Commit Graph

232 Commits

Author SHA1 Message Date
风扇滑翔翼
ec2224974d Add "nosni" option to send empty SNI (#3214)
* Allow not to send SNI

* Allow reality not to send SNI
2024-04-01 11:08:37 -04:00
yuhan6665
7e3a8d3a04 Add separate host config for websocket 2024-03-30 07:43:05 +00:00
yuhan6665
e2302b421c Update proto file for websocket and httpupgrade (breaking) 2024-03-30 07:42:41 +00:00
风扇滑翔翼
9a619f9e7c Add support for HTTPupgrade custom headers 2024-03-23 07:53:36 -10:00
チセ
2cafb3ef89
Fix(httpupgrade): X-Forwarded-For header not read. (#3172) 2024-03-23 13:34:51 -04:00
yuhan6665
657c5c8570 Update HTTPUpgrade spelling and proto 2024-03-20 13:08:43 -04:00
风扇滑翔翼
bb48a2043d Fix HTTPUpgrade transport register 2024-03-20 12:05:01 -04:00
RPRX
18b823b4a6
HTTPUpgrade 0-RTT (#3152)
* Add ed to enable HTTPUpgrade 0-RTT

https://github.com/XTLS/Xray-core/issues/3128#issuecomment-2002563369

* WebSocket hub.go MaxHeaderBytes: 4096 -> 8192
2024-03-17 20:43:19 +00:00
RPRX
5c41292836
Add ConnRF to make HTTPUpgrade 0-RTT
https://github.com/XTLS/Xray-core/issues/3128#issuecomment-1991809113
2024-03-13 22:39:24 +00:00
RPRX
d3a218f896
Fix https://github.com/XTLS/Xray-core/issues/3128 2024-03-12 11:58:29 +00:00
A1lo
a994bf8b04
chore: fix some errors detected by staticcheck (#3089)
* chore: fix some errors detected by staticcheck

* feat: remove `rand.Seed()` usage for possibly using "fastrand64" runtime to avoid locking

ref: https://pkg.go.dev/math/rand#Seed
2024-03-03 10:52:22 -05:00
Eken Chan
173b03448f transport: add httpupgrade 2024-03-03 10:45:36 -05:00
RPRX
7184a8165f
Add Authority to gRPC Transport (#3076)
Why couldn't you have Host, for the last three years?
2024-02-29 14:22:14 +00:00
yuhan6665
3778a367c8 Fix and simplify SockOpt in UDP
https://github.com/golang/go/issues/29277
2024-02-21 13:59:09 -05:00
deorth-kku
cae94570df Fixing tcp connestions leak
- always use HandshakeContext instead of Handshake

- pickup dailer dropped ctx

- rename HandshakeContextAddress to HandshakeAddressContext
2024-02-19 09:32:40 -05:00
yuhan6665
fa5d7a255b
Least load balancer (#2999)
* v5: Health Check & LeastLoad Strategy (rebased from 2c5a71490368500a982018a74a6d519c7e121816)

Some changes will be necessary to integrate it into V2Ray

* Update proto

* parse duration conf with time.Parse()

* moving health ping to observatory as a standalone component

* moving health ping to observatory as a standalone component: auto generated file

* add initialization for health ping

* incorporate changes in router implementation

* support principle target output

* add v4 json support for BurstObservatory & fix balancer reference

* update API command

* remove cancelled API

* return zero length value when observer is not found

* remove duplicated targeted dispatch

* adjust test with updated structure

* bug fix for observer

* fix strategy selector

* fix strategy least load

* Fix ticker usage

ticker.Close does not close ticker.C

* feat: Replace default Health Ping URL to HTTPS (#1991)

* fix selectLeastLoad() returns wrong number of nodes (#2083)

* Test: fix leastload strategy unit test

* fix(router): panic caused by concurrent map read and write (#2678)

* Clean up code

---------

Co-authored-by: Jebbs <qjebbs@gmail.com>
Co-authored-by: Shelikhoo <xiaokangwang@outlook.com>
Co-authored-by: 世界 <i@sekai.icu>
Co-authored-by: Bernd Eichelberger <46166740+4-FLOSS-Free-Libre-Open-Source-Software@users.noreply.github.com>
Co-authored-by: 秋のかえで <autmaple@protonmail.com>
Co-authored-by: Rinka <kujourinka@gmail.com>
2024-02-17 22:51:37 -05:00
yuhan6665
bf02392969 Temporarily turn off sockopt for UDP on windows 2024-02-17 13:22:39 -05:00
风扇滑翔翼
303beff5dd Fix SockOpt does not work in UDP 2024-02-06 10:41:39 -05:00
dyhkwong
da5a28a088
Fix #2654 (#2941)
* fix udp dispatcher

* fix test
2024-01-15 10:33:15 -05:00
Qi Lin
0ea2a50264 Add option realitySettings.masterKeyLog 2024-01-11 10:57:04 -05:00
Qi Lin
2b08d8638e Let tlsSettings.masterKeyLog and tlsSettings.fingerprint work together 2024-01-10 11:34:52 -05:00
yuhan6665
eacdda3c93 Fix connecting to quic outbound with domain address 2023-12-25 22:25:22 -05:00
hossinasaadi
b7f21be8bc fix ecdh crash in reality 2023-12-24 15:38:44 -05:00
yuhan6665
d60281d0a5 Add DestIpAddress() in Dialer interface
Android client prepares an IP before proxy connection is established. It is useful when connecting to wireguard (or quic) outbound with domain address. E.g. engage.cloudflareclient.com:2408
2023-12-18 18:36:56 -05:00
Zhang San
5a5e615b46
Enable interface setting for socketopt under Windows (#2819)
* allow set interface under windows

Signed-off-by: San Zhang <zhangan@mail.com>

* polish code

Signed-off-by: San Zhang <zhangan@mail.com>

---------

Signed-off-by: San Zhang <zhangan@mail.com>
Co-authored-by: San Zhang <zhangan@mail.com>
2023-12-17 17:56:15 -05:00
风扇滑翔翼
69cbb4c47a Change WS upgraderBufferSize
due to https://github.com/gorilla/websocket/issues/223
2023-11-28 11:28:58 -05:00
yuhan6665
6f092bd212
Add "masterKeyLog" in TLS config (#2758)
* Add "enableMasterKeyLog" in TLS config

Turn on the debug option for Wireshark to decrypt traffic

* Change to "masterKeyLog" to configure a path
2023-11-27 10:08:34 -05:00
cty123
f1c81557dc #2605: Add safety check for type casting for QUIC dialer
Issue #2605 brought up real problem that QUIC dialer doesn't support sockopt at the moment. Inside `internet.DialSystem(...)` function, one of the branch that involves `redirect(...)` returns `cnc.connection` instance that is currently unhandled by the code logic, and thus caused program panic during runtime.

It seems the sockopt support for QUIC protocol requires a couple changes including making `cnc.connection` public, such that we can handle in dialer, along with some thorough tests, this commit simply adds safety check to explicity state the fact that QUIC isn't working with sockopt. And the implementation of the feature can be scheduled later on.
2023-11-14 10:14:26 -05:00
yuhan6665
7523f7f440
统一 domainStrategy 行为. (#2720)
* 统一 `domainStrategy` 行为.

* Update proto

---------

Co-authored-by: rui0572 <125641819+rui0572@users.noreply.github.com>
2023-11-12 16:37:02 -05:00
yuhan6665
d9fd3f8eb1
Freedom xdomain strategy (#2719)
* 统一 `domainStrategy` 行为.

* aliases NG.

* 化简.

* 调整.

* Let it crash.

* Update proto

---------

Co-authored-by: rui0572 <125641819+rui0572@users.noreply.github.com>
2023-11-12 16:27:39 -05:00
yuhan6665
cc4b28b159 Remove dragonfly build 2023-11-12 14:30:50 -05:00
yuhan6665
d24a636c75 Move some log from stdout to ray log 2023-10-28 21:31:54 -04:00
yuhan6665
4f05e0ac2b Unify environment var readers 2023-10-29 15:16:57 -04:00
hossinasaadi
6177ec7faf add bindAddr for darwin 2023-10-16 10:24:28 -04:00
yuhan6665
e244db76fb Update all dependencies 2023-09-29 23:06:15 -04:00
Hossin Asaadi
07ae08126c binding socket interface to sockopt_darwin.go 2023-09-22 10:35:59 -04:00
yylt
c00e56c0da
Add tcpMptcp to sockopt (#2520) 2023-09-07 17:32:27 +00:00
RPRX
d92002ad12
Dialer: Set TimeoutOnly for gctx and hctx
https://github.com/XTLS/Xray-core/issues/2232#issuecomment-1694570914

Thank @cty123 for testing

Fixes https://github.com/XTLS/Xray-core/issues/2232

BTW: Use `uConn.HandshakeContext(ctx)` in REALITY
2023-08-27 05:55:58 +00:00
A1lo
10d6b06578 fix(transport): correctly release UDS locker file (#2305)
* fix(transport): correctly release UDS locker file

* use callback function to do some jobs after create listener
2023-08-26 07:35:44 -04:00
RPRX
2d5475f428 Update transport/internet/reality/reality.go
Fixes https://github.com/XTLS/Xray-core/issues/2491
2023-08-26 07:33:26 -04:00
cty123
efe8f3f4d6 fix(config): fix grpc cofnig parsing when service name only has one '/' char 2023-08-20 22:19:13 -04:00
RPRX
51769fdde1
H2 transport: Abandon client if client.Do(request) failed
See https://github.com/golang/go/issues/30702

Fixes https://github.com/XTLS/Xray-core/issues/2355
2023-07-22 06:06:25 +08:00
RPRX
ee21763928 Run "go fmt ./..." 2023-06-18 09:46:57 -04:00
RPRX
084f4f2e4c Update comments in reality.go 2023-06-15 13:07:08 -04:00
Hellojack
65b467e448 REALITY protocol: Add ChaCha20-Poly1305 auth mode (#2212)
https://github.com/XTLS/REALITY/pull/4
2023-06-15 13:06:46 -04:00
yuhan6665
d11d72be6c Update proto file and fix protoc version parsing
The new protoc cli return version v23.1,
so we parse the file version v4.23.1 without "4."
2023-06-11 13:36:06 -04:00
dependabot[bot]
86b4b81f1d Bump github.com/quic-go/quic-go from 0.34.0 to 0.35.1
Bumps [github.com/quic-go/quic-go](https://github.com/quic-go/quic-go) from 0.34.0 to 0.35.1.
- [Release notes](https://github.com/quic-go/quic-go/releases)
- [Changelog](https://github.com/quic-go/quic-go/blob/master/Changelog.md)
- [Commits](https://github.com/quic-go/quic-go/compare/v0.34.0...v0.35.1)

---
updated-dependencies:
- dependency-name: github.com/quic-go/quic-go
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-06-01 18:23:56 -04:00
sambali9
5f5ae37571
Added tcp fragmentation for freedom outbound (#2021)
* Added tcp fragmentation for freedom outbound

* Added TCP_NODELAY to outbound sockopt

* Changed fragment parameters to accept ranges and changed strategy to use length

* Changed packetNumber to packets, supporting range.

* Refactored the freedom fragment logic

* Refine Write()

---------

Co-authored-by: RPRX <63339210+RPRX@users.noreply.github.com>
2023-05-22 02:59:58 +00:00
yuhan6665
c80646a045
Clean code dependencies on github.com/miekg/dns (#2099) 2023-05-21 03:40:56 +00:00
rurirei
d9af02812f
Add ctx to UDP dispatcherConn (#2024) 2023-05-06 03:18:08 +00:00
xqzr
dd81ad5342
Add tcpMaxSeg to sockopt (#2002) 2023-04-30 00:03:30 +00:00
世界
18e5b0963f
Update dependencies 2023-04-23 19:32:07 +08:00
yichya QC
90d915ea05 feat: add tcp_user_timeout
```json
{"streamSettings":{"sockopt": {"tcpUserTimeout": 10000}}}
```

run `gofmt -w -s .` as well
2023-04-22 20:41:43 -04:00
yuhan6665
197bc78ea1 Turn off Quic qlog since it jam the regular test info 2023-04-17 11:56:55 -04:00
RPRX
2c0a89f7dc
REALITY protocol: Set the fourth byte as reserved 2023-03-31 22:39:57 +00:00
RPRX
beb603af06 Allow IP address ServerName when "serverName" is not configured
In this case, TLS Client Hello will not have SNI (RFC 6066, Section 3)
2023-03-26 10:57:20 +00:00
Hirbod Behnam
526c6789ed Add custom path to gRPC (#1815) 2023-03-26 09:28:19 +03:30
Hirbod Behnam
6872be5cc3 Add user agent to gRPC (#1790) 2023-03-26 09:23:42 +03:30
RPRX
0573760346
Do not show ciphertext SessionID or full AuthKey 2023-03-20 23:39:56 +08:00
世界
55efac7236
Reformat code 2023-03-17 13:17:08 +08:00
xqzr
c3322294be
Add tcpWindowClamp to sockopt (#1757)
Co-authored-by: RPRX <63339210+RPRX@users.noreply.github.com>
2023-03-09 13:51:16 +00:00
RPRX
836e84b851
Add recover() to H2 server's flushWriter.Write()
Fixes https://github.com/XTLS/Xray-core/issues/1748
2023-03-08 14:06:20 +00:00
yuhan6665
9e5bc07bf2
Legends never die (#1725) 2023-03-04 10:39:26 +00:00
RPRX
6526e74d49
Add WaitReadCloser to make H2 real 0-RTT 2023-03-02 14:50:26 +00:00
RPRX
55dc26f228
Add REALITY support to gRPC client and server
Now you are able to configure REALITY gRPC client and server
Duplicate of REALITY H2, perhaps, just for fun
2023-02-27 19:52:01 +00:00
RPRX
9401d65ef1
Add REALITY support to H2 server
Now you are able to configure REALITY H2 server directly
Before: REALITY VLESS fallbacks -> H2C inbound
2023-02-27 16:20:19 +00:00
RPRX
c38179a67f
Upgrade github.com/xtls/reality to f34b4d174342
Fixes https://github.com/XTLS/Xray-core/issues/1712
2023-02-26 19:26:57 +08:00
sduoduo233
336b2daeb9
DNS Header for KCP (#1672)
* dns header

* fixed domain name encoding for dns header

---------

Co-authored-by: kerry <lvhaiyangkerry@gmail.com>
2023-02-24 12:06:24 -05:00
xqzr
c8b4580869
add V6Only (#1677)
* add `V6Only`

* add `V6Only`
2023-02-24 11:54:40 -05:00
Yue Yin
03b8c094de Support SPKI Fingerprint Pinning
Support SPKI Fingerprint Pinning for TLSObject
2023-02-24 11:47:00 -05:00
RPRX
4d5c3195d2
Refine random
Fixes https://github.com/XTLS/Xray-core/issues/1666
2023-02-18 05:55:19 +00:00
RPRX
4d2e2b24d3
THE NEXT FUTURE becomes THE REALITY NOW
Thank @yuhan6665 for testing
2023-02-15 16:07:12 +00:00
RPRX
9046eda5ce
Add callClose to UDP Dispatcher
Fixes https://github.com/XTLS/Xray-core/issues/1611
2023-02-08 14:59:14 +08:00
RPRX
f32921df30
Refine randomized
But we should avoid using it unless we have to, see
https://github.com/refraction-networking/utls/pull/157#issuecomment-1417156797
2023-02-08 14:51:15 +08:00
RPRX
f176ec54ee
v1.7.3 2023-02-02 05:50:21 +00:00
pocketW
bf35e9dcd6 fix: handle error raised by dispatcher 2023-02-01 10:17:42 -05:00
RPRX
dc72cf2c78
Refine fingerprints
Fixes https://github.com/XTLS/Xray-core/issues/1577
2023-02-01 12:58:17 +00:00
RPRX
b70912799b
Generate *.pb.go files with protoc v3.21.12
https://github.com/protocolbuffers/protobuf/releases/tag/v21.12
go install google.golang.org/protobuf/cmd/protoc-gen-go@v1.28
go install google.golang.org/grpc/cmd/protoc-gen-go-grpc@v1.2
go run ./infra/vprotogen
2023-01-30 04:35:30 +00:00
mra9776
f571aa72df
uTLS PinnedPeerCertificateChainSha256 (#1556)
* Add tests for utls PinnedPeerCertificateChain

* Fix utls not checking PinnedPeerCertificate

Co-authored-by: ahmadi <ahmadi@meshkan.com>
2023-01-27 04:19:49 +00:00
yuhan6665
3fb67f065a
Add fingerprint xray_random (#1540)
* Add fingerprint xray_random

xray_random means to pick a random uTLS fingerprint at the core startup
This way, the fingerprint is stable for a user for some days. While there is no identifiable signature for the whole xray community

* Fingerprint "random" refine

Exclude old fingerprint from RNG
2023-01-20 23:36:08 -05:00
aeeq
620eb63c1b Add sockopt interface setting for binding outbound to a particular device like "eth0" (#1494)
* Update sockopt_linux.go

add Interface Name

* Update config.pb.go

add Interface Name

* Update transport_internet.go

add Interface Name

* Update config.pb.go

* update config.proto add interface

* Update config.pb.go
2023-01-09 09:45:30 -05:00
yuhan6665
32ce7cd730 Add new uTLS fingerprints
- correct safari
- new format is the variable name in https://github.com/refraction-networking/utls/blob/master/u_common.go#L163
- notable ones "HelloChrome_106_Shuffle", "Hello360_Auto", "HelloQQ_Auto"
2023-01-09 09:19:53 -05:00
yuhan6665
c4fbdf1b78 Run core/format.go 2022-12-25 19:47:53 -05:00
aabbccgg
0565589b8b Changed quic MaxIdleTimeout from 30s to 5min & HandshakeIdleTimeout to 8s 2022-11-23 10:52:50 -05:00
Cubarco
8e75e9d763 Fix sockopt.TcpKeepAliveInterval
The Keep-Alive configs may be overridden with golang default settings when `tcpKeepAliveInterval` is set without `tcpKeepAliveIdle`.
2022-11-12 09:15:21 -05:00
Hirbod Behnam
da0b13cca0
Added uTLS to gRPC (#1264)
* Added uTLS to gRPC

* Use base 16 of ciphers as StandardName
2022-10-21 21:06:36 -04:00
Hirbod Behnam
1f93cbbc5d
Added utls to websocket (#1256)
* Added utls to websocket

* Slightly better code

One less allocation
2022-10-18 10:34:41 -04:00
Hirbod Behnam
93c7ebe382 Added utls to http2 transport 2022-10-13 10:44:49 -04:00
yuhan6665
8117b66949 Generate all protos 2022-10-10 13:17:32 -04:00
xqzr
8cf23f1947
add tcpcongestion (#1234)
* add `tcpcongestion`

* Update sockopt_linux.go

* Update config.pb.go

* Update transport_internet.go

* Update config.pb.go

* Update transport_internet.go

* Update config.proto
2022-10-10 13:13:50 -04:00
Mocking
4140bcd11a Enhancement of "redirect" function, adding support for MacOS
Added the function of "MacOS" FreeBSD firewall traffic forwarding and resolving destination address
example:
"inbounds": [
{
"listen": "127.0.0.1",
"port": 1122,
"protocol": "dokodemo-door",
"tag": "dokodemo",
"settings": {
"network": "tcp",
"followRedirect": true,
"userLevel": 0
},
"streamSettings": {
"sockopt": {
"tproxy": "Redirect"
}
}
}
]

还原#1189 提交
2022-08-22 10:33:58 -04:00
S-Mocking
59602db02d
Add "tproxy" option (#1189)
* Add "tproxy" option
Added the function of "MacOS" FreeBSD firewall traffic forwarding and resolving destination address
example:
  "inbounds": [
    {
      "listen": "127.0.0.1",
      "port": 1122,
      "protocol": "dokodemo-door",
      "tag": "dokodemo",
      "settings": {
        "network": "tcp",
        "followRedirect": true,
        "userLevel": 0
      },
      "streamSettings": {
        "sockopt": {
          "tproxy": "pf"
        }
      }
    }
  ]

* Add "tproxy" option
Added the function of "MacOS" FreeBSD firewall traffic forwarding and resolving destination address
example:
  "inbounds": [
    {
      "listen": "127.0.0.1",
      "port": 1122,
      "protocol": "dokodemo-door",
      "tag": "dokodemo",
      "settings": {
        "network": "tcp",
        "followRedirect": true,
        "userLevel": 0
      },
      "streamSettings": {
        "sockopt": {
          "tproxy": "pf"
        }
      }
    }
  ]

* Add "tproxy" option
Added the function of "MacOS" FreeBSD firewall traffic forwarding and resolving destination address
example:
  "inbounds": [
    {
      "listen": "127.0.0.1",
      "port": 1122,
      "protocol": "dokodemo-door",
      "tag": "dokodemo",
      "settings": {
        "network": "tcp",
        "followRedirect": true,
        "userLevel": 0
      },
      "streamSettings": {
        "sockopt": {
          "tproxy": "pf"
        }
      }
    }
  ]

Co-authored-by: Mocking <fanhaiwang0817@gmail.com>
2022-08-20 09:02:18 -04:00
ksco.he
76638d793c fix(udp): check addr nil (close 1807) 2022-08-12 20:33:33 -04:00
yuhan6665
340234166b
Add TCPKeepAliveIdle in Sockopt option (#1166)
* Add TCP keep alive idle setting

* Add TCP keep alive idle setting: auto generated

* Add TCP keep alive support in Linux

* Add TCP keep alive support in MacOS, FreeBSD

* Add TCP keep alive support in Windows

* fix bug introduced in adding tcp keep alive adjustment

* embed macOS const to avoid platform inconsistency

* embed macOS const to avoid platform inconsistency(again)

* add TCP Keep Alive support in config

* use sys/unix instead of syscall

Suggestion from:
https://github.com/v2fly/v2ray-core/pull/1395#issuecomment-974761647

* use sys/unix instead of syscall

Suggestion from:
https://github.com/v2fly/v2ray-core/pull/1395#issuecomment-974761647

* Separate TcpKeepAliveIdle and TcpKeepAliveInterval check logic

* Disable tcp keepAlive when TcpKeepAliveIdle < 0 and  TcpKeepAliveInterval <= 0

Co-authored-by: xqzr <34030394+xqzr@users.noreply.github.com>

Co-authored-by: ValdikSS <iam@valdikss.org.ru>
Co-authored-by: Shelikhoo <xiaokangwang@outlook.com>
Co-authored-by: xqzr <34030394+xqzr@users.noreply.github.com>
2022-07-31 09:55:40 -04:00
yuhan6665
00230a74d5
Fix new Quic lib: KeepAlivePeriod (#1139)
* Bump github.com/lucas-clemente/quic-go from 0.27.2 to 0.28.0

Bumps [github.com/lucas-clemente/quic-go](https://github.com/lucas-clemente/quic-go) from 0.27.2 to 0.28.0.
- [Release notes](https://github.com/lucas-clemente/quic-go/releases)
- [Changelog](https://github.com/lucas-clemente/quic-go/blob/master/Changelog.md)
- [Commits](https://github.com/lucas-clemente/quic-go/compare/v0.27.2...v0.28.0)

---
updated-dependencies:
- dependency-name: github.com/lucas-clemente/quic-go
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* Fix new Quic lib: KeepAlivePeriod

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-07-10 21:38:39 -04:00
世界
6f93ef7736
Remove useless error log 2022-06-01 11:11:53 +08:00
世界
f046feb9ca
Reformat code 2022-05-18 15:29:01 +08:00
yuhan6665
c9df755426 Add quic qlog to debug logs 2022-04-23 19:23:15 -04:00
yuhan6665
393d211d1e Rename quic session to connection
Co-authored-by: 秋のかえで <autmaple@protonmail.com>
2022-04-09 00:48:02 -04:00
hmol233
b3ab94ef5b Refine domain socket permission 2022-02-18 22:01:29 -05:00