XTLS Vision rejects Mux except for XUDP (#1567)

* Xtls vision reject vless-tcp-tls+Mux

* Address review comment
This commit is contained in:
yuhan6665 2023-01-28 00:39:36 -05:00 committed by GitHub
parent 915690b9ef
commit 15bb23e4ec
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23

View file

@ -154,6 +154,19 @@ func New(ctx context.Context, config *Config, dc dns.Client) (*Handler, error) {
return handler, nil return handler, nil
} }
func isMuxAndNotXUDP(request *protocol.RequestHeader, first *buf.Buffer) bool {
if request.Command != protocol.RequestCommandMux {
return false
}
if first.Len() < 7 {
return true
}
firstBytes := first.Bytes()
return !(firstBytes[2] == 0 && // ID high
firstBytes[3] == 0 && // ID low
firstBytes[6] == 2) // Network type: UDP
}
// Close implements common.Closable.Close(). // Close implements common.Closable.Close().
func (h *Handler) Close() error { func (h *Handler) Close() error {
return errors.Combine(common.Close(h.validator)) return errors.Combine(common.Close(h.validator))
@ -513,7 +526,7 @@ func (h *Handler) Process(ctx context.Context, network net.Network, connection s
return newError(account.ID.String() + " is not able to use " + requestAddons.Flow).AtWarning() return newError(account.ID.String() + " is not able to use " + requestAddons.Flow).AtWarning()
} }
case "", "none": case "", "none":
if accountFlow == vless.XRV && !allowNoneFlow && request.Command == protocol.RequestCommandTCP { if accountFlow == vless.XRV && !allowNoneFlow && (request.Command == protocol.RequestCommandTCP || isMuxAndNotXUDP(request, first)) {
return newError(account.ID.String() + " is not able to use " + vless.XRV + return newError(account.ID.String() + " is not able to use " + vless.XRV +
". Note the pure tls proxy has certain tls in tls characters. Append \",none\" in flow to suppress").AtWarning() ". Note the pure tls proxy has certain tls in tls characters. Append \",none\" in flow to suppress").AtWarning()
} }