Commit graph

110 commits

Author SHA1 Message Date
yuhan6665 acb81ebe3d
Verify peer cert function for better man in the middle prevention (#746)
* verify peer cert function for better man in the middle prevention

* publish cert chain hash generation algorithm

* added calculation of certificate hash as separate command and tlsping, use base64 to represent fingerprint to align with jsonPb

* apply coding style

* added test case for pinned certificates

* refactored cert pin

* pinned cert test

* added json loading of the PinnedPeerCertificateChainSha256

* removed tool to prepare for v5

* Add server cert pinning for Xtls

Change command "xray tls certChainHash" to xray style

Co-authored-by: Shelikhoo <xiaokangwang@outlook.com>
2021-10-22 12:38:40 +08:00
yuhan6665 45dc97e2b6
Use shadowsocket's bloomring for shadowsocket's replay protection (#764)
* use shadowsocket's bloomring for shadowsocket's replay protection

* added shadowsockets iv check for tcp socket

* Rename to shadowsockets iv check

* shadowsocks iv check config file

* iv check should proceed after decryption

* use shadowsocket's bloomring for shadowsocket's replay protection

* Chore: format code (#842)

Co-authored-by: Shelikhoo <xiaokangwang@outlook.com>
Co-authored-by: Loyalsoldier <10487845+Loyalsoldier@users.noreply.github.com>
2021-10-22 12:38:40 +08:00
yuhan6665 3bf3d96472
Fix: JSON tag case (#1212) (#778)
JSON unmarshal is case insensitive in Golang

Co-authored-by: Loyalsoldier <10487845+Loyalsoldier@users.noreply.github.com>
2021-10-22 12:38:40 +08:00
世界 a3023e43ef
Add routeOnly sniffing option 2021-10-22 11:57:23 +08:00
yuhan6665 6b6974c804
Fakedns improvements (#731)
Co-authored-by: Shelikhoo <xiaokangwang@outlook.com>
Co-authored-by: sixg0000d <sixg0000d@gmail.com>
Co-authored-by: Loyalsoldier <10487845+Loyalsoldier@users.noreply.github.com>
2021-10-20 13:15:49 +08:00
yuhan6665 e286cdcaa8
Style: format code by gofumpt (#761) 2021-10-20 00:57:14 +08:00
世界 cd4631ce99
Merge dns (#722)
* DNS: add clientip for specific nameserver

* Refactoring: DNS App

* DNS: add DNS over QUIC support

* Feat: add disableCache option for DNS

* Feat: add queryStrategy option for DNS

* Feat: add disableFallback & skipFallback option for DNS

* Feat: DNS hosts support multiple addresses

* Feat: DNS transport over TCP

* DNS: fix typo & refine code

* DNS: refine code

* Add disableFallbackIfMatch dns option

* Feat: routing and freedom outbound ignore Fake DNS

Turn off fake DNS for request sent from Routing and Freedom outbound.
Fake DNS now only apply to DNS outbound.
This is important for Android, where VPN service take over all system DNS
traffic and pass it to core.  "UseIp" option can be used in Freedom outbound
to avoid getting fake IP and fail connection.

* Fix test

* Fix dns return

* Fix local dns return empty

* Apply timeout to dns outbound

* Update app/dns/config.go

Co-authored-by: Loyalsoldier <10487845+loyalsoldier@users.noreply.github.com>
Co-authored-by: Ye Zhihao <vigilans@foxmail.com>
Co-authored-by: maskedeken <52683904+maskedeken@users.noreply.github.com>
Co-authored-by: V2Fly Team <51714622+vcptr@users.noreply.github.com>
Co-authored-by: CalmLong <37164399+calmlong@users.noreply.github.com>
Co-authored-by: Shelikhoo <xiaokangwang@outlook.com>
Co-authored-by: 秋のかえで <autmaple@protonmail.com>
Co-authored-by: 朱聖黎 <digglife@gmail.com>
Co-authored-by: rurirei <72071920+rurirei@users.noreply.github.com>
Co-authored-by: yuhan6665 <1588741+yuhan6665@users.noreply.github.com>
Co-authored-by: Arthur Morgan <4637240+badO1a5A90@users.noreply.github.com>
2021-10-16 21:02:51 +08:00
yuhan6665 e6711d1b48
Add header and method support to http2 transport (#755)
Co-authored-by: Shelikhoo <xiaokangwang@outlook.com>
2021-10-12 15:58:12 +00:00
yuhan6665 4bb61701b5
Add tcpKeepAliveInterval in transport sockopt (#754)
Co-authored-by: Ahmad Karimi <ak12hastam@gmail.com>
Co-authored-by: Shelikhoo <xiaokangwang@outlook.com>
2021-10-12 15:39:08 +00:00
yuhan6665 3554886ce1
vformat supports multi-core processing (#757)
* Feat: vformat supports multi-core processing (#996)

Co-authored-by: Loyalsoldier <10487845+Loyalsoldier@users.noreply.github.com>
2021-10-12 15:29:22 +00:00
KallyDev 4abf98c1be
Move from deprecated ioutil to os and io packages (#744) 2021-09-29 02:49:34 +08:00
yuhan6665 1ef824c0b4
Fix go generate core/format.go (#725) 2021-09-27 13:45:02 +08:00
hmol233 7033f7cf5f
Fix: protobuf file (#724) 2021-09-20 22:41:09 +08:00
Arthur Morgan ffc2f7c4e2 Style: format code 2021-09-20 21:00:55 +08:00
yuhan6665 dbcbb519e3
Feat: format code in one-key (#719)
Co-authored-by: Loyalsoldier <10487845+Loyalsoldier@users.noreply.github.com>
2021-09-20 14:22:52 +08:00
yuhan6665 42d158bd85
vprotogen refine (#717)
* Update all proto files with existing vprotogen
* Chore: remove protoc-gen-gofast
* Feat: vprotogen adds version detector to block generation code from old protobuf version
* Feat: vprotogen refine logic

Co-authored-by: Loyalsoldier <10487845+Loyalsoldier@users.noreply.github.com>
2021-09-18 01:16:14 +08:00
yuhan6665 00bcd40c34
remove deprecate ciphers in shadowsocks (#710)
* remove deprecate ciphers in shadowsocks

Co-authored-by: Kslr <kslrwang@gmail.com>
2021-09-17 04:13:07 +08:00
yuhan6665 1adfc2720a
Allow bulk definition of domain matcher at parent level (#713)
Co-authored-by: Shelikhoo <xiaokangwang@outlook.com>
2021-09-17 04:07:35 +08:00
Arthur Morgan d9d239750b
Merge pull request #633 from XTLS/feature/h2-health-check
Add health check for h2 & gRPC
2021-09-08 00:52:10 +08:00
hmol233 31c7141fef
gRPC: add keepalive option PermitWithoutStream 2021-07-05 21:25:21 +08:00
hmol233 d9d04a230f
Add h2 & gRPC health check 2021-07-03 16:01:59 +08:00
hmol233 53b99efe78
Add: reject unknown SNI
Co-Authored-By: 玖柒Max <60207794+jiuqi9997@users.noreply.github.com>
2021-05-09 23:47:21 +08:00
秋のかえで 7b7084f825
Refactor: A faster DomainMatcher implementation (#348)
Co-authored-by: DarthVader <61409963+darsvador@users.noreply.github.com>
2021-04-18 13:21:17 +08:00
risetechlab b63049f404
Fix: TFO AsIs bug (#452) 2021-03-30 16:42:02 +00:00
RPRX a9e11075d1
Add uTLS fingerprints support (#451) 2021-03-29 10:08:29 +00:00
Jim Han 3fe85449a9
Use 198.18.0.0/16 as default Fake IP Pool (#377) 2021-03-14 15:58:27 +00:00
RPRX a0a32ee00d
Add gRPC Transport support (#356)
Co-authored-by: JimhHan <50871214+JimhHan@users.noreply.github.com>
2021-03-14 15:02:07 +00:00
RPRX 60b06877bf
Add WebSocket 0-RTT support (#375) 2021-03-14 07:10:10 +00:00
Raymond Luo fcc9d97074
Do not cause error when json:"fallback" is null (#361)
Co-authored-by: RPRX <63339210+rprx@users.noreply.github.com>
2021-03-10 16:17:27 +00:00
yuhan6665 f50eff5ebb
Add Fake DNS support (#309)
Co-authored-by: Xiaokang Wang <xiaokangwang@outlook.com>
Co-authored-by: loyalsoldier <10487845+Loyalsoldier@users.noreply.github.com>
Co-authored-by: kslr <kslrwang@gmail.com>
2021-03-07 04:39:50 +00:00
Jim Han db32ce6fd9
Enhance DNS and Dialer (#341) 2021-03-06 16:29:17 +00:00
risetechlab ad1807dd99
Enhance TCP Fast Open (#310) 2021-03-06 14:45:12 +00:00
秋のかえで 1dae2c5636
feat: vmess zero encryption (#333) 2021-03-05 08:41:18 +00:00
RPRX 8b9c0ae593
Enable (X)TLS hot reloading by default (#281)
Super BiuBiu
2021-02-20 02:15:57 +00:00
eMeab 81d993158f
Support hot reloading of certificate and key files (#225) 2021-02-12 15:33:19 +00:00
Monsoon 1b87264c53
Support loading config from different formats (#228) 2021-02-12 14:12:58 +00:00
Jim Han 4cd343f2d5
Fix tests (#201)
Co-authored-by: RPRX <63339210+rprx@users.noreply.github.com>
2021-01-30 13:01:20 +00:00
Arthur Morgan ba41513967
Changes from v2fly-core (#173) 2021-01-22 03:35:56 +00:00
秋のかえで 0b4858d016
Feature: Exclude some domains in sniffing destOverride (#151)
Co-authored-by: RPRX <63339210+rprx@users.noreply.github.com>
2021-01-21 20:50:09 +00:00
RPRX 33755d6e90
Refactor: Shadowsocks AEAD Single-port Multi-user (Needs Optimizations)
https://t.me/projectXray/170851
2021-01-18 22:52:35 +00:00
RPRX 99863aa2ac
Add SNI shunt support for Trojan fallbacks 2021-01-18 07:41:00 +00:00
eMeab d85162ea44
Add SNI shunt support for VLESS (#141) 2021-01-13 15:13:51 +00:00
RPRX 157918859f
Add pre-checking conversion for VLESS & VMess UUID
https://github.com/XTLS/Xray-core/issues/158
2021-01-12 11:31:02 +00:00
秋のかえで 38ec9208d8
Change TOML package to github.com/pelletier/go-toml (#119) 2021-01-01 11:37:38 +00:00
RPRX 7df135a5c4
Disable session resumption by default
https://github.com/v2fly/v2ray-core/issues/557#issuecomment-751962569
2021-01-01 11:33:09 +00:00
RPRX a78db47571
Adjust OCSP Stapling 2020-12-25 15:10:12 +00:00
RPRX ffd8fd1d8a Adjust JSON & TOML & YAML 2020-12-25 18:53:17 +08:00
eMeab 3d7e86efba
Add OCSP Stapling for TLS & XTLS (#92) 2020-12-25 08:01:20 +00:00
Arthur Morgan 6f25191822
Changes from v2ray-core (#93) 2020-12-24 19:45:35 +00:00
Monsoon 85619b5a29
Add YAML Support (#86) 2020-12-24 19:30:26 +00:00
秋のかえで f073456ac0
Add TOML Support (#98) 2020-12-24 19:11:32 +00:00
RPRX 38faac5ffc
Adjust config loader of TLS & XTLS 2020-12-16 15:59:04 +00:00
eMeab 88dfed931b
Add cipherSuites setting for TLS & XTLS (#78) 2020-12-16 12:53:55 +00:00
eMeab dab978749c
Add minVersion setting for TLS & XTLS (#77) 2020-12-16 05:20:24 +00:00
RPRX 45f44c401a
Refactor: Optimize Memory Usage At Startup
https://github.com/XTLS/Xray-core/issues/68#issuecomment-745231528
2020-12-15 20:27:18 +08:00
RPRX 2e942e0303
Fix Trojan XTLS 2020-12-14 17:05:15 +08:00
JimhHan 9c0f0a0cd5
Fix: Code generator & API (#52) 2020-12-10 03:52:05 +00:00
RPRX 98da186471
Allow Splice on Android 2020-12-04 03:25:25 +00:00
RPRX 16544c18ab v1.1.0 2020-12-04 09:36:16 +08:00
RPRX c7f7c08ead v1.0.0 2020-11-25 19:01:53 +08:00