mirror of
https://github.com/XTLS/Xray-core.git
synced 2024-11-25 22:56:04 +03:00
XTLS protocol: Apply Vision's padding to XUDP Mux & Minor fixes
It's recommended to enable XUDP Mux when using XTLS Vision Thank @yuhan6665 for testing
This commit is contained in:
parent
b4c1a56026
commit
242f3b0e0b
@ -21,6 +21,7 @@ import (
|
|||||||
"github.com/xtls/xray-core/common/signal"
|
"github.com/xtls/xray-core/common/signal"
|
||||||
"github.com/xtls/xray-core/features/stats"
|
"github.com/xtls/xray-core/features/stats"
|
||||||
"github.com/xtls/xray-core/proxy/vless"
|
"github.com/xtls/xray-core/proxy/vless"
|
||||||
|
"github.com/xtls/xray-core/transport/internet/reality"
|
||||||
"github.com/xtls/xray-core/transport/internet/stat"
|
"github.com/xtls/xray-core/transport/internet/stat"
|
||||||
"github.com/xtls/xray-core/transport/internet/tls"
|
"github.com/xtls/xray-core/transport/internet/tls"
|
||||||
)
|
)
|
||||||
@ -227,8 +228,10 @@ func XtlsRead(reader buf.Reader, writer buf.Writer, timer signal.ActivityUpdater
|
|||||||
if ok {
|
if ok {
|
||||||
iConn = statConn.Connection
|
iConn = statConn.Connection
|
||||||
}
|
}
|
||||||
if xc, ok := iConn.(*tls.Conn); ok {
|
if tlsConn, ok := iConn.(*tls.Conn); ok {
|
||||||
iConn = xc.NetConn()
|
iConn = tlsConn.NetConn()
|
||||||
|
} else if realityConn, ok := iConn.(*reality.Conn); ok {
|
||||||
|
iConn = realityConn.NetConn()
|
||||||
}
|
}
|
||||||
if tc, ok := iConn.(*net.TCPConn); ok {
|
if tc, ok := iConn.(*net.TCPConn); ok {
|
||||||
newError("XtlsRead splice").WriteToLog(session.ExportIDToError(ctx))
|
newError("XtlsRead splice").WriteToLog(session.ExportIDToError(ctx))
|
||||||
|
@ -456,10 +456,10 @@ func (h *Handler) Process(ctx context.Context, network net.Network, connection s
|
|||||||
case vless.XRV:
|
case vless.XRV:
|
||||||
if account.Flow == requestAddons.Flow {
|
if account.Flow == requestAddons.Flow {
|
||||||
switch request.Command {
|
switch request.Command {
|
||||||
case protocol.RequestCommandMux:
|
|
||||||
return newError(requestAddons.Flow + " doesn't support Mux").AtWarning()
|
|
||||||
case protocol.RequestCommandUDP:
|
case protocol.RequestCommandUDP:
|
||||||
return newError(requestAddons.Flow + " doesn't support UDP").AtWarning()
|
return newError(requestAddons.Flow + " doesn't support UDP").AtWarning()
|
||||||
|
case protocol.RequestCommandMux:
|
||||||
|
fallthrough // we will break Mux connections that contain TCP requests
|
||||||
case protocol.RequestCommandTCP:
|
case protocol.RequestCommandTCP:
|
||||||
var t reflect.Type
|
var t reflect.Type
|
||||||
var p uintptr
|
var p uintptr
|
||||||
@ -474,10 +474,8 @@ func (h *Handler) Process(ctx context.Context, network net.Network, connection s
|
|||||||
netConn = realityConn.NetConn()
|
netConn = realityConn.NetConn()
|
||||||
t = reflect.TypeOf(realityConn.Conn).Elem()
|
t = reflect.TypeOf(realityConn.Conn).Elem()
|
||||||
p = uintptr(unsafe.Pointer(realityConn.Conn))
|
p = uintptr(unsafe.Pointer(realityConn.Conn))
|
||||||
} else if _, ok := iConn.(*tls.UConn); ok {
|
|
||||||
return newError("XTLS only supports UTLS fingerprint for the outbound.").AtWarning()
|
|
||||||
} else {
|
} else {
|
||||||
return newError("XTLS only supports TCP, mKCP and DomainSocket for now.").AtWarning()
|
return newError("XTLS only supports TLS and REALITY directly for now.").AtWarning()
|
||||||
}
|
}
|
||||||
if pc, ok := netConn.(*proxyproto.Conn); ok {
|
if pc, ok := netConn.(*proxyproto.Conn); ok {
|
||||||
netConn = pc.Raw()
|
netConn = pc.Raw()
|
||||||
@ -495,7 +493,7 @@ func (h *Handler) Process(ctx context.Context, network net.Network, connection s
|
|||||||
return newError(account.ID.String() + " is not able to use " + requestAddons.Flow).AtWarning()
|
return newError(account.ID.String() + " is not able to use " + requestAddons.Flow).AtWarning()
|
||||||
}
|
}
|
||||||
case "":
|
case "":
|
||||||
if account.Flow == vless.XRV && request.Command == protocol.RequestCommandTCP {
|
if account.Flow == vless.XRV && (request.Command == protocol.RequestCommandTCP || isMuxAndNotXUDP(request, first)) {
|
||||||
return newError(account.ID.String() + " is not able to use \"\". Note that the pure TLS proxy has certain TLS in TLS characters.").AtWarning()
|
return newError(account.ID.String() + " is not able to use \"\". Note that the pure TLS proxy has certain TLS in TLS characters.").AtWarning()
|
||||||
}
|
}
|
||||||
default:
|
default:
|
||||||
|
@ -135,13 +135,13 @@ func (h *Handler) Process(ctx context.Context, link *transport.Link, dialer inte
|
|||||||
fallthrough
|
fallthrough
|
||||||
case vless.XRV:
|
case vless.XRV:
|
||||||
switch request.Command {
|
switch request.Command {
|
||||||
case protocol.RequestCommandMux:
|
|
||||||
requestAddons.Flow = "" // let server break Mux connections that contain TCP requests
|
|
||||||
case protocol.RequestCommandUDP:
|
case protocol.RequestCommandUDP:
|
||||||
if !allowUDP443 && request.Port == 443 {
|
if !allowUDP443 && request.Port == 443 {
|
||||||
return newError("XTLS rejected UDP/443 traffic").AtInfo()
|
return newError("XTLS rejected UDP/443 traffic").AtInfo()
|
||||||
}
|
}
|
||||||
requestAddons.Flow = ""
|
requestAddons.Flow = ""
|
||||||
|
case protocol.RequestCommandMux:
|
||||||
|
fallthrough // let server break Mux connections that contain TCP requests
|
||||||
case protocol.RequestCommandTCP:
|
case protocol.RequestCommandTCP:
|
||||||
var t reflect.Type
|
var t reflect.Type
|
||||||
var p uintptr
|
var p uintptr
|
||||||
@ -158,7 +158,7 @@ func (h *Handler) Process(ctx context.Context, link *transport.Link, dialer inte
|
|||||||
t = reflect.TypeOf(realityConn.Conn).Elem()
|
t = reflect.TypeOf(realityConn.Conn).Elem()
|
||||||
p = uintptr(unsafe.Pointer(realityConn.Conn))
|
p = uintptr(unsafe.Pointer(realityConn.Conn))
|
||||||
} else {
|
} else {
|
||||||
return newError("XTLS only supports TCP, mKCP and DomainSocket for now.").AtWarning()
|
return newError("XTLS only supports TLS and REALITY directly for now.").AtWarning()
|
||||||
}
|
}
|
||||||
if sc, ok := netConn.(syscall.Conn); ok {
|
if sc, ok := netConn.(syscall.Conn); ok {
|
||||||
rawConn, _ = sc.SyscallConn()
|
rawConn, _ = sc.SyscallConn()
|
||||||
|
Loading…
Reference in New Issue
Block a user