Home Explore Help
Register Sign In
Apq
/
Xray-core
mirror of https://github.com/XTLS/Xray-core.git
1
0
Fork 0
Files Issues 0 Wiki
Browse Source

Enforce specific none flow for xtls vision

In the past, when user open xtls vision on the server side, plain vless+tls can connect.
Pure tls is known to have certain tls in tls characters.
Now  server need to specify "xtls-rprx-vision,none" for it be able usable on the same port.
yuhan6665 2 years ago
parent
1d7c40d728
commit
2e30093ffd
2 changed files with 27 additions and 4 deletions
Split View Show Diff Stats
  1. 10 1
      infra/conf/vless.go
  2. 17 3
      proxy/vless/inbound/inbound.go

+ 10 - 1
infra/conf/vless.go
View File 

@@ -4,6 +4,7 @@ import (
 
 	"encoding/json"
 
 	"runtime"
 
 	"strconv"
 
+	"strings"
 
 	"syscall"
 
 
 	"github.com/golang/protobuf/proto"
 
@@ -52,7 +53,15 @@ func (c *VLessInboundConfig) Build() (proto.Message, error) {
 
 		}
 
 		account.Id = u.String()
 
 
-		switch account.Flow {
 
+		accountFlow := account.Flow
 
+		flows := strings.Split(account.Flow, ",")
 
+		for _, f := range flows {
 
+			t := strings.TrimSpace(f)
 
+			if t != "none" {
 
+				accountFlow = t
 
+			}
 
+		}
 
+		switch accountFlow {
 
 		case "", vless.XRO, vless.XRD, vless.XRV:
 
 		case vless.XRS:
 
 			return nil, newError(`VLESS clients: inbound doesn't support "xtls-rprx-splice" in this version, please use "xtls-rprx-direct" instead`)

+ 17 - 3
proxy/vless/inbound/inbound.go
View File 

@@ -441,10 +441,20 @@ func (h *Handler) Process(ctx context.Context, network net.Network, connection s
 
 
 	var netConn net.Conn
 
 	var rawConn syscall.RawConn
 
-
 
+	allowNoneFlow := false
 
+	accountFlow := account.Flow
 
+	flows := strings.Split(account.Flow, ",")
 
+	for _, f := range flows {
 
+		t := strings.TrimSpace(f)
 
+		if t == "none" {
 
+			allowNoneFlow = true
 
+		} else {
 
+			accountFlow = t
 
+		}
 
+	}
 
 	switch requestAddons.Flow {
 
 	case vless.XRO, vless.XRD, vless.XRV:
 
-		if account.Flow == requestAddons.Flow {
 
+		if accountFlow == requestAddons.Flow {
 
 			switch request.Command {
 
 			case protocol.RequestCommandMux:
 
 				return newError(requestAddons.Flow + " doesn't support Mux").AtWarning()
 
@@ -481,7 +491,11 @@ func (h *Handler) Process(ctx context.Context, network net.Network, connection s
 
 		} else {
 
 			return newError(account.ID.String() + " is not able to use " + requestAddons.Flow).AtWarning()
 
 		}
 
-	case "":
 
+	case "", "none":
 
+		if accountFlow == vless.XRV && !allowNoneFlow {
 
+			return newError(account.ID.String() + " is not able to use " + vless.XRV + 
+			". Note the pure tls proxy has certain tls in tls characters. Append \",none\" in flow to suppress").AtWarning()
 
+		}
 
 	default:
 
 		return newError("unknown request flow " + requestAddons.Flow).AtWarning()
 
 	}