Commit graph

159 commits

Author SHA1 Message Date
amir-devman e1843be1c8 fix(ip-restriction): protect usrIpRstrct from concurrent access 2023-07-19 23:16:29 +00:00
Devman 6a0ff0efce chore(vless): use email instead of id for ip restriction 2023-06-30 21:29:07 +00:00
Devman 343adca4c0 feat(trojan): ip restriction for trojan 2023-06-30 21:28:36 +00:00
Devman 97fa8827e2 feat(vmess): ip restriction for vmess 2023-06-30 21:28:24 +00:00
Devman 3d692eb208 !feat(vless): IP restriction
Beta, only works for vless for now and it's not perfect needs a lot of testing.
2023-06-30 13:13:36 +00:00
Eken Chan 6d8fe7315f XRV should work without rawConn 2023-06-22 10:21:27 -04:00
RPRX ee21763928 Run "go fmt ./..." 2023-06-18 09:46:57 -04:00
RPRX 667279af57 Add "nonIPQuery" to DNS outbound ("drop" by default)
And fixed a memory leak
And regenerated *.pb.go
2023-06-18 09:45:32 -04:00
rrouzbeh 9122d0f056 Add TLS Hello Fragmentation for freedom outbound (#2131)
* Replace TCP Segmentation with TLS Hello Fragmentation

* Update infra/conf/freedom.go

* Refine proxy/freedom/freedom.go

---------

Co-authored-by: RPRX <63339210+RPRX@users.noreply.github.com>
2023-06-18 09:27:55 -04:00
yuhan6665 9112cfd39c
Clean legacy vmess (#2199)
* Remove legacy Vmess

* validators

* protos
2023-06-12 10:32:25 -04:00
yuhan6665 d11d72be6c Update proto file and fix protoc version parsing
The new protoc cli return version v23.1,
so we parse the file version v4.23.1 without "4."
2023-06-11 13:36:06 -04:00
yuhan6665 c9f517108c Remove mtproto 2023-06-06 23:38:34 -04:00
sambali9 5f5ae37571
Added tcp fragmentation for freedom outbound (#2021)
* Added tcp fragmentation for freedom outbound

* Added TCP_NODELAY to outbound sockopt

* Changed fragment parameters to accept ranges and changed strategy to use length

* Changed packetNumber to packets, supporting range.

* Refactored the freedom fragment logic

* Refine Write()

---------

Co-authored-by: RPRX <63339210+RPRX@users.noreply.github.com>
2023-05-22 02:59:58 +00:00
jcdong98 e7324700ed Fix memory leak caused by Wireguard outbound 2023-05-14 20:05:04 -04:00
Zeyu Chen bfd5da2f00 fix: dns empty response 2023-05-01 10:19:50 -04:00
世界 18e5b0963f
Update dependencies 2023-04-23 19:32:07 +08:00
RPRX 242f3b0e0b
XTLS protocol: Apply Vision's padding to XUDP Mux & Minor fixes
It's recommended to enable XUDP Mux when using XTLS Vision
Thank @yuhan6665 for testing
2023-04-16 21:15:36 +00:00
RPRX 4f601530fa
Allow multiple XUDP in Mux when using XTLS Vision (client side) 2023-04-14 22:51:09 +00:00
RPRX b33b0bc89d
Allow multiple XUDP in Mux when using XTLS Vision (server side) 2023-04-12 23:20:38 +08:00
yuhan6665 05d24d6827 Amend XUDP related logs
- Useful for debug XUDP improvements
- Move XUDP log in core log
- Freedom connection log show local port
2023-04-09 13:29:39 -04:00
RPRX be23d5d3b7
XUDP protocol: Add Global ID & UoT Migration
The first UoT protocol that supports UoT Migration
Thank @yuhan6665 for testing
2023-04-06 10:21:35 +00:00
世界 172f353bd7
Update dependencies 2023-03-20 15:01:38 +08:00
世界 55efac7236
Reformat code 2023-03-17 13:17:08 +08:00
世界 f57ec13880
Update UoT protocol 2023-03-17 13:17:08 +08:00
RPRX c04c333afc
They become a part of you 2023-03-04 15:39:27 +00:00
yuhan6665 9e5bc07bf2
Legends never die (#1725) 2023-03-04 10:39:26 +00:00
RPRX 4c8ee0af50
Set reserved to zero after Read()
Thank @IRN-Kawakaze for testing
2023-03-03 15:39:16 +00:00
yuhan6665 25ea69fc3a Fix Vision inserting multiple uuid headers
This happen for stream inbound like http
2023-03-03 09:45:10 -05:00
yuhan6665 a4790133d2 Fix padding extends out of bound again 2023-03-02 21:42:48 -05:00
RPRX ccba465590
Add reserved to WireGuard config
Fixes https://github.com/XTLS/Xray-core/issues/1730
2023-03-02 16:55:42 +00:00
yuhan6665 7b54255cc1 Fix padding extends out of bound 2023-03-01 08:43:00 -05:00
yuhan6665 2d898480be
Vision padding upgrade (#1646)
* Vision server allow multiple blocks of padding

* Fix Vision client to support multiple possible padding blocks

* Vision padding upgrade

- Now we have two types of padding: long (pad to 900-1400) and traditional (0-256)
- Long padding is applied to tls handshakes and first (empty) packet
- Traditional padding is applied to all beginning (7) packets of the connection (counted two-way)
- Since receiver changed its way to unpad buffer in fd6973b3c6, we can freely extend padding packet length easily in the future
- Simplify code

* Adjust receiver withinPaddingBuffers

Now default withinPaddingBuffers = true to give it a chance to do unpadding

* Fix magic numbers for Vision
Thanks @H1JK

Thanks @RPRX for guidance
2023-02-27 22:14:37 -05:00
RPRX c38179a67f
Upgrade github.com/xtls/reality to f34b4d174342
Fixes https://github.com/XTLS/Xray-core/issues/1712
2023-02-26 19:26:57 +08:00
Hellojack 267d93f7bd
Improve ReshapeMultiBuffer (#1636)
* Improve ReshapeMultiBuffer

* Improve again

* Always resize
2023-02-24 11:42:02 -05:00
RPRX 4d2e2b24d3
THE NEXT FUTURE becomes THE REALITY NOW
Thank @yuhan6665 for testing
2023-02-15 16:07:12 +00:00
yuhan6665 c3faa8b7ac
Insert padding with empty content to camouflage VLESS header (#1610)
This only affects the Vision client for protocols expecting server to send data first.
The change is compatible with existing version of Vision server.
2023-02-06 06:45:09 +00:00
RPRX 74416570d4
Format VLESS inbound.go and outbound.go 2023-01-31 18:02:12 +00:00
RPRX b70912799b
Generate *.pb.go files with protoc v3.21.12
https://github.com/protocolbuffers/protobuf/releases/tag/v21.12
go install google.golang.org/protobuf/cmd/protoc-gen-go@v1.28
go install google.golang.org/grpc/cmd/protoc-gen-go-grpc@v1.2
go run ./infra/vprotogen
2023-01-30 04:35:30 +00:00
yuhan6665 15bb23e4ec
XTLS Vision rejects Mux except for XUDP (#1567)
* Xtls vision reject vless-tcp-tls+Mux

* Address review comment
2023-01-28 05:39:36 +00:00
yuhan6665 fb212905bd
XTLS Vision checks outer TLS version (#1554) 2023-01-27 03:43:58 +00:00
MP 77d2f9edd7
Revise the Code per XTLS#1515 (#1536)
* Use buf.FromBytes(make([]byte, 0, buf.Size)) to create `first`

Fixes https://github.com/XTLS/Xray-core/issues/1515

* Update server.go

* Update inbound.go

Co-authored-by: RPRX <63339210+RPRX@users.noreply.github.com>
2023-01-16 22:18:58 -05:00
RPRX 8c0d3c0257
XTLS Vision supports acceptProxyProtocol (test needed)
Fixes https://github.com/XTLS/Xray-core/issues/1339
2023-01-07 11:01:53 +00:00
RPRX 6f61021f7a
XTLS Vision processes struct TLS Conn's input and rawInput
Fixes https://github.com/XTLS/Xray-core/issues/1444
2023-01-06 05:37:16 +00:00
yuhan6665 c4fbdf1b78 Run core/format.go 2022-12-25 19:47:53 -05:00
PMExtra c9b6fc0104 Add custom header support for HTTP proxy 2022-12-18 21:48:23 -05:00
pocketW a55cf1d0bf fix: email inconsistent 2022-12-15 08:35:07 -05:00
yuhan6665 f35ded79ad Vision only reject TCP command for VLESS-TCP-TLS
UDP and MUX command currently has no flow value.
Also the character is the same with or without XTLS
2022-12-12 21:20:01 -05:00
yuhan6665 bc4de6a026 Fix VLESS client doesn't handle traffic if not send data first
Certain ssh, mySQL and reverse proxy need server data first in a connection
2022-12-11 09:44:40 -05:00
yuhan6665 2e30093ffd Enforce specific none flow for xtls vision
In the past, when user open xtls vision on the server side, plain vless+tls can connect.
Pure tls is known to have certain tls in tls characters.
Now  server need to specify "xtls-rprx-vision,none" for it be able usable on the same port.
2022-12-04 23:15:36 -05:00
yuhan6665 1d7c40d728 Enable Xtls Vision (Direct not Splice) for any inbound connection
Before this change, Vision client need a pure inbound like socks or http.
After this change, it will support any inbound.
This is useful in traffic forwarder use case inside China.
2022-12-04 23:15:36 -05:00