Merge pull request #1136 from fw876/reality

luci-app-ssr-plus: add REALITY support

luci-app-ssr-plus/luasrc/model/cbi/shadowsocksr/client-config.lua

@@ -114,16 +114,6 @@ local securitys = {
 	"chacha20-poly1305"
 }
 
-local flows = {
-	-- xtls
-	"xtls-rprx-origin",
-	"xtls-rprx-origin-udp443",
-	"xtls-rprx-direct",
-	"xtls-rprx-direct-udp443",
-	"xtls-rprx-splice",
-	"xtls-rprx-splice-udp443"
-}
-
 local tls_flows = {
 	-- tls
 	"xtls-rprx-vision",
@@ -672,47 +662,47 @@ o.rmempty = true
 o = s:option(Flag, "tls", translate("TLS"))
 o.rmempty = true
 o.default = "0"
-o:depends({type = "v2ray", v2ray_protocol = "vless", xtls = false})
-o:depends({type = "v2ray", v2ray_protocol = "vmess", xtls = false})
-o:depends({type = "v2ray", v2ray_protocol = "trojan", xtls = false})
-o:depends({type = "v2ray", v2ray_protocol = "shadowsocks", xtls = false})
-o:depends({type = "v2ray", v2ray_protocol = "socks", socks_ver = "5", xtls = false})
-o:depends({type = "v2ray", v2ray_protocol = "http", xtls = false})
+o:depends({type = "v2ray", v2ray_protocol = "vless", reality = false})
+o:depends({type = "v2ray", v2ray_protocol = "vmess", reality = false})
+o:depends({type = "v2ray", v2ray_protocol = "trojan", reality = false})
+o:depends({type = "v2ray", v2ray_protocol = "shadowsocks", reality = false})
+o:depends({type = "v2ray", v2ray_protocol = "socks", socks_ver = "5", reality = false})
+o:depends({type = "v2ray", v2ray_protocol = "http", reality = false})
 o:depends("type", "trojan")
 
--- XTLS
+-- [[ TLS部分 ]] --
+o = s:option(Flag, "tls_sessionTicket", translate("Session Ticket"))
+o:depends({type = "trojan", tls = true})
+o.default = "0"
+
 if is_finded("xray") then
-	o = s:option(Flag, "xtls", translate("XTLS"))
+	-- [[ REALITY ]]
+	o = s:option(Flag, "reality", translate("REALITY"))
 	o.rmempty = true
 	o.default = "0"
-	o:depends({type = "v2ray", v2ray_protocol = "vless", transport = "tcp", tls = false})
-	o:depends({type = "v2ray", v2ray_protocol = "vless", transport = "kcp", tls = false})
-	o:depends({type = "v2ray", v2ray_protocol = "trojan", transport = "tcp", tls = false})
-	o:depends({type = "v2ray", v2ray_protocol = "trojan", transport = "kcp", tls = false})
-
-	-- Flow
-	o = s:option(Value, "vless_flow", translate("Flow"))
-	for _, v in ipairs(flows) do
-		o:value(v, translate(v))
-	end
+	o:depends({type = "v2ray", v2ray_protocol = "vless", tls = false})
+
+	o = s:option(Value, "reality_publickey", translate("Public key"))
+	o.rmempty = true
+	o:depends({type = "v2ray", v2ray_protocol = "vless", reality = true})
+
+	o = s:option(Value, "reality_shortid", translate("Short ID"))
+	o.rmempty = true
+	o:depends({type = "v2ray", v2ray_protocol = "vless", reality = true})
+
+	o = s:option(Value, "reality_spiderx", translate("spiderX"))
 	o.rmempty = true
-	o.default = "xtls-rprx-splice"
-	o:depends("xtls", true)
+	o:depends({type = "v2ray", v2ray_protocol = "vless", reality = true})
 
+	-- [[ XTLS ]]--
 	o = s:option(Value, "tls_flow", translate("Flow"))
 	for _, v in ipairs(tls_flows) do
 		o:value(v, translate(v))
 	end
 	o.rmempty = true
 	o:depends({type = "v2ray", v2ray_protocol = "vless", transport = "tcp", tls = true})
-end
+	o:depends({type = "v2ray", v2ray_protocol = "vless", transport = "tcp", reality = true})
 
--- [[ TLS部分 ]] --
-o = s:option(Flag, "tls_sessionTicket", translate("Session Ticket"))
-o:depends({type = "trojan", tls = true})
-o.default = "0"
-
-if is_finded("xray") then
 	-- [[ uTLS ]]--
 	o = s:option(Value, "fingerprint", translate("Finger Print"))
 	o:value("", translate("disable"))
@@ -727,20 +717,18 @@ if is_finded("xray") then
 	o:value("random", translate("random"))
 	o:value("randomized", translate("randomized"))
 	o:depends({type = "v2ray", tls = true})
-	o:depends({type = "v2ray", xtls = true})
-	o.default = ""
+	o:depends({type = "v2ray", reality = true})
 end
 
 o = s:option(Value, "tls_host", translate("TLS Host"))
 o.datatype = "hostname"
 o:depends("tls", true)
-o:depends("xtls", true)
+o:depends("reality", true)
 o:depends("type", "hysteria")
 o.rmempty = true
 
 o = s:option(DynamicList, "tls_alpn", translate("TLS ALPN"))
 o:depends("tls", true)
-o:depends("xtls", true)
 o:depends("type", "tuic")
 o.rmempty = true
 
@@ -752,19 +740,18 @@ o.rmempty = true
 o = s:option(Flag, "insecure", translate("allowInsecure"))
 o.rmempty = false
 o:depends("tls", true)
-o:depends("xtls", true)
 o:depends("type", "hysteria")
 o.description = translate("If true, allowss insecure connection at TLS client, e.g., TLS server uses unverifiable certificates.")
 
 -- [[ Mux ]]--
 o = s:option(Flag, "mux", translate("Mux"))
 o.rmempty = false
-o:depends({type = "v2ray", v2ray_protocol = "vless", xtls = false})
-o:depends({type = "v2ray", v2ray_protocol = "vmess", xtls = false})
-o:depends({type = "v2ray", v2ray_protocol = "trojan", xtls = false})
-o:depends({type = "v2ray", v2ray_protocol = "shadowsocks", xtls = false})
-o:depends({type = "v2ray", v2ray_protocol = "socks", xtls = false})
-o:depends({type = "v2ray", v2ray_protocol = "http", xtls = false})
+o:depends({type = "v2ray", v2ray_protocol = "vless"})
+o:depends({type = "v2ray", v2ray_protocol = "vmess"})
+o:depends({type = "v2ray", v2ray_protocol = "trojan"})
+o:depends({type = "v2ray", v2ray_protocol = "shadowsocks"})
+o:depends({type = "v2ray", v2ray_protocol = "socks"})
+o:depends({type = "v2ray", v2ray_protocol = "http"})
 
 o = s:option(Value, "concurrency", translate("Concurrency"))
 o.datatype = "uinteger"
@@ -782,8 +769,6 @@ o:depends({type = "hysteria", insecure = false})
 o:depends({type = "trojan", tls = true, insecure = false})
 o:depends({type = "v2ray", v2ray_protocol = "vmess", tls = true, insecure = false})
 o:depends({type = "v2ray", v2ray_protocol = "vless", tls = true, insecure = false})
-o:depends({type = "v2ray", v2ray_protocol = "vmess", xtls = true, insecure = false})
-o:depends({type = "v2ray", v2ray_protocol = "vless", xtls = true, insecure = false})
 o.description = translate("If you have a self-signed certificate,please check the box")
 
 o = s:option(DummyValue, "upload", translate("Upload"))

luci-app-ssr-plus/luasrc/view/shadowsocksr/ssrurl.htm

@@ -308,13 +308,10 @@ function import_ssr_url(btn, urlname, sid) {
 			document.getElementsByName('cbid.shadowsocksr.' + sid + '.transport')[0].value = params.get("type") == "http" ? "h2" : params.get("type") || "tcp";
 			document.getElementsByName('cbid.shadowsocksr.' + sid + '.transport')[0].dispatchEvent(event);
 			document.getElementsByName('cbid.shadowsocksr.' + sid + '.vless_encryption')[0].value = params.get("encryption") || "none";
-			if ([ "tls", "xtls" ].includes(params.get("security"))) {
+			if ([ "tls" ].includes(params.get("security"))) {
 				document.getElementsByName('cbid.shadowsocksr.' + sid + '.' + params.get("security"))[0].checked = true;
 				document.getElementsByName('cbid.shadowsocksr.' + sid + '.' + params.get("security"))[0].dispatchEvent(event);
-				if (params.get("security") === "xtls") {
-					document.getElementsByName('cbid.shadowsocksr.' + sid + '.vless_flow')[0].value = params.get("flow") || "xtls-rprx-splice";
-					document.getElementsByName('cbid.shadowsocksr.' + sid + '.vless_flow')[0].dispatchEvent(event);
-				}
+
 				document.getElementsByName('cbid.shadowsocksr.' + sid + '.fingerprint')[0].value = params.get("fp") || "";
 				document.getElementsByName('cbid.shadowsocksr.' + sid + '.tls_host')[0].value = params.get("sni") || "";
 			}

luci-app-ssr-plus/root/etc/uci-defaults/luci-ssr-plus

@@ -32,6 +32,8 @@ sed -i "s/option pdnsd_enable '3'/option pdnsd_enable '1'/g" /etc/config/shadows
 sed -i "s/option type 'vmess'/option type 'v2ray'\n\toption v2ray_protocol 'vmess'/g" /etc/config/shadowsocksr
 sed -i "s/option type 'vless'/option type 'v2ray'\n\toption v2ray_protocol 'vless'/g" /etc/config/shadowsocksr
 sed -i "s/option encrypt_method_v2ray_ss/option encrypt_method_ss/g" /etc/config/shadowsocksr
+sed -i "s/option xtls/option tls/g" /etc/config/shadowsocksr
+sed -i "/option vless_flow/d" /etc/config/shadowsocksr
 sed -i "/option fingerprint 'disable'/d" /etc/config/shadowsocksr
 
 if [ -s "/etc/uwsgi/vassals/luci-webui.ini" ];then

luci-app-ssr-plus/root/usr/share/shadowsocksr/gen_config.lua

@@ -22,7 +22,7 @@ function vmess_vless()
 						id = server.vmess_id,
 						security = (server.v2ray_protocol == "vmess" or not server.v2ray_protocol) and server.security or nil,
 						encryption = (server.v2ray_protocol == "vless") and server.vless_encryption or nil,
-						flow = (server.xtls == '1') and (server.vless_flow or "xtls-rprx-splice") or (server.tls == '1') and server.tls_flow or nil
+						flow = ((server.tls == '1') or (server.reality == '1')) and server.tls_flow or nil
 					}
 				}
 			}
@@ -48,7 +48,6 @@ function trojan_shadowsocks()
 				method = ((server.v2ray_protocol == "shadowsocks") and server.encrypt_method_ss) or ((server.v2ray_protocol == "shadowsocksr") and server.encrypt_method) or nil,
 				uot = (server.v2ray_protocol == "shadowsocks") and (server.uot == '1') or nil,
 				ivCheck = (server.v2ray_protocol == "shadowsocks") and (server.ivCheck == '1') or nil,
-				flow = (server.v2ray_protocol == "trojan") and (server.xtls == '1') and (server.vless_flow or "xtls-rprx-splice") or nil
 			}
 		}
 	}
@@ -157,29 +156,25 @@ local Xray = {
 		-- 底层传输配置
 		streamSettings = {
 			network = server.transport or "tcp",
-			security = (server.xtls == '1') and "xtls" or (server.tls == '1') and "tls" or nil,
-			tlsSettings = (server.tls == '1' and (server.insecure == "1" or server.tls_host or server.fingerprint)) and {
+			security = (server.tls == '1') and "tls" or (server.reality == '1') and "reality" or nil,
+			tlsSettings = (server.tls == '1') and {
 				-- tls
 				alpn = server.tls_alpn,
 				fingerprint = server.fingerprint,
-				allowInsecure = (server.insecure == "1") and true or nil,
+				allowInsecure = (server.insecure == "1"),
 				serverName = server.tls_host,
 				certificates = server.certificate and {
 					usage = "verify",
 					certificateFile = server.certpath
 				} or nil
 			} or nil,
-			xtlsSettings = (server.xtls == '1' and (server.insecure == "1" or server.tls_host or server.fingerprint)) and {
-				-- xtls
-				alpn = server.tls_alpn,
+			realitySettings = (server.reality == '1') and {
+				show = false,
+				publicKey = server.reality_publickey,
+				shortId = server.reality_shortid,
+				spiderX = server.reality_spiderx,
 				fingerprint = server.fingerprint,
-				allowInsecure = (server.insecure == "1") and true or nil,
-				serverName = server.tls_host,
-				minVersion = "1.3",
-				certificates = server.certificate and {
-					usage = "verify",
-					certificateFile = server.certpath
-				} or nil
+				serverName = server.tls_host
 			} or nil,
 			tcpSettings = (server.transport == "tcp" and server.tcp_guise == "http") and {
 				-- tcp
@@ -237,7 +232,7 @@ local Xray = {
 				initial_windows_size = tonumber(server.initial_windows_size) or nil
 			} or nil
 		},
-		mux = (server.mux == "1" and server.xtls ~= "1" and server.transport ~= "grpc") and {
+		mux = (server.mux == "1" and server.transport ~= "grpc") and {
 			-- mux
 			enabled = true,
 			concurrency = tonumber(server.concurrency),

luci-app-ssr-plus/root/usr/share/shadowsocksr/subscribe.lua

@@ -362,11 +362,9 @@ local function processData(szType, content)
 		result.vless_encryption = params.encryption or "none"
 		result.transport = params.type or "tcp"
 		result.packet_encoding = packet_encoding
-		result.tls = (params.security == "tls") and "1" or "0"
+		result.tls = (params.security == "tls" or params.security == "xtls") and "1" or "0"
 		result.tls_host = params.sni
-		result.tls_flow = params.flow
-		result.xtls = params.security == "xtls" and "1" or nil
-		result.vless_flow = params.flow
+		result.tls_flow = (params.security == "tls") and params.flow or nil
 		result.fingerprint = params.fp
 		if result.transport == "ws" then
 			result.ws_host = (result.tls ~= "1") and (params.host and UrlDecode(params.host)) or nil