mirror of
https://github.com/SagerNet/sing-box.git
synced 2024-11-25 18:11:28 +00:00
Merge tls interface to library
This commit is contained in:
parent
e4bff0460d
commit
f15f525c5c
|
@ -2,16 +2,15 @@ package tls
|
||||||
|
|
||||||
import (
|
import (
|
||||||
"context"
|
"context"
|
||||||
"crypto/tls"
|
|
||||||
"net"
|
"net"
|
||||||
"os"
|
"os"
|
||||||
|
|
||||||
"github.com/sagernet/sing-box/adapter"
|
"github.com/sagernet/sing-box/adapter"
|
||||||
"github.com/sagernet/sing-box/common/badtls"
|
|
||||||
C "github.com/sagernet/sing-box/constant"
|
C "github.com/sagernet/sing-box/constant"
|
||||||
"github.com/sagernet/sing-box/option"
|
"github.com/sagernet/sing-box/option"
|
||||||
M "github.com/sagernet/sing/common/metadata"
|
M "github.com/sagernet/sing/common/metadata"
|
||||||
N "github.com/sagernet/sing/common/network"
|
N "github.com/sagernet/sing/common/network"
|
||||||
|
aTLS "github.com/sagernet/sing/common/tls"
|
||||||
)
|
)
|
||||||
|
|
||||||
func NewDialerFromOptions(router adapter.Router, dialer N.Dialer, serverAddress string, options option.OutboundTLSOptions) (N.Dialer, error) {
|
func NewDialerFromOptions(router adapter.Router, dialer N.Dialer, serverAddress string, options option.OutboundTLSOptions) (N.Dialer, error) {
|
||||||
|
@ -43,22 +42,7 @@ func NewClient(router adapter.Router, serverAddress string, options option.Outbo
|
||||||
func ClientHandshake(ctx context.Context, conn net.Conn, config Config) (Conn, error) {
|
func ClientHandshake(ctx context.Context, conn net.Conn, config Config) (Conn, error) {
|
||||||
ctx, cancel := context.WithTimeout(ctx, C.TCPTimeout)
|
ctx, cancel := context.WithTimeout(ctx, C.TCPTimeout)
|
||||||
defer cancel()
|
defer cancel()
|
||||||
tlsConn, err := config.Client(conn)
|
return aTLS.ClientHandshake(ctx, conn, config)
|
||||||
if err != nil {
|
|
||||||
return nil, err
|
|
||||||
}
|
|
||||||
err = tlsConn.HandshakeContext(ctx)
|
|
||||||
if err != nil {
|
|
||||||
return nil, err
|
|
||||||
}
|
|
||||||
if stdConn, isSTD := tlsConn.(*tls.Conn); isSTD {
|
|
||||||
var badConn badtls.TLSConn
|
|
||||||
badConn, err = badtls.Create(stdConn)
|
|
||||||
if err == nil {
|
|
||||||
return badConn, nil
|
|
||||||
}
|
|
||||||
}
|
|
||||||
return tlsConn, nil
|
|
||||||
}
|
}
|
||||||
|
|
||||||
type Dialer struct {
|
type Dialer struct {
|
||||||
|
|
|
@ -1,51 +1,25 @@
|
||||||
package tls
|
package tls
|
||||||
|
|
||||||
import (
|
import (
|
||||||
"context"
|
|
||||||
"crypto/tls"
|
"crypto/tls"
|
||||||
"net"
|
|
||||||
|
|
||||||
"github.com/sagernet/sing-box/adapter"
|
|
||||||
E "github.com/sagernet/sing/common/exceptions"
|
E "github.com/sagernet/sing/common/exceptions"
|
||||||
|
aTLS "github.com/sagernet/sing/common/tls"
|
||||||
)
|
)
|
||||||
|
|
||||||
type (
|
type (
|
||||||
|
Config = aTLS.Config
|
||||||
|
ConfigCompat = aTLS.ConfigCompat
|
||||||
|
ServerConfig = aTLS.ServerConfig
|
||||||
|
ServerConfigCompat = aTLS.ServerConfigCompat
|
||||||
|
WithSessionIDGenerator = aTLS.WithSessionIDGenerator
|
||||||
|
Conn = aTLS.Conn
|
||||||
|
|
||||||
STDConfig = tls.Config
|
STDConfig = tls.Config
|
||||||
STDConn = tls.Conn
|
STDConn = tls.Conn
|
||||||
ConnectionState = tls.ConnectionState
|
ConnectionState = tls.ConnectionState
|
||||||
)
|
)
|
||||||
|
|
||||||
type Config interface {
|
|
||||||
ServerName() string
|
|
||||||
SetServerName(serverName string)
|
|
||||||
NextProtos() []string
|
|
||||||
SetNextProtos(nextProto []string)
|
|
||||||
Config() (*STDConfig, error)
|
|
||||||
Client(conn net.Conn) (Conn, error)
|
|
||||||
Clone() Config
|
|
||||||
}
|
|
||||||
|
|
||||||
type ConfigWithSessionIDGenerator interface {
|
|
||||||
SetSessionIDGenerator(generator func(clientHello []byte, sessionID []byte) error)
|
|
||||||
}
|
|
||||||
|
|
||||||
type ServerConfig interface {
|
|
||||||
Config
|
|
||||||
adapter.Service
|
|
||||||
Server(conn net.Conn) (Conn, error)
|
|
||||||
}
|
|
||||||
|
|
||||||
type ServerConfigCompat interface {
|
|
||||||
ServerConfig
|
|
||||||
ServerHandshake(ctx context.Context, conn net.Conn) (Conn, error)
|
|
||||||
}
|
|
||||||
|
|
||||||
type Conn interface {
|
|
||||||
net.Conn
|
|
||||||
HandshakeContext(ctx context.Context) error
|
|
||||||
ConnectionState() ConnectionState
|
|
||||||
}
|
|
||||||
|
|
||||||
func ParseTLSVersion(version string) (uint16, error) {
|
func ParseTLSVersion(version string) (uint16, error) {
|
||||||
switch version {
|
switch version {
|
||||||
case "1.0":
|
case "1.0":
|
||||||
|
|
|
@ -2,14 +2,13 @@ package tls
|
||||||
|
|
||||||
import (
|
import (
|
||||||
"context"
|
"context"
|
||||||
"crypto/tls"
|
|
||||||
"net"
|
"net"
|
||||||
|
|
||||||
"github.com/sagernet/sing-box/adapter"
|
"github.com/sagernet/sing-box/adapter"
|
||||||
"github.com/sagernet/sing-box/common/badtls"
|
|
||||||
C "github.com/sagernet/sing-box/constant"
|
C "github.com/sagernet/sing-box/constant"
|
||||||
"github.com/sagernet/sing-box/log"
|
"github.com/sagernet/sing-box/log"
|
||||||
"github.com/sagernet/sing-box/option"
|
"github.com/sagernet/sing-box/option"
|
||||||
|
aTLS "github.com/sagernet/sing/common/tls"
|
||||||
)
|
)
|
||||||
|
|
||||||
func NewServer(ctx context.Context, router adapter.Router, logger log.Logger, options option.InboundTLSOptions) (ServerConfig, error) {
|
func NewServer(ctx context.Context, router adapter.Router, logger log.Logger, options option.InboundTLSOptions) (ServerConfig, error) {
|
||||||
|
@ -26,23 +25,5 @@ func NewServer(ctx context.Context, router adapter.Router, logger log.Logger, op
|
||||||
func ServerHandshake(ctx context.Context, conn net.Conn, config ServerConfig) (Conn, error) {
|
func ServerHandshake(ctx context.Context, conn net.Conn, config ServerConfig) (Conn, error) {
|
||||||
ctx, cancel := context.WithTimeout(ctx, C.TCPTimeout)
|
ctx, cancel := context.WithTimeout(ctx, C.TCPTimeout)
|
||||||
defer cancel()
|
defer cancel()
|
||||||
if compatServer, isCompat := config.(ServerConfigCompat); isCompat {
|
return aTLS.ServerHandshake(ctx, conn, config)
|
||||||
return compatServer.ServerHandshake(ctx, conn)
|
|
||||||
}
|
|
||||||
tlsConn, err := config.Server(conn)
|
|
||||||
if err != nil {
|
|
||||||
return nil, err
|
|
||||||
}
|
|
||||||
err = tlsConn.HandshakeContext(ctx)
|
|
||||||
if err != nil {
|
|
||||||
return nil, err
|
|
||||||
}
|
|
||||||
if stdConn, isSTD := tlsConn.(*tls.Conn); isSTD {
|
|
||||||
var badConn badtls.TLSConn
|
|
||||||
badConn, err = badtls.Create(stdConn)
|
|
||||||
if err == nil {
|
|
||||||
return badConn, nil
|
|
||||||
}
|
|
||||||
}
|
|
||||||
return tlsConn, nil
|
|
||||||
}
|
}
|
||||||
|
|
4
go.mod
4
go.mod
|
@ -24,7 +24,7 @@ require (
|
||||||
github.com/sagernet/gomobile v0.0.0-20221130124640-349ebaa752ca
|
github.com/sagernet/gomobile v0.0.0-20221130124640-349ebaa752ca
|
||||||
github.com/sagernet/quic-go v0.0.0-20230202071646-a8c8afb18b32
|
github.com/sagernet/quic-go v0.0.0-20230202071646-a8c8afb18b32
|
||||||
github.com/sagernet/reality v0.0.0-20230226124550-f98d51fa21b5
|
github.com/sagernet/reality v0.0.0-20230226124550-f98d51fa21b5
|
||||||
github.com/sagernet/sing v0.1.8-0.20230226145949-3f0b21359af6
|
github.com/sagernet/sing v0.1.8-0.20230228031050-b60f6390dfe8
|
||||||
github.com/sagernet/sing-dns v0.1.4
|
github.com/sagernet/sing-dns v0.1.4
|
||||||
github.com/sagernet/sing-shadowsocks v0.1.2-0.20230221080503-769c01d6bba9
|
github.com/sagernet/sing-shadowsocks v0.1.2-0.20230221080503-769c01d6bba9
|
||||||
github.com/sagernet/sing-shadowtls v0.0.0-20230221123345-78e50cd7b587
|
github.com/sagernet/sing-shadowtls v0.0.0-20230221123345-78e50cd7b587
|
||||||
|
@ -50,6 +50,8 @@ require (
|
||||||
gvisor.dev/gvisor v0.0.0-20220901235040-6ca97ef2ce1c
|
gvisor.dev/gvisor v0.0.0-20220901235040-6ca97ef2ce1c
|
||||||
)
|
)
|
||||||
|
|
||||||
|
//replace github.com/sagernet/sing-tun => ../sing-tun
|
||||||
|
|
||||||
require (
|
require (
|
||||||
github.com/ajg/form v1.5.1 // indirect
|
github.com/ajg/form v1.5.1 // indirect
|
||||||
github.com/andybalholm/brotli v1.0.5 // indirect
|
github.com/andybalholm/brotli v1.0.5 // indirect
|
||||||
|
|
4
go.sum
4
go.sum
|
@ -129,8 +129,8 @@ github.com/sagernet/reality v0.0.0-20230226124550-f98d51fa21b5 h1:yDic66vLGsY3zq
|
||||||
github.com/sagernet/reality v0.0.0-20230226124550-f98d51fa21b5/go.mod h1:B8lp4WkQ1PwNnrVMM6KyuFR20pU8jYBD+A4EhJovEXU=
|
github.com/sagernet/reality v0.0.0-20230226124550-f98d51fa21b5/go.mod h1:B8lp4WkQ1PwNnrVMM6KyuFR20pU8jYBD+A4EhJovEXU=
|
||||||
github.com/sagernet/sing v0.0.0-20220812082120-05f9836bff8f/go.mod h1:QVsS5L/ZA2Q5UhQwLrn0Trw+msNd/NPGEhBKR/ioWiY=
|
github.com/sagernet/sing v0.0.0-20220812082120-05f9836bff8f/go.mod h1:QVsS5L/ZA2Q5UhQwLrn0Trw+msNd/NPGEhBKR/ioWiY=
|
||||||
github.com/sagernet/sing v0.0.0-20220817130738-ce854cda8522/go.mod h1:QVsS5L/ZA2Q5UhQwLrn0Trw+msNd/NPGEhBKR/ioWiY=
|
github.com/sagernet/sing v0.0.0-20220817130738-ce854cda8522/go.mod h1:QVsS5L/ZA2Q5UhQwLrn0Trw+msNd/NPGEhBKR/ioWiY=
|
||||||
github.com/sagernet/sing v0.1.8-0.20230226145949-3f0b21359af6 h1:QLfccQ8S1nqw5+xYEM/xLXQDq70BjAeyuVWluIEytww=
|
github.com/sagernet/sing v0.1.8-0.20230228031050-b60f6390dfe8 h1:ZBb6CW6bFovBoW950v0eiitQKYEkB2GGot8tkVfu0gM=
|
||||||
github.com/sagernet/sing v0.1.8-0.20230226145949-3f0b21359af6/go.mod h1:jt1w2u7lJQFFSGLiRrRIs5YWmx4kAPfWuOejuDW9qMk=
|
github.com/sagernet/sing v0.1.8-0.20230228031050-b60f6390dfe8/go.mod h1:jt1w2u7lJQFFSGLiRrRIs5YWmx4kAPfWuOejuDW9qMk=
|
||||||
github.com/sagernet/sing-dns v0.1.4 h1:7VxgeoSCiiazDSaXXQVcvrTBxFpOePPq/4XdgnUDN+0=
|
github.com/sagernet/sing-dns v0.1.4 h1:7VxgeoSCiiazDSaXXQVcvrTBxFpOePPq/4XdgnUDN+0=
|
||||||
github.com/sagernet/sing-dns v0.1.4/go.mod h1:1+6pCa48B1AI78lD+/i/dLgpw4MwfnsSpZo0Ds8wzzk=
|
github.com/sagernet/sing-dns v0.1.4/go.mod h1:1+6pCa48B1AI78lD+/i/dLgpw4MwfnsSpZo0Ds8wzzk=
|
||||||
github.com/sagernet/sing-shadowsocks v0.1.2-0.20230221080503-769c01d6bba9 h1:qS39eA4C7x+zhEkySbASrtmb6ebdy5v0y2M6mgkmSO0=
|
github.com/sagernet/sing-shadowsocks v0.1.2-0.20230221080503-769c01d6bba9 h1:qS39eA4C7x+zhEkySbASrtmb6ebdy5v0y2M6mgkmSO0=
|
||||||
|
|
|
@ -53,7 +53,7 @@ func NewShadowTLS(ctx context.Context, router adapter.Router, logger log.Context
|
||||||
return common.Error(tls.ClientHandshake(ctx, conn, tlsConfig))
|
return common.Error(tls.ClientHandshake(ctx, conn, tlsConfig))
|
||||||
}
|
}
|
||||||
case 3:
|
case 3:
|
||||||
if idConfig, loaded := tlsConfig.(tls.ConfigWithSessionIDGenerator); loaded {
|
if idConfig, loaded := tlsConfig.(tls.WithSessionIDGenerator); loaded {
|
||||||
tlsHandshakeFunc = func(ctx context.Context, conn net.Conn, sessionIDGenerator shadowtls.TLSSessionIDGeneratorFunc) error {
|
tlsHandshakeFunc = func(ctx context.Context, conn net.Conn, sessionIDGenerator shadowtls.TLSSessionIDGeneratorFunc) error {
|
||||||
idConfig.SetSessionIDGenerator(sessionIDGenerator)
|
idConfig.SetSessionIDGenerator(sessionIDGenerator)
|
||||||
return common.Error(tls.ClientHandshake(ctx, conn, tlsConfig))
|
return common.Error(tls.ClientHandshake(ctx, conn, tlsConfig))
|
||||||
|
|
Loading…
Reference in a new issue