mirror of
https://github.com/e1732a364fed/v2ray_simple.git
synced 2025-10-10 11:10:20 +08:00
108 lines
2.4 KiB
Go
108 lines
2.4 KiB
Go
package proxy
|
||
|
||
import (
|
||
"net"
|
||
"net/url"
|
||
|
||
"github.com/e1732a364fed/v2ray_simple/httpLayer"
|
||
"github.com/e1732a364fed/v2ray_simple/tlsLayer"
|
||
)
|
||
|
||
//use dc.Host, dc.Insecure, dc.Utls, dc.Alpn.
|
||
func prepareTLS_forClient(com ProxyCommon, dc *DialConf) error {
|
||
alpnList := dc.Alpn
|
||
|
||
clic := com.getCommon()
|
||
if clic == nil {
|
||
return nil
|
||
}
|
||
|
||
switch com.AdvancedLayer() {
|
||
case "quic":
|
||
clic.setNetwork("udp")
|
||
return nil
|
||
case "grpc":
|
||
has_h2 := false
|
||
for _, a := range alpnList {
|
||
if a == httpLayer.H2_Str {
|
||
has_h2 = true
|
||
break
|
||
}
|
||
}
|
||
if !has_h2 {
|
||
alpnList = append([]string{httpLayer.H2_Str}, alpnList...)
|
||
}
|
||
}
|
||
clic.setTLS_Client(tlsLayer.NewClient(dc.Host, dc.Insecure, dc.Utls, alpnList))
|
||
return nil
|
||
}
|
||
|
||
//use lc.Host, lc.TLSCert, lc.TLSKey, lc.Insecure, lc.Alpn.
|
||
func prepareTLS_forServer(com ProxyCommon, lc *ListenConf) error {
|
||
// 这里直接不检查 字符串就直接传给 tlsLayer.NewServer
|
||
// 所以要求 cert和 key 不在程序本身目录 的话,就要给出完整路径
|
||
|
||
serc := com.getCommon()
|
||
if serc == nil {
|
||
return nil
|
||
}
|
||
|
||
alpnList := lc.Alpn
|
||
switch com.AdvancedLayer() {
|
||
case "quic":
|
||
|
||
serc.setNetwork("udp")
|
||
return nil
|
||
|
||
case "grpc":
|
||
has_h2 := false
|
||
for _, a := range alpnList {
|
||
if a == httpLayer.H2_Str {
|
||
has_h2 = true
|
||
break
|
||
}
|
||
}
|
||
if !has_h2 {
|
||
alpnList = append([]string{httpLayer.H2_Str}, alpnList...)
|
||
}
|
||
}
|
||
|
||
tlsserver, err := tlsLayer.NewServer(lc.Host, lc.TLSCert, lc.TLSKey, lc.Insecure, alpnList)
|
||
if err == nil {
|
||
serc.setTLS_Server(tlsserver)
|
||
} else {
|
||
return err
|
||
}
|
||
return nil
|
||
}
|
||
|
||
//给 ProxyCommon 的tls做一些配置上的准备,从url读取配置
|
||
func prepareTLS_forProxyCommon_withURL(u *url.URL, isclient bool, com ProxyCommon) error {
|
||
insecureStr := u.Query().Get("insecure")
|
||
insecure := false
|
||
if insecureStr != "" && insecureStr != "false" && insecureStr != "0" {
|
||
insecure = true
|
||
}
|
||
|
||
if isclient {
|
||
utlsStr := u.Query().Get("utls")
|
||
useUtls := utlsStr != "" && utlsStr != "false" && utlsStr != "0"
|
||
com.getCommon().setTLS_Client(tlsLayer.NewClient(u.Host, insecure, useUtls, nil))
|
||
|
||
} else {
|
||
certFile := u.Query().Get("cert")
|
||
keyFile := u.Query().Get("key")
|
||
|
||
hostAndPort := u.Host
|
||
sni, _, _ := net.SplitHostPort(hostAndPort)
|
||
|
||
tlsserver, err := tlsLayer.NewServer(sni, certFile, keyFile, insecure, nil)
|
||
if err == nil {
|
||
com.getCommon().setTLS_Server(tlsserver)
|
||
} else {
|
||
return err
|
||
}
|
||
}
|
||
return nil
|
||
}
|