Add warning on using old version of XTLS

And checks param `fingerprint` also
This commit is contained in:
RPRX 2023-02-03 23:29:46 +08:00 committed by GitHub
parent b57d3fa869
commit fa7300e910
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23

View File

@ -458,6 +458,7 @@ type XTLSConfig struct {
MaxVersion string `json:"maxVersion"` MaxVersion string `json:"maxVersion"`
CipherSuites string `json:"cipherSuites"` CipherSuites string `json:"cipherSuites"`
PreferServerCipherSuites bool `json:"preferServerCipherSuites"` PreferServerCipherSuites bool `json:"preferServerCipherSuites"`
Fingerprint string `json:"fingerprint"`
RejectUnknownSNI bool `json:"rejectUnknownSni"` RejectUnknownSNI bool `json:"rejectUnknownSni"`
PinnedPeerCertificateChainSha256 *[]string `json:"pinnedPeerCertificateChainSha256"` PinnedPeerCertificateChainSha256 *[]string `json:"pinnedPeerCertificateChainSha256"`
} }
@ -487,6 +488,9 @@ func (c *XTLSConfig) Build() (proto.Message, error) {
config.MaxVersion = c.MaxVersion config.MaxVersion = c.MaxVersion
config.CipherSuites = c.CipherSuites config.CipherSuites = c.CipherSuites
config.PreferServerCipherSuites = c.PreferServerCipherSuites config.PreferServerCipherSuites = c.PreferServerCipherSuites
if c.Fingerprint != "" {
return nil, newError(`Old version of XTLS does not support fingerprint. Please use flow "xtls-rprx-vision" with "tls & tlsSettings" instead.`)
}
config.RejectUnknownSni = c.RejectUnknownSNI config.RejectUnknownSni = c.RejectUnknownSNI
if c.PinnedPeerCertificateChainSha256 != nil { if c.PinnedPeerCertificateChainSha256 != nil {
@ -500,6 +504,8 @@ func (c *XTLSConfig) Build() (proto.Message, error) {
} }
} }
newError(`You are using an old version of XTLS, which is deprecated now and will be removed soon. Please use flow "xtls-rprx-vision" with "tls & tlsSettings" instead.`).AtWarning().WriteToLog()
return config, nil return config, nil
} }