mirror of
https://github.com/XTLS/Xray-core.git
synced 2024-12-22 19:33:32 +02:00
Fix VLESS fallbacks SNI shunt
This commit is contained in:
parent
638e8384b6
commit
f13ac3cb55
1 changed files with 60 additions and 34 deletions
|
@ -109,12 +109,30 @@ func New(ctx context.Context, config *Config, dc dns.Client) (*Handler, error) {
|
|||
}
|
||||
*/
|
||||
}
|
||||
for _, apfb := range handler.fallbacks {
|
||||
if apfb[""] != nil {
|
||||
for alpn, pfb := range apfb {
|
||||
if alpn != "" { // && alpn != "h2" {
|
||||
for path, fb := range apfb[""] {
|
||||
if pfb[path] == nil {
|
||||
pfb[path] = fb
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
if handler.fallbacks[""] != nil {
|
||||
for alpn, pfb := range handler.fallbacks {
|
||||
if alpn != "" { // && alpn != "h2" {
|
||||
for path, fb := range handler.fallbacks[""] {
|
||||
if pfb[path] == nil {
|
||||
pfb[path] = fb
|
||||
for name, apfb := range handler.fallbacks {
|
||||
if name != "" {
|
||||
for alpn, pfb := range handler.fallbacks[""] {
|
||||
if apfb[alpn] == nil {
|
||||
apfb[alpn] = make(map[string]*Fallback)
|
||||
}
|
||||
for path, fb := range pfb {
|
||||
if apfb[alpn][path] == nil {
|
||||
apfb[alpn][path] = fb
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
@ -175,8 +193,8 @@ func (h *Handler) Process(ctx context.Context, network net.Network, connection i
|
|||
var requestAddons *encoding.Addons
|
||||
var err error
|
||||
|
||||
apfb := h.fallbacks
|
||||
isfb := apfb != nil
|
||||
napfb := h.fallbacks
|
||||
isfb := napfb != nil
|
||||
|
||||
if isfb && firstLen < 18 {
|
||||
err = newError("fallback directly")
|
||||
|
@ -193,36 +211,44 @@ func (h *Handler) Process(ctx context.Context, network net.Network, connection i
|
|||
|
||||
name := ""
|
||||
alpn := ""
|
||||
if len(apfb) > 1 || apfb[""] == nil {
|
||||
if tlsConn, ok := iConn.(*tls.Conn); ok {
|
||||
name = tlsConn.ConnectionState().ServerName
|
||||
alpn = tlsConn.ConnectionState().NegotiatedProtocol
|
||||
newError("realServerName = " + name).AtInfo().WriteToLog(sid)
|
||||
newError("realAlpn = " + alpn).AtInfo().WriteToLog(sid)
|
||||
} else if xtlsConn, ok := iConn.(*xtls.Conn); ok {
|
||||
name = xtlsConn.ConnectionState().ServerName
|
||||
alpn = xtlsConn.ConnectionState().NegotiatedProtocol
|
||||
newError("realServerName = " + name).AtInfo().WriteToLog(sid)
|
||||
newError("realAlpn = " + alpn).AtInfo().WriteToLog(sid)
|
||||
}
|
||||
labels := strings.Split(name, ".")
|
||||
for i := range labels {
|
||||
labels[i] = "*"
|
||||
candidate := strings.Join(labels, ".")
|
||||
if apfb[candidate] != nil {
|
||||
name = candidate
|
||||
break
|
||||
if tlsConn, ok := iConn.(*tls.Conn); ok {
|
||||
cs := tlsConn.ConnectionState()
|
||||
name = cs.ServerName
|
||||
alpn = cs.NegotiatedProtocol
|
||||
newError("realName = " + name).AtInfo().WriteToLog(sid)
|
||||
newError("realAlpn = " + alpn).AtInfo().WriteToLog(sid)
|
||||
} else if xtlsConn, ok := iConn.(*xtls.Conn); ok {
|
||||
cs := xtlsConn.ConnectionState()
|
||||
name = cs.ServerName
|
||||
alpn = cs.NegotiatedProtocol
|
||||
newError("realName = " + name).AtInfo().WriteToLog(sid)
|
||||
newError("realAlpn = " + alpn).AtInfo().WriteToLog(sid)
|
||||
}
|
||||
|
||||
if len(napfb) > 1 || napfb[""] == nil {
|
||||
if napfb[name] == nil {
|
||||
generic := "*"
|
||||
if index := strings.IndexByte(name, '.'); index != -1 {
|
||||
generic += name[index:]
|
||||
}
|
||||
if napfb[generic] != nil {
|
||||
name = generic
|
||||
}
|
||||
}
|
||||
if apfb[name] == nil {
|
||||
name = ""
|
||||
}
|
||||
if apfb[name][alpn] == nil {
|
||||
alpn = ""
|
||||
}
|
||||
|
||||
}
|
||||
pfb := apfb[name][alpn]
|
||||
|
||||
if napfb[name] == nil {
|
||||
name = ""
|
||||
}
|
||||
apfb := napfb[name]
|
||||
if apfb == nil {
|
||||
return newError(`failed to find the default "name" config`).AtWarning()
|
||||
}
|
||||
|
||||
if apfb[alpn] == nil {
|
||||
alpn = ""
|
||||
}
|
||||
pfb := apfb[alpn]
|
||||
if pfb == nil {
|
||||
return newError(`failed to find the default "alpn" config`).AtWarning()
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue