black-internet-days-ahead/sing-box
1
0
Fork 0
mirror of https://github.com/SagerNet/sing-box.git synced 2024-11-12 20:03:38 +00:00
Code Issues Packages Projects Releases Wiki Activity

Add multi user support for hysteria inbound

Browse source
This commit is contained in:
世界 2022-11-09 21:00:08 +08:00
parent 5510c474c7
commit 617aba84e4
No known key found for this signature in database
GPG key ID: CD109927C34A63C4
2 changed files with 35 additions and 13 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

35
inbound/hysteria.go
View file

@ -3,7 +3,6 @@
package inbound package inbound
import ( import (
"bytes"
"context" "context"
"sync" "sync"
@ -16,9 +15,13 @@ import (
"github.com/sagernet/sing-box/option" "github.com/sagernet/sing-box/option"
"github.com/sagernet/sing-box/transport/hysteria" "github.com/sagernet/sing-box/transport/hysteria"
"github.com/sagernet/sing/common" "github.com/sagernet/sing/common"
"github.com/sagernet/sing/common/auth"
E "github.com/sagernet/sing/common/exceptions" E "github.com/sagernet/sing/common/exceptions"
F "github.com/sagernet/sing/common/format"
M "github.com/sagernet/sing/common/metadata" M "github.com/sagernet/sing/common/metadata"
N "github.com/sagernet/sing/common/network" N "github.com/sagernet/sing/common/network"
"golang.org/x/exp/slices"
) )
var _ adapter.Inbound = (*Hysteria)(nil) var _ adapter.Inbound = (*Hysteria)(nil)
@ -27,7 +30,8 @@ type Hysteria struct {
myInboundAdapter myInboundAdapter
quicConfig *quic.Config quicConfig *quic.Config
tlsConfig tls.ServerConfig tlsConfig tls.ServerConfig
authKey []byte authKey []string
authUser []string
xplusKey []byte xplusKey []byte
sendBPS uint64 sendBPS uint64
recvBPS uint64 recvBPS uint64
@ -60,12 +64,16 @@ func NewHysteria(ctx context.Context, router adapter.Router, logger log.ContextL
if quicConfig.MaxIncomingStreams == 0 { if quicConfig.MaxIncomingStreams == 0 {
quicConfig.MaxIncomingStreams = hysteria.DefaultMaxIncomingStreams quicConfig.MaxIncomingStreams = hysteria.DefaultMaxIncomingStreams
} }
var auth []byte authKey := common.Map(options.Users, func(it option.HysteriaUser) string {
if len(options.Auth) > 0 { if len(it.Auth) > 0 {
auth = options.Auth return string(it.Auth)
} else { } else {
auth = []byte(options.AuthString) return it.AuthString
} }
})
authUser := common.Map(options.Users, func(it option.HysteriaUser) string {
return it.Name
})
var xplus []byte var xplus []byte
if options.Obfs != "" { if options.Obfs != "" {
xplus = []byte(options.Obfs) xplus = []byte(options.Obfs)
@ -104,7 +112,8 @@ func NewHysteria(ctx context.Context, router adapter.Router, logger log.ContextL
listenOptions: options.ListenOptions, listenOptions: options.ListenOptions,
}, },
quicConfig: quicConfig, quicConfig: quicConfig,
authKey: auth, authKey: authKey,
authUser: authUser,
xplusKey: xplus, xplusKey: xplus,
sendBPS: up, sendBPS: up,
recvBPS: down, recvBPS: down,
@ -158,7 +167,6 @@ func (h *Hysteria) acceptLoop() {
if err != nil { if err != nil {
return return
} }
h.logger.InfoContext(ctx, "inbound connection from ", conn.RemoteAddr())
go func() { go func() {
hErr := h.accept(ctx, conn) hErr := h.accept(ctx, conn)
if hErr != nil { if hErr != nil {
@ -178,12 +186,21 @@ func (h *Hysteria) accept(ctx context.Context, conn quic.Connection) error {
if err != nil { if err != nil {
return err return err
} }
if !bytes.Equal(clientHello.Auth, h.authKey) { userIndex := slices.Index(h.authKey, string(clientHello.Auth))
if userIndex == -1 {
err = hysteria.WriteServerHello(controlStream, hysteria.ServerHello{ err = hysteria.WriteServerHello(controlStream, hysteria.ServerHello{
Message: "wrong password", Message: "wrong password",
}) })
return E.Errors(E.New("wrong password: ", string(clientHello.Auth)), err) return E.Errors(E.New("wrong password: ", string(clientHello.Auth)), err)
} }
user := h.authUser[userIndex]
if user == "" {
user = F.ToString(userIndex)
} else {
ctx = auth.ContextWithUser(ctx, user)
}
h.logger.InfoContext(ctx, "[", user, "] inbound connection from ", conn.RemoteAddr())
h.logger.DebugContext(ctx, "peer send speed: ", clientHello.SendBPS/1024/1024, " MBps, peer recv speed: ", clientHello.RecvBPS/1024/1024, " MBps")
if clientHello.SendBPS == 0 || clientHello.RecvBPS == 0 { if clientHello.SendBPS == 0 || clientHello.RecvBPS == 0 {
return E.New("invalid rate from client") return E.New("invalid rate from client")
} }

9
option/hysteria.go
View file

@ -7,8 +7,7 @@ type HysteriaInboundOptions struct {
Down string `json:"down,omitempty"` Down string `json:"down,omitempty"`
DownMbps int `json:"down_mbps,omitempty"` DownMbps int `json:"down_mbps,omitempty"`
Obfs string `json:"obfs,omitempty"` Obfs string `json:"obfs,omitempty"`
Auth []byte `json:"auth,omitempty"` Users []HysteriaUser `json:"users,omitempty"`
AuthString string `json:"auth_str,omitempty"`
ReceiveWindowConn uint64 `json:"recv_window_conn,omitempty"` ReceiveWindowConn uint64 `json:"recv_window_conn,omitempty"`
ReceiveWindowClient uint64 `json:"recv_window_client,omitempty"` ReceiveWindowClient uint64 `json:"recv_window_client,omitempty"`
MaxConnClient int `json:"max_conn_client,omitempty"` MaxConnClient int `json:"max_conn_client,omitempty"`
@ -16,6 +15,12 @@ type HysteriaInboundOptions struct {
TLS *InboundTLSOptions `json:"tls,omitempty"` TLS *InboundTLSOptions `json:"tls,omitempty"`
} }
type HysteriaUser struct {
Name string `json:"name,omitempty"`
Auth []byte `json:"auth,omitempty"`
AuthString string `json:"auth_str,omitempty"`
}
type HysteriaOutboundOptions struct { type HysteriaOutboundOptions struct {
DialerOptions DialerOptions
ServerOptions ServerOptions