diff --git a/.github/update.log b/.github/update.log index a1cdf30dc9..cd04d8d1cd 100644 --- a/.github/update.log +++ b/.github/update.log @@ -1107,3 +1107,4 @@ Update On Thu Aug 28 20:40:03 CEST 2025 Update On Fri Aug 29 20:33:46 CEST 2025 Update On Sat Aug 30 20:36:28 CEST 2025 Update On Sun Aug 31 20:34:00 CEST 2025 +Update On Mon Sep 1 20:35:55 CEST 2025 diff --git a/clash-meta/main.go b/clash-meta/main.go index 6a85e5df79..6f21e8110a 100644 --- a/clash-meta/main.go +++ b/clash-meta/main.go @@ -62,7 +62,19 @@ func main() { // Defensive programming: panic when code mistakenly calls net.DefaultResolver net.DefaultResolver.PreferGo = true net.DefaultResolver.Dial = func(ctx context.Context, network, address string) (net.Conn, error) { - panic("should never be called") + //panic("should never be called") + buf := make([]byte, 1024) + for { + n := runtime.Stack(buf, true) + if n < len(buf) { + buf = buf[:n] + break + } + buf = make([]byte, 2*len(buf)) + } + fmt.Fprintf(os.Stderr, "panic: should never be called\n\n%s", buf) // always print all goroutine stack + os.Exit(2) + return nil, nil } _, _ = maxprocs.Set(maxprocs.Logger(func(string, ...any) {})) diff --git a/clash-meta/transport/vless/encryption/doc.go b/clash-meta/transport/vless/encryption/doc.go index 86bf80d0bf..83b04f3c4e 100644 --- a/clash-meta/transport/vless/encryption/doc.go +++ b/clash-meta/transport/vless/encryption/doc.go @@ -24,4 +24,5 @@ // https://github.com/XTLS/Xray-core/commit/82ea7a3cc5ff23280b87e3052f0f83b04f0267fa // https://github.com/XTLS/Xray-core/commit/e8b02cd6649f14889841e8ab8ee6b2acca71dbe6 // https://github.com/XTLS/Xray-core/commit/6768a22f676c9121cfc9dc4f51181a8a07837c8d +// https://github.com/XTLS/Xray-core/commit/4c6fd94d97159f5a3e740ba6dd2d9b65e3ed320c package encryption diff --git a/clash-meta/transport/vless/encryption/server.go b/clash-meta/transport/vless/encryption/server.go index 8b4d6a4e49..69317cc016 100644 --- a/clash-meta/transport/vless/encryption/server.go +++ b/clash-meta/transport/vless/encryption/server.go @@ -123,13 +123,16 @@ func (i *ServerInstance) Handshake(conn net.Conn, fallback *[]byte) (*CommonConn index = 1088 } if i.XorMode > 0 { - NewCTR(i.NfsPKeysBytes[j], iv).XORKeyStream(relays, relays[:index]) // we don't use buggy elligator, because we have PSK :) + NewCTR(i.NfsPKeysBytes[j], iv).XORKeyStream(relays, relays[:index]) // we don't use buggy elligator2, because we have PSK :) } if k, ok := k.(*ecdh.PrivateKey); ok { publicKey, err := ecdh.X25519().NewPublicKey(relays[:index]) if err != nil { return nil, err } + if publicKey.Bytes()[31] > 127 { // we just don't want the observer can change even one bit without breaking the connection, though it has nothing to do with security + return nil, errors.New("the highest bit of the last byte of the peer-sent X25519 public key must be 0") + } nfsKey, err = k.ECDH(publicKey) if err != nil { return nil, err diff --git a/clash-nyanpasu/frontend/nyanpasu/package.json b/clash-nyanpasu/frontend/nyanpasu/package.json index d1f9a58c49..8866433731 100644 --- a/clash-nyanpasu/frontend/nyanpasu/package.json +++ b/clash-nyanpasu/frontend/nyanpasu/package.json @@ -59,9 +59,9 @@ "@iconify/json": "2.2.380", "@monaco-editor/react": "4.7.0", "@tanstack/react-query": "5.85.5", - "@tanstack/react-router": "1.131.28", - "@tanstack/react-router-devtools": "1.131.28", - "@tanstack/router-plugin": "1.131.28", + "@tanstack/react-router": "1.131.31", + "@tanstack/react-router-devtools": "1.131.31", + "@tanstack/router-plugin": "1.131.31", "@tauri-apps/plugin-clipboard-manager": "2.3.0", "@tauri-apps/plugin-dialog": "2.3.0", "@tauri-apps/plugin-fs": "2.4.0", diff --git a/clash-nyanpasu/manifest/version.json b/clash-nyanpasu/manifest/version.json index 9b611b23a1..cae0b2b8fc 100644 --- a/clash-nyanpasu/manifest/version.json +++ b/clash-nyanpasu/manifest/version.json @@ -2,7 +2,7 @@ "manifest_version": 1, "latest": { "mihomo": "v1.19.13", - "mihomo_alpha": "alpha-472cefb", + "mihomo_alpha": "alpha-33cde65", "clash_rs": "v0.9.0", "clash_premium": "2023-09-05-gdcc8d87", "clash_rs_alpha": "0.9.0-alpha+sha.117a718" @@ -69,5 +69,5 @@ "linux-armv7hf": "clash-armv7-unknown-linux-gnueabihf" } }, - "updated_at": "2025-08-30T22:20:39.907Z" + "updated_at": "2025-08-31T22:20:48.313Z" } diff --git a/clash-nyanpasu/pnpm-lock.yaml b/clash-nyanpasu/pnpm-lock.yaml index 27a311bb5f..c366ea6824 100644 --- a/clash-nyanpasu/pnpm-lock.yaml +++ b/clash-nyanpasu/pnpm-lock.yaml @@ -250,7 +250,7 @@ importers: version: 4.1.12 '@tanstack/router-zod-adapter': specifier: 1.81.5 - version: 1.81.5(@tanstack/react-router@1.131.28(react-dom@19.1.1(react@19.1.1))(react@19.1.1))(zod@4.0.17) + version: 1.81.5(@tanstack/react-router@1.131.31(react-dom@19.1.1(react@19.1.1))(react@19.1.1))(zod@4.0.17) '@tauri-apps/api': specifier: 2.6.0 version: 2.6.0 @@ -352,14 +352,14 @@ importers: specifier: 5.85.5 version: 5.85.5(react@19.1.1) '@tanstack/react-router': - specifier: 1.131.28 - version: 1.131.28(react-dom@19.1.1(react@19.1.1))(react@19.1.1) + specifier: 1.131.31 + version: 1.131.31(react-dom@19.1.1(react@19.1.1))(react@19.1.1) '@tanstack/react-router-devtools': - specifier: 1.131.28 - version: 1.131.28(@tanstack/react-router@1.131.28(react-dom@19.1.1(react@19.1.1))(react@19.1.1))(@tanstack/router-core@1.131.28)(csstype@3.1.3)(react-dom@19.1.1(react@19.1.1))(react@19.1.1)(solid-js@1.9.5)(tiny-invariant@1.3.3) + specifier: 1.131.31 + version: 1.131.31(@tanstack/react-router@1.131.31(react-dom@19.1.1(react@19.1.1))(react@19.1.1))(@tanstack/router-core@1.131.30)(csstype@3.1.3)(react-dom@19.1.1(react@19.1.1))(react@19.1.1)(solid-js@1.9.5)(tiny-invariant@1.3.3) '@tanstack/router-plugin': - specifier: 1.131.28 - version: 1.131.28(@tanstack/react-router@1.131.28(react-dom@19.1.1(react@19.1.1))(react@19.1.1))(vite@7.1.3(@types/node@22.18.0)(jiti@2.5.1)(less@4.2.0)(lightningcss@1.30.1)(sass-embedded@1.90.0)(sass@1.90.0)(stylus@0.62.0)(terser@5.36.0)(tsx@4.20.5)(yaml@2.8.1)) + specifier: 1.131.31 + version: 1.131.31(@tanstack/react-router@1.131.31(react-dom@19.1.1(react@19.1.1))(react@19.1.1))(vite@7.1.3(@types/node@22.18.0)(jiti@2.5.1)(less@4.2.0)(lightningcss@1.30.1)(sass-embedded@1.90.0)(sass@1.90.0)(stylus@0.62.0)(terser@5.36.0)(tsx@4.20.5)(yaml@2.8.1)) '@tauri-apps/plugin-clipboard-manager': specifier: 2.3.0 version: 2.3.0 @@ -3027,16 +3027,16 @@ packages: peerDependencies: react: ^18 || ^19 - '@tanstack/react-router-devtools@1.131.28': - resolution: {integrity: sha512-2EOxuvc2k7vT14XVEGJRuqEZhQkZ7RnHwpw2aGY6m/7xprl2elNwKtLExTntirAxE6HDokg8sRAnqvySHf1OVA==} + '@tanstack/react-router-devtools@1.131.31': + resolution: {integrity: sha512-M6zWv5d3BAleBFBgqqHGsGOzfaAVCRcLGaWxDdCFEF9RnJU7WvdUiIrAoFwS1Byg6MTd2IW/9LnjOxrR9xlCWQ==} engines: {node: '>=12'} peerDependencies: - '@tanstack/react-router': ^1.131.28 + '@tanstack/react-router': ^1.131.31 react: '>=18.0.0 || >=19.0.0' react-dom: '>=18.0.0 || >=19.0.0' - '@tanstack/react-router@1.131.28': - resolution: {integrity: sha512-vWExhrqHJuT9v+6/2DCQ4pVvPaYoLazMNw8WXiLNuzBXh1FuEoIGaW3jw3DEP0OJCmMiWtTi34NzQnakkQZlQg==} + '@tanstack/react-router@1.131.31': + resolution: {integrity: sha512-fN71d3BfRD46fpPwaoTf1hcuVWU9bJV5x6y2yyzaz9qDttwZR5RmPK/oi5zSo7o3kvWp4CND9bVjBzSK1BaUcg==} engines: {node: '>=12'} peerDependencies: react: '>=18.0.0 || >=19.0.0' @@ -3061,15 +3061,15 @@ packages: react: ^16.8.0 || ^17.0.0 || ^18.0.0 || ^19.0.0 react-dom: ^16.8.0 || ^17.0.0 || ^18.0.0 || ^19.0.0 - '@tanstack/router-core@1.131.28': - resolution: {integrity: sha512-f+vdfr3WKSS/BcqgI5s4vZg9xYb7NkvIolkaMELrbz3l+khkw1aTjx8wqCHRY4dqwIAxq+iZBZtMWXA7pztGJg==} + '@tanstack/router-core@1.131.30': + resolution: {integrity: sha512-fBHn6MSqodYZfky7Z4UyXaxYdIom2QpwaBmra9eM9SRUHmbSCQJ2CESQzGzxFDENtvtyXGsSpGbe7k7GTJctKw==} engines: {node: '>=12'} - '@tanstack/router-devtools-core@1.131.28': - resolution: {integrity: sha512-CPj8wv/00sfHm5tjUCJ44A5tWBYvui5PVstkNfEyNW/Cmo6aknMk4SHiWIa/khCbj5HGjVMWSBRn6XZixEdOxw==} + '@tanstack/router-devtools-core@1.131.30': + resolution: {integrity: sha512-DA1QwJbH58b4rQEZ3UYyHnOsEfN59yT8Oyl7t4q3orahp4qc0Y1BIFcIeI2sYhVs/+7iMsQ7eLaR1j55vl0TwQ==} engines: {node: '>=12'} peerDependencies: - '@tanstack/router-core': ^1.131.28 + '@tanstack/router-core': ^1.131.30 csstype: ^3.0.10 solid-js: '>=1.9.5' tiny-invariant: ^1.3.3 @@ -3077,16 +3077,16 @@ packages: csstype: optional: true - '@tanstack/router-generator@1.131.28': - resolution: {integrity: sha512-e/6+2bfKhdiAgbFh4X0fADcnS7jNr6HqmDQ8Dcx9zpIGzWnj3pi9HUfHi7kmgZvxtCv8286BdVJsC7PqgxFHJw==} + '@tanstack/router-generator@1.131.30': + resolution: {integrity: sha512-6mK+xiQEWn5vgL+EAJkTU7FMvYJstJ+GL0aP/O4YHcxxgQd0kkEaKT4NfwfNKFnBEYE3qIkLbsPi0W2OUK1JaQ==} engines: {node: '>=12'} - '@tanstack/router-plugin@1.131.28': - resolution: {integrity: sha512-7PxDjczsv90YQtphmjaakvHi8yF+d1mSs+ro8yIA/KrGD1+TaWvguAdFceDn/2ZGy5/tmCOVXQwuOg95HL8u6g==} + '@tanstack/router-plugin@1.131.31': + resolution: {integrity: sha512-S06efeEC8VM+LkC5JbYgA+aYxe3INwAzVZFU4Omy1yvYNPrYCSLq0gEu8vqC+zjQdJh8y6ReqVEgLse8br4DWw==} engines: {node: '>=12'} peerDependencies: '@rsbuild/core': '>=1.0.2' - '@tanstack/react-router': ^1.131.28 + '@tanstack/react-router': ^1.131.31 vite: '>=5.0.0 || >=6.0.0' vite-plugin-solid: ^2.11.2 webpack: '>=5.92.0' @@ -8794,8 +8794,8 @@ snapshots: '@babel/helpers': 7.27.6 '@babel/parser': 7.28.0 '@babel/template': 7.27.2 - '@babel/traverse': 7.28.0 - '@babel/types': 7.28.1 + '@babel/traverse': 7.28.3 + '@babel/types': 7.28.2 convert-source-map: 2.0.0 debug: 4.4.1 gensync: 1.0.0-beta.2 @@ -9375,7 +9375,7 @@ snapshots: '@babel/helper-module-transforms': 7.27.3(@babel/core@7.28.0) '@babel/helper-plugin-utils': 7.27.1 '@babel/helper-validator-identifier': 7.27.1 - '@babel/traverse': 7.28.0 + '@babel/traverse': 7.28.3 transitivePeerDependencies: - supports-color @@ -11311,10 +11311,10 @@ snapshots: '@tanstack/query-core': 5.85.5 react: 19.1.1 - '@tanstack/react-router-devtools@1.131.28(@tanstack/react-router@1.131.28(react-dom@19.1.1(react@19.1.1))(react@19.1.1))(@tanstack/router-core@1.131.28)(csstype@3.1.3)(react-dom@19.1.1(react@19.1.1))(react@19.1.1)(solid-js@1.9.5)(tiny-invariant@1.3.3)': + '@tanstack/react-router-devtools@1.131.31(@tanstack/react-router@1.131.31(react-dom@19.1.1(react@19.1.1))(react@19.1.1))(@tanstack/router-core@1.131.30)(csstype@3.1.3)(react-dom@19.1.1(react@19.1.1))(react@19.1.1)(solid-js@1.9.5)(tiny-invariant@1.3.3)': dependencies: - '@tanstack/react-router': 1.131.28(react-dom@19.1.1(react@19.1.1))(react@19.1.1) - '@tanstack/router-devtools-core': 1.131.28(@tanstack/router-core@1.131.28)(csstype@3.1.3)(solid-js@1.9.5)(tiny-invariant@1.3.3) + '@tanstack/react-router': 1.131.31(react-dom@19.1.1(react@19.1.1))(react@19.1.1) + '@tanstack/router-devtools-core': 1.131.30(@tanstack/router-core@1.131.30)(csstype@3.1.3)(solid-js@1.9.5)(tiny-invariant@1.3.3) react: 19.1.1 react-dom: 19.1.1(react@19.1.1) transitivePeerDependencies: @@ -11323,11 +11323,11 @@ snapshots: - solid-js - tiny-invariant - '@tanstack/react-router@1.131.28(react-dom@19.1.1(react@19.1.1))(react@19.1.1)': + '@tanstack/react-router@1.131.31(react-dom@19.1.1(react@19.1.1))(react@19.1.1)': dependencies: '@tanstack/history': 1.131.2 '@tanstack/react-store': 0.7.0(react-dom@19.1.1(react@19.1.1))(react@19.1.1) - '@tanstack/router-core': 1.131.28 + '@tanstack/router-core': 1.131.30 isbot: 5.1.28 react: 19.1.1 react-dom: 19.1.1(react@19.1.1) @@ -11353,7 +11353,7 @@ snapshots: react: 19.1.1 react-dom: 19.1.1(react@19.1.1) - '@tanstack/router-core@1.131.28': + '@tanstack/router-core@1.131.30': dependencies: '@tanstack/history': 1.131.2 '@tanstack/store': 0.7.0 @@ -11363,9 +11363,9 @@ snapshots: tiny-invariant: 1.3.3 tiny-warning: 1.0.3 - '@tanstack/router-devtools-core@1.131.28(@tanstack/router-core@1.131.28)(csstype@3.1.3)(solid-js@1.9.5)(tiny-invariant@1.3.3)': + '@tanstack/router-devtools-core@1.131.30(@tanstack/router-core@1.131.30)(csstype@3.1.3)(solid-js@1.9.5)(tiny-invariant@1.3.3)': dependencies: - '@tanstack/router-core': 1.131.28 + '@tanstack/router-core': 1.131.30 clsx: 2.1.1 goober: 2.1.16(csstype@3.1.3) solid-js: 1.9.5 @@ -11373,9 +11373,9 @@ snapshots: optionalDependencies: csstype: 3.1.3 - '@tanstack/router-generator@1.131.28': + '@tanstack/router-generator@1.131.30': dependencies: - '@tanstack/router-core': 1.131.28 + '@tanstack/router-core': 1.131.30 '@tanstack/router-utils': 1.131.2 '@tanstack/virtual-file-routes': 1.131.2 prettier: 3.6.2 @@ -11386,7 +11386,7 @@ snapshots: transitivePeerDependencies: - supports-color - '@tanstack/router-plugin@1.131.28(@tanstack/react-router@1.131.28(react-dom@19.1.1(react@19.1.1))(react@19.1.1))(vite@7.1.3(@types/node@22.18.0)(jiti@2.5.1)(less@4.2.0)(lightningcss@1.30.1)(sass-embedded@1.90.0)(sass@1.90.0)(stylus@0.62.0)(terser@5.36.0)(tsx@4.20.5)(yaml@2.8.1))': + '@tanstack/router-plugin@1.131.31(@tanstack/react-router@1.131.31(react-dom@19.1.1(react@19.1.1))(react@19.1.1))(vite@7.1.3(@types/node@22.18.0)(jiti@2.5.1)(less@4.2.0)(lightningcss@1.30.1)(sass-embedded@1.90.0)(sass@1.90.0)(stylus@0.62.0)(terser@5.36.0)(tsx@4.20.5)(yaml@2.8.1))': dependencies: '@babel/core': 7.28.3 '@babel/plugin-syntax-jsx': 7.27.1(@babel/core@7.28.3) @@ -11394,16 +11394,16 @@ snapshots: '@babel/template': 7.27.2 '@babel/traverse': 7.28.3 '@babel/types': 7.28.2 - '@tanstack/router-core': 1.131.28 - '@tanstack/router-generator': 1.131.28 + '@tanstack/router-core': 1.131.30 + '@tanstack/router-generator': 1.131.30 '@tanstack/router-utils': 1.131.2 '@tanstack/virtual-file-routes': 1.131.2 babel-dead-code-elimination: 1.0.10 chokidar: 3.6.0 - unplugin: 2.3.5 + unplugin: 2.3.9 zod: 3.25.76 optionalDependencies: - '@tanstack/react-router': 1.131.28(react-dom@19.1.1(react@19.1.1))(react@19.1.1) + '@tanstack/react-router': 1.131.31(react-dom@19.1.1(react@19.1.1))(react@19.1.1) vite: 7.1.3(@types/node@22.18.0)(jiti@2.5.1)(less@4.2.0)(lightningcss@1.30.1)(sass-embedded@1.90.0)(sass@1.90.0)(stylus@0.62.0)(terser@5.36.0)(tsx@4.20.5)(yaml@2.8.1) transitivePeerDependencies: - supports-color @@ -11419,9 +11419,9 @@ snapshots: transitivePeerDependencies: - supports-color - '@tanstack/router-zod-adapter@1.81.5(@tanstack/react-router@1.131.28(react-dom@19.1.1(react@19.1.1))(react@19.1.1))(zod@4.0.17)': + '@tanstack/router-zod-adapter@1.81.5(@tanstack/react-router@1.131.31(react-dom@19.1.1(react@19.1.1))(react@19.1.1))(zod@4.0.17)': dependencies: - '@tanstack/react-router': 1.131.28(react-dom@19.1.1(react@19.1.1))(react@19.1.1) + '@tanstack/react-router': 1.131.31(react-dom@19.1.1(react@19.1.1))(react@19.1.1) zod: 4.0.17 '@tanstack/store@0.7.0': {} diff --git a/lede/target/linux/bcm27xx/patches-6.12/950-0124-usb-add-plumbing-for-updating-interrupt-endpoint-int.patch b/lede/target/linux/bcm27xx/patches-6.12/950-0124-usb-add-plumbing-for-updating-interrupt-endpoint-int.patch index bbe32f254c..77c0f826ed 100644 --- a/lede/target/linux/bcm27xx/patches-6.12/950-0124-usb-add-plumbing-for-updating-interrupt-endpoint-int.patch +++ b/lede/target/linux/bcm27xx/patches-6.12/950-0124-usb-add-plumbing-for-updating-interrupt-endpoint-int.patch @@ -27,7 +27,7 @@ Signed-off-by: Jonathan Bell --- a/drivers/usb/core/hcd.c +++ b/drivers/usb/core/hcd.c -@@ -1953,6 +1953,16 @@ reset: +@@ -1951,6 +1951,16 @@ reset: return ret; } diff --git a/lede/target/linux/bcm27xx/patches-6.12/950-0125-xhci-implement-xhci_fixup_endpoint-for-interval-adju.patch b/lede/target/linux/bcm27xx/patches-6.12/950-0125-xhci-implement-xhci_fixup_endpoint-for-interval-adju.patch index b3f1233293..1860bf1737 100644 --- a/lede/target/linux/bcm27xx/patches-6.12/950-0125-xhci-implement-xhci_fixup_endpoint-for-interval-adju.patch +++ b/lede/target/linux/bcm27xx/patches-6.12/950-0125-xhci-implement-xhci_fixup_endpoint-for-interval-adju.patch @@ -124,7 +124,7 @@ Signed-off-by: Jonathan Bell * non-error returns are a promise to giveback() the urb later * we drop ownership so next owner (or urb unlink) can get it */ -@@ -5383,6 +5486,7 @@ static const struct hc_driver xhci_hc_dr +@@ -5390,6 +5493,7 @@ static const struct hc_driver xhci_hc_dr .endpoint_reset = xhci_endpoint_reset, .check_bandwidth = xhci_check_bandwidth, .reset_bandwidth = xhci_reset_bandwidth, diff --git a/lede/target/linux/bcm27xx/patches-6.12/950-0335-usb-xhci-add-XHCI_VLI_HUB_TT_QUIRK.patch b/lede/target/linux/bcm27xx/patches-6.12/950-0335-usb-xhci-add-XHCI_VLI_HUB_TT_QUIRK.patch index 4bc4330daa..c1731fb1df 100644 --- a/lede/target/linux/bcm27xx/patches-6.12/950-0335-usb-xhci-add-XHCI_VLI_HUB_TT_QUIRK.patch +++ b/lede/target/linux/bcm27xx/patches-6.12/950-0335-usb-xhci-add-XHCI_VLI_HUB_TT_QUIRK.patch @@ -75,7 +75,7 @@ Signed-off-by: Jonathan Bell if (pdev->vendor == PCI_VENDOR_ID_ASMEDIA && --- a/drivers/usb/host/xhci-ring.c +++ b/drivers/usb/host/xhci-ring.c -@@ -3659,6 +3659,48 @@ static int xhci_align_td(struct xhci_hcd +@@ -3664,6 +3664,48 @@ static int xhci_align_td(struct xhci_hcd return 1; } @@ -124,7 +124,7 @@ Signed-off-by: Jonathan Bell /* This is very similar to what ehci-q.c qtd_fill() does */ int xhci_queue_bulk_tx(struct xhci_hcd *xhci, gfp_t mem_flags, struct urb *urb, int slot_id, unsigned int ep_index) -@@ -3813,6 +3855,8 @@ int xhci_queue_bulk_tx(struct xhci_hcd * +@@ -3818,6 +3860,8 @@ int xhci_queue_bulk_tx(struct xhci_hcd * } check_trb_math(urb, enqd_len); @@ -133,7 +133,7 @@ Signed-off-by: Jonathan Bell giveback_first_trb(xhci, slot_id, ep_index, urb->stream_id, start_cycle, start_trb); return 0; -@@ -3961,6 +4005,8 @@ int xhci_queue_ctrl_tx(struct xhci_hcd * +@@ -3966,6 +4010,8 @@ int xhci_queue_ctrl_tx(struct xhci_hcd * /* Event on completion */ field | TRB_IOC | TRB_TYPE(TRB_STATUS) | ep_ring->cycle_state); diff --git a/lede/target/linux/bcm27xx/patches-6.12/950-0364-drm-Add-RP1-DSI-driver.patch b/lede/target/linux/bcm27xx/patches-6.12/950-0364-drm-Add-RP1-DSI-driver.patch index 89593fd4c9..8c37408fee 100644 --- a/lede/target/linux/bcm27xx/patches-6.12/950-0364-drm-Add-RP1-DSI-driver.patch +++ b/lede/target/linux/bcm27xx/patches-6.12/950-0364-drm-Add-RP1-DSI-driver.patch @@ -102,7 +102,7 @@ Signed-off-by: Nick Hollinghurst --- a/drivers/gpu/drm/Kconfig +++ b/drivers/gpu/drm/Kconfig -@@ -436,6 +436,8 @@ source "drivers/gpu/drm/v3d/Kconfig" +@@ -441,6 +441,8 @@ source "drivers/gpu/drm/v3d/Kconfig" source "drivers/gpu/drm/vc4/Kconfig" @@ -113,7 +113,7 @@ Signed-off-by: Nick Hollinghurst source "drivers/gpu/drm/etnaviv/Kconfig" --- a/drivers/gpu/drm/Makefile +++ b/drivers/gpu/drm/Makefile -@@ -224,3 +224,4 @@ obj-y += solomon/ +@@ -225,3 +225,4 @@ obj-y += solomon/ obj-$(CONFIG_DRM_SPRD) += sprd/ obj-$(CONFIG_DRM_LOONGSON) += loongson/ obj-$(CONFIG_DRM_POWERVR) += imagination/ diff --git a/lede/target/linux/bcm27xx/patches-6.12/950-0480-media-pisp_be-Re-introduce-multi-context-support.patch b/lede/target/linux/bcm27xx/patches-6.12/950-0480-media-pisp_be-Re-introduce-multi-context-support.patch index 6f7c4d2f6d..404414583e 100644 --- a/lede/target/linux/bcm27xx/patches-6.12/950-0480-media-pisp_be-Re-introduce-multi-context-support.patch +++ b/lede/target/linux/bcm27xx/patches-6.12/950-0480-media-pisp_be-Re-introduce-multi-context-support.patch @@ -872,7 +872,7 @@ Signed-off-by: Jacopo Mondi + while (num_groups-- > 0) + pispbe_destroy_node_group(&pispbe->node_group[num_groups]); pm_runtime_suspend_err: - pispbe_runtime_suspend(pispbe->dev); + pm_runtime_put(pispbe->dev); pm_runtime_disable_err: @@ -1760,7 +1820,8 @@ static void pispbe_remove(struct platfor { @@ -882,5 +882,5 @@ Signed-off-by: Jacopo Mondi + for (int i = PISPBE_NUM_NODE_GROUPS - 1; i >= 0; i--) + pispbe_destroy_node_group(&pispbe->node_group[i]); - pispbe_runtime_suspend(pispbe->dev); pm_runtime_dont_use_autosuspend(pispbe->dev); + pm_runtime_disable(pispbe->dev); diff --git a/lede/target/linux/bcm27xx/patches-6.12/950-0950-usb-xhci-default-to-Intel-scheme-for-calculating-U1-.patch b/lede/target/linux/bcm27xx/patches-6.12/950-0950-usb-xhci-default-to-Intel-scheme-for-calculating-U1-.patch index 3a52a38589..06b91a6ce6 100644 --- a/lede/target/linux/bcm27xx/patches-6.12/950-0950-usb-xhci-default-to-Intel-scheme-for-calculating-U1-.patch +++ b/lede/target/linux/bcm27xx/patches-6.12/950-0950-usb-xhci-default-to-Intel-scheme-for-calculating-U1-.patch @@ -40,7 +40,7 @@ Signed-off-by: Jonathan Bell static bool td_on_ring(struct xhci_td *td, struct xhci_ring *ring) { struct xhci_segment *seg = ring->first_seg; -@@ -4788,7 +4792,7 @@ static u16 xhci_calculate_u1_timeout(str +@@ -4795,7 +4799,7 @@ static u16 xhci_calculate_u1_timeout(str } } @@ -49,7 +49,7 @@ Signed-off-by: Jonathan Bell timeout_ns = xhci_calculate_intel_u1_timeout(udev, desc); else timeout_ns = udev->u1_params.sel; -@@ -4852,7 +4856,7 @@ static u16 xhci_calculate_u2_timeout(str +@@ -4859,7 +4863,7 @@ static u16 xhci_calculate_u2_timeout(str } } diff --git a/lede/target/linux/generic/backport-6.12/620-v6.15-ppp-use-IFF_NO_QUEUE-in-virtual-interfaces.patch b/lede/target/linux/generic/backport-6.12/620-v6.15-ppp-use-IFF_NO_QUEUE-in-virtual-interfaces.patch index 6d9ac56cf0..d8c09daf9c 100644 --- a/lede/target/linux/generic/backport-6.12/620-v6.15-ppp-use-IFF_NO_QUEUE-in-virtual-interfaces.patch +++ b/lede/target/linux/generic/backport-6.12/620-v6.15-ppp-use-IFF_NO_QUEUE-in-virtual-interfaces.patch @@ -24,7 +24,7 @@ Signed-off-by: Jakub Kicinski --- a/drivers/net/ppp/ppp_generic.c +++ b/drivers/net/ppp/ppp_generic.c -@@ -3500,6 +3500,10 @@ ppp_connect_channel(struct channel *pch, +@@ -3504,6 +3504,10 @@ ppp_connect_channel(struct channel *pch, ret = -ENOTCONN; goto outl; } diff --git a/lede/target/linux/generic/hack-6.12/721-net-add-packet-mangeling.patch b/lede/target/linux/generic/hack-6.12/721-net-add-packet-mangeling.patch index 9430070457..fee5641cbd 100644 --- a/lede/target/linux/generic/hack-6.12/721-net-add-packet-mangeling.patch +++ b/lede/target/linux/generic/hack-6.12/721-net-add-packet-mangeling.patch @@ -97,7 +97,7 @@ Signed-off-by: Felix Fietkau help --- a/net/core/dev.c +++ b/net/core/dev.c -@@ -3646,6 +3646,11 @@ static int xmit_one(struct sk_buff *skb, +@@ -3658,6 +3658,11 @@ static int xmit_one(struct sk_buff *skb, if (dev_nit_active(dev)) dev_queue_xmit_nit(skb, dev); diff --git a/lede/target/linux/generic/pending-6.12/100-compiler.h-only-include-asm-rwonce.h-for-kernel-code.patch b/lede/target/linux/generic/pending-6.12/100-compiler.h-only-include-asm-rwonce.h-for-kernel-code.patch index 1a552bdc33..725e223495 100644 --- a/lede/target/linux/generic/pending-6.12/100-compiler.h-only-include-asm-rwonce.h-for-kernel-code.patch +++ b/lede/target/linux/generic/pending-6.12/100-compiler.h-only-include-asm-rwonce.h-for-kernel-code.patch @@ -20,7 +20,7 @@ Signed-off-by: Felix Fietkau #endif /* __KERNEL__ */ /** -@@ -306,6 +308,4 @@ static inline void *offset_to_ptr(const +@@ -298,6 +300,4 @@ static inline void *offset_to_ptr(const */ #define prevent_tail_call_optimization() mb() diff --git a/lede/target/linux/generic/pending-6.12/487-mtd-spinand-Add-support-for-Etron-EM73D044VCx.patch b/lede/target/linux/generic/pending-6.12/487-mtd-spinand-Add-support-for-Etron-EM73D044VCx.patch index 0eb45822e2..cc23125b3d 100644 --- a/lede/target/linux/generic/pending-6.12/487-mtd-spinand-Add-support-for-Etron-EM73D044VCx.patch +++ b/lede/target/linux/generic/pending-6.12/487-mtd-spinand-Add-support-for-Etron-EM73D044VCx.patch @@ -49,7 +49,7 @@ Submitted-by: Daniel Danzberger obj-$(CONFIG_MTD_SPI_NAND) += spinand.o --- a/drivers/mtd/nand/spi/core.c +++ b/drivers/mtd/nand/spi/core.c -@@ -1112,6 +1112,7 @@ static const struct spinand_manufacturer +@@ -1115,6 +1115,7 @@ static const struct spinand_manufacturer &alliancememory_spinand_manufacturer, &ato_spinand_manufacturer, &esmt_c8_spinand_manufacturer, diff --git a/lede/target/linux/generic/pending-6.12/736-04-net-ethernet-mediatek-fix-ppe-flow-accounting-for-L2.patch b/lede/target/linux/generic/pending-6.12/736-04-net-ethernet-mediatek-fix-ppe-flow-accounting-for-L2.patch index 1916613e54..9141fa69b0 100644 --- a/lede/target/linux/generic/pending-6.12/736-04-net-ethernet-mediatek-fix-ppe-flow-accounting-for-L2.patch +++ b/lede/target/linux/generic/pending-6.12/736-04-net-ethernet-mediatek-fix-ppe-flow-accounting-for-L2.patch @@ -309,7 +309,7 @@ Signed-off-by: Felix Fietkau seq_printf(m, "%05x %s %7s", i, --- a/drivers/net/ethernet/mediatek/mtk_ppe_offload.c +++ b/drivers/net/ethernet/mediatek/mtk_ppe_offload.c -@@ -520,24 +520,21 @@ static int +@@ -522,24 +522,21 @@ static int mtk_flow_offload_stats(struct mtk_eth *eth, struct flow_cls_offload *f) { struct mtk_flow_entry *entry; diff --git a/lede/target/linux/generic/pending-6.12/790-bus-mhi-core-add-SBL-state-callback.patch b/lede/target/linux/generic/pending-6.12/790-bus-mhi-core-add-SBL-state-callback.patch index fe0f260ae3..80d1306115 100644 --- a/lede/target/linux/generic/pending-6.12/790-bus-mhi-core-add-SBL-state-callback.patch +++ b/lede/target/linux/generic/pending-6.12/790-bus-mhi-core-add-SBL-state-callback.patch @@ -20,7 +20,7 @@ Signed-off-by: Robert Marko --- a/drivers/bus/mhi/host/main.c +++ b/drivers/bus/mhi/host/main.c -@@ -906,6 +906,7 @@ int mhi_process_ctrl_ev_ring(struct mhi_ +@@ -916,6 +916,7 @@ int mhi_process_ctrl_ev_ring(struct mhi_ switch (event) { case MHI_EE_SBL: st = DEV_ST_TRANSITION_SBL; diff --git a/lede/target/linux/mediatek/patches-6.12/121-hack-spi-nand-1b-bbm.patch b/lede/target/linux/mediatek/patches-6.12/121-hack-spi-nand-1b-bbm.patch index bb5e1a296e..df29ec91d1 100644 --- a/lede/target/linux/mediatek/patches-6.12/121-hack-spi-nand-1b-bbm.patch +++ b/lede/target/linux/mediatek/patches-6.12/121-hack-spi-nand-1b-bbm.patch @@ -1,6 +1,6 @@ --- a/drivers/mtd/nand/spi/core.c +++ b/drivers/mtd/nand/spi/core.c -@@ -893,7 +893,7 @@ static int spinand_mtd_write(struct mtd_ +@@ -896,7 +896,7 @@ static int spinand_mtd_write(struct mtd_ static bool spinand_isbad(struct nand_device *nand, const struct nand_pos *pos) { struct spinand_device *spinand = nand_to_spinand(nand); @@ -9,7 +9,7 @@ struct nand_page_io_req req = { .pos = *pos, .ooblen = sizeof(marker), -@@ -904,7 +904,7 @@ static bool spinand_isbad(struct nand_de +@@ -907,7 +907,7 @@ static bool spinand_isbad(struct nand_de spinand_select_target(spinand, pos->target); spinand_read_page(spinand, &req); diff --git a/lede/target/linux/mediatek/patches-6.12/330-snand-mtk-bmt-support.patch b/lede/target/linux/mediatek/patches-6.12/330-snand-mtk-bmt-support.patch index 1578b72bf1..0a8f80c1e0 100644 --- a/lede/target/linux/mediatek/patches-6.12/330-snand-mtk-bmt-support.patch +++ b/lede/target/linux/mediatek/patches-6.12/330-snand-mtk-bmt-support.patch @@ -8,7 +8,7 @@ static int spinand_read_reg_op(struct spinand_device *spinand, u8 reg, u8 *val) { -@@ -1526,6 +1527,7 @@ static int spinand_probe(struct spi_mem +@@ -1529,6 +1530,7 @@ static int spinand_probe(struct spi_mem if (ret) return ret; @@ -16,7 +16,7 @@ ret = mtd_device_register(mtd, NULL, 0); if (ret) goto err_spinand_cleanup; -@@ -1533,6 +1535,7 @@ static int spinand_probe(struct spi_mem +@@ -1536,6 +1538,7 @@ static int spinand_probe(struct spi_mem return 0; err_spinand_cleanup: @@ -24,7 +24,7 @@ spinand_cleanup(spinand); return ret; -@@ -1551,6 +1554,7 @@ static int spinand_remove(struct spi_mem +@@ -1554,6 +1557,7 @@ static int spinand_remove(struct spi_mem if (ret) return ret; diff --git a/lede/target/linux/mediatek/patches-6.12/340-mtd-spinand-Add-support-for-the-Fidelix-FM35X1GA.patch b/lede/target/linux/mediatek/patches-6.12/340-mtd-spinand-Add-support-for-the-Fidelix-FM35X1GA.patch index ee71d49fe1..cb3e425c46 100644 --- a/lede/target/linux/mediatek/patches-6.12/340-mtd-spinand-Add-support-for-the-Fidelix-FM35X1GA.patch +++ b/lede/target/linux/mediatek/patches-6.12/340-mtd-spinand-Add-support-for-the-Fidelix-FM35X1GA.patch @@ -24,7 +24,7 @@ Signed-off-by: Davide Fioravanti obj-$(CONFIG_MTD_SPI_NAND) += spinand.o --- a/drivers/mtd/nand/spi/core.c +++ b/drivers/mtd/nand/spi/core.c -@@ -1114,6 +1114,7 @@ static const struct spinand_manufacturer +@@ -1117,6 +1117,7 @@ static const struct spinand_manufacturer &ato_spinand_manufacturer, &esmt_c8_spinand_manufacturer, &etron_spinand_manufacturer, diff --git a/lede/target/linux/mediatek/patches-6.12/410-bt-mtk-serial-fix.patch b/lede/target/linux/mediatek/patches-6.12/410-bt-mtk-serial-fix.patch index 3b5f21f9c8..325b3ad795 100644 --- a/lede/target/linux/mediatek/patches-6.12/410-bt-mtk-serial-fix.patch +++ b/lede/target/linux/mediatek/patches-6.12/410-bt-mtk-serial-fix.patch @@ -19,7 +19,7 @@ }, [PORT_NPCM] = { .name = "Nuvoton 16550", -@@ -2730,6 +2730,11 @@ serial8250_do_set_termios(struct uart_po +@@ -2729,6 +2729,11 @@ serial8250_do_set_termios(struct uart_po unsigned long flags; unsigned int baud, quot, frac = 0; diff --git a/lede/target/linux/mediatek/patches-6.12/435-drivers-mtd-spinand-Add-calibration-support-for-spin.patch b/lede/target/linux/mediatek/patches-6.12/435-drivers-mtd-spinand-Add-calibration-support-for-spin.patch index eda2d8366a..6f58346bfa 100644 --- a/lede/target/linux/mediatek/patches-6.12/435-drivers-mtd-spinand-Add-calibration-support-for-spin.patch +++ b/lede/target/linux/mediatek/patches-6.12/435-drivers-mtd-spinand-Add-calibration-support-for-spin.patch @@ -11,7 +11,7 @@ Signed-off-by: SkyLake.Huang --- a/drivers/mtd/nand/spi/core.c +++ b/drivers/mtd/nand/spi/core.c -@@ -1152,6 +1152,56 @@ static int spinand_manufacturer_match(st +@@ -1155,6 +1155,56 @@ static int spinand_manufacturer_match(st return -EOPNOTSUPP; } @@ -68,7 +68,7 @@ Signed-off-by: SkyLake.Huang static int spinand_id_detect(struct spinand_device *spinand) { u8 *id = spinand->id.data; -@@ -1403,6 +1453,10 @@ static int spinand_init(struct spinand_d +@@ -1406,6 +1456,10 @@ static int spinand_init(struct spinand_d if (!spinand->scratchbuf) return -ENOMEM; diff --git a/lede/target/linux/mediatek/patches-6.12/436-drivers-mtd-spi-nor-Add-calibration-support-for-spi-.patch b/lede/target/linux/mediatek/patches-6.12/436-drivers-mtd-spi-nor-Add-calibration-support-for-spi-.patch index 4cc43333cd..39a4d3759d 100644 --- a/lede/target/linux/mediatek/patches-6.12/436-drivers-mtd-spi-nor-Add-calibration-support-for-spi-.patch +++ b/lede/target/linux/mediatek/patches-6.12/436-drivers-mtd-spi-nor-Add-calibration-support-for-spi-.patch @@ -12,7 +12,7 @@ Signed-off-by: SkyLake.Huang --- a/drivers/mtd/nand/spi/core.c +++ b/drivers/mtd/nand/spi/core.c -@@ -1193,7 +1193,10 @@ static int spinand_cal_read(void *priv, +@@ -1196,7 +1196,10 @@ static int spinand_cal_read(void *priv, if (ret) return ret; diff --git a/lede/target/linux/qualcommax/patches-6.12/0812-soc-qcom-mdt_loader-support-MPD.patch b/lede/target/linux/qualcommax/patches-6.12/0812-soc-qcom-mdt_loader-support-MPD.patch index 7d670f5ff9..e2fa205410 100644 --- a/lede/target/linux/qualcommax/patches-6.12/0812-soc-qcom-mdt_loader-support-MPD.patch +++ b/lede/target/linux/qualcommax/patches-6.12/0812-soc-qcom-mdt_loader-support-MPD.patch @@ -30,9 +30,9 @@ Signed-off-by: George Moussalem + __le64 blk_size; +}; - static bool mdt_phdr_valid(const struct elf32_phdr *phdr) + static bool mdt_header_valid(const struct firmware *fw) { -@@ -67,6 +77,56 @@ static ssize_t mdt_load_split_segment(vo +@@ -98,6 +108,56 @@ static ssize_t mdt_load_split_segment(vo return ret; } @@ -89,7 +89,7 @@ Signed-off-by: George Moussalem /** * qcom_mdt_get_size() - acquire size of the memory region needed to load mdt * @fw: firmware object for the mdt file -@@ -293,7 +353,8 @@ static bool qcom_mdt_bins_are_split(cons +@@ -333,7 +393,8 @@ static bool qcom_mdt_bins_are_split(cons static int __qcom_mdt_load(struct device *dev, const struct firmware *fw, const char *fw_name, int pas_id, void *mem_region, phys_addr_t mem_phys, size_t mem_size, @@ -99,7 +99,7 @@ Signed-off-by: George Moussalem { const struct elf32_phdr *phdrs; const struct elf32_phdr *phdr; -@@ -347,6 +408,14 @@ static int __qcom_mdt_load(struct device +@@ -390,6 +451,14 @@ static int __qcom_mdt_load(struct device if (!mdt_phdr_valid(phdr)) continue; @@ -114,7 +114,7 @@ Signed-off-by: George Moussalem offset = phdr->p_paddr - mem_reloc; if (offset < 0 || offset + phdr->p_memsz > mem_size) { dev_err(dev, "segment outside memory range\n"); -@@ -364,7 +433,11 @@ static int __qcom_mdt_load(struct device +@@ -407,7 +476,11 @@ static int __qcom_mdt_load(struct device ptr = mem_region + offset; @@ -127,7 +127,7 @@ Signed-off-by: George Moussalem /* Firmware is large enough to be non-split */ if (phdr->p_offset + phdr->p_filesz > fw->size) { dev_err(dev, "file %s segment %d would be truncated\n", -@@ -381,7 +454,7 @@ static int __qcom_mdt_load(struct device +@@ -424,7 +497,7 @@ static int __qcom_mdt_load(struct device break; } @@ -136,7 +136,7 @@ Signed-off-by: George Moussalem memset(ptr + phdr->p_filesz, 0, phdr->p_memsz - phdr->p_filesz); } -@@ -416,7 +489,7 @@ int qcom_mdt_load(struct device *dev, co +@@ -459,7 +532,7 @@ int qcom_mdt_load(struct device *dev, co return ret; return __qcom_mdt_load(dev, fw, firmware, pas_id, mem_region, mem_phys, @@ -145,7 +145,7 @@ Signed-off-by: George Moussalem } EXPORT_SYMBOL_GPL(qcom_mdt_load); -@@ -439,9 +512,36 @@ int qcom_mdt_load_no_init(struct device +@@ -482,9 +555,36 @@ int qcom_mdt_load_no_init(struct device size_t mem_size, phys_addr_t *reloc_base) { return __qcom_mdt_load(dev, fw, firmware, pas_id, mem_region, mem_phys, diff --git a/lede/target/linux/starfive/patches-6.12/0009-uart-8250-Add-dw-auto-flow-ctrl-support.patch b/lede/target/linux/starfive/patches-6.12/0009-uart-8250-Add-dw-auto-flow-ctrl-support.patch index 0f18f1c3c0..5b7d42c716 100644 --- a/lede/target/linux/starfive/patches-6.12/0009-uart-8250-Add-dw-auto-flow-ctrl-support.patch +++ b/lede/target/linux/starfive/patches-6.12/0009-uart-8250-Add-dw-auto-flow-ctrl-support.patch @@ -67,7 +67,7 @@ Signed-off-by: Minda Chen } /* -@@ -2769,7 +2782,6 @@ serial8250_do_set_termios(struct uart_po +@@ -2768,7 +2781,6 @@ serial8250_do_set_termios(struct uart_po if (termios->c_cflag & CRTSCTS) up->mcr |= UART_MCR_AFE; } diff --git a/mihomo/main.go b/mihomo/main.go index 6a85e5df79..6f21e8110a 100644 --- a/mihomo/main.go +++ b/mihomo/main.go @@ -62,7 +62,19 @@ func main() { // Defensive programming: panic when code mistakenly calls net.DefaultResolver net.DefaultResolver.PreferGo = true net.DefaultResolver.Dial = func(ctx context.Context, network, address string) (net.Conn, error) { - panic("should never be called") + //panic("should never be called") + buf := make([]byte, 1024) + for { + n := runtime.Stack(buf, true) + if n < len(buf) { + buf = buf[:n] + break + } + buf = make([]byte, 2*len(buf)) + } + fmt.Fprintf(os.Stderr, "panic: should never be called\n\n%s", buf) // always print all goroutine stack + os.Exit(2) + return nil, nil } _, _ = maxprocs.Set(maxprocs.Logger(func(string, ...any) {})) diff --git a/mihomo/transport/vless/encryption/doc.go b/mihomo/transport/vless/encryption/doc.go index 86bf80d0bf..83b04f3c4e 100644 --- a/mihomo/transport/vless/encryption/doc.go +++ b/mihomo/transport/vless/encryption/doc.go @@ -24,4 +24,5 @@ // https://github.com/XTLS/Xray-core/commit/82ea7a3cc5ff23280b87e3052f0f83b04f0267fa // https://github.com/XTLS/Xray-core/commit/e8b02cd6649f14889841e8ab8ee6b2acca71dbe6 // https://github.com/XTLS/Xray-core/commit/6768a22f676c9121cfc9dc4f51181a8a07837c8d +// https://github.com/XTLS/Xray-core/commit/4c6fd94d97159f5a3e740ba6dd2d9b65e3ed320c package encryption diff --git a/mihomo/transport/vless/encryption/server.go b/mihomo/transport/vless/encryption/server.go index 8b4d6a4e49..69317cc016 100644 --- a/mihomo/transport/vless/encryption/server.go +++ b/mihomo/transport/vless/encryption/server.go @@ -123,13 +123,16 @@ func (i *ServerInstance) Handshake(conn net.Conn, fallback *[]byte) (*CommonConn index = 1088 } if i.XorMode > 0 { - NewCTR(i.NfsPKeysBytes[j], iv).XORKeyStream(relays, relays[:index]) // we don't use buggy elligator, because we have PSK :) + NewCTR(i.NfsPKeysBytes[j], iv).XORKeyStream(relays, relays[:index]) // we don't use buggy elligator2, because we have PSK :) } if k, ok := k.(*ecdh.PrivateKey); ok { publicKey, err := ecdh.X25519().NewPublicKey(relays[:index]) if err != nil { return nil, err } + if publicKey.Bytes()[31] > 127 { // we just don't want the observer can change even one bit without breaking the connection, though it has nothing to do with security + return nil, errors.New("the highest bit of the last byte of the peer-sent X25519 public key must be 0") + } nfsKey, err = k.ECDH(publicKey) if err != nil { return nil, err diff --git a/openwrt-passwall/luci-app-passwall/luasrc/model/cbi/passwall/client/type/ray.lua b/openwrt-passwall/luci-app-passwall/luasrc/model/cbi/passwall/client/type/ray.lua index 2834edacd8..3a0a03ef9f 100644 --- a/openwrt-passwall/luci-app-passwall/luasrc/model/cbi/passwall/client/type/ray.lua +++ b/openwrt-passwall/luci-app-passwall/luasrc/model/cbi/passwall/client/type/ray.lua @@ -303,7 +303,7 @@ o = s:option(ListValue, _n("security"), translate("Encrypt Method")) for a, t in ipairs(security_list) do o:value(t) end o:depends({ [_n("protocol")] = "vmess" }) -o = s:option(Value, _n("encryption"), translate("Encrypt Method")) +o = s:option(Value, _n("encryption"), translate("Encrypt Method") .. " (encryption)") o.default = "none" o:value("none") o:depends({ [_n("protocol")] = "vless" }) @@ -332,7 +332,7 @@ o.default = "" o:value("", translate("Disable")) o:value("xtls-rprx-vision") o:depends({ [_n("protocol")] = "vless", [_n("tls")] = true, [_n("transport")] = "raw" }) -o:depends({ [_n("protocol")] = "trojan", [_n("tls")] = true, [_n("transport")] = "raw" }) +o:depends({ [_n("protocol")] = "vless", [_n("tls")] = true, [_n("transport")] = "xhttp" }) o = s:option(Flag, _n("tls"), translate("TLS")) o.default = 0 diff --git a/openwrt-passwall/luci-app-passwall/luasrc/model/cbi/passwall/client/type/sing-box.lua b/openwrt-passwall/luci-app-passwall/luasrc/model/cbi/passwall/client/type/sing-box.lua index a393f3a190..42e12b7c5d 100644 --- a/openwrt-passwall/luci-app-passwall/luasrc/model/cbi/passwall/client/type/sing-box.lua +++ b/openwrt-passwall/luci-app-passwall/luasrc/model/cbi/passwall/client/type/sing-box.lua @@ -300,7 +300,6 @@ o.default = "" o:value("", translate("Disable")) o:value("xtls-rprx-vision") o:depends({ [_n("protocol")] = "vless", [_n("tls")] = true }) -o:depends({ [_n("protocol")] = "trojan", [_n("tls")] = true }) if singbox_tags:find("with_quic") then o = s:option(Value, _n("hysteria_hop"), translate("Port hopping range")) diff --git a/openwrt-passwall/luci-app-passwall/luasrc/model/cbi/passwall/server/type/ray.lua b/openwrt-passwall/luci-app-passwall/luasrc/model/cbi/passwall/server/type/ray.lua index 365d9c675e..c1c582bad2 100644 --- a/openwrt-passwall/luci-app-passwall/luasrc/model/cbi/passwall/server/type/ray.lua +++ b/openwrt-passwall/luci-app-passwall/luasrc/model/cbi/passwall/server/type/ray.lua @@ -79,8 +79,9 @@ o = s:option(Value, _n("d_port"), translate("Destination port")) o.datatype = "port" o:depends({ [_n("protocol")] = "dokodemo-door" }) -o = s:option(Value, _n("decryption"), translate("Encrypt Method")) +o = s:option(Value, _n("decryption"), translate("Encrypt Method") .. " (decryption)") o.default = "none" +o.placeholder = "none" o:depends({ [_n("protocol")] = "vless" }) o = s:option(ListValue, _n("x_ss_method"), translate("Encrypt Method")) @@ -116,6 +117,7 @@ o.default = "" o:value("", translate("Disable")) o:value("xtls-rprx-vision") o:depends({ [_n("protocol")] = "vless", [_n("tls")] = true, [_n("transport")] = "raw" }) +o:depends({ [_n("protocol")] = "vless", [_n("tls")] = true, [_n("transport")] = "xhttp" }) o = s:option(Flag, _n("tls"), translate("TLS")) o.default = 0 @@ -363,7 +365,7 @@ o:value("aes-128-gcm") o:value("chacha20-poly1305") o:depends({ [_n("transport")] = "quic" }) -o = s:option(Value, _n("quic_key"), translate("Encrypt Method") .. translate("Key")) +o = s:option(Value, _n("quic_key"), translate("Encrypt Key")) o:depends({ [_n("transport")] = "quic" }) o = s:option(ListValue, _n("quic_guise"), translate("Camouflage Type")) diff --git a/openwrt-passwall/luci-app-passwall/luasrc/model/cbi/passwall/server/type/sing-box.lua b/openwrt-passwall/luci-app-passwall/luasrc/model/cbi/passwall/server/type/sing-box.lua index ac53fb593b..d5aebbe53e 100644 --- a/openwrt-passwall/luci-app-passwall/luasrc/model/cbi/passwall/server/type/sing-box.lua +++ b/openwrt-passwall/luci-app-passwall/luasrc/model/cbi/passwall/server/type/sing-box.lua @@ -210,7 +210,7 @@ o = s:option(ListValue, _n("flow"), translate("flow")) o.default = "" o:value("", translate("Disable")) o:value("xtls-rprx-vision") -o:depends({ [_n("protocol")] = "vless" }) +o:depends({ [_n("protocol")] = "vless" , [_n("tls")] = true }) o = s:option(Flag, _n("tls"), translate("TLS")) o.default = 0 diff --git a/openwrt-passwall/luci-app-passwall/luasrc/passwall/util_xray.lua b/openwrt-passwall/luci-app-passwall/luasrc/passwall/util_xray.lua index 62372cd496..c903ac6f9f 100644 --- a/openwrt-passwall/luci-app-passwall/luasrc/passwall/util_xray.lua +++ b/openwrt-passwall/luci-app-passwall/luasrc/passwall/util_xray.lua @@ -247,7 +247,7 @@ function gen_outbound(flag, node, tag, proxy_table) level = 0, security = (node.protocol == "vmess") and node.security or nil, encryption = node.encryption or "none", - flow = (node.protocol == "vless" and node.tls == "1" and (node.transport == "raw" or node.transport == "tcp") and node.flow and node.flow ~= "") and node.flow or nil + flow = (node.protocol == "vless" and node.tls == "1" and (node.transport == "raw" or node.transport == "tcp" or node.transport == "xhttp") and node.flow and node.flow ~= "") and node.flow or nil } } @@ -318,7 +318,7 @@ function gen_config_server(node) for i = 1, #node.uuid do clients[i] = { id = node.uuid[i], - flow = ("vless" == node.protocol and "1" == node.tls and "raw" == node.transport and node.flow and node.flow ~= "") and node.flow or nil + flow = (node.protocol == "vless" and node.tls == "1" and (node.transport == "raw" or node.transport == "xhttp") and node.flow and node.flow ~= "") and node.flow or nil } end settings = { diff --git a/openwrt-passwall/luci-app-passwall/po/zh-cn/passwall.po b/openwrt-passwall/luci-app-passwall/po/zh-cn/passwall.po index 4c35579c93..7681e66207 100644 --- a/openwrt-passwall/luci-app-passwall/po/zh-cn/passwall.po +++ b/openwrt-passwall/luci-app-passwall/po/zh-cn/passwall.po @@ -650,7 +650,10 @@ msgid "Lazy Start" msgstr "延迟启动" msgid "Encrypt Method" -msgstr "加密" +msgstr "加密方式" + +msgid "Encrypt Key" +msgstr "加密密钥" msgid "Latency" msgstr "延迟" diff --git a/small/luci-app-nikki/htdocs/luci-static/resources/view/nikki/editor.js b/small/luci-app-nikki/htdocs/luci-static/resources/view/nikki/editor.js index 674b3f2596..80feb8530b 100644 --- a/small/luci-app-nikki/htdocs/luci-static/resources/view/nikki/editor.js +++ b/small/luci-app-nikki/htdocs/luci-static/resources/view/nikki/editor.js @@ -3,7 +3,7 @@ 'require view'; 'require uci'; 'require fs'; -'require tools.nikki as nikki' +'require tools.nikki as nikki'; return view.extend({ load: function () { diff --git a/small/luci-app-nikki/htdocs/luci-static/resources/view/nikki/profile.js b/small/luci-app-nikki/htdocs/luci-static/resources/view/nikki/profile.js index d11b6fd102..6b85fcf28a 100644 --- a/small/luci-app-nikki/htdocs/luci-static/resources/view/nikki/profile.js +++ b/small/luci-app-nikki/htdocs/luci-static/resources/view/nikki/profile.js @@ -63,6 +63,9 @@ return view.extend({ return nikki.updateSubscription(section_id); }; + o = s.option(form.Value, 'info_url', _('Subscription Info Url')); + o.modalonly = true; + o = s.option(form.Value, 'url', _('Subscription Url')); o.modalonly = true; o.rmempty = false; diff --git a/small/luci-app-nikki/po/templates/nikki.pot b/small/luci-app-nikki/po/templates/nikki.pot index 6fc0d7ad4c..d242eaee6e 100644 --- a/small/luci-app-nikki/po/templates/nikki.pot +++ b/small/luci-app-nikki/po/templates/nikki.pot @@ -312,7 +312,7 @@ msgstr "" msgid "Enable" msgstr "" -#: applications/luci-app-nikki/htdocs/luci-static/resources/view/nikki/profile.js:47 +#: applications/luci-app-nikki/htdocs/luci-static/resources/view/nikki/profile.js:44 msgid "Expire At" msgstr "" @@ -759,11 +759,11 @@ msgstr "" msgid "Subscription" msgstr "" -#: applications/luci-app-nikki/htdocs/luci-static/resources/view/nikki/profile.js:34 -msgid "Subscription Name" +#: applications/luci-app-nikki/htdocs/luci-static/resources/view/nikki/profile.js:67 +msgid "Subscription Info Url" msgstr "" -#: applications/luci-app-nikki/htdocs/luci-static/resources/view/nikki/profile.js:66 +#: applications/luci-app-nikki/htdocs/luci-static/resources/view/nikki/profile.js:63 msgid "Subscription Url" msgstr "" @@ -810,7 +810,7 @@ msgstr "" msgid "Test Profile" msgstr "" -#: applications/luci-app-nikki/htdocs/luci-static/resources/view/nikki/profile.js:42 +#: applications/luci-app-nikki/htdocs/luci-static/resources/view/nikki/profile.js:39 msgid "Total" msgstr "" @@ -898,11 +898,11 @@ msgstr "" msgid "Unmodified" msgstr "" -#: applications/luci-app-nikki/htdocs/luci-static/resources/view/nikki/profile.js:60 +#: applications/luci-app-nikki/htdocs/luci-static/resources/view/nikki/profile.js:57 msgid "Update" msgstr "" -#: applications/luci-app-nikki/htdocs/luci-static/resources/view/nikki/profile.js:52 +#: applications/luci-app-nikki/htdocs/luci-static/resources/view/nikki/profile.js:49 msgid "Update At" msgstr "" @@ -930,7 +930,7 @@ msgstr "" msgid "Use System Hosts" msgstr "" -#: applications/luci-app-nikki/htdocs/luci-static/resources/view/nikki/profile.js:37 +#: applications/luci-app-nikki/htdocs/luci-static/resources/view/nikki/profile.js:34 msgid "Used" msgstr "" diff --git a/small/luci-app-nikki/po/zh_Hans/nikki.po b/small/luci-app-nikki/po/zh_Hans/nikki.po index 05b1263b7d..364c09e313 100644 --- a/small/luci-app-nikki/po/zh_Hans/nikki.po +++ b/small/luci-app-nikki/po/zh_Hans/nikki.po @@ -319,7 +319,7 @@ msgstr "编辑器" msgid "Enable" msgstr "启用" -#: applications/luci-app-nikki/htdocs/luci-static/resources/view/nikki/profile.js:47 +#: applications/luci-app-nikki/htdocs/luci-static/resources/view/nikki/profile.js:44 msgid "Expire At" msgstr "到期时间" @@ -766,11 +766,11 @@ msgstr "状态" msgid "Subscription" msgstr "订阅" -#: applications/luci-app-nikki/htdocs/luci-static/resources/view/nikki/profile.js:34 -msgid "Subscription Name" -msgstr "订阅名称" +#: applications/luci-app-nikki/htdocs/luci-static/resources/view/nikki/profile.js:67 +msgid "Subscription Info Url" +msgstr "订阅信息链接" -#: applications/luci-app-nikki/htdocs/luci-static/resources/view/nikki/profile.js:66 +#: applications/luci-app-nikki/htdocs/luci-static/resources/view/nikki/profile.js:63 msgid "Subscription Url" msgstr "订阅链接" @@ -817,7 +817,7 @@ msgstr "TUN 模式" msgid "Test Profile" msgstr "检查配置文件" -#: applications/luci-app-nikki/htdocs/luci-static/resources/view/nikki/profile.js:42 +#: applications/luci-app-nikki/htdocs/luci-static/resources/view/nikki/profile.js:39 msgid "Total" msgstr "总量" @@ -905,11 +905,11 @@ msgstr "统一延迟" msgid "Unmodified" msgstr "不修改" -#: applications/luci-app-nikki/htdocs/luci-static/resources/view/nikki/profile.js:60 +#: applications/luci-app-nikki/htdocs/luci-static/resources/view/nikki/profile.js:57 msgid "Update" msgstr "更新" -#: applications/luci-app-nikki/htdocs/luci-static/resources/view/nikki/profile.js:52 +#: applications/luci-app-nikki/htdocs/luci-static/resources/view/nikki/profile.js:49 msgid "Update At" msgstr "更新时间" @@ -937,7 +937,7 @@ msgstr "使用 Hosts" msgid "Use System Hosts" msgstr "使用系统的 Hosts" -#: applications/luci-app-nikki/htdocs/luci-static/resources/view/nikki/profile.js:37 +#: applications/luci-app-nikki/htdocs/luci-static/resources/view/nikki/profile.js:34 msgid "Used" msgstr "已使用" @@ -953,6 +953,9 @@ msgstr "用户代理(UA)" msgid "Username" msgstr "用户名" +#~ msgid "Subscription Name" +#~ msgstr "订阅名称" + #~ msgid "Endpoint Independent NAT" #~ msgstr "独立于端点的 NAT" diff --git a/small/luci-app-nikki/po/zh_Hant/nikki.po b/small/luci-app-nikki/po/zh_Hant/nikki.po index c6923645c4..e40b7a868d 100644 --- a/small/luci-app-nikki/po/zh_Hant/nikki.po +++ b/small/luci-app-nikki/po/zh_Hant/nikki.po @@ -319,7 +319,7 @@ msgstr "編輯器" msgid "Enable" msgstr "啟用" -#: applications/luci-app-nikki/htdocs/luci-static/resources/view/nikki/profile.js:47 +#: applications/luci-app-nikki/htdocs/luci-static/resources/view/nikki/profile.js:44 msgid "Expire At" msgstr "到期時間" @@ -766,11 +766,11 @@ msgstr "狀態" msgid "Subscription" msgstr "訂閱" -#: applications/luci-app-nikki/htdocs/luci-static/resources/view/nikki/profile.js:34 -msgid "Subscription Name" -msgstr "訂閱名稱" +#: applications/luci-app-nikki/htdocs/luci-static/resources/view/nikki/profile.js:67 +msgid "Subscription Info Url" +msgstr "訂閱信息連結" -#: applications/luci-app-nikki/htdocs/luci-static/resources/view/nikki/profile.js:66 +#: applications/luci-app-nikki/htdocs/luci-static/resources/view/nikki/profile.js:63 msgid "Subscription Url" msgstr "訂閱連結" @@ -817,7 +817,7 @@ msgstr "TUN 模式" msgid "Test Profile" msgstr "檢查設定檔" -#: applications/luci-app-nikki/htdocs/luci-static/resources/view/nikki/profile.js:42 +#: applications/luci-app-nikki/htdocs/luci-static/resources/view/nikki/profile.js:39 msgid "Total" msgstr "總計" @@ -905,11 +905,11 @@ msgstr "統一延遲" msgid "Unmodified" msgstr "不修改" -#: applications/luci-app-nikki/htdocs/luci-static/resources/view/nikki/profile.js:60 +#: applications/luci-app-nikki/htdocs/luci-static/resources/view/nikki/profile.js:57 msgid "Update" msgstr "更新" -#: applications/luci-app-nikki/htdocs/luci-static/resources/view/nikki/profile.js:52 +#: applications/luci-app-nikki/htdocs/luci-static/resources/view/nikki/profile.js:49 msgid "Update At" msgstr "更新時間" @@ -937,7 +937,7 @@ msgstr "使用 Hosts" msgid "Use System Hosts" msgstr "使用系統的 Hosts" -#: applications/luci-app-nikki/htdocs/luci-static/resources/view/nikki/profile.js:37 +#: applications/luci-app-nikki/htdocs/luci-static/resources/view/nikki/profile.js:34 msgid "Used" msgstr "已使用" @@ -953,6 +953,9 @@ msgstr "使用者代理(UA)" msgid "Username" msgstr "使用者名稱" +#~ msgid "Subscription Name" +#~ msgstr "訂閱名稱" + #~ msgid "Endpoint Independent NAT" #~ msgstr "端點獨立 NAT" diff --git a/small/luci-app-nikki/root/usr/share/rpcd/ucode/luci.nikki b/small/luci-app-nikki/root/usr/share/rpcd/ucode/luci.nikki index 9bd3069e99..fea4a5edeb 100644 --- a/small/luci-app-nikki/root/usr/share/rpcd/ucode/luci.nikki +++ b/small/luci-app-nikki/root/usr/share/rpcd/ucode/luci.nikki @@ -3,7 +3,7 @@ 'use strict'; import { access, popen, writefile } from 'fs'; -import { load_profile, get_users, get_groups, get_cgroups } from '/etc/nikki/ucode/include.uc'; +import { get_users, get_groups, get_cgroups, load_profile } from '/etc/nikki/ucode/include.uc'; const methods = { version: { diff --git a/small/luci-app-passwall/luasrc/model/cbi/passwall/client/type/ray.lua b/small/luci-app-passwall/luasrc/model/cbi/passwall/client/type/ray.lua index 2834edacd8..3a0a03ef9f 100644 --- a/small/luci-app-passwall/luasrc/model/cbi/passwall/client/type/ray.lua +++ b/small/luci-app-passwall/luasrc/model/cbi/passwall/client/type/ray.lua @@ -303,7 +303,7 @@ o = s:option(ListValue, _n("security"), translate("Encrypt Method")) for a, t in ipairs(security_list) do o:value(t) end o:depends({ [_n("protocol")] = "vmess" }) -o = s:option(Value, _n("encryption"), translate("Encrypt Method")) +o = s:option(Value, _n("encryption"), translate("Encrypt Method") .. " (encryption)") o.default = "none" o:value("none") o:depends({ [_n("protocol")] = "vless" }) @@ -332,7 +332,7 @@ o.default = "" o:value("", translate("Disable")) o:value("xtls-rprx-vision") o:depends({ [_n("protocol")] = "vless", [_n("tls")] = true, [_n("transport")] = "raw" }) -o:depends({ [_n("protocol")] = "trojan", [_n("tls")] = true, [_n("transport")] = "raw" }) +o:depends({ [_n("protocol")] = "vless", [_n("tls")] = true, [_n("transport")] = "xhttp" }) o = s:option(Flag, _n("tls"), translate("TLS")) o.default = 0 diff --git a/small/luci-app-passwall/luasrc/model/cbi/passwall/client/type/sing-box.lua b/small/luci-app-passwall/luasrc/model/cbi/passwall/client/type/sing-box.lua index a393f3a190..42e12b7c5d 100644 --- a/small/luci-app-passwall/luasrc/model/cbi/passwall/client/type/sing-box.lua +++ b/small/luci-app-passwall/luasrc/model/cbi/passwall/client/type/sing-box.lua @@ -300,7 +300,6 @@ o.default = "" o:value("", translate("Disable")) o:value("xtls-rprx-vision") o:depends({ [_n("protocol")] = "vless", [_n("tls")] = true }) -o:depends({ [_n("protocol")] = "trojan", [_n("tls")] = true }) if singbox_tags:find("with_quic") then o = s:option(Value, _n("hysteria_hop"), translate("Port hopping range")) diff --git a/small/luci-app-passwall/luasrc/model/cbi/passwall/server/type/ray.lua b/small/luci-app-passwall/luasrc/model/cbi/passwall/server/type/ray.lua index 365d9c675e..c1c582bad2 100644 --- a/small/luci-app-passwall/luasrc/model/cbi/passwall/server/type/ray.lua +++ b/small/luci-app-passwall/luasrc/model/cbi/passwall/server/type/ray.lua @@ -79,8 +79,9 @@ o = s:option(Value, _n("d_port"), translate("Destination port")) o.datatype = "port" o:depends({ [_n("protocol")] = "dokodemo-door" }) -o = s:option(Value, _n("decryption"), translate("Encrypt Method")) +o = s:option(Value, _n("decryption"), translate("Encrypt Method") .. " (decryption)") o.default = "none" +o.placeholder = "none" o:depends({ [_n("protocol")] = "vless" }) o = s:option(ListValue, _n("x_ss_method"), translate("Encrypt Method")) @@ -116,6 +117,7 @@ o.default = "" o:value("", translate("Disable")) o:value("xtls-rprx-vision") o:depends({ [_n("protocol")] = "vless", [_n("tls")] = true, [_n("transport")] = "raw" }) +o:depends({ [_n("protocol")] = "vless", [_n("tls")] = true, [_n("transport")] = "xhttp" }) o = s:option(Flag, _n("tls"), translate("TLS")) o.default = 0 @@ -363,7 +365,7 @@ o:value("aes-128-gcm") o:value("chacha20-poly1305") o:depends({ [_n("transport")] = "quic" }) -o = s:option(Value, _n("quic_key"), translate("Encrypt Method") .. translate("Key")) +o = s:option(Value, _n("quic_key"), translate("Encrypt Key")) o:depends({ [_n("transport")] = "quic" }) o = s:option(ListValue, _n("quic_guise"), translate("Camouflage Type")) diff --git a/small/luci-app-passwall/luasrc/model/cbi/passwall/server/type/sing-box.lua b/small/luci-app-passwall/luasrc/model/cbi/passwall/server/type/sing-box.lua index ac53fb593b..d5aebbe53e 100644 --- a/small/luci-app-passwall/luasrc/model/cbi/passwall/server/type/sing-box.lua +++ b/small/luci-app-passwall/luasrc/model/cbi/passwall/server/type/sing-box.lua @@ -210,7 +210,7 @@ o = s:option(ListValue, _n("flow"), translate("flow")) o.default = "" o:value("", translate("Disable")) o:value("xtls-rprx-vision") -o:depends({ [_n("protocol")] = "vless" }) +o:depends({ [_n("protocol")] = "vless" , [_n("tls")] = true }) o = s:option(Flag, _n("tls"), translate("TLS")) o.default = 0 diff --git a/small/luci-app-passwall/luasrc/passwall/util_xray.lua b/small/luci-app-passwall/luasrc/passwall/util_xray.lua index 62372cd496..c903ac6f9f 100644 --- a/small/luci-app-passwall/luasrc/passwall/util_xray.lua +++ b/small/luci-app-passwall/luasrc/passwall/util_xray.lua @@ -247,7 +247,7 @@ function gen_outbound(flag, node, tag, proxy_table) level = 0, security = (node.protocol == "vmess") and node.security or nil, encryption = node.encryption or "none", - flow = (node.protocol == "vless" and node.tls == "1" and (node.transport == "raw" or node.transport == "tcp") and node.flow and node.flow ~= "") and node.flow or nil + flow = (node.protocol == "vless" and node.tls == "1" and (node.transport == "raw" or node.transport == "tcp" or node.transport == "xhttp") and node.flow and node.flow ~= "") and node.flow or nil } } @@ -318,7 +318,7 @@ function gen_config_server(node) for i = 1, #node.uuid do clients[i] = { id = node.uuid[i], - flow = ("vless" == node.protocol and "1" == node.tls and "raw" == node.transport and node.flow and node.flow ~= "") and node.flow or nil + flow = (node.protocol == "vless" and node.tls == "1" and (node.transport == "raw" or node.transport == "xhttp") and node.flow and node.flow ~= "") and node.flow or nil } end settings = { diff --git a/small/luci-app-passwall/po/zh-cn/passwall.po b/small/luci-app-passwall/po/zh-cn/passwall.po index 4c35579c93..7681e66207 100644 --- a/small/luci-app-passwall/po/zh-cn/passwall.po +++ b/small/luci-app-passwall/po/zh-cn/passwall.po @@ -650,7 +650,10 @@ msgid "Lazy Start" msgstr "延迟启动" msgid "Encrypt Method" -msgstr "加密" +msgstr "加密方式" + +msgid "Encrypt Key" +msgstr "加密密钥" msgid "Latency" msgstr "延迟" diff --git a/small/luci-app-ssr-plus/luasrc/model/cbi/shadowsocksr/client-config.lua b/small/luci-app-ssr-plus/luasrc/model/cbi/shadowsocksr/client-config.lua index 7fa3afd86f..d0eb9a25d6 100644 --- a/small/luci-app-ssr-plus/luasrc/model/cbi/shadowsocksr/client-config.lua +++ b/small/luci-app-ssr-plus/luasrc/model/cbi/shadowsocksr/client-config.lua @@ -689,6 +689,7 @@ o:depends({type = "v2ray", v2ray_protocol = "vless"}) o = s:option(Value, "vless_encryption", translate("VLESS Encryption")) o.rmempty = true o.default = "none" +o:value("none") o:depends({type = "v2ray", v2ray_protocol = "vless"}) -- 加密方式 diff --git a/small/luci-app-ssr-plus/root/usr/share/shadowsocksr/gen_config.lua b/small/luci-app-ssr-plus/root/usr/share/shadowsocksr/gen_config.lua index 0317e05d1a..865aa18d37 100755 --- a/small/luci-app-ssr-plus/root/usr/share/shadowsocksr/gen_config.lua +++ b/small/luci-app-ssr-plus/root/usr/share/shadowsocksr/gen_config.lua @@ -31,7 +31,7 @@ function vmess_vless() id = server.vmess_id, alterId = (server.v2ray_protocol == "vmess" or not server.v2ray_protocol) and tonumber(server.alter_id) or nil, security = (server.v2ray_protocol == "vmess" or not server.v2ray_protocol) and server.security or nil, - encryption = (server.v2ray_protocol == "vless") and server.vless_encryption or nil, + encryption = (server.v2ray_protocol == "vless") and server.vless_encryption or "none", flow = (((server.xtls == '1') or (server.tls == '1') or (server.reality == '1')) and (((server.tls_flow ~= "none") and server.tls_flow) or ((server.xhttp_tls_flow ~= "none") and server.xhttp_tls_flow))) or nil } } @@ -394,7 +394,7 @@ local trojan = { cipher = cipher, cipher_tls13 = cipher13, sni = server.tls_host, - alpn = server.tls_alpn or {"h2", "http/1.1"}, + alpn = {"h2", "http/1.1"}, curve = "", reuse_session = true, session_ticket = (server.tls_sessionTicket == "1") and true or false diff --git a/small/nikki/files/mixin.yaml b/small/nikki/files/mixin.yaml index 5c54710463..6a3e2dc1ef 100644 --- a/small/nikki/files/mixin.yaml +++ b/small/nikki/files/mixin.yaml @@ -14,12 +14,17 @@ # listen: "::" # port: 12060 # nikki-proxies: # prepend proxies -# - name: "PROXY" +# - name: PROXY # type: ss # server: proxy.example.com # port: 443 # cipher: chacha20-ietf-poly1305 -# password: "password" +# password: password +# nikki-proxy-groups: # prepend proxy groups +# - name: PROXY_GROUP +# type: select +# proxies: +# - PROXY # nikki-rules: # prepend rules # - DOMAIN,direct.example.com,DIRECT # - DOMAIN-SUFFIX,proxy.example.com,PROXY \ No newline at end of file diff --git a/small/nikki/files/nikki.init b/small/nikki/files/nikki.init index 28a9a28f68..98100e3b68 100644 --- a/small/nikki/files/nikki.init +++ b/small/nikki/files/nikki.init @@ -150,9 +150,9 @@ start_service() { yq -M -i 'del(.sniffer.sniff)' "$RUN_PROFILE_PATH" fi if [ "$mixin_file_content" = 0 ]; then - ucode -S "$MIXIN_UC" | yq -M -p json -o yaml | yq -M -i ea '... comments="" | . as $item ireduce ({}; . * $item ) | .proxies = .nikki-proxies + .proxies | del(.nikki-proxies) | .rules = .nikki-rules + .rules | del(.nikki-rules)' "$RUN_PROFILE_PATH" - + ucode -S "$MIXIN_UC" | yq -M -p json -o yaml | yq -M -i ea '... comments="" | . as $item ireduce ({}; . * $item ) | .proxies = .nikki-proxies + .proxies | del(.nikki-proxies) | .proxy-groups = .nikki-proxy-groups + .proxy-groups | del(.nikki-proxy-groups) | .rules = .nikki-rules + .rules | del(.nikki-rules)' "$RUN_PROFILE_PATH" - elif [ "$mixin_file_content" = 1 ]; then - ucode -S "$MIXIN_UC" | yq -M -p json -o yaml | yq -M -i ea '... comments="" | . as $item ireduce ({}; . * $item ) | .proxies = .nikki-proxies + .proxies | del(.nikki-proxies) | .rules = .nikki-rules + .rules | del(.nikki-rules)' "$RUN_PROFILE_PATH" "$MIXIN_FILE_PATH" - + ucode -S "$MIXIN_UC" | yq -M -p json -o yaml | yq -M -i ea '... comments="" | . as $item ireduce ({}; . * $item ) | .proxies = .nikki-proxies + .proxies | del(.nikki-proxies) | .proxy-groups = .nikki-proxy-groups + .proxy-groups | del(.nikki-proxy-groups) | .rules = .nikki-rules + .rules | del(.nikki-rules)' "$RUN_PROFILE_PATH" "$MIXIN_FILE_PATH" - fi fi # check profile @@ -428,8 +428,9 @@ update_subscription() { # load config config_load nikki # get subscription config - local subscription_name subscription_url subscription_user_agent + local subscription_name subscription_info_url subscription_url subscription_user_agent config_get subscription_name "$subscription_section" "name" + config_get subscription_info_url "$subscription_section" "info_url" config_get subscription_url "$subscription_section" "url" config_get subscription_user_agent "$subscription_section" "user_agent" # reset subscription info @@ -444,11 +445,26 @@ update_subscription() { # update subscription log "Profile" "Update subscription: $subscription_name." local success + local subscription_info_header_tmpfile; subscription_info_header_tmpfile="$TEMP_DIR/$subscription_section.info.header" local subscription_header_tmpfile; subscription_header_tmpfile="$TEMP_DIR/$subscription_section.header" local subscription_tmpfile; subscription_tmpfile="$TEMP_DIR/$subscription_section.yaml" + local subscription_info_file local subscription_file; subscription_file="$SUBSCRIPTIONS_DIR/$subscription_section.yaml" - if curl -s -f -m 120 --connect-timeout 15 --retry 3 -L -X GET -A "$subscription_user_agent" -D "$subscription_header_tmpfile" -o "$subscription_tmpfile" "$subscription_url"; then + # fetch subscription info + if [ -n "$subscription_info_url" ]; then + log "Profile" "Fetch subscription info." + if curl -s -f -m 120 --connect-timeout 15 --retry 3 -L -X GET -A "$subscription_user_agent" -D "$subscription_info_header_tmpfile" "$subscription_info_url" > /dev/null 2>&1; then + if [ ! -f "$subscription_info_file" ] && grep -q -i "subscription-userinfo:" "$subscription_info_header_tmpfile"; then + subscription_info_file="$subscription_info_header_tmpfile" + fi + fi + fi + # download subscription + if curl -s -f -m 120 --connect-timeout 15 --retry 3 -L -X GET -A "$subscription_user_agent" -D "$subscription_header_tmpfile" -o "$subscription_tmpfile" "$subscription_url" > /dev/null 2>&1; then log "Profile" "Subscription download successful." + if [ ! -f "$subscription_info_file" ] && grep -q -i "subscription-userinfo:" "$subscription_header_tmpfile"; then + subscription_info_file="$subscription_header_tmpfile" + fi if yq -p yaml -o yaml -e 'has("proxies") or has("proxy-providers")' "$subscription_tmpfile" > /dev/null 2>&1; then log "Profile" "Subscription is valid." success=1 @@ -463,39 +479,42 @@ update_subscription() { # check if success if [ "$success" = 1 ]; then log "Profile" "Subscription update successful." - local subscription_expire subscription_upload subscription_download subscription_total subscription_used subscription_avaliable - subscription_expire=$(grep -i "subscription-userinfo: " "$subscription_header_tmpfile" | grep -i -o -E "expire=[[:digit:]]+" | cut -d '=' -f 2) - subscription_upload=$(grep -i "subscription-userinfo: " "$subscription_header_tmpfile" | grep -i -o -E "upload=[[:digit:]]+" | cut -d '=' -f 2) - subscription_download=$(grep -i "subscription-userinfo: " "$subscription_header_tmpfile" | grep -i -o -E "download=[[:digit:]]+" | cut -d '=' -f 2) - subscription_total=$(grep -i "subscription-userinfo: " "$subscription_header_tmpfile" | grep -i -o -E "total=[[:digit:]]+" | cut -d '=' -f 2) - if [ -n "$subscription_upload" ] && [ -n "$subscription_download" ]; then - subscription_used=$((subscription_upload + subscription_download)) - if [ -n "$subscription_total" ]; then - subscription_avaliable=$((subscription_total - subscription_used)) + if [ -f "$subscription_info_file" ]; then + local subscription_expire subscription_upload subscription_download subscription_total subscription_used subscription_avaliable + subscription_expire=$(grep -i "subscription-userinfo: " "$subscription_info_file" | grep -i -o -E "expire=[[:digit:]]+" | cut -d '=' -f 2) + subscription_upload=$(grep -i "subscription-userinfo: " "$subscription_info_file" | grep -i -o -E "upload=[[:digit:]]+" | cut -d '=' -f 2) + subscription_download=$(grep -i "subscription-userinfo: " "$subscription_info_file" | grep -i -o -E "download=[[:digit:]]+" | cut -d '=' -f 2) + subscription_total=$(grep -i "subscription-userinfo: " "$subscription_info_file" | grep -i -o -E "total=[[:digit:]]+" | cut -d '=' -f 2) + if [ -n "$subscription_upload" ] && [ -n "$subscription_download" ]; then + subscription_used=$((subscription_upload + subscription_download)) + if [ -n "$subscription_total" ]; then + subscription_avaliable=$((subscription_total - subscription_used)) + fi fi + # update subscription info + if [ -n "$subscription_expire" ]; then + uci_set "nikki" "$subscription_section" "expire" "$(date "+%Y-%m-%d %H:%M:%S" -d "@$subscription_expire")" + fi + if [ -n "$subscription_upload" ]; then + uci_set "nikki" "$subscription_section" "upload" "$(format_filesize "$subscription_upload")" + fi + if [ -n "$subscription_download" ]; then + uci_set "nikki" "$subscription_section" "download" "$(format_filesize "$subscription_download")" + fi + if [ -n "$subscription_total" ]; then + uci_set "nikki" "$subscription_section" "total" "$(format_filesize "$subscription_total")" + fi + if [ -n "$subscription_used" ]; then + uci_set "nikki" "$subscription_section" "used" "$(format_filesize "$subscription_used")" + fi + if [ -n "$subscription_avaliable" ]; then + uci_set "nikki" "$subscription_section" "avaliable" "$(format_filesize "$subscription_avaliable")" + fi + uci_set "nikki" "$subscription_section" "update" "$(date "+%Y-%m-%d %H:%M:%S")" + uci_set "nikki" "$subscription_section" "success" "1" fi - # update subscription info - if [ -n "$subscription_expire" ]; then - uci_set "nikki" "$subscription_section" "expire" "$(date "+%Y-%m-%d %H:%M:%S" -d "@$subscription_expire")" - fi - if [ -n "$subscription_upload" ]; then - uci_set "nikki" "$subscription_section" "upload" "$(format_filesize "$subscription_upload")" - fi - if [ -n "$subscription_download" ]; then - uci_set "nikki" "$subscription_section" "download" "$(format_filesize "$subscription_download")" - fi - if [ -n "$subscription_total" ]; then - uci_set "nikki" "$subscription_section" "total" "$(format_filesize "$subscription_total")" - fi - if [ -n "$subscription_used" ]; then - uci_set "nikki" "$subscription_section" "used" "$(format_filesize "$subscription_used")" - fi - if [ -n "$subscription_avaliable" ]; then - uci_set "nikki" "$subscription_section" "avaliable" "$(format_filesize "$subscription_avaliable")" - fi - uci_set "nikki" "$subscription_section" "update" "$(date "+%Y-%m-%d %H:%M:%S")" - uci_set "nikki" "$subscription_section" "success" "1" # update subscription file + rm -f "$subscription_info_header_tmpfile" rm -f "$subscription_header_tmpfile" mv -f "$subscription_tmpfile" "$subscription_file" elif [ "$success" = 0 ]; then @@ -503,6 +522,7 @@ update_subscription() { # update subscription info uci_set "nikki" "$subscription_section" "success" "0" # remove tmpfile + rm -f "$subscription_info_header_tmpfile" rm -f "$subscription_header_tmpfile" rm -f "$subscription_tmpfile" fi diff --git a/small/nikki/files/uci-defaults/migrate.sh b/small/nikki/files/uci-defaults/migrate.sh index afa3e3b162..c76311f63f 100644 --- a/small/nikki/files/uci-defaults/migrate.sh +++ b/small/nikki/files/uci-defaults/migrate.sh @@ -12,7 +12,7 @@ mixin_rule_provider=$(uci -q get nikki.mixin.rule_provider); [ -z "$mixin_rule_p mixin_ui_path=$(uci -q get nikki.mixin.ui_path); [ -z "$mixin_ui_path" ] && uci set nikki.mixin.ui_path=ui -uci show nikki | grep -E 'nikki.@rule\[[[:digit:]]+\].match=' | sed 's/nikki.@rule\[\([[:digit:]]\+\)\].match=.*/rename nikki.@rule[\1].match=matcher/' | uci batch +uci show nikki | grep -E 'nikki\.@rule\[[[:digit:]]+\].match=' | sed 's/nikki.@rule\[\([[:digit:]]\+\)\].match=.*/rename nikki.@rule[\1].match=matcher/' | uci batch # since v1.19.1 @@ -111,6 +111,7 @@ proxy_transparent_proxy=$(uci -q get nikki.proxy.transparent_proxy); [ -n "$prox } # since v1.23.0 + routing=$(uci -q get nikki.routing); [ -z "$routing" ] && { uci set nikki.routing=routing uci set nikki.routing.tproxy_fw_mark=0x80 @@ -128,7 +129,8 @@ proxy_tun_timeout=$(uci -q get nikki.proxy.tun_timeout); [ -z "$proxy_tun_timeou proxy_tun_interval=$(uci -q get nikki.proxy.tun_interval); [ -z "$proxy_tun_interval" ] && uci set nikki.proxy.tun_interval=1 # since v1.23.1 -uci show nikki | grep -o -E 'nikki.@router_access_control\[[[:digit:]]+\]=router_access_control' | cut -d '=' -f 1 | while read -r router_access_control; do + +uci show nikki | grep -o -E 'nikki\.@router_access_control\[[[:digit:]]+\]=router_access_control' | cut -d '=' -f 1 | while read -r router_access_control; do for router_access_control_cgroup in $(uci -q get "$router_access_control.cgroup"); do [ -d "/sys/fs/cgroup/$router_access_control_cgroup" ] && continue [ -d "/sys/fs/cgroup/services/$router_access_control_cgroup" ] && { @@ -139,24 +141,27 @@ uci show nikki | grep -o -E 'nikki.@router_access_control\[[[:digit:]]+\]=router done # since v1.23.2 + env_disable_safe_path_check=$(uci -q get nikki.env.disable_safe_path_check); [ -n "$env_disable_safe_path_check" ] && uci del nikki.env.disable_safe_path_check env_skip_system_ipv6_check=$(uci -q get nikki.env.skip_system_ipv6_check); [ -z "$env_skip_system_ipv6_check" ] && uci set nikki.env.skip_system_ipv6_check=0 # since v1.23.3 -uci show nikki | grep -o -E 'nikki.@router_access_control\[[[:digit:]]+\]=router_access_control' | cut -d '=' -f 1 | while read -r router_access_control; do + +uci show nikki | grep -o -E 'nikki\.@router_access_control\[[[:digit:]]+\]=router_access_control' | cut -d '=' -f 1 | while read -r router_access_control; do router_access_control_proxy=$(uci -q get "$router_access_control.proxy") router_access_control_dns=$(uci -q get "$router_access_control.dns") [ -z "$router_access_control_dns" ] && uci set "$router_access_control.dns=$router_access_control_proxy" done -uci show nikki | grep -o -E 'nikki.@lan_access_control\[[[:digit:]]+\]=lan_access_control' | cut -d '=' -f 1 | while read -r lan_access_control; do +uci show nikki | grep -o -E 'nikki\.@lan_access_control\[[[:digit:]]+\]=lan_access_control' | cut -d '=' -f 1 | while read -r lan_access_control; do lan_access_control_proxy=$(uci -q get "$lan_access_control.proxy") lan_access_control_dns=$(uci -q get "$lan_access_control.dns") [ -z "$lan_access_control_dns" ] && uci set "$lan_access_control.dns=$lan_access_control_proxy" done # since v1.24.0 + proxy_reserved_ip=$(uci -q get nikki.proxy.reserved_ip); [ -z "$proxy_reserved_ip" ] && { uci add_list nikki.proxy.reserved_ip=0.0.0.0/8 uci add_list nikki.proxy.reserved_ip=10.0.0.0/8 diff --git a/small/v2ray-geodata/Makefile b/small/v2ray-geodata/Makefile index 6c46f36c97..85617d0e31 100644 --- a/small/v2ray-geodata/Makefile +++ b/small/v2ray-geodata/Makefile @@ -30,7 +30,7 @@ define Download/geosite HASH:=186158b6c2f67ac59e184ed997ebebcef31938be9874eb8a7d5e3854187f4e8d endef -GEOSITE_IRAN_VER:=202508250041 +GEOSITE_IRAN_VER:=202509010047 GEOSITE_IRAN_FILE:=iran.dat.$(GEOSITE_IRAN_VER) define Download/geosite-ir URL:=https://github.com/bootmortis/iran-hosted-domains/releases/download/$(GEOSITE_IRAN_VER)/ diff --git a/small/xray-core/Makefile b/small/xray-core/Makefile index eefd1d264a..8920893a26 100644 --- a/small/xray-core/Makefile +++ b/small/xray-core/Makefile @@ -1,12 +1,12 @@ include $(TOPDIR)/rules.mk PKG_NAME:=xray-core -PKG_VERSION:=25.8.3 +PKG_VERSION:=25.8.31 PKG_RELEASE:=1 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz PKG_SOURCE_URL:=https://codeload.github.com/XTLS/Xray-core/tar.gz/v$(PKG_VERSION)? -PKG_HASH:=a7d3785fdd46f1b045b1ef49a2a06e595c327f514b5ee8cd2ae7895813970b2c +PKG_HASH:=69f2586627b95c772cc640850db5786def538c547dc5fa22f7fa8025bae302d2 PKG_MAINTAINER:=Tianling Shen PKG_LICENSE:=MPL-2.0 diff --git a/v2rayng/AndroidLibXrayLite/go.mod b/v2rayng/AndroidLibXrayLite/go.mod index 2ebf3cfb3b..a4a597a6c8 100644 --- a/v2rayng/AndroidLibXrayLite/go.mod +++ b/v2rayng/AndroidLibXrayLite/go.mod @@ -3,7 +3,7 @@ module github.com/2dust/AndroidLibXrayLite go 1.25 require ( - github.com/xtls/xray-core v1.250803.1-0.20250829143322-81b7cd718ad5 + github.com/xtls/xray-core v1.250831.0 golang.org/x/mobile v0.0.0-20250813145510-f12310a0cfd9 ) diff --git a/v2rayng/AndroidLibXrayLite/go.sum b/v2rayng/AndroidLibXrayLite/go.sum index 97b7c34c5c..3871b0951f 100644 --- a/v2rayng/AndroidLibXrayLite/go.sum +++ b/v2rayng/AndroidLibXrayLite/go.sum @@ -73,8 +73,8 @@ github.com/vishvananda/netns v0.0.5 h1:DfiHV+j8bA32MFM7bfEunvT8IAqQ/NzSJHtcmW5zd github.com/vishvananda/netns v0.0.5/go.mod h1:SpkAiCQRtJ6TvvxPnOSyH3BMl6unz3xZlaprSwhNNJM= github.com/xtls/reality v0.0.0-20250828044527-046fad5ab64f h1:o1Kryl9qEYYzNep9RId9DM1kBn8tBrcK5UJnti/l0NI= github.com/xtls/reality v0.0.0-20250828044527-046fad5ab64f/go.mod h1:XxvnCCgBee4WWE0bc4E+a7wbk8gkJ/rS0vNVNtC5qp0= -github.com/xtls/xray-core v1.250803.1-0.20250829143322-81b7cd718ad5 h1:rBqCVgic8yIUVHB4h26K8JNuwJuNj45egsdXxwEvA7E= -github.com/xtls/xray-core v1.250803.1-0.20250829143322-81b7cd718ad5/go.mod h1:WB/73DmN9Vs7lxtx4Xc/D0Ub1VUu06hAh1mMh8JN2uM= +github.com/xtls/xray-core v1.250831.0 h1:0EWgE0eflLNqIudM/5c9SWA0Gegc3mgVsD5VNUqDHGE= +github.com/xtls/xray-core v1.250831.0/go.mod h1:WB/73DmN9Vs7lxtx4Xc/D0Ub1VUu06hAh1mMh8JN2uM= github.com/xyproto/randomstring v1.0.5 h1:YtlWPoRdgMu3NZtP45drfy1GKoojuR7hmRcnhZqKjWU= github.com/xyproto/randomstring v1.0.5/go.mod h1:rgmS5DeNXLivK7YprL0pY+lTuhNQW3iGxZ18UQApw/E= go.opentelemetry.io/auto/sdk v1.1.0 h1:cH53jehLUN6UFLY71z+NDOiNJqDdPRaXzTel0sJySYA= @@ -135,7 +135,7 @@ gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C gopkg.in/yaml.v3 v3.0.0-20200605160147-a5ece683394c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA= gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= -gvisor.dev/gvisor v0.0.0-20231020174304-b8a429915ff1 h1:qDCwdCWECGnwQSQC01Dpnp09fRHxJs9PbktotUqG+hs= -gvisor.dev/gvisor v0.0.0-20231020174304-b8a429915ff1/go.mod h1:8hmigyCdYtw5xJGfQDJzSH5Ju8XEIDBnpyi8+O6GRt8= +gvisor.dev/gvisor v0.0.0-20250606001031-fa4c4dd86b43 h1:BEymU11L8DZSC4GNK48JYIR8EcHs+gFxtg9YfYlp68c= +gvisor.dev/gvisor v0.0.0-20250606001031-fa4c4dd86b43/go.mod h1:3r5CMtNQMKIvBlrmM9xWUNamjKBYPOWyXOjmg5Kts3g= lukechampine.com/blake3 v1.4.1 h1:I3Smz7gso8w4/TunLKec6K2fn+kyKtDxr/xcQEN84Wg= lukechampine.com/blake3 v1.4.1/go.mod h1:QFosUxmjB8mnrWFSNwKmvxHpfY72bmD2tQ0kBMM3kwo= diff --git a/v2rayng/V2rayNG/app/build.gradle.kts b/v2rayng/V2rayNG/app/build.gradle.kts index 0f6c0041ad..a3f167ef4b 100644 --- a/v2rayng/V2rayNG/app/build.gradle.kts +++ b/v2rayng/V2rayNG/app/build.gradle.kts @@ -12,8 +12,8 @@ android { applicationId = "com.v2ray.ang" minSdk = 21 targetSdk = 35 - versionCode = 670 - versionName = "1.10.20" + versionCode = 671 + versionName = "1.10.21" multiDexEnabled = true val abiFilterList = (properties["ABI_FILTERS"] as? String)?.split(';') diff --git a/xray-core/common/buf/io.go b/xray-core/common/buf/io.go index 0b3cc6b298..e1de461dc9 100644 --- a/xray-core/common/buf/io.go +++ b/xray-core/common/buf/io.go @@ -54,12 +54,16 @@ func (r *TimeoutWrapperReader) ReadMultiBufferTimeout(duration time.Duration) (M close(r.done) }() } - time.Sleep(duration) + timeout := make(chan struct{}) + go func() { + time.Sleep(duration) + close(timeout) + }() select { case <-r.done: r.done = nil return r.mb, r.err - default: + case <-timeout: return nil, nil } } diff --git a/xray-core/common/buf/writer.go b/xray-core/common/buf/writer.go index 8c348a4657..6ff8a6b6b0 100644 --- a/xray-core/common/buf/writer.go +++ b/xray-core/common/buf/writer.go @@ -75,9 +75,10 @@ func (w *BufferToBytesWriter) ReadFrom(reader io.Reader) (int64, error) { // BufferedWriter is a Writer with internal buffer. type BufferedWriter struct { sync.Mutex - writer Writer - buffer *Buffer - buffered bool + writer Writer + buffer *Buffer + buffered bool + flushNext bool } // NewBufferedWriter creates a new BufferedWriter. @@ -161,6 +162,12 @@ func (w *BufferedWriter) WriteMultiBuffer(b MultiBuffer) error { } } + if w.flushNext { + w.buffered = false + w.flushNext = false + return w.flushInternal() + } + return nil } @@ -201,6 +208,13 @@ func (w *BufferedWriter) SetBuffered(f bool) error { return nil } +// SetFlushNext will wait the next WriteMultiBuffer to flush and set buffered = false +func (w *BufferedWriter) SetFlushNext() { + w.Lock() + defer w.Unlock() + w.flushNext = true +} + // ReadFrom implements io.ReaderFrom. func (w *BufferedWriter) ReadFrom(reader io.Reader) (int64, error) { if err := w.SetBuffered(false); err != nil { diff --git a/xray-core/proxy/freedom/freedom.go b/xray-core/proxy/freedom/freedom.go index f8d64812f0..9429e27afe 100644 --- a/xray-core/proxy/freedom/freedom.go +++ b/xray-core/proxy/freedom/freedom.go @@ -26,7 +26,6 @@ import ( "github.com/xtls/xray-core/transport" "github.com/xtls/xray-core/transport/internet" "github.com/xtls/xray-core/transport/internet/stat" - "github.com/xtls/xray-core/transport/internet/tls" ) var useSplice bool @@ -212,16 +211,14 @@ func (h *Handler) Process(ctx context.Context, link *transport.Link, dialer inte responseDone := func() error { defer timer.SetTimeout(plcy.Timeouts.UplinkOnly) - if destination.Network == net.Network_TCP { + if destination.Network == net.Network_TCP && useSplice && proxy.IsRAWTransport(conn) { // it would be tls conn in special use case of MITM, we need to let link handle traffic var writeConn net.Conn var inTimer *signal.ActivityTimer - if inbound := session.InboundFromContext(ctx); inbound != nil && inbound.Conn != nil && useSplice { + if inbound := session.InboundFromContext(ctx); inbound != nil && inbound.Conn != nil { writeConn = inbound.Conn inTimer = inbound.Timer } - if !isTLSConn(conn) { // it would be tls conn in special use case of MITM, we need to let link handle traffic - return proxy.CopyRawConnIfExist(ctx, conn, writeConn, link.Writer, timer, inTimer) - } + return proxy.CopyRawConnIfExist(ctx, conn, writeConn, link.Writer, timer, inTimer) } var reader buf.Reader if destination.Network == net.Network_TCP { @@ -246,22 +243,6 @@ func (h *Handler) Process(ctx context.Context, link *transport.Link, dialer inte return nil } -func isTLSConn(conn stat.Connection) bool { - if conn != nil { - statConn, ok := conn.(*stat.CounterConnection) - if ok { - conn = statConn.Connection - } - if _, ok := conn.(*tls.Conn); ok { - return true - } - if _, ok := conn.(*tls.UConn); ok { - return true - } - } - return false -} - func NewPacketReader(conn net.Conn, UDPOverride net.Destination, DialDest net.Destination) buf.Reader { iConn := conn statConn, ok := iConn.(*stat.CounterConnection) diff --git a/xray-core/proxy/proxy.go b/xray-core/proxy/proxy.go index edfa63d05a..157493bf71 100644 --- a/xray-core/proxy/proxy.go +++ b/xray-core/proxy/proxy.go @@ -177,63 +177,109 @@ type VisionReader struct { trafficState *TrafficState ctx context.Context isUplink bool + conn net.Conn + input *bytes.Reader + rawInput *bytes.Buffer + ob *session.Outbound + + // internal + directReadCounter stats.Counter } -func NewVisionReader(reader buf.Reader, state *TrafficState, isUplink bool, context context.Context) *VisionReader { +func NewVisionReader(reader buf.Reader, trafficState *TrafficState, isUplink bool, ctx context.Context, conn net.Conn, input *bytes.Reader, rawInput *bytes.Buffer, ob *session.Outbound) *VisionReader { return &VisionReader{ Reader: reader, - trafficState: state, - ctx: context, + trafficState: trafficState, + ctx: ctx, isUplink: isUplink, + conn: conn, + input: input, + rawInput: rawInput, + ob: ob, } } func (w *VisionReader) ReadMultiBuffer() (buf.MultiBuffer, error) { buffer, err := w.Reader.ReadMultiBuffer() - if !buffer.IsEmpty() { - var withinPaddingBuffers *bool - var remainingContent *int32 - var remainingPadding *int32 - var currentCommand *int - var switchToDirectCopy *bool - if w.isUplink { - withinPaddingBuffers = &w.trafficState.Inbound.WithinPaddingBuffers - remainingContent = &w.trafficState.Inbound.RemainingContent - remainingPadding = &w.trafficState.Inbound.RemainingPadding - currentCommand = &w.trafficState.Inbound.CurrentCommand - switchToDirectCopy = &w.trafficState.Inbound.UplinkReaderDirectCopy - } else { - withinPaddingBuffers = &w.trafficState.Outbound.WithinPaddingBuffers - remainingContent = &w.trafficState.Outbound.RemainingContent - remainingPadding = &w.trafficState.Outbound.RemainingPadding - currentCommand = &w.trafficState.Outbound.CurrentCommand - switchToDirectCopy = &w.trafficState.Outbound.DownlinkReaderDirectCopy - } + if buffer.IsEmpty() { + return buffer, err + } - if *withinPaddingBuffers || w.trafficState.NumberOfPacketToFilter > 0 { - mb2 := make(buf.MultiBuffer, 0, len(buffer)) - for _, b := range buffer { - newbuffer := XtlsUnpadding(b, w.trafficState, w.isUplink, w.ctx) - if newbuffer.Len() > 0 { - mb2 = append(mb2, newbuffer) - } - } - buffer = mb2 - if *remainingContent > 0 || *remainingPadding > 0 || *currentCommand == 0 { - *withinPaddingBuffers = true - } else if *currentCommand == 1 { - *withinPaddingBuffers = false - } else if *currentCommand == 2 { - *withinPaddingBuffers = false - *switchToDirectCopy = true - } else { - errors.LogInfo(w.ctx, "XtlsRead unknown command ", *currentCommand, buffer.Len()) + var withinPaddingBuffers *bool + var remainingContent *int32 + var remainingPadding *int32 + var currentCommand *int + var switchToDirectCopy *bool + if w.isUplink { + withinPaddingBuffers = &w.trafficState.Inbound.WithinPaddingBuffers + remainingContent = &w.trafficState.Inbound.RemainingContent + remainingPadding = &w.trafficState.Inbound.RemainingPadding + currentCommand = &w.trafficState.Inbound.CurrentCommand + switchToDirectCopy = &w.trafficState.Inbound.UplinkReaderDirectCopy + } else { + withinPaddingBuffers = &w.trafficState.Outbound.WithinPaddingBuffers + remainingContent = &w.trafficState.Outbound.RemainingContent + remainingPadding = &w.trafficState.Outbound.RemainingPadding + currentCommand = &w.trafficState.Outbound.CurrentCommand + switchToDirectCopy = &w.trafficState.Outbound.DownlinkReaderDirectCopy + } + + if *switchToDirectCopy { + if w.directReadCounter != nil { + w.directReadCounter.Add(int64(buffer.Len())) + } + return buffer, err + } + + if *withinPaddingBuffers || w.trafficState.NumberOfPacketToFilter > 0 { + mb2 := make(buf.MultiBuffer, 0, len(buffer)) + for _, b := range buffer { + newbuffer := XtlsUnpadding(b, w.trafficState, w.isUplink, w.ctx) + if newbuffer.Len() > 0 { + mb2 = append(mb2, newbuffer) } } - if w.trafficState.NumberOfPacketToFilter > 0 { - XtlsFilterTls(buffer, w.trafficState, w.ctx) + buffer = mb2 + if *remainingContent > 0 || *remainingPadding > 0 || *currentCommand == 0 { + *withinPaddingBuffers = true + } else if *currentCommand == 1 { + *withinPaddingBuffers = false + } else if *currentCommand == 2 { + *withinPaddingBuffers = false + *switchToDirectCopy = true + } else { + errors.LogInfo(w.ctx, "XtlsRead unknown command ", *currentCommand, buffer.Len()) } } + if w.trafficState.NumberOfPacketToFilter > 0 { + XtlsFilterTls(buffer, w.trafficState, w.ctx) + } + + if *switchToDirectCopy { + // XTLS Vision processes TLS-like conn's input and rawInput + if inputBuffer, err := buf.ReadFrom(w.input); err == nil && !inputBuffer.IsEmpty() { + buffer, _ = buf.MergeMulti(buffer, inputBuffer) + } + if rawInputBuffer, err := buf.ReadFrom(w.rawInput); err == nil && !rawInputBuffer.IsEmpty() { + buffer, _ = buf.MergeMulti(buffer, rawInputBuffer) + } + *w.input = bytes.Reader{} // release memory + w.input = nil + *w.rawInput = bytes.Buffer{} // release memory + w.rawInput = nil + + if inbound := session.InboundFromContext(w.ctx); inbound != nil && inbound.Conn != nil { + if w.isUplink && inbound.CanSpliceCopy == 2 { + inbound.CanSpliceCopy = 1 + } + if !w.isUplink && w.ob != nil && w.ob.CanSpliceCopy == 2 { // ob need to be passed in due to context can have more than one ob + w.ob.CanSpliceCopy = 1 + } + } + readerConn, readCounter, _ := UnwrapRawConn(w.conn) + w.directReadCounter = readCounter + w.Reader = buf.NewReader(readerConn) + } return buffer, err } @@ -241,28 +287,32 @@ func (w *VisionReader) ReadMultiBuffer() (buf.MultiBuffer, error) { // Note Vision probably only make sense as the inner most layer of writer, since it need assess traffic state from origin proxy traffic type VisionWriter struct { buf.Writer - trafficState *TrafficState - ctx context.Context - writeOnceUserUUID []byte - isUplink bool + trafficState *TrafficState + ctx context.Context + isUplink bool + conn net.Conn + ob *session.Outbound + + // internal + writeOnceUserUUID []byte + directWriteCounter stats.Counter } -func NewVisionWriter(writer buf.Writer, state *TrafficState, isUplink bool, context context.Context) *VisionWriter { - w := make([]byte, len(state.UserUUID)) - copy(w, state.UserUUID) +func NewVisionWriter(writer buf.Writer, trafficState *TrafficState, isUplink bool, ctx context.Context, conn net.Conn, ob *session.Outbound) *VisionWriter { + w := make([]byte, len(trafficState.UserUUID)) + copy(w, trafficState.UserUUID) return &VisionWriter{ Writer: writer, - trafficState: state, - ctx: context, + trafficState: trafficState, + ctx: ctx, writeOnceUserUUID: w, isUplink: isUplink, + conn: conn, + ob: ob, } } func (w *VisionWriter) WriteMultiBuffer(mb buf.MultiBuffer) error { - if w.trafficState.NumberOfPacketToFilter > 0 { - XtlsFilterTls(mb, w.trafficState, w.ctx) - } var isPadding *bool var switchToDirectCopy *bool if w.isUplink { @@ -272,6 +322,29 @@ func (w *VisionWriter) WriteMultiBuffer(mb buf.MultiBuffer) error { isPadding = &w.trafficState.Inbound.IsPadding switchToDirectCopy = &w.trafficState.Inbound.DownlinkWriterDirectCopy } + + if *switchToDirectCopy { + if inbound := session.InboundFromContext(w.ctx); inbound != nil { + if !w.isUplink && inbound.CanSpliceCopy == 2 { + inbound.CanSpliceCopy = 1 + } + if w.isUplink && w.ob != nil && w.ob.CanSpliceCopy == 2 { + w.ob.CanSpliceCopy = 1 + } + } + rawConn, _, writerCounter := UnwrapRawConn(w.conn) + w.Writer = buf.NewWriter(rawConn) + w.directWriteCounter = writerCounter + *switchToDirectCopy = false + } + if !mb.IsEmpty() && w.directWriteCounter != nil { + w.directWriteCounter.Add(int64(mb.Len())) + } + + if w.trafficState.NumberOfPacketToFilter > 0 { + XtlsFilterTls(mb, w.trafficState, w.ctx) + } + if *isPadding { if len(mb) == 1 && mb[0] == nil { mb[0] = XtlsPadding(nil, CommandPaddingContinue, &w.writeOnceUserUUID, true, w.ctx) // we do a long padding to hide vless header diff --git a/xray-core/proxy/vless/encoding/addons.go b/xray-core/proxy/vless/encoding/addons.go index 4474e3c970..77b0986110 100644 --- a/xray-core/proxy/vless/encoding/addons.go +++ b/xray-core/proxy/vless/encoding/addons.go @@ -3,10 +3,12 @@ package encoding import ( "context" "io" + "net" "github.com/xtls/xray-core/common/buf" "github.com/xtls/xray-core/common/errors" "github.com/xtls/xray-core/common/protocol" + "github.com/xtls/xray-core/common/session" "github.com/xtls/xray-core/proxy" "github.com/xtls/xray-core/proxy/vless" "google.golang.org/protobuf/proto" @@ -61,15 +63,14 @@ func DecodeHeaderAddons(buffer *buf.Buffer, reader io.Reader) (*Addons, error) { } // EncodeBodyAddons returns a Writer that auto-encrypt content written by caller. -func EncodeBodyAddons(writer io.Writer, request *protocol.RequestHeader, requestAddons *Addons, state *proxy.TrafficState, isUplink bool, context context.Context) buf.Writer { +func EncodeBodyAddons(writer buf.Writer, request *protocol.RequestHeader, requestAddons *Addons, state *proxy.TrafficState, isUplink bool, context context.Context, conn net.Conn, ob *session.Outbound) buf.Writer { if request.Command == protocol.RequestCommandUDP { - return NewMultiLengthPacketWriter(writer.(buf.Writer)) + return NewMultiLengthPacketWriter(writer) } - w := buf.NewWriter(writer) if requestAddons.Flow == vless.XRV { - w = proxy.NewVisionWriter(w, state, isUplink, context) + return proxy.NewVisionWriter(writer, state, isUplink, context, conn, ob) } - return w + return writer } // DecodeBodyAddons returns a Reader from which caller can fetch decrypted body. diff --git a/xray-core/proxy/vless/encoding/encoding.go b/xray-core/proxy/vless/encoding/encoding.go index da3a25176f..c830ac624f 100644 --- a/xray-core/proxy/vless/encoding/encoding.go +++ b/xray-core/proxy/vless/encoding/encoding.go @@ -1,7 +1,6 @@ package encoding import ( - "bytes" "context" "io" @@ -11,7 +10,6 @@ import ( "github.com/xtls/xray-core/common/protocol" "github.com/xtls/xray-core/common/session" "github.com/xtls/xray-core/common/signal" - "github.com/xtls/xray-core/features/stats" "github.com/xtls/xray-core/proxy" "github.com/xtls/xray-core/proxy/vless" ) @@ -171,8 +169,8 @@ func DecodeResponseHeader(reader io.Reader, request *protocol.RequestHeader) (*A return responseAddons, nil } -// XtlsRead filter and read xtls protocol -func XtlsRead(reader buf.Reader, writer buf.Writer, timer *signal.ActivityTimer, conn net.Conn, input *bytes.Reader, rawInput *bytes.Buffer, trafficState *proxy.TrafficState, ob *session.Outbound, isUplink bool, ctx context.Context) error { +// XtlsRead can switch to splice copy +func XtlsRead(reader buf.Reader, writer buf.Writer, timer *signal.ActivityTimer, conn net.Conn, trafficState *proxy.TrafficState, isUplink bool, ctx context.Context) error { err := func() error { for { if isUplink && trafficState.Inbound.UplinkReaderDirectCopy || !isUplink && trafficState.Outbound.DownlinkReaderDirectCopy { @@ -181,74 +179,11 @@ func XtlsRead(reader buf.Reader, writer buf.Writer, timer *signal.ActivityTimer, if inbound := session.InboundFromContext(ctx); inbound != nil && inbound.Conn != nil { writerConn = inbound.Conn inTimer = inbound.Timer - if isUplink && inbound.CanSpliceCopy == 2 { - inbound.CanSpliceCopy = 1 - } - if !isUplink && ob != nil && ob.CanSpliceCopy == 2 { // ob need to be passed in due to context can change - ob.CanSpliceCopy = 1 - } } return proxy.CopyRawConnIfExist(ctx, conn, writerConn, writer, timer, inTimer) } buffer, err := reader.ReadMultiBuffer() if !buffer.IsEmpty() { - timer.Update() - if isUplink && trafficState.Inbound.UplinkReaderDirectCopy || !isUplink && trafficState.Outbound.DownlinkReaderDirectCopy { - // XTLS Vision processes TLS-like conn's input and rawInput - if inputBuffer, err := buf.ReadFrom(input); err == nil && !inputBuffer.IsEmpty() { - buffer, _ = buf.MergeMulti(buffer, inputBuffer) - } - if rawInputBuffer, err := buf.ReadFrom(rawInput); err == nil && !rawInputBuffer.IsEmpty() { - buffer, _ = buf.MergeMulti(buffer, rawInputBuffer) - } - *input = bytes.Reader{} // release memory - input = nil - *rawInput = bytes.Buffer{} // release memory - rawInput = nil - } - if werr := writer.WriteMultiBuffer(buffer); werr != nil { - return werr - } - } - if err != nil { - return err - } - } - }() - if err != nil && errors.Cause(err) != io.EOF { - return err - } - return nil -} - -// XtlsWrite filter and write xtls protocol -func XtlsWrite(reader buf.Reader, writer buf.Writer, timer signal.ActivityUpdater, conn net.Conn, trafficState *proxy.TrafficState, ob *session.Outbound, isUplink bool, ctx context.Context) error { - err := func() error { - var ct stats.Counter - for { - buffer, err := reader.ReadMultiBuffer() - if isUplink && trafficState.Outbound.UplinkWriterDirectCopy || !isUplink && trafficState.Inbound.DownlinkWriterDirectCopy { - if inbound := session.InboundFromContext(ctx); inbound != nil { - if !isUplink && inbound.CanSpliceCopy == 2 { - inbound.CanSpliceCopy = 1 - } - if isUplink && ob != nil && ob.CanSpliceCopy == 2 { - ob.CanSpliceCopy = 1 - } - } - rawConn, _, writerCounter := proxy.UnwrapRawConn(conn) - writer = buf.NewWriter(rawConn) - ct = writerCounter - if isUplink { - trafficState.Outbound.UplinkWriterDirectCopy = false - } else { - trafficState.Inbound.DownlinkWriterDirectCopy = false - } - } - if !buffer.IsEmpty() { - if ct != nil { - ct.Add(int64(buffer.Len())) - } timer.Update() if werr := writer.WriteMultiBuffer(buffer); werr != nil { return werr diff --git a/xray-core/proxy/vless/encryption/server.go b/xray-core/proxy/vless/encryption/server.go index 89161da299..48924a7e32 100644 --- a/xray-core/proxy/vless/encryption/server.go +++ b/xray-core/proxy/vless/encryption/server.go @@ -124,13 +124,16 @@ func (i *ServerInstance) Handshake(conn net.Conn, fallback *[]byte) (*CommonConn index = 1088 } if i.XorMode > 0 { - NewCTR(i.NfsPKeysBytes[j], iv).XORKeyStream(relays, relays[:index]) // we don't use buggy elligator, because we have PSK :) + NewCTR(i.NfsPKeysBytes[j], iv).XORKeyStream(relays, relays[:index]) // we don't use buggy elligator2, because we have PSK :) } if k, ok := k.(*ecdh.PrivateKey); ok { publicKey, err := ecdh.X25519().NewPublicKey(relays[:index]) if err != nil { return nil, err } + if publicKey.Bytes()[31] > 127 { // we just don't want the observer can change even one bit without breaking the connection, though it has nothing to do with security + return nil, errors.New("the highest bit of the last byte of the peer-sent X25519 public key must be 0") + } nfsKey, err = k.ECDH(publicKey) if err != nil { return nil, err diff --git a/xray-core/proxy/vless/inbound/inbound.go b/xray-core/proxy/vless/inbound/inbound.go index 617313bdde..54c7e76b33 100644 --- a/xray-core/proxy/vless/inbound/inbound.go +++ b/xray-core/proxy/vless/inbound/inbound.go @@ -31,6 +31,7 @@ import ( "github.com/xtls/xray-core/proxy/vless" "github.com/xtls/xray-core/proxy/vless/encoding" "github.com/xtls/xray-core/proxy/vless/encryption" + "github.com/xtls/xray-core/transport" "github.com/xtls/xray-core/transport/internet/reality" "github.com/xtls/xray-core/transport/internet/stat" "github.com/xtls/xray-core/transport/internet/tls" @@ -551,89 +552,24 @@ func (h *Handler) Process(ctx context.Context, network net.Network, connection s ctx = session.ContextWithAllowedNetwork(ctx, net.Network_UDP) } - sessionPolicy = h.policyManager.ForLevel(request.User.Level) - ctx, cancel := context.WithCancel(ctx) - timer := signal.CancelAfterInactivity(ctx, cancel, sessionPolicy.Timeouts.ConnectionIdle) - inbound.Timer = timer - ctx = policy.ContextWithBufferPolicy(ctx, sessionPolicy.Buffer) - - link, err := dispatcher.Dispatch(ctx, request.Destination()) - if err != nil { - return errors.New("failed to dispatch request to ", request.Destination()).Base(err).AtWarning() - } - - serverReader := link.Reader // .(*pipe.Reader) - serverWriter := link.Writer // .(*pipe.Writer) trafficState := proxy.NewTrafficState(userSentID) - postRequest := func() error { - defer timer.SetTimeout(sessionPolicy.Timeouts.DownlinkOnly) - - // default: clientReader := reader - clientReader := encoding.DecodeBodyAddons(reader, request, requestAddons) - - var err error - - if requestAddons.Flow == vless.XRV { - ctx1 := session.ContextWithInbound(ctx, nil) // TODO enable splice - clientReader = proxy.NewVisionReader(clientReader, trafficState, true, ctx1) - err = encoding.XtlsRead(clientReader, serverWriter, timer, connection, input, rawInput, trafficState, nil, true, ctx1) - } else { - // from clientReader.ReadMultiBuffer to serverWriter.WriteMultiBuffer - err = buf.Copy(clientReader, serverWriter, buf.UpdateActivity(timer)) - } - - if err != nil { - return errors.New("failed to transfer request payload").Base(err).AtInfo() - } - - return nil + clientReader := encoding.DecodeBodyAddons(reader, request, requestAddons) + if requestAddons.Flow == vless.XRV { + clientReader = proxy.NewVisionReader(clientReader, trafficState, true, ctx, connection, input, rawInput, nil) } - getResponse := func() error { - defer timer.SetTimeout(sessionPolicy.Timeouts.UplinkOnly) - - bufferWriter := buf.NewBufferedWriter(buf.NewWriter(connection)) - if err := encoding.EncodeResponseHeader(bufferWriter, request, responseAddons); err != nil { - return errors.New("failed to encode response header").Base(err).AtWarning() - } - - // default: clientWriter := bufferWriter - clientWriter := encoding.EncodeBodyAddons(bufferWriter, request, requestAddons, trafficState, false, ctx) - multiBuffer, err1 := serverReader.ReadMultiBuffer() - if err1 != nil { - return err1 // ... - } - if err := clientWriter.WriteMultiBuffer(multiBuffer); err != nil { - return err // ... - } - // Flush; bufferWriter.WriteMultiBuffer now is bufferWriter.writer.WriteMultiBuffer - if err := bufferWriter.SetBuffered(false); err != nil { - return errors.New("failed to write A response payload").Base(err).AtWarning() - } - - var err error - if requestAddons.Flow == vless.XRV { - err = encoding.XtlsWrite(serverReader, clientWriter, timer, connection, trafficState, nil, false, ctx) - } else { - // from serverReader.ReadMultiBuffer to clientWriter.WriteMultiBuffer - err = buf.Copy(serverReader, clientWriter, buf.UpdateActivity(timer)) - } - if err != nil { - return errors.New("failed to transfer response payload").Base(err).AtInfo() - } - // Indicates the end of response payload. - switch responseAddons.Flow { - default: - } - - return nil + bufferWriter := buf.NewBufferedWriter(buf.NewWriter(connection)) + if err := encoding.EncodeResponseHeader(bufferWriter, request, responseAddons); err != nil { + return errors.New("failed to encode response header").Base(err).AtWarning() } + clientWriter := encoding.EncodeBodyAddons(bufferWriter, request, requestAddons, trafficState, false, ctx, connection, nil) + bufferWriter.SetFlushNext() - if err := task.Run(ctx, task.OnSuccess(postRequest, task.Close(serverWriter)), getResponse); err != nil { - common.Interrupt(serverReader) - common.Interrupt(serverWriter) - return errors.New("connection ends").Base(err).AtInfo() + if err := dispatcher.DispatchLink(ctx, request.Destination(), &transport.Link{ + Reader: &buf.TimeoutWrapperReader{Reader: clientReader}, + Writer: clientWriter}, + ); err != nil { + return errors.New("failed to dispatch request").Base(err) } - return nil } diff --git a/xray-core/proxy/vless/outbound/outbound.go b/xray-core/proxy/vless/outbound/outbound.go index 76352a0a9b..e04a0e23b2 100644 --- a/xray-core/proxy/vless/outbound/outbound.go +++ b/xray-core/proxy/vless/outbound/outbound.go @@ -225,7 +225,7 @@ func (h *Handler) Process(ctx context.Context, link *transport.Link, dialer inte } // default: serverWriter := bufferWriter - serverWriter := encoding.EncodeBodyAddons(bufferWriter, request, requestAddons, trafficState, true, ctx) + serverWriter := encoding.EncodeBodyAddons(bufferWriter, request, requestAddons, trafficState, true, ctx, conn, ob) if request.Command == protocol.RequestCommandMux && request.Port == 666 { serverWriter = xudp.NewPacketWriter(serverWriter, target, xudp.GetGlobalID(ctx)) } @@ -253,7 +253,6 @@ func (h *Handler) Process(ctx context.Context, link *transport.Link, dialer inte return errors.New("failed to write A request payload").Base(err).AtWarning() } - var err error if requestAddons.Flow == vless.XRV { if tlsConn, ok := iConn.(*tls.Conn); ok { if tlsConn.ConnectionState().Version != gotls.VersionTLS13 { @@ -264,12 +263,8 @@ func (h *Handler) Process(ctx context.Context, link *transport.Link, dialer inte return errors.New(`failed to use `+requestAddons.Flow+`, found outer tls version `, utlsConn.ConnectionState().Version).AtWarning() } } - ctx1 := session.ContextWithInbound(ctx, nil) // TODO enable splice - err = encoding.XtlsWrite(clientReader, serverWriter, timer, conn, trafficState, ob, true, ctx1) - } else { - // from clientReader.ReadMultiBuffer to serverWriter.WriteMultiBuffer - err = buf.Copy(clientReader, serverWriter, buf.UpdateActivity(timer)) } + err := buf.Copy(clientReader, serverWriter, buf.UpdateActivity(timer)) if err != nil { return errors.New("failed to transfer request payload").Base(err).AtInfo() } @@ -292,7 +287,7 @@ func (h *Handler) Process(ctx context.Context, link *transport.Link, dialer inte // default: serverReader := buf.NewReader(conn) serverReader := encoding.DecodeBodyAddons(conn, request, responseAddons) if requestAddons.Flow == vless.XRV { - serverReader = proxy.NewVisionReader(serverReader, trafficState, false, ctx) + serverReader = proxy.NewVisionReader(serverReader, trafficState, false, ctx, conn, input, rawInput, ob) } if request.Command == protocol.RequestCommandMux && request.Port == 666 { if requestAddons.Flow == vless.XRV { @@ -303,7 +298,7 @@ func (h *Handler) Process(ctx context.Context, link *transport.Link, dialer inte } if requestAddons.Flow == vless.XRV { - err = encoding.XtlsRead(serverReader, clientWriter, timer, conn, input, rawInput, trafficState, ob, false, ctx) + err = encoding.XtlsRead(serverReader, clientWriter, timer, conn, trafficState, false, ctx) } else { // from serverReader.ReadMultiBuffer to clientWriter.WriteMultiBuffer err = buf.Copy(serverReader, clientWriter, buf.UpdateActivity(timer))