Xray-core

mirror of https://github.com/XTLS/Xray-core.git synced 2025-06-10 02:39:21 +03:00

Author	SHA1	Message	Date
RPRX	c7358a32f5	Allow empty "spiderX" (client side)	2023-02-17 21:07:27 +08:00
RPRX	e1cd1fd33e	Allow empty "shortId" (client side)	2023-02-17 12:39:18 +00:00
RPRX	4d2e2b24d3	THE NEXT FUTURE becomes THE REALITY NOW Thank @yuhan6665 for testing	2023-02-15 16:07:12 +00:00
RPRX	fa7300e910	Add warning on using old version of XTLS And checks param `fingerprint` also	2023-02-03 23:29:46 +08:00
RPRX	dc72cf2c78	Refine fingerprints Fixes https://github.com/XTLS/Xray-core/issues/1577	2023-02-01 12:58:17 +00:00
aeeq	620eb63c1b	Add sockopt interface setting for binding outbound to a particular device like "eth0" (#1494 ) * Update sockopt_linux.go add Interface Name * Update config.pb.go add Interface Name * Update transport_internet.go add Interface Name * Update config.pb.go * update config.proto add interface * Update config.pb.go	2023-01-09 09:45:30 -05:00
RPRX	ff5ce767df	Revert "add file soft link path resolve support (#1482 )" (#1495 ) This reverts commit eaf401eda93ea97f95136e480f465dba8b652275.	2023-01-07 15:11:23 +00:00
Nanyu	eaf401eda9	add file soft link path resolve support (#1482 ) * add file soft link path resolve * add configuration file soft link path resolve support	2023-01-03 10:52:11 -05:00
yuhan6665	c4fbdf1b78	Run core/format.go	2022-12-25 19:47:53 -05:00
PMExtra	c9b6fc0104	Add custom header support for HTTP proxy	2022-12-18 21:48:23 -05:00
yuhan6665	2e30093ffd	Enforce specific none flow for xtls vision In the past, when user open xtls vision on the server side, plain vless+tls can connect. Pure tls is known to have certain tls in tls characters. Now server need to specify "xtls-rprx-vision,none" for it be able usable on the same port.	2022-12-04 23:15:36 -05:00
nanoda0523	e18b52a5df	Implement WireGuard protocol as outbound (client) (#1344 ) * implement WireGuard protocol for Outbound * upload license * fix build for openbsd & dragonfly os * updated wireguard-go * fix up * switch to another wireguard fork * fix * switch to upstream * open connection through internet.Dialer (#1) * use internet.Dialer * maybe better code * fix * real fix Co-authored-by: nanoda0523 <nanoda0523@users.noreply.github.com> * fix bugs & add ability to recover during connection reset on UDP over TCP parent protocols * improve performance improve performance * dns lookup endpoint && remove unused code * interface address fallback * better code && add config test case Co-authored-by: nanoda0523 <nanoda0523@users.noreply.github.com>	2022-11-21 20:05:54 -05:00
yuhan6665	5e695327b1	Add XTLS RPRX's Vision (#1235 ) * Add XTLS RPRX's Vision * Add helpful warning when security is wrong * Add XTLS padding (draft) * Fix number of packet to filter * Xtls padding version 1.0 and unpadding logic	2022-10-29 00:51:59 -04:00
xqzr	8cf23f1947	add `tcpcongestion` (#1234 ) * add `tcpcongestion` * Update sockopt_linux.go * Update config.pb.go * Update transport_internet.go * Update config.pb.go * Update transport_internet.go * Update config.proto	2022-10-10 13:13:50 -04:00
yuhan6665	debd2e3ba8	Remove compatibility code The minimum support go version is already 1.18	2022-09-16 20:39:07 -04:00
Mocking	4140bcd11a	Enhancement of "redirect" function, adding support for MacOS Added the function of "MacOS" FreeBSD firewall traffic forwarding and resolving destination address example: "inbounds": [ { "listen": "127.0.0.1", "port": 1122, "protocol": "dokodemo-door", "tag": "dokodemo", "settings": { "network": "tcp", "followRedirect": true, "userLevel": 0 }, "streamSettings": { "sockopt": { "tproxy": "Redirect" } } } ] 还原#1189 提交	2022-08-22 10:33:58 -04:00
S-Mocking	59602db02d	Add "tproxy" option (#1189 ) * Add "tproxy" option Added the function of "MacOS" FreeBSD firewall traffic forwarding and resolving destination address example: "inbounds": [ { "listen": "127.0.0.1", "port": 1122, "protocol": "dokodemo-door", "tag": "dokodemo", "settings": { "network": "tcp", "followRedirect": true, "userLevel": 0 }, "streamSettings": { "sockopt": { "tproxy": "pf" } } } ] * Add "tproxy" option Added the function of "MacOS" FreeBSD firewall traffic forwarding and resolving destination address example: "inbounds": [ { "listen": "127.0.0.1", "port": 1122, "protocol": "dokodemo-door", "tag": "dokodemo", "settings": { "network": "tcp", "followRedirect": true, "userLevel": 0 }, "streamSettings": { "sockopt": { "tproxy": "pf" } } } ] * Add "tproxy" option Added the function of "MacOS" FreeBSD firewall traffic forwarding and resolving destination address example: "inbounds": [ { "listen": "127.0.0.1", "port": 1122, "protocol": "dokodemo-door", "tag": "dokodemo", "settings": { "network": "tcp", "followRedirect": true, "userLevel": 0 }, "streamSettings": { "sockopt": { "tproxy": "pf" } } } ] Co-authored-by: Mocking <fanhaiwang0817@gmail.com>	2022-08-20 09:02:18 -04:00
yuhan6665	b67314796f	Add shadowsocks 2022 relay config	2022-08-09 10:37:21 -04:00
yuhan6665	340234166b	Add TCPKeepAliveIdle in Sockopt option (#1166 ) * Add TCP keep alive idle setting * Add TCP keep alive idle setting: auto generated * Add TCP keep alive support in Linux * Add TCP keep alive support in MacOS, FreeBSD * Add TCP keep alive support in Windows * fix bug introduced in adding tcp keep alive adjustment * embed macOS const to avoid platform inconsistency * embed macOS const to avoid platform inconsistency(again) * add TCP Keep Alive support in config * use sys/unix instead of syscall Suggestion from: https://github.com/v2fly/v2ray-core/pull/1395#issuecomment-974761647 * use sys/unix instead of syscall Suggestion from: https://github.com/v2fly/v2ray-core/pull/1395#issuecomment-974761647 * Separate TcpKeepAliveIdle and TcpKeepAliveInterval check logic * Disable tcp keepAlive when TcpKeepAliveIdle < 0 and TcpKeepAliveInterval <= 0 Co-authored-by: xqzr <34030394+xqzr@users.noreply.github.com> Co-authored-by: ValdikSS <iam@valdikss.org.ru> Co-authored-by: Shelikhoo <xiaokangwang@outlook.com> Co-authored-by: xqzr <34030394+xqzr@users.noreply.github.com>	2022-07-31 09:55:40 -04:00
yuhan6665	9480bc0379	Fix ss2022 user stat for single user	2022-07-02 11:27:26 -04:00
世界	c3505632fd	Add udp over tcp support for shadowsocks-2022	2022-06-01 11:49:02 +08:00
世界	f1d753f069	Fix build in legacy golang version	2022-05-31 15:55:38 +08:00
世界	79f3057687	Migrate shadowsocks-2022 to protocol library	2022-05-26 07:35:17 +08:00
世界	cf7e675c45	Add shadowsocks 2022 multi-user inbound	2022-05-24 07:37:14 +08:00
世界	b6391cbbe1	Fix shadowsocks config	2022-05-24 07:01:47 +08:00
世界	3b77e26fa7	Merge shadowsocks 2022 config	2022-05-23 22:18:33 +08:00
世界	087f0d1240	Add shadowsocks-2022 inbound/outbound (#1061 )	2022-05-22 23:55:48 -04:00
yuhan6665	3f64f3206c	Quic sniffer (#1074 ) * Add quic sniffer * Fix quic sniffer * Add uTP sniffer * rename buf pool membership status to unmanaged * rename buf type adaptor into FromBytes Co-authored-by: 世界 <i@sekai.icu> Co-authored-by: Shelikhoo <xiaokangwang@outlook.com>	2022-05-22 23:48:10 -04:00
世界	f046feb9ca	Reformat code	2022-05-18 15:29:01 +08:00
yichya QC	2f86c7c795	fix: read port from environment variable	2022-04-26 10:27:42 -04:00
yuhan6665	b413066012	Fakedns fix xUDP destination override (#1011 ) * Fix UDP destination override * Fix code style * Fix fakedns object init Do type convertion at runtime in case if user don't use fakedns in config. Since dispatcher now depend on fakedns object, move the injection order of fakedns to top (As a temporary solution) * Amend logic for handing fakedns client A map is used by server side when client turn on fakedns Client will send domain address in the buffer.UDP.Address, server record all possible target IP addrs. When target replies, server will restore the domain and send back to client. Co-authored-by: hmol233 <82594500+hmol233@users.noreply.github.com>	2022-04-23 19:24:46 -04:00
yichya	35eb165f63	feat: metrics including pprof, expvars	2022-03-29 00:01:14 -04:00
hmol233	63da3a5481	grpc: add initial_windows_size option	2021-12-19 21:14:14 -05:00
xqzr	c8e2a99e68	fix unsupported cipher method: xChaCha20-IETF-Poly1305	2021-12-16 18:57:06 -05:00
yuhan6665	e93da4bd02	Fix some tests and format code (#830 ) * Increase some tls test timeout * Fix TestUserValidator * Change all tests to VMessAEAD Old VMess MD5 tests will be rejected and fail in 2022 * Chore: auto format code	2021-12-14 19:28:47 -05:00
lucifer9	d6ae4e9ba2	Make it easier to configure multiple listening ports	2021-11-17 23:13:15 -05:00
Zhu Sheng Li	28b17b529d	Add concurrency option for outbound observation Add `enableConcurrency` option, false by default. If it's set as `true`, start probing outbounds concurrently in every circle of observation. Wait `probeInterval` between observation circles.	2021-10-26 13:09:03 +08:00
yuhan6665	abb8ba8b0e	Observatory related fixes (#788 ) * fix:observatory not supported by multi-json * Fix: observatory starts with empty config & fails to close (#957) * Update strategy_leastping.go (#1019) * add custom probe URL support for observatory * add custom probe interval for observer * apply coding style * Fix: observatory log & JSON config(#1211) Co-authored-by: ihotte <ihotte@yeah.net> * Change default probe url from api.v2fly.org to www.google.com * Cherry-pick missing code from branch 'dev-advloadblancer-2' Co-authored-by: Shelikhoo <xiaokangwang@outlook.com> Co-authored-by: Loyalsoldier <10487845+Loyalsoldier@users.noreply.github.com> Co-authored-by: fanyiguan <52657276+fanyiguang@users.noreply.github.com> Co-authored-by: ihotte <3087168217@qq.com> Co-authored-by: ihotte <ihotte@yeah.net>	2021-10-26 13:00:31 +08:00
Shelikhoo	ff35118af5	VMess AEAD based packet length (cherry picked from commit 08221600082a79376bdc262f2ffec1a3129ae98d)	2021-10-22 18:34:57 +08:00
世界	707efd6d12	Add loopback outound	2021-10-22 17:58:37 +08:00
世界	5c366db847	Add observatory / latestPing balancing strategy Co-authored-by: Shelikhoo <xiaokangwang@outlook.com>	2021-10-22 17:16:20 +08:00
世界	77d0419aca	Add socks4/4a support	2021-10-22 13:27:31 +08:00
maskedeken	238bd5d050	Add xchacha20-ietf-poly1305 for Shadowsocks	2021-10-22 13:24:29 +08:00
Loyalsoldier	3fe61ed4a2	Feat: add reverse match for GeoIP (cherry picked from commit 3a50affa0a7316a9ad249f1b2b2996cb88948551)	2021-10-22 13:06:57 +08:00
yuhan6665	acb81ebe3d	Verify peer cert function for better man in the middle prevention (#746 ) * verify peer cert function for better man in the middle prevention * publish cert chain hash generation algorithm * added calculation of certificate hash as separate command and tlsping, use base64 to represent fingerprint to align with jsonPb * apply coding style * added test case for pinned certificates * refactored cert pin * pinned cert test * added json loading of the PinnedPeerCertificateChainSha256 * removed tool to prepare for v5 * Add server cert pinning for Xtls Change command "xray tls certChainHash" to xray style Co-authored-by: Shelikhoo <xiaokangwang@outlook.com>	2021-10-22 12:38:40 +08:00
yuhan6665	45dc97e2b6	Use shadowsocket's bloomring for shadowsocket's replay protection (#764 ) * use shadowsocket's bloomring for shadowsocket's replay protection * added shadowsockets iv check for tcp socket * Rename to shadowsockets iv check * shadowsocks iv check config file * iv check should proceed after decryption * use shadowsocket's bloomring for shadowsocket's replay protection * Chore: format code (#842) Co-authored-by: Shelikhoo <xiaokangwang@outlook.com> Co-authored-by: Loyalsoldier <10487845+Loyalsoldier@users.noreply.github.com>	2021-10-22 12:38:40 +08:00
yuhan6665	3bf3d96472	Fix: JSON tag case (#1212 ) (#778 ) JSON unmarshal is case insensitive in Golang Co-authored-by: Loyalsoldier <10487845+Loyalsoldier@users.noreply.github.com>	2021-10-22 12:38:40 +08:00
世界	a3023e43ef	Add routeOnly sniffing option	2021-10-22 11:57:23 +08:00
yuhan6665	6b6974c804	Fakedns improvements (#731 ) Co-authored-by: Shelikhoo <xiaokangwang@outlook.com> Co-authored-by: sixg0000d <sixg0000d@gmail.com> Co-authored-by: Loyalsoldier <10487845+Loyalsoldier@users.noreply.github.com>	2021-10-20 13:15:49 +08:00
yuhan6665	e286cdcaa8	Style: format code by gofumpt (#761 )	2021-10-20 00:57:14 +08:00

1 2 3

149 Commits