Allow multiple XUDP in Mux when using XTLS Vision (server side)

This commit is contained in:
RPRX 2023-04-12 23:20:38 +08:00 committed by GitHub
parent 01b7e5e9be
commit b33b0bc89d
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
3 changed files with 22 additions and 1 deletions

View file

@ -132,6 +132,12 @@ func (w *ServerWorker) handleStatusNew(ctx context.Context, meta *FrameMetadata,
ctx = log.ContextWithAccessMessage(ctx, msg)
}
if network := session.AllowedNetworkFromContext(ctx); network != net.Network_Unknown {
if meta.Target.Network != network {
return newError("unexpected network ", meta.Target.Network) // it will break the whole Mux connection
}
}
if meta.GlobalID != [8]byte{} {
mb, err := NewPacketReader(reader, &meta.Target).ReadMultiBuffer()
if err != nil {

View file

@ -4,6 +4,7 @@ import (
"context"
_ "unsafe"
"github.com/xtls/xray-core/common/net"
"github.com/xtls/xray-core/features/routing"
)
@ -22,6 +23,7 @@ const (
trackedConnectionErrorKey
dispatcherKey
timeoutOnlyKey
allowedNetworkKey
)
// ContextWithID returns a new context with the given ID.
@ -147,3 +149,14 @@ func TimeoutOnlyFromContext(ctx context.Context) bool {
}
return false
}
func ContextWithAllowedNetwork(ctx context.Context, network net.Network) context.Context {
return context.WithValue(ctx, allowedNetworkKey, network)
}
func AllowedNetworkFromContext(ctx context.Context) net.Network {
if val, ok := ctx.Value(allowedNetworkKey).(net.Network); ok {
return val
}
return net.Network_Unknown
}

View file

@ -495,7 +495,7 @@ func (h *Handler) Process(ctx context.Context, network net.Network, connection s
return newError(account.ID.String() + " is not able to use " + requestAddons.Flow).AtWarning()
}
case "":
if account.Flow == vless.XRV && (request.Command == protocol.RequestCommandTCP || isMuxAndNotXUDP(request, first)) {
if account.Flow == vless.XRV && request.Command == protocol.RequestCommandTCP {
return newError(account.ID.String() + " is not able to use \"\". Note that the pure TLS proxy has certain TLS in TLS characters.").AtWarning()
}
default:
@ -510,6 +510,8 @@ func (h *Handler) Process(ctx context.Context, network net.Network, connection s
Reason: "",
Email: request.User.Email,
})
} else if account.Flow == vless.XRV {
ctx = session.ContextWithAllowedNetwork(ctx, net.Network_UDP)
}
sessionPolicy = h.policyManager.ForLevel(request.User.Level)