interface{} { + + if r, ok := marshalKnownType(v, ignoreNullValue); ok { + return r + } + + rv := reflect.ValueOf(v) + if rv.Kind() == reflect.Ptr { + rv = rv.Elem() + } + k := rv.Kind() + if k == reflect.Invalid { + return nil + } + if isValueKind(k) { + return v + } + + switch k { + case reflect.Struct: + return marshalStruct(rv, ignoreNullValue) + case reflect.Slice: + return marshalSlice(rv, ignoreNullValue) + case reflect.Array: + return marshalSlice(rv, ignoreNullValue) + case reflect.Map: + return marshalMap(rv, ignoreNullValue) + default: + break + } + + if str, ok := marshalIString(v); ok { + return str + } + return nil +} diff --git a/common/reflect/marshal_test.go b/common/reflect/marshal_test.go new file mode 100644 index 00000000..377ad4e9 --- /dev/null +++ b/common/reflect/marshal_test.go @@ -0,0 +1,187 @@ +package reflect_test + +import ( + "bytes" + "encoding/json" + "strings" + "testing" + + . "github.com/xtls/xray-core/common/reflect" + cserial "github.com/xtls/xray-core/common/serial" + iserial "github.com/xtls/xray-core/infra/conf/serial" +) + +func TestMashalStruct(t *testing.T) { + type Foo = struct { + N int `json:"n"` + Np *int `json:"np"` + S string `json:"s"` + Arr *[]map[string]map[string]string `json:"arr"` + } + + n := 1 + np := &n + arr := make([]map[string]map[string]string, 0) + m1 := make(map[string]map[string]string, 0) + m2 := make(map[string]string, 0) + m2["hello"] = "world" + m1["foo"] = m2 + + arr = append(arr, m1) + + f1 := Foo{ + N: n, + Np: np, + S: "hello", + Arr: &arr, + } + + s, ok1 := MarshalToJson(f1) + sp, ok2 := MarshalToJson(&f1) + + if !ok1 || !ok2 || s != sp { + t.Error("marshal failed") + } + + f2 := Foo{} + if json.Unmarshal([]byte(s), &f2) != nil { + t.Error("json unmarshal failed") + } + + v := (*f2.Arr)[0]["foo"]["hello"] + + if f1.N != f2.N || *(f1.Np) != *(f2.Np) || f1.S != f2.S || v != "world" { + t.Error("f1 not equal to f2") + } +} + +func TestMarshalConfigJson(t *testing.T) { + + buf := bytes.NewBufferString(getConfig()) + config, err := iserial.DecodeJSONConfig(buf) + if err != nil { + t.Error("decode JSON config failed") + } + + bc, err := config.Build() + if err != nil { + t.Error("build core config failed") + } + + tmsg := cserial.ToTypedMessage(bc) + tc, ok := MarshalToJson(tmsg) + if !ok { + t.Error("marshal config failed") + } + + // t.Log(tc) + + keywords := []string{ + "4784f9b8-a879-4fec-9718-ebddefa47750", + "bing.com", + "DomainStrategy", + "InboundTag", + "Level", + "Stats", + "UserDownlink", + "UserUplink", + "System", + "InboundDownlink", + "OutboundUplink", + } + for _, kw := range keywords { + if !strings.Contains(tc, kw) { + t.Error("marshaled config error") + } + } +} + +func getConfig() string { + return `{ + "log": { + "loglevel": "debug" + }, + "stats": {}, + "policy": { + "levels": { + "0": { + "statsUserUplink": true, + "statsUserDownlink": true + } + }, + "system": { + "statsInboundUplink": true, + "statsInboundDownlink": true, + "statsOutboundUplink": true, + "statsOutboundDownlink": true + } + }, + "inbounds": [ + { + "tag": "agentin", + "protocol": "http", + "port": 8080, + "listen": "127.0.0.1", + "settings": {} + }, + { + "listen": "127.0.0.1", + "port": 10085, + "protocol": "dokodemo-door", + "settings": { + "address": "127.0.0.1" + }, + "tag": "api-in" + } + ], + "api": { + "tag": "api", + "services": [ + "HandlerService", + "StatsService" + ] + }, + "routing": { + "rules": [ + { + "inboundTag": [ + "api-in" + ], + "outboundTag": "api", + "type": "field" + } + ], + "domainStrategy": "AsIs" + }, + "outbounds": [ + { + "protocol": "vless", + "settings": { + "vnext": [ + { + "address": "1.2.3.4", + "port": 1234, + "users": [ + { + "id": "4784f9b8-a879-4fec-9718-ebddefa47750", + "encryption": "none" + } + ] + } + ] + }, + "tag": "agentout", + "streamSettings": { + "network": "ws", + "security": "none", + "wsSettings": { + "path": "/?ed=2048", + "headers": { + "Host": "bing.com" + } + } + } + } + ] + }` +} diff --git a/core/config.go b/core/config.go index f4077449..ec5ad6a4 100644 --- a/core/config.go +++ b/core/config.go @@ -2,6 +2,7 @@ package core import ( "io" + "slices" "strings" "github.com/xtls/xray-core/common" @@ -24,10 +25,14 @@ type ConfigLoader func(input interface{}) (*Config, error) // ConfigBuilder is a builder to build core.Config from filenames and formats type ConfigBuilder func(files []string, formats []string) (*Config, error) +// ConfigMerger merge multiple json configs into on config +type ConfigsMerger func(files []string, formats []string) (string, error) + var ( configLoaderByName = make(map[string]*ConfigFormat) configLoaderByExt = make(map[string]*ConfigFormat) ConfigBuilderForFiles ConfigBuilder + ConfigMergedFormFiles ConfigsMerger ) // RegisterConfigLoader add a new ConfigLoader. @@ -49,6 +54,20 @@ func RegisterConfigLoader(format *ConfigFormat) error { return nil } +func GetMergedConfig(args cmdarg.Arg) (string, error) { + files := make([]string, 0) + formats := make([]string, 0) + supported := []string{"json", "yaml", "toml"} + for _, file := range args { + format := getFormat(file) + if slices.Contains(supported, format) { + files = append(files, file) + formats = append(formats, format) + } + } + return ConfigMergedFormFiles(files, formats) +} + func GetFormatByExtension(ext string) string { switch strings.ToLower(ext) { case "pb", "protobuf": diff --git a/infra/conf/serial/builder.go b/infra/conf/serial/builder.go index 443dbdb0..88ea9e65 100644 --- a/infra/conf/serial/builder.go +++ b/infra/conf/serial/builder.go @@ -3,12 +3,25 @@ package serial import ( "io" + creflect "github.com/xtls/xray-core/common/reflect" "github.com/xtls/xray-core/core" "github.com/xtls/xray-core/infra/conf" "github.com/xtls/xray-core/main/confloader" ) -func BuildConfig(files []string, formats []string) (*core.Config, error) { +func MergeConfigFromFiles(files []string, formats []string) (string, error) { + c, err := mergeConfigs(files, formats) + if err != nil { + return "", err + } + + if j, ok := creflect.MarshalToJson(c); ok { + return j, nil + } + return "", newError("marshal to json failed.").AtError() +} + +func mergeConfigs(files []string, formats []string) (*conf.Config, error) { cf := &conf.Config{} for i, file := range files { newError("Reading config: ", file).AtInfo().WriteToLog() @@ -26,7 +39,15 @@ func BuildConfig(files []string, formats []string) (*core.Config, error) { } cf.Override(c, file) } - return cf.Build() + return cf, nil +} + +func BuildConfig(files []string, formats []string) (*core.Config, error) { + config, err := mergeConfigs(files, formats) + if err != nil { + return nil, err + } + return config.Build() } type readerDecoder func(io.Reader) (*conf.Config, error) @@ -39,4 +60,5 @@ func init() { ReaderDecoderByFormat["toml"] = DecodeTOMLConfig core.ConfigBuilderForFiles = BuildConfig + core.ConfigMergedFormFiles = MergeConfigFromFiles } diff --git a/main/run.go b/main/run.go index 1f8a4b88..f54d7480 100644 --- a/main/run.go +++ b/main/run.go @@ -12,8 +12,10 @@ import ( "runtime/debug" "strings" "syscall" + "time" "github.com/xtls/xray-core/common/cmdarg" + clog "github.com/xtls/xray-core/common/log" "github.com/xtls/xray-core/common/platform" "github.com/xtls/xray-core/core" "github.com/xtls/xray-core/main/commands/base" @@ -34,7 +36,9 @@ The -format=json flag sets the format of config files. Default "auto". The -test flag tells Xray to test config files only, -without launching the server +without launching the server. + +The -dump flag tells Xray to print the merged config. `, } @@ -45,6 +49,7 @@ func init() { var ( configFiles cmdarg.Arg // "Config file for Xray.", the option is customed type, parse in main configDir string + dump = cmdRun.Flag.Bool("dump", false, "Dump merged config only, without launching Xray server.") test = cmdRun.Flag.Bool("test", false, "Test config file only, without launching Xray server.") format = cmdRun.Flag.String("format", "auto", "Format of input file.") @@ -61,6 +66,12 @@ var ( ) func executeRun(cmd *base.Command, args []string) { + if *dump { + clog.ReplaceWithSeverityLogger(clog.Severity_Warning) + errCode := dumpConfig() + os.Exit(errCode) + } + printVersion() server, err := startXray() if err != nil { @@ -97,6 +108,18 @@ func executeRun(cmd *base.Command, args []string) { } } +func dumpConfig() int { + files := getConfigFilePath(false) + if config, err := core.GetMergedConfig(files); err != nil { + fmt.Println(err) + time.Sleep(1 * time.Second) + return 23 + } else { + fmt.Print(config) + } + return 0 +} + func fileExists(file string) bool { info, err := os.Stat(file) return err == nil && !info.IsDir() @@ -139,12 +162,16 @@ func readConfDir(dirPath string) { } } -func getConfigFilePath() cmdarg.Arg { +func getConfigFilePath(verbose bool) cmdarg.Arg { if dirExists(configDir) { - log.Println("Using confdir from arg:", configDir) + if verbose { + log.Println("Using confdir from arg:", configDir) + } readConfDir(configDir) } else if envConfDir := platform.GetConfDirPath(); dirExists(envConfDir) { - log.Println("Using confdir from env:", envConfDir) + if verbose { + log.Println("Using confdir from env:", envConfDir) + } readConfDir(envConfDir) } @@ -155,17 +182,23 @@ func getConfigFilePath() cmdarg.Arg { if workingDir, err := os.Getwd(); err == nil { configFile := filepath.Join(workingDir, "config.json") if fileExists(configFile) { - log.Println("Using default config: ", configFile) + if verbose { + log.Println("Using default config: ", configFile) + } return cmdarg.Arg{configFile} } } if configFile := platform.GetConfigurationPath(); fileExists(configFile) { - log.Println("Using config from env: ", configFile) + if verbose { + log.Println("Using config from env: ", configFile) + } return cmdarg.Arg{configFile} } - log.Println("Using config from STDIN") + if verbose { + log.Println("Using config from STDIN") + } return cmdarg.Arg{"stdin:"} } @@ -178,7 +211,7 @@ func getConfigFormat() string { } func startXray() (core.Server, error) { - configFiles := getConfigFilePath() + configFiles := getConfigFilePath(true) // config, err := core.LoadConfig(getConfigFormat(), configFiles[0], configFiles) From 60f7a03e1b5e952f9d15f1a136bfabd24e80d9bd Mon Sep 17 00:00:00 2001 From: dop-bot <95738113+dop-bot@users.noreply.github.com> Date: Tue, 2 Jan 2024 12:03:36 +0800 Subject: [PATCH 073/100] fix(dns): avoid early return when dns query refused (#2878) * avoid early return when dns query refused * address reviews --- app/dns/dns.go | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/app/dns/dns.go b/app/dns/dns.go index 6efcb825..3b173677 100644 --- a/app/dns/dns.go +++ b/app/dns/dns.go @@ -215,7 +215,8 @@ func (s *DNS) LookupIP(domain string, option dns.IPOption) ([]net.IP, error) { newError("failed to lookup ip for domain ", domain, " at server ", client.Name()).Base(err).WriteToLog() errs = append(errs, err) } - if err != context.Canceled && err != context.DeadlineExceeded && err != errExpectedIPNonMatch && err != dns.ErrEmptyResponse { + // 5 for RcodeRefused in miekg/dns, hardcode to reduce binary size + if err != context.Canceled && err != context.DeadlineExceeded && err != errExpectedIPNonMatch && err != dns.ErrEmptyResponse && dns.RCodeFromError(err) != 5 { return nil, err } } From 7b4db50c9ddcb8bcfc41c1260ff97c47a4748451 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E3=83=81=E3=82=BB?= <123655015+chise0713@users.noreply.github.com> Date: Tue, 2 Jan 2024 23:13:38 +0800 Subject: [PATCH 074/100] Feat: Using `Makefile` to build xray (#2882) * Feat: Using `Makefile` to build xray * Typo --- .github/workflows/release.yml | 29 ++--------------------------- .gitignore | 2 ++ Makefile | 29 +++++++++++++++++++++++++++++ README.md | 10 +--------- 4 files changed, 34 insertions(+), 36 deletions(-) create mode 100644 Makefile diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index e33b18b7..86335113 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -173,36 +173,11 @@ jobs: - name: Get project dependencies run: go mod download - - name: Replace Custom to Commit ID - if: github.event_name != 'release' - run: | - ID=$(git rev-parse --short ${{ github.sha }}) - if [ "${{ github.event_name }}" == 'pull_request' ] - then - ID=$(git rev-parse --short ${{ github.event.pull_request.head.sha }}) - fi - sed -i '/build/ s/Custom/'$ID'/' ./core/core.go - - name: Build Xray run: | mkdir -p build_assets - go build -v -o build_assets/xray -trimpath -ldflags "-s -w -buildid=" ./main - - - name: Build background Xray on Windows - if: matrix.goos == 'windows' - run: | - go build -v -o build_assets/wxray.exe -trimpath -ldflags "-s -w -H windowsgui -buildid=" ./main - - - name: Build Mips softfloat Xray - if: matrix.goarch == 'mips' || matrix.goarch == 'mipsle' - run: | - GOMIPS=softfloat go build -v -o build_assets/xray_softfloat -trimpath -ldflags "-s -w -buildid=" ./main - - - name: Rename Windows Xray - if: matrix.goos == 'windows' - run: | - cd ./build_assets || exit 1 - mv xray xray.exe + make + find . -maxdepth 1 -type f -regex '.*\(wxray\|xray\|xray_softfloat\)\(\|.exe\)' -exec mv {} ./build_assets/ \; - name: Restore Cache uses: actions/cache/restore@v3 diff --git a/.gitignore b/.gitignore index 9242f587..c77bc579 100644 --- a/.gitignore +++ b/.gitignore @@ -19,6 +19,7 @@ *.zip *.tar.gz xray +xray_softfloat mockgen vprotogen !infra/vprotogen/ @@ -26,3 +27,4 @@ errorgen !common/errors/errorgen/ *.dat .vscode +/build_assets diff --git a/Makefile b/Makefile new file mode 100644 index 00000000..f69a9b2b --- /dev/null +++ b/Makefile @@ -0,0 +1,29 @@ +NAME = xray + +VERSION=$(shell git describe --always --dirty) + +LDFLAGS = -X github.com/xtls/xray-core/core.build=$(VERSION) -s -w -buildid= +PARAMS = -trimpath -ldflags "$(LDFLAGS)" -v +MAIN = ./main +PREFIX ?= $(shell go env GOPATH) +ifeq ($(GOOS),windows) +OUTPUT = $(NAME).exe +ADDITION = go build -o w$(NAME).exe -trimpath -ldflags "-H windowsgui $(LDFLAGS)" -v $(MAIN) +else +OUTPUT = $(NAME) +endif +ifeq ($(shell echo "$(GOARCH)" | grep -Pq "(mips|mipsle)" && echo true),true) # +ADDITION = GOMIPS=softfloat go build -o $(NAME)_softfloat -trimpath -ldflags "$(LDFLAGS)" -v $(MAIN) +endif +.PHONY: clean + +build: + go build -o $(OUTPUT) $(PARAMS) $(MAIN) + $(ADDITION) + +install: + go build -o $(PREFIX)/bin/$(OUTPUT) $(PARAMS) $(MAIN) + +clean: + go clean -v -i $(PWD) + rm -f xray xray.exe wxray.exe xray_softfloat \ No newline at end of file diff --git a/README.md b/README.md index 001654dc..df1537d8 100644 --- a/README.md +++ b/README.md @@ -125,16 +125,8 @@ ## Compilation -### Windows - ```bash -go build -o xray.exe -trimpath -ldflags "-s -w -buildid=" ./main -``` - -### Linux / macOS - -```bash -go build -o xray -trimpath -ldflags "-s -w -buildid=" ./main +make ``` ## Stargazers over time From 2fc4b31fcf5fac9a1b1774d3605d218a18e91ce8 Mon Sep 17 00:00:00 2001 From: Lars Lehtonen Date: Tue, 2 Jan 2024 10:23:11 -0800 Subject: [PATCH 075/100] common/singbridge: fix dropped context --- common/singbridge/dialer.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/common/singbridge/dialer.go b/common/singbridge/dialer.go index dfc128d8..896c97fe 100644 --- a/common/singbridge/dialer.go +++ b/common/singbridge/dialer.go @@ -43,7 +43,7 @@ func NewOutboundDialer(outbound proxy.Outbound, dialer internet.Dialer) *XrayOut } func (d *XrayOutboundDialer) DialContext(ctx context.Context, network string, destination M.Socksaddr) (net.Conn, error) { - ctx = session.ContextWithOutbound(context.Background(), &session.Outbound{ + ctx = session.ContextWithOutbound(ctx, &session.Outbound{ Target: ToDestination(destination, ToNetwork(network)), }) opts := []pipe.Option{pipe.WithSizeLimit(64 * 1024)} From 9a2ab9b6a3331de03d1ca0cd15c9a77d2b9f4c58 Mon Sep 17 00:00:00 2001 From: hossinasaadi Date: Sun, 7 Jan 2024 20:07:39 +0400 Subject: [PATCH 076/100] fix roundRobin --- app/router/balancing.go | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/app/router/balancing.go b/app/router/balancing.go index ad0a3b36..e6f29a67 100644 --- a/app/router/balancing.go +++ b/app/router/balancing.go @@ -2,6 +2,7 @@ package router import ( "context" + reflect "reflect" sync "sync" "github.com/xtls/xray-core/common/dice" @@ -49,7 +50,7 @@ func (s *RoundRobinStrategy) PickOutbound(tags []string) string { if len(tags) == 0 { panic("0 tags") } - if s.roundRobin == nil { + if s.roundRobin == nil || !reflect.DeepEqual(s.roundRobin.tags, tags) { s.roundRobin = NewRoundRobin(tags) } tag := s.roundRobin.NextTag() From 3f0bc134298cf512bd29660221a030db91594faf Mon Sep 17 00:00:00 2001 From: yuhan6665 <1588741+yuhan6665@users.noreply.github.com> Date: Tue, 2 Jan 2024 20:14:42 -0500 Subject: [PATCH 077/100] Update 1.8.7 and dependencies --- core/core.go | 2 +- go.mod | 30 +++++++++++++------------- go.sum | 59 ++++++++++++++++++++++++++-------------------------- 3 files changed, 46 insertions(+), 45 deletions(-) diff --git a/core/core.go b/core/core.go index d11fa273..09a591f2 100644 --- a/core/core.go +++ b/core/core.go @@ -21,7 +21,7 @@ import ( var ( Version_x byte = 1 Version_y byte = 8 - Version_z byte = 6 + Version_z byte = 7 ) var ( diff --git a/go.mod b/go.mod index 09a5a803..e004d90b 100644 --- a/go.mod +++ b/go.mod @@ -12,19 +12,19 @@ require ( github.com/pires/go-proxyproto v0.7.0 github.com/quic-go/quic-go v0.40.1 github.com/refraction-networking/utls v1.6.0 - github.com/sagernet/sing v0.3.0-beta.2 + github.com/sagernet/sing v0.3.0 github.com/sagernet/sing-shadowsocks v0.2.6 github.com/seiflotfy/cuckoofilter v0.0.0-20220411075957-e3b120b3f5fb github.com/stretchr/testify v1.8.4 github.com/v2fly/ss-bloomring v0.0.0-20210312155135-28617310f63e github.com/vishvananda/netlink v1.2.1-beta.2.0.20230316163032-ced5aaba43e3 github.com/xtls/reality v0.0.0-20231112171332-de1173cf2b19 - go4.org/netipx v0.0.0-20230824141953-6213f710f925 + go4.org/netipx v0.0.0-20231129151722-fdeea329fbba golang.org/x/crypto v0.17.0 golang.org/x/net v0.19.0 - golang.org/x/sync v0.5.0 - golang.org/x/sys v0.15.0 - golang.zx2c4.com/wireguard v0.0.0-20231022001213-2e0774f246fb + golang.org/x/sync v0.6.0 + golang.org/x/sys v0.16.0 + golang.zx2c4.com/wireguard v0.0.0-20231211153847-12269c276173 google.golang.org/grpc v1.60.1 google.golang.org/protobuf v1.32.0 gvisor.dev/gvisor v0.0.0-20231104011432-48a6d7d5bd0b @@ -34,29 +34,29 @@ require ( require ( github.com/andybalholm/brotli v1.0.6 // indirect - github.com/cloudflare/circl v1.3.6 // indirect + github.com/cloudflare/circl v1.3.7 // indirect github.com/davecgh/go-spew v1.1.1 // indirect github.com/dgryski/go-metro v0.0.0-20211217172704-adc40b04c140 // indirect github.com/francoispqt/gojay v1.2.13 // indirect github.com/go-task/slim-sprig v0.0.0-20230315185526-52ccab3ef572 // indirect github.com/golang/protobuf v1.5.3 // indirect github.com/google/btree v1.1.2 // indirect - github.com/google/pprof v0.0.0-20231101202521-4ca4178f5c7a // indirect - github.com/klauspost/compress v1.17.2 // indirect + github.com/google/pprof v0.0.0-20231229205709-960ae82b1e42 // indirect + github.com/klauspost/compress v1.17.4 // indirect github.com/klauspost/cpuid/v2 v2.2.6 // indirect - github.com/onsi/ginkgo/v2 v2.13.1 // indirect + github.com/onsi/ginkgo/v2 v2.13.2 // indirect github.com/pmezard/go-difflib v1.0.0 // indirect github.com/quic-go/qtls-go1-20 v0.4.1 // indirect github.com/riobard/go-bloom v0.0.0-20200614022211-cdc8013cb5b3 // indirect - github.com/vishvananda/netns v0.0.0-20200728191858-db3c7e526aae // indirect - go.uber.org/mock v0.3.0 // indirect - golang.org/x/exp v0.0.0-20231110203233-9a3e6036ecaa // indirect + github.com/vishvananda/netns v0.0.4 // indirect + go.uber.org/mock v0.4.0 // indirect + golang.org/x/exp v0.0.0-20240103183307-be819d1f06fc // indirect golang.org/x/mod v0.14.0 // indirect golang.org/x/text v0.14.0 // indirect - golang.org/x/time v0.4.0 // indirect - golang.org/x/tools v0.15.0 // indirect + golang.org/x/time v0.5.0 // indirect + golang.org/x/tools v0.16.1 // indirect golang.zx2c4.com/wintun v0.0.0-20230126152724-0fa3db229ce2 // indirect - google.golang.org/genproto/googleapis/rpc v0.0.0-20231106174013-bbf56f31fb17 // indirect + google.golang.org/genproto/googleapis/rpc v0.0.0-20240102182953-50ed04b92917 // indirect gopkg.in/yaml.v2 v2.4.0 // indirect gopkg.in/yaml.v3 v3.0.1 // indirect ) diff --git a/go.sum b/go.sum index d02298e3..3b1016bb 100644 --- a/go.sum +++ b/go.sum @@ -15,8 +15,8 @@ github.com/beorn7/perks v0.0.0-20180321164747-3a771d992973/go.mod h1:Dwedo/Wpr24 github.com/bradfitz/go-smtpd v0.0.0-20170404230938-deb6d6237625/go.mod h1:HYsPBTaaSFSlLx/70C2HPIMNZpVV8+vt/A+FMnYP11g= github.com/buger/jsonparser v0.0.0-20181115193947-bf1c66bbce23/go.mod h1:bbYlZJ7hK1yFx9hf58LP0zeX7UjIGs20ufpu3evjr+s= github.com/client9/misspell v0.3.4/go.mod h1:qj6jICC3Q7zFZvVWo7KLAzC3yx5G7kyvSDkc90ppPyw= -github.com/cloudflare/circl v1.3.6 h1:/xbKIqSHbZXHwkhbrhrt2YOHIwYJlXH94E3tI/gDlUg= -github.com/cloudflare/circl v1.3.6/go.mod h1:5XYMA4rFBvNIrhs50XuiBJ15vF2pZn4nnUKZrLbUZFA= +github.com/cloudflare/circl v1.3.7 h1:qlCDlTPz2n9fu58M0Nh1J/JzcFpfgkFHHX3O35r5vcU= +github.com/cloudflare/circl v1.3.7/go.mod h1:sRTcRWXGLrKw6yIGJ+l7amYJFfAXbZG0kBSc8r4zxgA= github.com/coreos/go-systemd v0.0.0-20181012123002-c6f51f82210d/go.mod h1:F5haX7vjVVG0kc13fIWeqUViNPyEJxv/OmvnBo0Yme4= github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= @@ -61,8 +61,8 @@ github.com/google/go-github v17.0.0+incompatible/go.mod h1:zLgOLi98H3fifZn+44m+u github.com/google/go-querystring v1.0.0/go.mod h1:odCYkC5MyYFN7vkCjXpyrEuKhc/BUO6wN/zVPAxq5ck= github.com/google/martian v2.1.0+incompatible/go.mod h1:9I4somxYTbIHy5NJKHRl3wXiIaQGbYVAs8BPL6v8lEs= github.com/google/pprof v0.0.0-20181206194817-3ea8567a2e57/go.mod h1:zfwlbNMJ+OItoe0UupaVj+oy1omPYYDuagoSzA8v9mc= -github.com/google/pprof v0.0.0-20231101202521-4ca4178f5c7a h1:fEBsGL/sjAuJrgah5XqmmYsTLzJp/TO9Lhy39gkverk= -github.com/google/pprof v0.0.0-20231101202521-4ca4178f5c7a/go.mod h1:czg5+yv1E0ZGTi6S6vVK1mke0fV+FaUhNGcd6VRS9Ik= +github.com/google/pprof v0.0.0-20231229205709-960ae82b1e42 h1:dHLYa5D8/Ta0aLR2XcPsrkpAgGeFs6thhMcQK0oQ0n8= +github.com/google/pprof v0.0.0-20231229205709-960ae82b1e42/go.mod h1:czg5+yv1E0ZGTi6S6vVK1mke0fV+FaUhNGcd6VRS9Ik= github.com/googleapis/gax-go v2.0.0+incompatible/go.mod h1:SFVmujtThgffbyetf+mdk2eWhX2bMyUtNHzFKcPA9HY= github.com/googleapis/gax-go/v2 v2.0.3/go.mod h1:LLvjysVCY1JZeum8Z6l8qUty8fiNwE08qbEPm1M08qg= github.com/gopherjs/gopherjs v0.0.0-20181017120253-0766667cb4d1/go.mod h1:wJfORRmW1u3UXTncJ5qlYoELFm8eSnnEO6hX4iZ3EWY= @@ -76,8 +76,8 @@ github.com/jellevandenhooff/dkim v0.0.0-20150330215556-f50fe3d243e1/go.mod h1:E0 github.com/json-iterator/go v1.1.6/go.mod h1:+SdeFBvtyEkXs7REEP0seUULqWtbJapLOCVDaaPEHmU= github.com/jstemmer/go-junit-report v0.0.0-20190106144839-af01ea7f8024/go.mod h1:6v2b51hI/fHJwM22ozAgKL4VKDeJcHhJFhtBdhmNjmU= github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck= -github.com/klauspost/compress v1.17.2 h1:RlWWUY/Dr4fL8qk9YG7DTZ7PDgME2V4csBXA8L/ixi4= -github.com/klauspost/compress v1.17.2/go.mod h1:ntbaceVETuRiXiv4DpjP66DpAtAGkEQskQzEyD//IeE= +github.com/klauspost/compress v1.17.4 h1:Ej5ixsIri7BrIjBkRZLTo6ghwrEtHFk7ijlczPW4fZ4= +github.com/klauspost/compress v1.17.4/go.mod h1:/dCuZOvVtNoHsyb+cuJD3itjs3NbnF6KH9zAO4BDxPM= github.com/klauspost/cpuid/v2 v2.2.6 h1:ndNyv040zDGIDh8thGkXYjnFtiN02M1PVVF+JE/48xc= github.com/klauspost/cpuid/v2 v2.2.6/go.mod h1:Lcz8mBdAVJIBVzewtcLocK12l3Y+JytZYpaMropDUws= github.com/kr/pretty v0.1.0 h1:L/CwN0zerZDmRFUapSPitk6f+Q3+0za1rQkzVuMiMFI= @@ -96,8 +96,8 @@ github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd/go.mod h1:6dJ github.com/modern-go/reflect2 v1.0.1/go.mod h1:bx2lNnkwVCuqBIxFjflWJWanXIb3RllmbCylyMrvgv0= github.com/neelance/astrewrite v0.0.0-20160511093645-99348263ae86/go.mod h1:kHJEU3ofeGjhHklVoIGuVj85JJwZ6kWPaJwCIxgnFmo= github.com/neelance/sourcemap v0.0.0-20151028013722-8c68805598ab/go.mod h1:Qr6/a/Q4r9LP1IltGz7tA7iOK1WonHEYhu1HRBA7ZiM= -github.com/onsi/ginkgo/v2 v2.13.1 h1:LNGfMbR2OVGBfXjvRZIZ2YCTQdGKtPLvuI1rMCCj3OU= -github.com/onsi/ginkgo/v2 v2.13.1/go.mod h1:XStQ8QcGwLyF4HdfcZB8SFOS/MWCgDuXMSBe6zrvLgM= +github.com/onsi/ginkgo/v2 v2.13.2 h1:Bi2gGVkfn6gQcjNjZJVO8Gf0FHzMPf2phUei9tejVMs= +github.com/onsi/ginkgo/v2 v2.13.2/go.mod h1:XStQ8QcGwLyF4HdfcZB8SFOS/MWCgDuXMSBe6zrvLgM= github.com/onsi/gomega v1.29.0 h1:KIA/t2t5UBzoirT4H9tsML45GEbo3ouUnBHsCfD2tVg= github.com/onsi/gomega v1.29.0/go.mod h1:9sxs+SwGrKI0+PWe4Fxa9tFQQBG5xSsSbMXOI8PPpoQ= github.com/openzipkin/zipkin-go v0.1.1/go.mod h1:NtoC/o8u3JlF1lSlyPNswIbeQH9bJTmOf0Erfk+hxe8= @@ -123,8 +123,8 @@ github.com/refraction-networking/utls v1.6.0/go.mod h1:kHJ6R9DFFA0WsRgBM35iiDku4 github.com/riobard/go-bloom v0.0.0-20200614022211-cdc8013cb5b3 h1:f/FNXud6gA3MNr8meMVVGxhp+QBTqY91tM8HjEuMjGg= github.com/riobard/go-bloom v0.0.0-20200614022211-cdc8013cb5b3/go.mod h1:HgjTstvQsPGkxUsCd2KWxErBblirPizecHcpD3ffK+s= github.com/russross/blackfriday v1.5.2/go.mod h1:JO/DiYxRf+HjHt06OyowR9PTA263kcR/rfWxYHBV53g= -github.com/sagernet/sing v0.3.0-beta.2 h1:7wqgP+cMQeHS3M/64WWvJLeX07fLctBkE4+lguAFWeU= -github.com/sagernet/sing v0.3.0-beta.2/go.mod h1:9pfuAH6mZfgnz/YjP6xu5sxx882rfyjpcrTdUpd6w3g= +github.com/sagernet/sing v0.3.0 h1:PIDVFZHnQAAYRL1UYqNM+0k5s8f/tb1lUW6UDcQiOc8= +github.com/sagernet/sing v0.3.0/go.mod h1:9pfuAH6mZfgnz/YjP6xu5sxx882rfyjpcrTdUpd6w3g= github.com/sagernet/sing-shadowsocks v0.2.6 h1:xr7ylAS/q1cQYS8oxKKajhuQcchd5VJJ4K4UZrrpp0s= github.com/sagernet/sing-shadowsocks v0.2.6/go.mod h1:j2YZBIpWIuElPFL/5sJAj470bcn/3QQ5lxZUNKLDNAM= github.com/seiflotfy/cuckoofilter v0.0.0-20220411075957-e3b120b3f5fb h1:XfLJSPIOUX+osiMraVgIrMR27uMXnRJWGm1+GL8/63U= @@ -166,17 +166,18 @@ github.com/viant/assertly v0.4.8/go.mod h1:aGifi++jvCrUaklKEKT0BU95igDNaqkvz+49u github.com/viant/toolbox v0.24.0/go.mod h1:OxMCG57V0PXuIP2HNQrtJf2CjqdmbrOx5EkMILuUhzM= github.com/vishvananda/netlink v1.2.1-beta.2.0.20230316163032-ced5aaba43e3 h1:tkMT5pTye+1NlKIXETU78NXw0fyjnaNHmJyyLyzw8+U= github.com/vishvananda/netlink v1.2.1-beta.2.0.20230316163032-ced5aaba43e3/go.mod h1:cAAsePK2e15YDAMJNyOpGYEWNe4sIghTY7gpz4cX/Ik= -github.com/vishvananda/netns v0.0.0-20200728191858-db3c7e526aae h1:4hwBBUfQCFe3Cym0ZtKyq7L16eZUtYKs+BaHDN6mAns= github.com/vishvananda/netns v0.0.0-20200728191858-db3c7e526aae/go.mod h1:DD4vA1DwXk04H54A1oHXtwZmA0grkVMdPxx/VGLCah0= +github.com/vishvananda/netns v0.0.4 h1:Oeaw1EM2JMxD51g9uhtC0D7erkIjgmj8+JZc26m1YX8= +github.com/vishvananda/netns v0.0.4/go.mod h1:SpkAiCQRtJ6TvvxPnOSyH3BMl6unz3xZlaprSwhNNJM= github.com/xtls/reality v0.0.0-20231112171332-de1173cf2b19 h1:capMfFYRgH9BCLd6A3Er/cH3A9Nz3CU2KwxwOQZIePI= github.com/xtls/reality v0.0.0-20231112171332-de1173cf2b19/go.mod h1:dm4y/1QwzjGaK17ofi0Vs6NpKAHegZky8qk6J2JJZAE= github.com/yuin/goldmark v1.3.5/go.mod h1:mwnBkeHKe2W/ZEtQ+71ViKU8L12m81fl3OWwC1Zlc8k= go.opencensus.io v0.18.0/go.mod h1:vKdFvxhtzZ9onBp9VKHK8z/sRpBMnKAsufL7wlDrCOA= -go.uber.org/mock v0.3.0 h1:3mUxI1No2/60yUYax92Pt8eNOEecx2D3lcXZh2NEZJo= -go.uber.org/mock v0.3.0/go.mod h1:a6FSlNadKUHUa9IP5Vyt1zh4fC7uAwxMutEAscFbkZc= +go.uber.org/mock v0.4.0 h1:VcM4ZOtdbR4f6VXfiOpwpVJDL6lCReaZ6mw31wqh7KU= +go.uber.org/mock v0.4.0/go.mod h1:a6FSlNadKUHUa9IP5Vyt1zh4fC7uAwxMutEAscFbkZc= go4.org v0.0.0-20180809161055-417644f6feb5/go.mod h1:MkTOUMDaeVYJUOUsaDXIhWPZYa1yOyC1qaOBpL57BhE= -go4.org/netipx v0.0.0-20230824141953-6213f710f925 h1:eeQDDVKFkx0g4Hyy8pHgmZaK0EqB4SD6rvKbUdN3ziQ= -go4.org/netipx v0.0.0-20230824141953-6213f710f925/go.mod h1:PLyyIXexvUFg3Owu6p/WfdlivPbZJsZdgWZlrGope/Y= +go4.org/netipx v0.0.0-20231129151722-fdeea329fbba h1:0b9z3AuHCjxk0x/opv64kcgZLBseWJUpBw5I82+2U4M= +go4.org/netipx v0.0.0-20231129151722-fdeea329fbba/go.mod h1:PLyyIXexvUFg3Owu6p/WfdlivPbZJsZdgWZlrGope/Y= golang.org/x/build v0.0.0-20190111050920-041ab4dc3f9d/go.mod h1:OWs+y06UdEOHN4y+MfF/py+xQ/tYqIWW03b70/CG9Rw= golang.org/x/crypto v0.0.0-20181030102418-4d3f4d9ffa16/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4= golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= @@ -185,8 +186,8 @@ golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8U golang.org/x/crypto v0.17.0 h1:r8bRNjWL3GshPW3gkd+RpvzWrZAwPS49OmTGZ/uhM4k= golang.org/x/crypto v0.17.0/go.mod h1:gCAAfMLgwOJRpTjQ2zCCt2OcSfYMTeZVSRtQlPC7Nq4= golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= -golang.org/x/exp v0.0.0-20231110203233-9a3e6036ecaa h1:FRnLl4eNAQl8hwxVVC17teOw8kdjVDVAiFMtgUdTSRQ= -golang.org/x/exp v0.0.0-20231110203233-9a3e6036ecaa/go.mod h1:zk2irFbV9DP96SEBUUAy67IdHUaZuSnrz1n472HUCLE= +golang.org/x/exp v0.0.0-20240103183307-be819d1f06fc h1:ao2WRsKSzW6KuUY9IWPwWahcHCgR0s52IfwutMfEbdM= +golang.org/x/exp v0.0.0-20240103183307-be819d1f06fc/go.mod h1:iRJReGqOEeBhDZGkGbynYwcHlctCvnjTYIamk7uXpHI= golang.org/x/lint v0.0.0-20180702182130-06c8688daad7/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE= golang.org/x/lint v0.0.0-20181026193005-c67002cb31c3/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE= golang.org/x/lint v0.0.0-20190227174305-5b3e6a55c961/go.mod h1:wehouNa3lNwaWXcvxsM5YxQ5yQlVC4a0KAMCusXpPoU= @@ -217,8 +218,8 @@ golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod h1:RxMgew5VJxzue5/jJ golang.org/x/sync v0.0.0-20190227155943-e225da77a7e6/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20210220032951-036812b2e83c/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.5.0 h1:60k92dhOjHxJkrqnwsfl8KuaHbn/5dl0lUPUklKo3qE= -golang.org/x/sync v0.5.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk= +golang.org/x/sync v0.6.0 h1:5BMeUDZ7vkXGfEr1x9B4bRcTH4lpkTkpdh0T/J+qjbQ= +golang.org/x/sync v0.6.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk= golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20180909124046-d0be0721c37e/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20181029174526-d69651ed3497/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= @@ -231,8 +232,8 @@ golang.org/x/sys v0.0.0-20210330210617-4fbd30eecc44/go.mod h1:h1NjWce9XRLGQEsW7w golang.org/x/sys v0.0.0-20210510120138-977fb7262007/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220804214406-8e32c043e418/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.5.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.15.0 h1:h48lPFYpsTvQJZF4EKyI4aLHaev3CxivZmv7yZig9pc= -golang.org/x/sys v0.15.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= +golang.org/x/sys v0.16.0 h1:xWw16ngr6ZMtmxDyKyIgsE93KNKz5HKmMa3b8ALHidU= +golang.org/x/sys v0.16.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.1-0.20180807135948-17ff2d5776d2/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= @@ -241,8 +242,8 @@ golang.org/x/text v0.14.0 h1:ScX5w1eTa3QqT8oi6+ziP7dTV1S2+ALU0bI+0zXKWiQ= golang.org/x/text v0.14.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU= golang.org/x/time v0.0.0-20180412165947-fbb02b2291d2/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= -golang.org/x/time v0.4.0 h1:Z81tqI5ddIoXDPvVQ7/7CC9TnLM7ubaFG2qXYd5BbYY= -golang.org/x/time v0.4.0/go.mod h1:3BpzKBy/shNhVucY/MWOyx10tF3SFh9QdLuxbVysPQM= +golang.org/x/time v0.5.0 h1:o7cqy6amK/52YcAKIPlM3a+Fpj35zvRj2TP+e1xFSfk= +golang.org/x/time v0.5.0/go.mod h1:3BpzKBy/shNhVucY/MWOyx10tF3SFh9QdLuxbVysPQM= golang.org/x/tools v0.0.0-20180828015842-6cd1fcedba52/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/tools v0.0.0-20181030000716-a0a13e073c7b/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= @@ -250,16 +251,16 @@ golang.org/x/tools v0.0.0-20190114222345-bf090417da8b/go.mod h1:n7NCudcB/nEzxVGm golang.org/x/tools v0.0.0-20190226205152-f727befe758c/go.mod h1:9Yl7xja0Znq3iFh3HoIrodX9oNMXvdceNzlUR8zjMvY= golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.1.1/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk= -golang.org/x/tools v0.15.0 h1:zdAyfUGbYmuVokhzVmghFl2ZJh5QhcfebBgmVPFYA+8= -golang.org/x/tools v0.15.0/go.mod h1:hpksKq4dtpQWS1uQ61JkdqWM3LscIS6Slf+VVkm+wQk= +golang.org/x/tools v0.16.1 h1:TLyB3WofjdOEepBHAU20JdNC1Zbg87elYofWYAY5oZA= +golang.org/x/tools v0.16.1/go.mod h1:kYVVN6I1mBNoB1OX+noeBjbRk4IUEPa7JJ+TJMEooJ0= golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.zx2c4.com/wintun v0.0.0-20230126152724-0fa3db229ce2 h1:B82qJJgjvYKsXS9jeunTOisW56dUokqW/FOteYJJ/yg= golang.zx2c4.com/wintun v0.0.0-20230126152724-0fa3db229ce2/go.mod h1:deeaetjYA+DHMHg+sMSMI58GrEteJUUzzw7en6TJQcI= -golang.zx2c4.com/wireguard v0.0.0-20231022001213-2e0774f246fb h1:c5tyN8sSp8jSDxdCCDXVOpJwYXXhmTkNMt+g0zTSOic= -golang.zx2c4.com/wireguard v0.0.0-20231022001213-2e0774f246fb/go.mod h1:tkCQ4FQXmpAgYVh++1cq16/dH4QJtmvpRv19DWGAHSA= +golang.zx2c4.com/wireguard v0.0.0-20231211153847-12269c276173 h1:/jFs0duh4rdb8uIfPMv78iAJGcPKDeqAFnaLBropIC4= +golang.zx2c4.com/wireguard v0.0.0-20231211153847-12269c276173/go.mod h1:tkCQ4FQXmpAgYVh++1cq16/dH4QJtmvpRv19DWGAHSA= google.golang.org/api v0.0.0-20180910000450-7ca32eb868bf/go.mod h1:4mhQ8q/RsB7i+udVvVy5NUi08OU8ZlA0gRVgrF7VFY0= google.golang.org/api v0.0.0-20181030000543-1d582fd0359e/go.mod h1:4mhQ8q/RsB7i+udVvVy5NUi08OU8ZlA0gRVgrF7VFY0= google.golang.org/api v0.1.0/go.mod h1:UGEZY7KEX120AnNLIHFMKIo4obdJhkp2tPbaPlQx13Y= @@ -272,8 +273,8 @@ google.golang.org/genproto v0.0.0-20180831171423-11092d34479b/go.mod h1:JiN7NxoA google.golang.org/genproto v0.0.0-20181029155118-b69ba1387ce2/go.mod h1:JiN7NxoALGmiZfu7CAH4rXhgtRTLTxftemlI0sWmxmc= google.golang.org/genproto v0.0.0-20181202183823-bd91e49a0898/go.mod h1:7Ep/1NZk928CDR8SjdVbjWNpdIf6nzjE3BTgJDr2Atg= google.golang.org/genproto v0.0.0-20190306203927-b5d61aea6440/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE= -google.golang.org/genproto/googleapis/rpc v0.0.0-20231106174013-bbf56f31fb17 h1:Jyp0Hsi0bmHXG6k9eATXoYtjd6e2UzZ1SCn/wIupY14= -google.golang.org/genproto/googleapis/rpc v0.0.0-20231106174013-bbf56f31fb17/go.mod h1:oQ5rr10WTTMvP4A36n8JpR1OrO1BEiV4f78CneXZxkA= +google.golang.org/genproto/googleapis/rpc v0.0.0-20240102182953-50ed04b92917 h1:6G8oQ016D88m1xAKljMlBOOGWDZkes4kMhgGFlf8WcQ= +google.golang.org/genproto/googleapis/rpc v0.0.0-20240102182953-50ed04b92917/go.mod h1:xtjpI3tXFPP051KaWnhvxkiubL/6dJ18vLVf7q2pTOU= google.golang.org/grpc v1.14.0/go.mod h1:yo6s7OP7yaDglbqo1J04qKzAhqBH6lvTonzMVmEdcZw= google.golang.org/grpc v1.16.0/go.mod h1:0JHn/cJsOMiMfNA9+DeHDlAU7KAAB5GDlYFpa9MZMio= google.golang.org/grpc v1.17.0/go.mod h1:6QZJwpn2B+Zp71q/5VxRsJ6NXXVCE5NRUHRo+f3cWCs= From 8a6b9e742060792aa27bd759f777482505d01111 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 9 Jan 2024 00:05:54 +0000 Subject: [PATCH 078/100] Bump golang.org/x/net from 0.19.0 to 0.20.0 Bumps [golang.org/x/net](https://github.com/golang/net) from 0.19.0 to 0.20.0. - [Commits](https://github.com/golang/net/compare/v0.19.0...v0.20.0) --- updated-dependencies: - dependency-name: golang.org/x/net dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- go.mod | 4 ++-- go.sum | 8 ++++---- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/go.mod b/go.mod index e004d90b..757ef883 100644 --- a/go.mod +++ b/go.mod @@ -20,8 +20,8 @@ require ( github.com/vishvananda/netlink v1.2.1-beta.2.0.20230316163032-ced5aaba43e3 github.com/xtls/reality v0.0.0-20231112171332-de1173cf2b19 go4.org/netipx v0.0.0-20231129151722-fdeea329fbba - golang.org/x/crypto v0.17.0 - golang.org/x/net v0.19.0 + golang.org/x/crypto v0.18.0 + golang.org/x/net v0.20.0 golang.org/x/sync v0.6.0 golang.org/x/sys v0.16.0 golang.zx2c4.com/wireguard v0.0.0-20231211153847-12269c276173 diff --git a/go.sum b/go.sum index 3b1016bb..48fc84f8 100644 --- a/go.sum +++ b/go.sum @@ -183,8 +183,8 @@ golang.org/x/crypto v0.0.0-20181030102418-4d3f4d9ffa16/go.mod h1:6SG95UA2DQfeDnf golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= golang.org/x/crypto v0.0.0-20190313024323-a1f597ede03a/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= -golang.org/x/crypto v0.17.0 h1:r8bRNjWL3GshPW3gkd+RpvzWrZAwPS49OmTGZ/uhM4k= -golang.org/x/crypto v0.17.0/go.mod h1:gCAAfMLgwOJRpTjQ2zCCt2OcSfYMTeZVSRtQlPC7Nq4= +golang.org/x/crypto v0.18.0 h1:PGVlW0xEltQnzFZ55hkuX5+KLyrMYhHld1YHO4AKcdc= +golang.org/x/crypto v0.18.0/go.mod h1:R0j02AL6hcrfOiy9T4ZYp/rcWeMxM3L6QYxlOuEG1mg= golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20240103183307-be819d1f06fc h1:ao2WRsKSzW6KuUY9IWPwWahcHCgR0s52IfwutMfEbdM= golang.org/x/exp v0.0.0-20240103183307-be819d1f06fc/go.mod h1:iRJReGqOEeBhDZGkGbynYwcHlctCvnjTYIamk7uXpHI= @@ -205,8 +205,8 @@ golang.org/x/net v0.0.0-20190313220215-9f648a60d977/go.mod h1:t9HGtf8HONx5eT2rtn golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20210405180319-a5a99cb37ef4/go.mod h1:p54w0d4576C0XHj96bSt6lcn1PtDYWL6XObtHCRCNQM= -golang.org/x/net v0.19.0 h1:zTwKpTd2XuCqf8huc7Fo2iSy+4RHPd10s4KzeTnVr1c= -golang.org/x/net v0.19.0/go.mod h1:CfAk/cbD4CthTvqiEl8NpboMuiuOYsAr/7NOjZJtv1U= +golang.org/x/net v0.20.0 h1:aCL9BSgETF1k+blQaYUBx9hJ9LOGP3gAVemcZlf1Kpo= +golang.org/x/net v0.20.0/go.mod h1:z8BVo6PvndSri0LbOE3hAn0apkU+1YvI6E70E9jsnvY= golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= golang.org/x/oauth2 v0.0.0-20181017192945-9dcd33a902f4/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= golang.org/x/oauth2 v0.0.0-20181203162652-d668ce993890/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= From 2fa5c299ac14829ed7ea0819443355f88fbe676d Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 9 Jan 2024 00:06:00 +0000 Subject: [PATCH 079/100] Bump github.com/refraction-networking/utls from 1.6.0 to 1.6.1 Bumps [github.com/refraction-networking/utls](https://github.com/refraction-networking/utls) from 1.6.0 to 1.6.1. - [Release notes](https://github.com/refraction-networking/utls/releases) - [Commits](https://github.com/refraction-networking/utls/compare/v1.6.0...v1.6.1) --- updated-dependencies: - dependency-name: github.com/refraction-networking/utls dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- go.mod | 2 +- go.sum | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/go.mod b/go.mod index 757ef883..a021afff 100644 --- a/go.mod +++ b/go.mod @@ -11,7 +11,7 @@ require ( github.com/pelletier/go-toml v1.9.5 github.com/pires/go-proxyproto v0.7.0 github.com/quic-go/quic-go v0.40.1 - github.com/refraction-networking/utls v1.6.0 + github.com/refraction-networking/utls v1.6.1 github.com/sagernet/sing v0.3.0 github.com/sagernet/sing-shadowsocks v0.2.6 github.com/seiflotfy/cuckoofilter v0.0.0-20220411075957-e3b120b3f5fb diff --git a/go.sum b/go.sum index 48fc84f8..81583ebb 100644 --- a/go.sum +++ b/go.sum @@ -118,8 +118,8 @@ github.com/quic-go/qtls-go1-20 v0.4.1 h1:D33340mCNDAIKBqXuAvexTNMUByrYmFYVfKfDN5 github.com/quic-go/qtls-go1-20 v0.4.1/go.mod h1:X9Nh97ZL80Z+bX/gUXMbipO6OxdiDi58b/fMC9mAL+k= github.com/quic-go/quic-go v0.40.1 h1:X3AGzUNFs0jVuO3esAGnTfvdgvL4fq655WaOi1snv1Q= github.com/quic-go/quic-go v0.40.1/go.mod h1:PeN7kuVJ4xZbxSv/4OX6S1USOX8MJvydwpTx31vx60c= -github.com/refraction-networking/utls v1.6.0 h1:X5vQMqVx7dY7ehxxqkFER/W6DSjy8TMqSItXm8hRDYQ= -github.com/refraction-networking/utls v1.6.0/go.mod h1:kHJ6R9DFFA0WsRgBM35iiDku4O7AqPR6y79iuzW7b10= +github.com/refraction-networking/utls v1.6.1 h1:n1JG5karzdGWsI6iZmGrOv3SNzR4c+4M8J6KWGsk3lA= +github.com/refraction-networking/utls v1.6.1/go.mod h1:+EbcQOvQvXoFV9AEKbuGlljt1doLRKAVY1jJHe9EtDo= github.com/riobard/go-bloom v0.0.0-20200614022211-cdc8013cb5b3 h1:f/FNXud6gA3MNr8meMVVGxhp+QBTqY91tM8HjEuMjGg= github.com/riobard/go-bloom v0.0.0-20200614022211-cdc8013cb5b3/go.mod h1:HgjTstvQsPGkxUsCd2KWxErBblirPizecHcpD3ffK+s= github.com/russross/blackfriday v1.5.2/go.mod h1:JO/DiYxRf+HjHt06OyowR9PTA263kcR/rfWxYHBV53g= From 81f9f567ffa9dfc987dff2724369c3884d065bcb Mon Sep 17 00:00:00 2001 From: Hossin Asaadi Date: Wed, 10 Jan 2024 19:26:27 +0300 Subject: [PATCH 080/100] sort Outbound selector output (#2914) * clean code * sort oubound selector output * clean up * fix duplicate outbound --- app/proxyman/outbound/outbound.go | 9 +++------ 1 file changed, 3 insertions(+), 6 deletions(-) diff --git a/app/proxyman/outbound/outbound.go b/app/proxyman/outbound/outbound.go index 8ebcde17..1bc4c403 100644 --- a/app/proxyman/outbound/outbound.go +++ b/app/proxyman/outbound/outbound.go @@ -4,6 +4,7 @@ package outbound import ( "context" + "sort" "strings" "sync" @@ -148,18 +149,14 @@ func (m *Manager) Select(selectors []string) []string { tags := make([]string, 0, len(selectors)) for tag := range m.taggedHandler { - match := false for _, selector := range selectors { if strings.HasPrefix(tag, selector) { - match = true + tags = append(tags, tag) break } } - if match { - tags = append(tags, tag) - } } - + sort.Strings(tags) return tags } From 2b08d8638ef63d63de85a334fc8d35fa8221c00c Mon Sep 17 00:00:00 2001 From: Qi Lin <141757486+QiL1n@users.noreply.github.com> Date: Mon, 8 Jan 2024 18:14:08 +0800 Subject: [PATCH 081/100] Let `tlsSettings.masterKeyLog` and `tlsSettings.fingerprint` work together --- transport/internet/tls/tls.go | 1 + 1 file changed, 1 insertion(+) diff --git a/transport/internet/tls/tls.go b/transport/internet/tls/tls.go index 2fd9a017..e73a495b 100644 --- a/transport/internet/tls/tls.go +++ b/transport/internet/tls/tls.go @@ -118,6 +118,7 @@ func copyConfig(c *tls.Config) *utls.Config { ServerName: c.ServerName, InsecureSkipVerify: c.InsecureSkipVerify, VerifyPeerCertificate: c.VerifyPeerCertificate, + KeyLogWriter: c.KeyLogWriter, } } From 961cf9d3b17f975db7013b8410d541f6fdfcf249 Mon Sep 17 00:00:00 2001 From: nobody <59990325+vrnobody@users.noreply.github.com> Date: Thu, 11 Jan 2024 23:34:26 +0800 Subject: [PATCH 082/100] Remove slices dependency. (#2930) * Remove slices dependency. * Fix nil pointer dereference bug. --------- Co-authored-by: nobody --- common/reflect/marshal.go | 47 +++++++++++++++++++++------------------ core/config.go | 10 +++++---- 2 files changed, 31 insertions(+), 26 deletions(-) diff --git a/common/reflect/marshal.go b/common/reflect/marshal.go index 96e83351..736afc01 100644 --- a/common/reflect/marshal.go +++ b/common/reflect/marshal.go @@ -3,7 +3,6 @@ package reflect import ( "encoding/json" "reflect" - "slices" cserial "github.com/xtls/xray-core/common/serial" ) @@ -18,6 +17,9 @@ func MarshalToJson(v interface{}) (string, bool) { } func marshalTypedMessage(v *cserial.TypedMessage, ignoreNullValue bool) interface{} { + if v == nil { + return nil + } tmsg, err := v.GetInstance() if err != nil { return nil @@ -111,28 +113,29 @@ func marshalKnownType(v interface{}, ignoreNullValue bool) (interface{}, bool) { } } -var valueKinds = []reflect.Kind{ - reflect.Bool, - reflect.Int, - reflect.Int8, - reflect.Int16, - reflect.Int32, - reflect.Int64, - reflect.Uint, - reflect.Uint8, - reflect.Uint16, - reflect.Uint32, - reflect.Uint64, - reflect.Uintptr, - reflect.Float32, - reflect.Float64, - reflect.Complex64, - reflect.Complex128, - reflect.String, -} - func isValueKind(kind reflect.Kind) bool { - return slices.Contains(valueKinds, kind) + switch kind { + case reflect.Bool, + reflect.Int, + reflect.Int8, + reflect.Int16, + reflect.Int32, + reflect.Int64, + reflect.Uint, + reflect.Uint8, + reflect.Uint16, + reflect.Uint32, + reflect.Uint64, + reflect.Uintptr, + reflect.Float32, + reflect.Float64, + reflect.Complex64, + reflect.Complex128, + reflect.String: + return true + default: + return false + } } func marshalInterface(v interface{}, ignoreNullValue bool) interface{} { diff --git a/core/config.go b/core/config.go index ec5ad6a4..1aa21f5f 100644 --- a/core/config.go +++ b/core/config.go @@ -2,7 +2,6 @@ package core import ( "io" - "slices" "strings" "github.com/xtls/xray-core/common" @@ -60,9 +59,12 @@ func GetMergedConfig(args cmdarg.Arg) (string, error) { supported := []string{"json", "yaml", "toml"} for _, file := range args { format := getFormat(file) - if slices.Contains(supported, format) { - files = append(files, file) - formats = append(formats, format) + for _, s := range supported { + if s == format { + files = append(files, file) + formats = append(formats, format) + break + } } } return ConfigMergedFormFiles(files, formats) From 0ea2a50264c4eab43ac1a67cf4ddde62c9214a6d Mon Sep 17 00:00:00 2001 From: Qi Lin <141757486+QiL1n@users.noreply.github.com> Date: Thu, 11 Jan 2024 14:36:13 +0800 Subject: [PATCH 083/100] Add option `realitySettings.masterKeyLog` --- infra/conf/transport_internet.go | 2 ++ transport/internet/reality/config.go | 17 ++++++++++++ transport/internet/reality/config.pb.go | 36 ++++++++++++++++--------- transport/internet/reality/config.proto | 1 + transport/internet/reality/reality.go | 1 + 5 files changed, 44 insertions(+), 13 deletions(-) diff --git a/infra/conf/transport_internet.go b/infra/conf/transport_internet.go index 318eb336..8c113e92 100644 --- a/infra/conf/transport_internet.go +++ b/infra/conf/transport_internet.go @@ -420,6 +420,7 @@ func (c *TLSConfig) Build() (proto.Message, error) { type REALITYConfig struct { Show bool `json:"show"` + MasterKeyLog string `json:"masterKeyLog"` Dest json.RawMessage `json:"dest"` Type string `json:"type"` Xver uint64 `json:"xver"` @@ -440,6 +441,7 @@ type REALITYConfig struct { func (c *REALITYConfig) Build() (proto.Message, error) { config := new(reality.Config) config.Show = c.Show + config.MasterKeyLog = c.MasterKeyLog var err error if c.Dest != nil { var i uint16 diff --git a/transport/internet/reality/config.go b/transport/internet/reality/config.go index 58608720..be3611e5 100644 --- a/transport/internet/reality/config.go +++ b/transport/internet/reality/config.go @@ -1,7 +1,9 @@ package reality import ( + "io" "net" + "os" "time" "github.com/xtls/reality" @@ -25,6 +27,8 @@ func (c *Config) GetREALITYConfig() *reality.Config { NextProtos: nil, // should be nil SessionTicketsDisabled: true, + + KeyLogWriter: KeyLogWriterFromConfig(c), } config.ServerNames = make(map[string]bool) for _, serverName := range c.ServerNames { @@ -37,6 +41,19 @@ func (c *Config) GetREALITYConfig() *reality.Config { return config } +func KeyLogWriterFromConfig(c *Config) io.Writer { + if len(c.MasterKeyLog) <= 0 || c.MasterKeyLog == "none" { + return nil + } + + writer, err := os.OpenFile(c.MasterKeyLog, os.O_CREATE|os.O_RDWR|os.O_APPEND, 0644) + if err != nil { + newError("failed to open ", c.MasterKeyLog, " as master key log").AtError().Base(err).WriteToLog() + } + + return writer +} + func ConfigFromStreamSettings(settings *internet.MemoryStreamConfig) *Config { if settings == nil { return nil diff --git a/transport/internet/reality/config.pb.go b/transport/internet/reality/config.pb.go index 2b44d9b7..6631d0af 100644 --- a/transport/internet/reality/config.pb.go +++ b/transport/internet/reality/config.pb.go @@ -1,7 +1,7 @@ // Code generated by protoc-gen-go. DO NOT EDIT. // versions: -// protoc-gen-go v1.31.0 -// protoc v4.23.1 +// protoc-gen-go v1.32.0 +// protoc v4.25.1 // source: transport/internet/reality/config.proto package reality @@ -41,6 +41,7 @@ type Config struct { ShortId []byte `protobuf:"bytes,24,opt,name=short_id,json=shortId,proto3" json:"short_id,omitempty"` SpiderX string `protobuf:"bytes,25,opt,name=spider_x,json=spiderX,proto3" json:"spider_x,omitempty"` SpiderY []int64 `protobuf:"varint,26,rep,packed,name=spider_y,json=spiderY,proto3" json:"spider_y,omitempty"` + MasterKeyLog string `protobuf:"bytes,27,opt,name=master_key_log,json=masterKeyLog,proto3" json:"master_key_log,omitempty"` } func (x *Config) Reset() { @@ -187,6 +188,13 @@ func (x *Config) GetSpiderY() []int64 { return nil } +func (x *Config) GetMasterKeyLog() string { + if x != nil { + return x.MasterKeyLog + } + return "" +} + var File_transport_internet_reality_config_proto protoreflect.FileDescriptor var file_transport_internet_reality_config_proto_rawDesc = []byte{ @@ -194,7 +202,7 @@ var file_transport_internet_reality_config_proto_rawDesc = []byte{ 0x72, 0x6e, 0x65, 0x74, 0x2f, 0x72, 0x65, 0x61, 0x6c, 0x69, 0x74, 0x79, 0x2f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x1f, 0x78, 0x72, 0x61, 0x79, 0x2e, 0x74, 0x72, 0x61, 0x6e, 0x73, 0x70, 0x6f, 0x72, 0x74, 0x2e, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x6e, - 0x65, 0x74, 0x2e, 0x72, 0x65, 0x61, 0x6c, 0x69, 0x74, 0x79, 0x22, 0xdc, 0x03, 0x0a, 0x06, 0x43, + 0x65, 0x74, 0x2e, 0x72, 0x65, 0x61, 0x6c, 0x69, 0x74, 0x79, 0x22, 0x82, 0x04, 0x0a, 0x06, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x12, 0x0a, 0x04, 0x73, 0x68, 0x6f, 0x77, 0x18, 0x01, 0x20, 0x01, 0x28, 0x08, 0x52, 0x04, 0x73, 0x68, 0x6f, 0x77, 0x12, 0x12, 0x0a, 0x04, 0x64, 0x65, 0x73, 0x74, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x64, 0x65, 0x73, 0x74, 0x12, 0x12, 0x0a, @@ -224,16 +232,18 @@ var file_transport_internet_reality_config_proto_rawDesc = []byte{ 0x74, 0x49, 0x64, 0x12, 0x19, 0x0a, 0x08, 0x73, 0x70, 0x69, 0x64, 0x65, 0x72, 0x5f, 0x78, 0x18, 0x19, 0x20, 0x01, 0x28, 0x09, 0x52, 0x07, 0x73, 0x70, 0x69, 0x64, 0x65, 0x72, 0x58, 0x12, 0x19, 0x0a, 0x08, 0x73, 0x70, 0x69, 0x64, 0x65, 0x72, 0x5f, 0x79, 0x18, 0x1a, 0x20, 0x03, 0x28, 0x03, - 0x52, 0x07, 0x73, 0x70, 0x69, 0x64, 0x65, 0x72, 0x59, 0x42, 0x7f, 0x0a, 0x23, 0x63, 0x6f, 0x6d, - 0x2e, 0x78, 0x72, 0x61, 0x79, 0x2e, 0x74, 0x72, 0x61, 0x6e, 0x73, 0x70, 0x6f, 0x72, 0x74, 0x2e, - 0x69, 0x6e, 0x74, 0x65, 0x72, 0x6e, 0x65, 0x74, 0x2e, 0x72, 0x65, 0x61, 0x6c, 0x69, 0x74, 0x79, - 0x50, 0x01, 0x5a, 0x34, 0x67, 0x69, 0x74, 0x68, 0x75, 0x62, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x78, - 0x74, 0x6c, 0x73, 0x2f, 0x78, 0x72, 0x61, 0x79, 0x2d, 0x63, 0x6f, 0x72, 0x65, 0x2f, 0x74, 0x72, - 0x61, 0x6e, 0x73, 0x70, 0x6f, 0x72, 0x74, 0x2f, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x6e, 0x65, 0x74, - 0x2f, 0x72, 0x65, 0x61, 0x6c, 0x69, 0x74, 0x79, 0xaa, 0x02, 0x1f, 0x58, 0x72, 0x61, 0x79, 0x2e, - 0x54, 0x72, 0x61, 0x6e, 0x73, 0x70, 0x6f, 0x72, 0x74, 0x2e, 0x49, 0x6e, 0x74, 0x65, 0x72, 0x6e, - 0x65, 0x74, 0x2e, 0x52, 0x65, 0x61, 0x6c, 0x69, 0x74, 0x79, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, - 0x6f, 0x33, + 0x52, 0x07, 0x73, 0x70, 0x69, 0x64, 0x65, 0x72, 0x59, 0x12, 0x24, 0x0a, 0x0e, 0x6d, 0x61, 0x73, + 0x74, 0x65, 0x72, 0x5f, 0x6b, 0x65, 0x79, 0x5f, 0x6c, 0x6f, 0x67, 0x18, 0x1b, 0x20, 0x01, 0x28, + 0x09, 0x52, 0x0c, 0x6d, 0x61, 0x73, 0x74, 0x65, 0x72, 0x4b, 0x65, 0x79, 0x4c, 0x6f, 0x67, 0x42, + 0x7f, 0x0a, 0x23, 0x63, 0x6f, 0x6d, 0x2e, 0x78, 0x72, 0x61, 0x79, 0x2e, 0x74, 0x72, 0x61, 0x6e, + 0x73, 0x70, 0x6f, 0x72, 0x74, 0x2e, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x6e, 0x65, 0x74, 0x2e, 0x72, + 0x65, 0x61, 0x6c, 0x69, 0x74, 0x79, 0x50, 0x01, 0x5a, 0x34, 0x67, 0x69, 0x74, 0x68, 0x75, 0x62, + 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x78, 0x74, 0x6c, 0x73, 0x2f, 0x78, 0x72, 0x61, 0x79, 0x2d, 0x63, + 0x6f, 0x72, 0x65, 0x2f, 0x74, 0x72, 0x61, 0x6e, 0x73, 0x70, 0x6f, 0x72, 0x74, 0x2f, 0x69, 0x6e, + 0x74, 0x65, 0x72, 0x6e, 0x65, 0x74, 0x2f, 0x72, 0x65, 0x61, 0x6c, 0x69, 0x74, 0x79, 0xaa, 0x02, + 0x1f, 0x58, 0x72, 0x61, 0x79, 0x2e, 0x54, 0x72, 0x61, 0x6e, 0x73, 0x70, 0x6f, 0x72, 0x74, 0x2e, + 0x49, 0x6e, 0x74, 0x65, 0x72, 0x6e, 0x65, 0x74, 0x2e, 0x52, 0x65, 0x61, 0x6c, 0x69, 0x74, 0x79, + 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33, } var ( diff --git a/transport/internet/reality/config.proto b/transport/internet/reality/config.proto index f9ae3a4f..233f6e05 100644 --- a/transport/internet/reality/config.proto +++ b/transport/internet/reality/config.proto @@ -24,4 +24,5 @@ message Config { bytes short_id = 24; string spider_x = 25; repeated int64 spider_y = 26; + string master_key_log = 27; } diff --git a/transport/internet/reality/reality.go b/transport/internet/reality/reality.go index 75a668c9..136a075d 100644 --- a/transport/internet/reality/reality.go +++ b/transport/internet/reality/reality.go @@ -112,6 +112,7 @@ func UClient(c net.Conn, config *Config, ctx context.Context, dest net.Destinati ServerName: config.ServerName, InsecureSkipVerify: true, SessionTicketsDisabled: true, + KeyLogWriter: KeyLogWriterFromConfig(config), } if utlsConfig.ServerName == "" { utlsConfig.ServerName = dest.Address.String() From 7f7f57d3b6a3fbce3cd2ab3d34abe27e6f6a3829 Mon Sep 17 00:00:00 2001 From: nobody <59990325+vrnobody@users.noreply.github.com> Date: Fri, 12 Jan 2024 23:36:48 +0800 Subject: [PATCH 084/100] Add tags cache to app.proxyman.ohm.Select() (#2927) * Add tags cache to ohm.Select(). * Refactor round-robin. * Fix a bug. --------- Co-authored-by: nobody --- app/proxyman/outbound/outbound.go | 14 ++++++++++++++ app/router/balancing.go | 32 ++++++++----------------------- 2 files changed, 22 insertions(+), 24 deletions(-) diff --git a/app/proxyman/outbound/outbound.go b/app/proxyman/outbound/outbound.go index 1bc4c403..3bd0d85c 100644 --- a/app/proxyman/outbound/outbound.go +++ b/app/proxyman/outbound/outbound.go @@ -22,12 +22,14 @@ type Manager struct { taggedHandler map[string]outbound.Handler untaggedHandlers []outbound.Handler running bool + tagsCache map[string][]string } // New creates a new Manager. func New(ctx context.Context, config *proxyman.OutboundConfig) (*Manager, error) { m := &Manager{ taggedHandler: make(map[string]outbound.Handler), + tagsCache: make(map[string][]string), } return m, nil } @@ -104,6 +106,8 @@ func (m *Manager) AddHandler(ctx context.Context, handler outbound.Handler) erro m.access.Lock() defer m.access.Unlock() + m.tagsCache = make(map[string][]string) + if m.defaultHandler == nil { m.defaultHandler = handler } @@ -133,6 +137,8 @@ func (m *Manager) RemoveHandler(ctx context.Context, tag string) error { m.access.Lock() defer m.access.Unlock() + m.tagsCache = make(map[string][]string) + delete(m.taggedHandler, tag) if m.defaultHandler != nil && m.defaultHandler.Tag() == tag { m.defaultHandler = nil @@ -146,6 +152,11 @@ func (m *Manager) Select(selectors []string) []string { m.access.RLock() defer m.access.RUnlock() + key := strings.Join(selectors, ",") + if cache, ok := m.tagsCache[key]; ok { + return cache + } + tags := make([]string, 0, len(selectors)) for tag := range m.taggedHandler { @@ -156,7 +167,10 @@ func (m *Manager) Select(selectors []string) []string { } } } + sort.Strings(tags) + m.tagsCache[key] = tags + return tags } diff --git a/app/router/balancing.go b/app/router/balancing.go index e6f29a67..458e6838 100644 --- a/app/router/balancing.go +++ b/app/router/balancing.go @@ -2,7 +2,6 @@ package router import ( "context" - reflect "reflect" sync "sync" "github.com/xtls/xray-core/common/dice" @@ -26,35 +25,20 @@ func (s *RandomStrategy) PickOutbound(tags []string) string { } type RoundRobinStrategy struct { - mu sync.Mutex - tags []string - index int - roundRobin *RoundRobinStrategy -} - -func NewRoundRobin(tags []string) *RoundRobinStrategy { - return &RoundRobinStrategy{ - tags: tags, - } -} -func (r *RoundRobinStrategy) NextTag() string { - r.mu.Lock() - defer r.mu.Unlock() - - tags := r.tags[r.index] - r.index = (r.index + 1) % len(r.tags) - return tags + mu sync.Mutex + index int } func (s *RoundRobinStrategy) PickOutbound(tags []string) string { - if len(tags) == 0 { + n := len(tags) + if n == 0 { panic("0 tags") } - if s.roundRobin == nil || !reflect.DeepEqual(s.roundRobin.tags, tags) { - s.roundRobin = NewRoundRobin(tags) - } - tag := s.roundRobin.NextTag() + s.mu.Lock() + defer s.mu.Unlock() + tag := tags[s.index%n] + s.index = (s.index + 1) % n return tag } From 77376ed94f3ac8e3002c84dd43ceadabe9ab41e4 Mon Sep 17 00:00:00 2001 From: yuhan6665 <1588741+yuhan6665@users.noreply.github.com> Date: Fri, 12 Jan 2024 21:56:22 -0500 Subject: [PATCH 085/100] Reduce size and time of UDP test In the past, the UDP test in mass parallel proved to be the source of instability. This change try to improve pass rate. --- testing/scenarios/dokodemo_test.go | 2 +- testing/scenarios/shadowsocks_2022_test.go | 26 ++++++++++++++-------- testing/scenarios/shadowsocks_test.go | 4 ++-- testing/scenarios/vmess_test.go | 4 ++-- 4 files changed, 22 insertions(+), 14 deletions(-) diff --git a/testing/scenarios/dokodemo_test.go b/testing/scenarios/dokodemo_test.go index 69032b6e..0744cac9 100644 --- a/testing/scenarios/dokodemo_test.go +++ b/testing/scenarios/dokodemo_test.go @@ -171,7 +171,7 @@ func TestDokodemoUDP(t *testing.T) { common.Must(err) defer CloseServer(server) - clientPortRange := uint32(5) + clientPortRange := uint32(3) retry := 1 clientPort := uint32(udp.PickPort()) for { diff --git a/testing/scenarios/shadowsocks_2022_test.go b/testing/scenarios/shadowsocks_2022_test.go index aa595844..f06c38dc 100644 --- a/testing/scenarios/shadowsocks_2022_test.go +++ b/testing/scenarios/shadowsocks_2022_test.go @@ -32,14 +32,22 @@ func TestShadowsocks2022Tcp(t *testing.T) { } } -func TestShadowsocks2022Udp(t *testing.T) { - for _, method := range shadowaead_2022.List { - password := make([]byte, 32) - rand.Read(password) - t.Run(method, func(t *testing.T) { - testShadowsocks2022Udp(t, method, base64.StdEncoding.EncodeToString(password)) - }) - } +func TestShadowsocks2022UdpAES128(t *testing.T) { + password := make([]byte, 32) + rand.Read(password) + testShadowsocks2022Udp(t, shadowaead_2022.List[0], base64.StdEncoding.EncodeToString(password)) +} + +func TestShadowsocks2022UdpAES256(t *testing.T) { + password := make([]byte, 32) + rand.Read(password) + testShadowsocks2022Udp(t, shadowaead_2022.List[1], base64.StdEncoding.EncodeToString(password)) +} + +func TestShadowsocks2022UdpChacha(t *testing.T) { + password := make([]byte, 32) + rand.Read(password) + testShadowsocks2022Udp(t, shadowaead_2022.List[2], base64.StdEncoding.EncodeToString(password)) } func testShadowsocks2022Tcp(t *testing.T, method string, password string) { @@ -199,7 +207,7 @@ func testShadowsocks2022Udp(t *testing.T, method string, password string) { defer CloseAllServers(servers) var errGroup errgroup.Group - for i := 0; i < 10; i++ { + for i := 0; i < 2; i++ { errGroup.Go(testUDPConn(udpClientPort, 1024, time.Second*5)) } diff --git a/testing/scenarios/shadowsocks_test.go b/testing/scenarios/shadowsocks_test.go index d6b8ee82..e7620429 100644 --- a/testing/scenarios/shadowsocks_test.go +++ b/testing/scenarios/shadowsocks_test.go @@ -289,7 +289,7 @@ func TestShadowsocksAES128GCMUDP(t *testing.T) { defer CloseAllServers(servers) var errGroup errgroup.Group - for i := 0; i < 10; i++ { + for i := 0; i < 2; i++ { errGroup.Go(testUDPConn(clientPort, 1024, time.Second*5)) } if err := errGroup.Wait(); err != nil { @@ -391,7 +391,7 @@ func TestShadowsocksAES128GCMUDPMux(t *testing.T) { defer CloseAllServers(servers) var errGroup errgroup.Group - for i := 0; i < 10; i++ { + for i := 0; i < 2; i++ { errGroup.Go(testUDPConn(clientPort, 1024, time.Second*5)) } if err := errGroup.Wait(); err != nil { diff --git a/testing/scenarios/vmess_test.go b/testing/scenarios/vmess_test.go index 2239b13c..c11f830f 100644 --- a/testing/scenarios/vmess_test.go +++ b/testing/scenarios/vmess_test.go @@ -475,7 +475,7 @@ func TestVMessGCMUDP(t *testing.T) { defer CloseAllServers(servers) var errg errgroup.Group - for i := 0; i < 10; i++ { + for i := 0; i < 2; i++ { errg.Go(testUDPConn(clientPort, 1024, time.Second*5)) } if err := errg.Wait(); err != nil { @@ -1176,7 +1176,7 @@ func TestVMessGCMMuxUDP(t *testing.T) { for range "ab" { var errg errgroup.Group - for i := 0; i < 16; i++ { + for i := 0; i < 2; i++ { errg.Go(testTCPConn(clientPort, 1024, time.Second*10)) errg.Go(testUDPConn(clientUDPPort, 1024, time.Second*10)) } From da5a28a088091b86ac5b70ca732fc11cdb4c43fe Mon Sep 17 00:00:00 2001 From: dyhkwong <50692134+dyhkwong@users.noreply.github.com> Date: Mon, 15 Jan 2024 23:33:15 +0800 Subject: [PATCH 086/100] Fix #2654 (#2941) * fix udp dispatcher * fix test --- transport/internet/udp/dispatcher.go | 29 +++++++++++++++------------- 1 file changed, 16 insertions(+), 13 deletions(-) diff --git a/transport/internet/udp/dispatcher.go b/transport/internet/udp/dispatcher.go index 32c8c8ac..c29d4b13 100644 --- a/transport/internet/udp/dispatcher.go +++ b/transport/internet/udp/dispatcher.go @@ -28,7 +28,7 @@ type connEntry struct { type Dispatcher struct { sync.RWMutex - conns map[net.Destination]*connEntry + conn *connEntry dispatcher routing.Dispatcher callback ResponseCallback callClose func() error @@ -36,19 +36,18 @@ type Dispatcher struct { func NewDispatcher(dispatcher routing.Dispatcher, callback ResponseCallback) *Dispatcher { return &Dispatcher{ - conns: make(map[net.Destination]*connEntry), dispatcher: dispatcher, callback: callback, } } -func (v *Dispatcher) RemoveRay(dest net.Destination) { +func (v *Dispatcher) RemoveRay() { v.Lock() defer v.Unlock() - if conn, found := v.conns[dest]; found { - common.Close(conn.link.Reader) - common.Close(conn.link.Writer) - delete(v.conns, dest) + if v.conn != nil { + common.Close(v.conn.link.Reader) + common.Close(v.conn.link.Writer) + v.conn = nil } } @@ -56,8 +55,8 @@ func (v *Dispatcher) getInboundRay(ctx context.Context, dest net.Destination) (* v.Lock() defer v.Unlock() - if entry, found := v.conns[dest]; found { - return entry, nil + if v.conn != nil { + return v.conn, nil } newError("establishing new connection for ", dest).WriteToLog() @@ -65,7 +64,7 @@ func (v *Dispatcher) getInboundRay(ctx context.Context, dest net.Destination) (* ctx, cancel := context.WithCancel(ctx) removeRay := func() { cancel() - v.RemoveRay(dest) + v.RemoveRay() } timer := signal.CancelAfterInactivity(ctx, removeRay, time.Minute) @@ -79,7 +78,7 @@ func (v *Dispatcher) getInboundRay(ctx context.Context, dest net.Destination) (* timer: timer, cancel: removeRay, } - v.conns[dest] = entry + v.conn = entry go handleInput(ctx, entry, dest, v.callback, v.callClose) return entry, nil } @@ -130,6 +129,9 @@ func handleInput(ctx context.Context, conn *connEntry, dest net.Destination, cal } timer.Update() for _, b := range mb { + if b.UDP != nil { + dest = *b.UDP + } callback(ctx, &udp.Packet{ Payload: b, Source: dest, @@ -153,7 +155,6 @@ func DialDispatcher(ctx context.Context, dispatcher routing.Dispatcher) (net.Pac } d := &Dispatcher{ - conns: make(map[net.Destination]*connEntry), dispatcher: dispatcher, callback: c.callback, callClose: c.Close, @@ -199,7 +200,9 @@ func (c *dispatcherConn) WriteTo(p []byte, addr net.Addr) (int, error) { n := copy(raw, p) buffer.Resize(0, int32(n)) - c.dispatcher.Dispatch(c.ctx, net.DestinationFromAddr(addr), buffer) + destination := net.DestinationFromAddr(addr) + buffer.UDP = &destination + c.dispatcher.Dispatch(c.ctx, destination, buffer) return n, nil } From 10255bca835488fdf0126360d65bdcdcfb5076fc Mon Sep 17 00:00:00 2001 From: yuhan6665 <1588741+yuhan6665@users.noreply.github.com> Date: Mon, 15 Jan 2024 10:37:56 -0500 Subject: [PATCH 087/100] Reduce size and time of KCP test --- testing/scenarios/vmess_test.go | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/testing/scenarios/vmess_test.go b/testing/scenarios/vmess_test.go index c11f830f..8b7e646f 100644 --- a/testing/scenarios/vmess_test.go +++ b/testing/scenarios/vmess_test.go @@ -787,8 +787,8 @@ func TestVMessKCP(t *testing.T) { defer CloseAllServers(servers) var errg errgroup.Group - for i := 0; i < 10; i++ { - errg.Go(testTCPConn(clientPort, 10240*1024, time.Minute*2)) + for i := 0; i < 2; i++ { + errg.Go(testTCPConn(clientPort, 1024, time.Minute*2)) } if err := errg.Wait(); err != nil { t.Error(err) @@ -934,7 +934,7 @@ func TestVMessKCPLarge(t *testing.T) { var errg errgroup.Group for i := 0; i < 2; i++ { - errg.Go(testTCPConn(clientPort, 10240*1024, time.Minute*5)) + errg.Go(testTCPConn(clientPort, 513*1024, time.Minute*5)) } if err := errg.Wait(); err != nil { t.Error(err) From d20a835016b9c0a22b8a698a22a5669d1c5edae6 Mon Sep 17 00:00:00 2001 From: nobody <59990325+vrnobody@users.noreply.github.com> Date: Tue, 16 Jan 2024 23:52:01 +0800 Subject: [PATCH 088/100] Fix concurrent map writes error in ohm.Select(). (#2943) * Add unit test for ohm.tagsCache. * Fix concurrent map writes in ohm.Select(). --------- Co-authored-by: nobody --- app/proxyman/outbound/handler_test.go | 93 +++++++++++++++++++++++++++ app/proxyman/outbound/outbound.go | 19 +++--- 2 files changed, 103 insertions(+), 9 deletions(-) diff --git a/app/proxyman/outbound/handler_test.go b/app/proxyman/outbound/handler_test.go index c5afea70..e5b67308 100644 --- a/app/proxyman/outbound/handler_test.go +++ b/app/proxyman/outbound/handler_test.go @@ -2,9 +2,14 @@ package outbound_test import ( "context" + "fmt" + "sync" + "sync/atomic" "testing" + "time" "github.com/xtls/xray-core/app/policy" + "github.com/xtls/xray-core/app/proxyman" . "github.com/xtls/xray-core/app/proxyman/outbound" "github.com/xtls/xray-core/app/stats" "github.com/xtls/xray-core/common/net" @@ -78,3 +83,91 @@ func TestOutboundWithStatCounter(t *testing.T) { t.Errorf("Expected conn to be CounterConnection") } } + +func TestTagsCache(t *testing.T) { + + test_duration := 10 * time.Second + threads_num := 50 + delay := 10 * time.Millisecond + tags_prefix := "node" + + tags := sync.Map{} + counter := atomic.Uint64{} + + ohm, err := New(context.Background(), &proxyman.OutboundConfig{}) + if err != nil { + t.Error("failed to create outbound handler manager") + } + config := &core.Config{ + App: []*serial.TypedMessage{}, + } + v, _ := core.New(config) + v.AddFeature(ohm) + ctx := context.WithValue(context.Background(), xrayKey, v) + + stop_add_rm := false + wg_add_rm := sync.WaitGroup{} + addHandlers := func() { + defer wg_add_rm.Done() + for !stop_add_rm { + time.Sleep(delay) + idx := counter.Add(1) + tag := fmt.Sprintf("%s%d", tags_prefix, idx) + cfg := &core.OutboundHandlerConfig{ + Tag: tag, + ProxySettings: serial.ToTypedMessage(&freedom.Config{}), + } + if h, err := NewHandler(ctx, cfg); err == nil { + if err := ohm.AddHandler(ctx, h); err == nil { + // t.Log("add handler:", tag) + tags.Store(tag, nil) + } else { + t.Error("failed to add handler:", tag) + } + } else { + t.Error("failed to create handler:", tag) + } + } + } + + rmHandlers := func() { + defer wg_add_rm.Done() + for !stop_add_rm { + time.Sleep(delay) + tags.Range(func(key interface{}, value interface{}) bool { + if _, ok := tags.LoadAndDelete(key); ok { + // t.Log("remove handler:", key) + ohm.RemoveHandler(ctx, key.(string)) + return false + } + return true + }) + } + } + + selectors := []string{tags_prefix} + wg_get := sync.WaitGroup{} + stop_get := false + getTags := func() { + defer wg_get.Done() + for !stop_get { + time.Sleep(delay) + _ = ohm.Select(selectors) + // t.Logf("get tags: %v", tag) + } + } + + for i := 0; i < threads_num; i++ { + wg_add_rm.Add(2) + go rmHandlers() + go addHandlers() + wg_get.Add(1) + go getTags() + } + + time.Sleep(test_duration) + stop_add_rm = true + wg_add_rm.Wait() + stop_get = true + wg_get.Wait() +} diff --git a/app/proxyman/outbound/outbound.go b/app/proxyman/outbound/outbound.go index 3bd0d85c..40f32965 100644 --- a/app/proxyman/outbound/outbound.go +++ b/app/proxyman/outbound/outbound.go @@ -22,14 +22,14 @@ type Manager struct { taggedHandler map[string]outbound.Handler untaggedHandlers []outbound.Handler running bool - tagsCache map[string][]string + tagsCache *sync.Map } // New creates a new Manager. func New(ctx context.Context, config *proxyman.OutboundConfig) (*Manager, error) { m := &Manager{ taggedHandler: make(map[string]outbound.Handler), - tagsCache: make(map[string][]string), + tagsCache: &sync.Map{}, } return m, nil } @@ -106,7 +106,7 @@ func (m *Manager) AddHandler(ctx context.Context, handler outbound.Handler) erro m.access.Lock() defer m.access.Unlock() - m.tagsCache = make(map[string][]string) + m.tagsCache = &sync.Map{} if m.defaultHandler == nil { m.defaultHandler = handler @@ -137,7 +137,7 @@ func (m *Manager) RemoveHandler(ctx context.Context, tag string) error { m.access.Lock() defer m.access.Unlock() - m.tagsCache = make(map[string][]string) + m.tagsCache = &sync.Map{} delete(m.taggedHandler, tag) if m.defaultHandler != nil && m.defaultHandler.Tag() == tag { @@ -149,14 +149,15 @@ func (m *Manager) RemoveHandler(ctx context.Context, tag string) error { // Select implements outbound.HandlerSelector. func (m *Manager) Select(selectors []string) []string { - m.access.RLock() - defer m.access.RUnlock() key := strings.Join(selectors, ",") - if cache, ok := m.tagsCache[key]; ok { - return cache + if cache, ok := m.tagsCache.Load(key); ok { + return cache.([]string) } + m.access.RLock() + defer m.access.RUnlock() + tags := make([]string, 0, len(selectors)) for tag := range m.taggedHandler { @@ -169,7 +170,7 @@ func (m *Manager) Select(selectors []string) []string { } sort.Strings(tags) - m.tagsCache[key] = tags + m.tagsCache.Store(key, tags) return tags } From 360272a77d2c7df76ec4929f743bdca815da62a7 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 18 Jan 2024 00:15:36 +0000 Subject: [PATCH 089/100] Bump actions/cache from 3 to 4 Bumps [actions/cache](https://github.com/actions/cache) from 3 to 4. - [Release notes](https://github.com/actions/cache/releases) - [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md) - [Commits](https://github.com/actions/cache/compare/v3...v4) --- updated-dependencies: - dependency-name: actions/cache dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- .github/workflows/release.yml | 6 +++--- .github/workflows/test.yml | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 86335113..436aeacb 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -24,7 +24,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Restore Cache - uses: actions/cache/restore@v3 + uses: actions/cache/restore@v4 with: path: resources key: xray-geodat- @@ -57,7 +57,7 @@ jobs: done - name: Save Cache - uses: actions/cache/save@v3 + uses: actions/cache/save@v4 if: ${{ steps.update.outputs.unhit }} with: path: resources @@ -180,7 +180,7 @@ jobs: find . -maxdepth 1 -type f -regex '.*\(wxray\|xray\|xray_softfloat\)\(\|.exe\)' -exec mv {} ./build_assets/ \; - name: Restore Cache - uses: actions/cache/restore@v3 + uses: actions/cache/restore@v4 with: path: resources key: xray-geodat- diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index cf5d1259..59ee22c1 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -35,7 +35,7 @@ jobs: - name: Checkout codebase uses: actions/checkout@v4 - name: Restore Cache - uses: actions/cache/restore@v3 + uses: actions/cache/restore@v4 with: path: resources key: xray-geodat- From 4bffd5114dbaa43949aa38d9fea2cefd37af632b Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 18 Jan 2024 00:55:39 +0000 Subject: [PATCH 090/100] Bump github.com/quic-go/quic-go from 0.40.1 to 0.41.0 Bumps [github.com/quic-go/quic-go](https://github.com/quic-go/quic-go) from 0.40.1 to 0.41.0. - [Release notes](https://github.com/quic-go/quic-go/releases) - [Changelog](https://github.com/quic-go/quic-go/blob/master/Changelog.md) - [Commits](https://github.com/quic-go/quic-go/compare/v0.40.1...v0.41.0) --- updated-dependencies: - dependency-name: github.com/quic-go/quic-go dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- go.mod | 3 +-- go.sum | 6 ++---- 2 files changed, 3 insertions(+), 6 deletions(-) diff --git a/go.mod b/go.mod index a021afff..566b3885 100644 --- a/go.mod +++ b/go.mod @@ -10,7 +10,7 @@ require ( github.com/miekg/dns v1.1.57 github.com/pelletier/go-toml v1.9.5 github.com/pires/go-proxyproto v0.7.0 - github.com/quic-go/quic-go v0.40.1 + github.com/quic-go/quic-go v0.41.0 github.com/refraction-networking/utls v1.6.1 github.com/sagernet/sing v0.3.0 github.com/sagernet/sing-shadowsocks v0.2.6 @@ -46,7 +46,6 @@ require ( github.com/klauspost/cpuid/v2 v2.2.6 // indirect github.com/onsi/ginkgo/v2 v2.13.2 // indirect github.com/pmezard/go-difflib v1.0.0 // indirect - github.com/quic-go/qtls-go1-20 v0.4.1 // indirect github.com/riobard/go-bloom v0.0.0-20200614022211-cdc8013cb5b3 // indirect github.com/vishvananda/netns v0.0.4 // indirect go.uber.org/mock v0.4.0 // indirect diff --git a/go.sum b/go.sum index 81583ebb..ea8b516e 100644 --- a/go.sum +++ b/go.sum @@ -114,10 +114,8 @@ github.com/prometheus/client_golang v0.8.0/go.mod h1:7SWBe2y4D6OKWSNQJUaRYU/AaXP github.com/prometheus/client_model v0.0.0-20180712105110-5c3871d89910/go.mod h1:MbSGuTsp3dbXC40dX6PRTWyKYBIrTGTE9sqQNg2J8bo= github.com/prometheus/common v0.0.0-20180801064454-c7de2306084e/go.mod h1:daVV7qP5qjZbuso7PdcryaAu0sAZbrN9i7WWcTMWvro= github.com/prometheus/procfs v0.0.0-20180725123919-05ee40e3a273/go.mod h1:c3At6R/oaqEKCNdg8wHV1ftS6bRYblBhIjjI8uT2IGk= -github.com/quic-go/qtls-go1-20 v0.4.1 h1:D33340mCNDAIKBqXuAvexTNMUByrYmFYVfKfDN5nfFs= -github.com/quic-go/qtls-go1-20 v0.4.1/go.mod h1:X9Nh97ZL80Z+bX/gUXMbipO6OxdiDi58b/fMC9mAL+k= -github.com/quic-go/quic-go v0.40.1 h1:X3AGzUNFs0jVuO3esAGnTfvdgvL4fq655WaOi1snv1Q= -github.com/quic-go/quic-go v0.40.1/go.mod h1:PeN7kuVJ4xZbxSv/4OX6S1USOX8MJvydwpTx31vx60c= +github.com/quic-go/quic-go v0.41.0 h1:aD8MmHfgqTURWNJy48IYFg2OnxwHT3JL7ahGs73lb4k= +github.com/quic-go/quic-go v0.41.0/go.mod h1:qCkNjqczPEvgsOnxZ0eCD14lv+B2LHlFAB++CNOh9hA= github.com/refraction-networking/utls v1.6.1 h1:n1JG5karzdGWsI6iZmGrOv3SNzR4c+4M8J6KWGsk3lA= github.com/refraction-networking/utls v1.6.1/go.mod h1:+EbcQOvQvXoFV9AEKbuGlljt1doLRKAVY1jJHe9EtDo= github.com/riobard/go-bloom v0.0.0-20200614022211-cdc8013cb5b3 h1:f/FNXud6gA3MNr8meMVVGxhp+QBTqY91tM8HjEuMjGg= From 53de58fad3a0b715f91d39a492de2a33faf42023 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 19 Jan 2024 00:26:56 +0000 Subject: [PATCH 091/100] Bump github.com/miekg/dns from 1.1.57 to 1.1.58 Bumps [github.com/miekg/dns](https://github.com/miekg/dns) from 1.1.57 to 1.1.58. - [Changelog](https://github.com/miekg/dns/blob/master/Makefile.release) - [Commits](https://github.com/miekg/dns/compare/v1.1.57...v1.1.58) --- updated-dependencies: - dependency-name: github.com/miekg/dns dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- go.mod | 4 ++-- go.sum | 8 ++++---- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/go.mod b/go.mod index 566b3885..ea467490 100644 --- a/go.mod +++ b/go.mod @@ -7,7 +7,7 @@ require ( github.com/golang/mock v1.6.0 github.com/google/go-cmp v0.6.0 github.com/gorilla/websocket v1.5.1 - github.com/miekg/dns v1.1.57 + github.com/miekg/dns v1.1.58 github.com/pelletier/go-toml v1.9.5 github.com/pires/go-proxyproto v0.7.0 github.com/quic-go/quic-go v0.41.0 @@ -53,7 +53,7 @@ require ( golang.org/x/mod v0.14.0 // indirect golang.org/x/text v0.14.0 // indirect golang.org/x/time v0.5.0 // indirect - golang.org/x/tools v0.16.1 // indirect + golang.org/x/tools v0.17.0 // indirect golang.zx2c4.com/wintun v0.0.0-20230126152724-0fa3db229ce2 // indirect google.golang.org/genproto/googleapis/rpc v0.0.0-20240102182953-50ed04b92917 // indirect gopkg.in/yaml.v2 v2.4.0 // indirect diff --git a/go.sum b/go.sum index ea8b516e..ea4dfac0 100644 --- a/go.sum +++ b/go.sum @@ -90,8 +90,8 @@ github.com/lunixbochs/vtclean v1.0.0/go.mod h1:pHhQNgMf3btfWnGBVipUOjRYhoOsdGqdm github.com/mailru/easyjson v0.0.0-20190312143242-1de009706dbe/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc= github.com/matttproud/golang_protobuf_extensions v1.0.1/go.mod h1:D8He9yQNgCq6Z5Ld7szi9bcBfOoFv/3dc6xSMkL2PC0= github.com/microcosm-cc/bluemonday v1.0.1/go.mod h1:hsXNsILzKxV+sX77C5b8FSuKF00vh2OMYv+xgHpAMF4= -github.com/miekg/dns v1.1.57 h1:Jzi7ApEIzwEPLHWRcafCN9LZSBbqQpxjt/wpgvg7wcM= -github.com/miekg/dns v1.1.57/go.mod h1:uqRjCRUuEAA6qsOiJvDd+CFo/vW+y5WR6SNmHE55hZk= +github.com/miekg/dns v1.1.58 h1:ca2Hdkz+cDg/7eNF6V56jjzuZ4aCAE+DbVkILdQWG/4= +github.com/miekg/dns v1.1.58/go.mod h1:Ypv+3b/KadlvW9vJfXOTf300O4UqaHFzFCuHz+rPkBY= github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q= github.com/modern-go/reflect2 v1.0.1/go.mod h1:bx2lNnkwVCuqBIxFjflWJWanXIb3RllmbCylyMrvgv0= github.com/neelance/astrewrite v0.0.0-20160511093645-99348263ae86/go.mod h1:kHJEU3ofeGjhHklVoIGuVj85JJwZ6kWPaJwCIxgnFmo= @@ -249,8 +249,8 @@ golang.org/x/tools v0.0.0-20190114222345-bf090417da8b/go.mod h1:n7NCudcB/nEzxVGm golang.org/x/tools v0.0.0-20190226205152-f727befe758c/go.mod h1:9Yl7xja0Znq3iFh3HoIrodX9oNMXvdceNzlUR8zjMvY= golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.1.1/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk= -golang.org/x/tools v0.16.1 h1:TLyB3WofjdOEepBHAU20JdNC1Zbg87elYofWYAY5oZA= -golang.org/x/tools v0.16.1/go.mod h1:kYVVN6I1mBNoB1OX+noeBjbRk4IUEPa7JJ+TJMEooJ0= +golang.org/x/tools v0.17.0 h1:FvmRgNOcs3kOa+T20R1uhfP9F6HgG2mfxDv1vrx1Htc= +golang.org/x/tools v0.17.0/go.mod h1:xsh6VxdV005rRVaS6SSAf9oiAqljS7UZUacMZ8Bnsps= golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= From d97a29f55bc82ff878a786c5d53de808658caa4d Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 24 Jan 2024 01:00:09 +0000 Subject: [PATCH 092/100] Bump google.golang.org/grpc from 1.60.1 to 1.61.0 Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go) from 1.60.1 to 1.61.0. - [Release notes](https://github.com/grpc/grpc-go/releases) - [Commits](https://github.com/grpc/grpc-go/compare/v1.60.1...v1.61.0) --- updated-dependencies: - dependency-name: google.golang.org/grpc dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- go.mod | 2 +- go.sum | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/go.mod b/go.mod index ea467490..12f713a8 100644 --- a/go.mod +++ b/go.mod @@ -25,7 +25,7 @@ require ( golang.org/x/sync v0.6.0 golang.org/x/sys v0.16.0 golang.zx2c4.com/wireguard v0.0.0-20231211153847-12269c276173 - google.golang.org/grpc v1.60.1 + google.golang.org/grpc v1.61.0 google.golang.org/protobuf v1.32.0 gvisor.dev/gvisor v0.0.0-20231104011432-48a6d7d5bd0b h12.io/socks v1.0.3 diff --git a/go.sum b/go.sum index ea4dfac0..49d18605 100644 --- a/go.sum +++ b/go.sum @@ -277,8 +277,8 @@ google.golang.org/grpc v1.14.0/go.mod h1:yo6s7OP7yaDglbqo1J04qKzAhqBH6lvTonzMVmE google.golang.org/grpc v1.16.0/go.mod h1:0JHn/cJsOMiMfNA9+DeHDlAU7KAAB5GDlYFpa9MZMio= google.golang.org/grpc v1.17.0/go.mod h1:6QZJwpn2B+Zp71q/5VxRsJ6NXXVCE5NRUHRo+f3cWCs= google.golang.org/grpc v1.19.0/go.mod h1:mqu4LbDTu4XGKhr4mRzUsmM4RtVoemTSY81AxZiDr8c= -google.golang.org/grpc v1.60.1 h1:26+wFr+cNqSGFcOXcabYC0lUVJVRa2Sb2ortSK7VrEU= -google.golang.org/grpc v1.60.1/go.mod h1:OlCHIeLYqSSsLi6i49B5QGdzaMZK9+M7LXN2FKz4eGM= +google.golang.org/grpc v1.61.0 h1:TOvOcuXn30kRao+gfcvsebNEa5iZIiLkisYEkf7R7o0= +google.golang.org/grpc v1.61.0/go.mod h1:VUbo7IFqmF1QtCAstipjG0GIoq49KvMe9+h1jFLBNJs= google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw= google.golang.org/protobuf v1.26.0/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc= google.golang.org/protobuf v1.32.0 h1:pPC6BG5ex8PDFnkbrGU3EixyhKcQ2aDuBS36lqK/C7I= From 25c531c6c35890d447d56c465578622821ebfec3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E3=83=81=E3=82=BB?= <123655015+chise0713@users.noreply.github.com> Date: Thu, 25 Jan 2024 21:21:10 +0800 Subject: [PATCH 093/100] Update README.md --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index df1537d8..3b1226d2 100644 --- a/README.md +++ b/README.md @@ -34,7 +34,7 @@ - [Libertea](https://github.com/VZiChoushaDui/Libertea) - One Click - [Xray-REALITY](https://github.com/zxcvos/Xray-script), [xray-reality](https://github.com/sajjaddg/xray-reality), [reality-ezpz](https://github.com/aleskxyz/reality-ezpz) - - [Xray-script](https://github.com/kirin10000/Xray-script), [Xray_bash_onekey](https://github.com/hello-yunshu/Xray_bash_onekey), [XTool](https://github.com/LordPenguin666/XTool) + - [Xray_bash_onekey](https://github.com/hello-yunshu/Xray_bash_onekey), [XTool](https://github.com/LordPenguin666/XTool) - [v2ray-agent](https://github.com/mack-a/v2ray-agent), [Xray_onekey](https://github.com/wulabing/Xray_onekey), [ProxySU](https://github.com/proxysu/ProxySU) - Magisk - [Xray4Magisk](https://github.com/Asterisk4Magisk/Xray4Magisk) From 3167a70ff8f0ac7e2b6c4f8ffc57a0a2ada0be9c Mon Sep 17 00:00:00 2001 From: yuhan6665 <1588741+yuhan6665@users.noreply.github.com> Date: Fri, 26 Jan 2024 02:14:26 -0500 Subject: [PATCH 094/100] Try to fix rare ssl error with freedom splice --- proxy/proxy.go | 2 ++ 1 file changed, 2 insertions(+) diff --git a/proxy/proxy.go b/proxy/proxy.go index 4dcb6bf9..ee131315 100644 --- a/proxy/proxy.go +++ b/proxy/proxy.go @@ -13,6 +13,7 @@ import ( "math/big" "runtime" "strconv" + "time" "github.com/pires/go-proxyproto" "github.com/xtls/xray-core/common/buf" @@ -478,6 +479,7 @@ func CopyRawConnIfExist(ctx context.Context, readerConn net.Conn, writerConn net if inbound.CanSpliceCopy == 1 { newError("CopyRawConn splice").WriteToLog(session.ExportIDToError(ctx)) runtime.Gosched() // necessary + time.Sleep(time.Millisecond) // without this, there will be a rare ssl error for freedom splice w, err := tc.ReadFrom(readerConn) if readCounter != nil { readCounter.Add(w) From d21e9b0abd3a3472c07fafd7f407f3a08d99e07a Mon Sep 17 00:00:00 2001 From: yuhan6665 <1588741+yuhan6665@users.noreply.github.com> Date: Fri, 26 Jan 2024 04:42:45 -0500 Subject: [PATCH 095/100] Try a better fix for rare ssl error with freedom splice It seems the root cause is if the flag set at the inbound pipe reader, it is a race condition and freedom outbound can possibly do splice at the same time with inbound xtls writer. Now we set the flag at the earliest and always do splice at the next buffer cycle. --- proxy/proxy.go | 2 -- proxy/vless/encoding/encoding.go | 18 +++++++++--------- 2 files changed, 9 insertions(+), 11 deletions(-) diff --git a/proxy/proxy.go b/proxy/proxy.go index ee131315..4dcb6bf9 100644 --- a/proxy/proxy.go +++ b/proxy/proxy.go @@ -13,7 +13,6 @@ import ( "math/big" "runtime" "strconv" - "time" "github.com/pires/go-proxyproto" "github.com/xtls/xray-core/common/buf" @@ -479,7 +478,6 @@ func CopyRawConnIfExist(ctx context.Context, readerConn net.Conn, writerConn net if inbound.CanSpliceCopy == 1 { newError("CopyRawConn splice").WriteToLog(session.ExportIDToError(ctx)) runtime.Gosched() // necessary - time.Sleep(time.Millisecond) // without this, there will be a rare ssl error for freedom splice w, err := tc.ReadFrom(readerConn) if readCounter != nil { readCounter.Add(w) diff --git a/proxy/vless/encoding/encoding.go b/proxy/vless/encoding/encoding.go index b7fb66f5..5fe79c08 100644 --- a/proxy/vless/encoding/encoding.go +++ b/proxy/vless/encoding/encoding.go @@ -225,15 +225,6 @@ func XtlsWrite(reader buf.Reader, writer buf.Writer, timer signal.ActivityUpdate var ct stats.Counter for { buffer, err := reader.ReadMultiBuffer() - if trafficState.WriterSwitchToDirectCopy { - if inbound := session.InboundFromContext(ctx); inbound != nil && inbound.CanSpliceCopy == 2 { - inbound.CanSpliceCopy = 1 // force the value to 1, don't use setter - } - rawConn, _, writerCounter := proxy.UnwrapRawConn(conn) - writer = buf.NewWriter(rawConn) - ct = writerCounter - trafficState.WriterSwitchToDirectCopy = false - } if !buffer.IsEmpty() { if ct != nil { ct.Add(int64(buffer.Len())) @@ -242,6 +233,15 @@ func XtlsWrite(reader buf.Reader, writer buf.Writer, timer signal.ActivityUpdate if werr := writer.WriteMultiBuffer(buffer); werr != nil { return werr } + if trafficState.WriterSwitchToDirectCopy { + rawConn, _, writerCounter := proxy.UnwrapRawConn(conn) + writer = buf.NewWriter(rawConn) + ct = writerCounter + trafficState.WriterSwitchToDirectCopy = false + if inbound := session.InboundFromContext(ctx); inbound != nil && inbound.CanSpliceCopy == 2 { + inbound.CanSpliceCopy = 1 // force the value to 1, don't use setter + } + } } if err != nil { return err From 813f9a33b7c7f27c3a9fd1765809395c59a763e0 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 30 Jan 2024 00:55:50 +0000 Subject: [PATCH 096/100] Bump github.com/refraction-networking/utls from 1.6.1 to 1.6.2 Bumps [github.com/refraction-networking/utls](https://github.com/refraction-networking/utls) from 1.6.1 to 1.6.2. - [Release notes](https://github.com/refraction-networking/utls/releases) - [Commits](https://github.com/refraction-networking/utls/compare/v1.6.1...v1.6.2) --- updated-dependencies: - dependency-name: github.com/refraction-networking/utls dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- go.mod | 2 +- go.sum | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/go.mod b/go.mod index 12f713a8..9dc7a917 100644 --- a/go.mod +++ b/go.mod @@ -11,7 +11,7 @@ require ( github.com/pelletier/go-toml v1.9.5 github.com/pires/go-proxyproto v0.7.0 github.com/quic-go/quic-go v0.41.0 - github.com/refraction-networking/utls v1.6.1 + github.com/refraction-networking/utls v1.6.2 github.com/sagernet/sing v0.3.0 github.com/sagernet/sing-shadowsocks v0.2.6 github.com/seiflotfy/cuckoofilter v0.0.0-20220411075957-e3b120b3f5fb diff --git a/go.sum b/go.sum index 49d18605..31542da8 100644 --- a/go.sum +++ b/go.sum @@ -116,8 +116,8 @@ github.com/prometheus/common v0.0.0-20180801064454-c7de2306084e/go.mod h1:daVV7q github.com/prometheus/procfs v0.0.0-20180725123919-05ee40e3a273/go.mod h1:c3At6R/oaqEKCNdg8wHV1ftS6bRYblBhIjjI8uT2IGk= github.com/quic-go/quic-go v0.41.0 h1:aD8MmHfgqTURWNJy48IYFg2OnxwHT3JL7ahGs73lb4k= github.com/quic-go/quic-go v0.41.0/go.mod h1:qCkNjqczPEvgsOnxZ0eCD14lv+B2LHlFAB++CNOh9hA= -github.com/refraction-networking/utls v1.6.1 h1:n1JG5karzdGWsI6iZmGrOv3SNzR4c+4M8J6KWGsk3lA= -github.com/refraction-networking/utls v1.6.1/go.mod h1:+EbcQOvQvXoFV9AEKbuGlljt1doLRKAVY1jJHe9EtDo= +github.com/refraction-networking/utls v1.6.2 h1:iTeeGY0o6nMNcGyirxkD5bFIsVctP5InGZ3E0HrzS7k= +github.com/refraction-networking/utls v1.6.2/go.mod h1:yil9+7qSl+gBwJqztoQseO6Pr3h62pQoY1lXiNR/FPs= github.com/riobard/go-bloom v0.0.0-20200614022211-cdc8013cb5b3 h1:f/FNXud6gA3MNr8meMVVGxhp+QBTqY91tM8HjEuMjGg= github.com/riobard/go-bloom v0.0.0-20200614022211-cdc8013cb5b3/go.mod h1:HgjTstvQsPGkxUsCd2KWxErBblirPizecHcpD3ffK+s= github.com/russross/blackfriday v1.5.2/go.mod h1:JO/DiYxRf+HjHt06OyowR9PTA263kcR/rfWxYHBV53g= From dd635c7c8d3bf2b4c2717709fca3d5bd8fba6de6 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 1 Feb 2024 00:31:18 +0000 Subject: [PATCH 097/100] Bump nick-fields/retry from 2 to 3 Bumps [nick-fields/retry](https://github.com/nick-fields/retry) from 2 to 3. - [Release notes](https://github.com/nick-fields/retry/releases) - [Changelog](https://github.com/nick-fields/retry/blob/master/.releaserc.js) - [Commits](https://github.com/nick-fields/retry/compare/v2...v3) --- updated-dependencies: - dependency-name: nick-fields/retry dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- .github/workflows/release.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 436aeacb..678831c6 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -31,7 +31,7 @@ jobs: - name: Update Geodat id: update - uses: nick-fields/retry@v2 + uses: nick-fields/retry@v3 with: timeout_minutes: 60 retry_wait_seconds: 60 From ad3d347cfc1fada5e951ebcd3de9696f69a1f927 Mon Sep 17 00:00:00 2001 From: RPRX <63339210+RPRX@users.noreply.github.com> Date: Fri, 2 Feb 2024 20:32:46 +0000 Subject: [PATCH 098/100] XTLS Vision: Apply padding to single XUDP by default at client side Requires Xray-core v1.8.1+ at server side: https://github.com/XTLS/Xray-core/commit/242f3b0e0b635699db26a991aa6c0cd47927e8b6 --- proxy/vless/encoding/addons.go | 6 +----- proxy/vless/encoding/encoding.go | 3 +-- proxy/vless/inbound/inbound.go | 1 + proxy/vless/outbound/outbound.go | 12 +++++++++--- 4 files changed, 12 insertions(+), 10 deletions(-) diff --git a/proxy/vless/encoding/addons.go b/proxy/vless/encoding/addons.go index e3e5071b..9426f6a0 100644 --- a/proxy/vless/encoding/addons.go +++ b/proxy/vless/encoding/addons.go @@ -62,11 +62,7 @@ func DecodeHeaderAddons(buffer *buf.Buffer, reader io.Reader) (*Addons, error) { // EncodeBodyAddons returns a Writer that auto-encrypt content written by caller. func EncodeBodyAddons(writer io.Writer, request *protocol.RequestHeader, requestAddons *Addons, state *proxy.TrafficState, context context.Context) buf.Writer { if request.Command == protocol.RequestCommandUDP { - w := writer.(buf.Writer) - if requestAddons.Flow == vless.XRV { - w = proxy.NewVisionWriter(w, state, context) - } - return NewMultiLengthPacketWriter(w) + return NewMultiLengthPacketWriter(writer.(buf.Writer)) } w := buf.NewWriter(writer) if requestAddons.Flow == vless.XRV { diff --git a/proxy/vless/encoding/encoding.go b/proxy/vless/encoding/encoding.go index 5fe79c08..455f896b 100644 --- a/proxy/vless/encoding/encoding.go +++ b/proxy/vless/encoding/encoding.go @@ -176,7 +176,6 @@ func DecodeResponseHeader(reader io.Reader, request *protocol.RequestHeader) (*A // XtlsRead filter and read xtls protocol func XtlsRead(reader buf.Reader, writer buf.Writer, timer signal.ActivityUpdater, conn net.Conn, input *bytes.Reader, rawInput *bytes.Buffer, trafficState *proxy.TrafficState, ctx context.Context) error { err := func() error { - visionReader := proxy.NewVisionReader(reader, trafficState, ctx) for { if trafficState.ReaderSwitchToDirectCopy { var writerConn net.Conn @@ -188,7 +187,7 @@ func XtlsRead(reader buf.Reader, writer buf.Writer, timer signal.ActivityUpdater } return proxy.CopyRawConnIfExist(ctx, conn, writerConn, writer, timer) } - buffer, err := visionReader.ReadMultiBuffer() + buffer, err := reader.ReadMultiBuffer() if !buffer.IsEmpty() { timer.Update() if trafficState.ReaderSwitchToDirectCopy { diff --git a/proxy/vless/inbound/inbound.go b/proxy/vless/inbound/inbound.go index 4cd3fcb1..0ffa61d2 100644 --- a/proxy/vless/inbound/inbound.go +++ b/proxy/vless/inbound/inbound.go @@ -522,6 +522,7 @@ func (h *Handler) Process(ctx context.Context, network net.Network, connection s if requestAddons.Flow == vless.XRV { ctx1 := session.ContextWithInbound(ctx, nil) // TODO enable splice + clientReader = proxy.NewVisionReader(clientReader, trafficState, ctx1) err = encoding.XtlsRead(clientReader, serverWriter, timer, connection, input, rawInput, trafficState, ctx1) } else { // from clientReader.ReadMultiBuffer to serverWriter.WriteMultiBufer diff --git a/proxy/vless/outbound/outbound.go b/proxy/vless/outbound/outbound.go index cd30617c..a9368813 100644 --- a/proxy/vless/outbound/outbound.go +++ b/proxy/vless/outbound/outbound.go @@ -138,7 +138,6 @@ func (h *Handler) Process(ctx context.Context, link *transport.Link, dialer inte if !allowUDP443 && request.Port == 443 { return newError("XTLS rejected UDP/443 traffic").AtInfo() } - requestAddons.Flow = "" case protocol.RequestCommandMux: fallthrough // let server break Mux connections that contain TCP requests case protocol.RequestCommandTCP: @@ -185,7 +184,7 @@ func (h *Handler) Process(ctx context.Context, link *transport.Link, dialer inte clientReader := link.Reader // .(*pipe.Reader) clientWriter := link.Writer // .(*pipe.Writer) trafficState := proxy.NewTrafficState(account.ID.Bytes()) - if request.Command == protocol.RequestCommandUDP && h.cone && request.Port != 53 && request.Port != 443 { + if request.Command == protocol.RequestCommandUDP && (requestAddons.Flow == vless.XRV || (h.cone && request.Port != 53 && request.Port != 443)) { request.Command = protocol.RequestCommandMux request.Address = net.DomainAddress("v1.mux.cool") request.Port = net.Port(666) @@ -266,8 +265,15 @@ func (h *Handler) Process(ctx context.Context, link *transport.Link, dialer inte // default: serverReader := buf.NewReader(conn) serverReader := encoding.DecodeBodyAddons(conn, request, responseAddons) + if requestAddons.Flow == vless.XRV { + serverReader = proxy.NewVisionReader(serverReader, trafficState, ctx) + } if request.Command == protocol.RequestCommandMux && request.Port == 666 { - serverReader = xudp.NewPacketReader(conn) + if requestAddons.Flow == vless.XRV { + serverReader = xudp.NewPacketReader(&buf.BufferedReader{Reader: serverReader}) + } else { + serverReader = xudp.NewPacketReader(conn) + } } if requestAddons.Flow == vless.XRV { From b56917fde5be2cc912677fafa7c51bb70779110f Mon Sep 17 00:00:00 2001 From: RPRX <63339210+RPRX@users.noreply.github.com> Date: Sun, 4 Feb 2024 09:36:41 +0000 Subject: [PATCH 099/100] README: Re-add Compilation --- README.md | 15 +++++++++++++++ 1 file changed, 15 insertions(+) diff --git a/README.md b/README.md index 3b1226d2..467a83e9 100644 --- a/README.md +++ b/README.md @@ -125,6 +125,21 @@ ## Compilation +### Windows (PowerShell) + +```powershell +$env:CGO_ENABLED=0 +go build -o xray.exe -trimpath -ldflags "-s -w -buildid=" ./main +``` + +### Linux / macOS + +```bash +CGO_ENABLED=0 go build -o xray -trimpath -ldflags "-s -w -buildid=" ./main +``` + +### Reproducible Releases + ```bash make ``` From 3a99520370f41dde572fd6c7f499e694006341a2 Mon Sep 17 00:00:00 2001 From: Iain Lau Date: Sat, 3 Feb 2024 09:10:23 +0800 Subject: [PATCH 100/100] Add PROXY Protocol support for freedom outbound --- common/net/destination.go | 29 +++++++++++++++++++++ infra/conf/freedom.go | 4 +++ proxy/freedom/config.pb.go | 53 +++++++++++++++++++++++--------------- proxy/freedom/config.proto | 3 ++- proxy/freedom/freedom.go | 13 ++++++++++ 5 files changed, 80 insertions(+), 22 deletions(-) diff --git a/common/net/destination.go b/common/net/destination.go index 055395e9..90f8298b 100644 --- a/common/net/destination.go +++ b/common/net/destination.go @@ -97,6 +97,35 @@ func (d Destination) NetAddr() string { return addr } +// RawNetAddr converts a net.Addr from its Destination presentation. +func (d Destination) RawNetAddr() net.Addr { + var addr net.Addr + switch d.Network { + case Network_TCP: + if d.Address.Family().IsIP() { + addr = &net.TCPAddr{ + IP: d.Address.IP(), + Port: int(d.Port), + } + } + case Network_UDP: + if d.Address.Family().IsIP() { + addr = &net.UDPAddr{ + IP: d.Address.IP(), + Port: int(d.Port), + } + } + case Network_UNIX: + if d.Address.Family().IsDomain() { + addr = &net.UnixAddr{ + Name: d.Address.String(), + Net: d.Network.SystemString(), + } + } + } + return addr +} + // String returns the strings form of this Destination. func (d Destination) String() string { prefix := "unknown:" diff --git a/infra/conf/freedom.go b/infra/conf/freedom.go index dd812db6..90c99b37 100644 --- a/infra/conf/freedom.go +++ b/infra/conf/freedom.go @@ -17,6 +17,7 @@ type FreedomConfig struct { Redirect string `json:"redirect"` UserLevel uint32 `json:"userLevel"` Fragment *Fragment `json:"fragment"` + ProxyProtocol uint32 `json:"proxyProtocol"` } type Fragment struct { @@ -165,5 +166,8 @@ func (c *FreedomConfig) Build() (proto.Message, error) { config.DestinationOverride.Server.Address = v2net.NewIPOrDomain(v2net.ParseAddress(host)) } } + if c.ProxyProtocol > 0 && c.ProxyProtocol <= 2 { + config.ProxyProtocol = c.ProxyProtocol + } return config, nil } diff --git a/proxy/freedom/config.pb.go b/proxy/freedom/config.pb.go index 229630d4..81ce18e5 100644 --- a/proxy/freedom/config.pb.go +++ b/proxy/freedom/config.pb.go @@ -1,7 +1,7 @@ // Code generated by protoc-gen-go. DO NOT EDIT. // versions: -// protoc-gen-go v1.31.0 -// protoc v4.23.1 +// protoc-gen-go v1.32.0 +// protoc v4.25.2 // source: proxy/freedom/config.proto package freedom @@ -239,6 +239,7 @@ type Config struct { DestinationOverride *DestinationOverride `protobuf:"bytes,3,opt,name=destination_override,json=destinationOverride,proto3" json:"destination_override,omitempty"` UserLevel uint32 `protobuf:"varint,4,opt,name=user_level,json=userLevel,proto3" json:"user_level,omitempty"` Fragment *Fragment `protobuf:"bytes,5,opt,name=fragment,proto3" json:"fragment,omitempty"` + ProxyProtocol uint32 `protobuf:"varint,6,opt,name=proxy_protocol,json=proxyProtocol,proto3" json:"proxy_protocol,omitempty"` } func (x *Config) Reset() { @@ -309,6 +310,13 @@ func (x *Config) GetFragment() *Fragment { return nil } +func (x *Config) GetProxyProtocol() uint32 { + if x != nil { + return x.ProxyProtocol + } + return 0 +} + var File_proxy_freedom_config_proto protoreflect.FileDescriptor var file_proxy_freedom_config_proto_rawDesc = []byte{ @@ -335,7 +343,7 @@ var file_proxy_freedom_config_proto_rawDesc = []byte{ 0x6c, 0x5f, 0x6d, 0x69, 0x6e, 0x18, 0x05, 0x20, 0x01, 0x28, 0x04, 0x52, 0x0b, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x76, 0x61, 0x6c, 0x4d, 0x69, 0x6e, 0x12, 0x21, 0x0a, 0x0c, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x76, 0x61, 0x6c, 0x5f, 0x6d, 0x61, 0x78, 0x18, 0x06, 0x20, 0x01, 0x28, 0x04, 0x52, 0x0b, - 0x69, 0x6e, 0x74, 0x65, 0x72, 0x76, 0x61, 0x6c, 0x4d, 0x61, 0x78, 0x22, 0xdb, 0x03, 0x0a, 0x06, + 0x69, 0x6e, 0x74, 0x65, 0x72, 0x76, 0x61, 0x6c, 0x4d, 0x61, 0x78, 0x22, 0x82, 0x04, 0x0a, 0x06, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x52, 0x0a, 0x0f, 0x64, 0x6f, 0x6d, 0x61, 0x69, 0x6e, 0x5f, 0x73, 0x74, 0x72, 0x61, 0x74, 0x65, 0x67, 0x79, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0e, 0x32, 0x29, 0x2e, 0x78, 0x72, 0x61, 0x79, 0x2e, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x2e, 0x66, 0x72, 0x65, @@ -354,24 +362,27 @@ var file_proxy_freedom_config_proto_rawDesc = []byte{ 0x76, 0x65, 0x6c, 0x12, 0x38, 0x0a, 0x08, 0x66, 0x72, 0x61, 0x67, 0x6d, 0x65, 0x6e, 0x74, 0x18, 0x05, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1c, 0x2e, 0x78, 0x72, 0x61, 0x79, 0x2e, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x2e, 0x66, 0x72, 0x65, 0x65, 0x64, 0x6f, 0x6d, 0x2e, 0x46, 0x72, 0x61, 0x67, 0x6d, - 0x65, 0x6e, 0x74, 0x52, 0x08, 0x66, 0x72, 0x61, 0x67, 0x6d, 0x65, 0x6e, 0x74, 0x22, 0xa9, 0x01, - 0x0a, 0x0e, 0x44, 0x6f, 0x6d, 0x61, 0x69, 0x6e, 0x53, 0x74, 0x72, 0x61, 0x74, 0x65, 0x67, 0x79, - 0x12, 0x09, 0x0a, 0x05, 0x41, 0x53, 0x5f, 0x49, 0x53, 0x10, 0x00, 0x12, 0x0a, 0x0a, 0x06, 0x55, - 0x53, 0x45, 0x5f, 0x49, 0x50, 0x10, 0x01, 0x12, 0x0b, 0x0a, 0x07, 0x55, 0x53, 0x45, 0x5f, 0x49, - 0x50, 0x34, 0x10, 0x02, 0x12, 0x0b, 0x0a, 0x07, 0x55, 0x53, 0x45, 0x5f, 0x49, 0x50, 0x36, 0x10, - 0x03, 0x12, 0x0c, 0x0a, 0x08, 0x55, 0x53, 0x45, 0x5f, 0x49, 0x50, 0x34, 0x36, 0x10, 0x04, 0x12, - 0x0c, 0x0a, 0x08, 0x55, 0x53, 0x45, 0x5f, 0x49, 0x50, 0x36, 0x34, 0x10, 0x05, 0x12, 0x0c, 0x0a, - 0x08, 0x46, 0x4f, 0x52, 0x43, 0x45, 0x5f, 0x49, 0x50, 0x10, 0x06, 0x12, 0x0d, 0x0a, 0x09, 0x46, - 0x4f, 0x52, 0x43, 0x45, 0x5f, 0x49, 0x50, 0x34, 0x10, 0x07, 0x12, 0x0d, 0x0a, 0x09, 0x46, 0x4f, - 0x52, 0x43, 0x45, 0x5f, 0x49, 0x50, 0x36, 0x10, 0x08, 0x12, 0x0e, 0x0a, 0x0a, 0x46, 0x4f, 0x52, - 0x43, 0x45, 0x5f, 0x49, 0x50, 0x34, 0x36, 0x10, 0x09, 0x12, 0x0e, 0x0a, 0x0a, 0x46, 0x4f, 0x52, - 0x43, 0x45, 0x5f, 0x49, 0x50, 0x36, 0x34, 0x10, 0x0a, 0x42, 0x58, 0x0a, 0x16, 0x63, 0x6f, 0x6d, - 0x2e, 0x78, 0x72, 0x61, 0x79, 0x2e, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x2e, 0x66, 0x72, 0x65, 0x65, - 0x64, 0x6f, 0x6d, 0x50, 0x01, 0x5a, 0x27, 0x67, 0x69, 0x74, 0x68, 0x75, 0x62, 0x2e, 0x63, 0x6f, - 0x6d, 0x2f, 0x78, 0x74, 0x6c, 0x73, 0x2f, 0x78, 0x72, 0x61, 0x79, 0x2d, 0x63, 0x6f, 0x72, 0x65, - 0x2f, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x2f, 0x66, 0x72, 0x65, 0x65, 0x64, 0x6f, 0x6d, 0xaa, 0x02, - 0x12, 0x58, 0x72, 0x61, 0x79, 0x2e, 0x50, 0x72, 0x6f, 0x78, 0x79, 0x2e, 0x46, 0x72, 0x65, 0x65, - 0x64, 0x6f, 0x6d, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33, + 0x65, 0x6e, 0x74, 0x52, 0x08, 0x66, 0x72, 0x61, 0x67, 0x6d, 0x65, 0x6e, 0x74, 0x12, 0x25, 0x0a, + 0x0e, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x5f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x63, 0x6f, 0x6c, 0x18, + 0x06, 0x20, 0x01, 0x28, 0x0d, 0x52, 0x0d, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x50, 0x72, 0x6f, 0x74, + 0x6f, 0x63, 0x6f, 0x6c, 0x22, 0xa9, 0x01, 0x0a, 0x0e, 0x44, 0x6f, 0x6d, 0x61, 0x69, 0x6e, 0x53, + 0x74, 0x72, 0x61, 0x74, 0x65, 0x67, 0x79, 0x12, 0x09, 0x0a, 0x05, 0x41, 0x53, 0x5f, 0x49, 0x53, + 0x10, 0x00, 0x12, 0x0a, 0x0a, 0x06, 0x55, 0x53, 0x45, 0x5f, 0x49, 0x50, 0x10, 0x01, 0x12, 0x0b, + 0x0a, 0x07, 0x55, 0x53, 0x45, 0x5f, 0x49, 0x50, 0x34, 0x10, 0x02, 0x12, 0x0b, 0x0a, 0x07, 0x55, + 0x53, 0x45, 0x5f, 0x49, 0x50, 0x36, 0x10, 0x03, 0x12, 0x0c, 0x0a, 0x08, 0x55, 0x53, 0x45, 0x5f, + 0x49, 0x50, 0x34, 0x36, 0x10, 0x04, 0x12, 0x0c, 0x0a, 0x08, 0x55, 0x53, 0x45, 0x5f, 0x49, 0x50, + 0x36, 0x34, 0x10, 0x05, 0x12, 0x0c, 0x0a, 0x08, 0x46, 0x4f, 0x52, 0x43, 0x45, 0x5f, 0x49, 0x50, + 0x10, 0x06, 0x12, 0x0d, 0x0a, 0x09, 0x46, 0x4f, 0x52, 0x43, 0x45, 0x5f, 0x49, 0x50, 0x34, 0x10, + 0x07, 0x12, 0x0d, 0x0a, 0x09, 0x46, 0x4f, 0x52, 0x43, 0x45, 0x5f, 0x49, 0x50, 0x36, 0x10, 0x08, + 0x12, 0x0e, 0x0a, 0x0a, 0x46, 0x4f, 0x52, 0x43, 0x45, 0x5f, 0x49, 0x50, 0x34, 0x36, 0x10, 0x09, + 0x12, 0x0e, 0x0a, 0x0a, 0x46, 0x4f, 0x52, 0x43, 0x45, 0x5f, 0x49, 0x50, 0x36, 0x34, 0x10, 0x0a, + 0x42, 0x58, 0x0a, 0x16, 0x63, 0x6f, 0x6d, 0x2e, 0x78, 0x72, 0x61, 0x79, 0x2e, 0x70, 0x72, 0x6f, + 0x78, 0x79, 0x2e, 0x66, 0x72, 0x65, 0x65, 0x64, 0x6f, 0x6d, 0x50, 0x01, 0x5a, 0x27, 0x67, 0x69, + 0x74, 0x68, 0x75, 0x62, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x78, 0x74, 0x6c, 0x73, 0x2f, 0x78, 0x72, + 0x61, 0x79, 0x2d, 0x63, 0x6f, 0x72, 0x65, 0x2f, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x2f, 0x66, 0x72, + 0x65, 0x65, 0x64, 0x6f, 0x6d, 0xaa, 0x02, 0x12, 0x58, 0x72, 0x61, 0x79, 0x2e, 0x50, 0x72, 0x6f, + 0x78, 0x79, 0x2e, 0x46, 0x72, 0x65, 0x65, 0x64, 0x6f, 0x6d, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, + 0x6f, 0x33, } var ( diff --git a/proxy/freedom/config.proto b/proxy/freedom/config.proto index 0f328022..1eabedb7 100644 --- a/proxy/freedom/config.proto +++ b/proxy/freedom/config.proto @@ -39,5 +39,6 @@ message Config { uint32 timeout = 2 [deprecated = true]; DestinationOverride destination_override = 3; uint32 user_level = 4; - Fragment fragment = 5; + Fragment fragment = 5; + uint32 proxy_protocol = 6; } diff --git a/proxy/freedom/freedom.go b/proxy/freedom/freedom.go index 809d4df8..55853646 100644 --- a/proxy/freedom/freedom.go +++ b/proxy/freedom/freedom.go @@ -9,6 +9,7 @@ import ( "math/big" "time" + "github.com/pires/go-proxyproto" "github.com/xtls/xray-core/common" "github.com/xtls/xray-core/common/buf" "github.com/xtls/xray-core/common/dice" @@ -152,6 +153,18 @@ func (h *Handler) Process(ctx context.Context, link *transport.Link, dialer inte if err != nil { return err } + + if h.config.ProxyProtocol > 0 && h.config.ProxyProtocol <= 2 { + version := byte(h.config.ProxyProtocol) + srcAddr := inbound.Source.RawNetAddr() + dstAddr := rawConn.RemoteAddr() + header := proxyproto.HeaderProxyFromAddrs(version, srcAddr, dstAddr) + if _, err = header.WriteTo(rawConn); err != nil { + rawConn.Close() + return err + } + } + conn = rawConn return nil })