Commit graph

211 commits

Author SHA1 Message Date
dragonbreath2000 002d08bf83
UDP noise (#3711)
* added udp noise

* adding protobuf settings

* freedom json parser and clean up

* resolve confict

* fix and clean up

* use net.conn instead of packetconnwrapper

* avoid constructing SequentialWriter directly

---------

Co-authored-by: mmmray <142015632+mmmray@users.noreply.github.com>
2024-08-28 17:10:11 -04:00
dyhkwong 815a959c96
Fix freedom PacketReader/PacketWriter type assertion (#3734) 2024-08-27 10:17:55 -04:00
mmmray 2be03c56cb
Pin protobuf packages (#3715)
* Pin protobuf packages

It happened in the past that I ran with the wrong protobuf version
installed locally, and apparently there is even still some file wrong in
splithttp. Fix this issue once and for all.

* bump protobuf packages

* Revert "bump protobuf packages"

This reverts commit 7a3509346a.

* Revert "Revert "bump protobuf packages""

This reverts commit bb79707d15.

* fix deprecated grpc usage
2024-08-22 10:18:36 -04:00
curlwget 790f908f0b
chore: fix some comment typos (#3716)
Signed-off-by: curlwget <curlwget@icloud.com>
2024-08-22 17:32:38 +08:00
チセ 41d03d1856 Wireguard inbound: Fix no route when bind to interface (#3698) 2024-08-20 08:20:01 +00:00
风扇滑翔翼 b612da26eb Socks inbound: Support HTTP inbound by default (#3682)
Co-authored-by: RPRX <63339210+RPRX@users.noreply.github.com>
2024-08-16 00:58:48 +00:00
风扇滑翔翼 9e93c19161
Freedom: Combine fragmented tlshello if interval is 0 (#3663)
Co-authored-by: RPRX <63339210+RPRX@users.noreply.github.com>
Co-authored-by: Ahmadreza Dorkhah <djahmadfire@gmail.com>
2024-08-10 05:06:00 +00:00
风扇滑翔翼 644901d1a5
Socks4a server: Check if the client sends an IP address as domain (#3628)
Fixes https://github.com/XTLS/Xray-core/issues/3622
2024-08-03 02:08:23 +00:00
yuhan6665 a342db3e28
Fix a nil pointer in Wireguard client logging (#3608) 2024-07-29 06:43:46 +00:00
yuhan6665 4cb2a128db Don't do raw/splice copy in case of MITM 2024-07-24 20:41:40 -04:00
MHSanaei 16de0937a8
Fix typos (#3527) 2024-07-12 00:20:06 +02:00
yuhan6665 079d0bd8a9
Refactor log (#3446)
* Refactor log

* Add new log methods

* Fix logger test

* Change all logging code

* Clean up pathObj

* Rebase to latest main

* Remove invoking method name after the dot
2024-06-29 14:32:57 -04:00
yuhan6665 bbf25b14d9 Update dependencies 2024-06-01 11:56:24 -04:00
RPRX ca07a705dc
Generate *.pb.go files with protoc v5.27.0
Download https://github.com/protocolbuffers/protobuf/releases/tag/v27.0
go install google.golang.org/protobuf/cmd/protoc-gen-go@v1.34.1
go install google.golang.org/grpc/cmd/protoc-gen-go-grpc@v1.3.0
(Xray-core/) go run ./infra/vprotogen
2024-05-26 03:20:53 +00:00
yuhan6665 9b6141b83f Wireguard dial with context 2024-05-22 09:02:20 -04:00
风扇滑翔翼 9ee9a0634e
Add UDPFilter to Socks5 server when auth == password (#3371)
Co-authored-by: RPRX <63339210+RPRX@users.noreply.github.com>
2024-05-22 03:02:45 +00:00
yuhan6665 121eb7b4fc Splice update timer to 8 hours for inbound timer 2024-05-19 23:56:42 -04:00
yuhan6665 3168d27b0b Splice update timer to 8 hours 2024-05-18 11:57:11 -04:00
yuhan6665 1d450cfbd2 Fix nil in inbound handler 2024-05-14 21:42:40 -04:00
yuhan6665 017f53b5fc
Add session context outbounds as slice (#3356)
* Add session context outbounds as slice

slice is needed for dialer proxy where two outbounds work on top of each other
There are two sets of target addr for example
It also enable Xtls to correctly do splice copy by checking both outbounds are ready to do direct copy

* Fill outbound tag info

* Splice now checks capalibility from all outbounds

* Fix unit tests
2024-05-13 21:52:24 -04:00
yuhan6665 548646fb06 Fix an edge case with tls hello fragment 2024-04-04 02:50:34 -04:00
yuhan6665 657c5c8570 Update HTTPUpgrade spelling and proto 2024-03-20 13:08:43 -04:00
yuhan6665 9b5c3f417e Fix user download stats with splice 2024-03-09 23:40:42 -05:00
A1lo a994bf8b04
chore: fix some errors detected by staticcheck (#3089)
* chore: fix some errors detected by staticcheck

* feat: remove `rand.Seed()` usage for possibly using "fastrand64" runtime to avoid locking

ref: https://pkg.go.dev/math/rand#Seed
2024-03-03 10:52:22 -05:00
yuhan6665 a0f1e1f377 FakeDNS return TTL=1 and drop HTTPS QType 65 request
Co-authored-by: qwerr0
2024-02-21 11:09:51 -05:00
deorth-kku cae94570df Fixing tcp connestions leak
- always use HandshakeContext instead of Handshake

- pickup dailer dropped ctx

- rename HandshakeContextAddress to HandshakeAddressContext
2024-02-19 09:32:40 -05:00
yuhan6665 fa5d7a255b
Least load balancer (#2999)
* v5: Health Check & LeastLoad Strategy (rebased from 2c5a71490368500a982018a74a6d519c7e121816)

Some changes will be necessary to integrate it into V2Ray

* Update proto

* parse duration conf with time.Parse()

* moving health ping to observatory as a standalone component

* moving health ping to observatory as a standalone component: auto generated file

* add initialization for health ping

* incorporate changes in router implementation

* support principle target output

* add v4 json support for BurstObservatory & fix balancer reference

* update API command

* remove cancelled API

* return zero length value when observer is not found

* remove duplicated targeted dispatch

* adjust test with updated structure

* bug fix for observer

* fix strategy selector

* fix strategy least load

* Fix ticker usage

ticker.Close does not close ticker.C

* feat: Replace default Health Ping URL to HTTPS (#1991)

* fix selectLeastLoad() returns wrong number of nodes (#2083)

* Test: fix leastload strategy unit test

* fix(router): panic caused by concurrent map read and write (#2678)

* Clean up code

---------

Co-authored-by: Jebbs <qjebbs@gmail.com>
Co-authored-by: Shelikhoo <xiaokangwang@outlook.com>
Co-authored-by: 世界 <i@sekai.icu>
Co-authored-by: Bernd Eichelberger <46166740+4-FLOSS-Free-Libre-Open-Source-Software@users.noreply.github.com>
Co-authored-by: 秋のかえで <autmaple@protonmail.com>
Co-authored-by: Rinka <kujourinka@gmail.com>
2024-02-17 22:51:37 -05:00
yuhan6665 a15334b395 Go back to first fix (revet d21e9b0abd)
Xtls is magic, don't play with it ;)

A knowledged guess is the timing to switch to splice is very sensitive. Now both Xtls and Freedom outound do the switching when pipe just finished one buffer
2024-02-17 11:16:37 -05:00
yuhan6665 09656bd5d1 Add back sleep for freedom splice 2024-02-15 21:18:56 -05:00
lunafe b091076bae fix #2970 parsing IPv6 address in wireguard peers configure 2024-02-12 10:45:12 -05:00
Iain Lau 3a99520370 Add PROXY Protocol support for freedom outbound 2024-02-05 10:08:51 -05:00
RPRX ad3d347cfc
XTLS Vision: Apply padding to single XUDP by default at client side
Requires Xray-core v1.8.1+ at server side: 242f3b0e0b
2024-02-02 20:32:46 +00:00
yuhan6665 d21e9b0abd Try a better fix for rare ssl error with freedom splice
It seems the root cause is if the flag set at the inbound pipe reader, it is a race condition and freedom outbound can possibly do splice at the same time with inbound xtls writer.
Now we set the flag at the earliest and always do splice at the next buffer cycle.
2024-01-26 04:42:45 -05:00
yuhan6665 3167a70ff8 Try to fix rare ssl error with freedom splice 2024-01-26 02:29:26 -05:00
yuhan6665 d60281d0a5 Add DestIpAddress() in Dialer interface
Android client prepares an IP before proxy connection is established. It is useful when connecting to wireguard (or quic) outbound with domain address. E.g. engage.cloudflareclient.com:2408
2023-12-18 18:36:56 -05:00
H1JK c01a30e8f4 Cleanup sing buffer usage 2023-12-17 17:37:08 -05:00
wyx2685 31a8fae764 Fix deprecated StackNew() function 2023-12-12 11:28:26 -05:00
yuhan6665 6f092bd212
Add "masterKeyLog" in TLS config (#2758)
* Add "enableMasterKeyLog" in TLS config

Turn on the debug option for Wireshark to decrypt traffic

* Change to "masterKeyLog" to configure a path
2023-11-27 10:08:34 -05:00
yuhan6665 2570855cd7 Update v1.8.6 2023-11-17 20:11:40 -05:00
hax0r31337 0ac7da2fc8
WireGuard Inbound (User-space WireGuard server) (#2477)
* feat: wireguard inbound

* feat(command): generate wireguard compatible keypair

* feat(wireguard): connection idle timeout

* fix(wireguard): close endpoint after connection closed

* fix(wireguard): resolve conflicts

* feat(wireguard): set cubic as default cc algorithm in gVisor TUN

* chore(wireguard): resolve conflict

* chore(wireguard): remove redurant code

* chore(wireguard): remove redurant code

* feat: rework server for gvisor tun

* feat: keep user-space tun as an option

* fix: exclude android from native tun build

* feat: auto kernel tun

* fix: build

* fix: regulate function name & fix test
2023-11-17 22:27:17 -05:00
yuhan6665 d9fd3f8eb1
Freedom xdomain strategy (#2719)
* 统一 `domainStrategy` 行为.

* aliases NG.

* 化简.

* 调整.

* Let it crash.

* Update proto

---------

Co-authored-by: rui0572 <125641819+rui0572@users.noreply.github.com>
2023-11-12 16:27:39 -05:00
yuhan6665 a109389efb
Wireguard resolve strategy (#2717)
* 增加 wireguard 出站选项 `resolveStrategy`.

* They become a part of you.

* 移除不必要的选项别名.

* aliases NG.

* 微调.

---------

Co-authored-by: rui0572 <125641819+rui0572@users.noreply.github.com>
2023-11-12 15:52:09 -05:00
yuhan6665 5ae3791a8e
feat : upgrade wireguard go sdk (#2716)
Co-authored-by: kunson <kunson@kunsondeMacBook-Pro-3.local>
Co-authored-by: 世界 <i@sekai.icu>
2023-11-12 15:10:01 -05:00
yuhan6665 999bdc58d3 Turn on freedom splice by default 2023-10-29 15:16:57 -04:00
yuhan6665 4f05e0ac2b Unify environment var readers 2023-10-29 15:16:57 -04:00
yuhan6665 291061e9da Fix an edge case reshaping buffer too long 2023-10-21 03:20:51 -04:00
yuhan6665 cf575be678 Fix unwrap tls conn 2023-09-21 15:35:56 -04:00
yuhan6665 585d5ba7c8 Fix Vision reader 2023-09-17 12:56:29 -04:00
yuhan6665 d6d225c698 Refactor Vision reader writer
- Vision now use traffic states to capture two-way info about a connection
- XTLS is de-couple with Vision, it only read traffic states to switch to direct copy mode
- fix a edge case error when Vision unpadding read 5 command bytes
2023-09-13 08:01:34 -04:00
yuhan6665 efd32b0fb2 Enable splice for freedom outbound (downlink only)
- Add outbound name
- Add outbound conn in ctx
- Refactor splice: it can be turn on from all inbounds and outbounds
- Refactor splice: Add splice copy to vless inbound
- Fix http error test
- Add freedom splice toggle via env var
- Populate outbound obj in context
- Use CanSpliceCopy to mark a connection
- Turn off splice by default
2023-09-07 14:17:39 -04:00