Env: Add XRAY_LOCATION_CERT variable (#4536)

https://github.com/XTLS/Xray-core/issues/4531#issuecomment-2746155941 Fixes https://github.com/XTLS/Xray-core/issues/4531 --------- Co-authored-by: RPRX <63339210+RPRX@users.noreply.github.com>
2025-03-27 10:33:55 +03:00 · 2025-03-24 16:26:48 +03:30 · 2025-03-24 16:26:48 +03:30 · 2d3210e4b8
commit 2d3210e4b8
parent 673a9ae063
6 changed files with 26 additions and 5 deletions
--- a/common/platform/filesystem/file.go
+++ b/common/platform/filesystem/file.go
@ -3,6 +3,7 @@ package filesystem
 import (
 	"io"
 	"os"
+	"path/filepath"

 	"github.com/xtls/xray-core/common/buf"
 	"github.com/xtls/xray-core/common/platform"
@ -28,6 +29,13 @@ func ReadAsset(file string) ([]byte, error) {
 	return ReadFile(platform.GetAssetLocation(file))
 }

+func ReadCert(file string) ([]byte, error) {
+	if filepath.IsAbs(file) {
+		return ReadFile(file)
+	}
+	return ReadFile(platform.GetCertLocation(file))
+}
+
 func CopyFile(dst string, src string) error {
 	bytes, err := ReadFile(src)
 	if err != nil {
--- a/common/platform/others.go
+++ b/common/platform/others.go
@ -21,7 +21,7 @@ func GetToolLocation(file string) string {
 	return filepath.Join(toolPath, file)
 }

-// GetAssetLocation searches for `file` in certain locations
+// GetAssetLocation searches for `file` in the env dir, the executable dir, and certain locations
 func GetAssetLocation(file string) string {
 	assetPath := NewEnvFlag(AssetLocation).GetValue(getExecutableDir)
 	defPath := filepath.Join(assetPath, file)
@ -42,3 +42,9 @@ func GetAssetLocation(file string) string {
 	// asset not found, let the caller throw out the error
 	return defPath
 }
+
+// GetCertLocation searches for `file` in the env dir and the executable dir
+func GetCertLocation(file string) string {
+	certPath := NewEnvFlag(CertLocation).GetValue(getExecutableDir)
+	return filepath.Join(certPath, file)
+}
--- a/common/platform/platform.go
+++ b/common/platform/platform.go
@ -13,6 +13,7 @@ const (
 	ConfdirLocation = "xray.location.confdir"
 	ToolLocation    = "xray.location.tool"
 	AssetLocation   = "xray.location.asset"
+	CertLocation    = "xray.location.cert"

 	UseReadV         = "xray.buf.readv"
 	UseFreedomSplice = "xray.buf.splice"
--- a/common/platform/windows.go
+++ b/common/platform/windows.go
@ -19,8 +19,14 @@ func GetToolLocation(file string) string {
 	return filepath.Join(toolPath, file+".exe")
 }

-// GetAssetLocation searches for `file` in the executable dir
+// GetAssetLocation searches for `file` in the env dir and the executable dir
 func GetAssetLocation(file string) string {
 	assetPath := NewEnvFlag(AssetLocation).GetValue(getExecutableDir)
 	return filepath.Join(assetPath, file)
 }
+
+// GetCertLocation searches for `file` in the env dir and the executable dir
+func GetCertLocation(file string) string {
+	certPath := NewEnvFlag(CertLocation).GetValue(getExecutableDir)
+	return filepath.Join(certPath, file)
+}
--- a/infra/conf/transport_internet.go
+++ b/infra/conf/transport_internet.go
@ -334,7 +334,7 @@ func (c *SplitHTTPConfig) Build() (proto.Message, error) {

 func readFileOrString(f string, s []string) ([]byte, error) {
 	if len(f) > 0 {
-		return filesystem.ReadFile(f)
+		return filesystem.ReadCert(f)
 	}
 	if len(s) > 0 {
 		return []byte(strings.Join(s, "\n")), nil
--- a/transport/internet/tls/config.go
+++ b/transport/internet/tls/config.go
@ -109,12 +109,12 @@ func setupOcspTicker(entry *Certificate, callback func(isReloaded, isOcspstaplin
 		for {
 			var isReloaded bool
 			if entry.CertificatePath != "" && entry.KeyPath != "" {
-				newCert, err := filesystem.ReadFile(entry.CertificatePath)
+				newCert, err := filesystem.ReadCert(entry.CertificatePath)
 				if err != nil {
 					errors.LogErrorInner(context.Background(), err, "failed to parse certificate")
 					return
 				}
-				newKey, err := filesystem.ReadFile(entry.KeyPath)
+				newKey, err := filesystem.ReadCert(entry.KeyPath)
 				if err != nil {
 					errors.LogErrorInner(context.Background(), err, "failed to parse key")
 					return