Commit graph

28 commits

Author SHA1 Message Date
Shelikhoo
d4f18b1342 Fix DoS attack vulnerability in VMess Option Processing 2022-06-19 19:13:37 -04:00
世界
f046feb9ca
Reformat code 2022-05-18 15:29:01 +08:00
yuhan6665
578d903a9e
Quic related improvements (#915)
* DialSystem for Quic

DialSystem() is needed in case of Android client,
where the raw conn is protected for vpn service

* Fix client dialer log

Log such as:
tunneling request to tcp:www.google.com:80 via tcp:x.x.x.x:443
the second "tcp" is misleading when using mKcp or quic transport

Remove the second "tcp" and add the correct logging for transport dialer:
- transport/internet/tcp: dialing TCP to tcp:x.x.x.x:443
- transport/internet/quic: dialing quic to udp:x.x.x.x:443

* Quic new stream allocation mode

Currently this is how Quic works: client muxing all tcp and udp traffic through a single session, when there are more than 32 running streams in the session,
the next stream request will fail and open with a new session (port). Imagine lineup the session from left to right:
 |
 |  |
 |  |  |

As the streams finishes, we still open stream from the left, original session. So the base session will always be there and new sessions on the right come and go.
However, either due to QOS or bugs in Quic implementation, the traffic "wear out" the base session. It will become slower and in the end not receiving any data from server side.
I couldn't figure out a solution for this problem at the moment, as a workaround:
       |  |
    |  |  |
 |  |  |

I came up with this new stream allocation mode, that it will never open new streams in the old sessions, but only from current or new session from right.
The keeplive config is turned off from server and client side. This way old sessions will natually close and new sessions keep generating.
Note the frequency of new session is still controlled by the server side. Server can assign a large max stream limit. In this case the new allocation mode will be similar to the current mode.
2022-01-28 18:11:30 -05:00
Machtergreifung
e96e5994d0 Update Vmess Warning Errors 2022-01-19 09:30:28 -05:00
yuhan6665
4e88a369c4 Fix vmess test with portList 2021-12-14 20:01:53 -05:00
yuhan6665
e93da4bd02
Fix some tests and format code (#830)
* Increase some tls test timeout

* Fix TestUserValidator

* Change all tests to VMessAEAD

Old VMess MD5 tests will be rejected and fail in 2022

* Chore: auto format code
2021-12-14 19:28:47 -05:00
yuhan6665
d5a7901601
Unified drain support for vmess and shadowsocks (#791)
* Added test for no terminate signal

* unified drain support for vmess and shadowsockets

* drain: add generated file

Co-authored-by: Shelikhoo <xiaokangwang@outlook.com>
2021-12-14 19:27:31 -05:00
Shelikhoo
6fb5c887b2 Fix DoS attack vulnerability in CommandSwitchAccountFactory 2021-12-11 20:14:57 -05:00
Shelikhoo
7038bded7b
Added experiment to avoid sending the termination signal
(cherry picked from commit c5357e1f000054ba5836468922cae52a830c8019)
2021-10-22 18:34:57 +08:00
Shelikhoo
ff35118af5
VMess AEAD based packet length
(cherry picked from commit 08221600082a79376bdc262f2ffec1a3129ae98d)
2021-10-22 18:34:57 +08:00
yuhan6665
e286cdcaa8
Style: format code by gofumpt (#761) 2021-10-20 00:57:14 +08:00
KallyDev
4abf98c1be
Move from deprecated ioutil to os and io packages (#744) 2021-09-29 02:49:34 +08:00
hmol233
7033f7cf5f
Fix: protobuf file (#724) 2021-09-20 22:41:09 +08:00
Arthur Morgan
ffc2f7c4e2 Style: format code 2021-09-20 21:00:55 +08:00
Arthur Morgan
24b637cd5e
Fix: CounterConnection with ReadV/WriteV (#720)
Co-authored-by: JimhHan <50871214+JimhHan@users.noreply.github.com>
2021-09-20 20:11:21 +08:00
yuhan6665
f2cb13a8ec
Deprecate legacy VMess header with a planned decommission (#712)
* Deprecate legacy VMess header with a planned decommission
* show legacy warning only once

Co-authored-by: Xiaokang Wang <xiaokangwang@outlook.com>
Co-authored-by: hmol233 <82594500+hmol233@users.noreply.github.com>
2021-09-20 14:46:05 +08:00
yuhan6665
42d158bd85
vprotogen refine (#717)
* Update all proto files with existing vprotogen
* Chore: remove protoc-gen-gofast
* Feat: vprotogen adds version detector to block generation code from old protobuf version
* Feat: vprotogen refine logic

Co-authored-by: Loyalsoldier <10487845+Loyalsoldier@users.noreply.github.com>
2021-09-18 01:16:14 +08:00
RPRX
924fe16077
Skip Port 53, 443 before using single XUDP for VLESS & VMess 2021-03-08 18:36:45 +00:00
秋のかえで
6380abca73
feat: enforcing VMessAEAD via environment variable (#334) 2021-03-05 08:41:51 +00:00
秋のかえで
1dae2c5636
feat: vmess zero encryption (#333) 2021-03-05 08:41:18 +00:00
RPRX
d22c2d034c
Avoid panic in KDF func for Go 1.16
2a206c7fcc
2021-02-17 03:02:03 +00:00
RPRX
d170416219
Add environment variable XRAY_CONE_DISABLED option 2021-02-11 15:37:02 +00:00
RPRX
8ca8a7126b Add XUDP support by simply renaming vudp to xudp
https://t.me/projectXray/243505
2021-02-11 11:33:08 +00:00
RPRX
1174ff3090
Refactor: VLESS & VMess & Mux UDP FullCone NAT
https://t.me/projectXray/242770
2021-02-11 01:28:21 +00:00
RPRX
f390047b37
Disable VMess drain when not pure connection 2020-12-18 12:45:47 +00:00
RPRX
f8faf3c8b8 Removal: confonly 2020-12-11 13:05:29 +08:00
RPRX
16544c18ab v1.1.0 2020-12-04 09:36:16 +08:00
RPRX
c7f7c08ead v1.0.0 2020-11-25 19:01:53 +08:00