luci-app-ssr-plus: Fix and optimize tuic protocol.

luci-app-ssr-plus/luasrc/model/cbi/shadowsocksr/client-config.lua

@@ -1285,15 +1285,26 @@ o = s:option(ListValue, "tuic_alpn", translate("TUIC ALPN"))
 o.default = ""
 o:value("", translate("Default"))
 o:value("h3")
+o:value("h2")
+o:value("h3,h2")
 o:value("spdy/3.1")
 o:value("h3,spdy/3.1")
 o:depends("type", "tuic")
 
+-- IP STACK PREFERENCE
+o = s:option(ListValue, "ipstack_prefer", translate("IP Stack Preference"))
+o.default = ""
+o:value("", translate("Default"))
+o:value("v4first")
+o:value("v6first")
+o:depends("tuic_dual_stack", true)
+
 -- [[ allowInsecure ]]--
 o = s:option(Flag, "insecure", translate("allowInsecure"))
 o.rmempty = false
 o:depends("tls", true)
 o:depends("type", "hysteria2")
+o:depends("type", "tuic")
 o.description = translate("If true, allowss insecure connection at TLS client, e.g., TLS server uses unverifiable certificates.")
 
 -- [[ Hysteria2 TLS pinSHA256 ]] --

luci-app-ssr-plus/luasrc/view/shadowsocksr/ssrurl.htm

@@ -862,12 +862,37 @@ function import_ssr_url(btn, urlname, sid) {
 			document.getElementsByName('cbid.shadowsocksr.' + sid + '.server')[0].value = url.hostname;
 			document.getElementsByName('cbid.shadowsocksr.' + sid + '.server_port')[0].value = url.port;
 			document.getElementsByName('cbid.shadowsocksr.' + sid + '.tuic_uuid')[0].value = method;
-			document.getElementsByName('cbid.shadowsocksr.' + sid + '.tuic_ip')[0].value = params.sni || "";
+			document.getElementsByName('cbid.shadowsocksr.' + sid + '.tuic_ip')[0].value = params.ip || "";
 			document.getElementsByName('cbid.shadowsocksr.' + sid + '.tuic_passwd')[0].value = password;
 			document.getElementsByName('cbid.shadowsocksr.' + sid + '.udp_relay_mode')[0].value = params.udp_relay_mode || "native";
 			document.getElementsByName('cbid.shadowsocksr.' + sid + '.congestion_control')[0].value = params.congestion_control || "cubic";
 			document.getElementsByName('cbid.shadowsocksr.' + sid + '.tuic_alpn')[0].value = params.alpn || "";
-
+			document.getElementsByName('cbid.shadowsocksr.' + sid + '.heartbeat')[0].value = params.heartbeat || "3";
+			document.getElementsByName('cbid.shadowsocksr.' + sid + '.timeout')[0].value = params.timeout || "8";
+			document.getElementsByName('cbid.shadowsocksr.' + sid + '.gc_interval')[0].value = params.gc_interval || "3";
+			document.getElementsByName('cbid.shadowsocksr.' + sid + '.gc_lifetime')[0].value = params.gc_lifetime || "15";
+			document.getElementsByName('cbid.shadowsocksr.' + sid + '.send_window')[0].value = params.send_window || "20971520";
+			document.getElementsByName('cbid.shadowsocksr.' + sid + '.receive_window')[0].value = params.receive_window || "10485760";
+			document.getElementsByName('cbid.shadowsocksr.' + sid + '.tuic_max_package_size')[0].value = params.max_packet_size || "1500";
+			if (params["disable_sni"] === "1" || params["disable_sni"] === "true") { 
+				document.getElementsByName('cbid.shadowsocksr.' + sid + '.disable_sni')[0].checked = true;
+				document.getElementsByName('cbid.shadowsocksr.' + sid + '.disable_sni')[0].dispatchEvent(event);
+			}
+			if (params["zero_rtt_handshake"] === "1" || params["zero_rtt_handshake"] === "true") { 
+				document.getElementsByName('cbid.shadowsocksr.' + sid + '.zero_rtt_handshake')[0].checked = true;
+				document.getElementsByName('cbid.shadowsocksr.' + sid + '.zero_rtt_handshake')[0].dispatchEvent(event);
+			}
+			if (params["dual_stack"] === "1" || params["dual_stack"] === "true") { 
+				document.getElementsByName('cbid.shadowsocksr.' + sid + '.tuic_dual_stack')[0].checked = true;
+				document.getElementsByName('cbid.shadowsocksr.' + sid + '.tuic_dual_stack')[0].dispatchEvent(event);
+				if (params.ipstack_prefer && params.ipstack_prefer.trim() !== "") {
+					document.getElementsByName('cbid.shadowsocksr.' + sid + '.ipstack_prefer')[0].value = params.ipstack_prefer;
+				}
+			}
+			if (params["allowInsecure"] === "1" || params["allowInsecure"] === "true") {
+				document.getElementsByName('cbid.shadowsocksr.' + sid + '.insecure')[0].checked = true;
+				document.getElementsByName('cbid.shadowsocksr.' + sid + '.insecure')[0].dispatchEvent(event);
+			}
 			if (param != undefined) {
 				document.getElementsByName('cbid.shadowsocksr.' + sid + '.alias')[0].value = decodeURIComponent(param);
 			}

luci-app-ssr-plus/root/usr/share/shadowsocksr/gen_config.lua

@@ -331,8 +331,8 @@ end
 			mux = (server.v2ray_protocol ~= "wireguard") and {
 				-- mux
 				enabled = (server.mux == "1"), -- Mux
-				concurrency = (server.mux == "1" and (tonumber(server.concurrency) or -1)) or nil, -- TCP 最大并发
-				xudpConcurrency = (server.mux == "1" and (tonumber(server.xudpConcurrency) or 16)) or nil, -- UDP 最大并发
+				concurrency = (server.mux == "1" and (tonumber(server.concurrency) or -1)) or nil, -- TCP 最大并发连接数
+				xudpConcurrency = (server.mux == "1" and (tonumber(server.xudpConcurrency) or 16)) or nil, -- UDP 最大并发连接数
 				xudpProxyUDP443 = (server.mux == "1" and (server.xudpProxyUDP443 or "reject")) or nil -- 对被代理的 UDP/443 流量处理方式
 			} or nil
 		}
@@ -631,6 +631,8 @@ local tuic = {
 					return nil
 				end
 			end)() or nil,
+			ipstack_prefer = (server.tuic_dual_stack == "1") and server.ipstack_prefer or nil,
+			skip_cert_verify = (server.insecure == "1" or server.insecure == true or server.insecure == "true"),
 			disable_sni = (server.disable_sni == "1") and true or false,
 			zero_rtt_handshake = (server.zero_rtt_handshake == "1") and true or false,
 			send_window = tonumber(server.send_window),
@@ -715,3 +717,4 @@ function config:handleIndex(index)
 end
 local f = config:new()
 f:handleIndex(server.type)
+

luci-app-ssr-plus/root/usr/share/shadowsocksr/subscribe.lua

@@ -877,7 +877,7 @@ local function processData(szType, content)
 
 		-- TLS / Reality 标志
 		local security = params.security or ""
-		result.tls = (params.security == "tls" or security == "xtls") and "1" or "0"
+		result.tls = (security == "tls" or security == "xtls") and "1" or "0"
 		result.reality = (security == "reality") and "1" or "0"
 
 		-- 统一 TLS / Reality 公共字段
@@ -1012,9 +1012,16 @@ local function processData(szType, content)
 		end
 
 		result.type = tuic_type
-		result.tuic_ip = params.sni or ""
+		result.tuic_ip = params.ip or ""
 		result.udp_relay_mode = params.udp_relay_mode or "native"
 		result.congestion_control = params.congestion_control or "cubic"
+		result.heartbeat = params.heartbeat or "3"
+		result.timeout = params.timeout or "8"
+		result.gc_interval = params.gc_interval or "3"
+		result.gc_lifetime = params.gc_lifetime or "15"
+		result.send_window = params.send_window or "20971520"
+		result.receive_window = params.receive_window or "10485760"
+		result.tuic_max_package_size = params.max_packet_size or "1500"
 
 		-- alpn 支持逗号或分号分隔
 		if params.alpn and params.alpn ~= "" then
@@ -1024,6 +1031,46 @@ local function processData(szType, content)
 			end
 			result.tuic_alpn = alpn
 		end
+
+		-- 处理 disable_sni 参数
+		if params.disable_sni then
+			if params.disable_sni == "1" or params.disable_sni == "0" then
+				result.disable_sni = params.disable_sni
+		else
+				result.disable_sni = string.lower(params.disable_sni) == "true" and "1" or "0"
+			end
+		end
+
+		-- 处理 zero_rtt_handshake 参数
+		if params.zero_rtt_handshake then
+			if params.zero_rtt_handshake == "1" or params.zero_rtt_handshake == "0" then
+				result.zero_rtt_handshake = params.zero_rtt_handshake
+		else
+				result.zero_rtt_handshake = string.lower(params.zero_rtt_handshake) == "true" and "1" or "0"
+			end
+		end
+
+		-- 处理 dual_stack 参数
+		if params.dual_stack then
+			if params.dual_stack == "1" or params.dual_stack == "0" then
+				result.dual_stack = params.dual_stack
+		else
+				result.dual_stack = string.lower(params.dual_stack) == "true" and "1" or "0"
+			end
+			-- 处理 ipstack_prefer 参数
+			if params.ipstack_prefer and params.ipstack_prefer ~= "" then
+				result.ipstack_prefer = params.ipstack_prefer
+			end
+		end
+
+		-- 处理 insecure 参数
+		if params.allowInsecure then
+			if params.allowinsecure == "1" or params.allowinsecure == "0" then
+				result.insecure = params.allowInsecure
+		else
+				result.insecure = string.lower(params.allowinsecure) == "true" and "1" or "0"
+			end
+		end
 	end
 	if not result.alias then
 		if result.server and result.server_port then