XTLS protocol: Apply Vision's padding to XUDP Mux & Minor fixes

It's recommended to enable XUDP Mux when using XTLS Vision
Thank @yuhan6665 for testing
This commit is contained in:
RPRX 2023-04-16 21:15:36 +00:00 committed by GitHub
parent b4c1a56026
commit 242f3b0e0b
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
3 changed files with 12 additions and 11 deletions

View file

@ -21,6 +21,7 @@ import (
"github.com/xtls/xray-core/common/signal"
"github.com/xtls/xray-core/features/stats"
"github.com/xtls/xray-core/proxy/vless"
"github.com/xtls/xray-core/transport/internet/reality"
"github.com/xtls/xray-core/transport/internet/stat"
"github.com/xtls/xray-core/transport/internet/tls"
)
@ -227,8 +228,10 @@ func XtlsRead(reader buf.Reader, writer buf.Writer, timer signal.ActivityUpdater
if ok {
iConn = statConn.Connection
}
if xc, ok := iConn.(*tls.Conn); ok {
iConn = xc.NetConn()
if tlsConn, ok := iConn.(*tls.Conn); ok {
iConn = tlsConn.NetConn()
} else if realityConn, ok := iConn.(*reality.Conn); ok {
iConn = realityConn.NetConn()
}
if tc, ok := iConn.(*net.TCPConn); ok {
newError("XtlsRead splice").WriteToLog(session.ExportIDToError(ctx))

View file

@ -456,10 +456,10 @@ func (h *Handler) Process(ctx context.Context, network net.Network, connection s
case vless.XRV:
if account.Flow == requestAddons.Flow {
switch request.Command {
case protocol.RequestCommandMux:
return newError(requestAddons.Flow + " doesn't support Mux").AtWarning()
case protocol.RequestCommandUDP:
return newError(requestAddons.Flow + " doesn't support UDP").AtWarning()
case protocol.RequestCommandMux:
fallthrough // we will break Mux connections that contain TCP requests
case protocol.RequestCommandTCP:
var t reflect.Type
var p uintptr
@ -474,10 +474,8 @@ func (h *Handler) Process(ctx context.Context, network net.Network, connection s
netConn = realityConn.NetConn()
t = reflect.TypeOf(realityConn.Conn).Elem()
p = uintptr(unsafe.Pointer(realityConn.Conn))
} else if _, ok := iConn.(*tls.UConn); ok {
return newError("XTLS only supports UTLS fingerprint for the outbound.").AtWarning()
} else {
return newError("XTLS only supports TCP, mKCP and DomainSocket for now.").AtWarning()
return newError("XTLS only supports TLS and REALITY directly for now.").AtWarning()
}
if pc, ok := netConn.(*proxyproto.Conn); ok {
netConn = pc.Raw()
@ -495,7 +493,7 @@ func (h *Handler) Process(ctx context.Context, network net.Network, connection s
return newError(account.ID.String() + " is not able to use " + requestAddons.Flow).AtWarning()
}
case "":
if account.Flow == vless.XRV && request.Command == protocol.RequestCommandTCP {
if account.Flow == vless.XRV && (request.Command == protocol.RequestCommandTCP || isMuxAndNotXUDP(request, first)) {
return newError(account.ID.String() + " is not able to use \"\". Note that the pure TLS proxy has certain TLS in TLS characters.").AtWarning()
}
default:

View file

@ -135,13 +135,13 @@ func (h *Handler) Process(ctx context.Context, link *transport.Link, dialer inte
fallthrough
case vless.XRV:
switch request.Command {
case protocol.RequestCommandMux:
requestAddons.Flow = "" // let server break Mux connections that contain TCP requests
case protocol.RequestCommandUDP:
if !allowUDP443 && request.Port == 443 {
return newError("XTLS rejected UDP/443 traffic").AtInfo()
}
requestAddons.Flow = ""
case protocol.RequestCommandMux:
fallthrough // let server break Mux connections that contain TCP requests
case protocol.RequestCommandTCP:
var t reflect.Type
var p uintptr
@ -158,7 +158,7 @@ func (h *Handler) Process(ctx context.Context, link *transport.Link, dialer inte
t = reflect.TypeOf(realityConn.Conn).Elem()
p = uintptr(unsafe.Pointer(realityConn.Conn))
} else {
return newError("XTLS only supports TCP, mKCP and DomainSocket for now.").AtWarning()
return newError("XTLS only supports TLS and REALITY directly for now.").AtWarning()
}
if sc, ok := netConn.(syscall.Conn); ok {
rawConn, _ = sc.SyscallConn()