Commit graph

220 commits

Author SHA1 Message Date
チセ
19f3f709b2
WireGuard kernelTun: Check Capabilities instead of checking UID (#3871)
https://github.com/XTLS/Xray-core/pull/3871#issuecomment-2412820323

---------

Co-authored-by: RPRX <63339210+RPRX@users.noreply.github.com>
2024-10-15 03:30:29 +00:00
Kobe Arthur Scofield
7086d286be
Remove legacy code (#3838)
* Add feature migration notice

* Remove legacy code of transport processing

* Clear legacy proto field

* Fix missing

* Unify protocolname

* Test remove

* Supressor

* Weird code

* Remove errorgen related comments
2024-09-23 11:28:19 -04:00
Kobe Arthur Scofield
57a41f3b4b
Config: Remove more legacy fields (#3817) 2024-09-19 01:05:59 +00:00
dragonbreath2000
363e86c585
UDP noises: Add base64 and multi-packet support (#3794)
https://github.com/XTLS/Xray-core/pull/3794#issuecomment-2351329251

---------

Co-authored-by: 风扇滑翔翼 <Fangliding.fshxy@outlook.com>
Co-authored-by: mmmray <142015632+mmmray@users.noreply.github.com>
2024-09-16 12:46:30 +00:00
Kobe Arthur Scofield
5f0642a671
Errors: Add PrintRemovedFeatureError & PrintDeprecatedFeatureWarning (#3804) 2024-09-15 04:55:54 +00:00
风扇滑翔翼
3fed0c773f
DNS outbound: Add blockTypes (#3812) 2024-09-15 04:21:51 +00:00
Torikki
c259e4e4a6
Allow to inject custom validator in VLESS controller (#3453)
* Make Validator an interface

* Move validator creation away from VLESS inbound controller
2024-09-13 10:51:26 -04:00
yu
c90affe7db
Fix: RPC call causes xray panic problem using wrong account type (#3744)
* fix:RPC call causes xray panic problem. Problem details: add a VMess protocol user in an inbound proxy. If inTag: "VMess-xxx", but the developer carelessly calls the add user method of vless or other protocols, such as xrayCtl.AddVlessUser(user), causing xray panic

* fix:use xray log system return error

---------

Co-authored-by: chengtao@snqu.com <chengtao@snqu.com>
2024-09-09 11:44:22 -04:00
mmmray
f1c439c2aa Revert "Fix freedom PacketReader/PacketWriter type assertion (#3734)"
This reverts commit 815a959c96.
2024-09-01 10:59:31 -05:00
dragonbreath2000
002d08bf83
UDP noise (#3711)
* added udp noise

* adding protobuf settings

* freedom json parser and clean up

* resolve confict

* fix and clean up

* use net.conn instead of packetconnwrapper

* avoid constructing SequentialWriter directly

---------

Co-authored-by: mmmray <142015632+mmmray@users.noreply.github.com>
2024-08-28 17:10:11 -04:00
dyhkwong
815a959c96
Fix freedom PacketReader/PacketWriter type assertion (#3734) 2024-08-27 10:17:55 -04:00
mmmray
2be03c56cb
Pin protobuf packages (#3715)
* Pin protobuf packages

It happened in the past that I ran with the wrong protobuf version
installed locally, and apparently there is even still some file wrong in
splithttp. Fix this issue once and for all.

* bump protobuf packages

* Revert "bump protobuf packages"

This reverts commit 7a3509346a.

* Revert "Revert "bump protobuf packages""

This reverts commit bb79707d15.

* fix deprecated grpc usage
2024-08-22 10:18:36 -04:00
curlwget
790f908f0b
chore: fix some comment typos (#3716)
Signed-off-by: curlwget <curlwget@icloud.com>
2024-08-22 17:32:38 +08:00
チセ
41d03d1856 Wireguard inbound: Fix no route when bind to interface (#3698) 2024-08-20 08:20:01 +00:00
风扇滑翔翼
b612da26eb Socks inbound: Support HTTP inbound by default (#3682)
Co-authored-by: RPRX <63339210+RPRX@users.noreply.github.com>
2024-08-16 00:58:48 +00:00
风扇滑翔翼
9e93c19161
Freedom: Combine fragmented tlshello if interval is 0 (#3663)
Co-authored-by: RPRX <63339210+RPRX@users.noreply.github.com>
Co-authored-by: Ahmadreza Dorkhah <djahmadfire@gmail.com>
2024-08-10 05:06:00 +00:00
风扇滑翔翼
644901d1a5
Socks4a server: Check if the client sends an IP address as domain (#3628)
Fixes https://github.com/XTLS/Xray-core/issues/3622
2024-08-03 02:08:23 +00:00
yuhan6665
a342db3e28
Fix a nil pointer in Wireguard client logging (#3608) 2024-07-29 06:43:46 +00:00
yuhan6665
4cb2a128db Don't do raw/splice copy in case of MITM 2024-07-24 20:41:40 -04:00
MHSanaei
16de0937a8
Fix typos (#3527) 2024-07-12 00:20:06 +02:00
yuhan6665
079d0bd8a9
Refactor log (#3446)
* Refactor log

* Add new log methods

* Fix logger test

* Change all logging code

* Clean up pathObj

* Rebase to latest main

* Remove invoking method name after the dot
2024-06-29 14:32:57 -04:00
yuhan6665
bbf25b14d9 Update dependencies 2024-06-01 11:56:24 -04:00
RPRX
ca07a705dc
Generate *.pb.go files with protoc v5.27.0
Download https://github.com/protocolbuffers/protobuf/releases/tag/v27.0
go install google.golang.org/protobuf/cmd/protoc-gen-go@v1.34.1
go install google.golang.org/grpc/cmd/protoc-gen-go-grpc@v1.3.0
(Xray-core/) go run ./infra/vprotogen
2024-05-26 03:20:53 +00:00
yuhan6665
9b6141b83f Wireguard dial with context 2024-05-22 09:02:20 -04:00
风扇滑翔翼
9ee9a0634e
Add UDPFilter to Socks5 server when auth == password (#3371)
Co-authored-by: RPRX <63339210+RPRX@users.noreply.github.com>
2024-05-22 03:02:45 +00:00
yuhan6665
121eb7b4fc Splice update timer to 8 hours for inbound timer 2024-05-19 23:56:42 -04:00
yuhan6665
3168d27b0b Splice update timer to 8 hours 2024-05-18 11:57:11 -04:00
yuhan6665
1d450cfbd2 Fix nil in inbound handler 2024-05-14 21:42:40 -04:00
yuhan6665
017f53b5fc
Add session context outbounds as slice (#3356)
* Add session context outbounds as slice

slice is needed for dialer proxy where two outbounds work on top of each other
There are two sets of target addr for example
It also enable Xtls to correctly do splice copy by checking both outbounds are ready to do direct copy

* Fill outbound tag info

* Splice now checks capalibility from all outbounds

* Fix unit tests
2024-05-13 21:52:24 -04:00
yuhan6665
548646fb06 Fix an edge case with tls hello fragment 2024-04-04 02:50:34 -04:00
yuhan6665
657c5c8570 Update HTTPUpgrade spelling and proto 2024-03-20 13:08:43 -04:00
yuhan6665
9b5c3f417e Fix user download stats with splice 2024-03-09 23:40:42 -05:00
A1lo
a994bf8b04
chore: fix some errors detected by staticcheck (#3089)
* chore: fix some errors detected by staticcheck

* feat: remove `rand.Seed()` usage for possibly using "fastrand64" runtime to avoid locking

ref: https://pkg.go.dev/math/rand#Seed
2024-03-03 10:52:22 -05:00
yuhan6665
a0f1e1f377 FakeDNS return TTL=1 and drop HTTPS QType 65 request
Co-authored-by: qwerr0
2024-02-21 11:09:51 -05:00
deorth-kku
cae94570df Fixing tcp connestions leak
- always use HandshakeContext instead of Handshake

- pickup dailer dropped ctx

- rename HandshakeContextAddress to HandshakeAddressContext
2024-02-19 09:32:40 -05:00
yuhan6665
fa5d7a255b
Least load balancer (#2999)
* v5: Health Check & LeastLoad Strategy (rebased from 2c5a71490368500a982018a74a6d519c7e121816)

Some changes will be necessary to integrate it into V2Ray

* Update proto

* parse duration conf with time.Parse()

* moving health ping to observatory as a standalone component

* moving health ping to observatory as a standalone component: auto generated file

* add initialization for health ping

* incorporate changes in router implementation

* support principle target output

* add v4 json support for BurstObservatory & fix balancer reference

* update API command

* remove cancelled API

* return zero length value when observer is not found

* remove duplicated targeted dispatch

* adjust test with updated structure

* bug fix for observer

* fix strategy selector

* fix strategy least load

* Fix ticker usage

ticker.Close does not close ticker.C

* feat: Replace default Health Ping URL to HTTPS (#1991)

* fix selectLeastLoad() returns wrong number of nodes (#2083)

* Test: fix leastload strategy unit test

* fix(router): panic caused by concurrent map read and write (#2678)

* Clean up code

---------

Co-authored-by: Jebbs <qjebbs@gmail.com>
Co-authored-by: Shelikhoo <xiaokangwang@outlook.com>
Co-authored-by: 世界 <i@sekai.icu>
Co-authored-by: Bernd Eichelberger <46166740+4-FLOSS-Free-Libre-Open-Source-Software@users.noreply.github.com>
Co-authored-by: 秋のかえで <autmaple@protonmail.com>
Co-authored-by: Rinka <kujourinka@gmail.com>
2024-02-17 22:51:37 -05:00
yuhan6665
a15334b395 Go back to first fix (revet d21e9b0abd)
Xtls is magic, don't play with it ;)

A knowledged guess is the timing to switch to splice is very sensitive. Now both Xtls and Freedom outound do the switching when pipe just finished one buffer
2024-02-17 11:16:37 -05:00
yuhan6665
09656bd5d1 Add back sleep for freedom splice 2024-02-15 21:18:56 -05:00
lunafe
b091076bae fix #2970 parsing IPv6 address in wireguard peers configure 2024-02-12 10:45:12 -05:00
Iain Lau
3a99520370 Add PROXY Protocol support for freedom outbound 2024-02-05 10:08:51 -05:00
RPRX
ad3d347cfc
XTLS Vision: Apply padding to single XUDP by default at client side
Requires Xray-core v1.8.1+ at server side: 242f3b0e0b
2024-02-02 20:32:46 +00:00
yuhan6665
d21e9b0abd Try a better fix for rare ssl error with freedom splice
It seems the root cause is if the flag set at the inbound pipe reader, it is a race condition and freedom outbound can possibly do splice at the same time with inbound xtls writer.
Now we set the flag at the earliest and always do splice at the next buffer cycle.
2024-01-26 04:42:45 -05:00
yuhan6665
3167a70ff8 Try to fix rare ssl error with freedom splice 2024-01-26 02:29:26 -05:00
yuhan6665
d60281d0a5 Add DestIpAddress() in Dialer interface
Android client prepares an IP before proxy connection is established. It is useful when connecting to wireguard (or quic) outbound with domain address. E.g. engage.cloudflareclient.com:2408
2023-12-18 18:36:56 -05:00
H1JK
c01a30e8f4 Cleanup sing buffer usage 2023-12-17 17:37:08 -05:00
wyx2685
31a8fae764 Fix deprecated StackNew() function 2023-12-12 11:28:26 -05:00
yuhan6665
6f092bd212
Add "masterKeyLog" in TLS config (#2758)
* Add "enableMasterKeyLog" in TLS config

Turn on the debug option for Wireshark to decrypt traffic

* Change to "masterKeyLog" to configure a path
2023-11-27 10:08:34 -05:00
yuhan6665
2570855cd7 Update v1.8.6 2023-11-17 20:11:40 -05:00
hax0r31337
0ac7da2fc8
WireGuard Inbound (User-space WireGuard server) (#2477)
* feat: wireguard inbound

* feat(command): generate wireguard compatible keypair

* feat(wireguard): connection idle timeout

* fix(wireguard): close endpoint after connection closed

* fix(wireguard): resolve conflicts

* feat(wireguard): set cubic as default cc algorithm in gVisor TUN

* chore(wireguard): resolve conflict

* chore(wireguard): remove redurant code

* chore(wireguard): remove redurant code

* feat: rework server for gvisor tun

* feat: keep user-space tun as an option

* fix: exclude android from native tun build

* feat: auto kernel tun

* fix: build

* fix: regulate function name & fix test
2023-11-17 22:27:17 -05:00
yuhan6665
d9fd3f8eb1
Freedom xdomain strategy (#2719)
* 统一 `domainStrategy` 行为.

* aliases NG.

* 化简.

* 调整.

* Let it crash.

* Update proto

---------

Co-authored-by: rui0572 <125641819+rui0572@users.noreply.github.com>
2023-11-12 16:27:39 -05:00