Xray-core/infra/conf/freedom.go

package conf

import (
	"net"
	"strconv"
	"strings"

	"github.com/golang/protobuf/proto"
	v2net "github.com/xtls/xray-core/common/net"
	"github.com/xtls/xray-core/common/protocol"
	"github.com/xtls/xray-core/proxy/freedom"
)

type FreedomConfig struct {
	DomainStrategy string    `json:"domainStrategy"`
	Timeout        *uint32   `json:"timeout"`
	Redirect       string    `json:"redirect"`
	UserLevel      uint32    `json:"userLevel"`
	Fragment       *Fragment `json:"fragment"`
}

type Fragment struct {
	Packets  string `json:"packets"`
	Length   string `json:"length"`
	Interval string `json:"interval"`
}

// Build implements Buildable
func (c *FreedomConfig) Build() (proto.Message, error) {
	config := new(freedom.Config)
	config.DomainStrategy = freedom.Config_AS_IS
	switch strings.ToLower(c.DomainStrategy) {
	case "useip", "use_ip", "use-ip":
		config.DomainStrategy = freedom.Config_USE_IP
	case "useip4", "useipv4", "use_ip4", "use_ipv4", "use_ip_v4", "use-ip4", "use-ipv4", "use-ip-v4":
		config.DomainStrategy = freedom.Config_USE_IP4
	case "useip6", "useipv6", "use_ip6", "use_ipv6", "use_ip_v6", "use-ip6", "use-ipv6", "use-ip-v6":
		config.DomainStrategy = freedom.Config_USE_IP6
	}

	if c.Fragment != nil {
		if len(c.Fragment.Interval) == 0 || len(c.Fragment.Length) == 0 {
			return nil, newError("Invalid interval or length")
		}
		intervalMinMax := strings.Split(c.Fragment.Interval, "-")
		var minInterval, maxInterval int64
		var err, err2 error
		if len(intervalMinMax) == 2 {
			minInterval, err = strconv.ParseInt(intervalMinMax[0], 10, 64)
			maxInterval, err2 = strconv.ParseInt(intervalMinMax[1], 10, 64)
		} else {
			minInterval, err = strconv.ParseInt(intervalMinMax[0], 10, 64)
			maxInterval = minInterval
		}
		if err != nil {
			return nil, newError("Invalid minimum interval: ", err).Base(err)
		}
		if err2 != nil {
			return nil, newError("Invalid maximum interval: ", err2).Base(err2)
		}

		lengthMinMax := strings.Split(c.Fragment.Length, "-")
		var minLength, maxLength int64
		if len(lengthMinMax) == 2 {
			minLength, err = strconv.ParseInt(lengthMinMax[0], 10, 64)
			maxLength, err2 = strconv.ParseInt(lengthMinMax[1], 10, 64)

		} else {
			minLength, err = strconv.ParseInt(lengthMinMax[0], 10, 64)
			maxLength = minLength
		}
		if err != nil {
			return nil, newError("Invalid minimum length: ", err).Base(err)
		}
		if err2 != nil {
			return nil, newError("Invalid maximum length: ", err2).Base(err2)
		}

		if minInterval > maxInterval {
			minInterval, maxInterval = maxInterval, minInterval
		}
		if minLength > maxLength {
			minLength, maxLength = maxLength, minLength
		}

		config.Fragment = &freedom.Fragment{
			MinInterval: int32(minInterval),
			MaxInterval: int32(maxInterval),
			MinLength:   int32(minLength),
			MaxLength:   int32(maxLength),
		}

		switch strings.ToLower(c.Fragment.Packets) {
		case "tlshello":
			// TLS Hello Fragmentation (into multiple handshake messages)
			config.Fragment.StartPacket = 0
			config.Fragment.EndPacket = 1
		case "":
			// TCP Segmentation (all packets)
			config.Fragment.StartPacket = 0
			config.Fragment.EndPacket = 0
		default:
			// TCP Segmentation (range)
			packetRange := strings.Split(c.Fragment.Packets, "-")
			var startPacket, endPacket int64
			if len(packetRange) == 2 {
				startPacket, err = strconv.ParseInt(packetRange[0], 10, 64)
				endPacket, err2 = strconv.ParseInt(packetRange[1], 10, 64)
			} else {
				startPacket, err = strconv.ParseInt(packetRange[0], 10, 64)
				endPacket = startPacket
			}
			if err != nil {
				return nil, newError("Invalid start packet: ", err).Base(err)
			}
			if err2 != nil {
				return nil, newError("Invalid end packet: ", err2).Base(err2)
			}
			if startPacket > endPacket {
				return nil, newError("Invalid packet range: ", c.Fragment.Packets)
			}
			if startPacket < 1 {
				return nil, newError("Cannot start from packet 0")
			}
			config.Fragment.StartPacket = int32(startPacket)
			config.Fragment.EndPacket = int32(endPacket)
		}
	}

	if c.Timeout != nil {
		config.Timeout = *c.Timeout
	}
	config.UserLevel = c.UserLevel
	if len(c.Redirect) > 0 {
		host, portStr, err := net.SplitHostPort(c.Redirect)
		if err != nil {
			return nil, newError("invalid redirect address: ", c.Redirect, ": ", err).Base(err)
		}
		port, err := v2net.PortFromString(portStr)
		if err != nil {
			return nil, newError("invalid redirect port: ", c.Redirect, ": ", err).Base(err)
		}
		config.DestinationOverride = &freedom.DestinationOverride{
			Server: &protocol.ServerEndpoint{
				Port: uint32(port),
			},
		}

		if len(host) > 0 {
			config.DestinationOverride.Server.Address = v2net.NewIPOrDomain(v2net.ParseAddress(host))
		}
	}
	return config, nil
}
v1.0.0 4 years ago			`package conf`

			`import (`
			`"net"`
Added tcp fragmentation for freedom outbound (#2021) * Added tcp fragmentation for freedom outbound * Added TCP_NODELAY to outbound sockopt * Changed fragment parameters to accept ranges and changed strategy to use length * Changed packetNumber to packets, supporting range. * Refactored the freedom fragment logic * Refine Write() --------- Co-authored-by: RPRX <63339210+RPRX@users.noreply.github.com> 2 years ago			`"strconv"`
v1.0.0 4 years ago			`"strings"`

			`"github.com/golang/protobuf/proto"`
v1.1.0 4 years ago			`v2net "github.com/xtls/xray-core/common/net"`
			`"github.com/xtls/xray-core/common/protocol"`
			`"github.com/xtls/xray-core/proxy/freedom"`
v1.0.0 4 years ago			`)`

			`type FreedomConfig struct {`
Added tcp fragmentation for freedom outbound (#2021) * Added tcp fragmentation for freedom outbound * Added TCP_NODELAY to outbound sockopt * Changed fragment parameters to accept ranges and changed strategy to use length * Changed packetNumber to packets, supporting range. * Refactored the freedom fragment logic * Refine Write() --------- Co-authored-by: RPRX <63339210+RPRX@users.noreply.github.com> 2 years ago			DomainStrategy string `json:"domainStrategy"`
			Timeout *uint32 `json:"timeout"`
			Redirect string `json:"redirect"`
			UserLevel uint32 `json:"userLevel"`
			Fragment *Fragment `json:"fragment"`
			`}`

			`type Fragment struct {`
			Packets string `json:"packets"`
			Length string `json:"length"`
			Interval string `json:"interval"`
v1.0.0 4 years ago			`}`

			`// Build implements Buildable`
			`func (c *FreedomConfig) Build() (proto.Message, error) {`
			`config := new(freedom.Config)`
			`config.DomainStrategy = freedom.Config_AS_IS`
			`switch strings.ToLower(c.DomainStrategy) {`
Merge dns (#722) * DNS: add clientip for specific nameserver * Refactoring: DNS App * DNS: add DNS over QUIC support * Feat: add disableCache option for DNS * Feat: add queryStrategy option for DNS * Feat: add disableFallback & skipFallback option for DNS * Feat: DNS hosts support multiple addresses * Feat: DNS transport over TCP * DNS: fix typo & refine code * DNS: refine code * Add disableFallbackIfMatch dns option * Feat: routing and freedom outbound ignore Fake DNS Turn off fake DNS for request sent from Routing and Freedom outbound. Fake DNS now only apply to DNS outbound. This is important for Android, where VPN service take over all system DNS traffic and pass it to core. "UseIp" option can be used in Freedom outbound to avoid getting fake IP and fail connection. * Fix test * Fix dns return * Fix local dns return empty * Apply timeout to dns outbound * Update app/dns/config.go Co-authored-by: Loyalsoldier <10487845+loyalsoldier@users.noreply.github.com> Co-authored-by: Ye Zhihao <vigilans@foxmail.com> Co-authored-by: maskedeken <52683904+maskedeken@users.noreply.github.com> Co-authored-by: V2Fly Team <51714622+vcptr@users.noreply.github.com> Co-authored-by: CalmLong <37164399+calmlong@users.noreply.github.com> Co-authored-by: Shelikhoo <xiaokangwang@outlook.com> Co-authored-by: 秋のかえで <autmaple@protonmail.com> Co-authored-by: 朱聖黎 <digglife@gmail.com> Co-authored-by: rurirei <72071920+rurirei@users.noreply.github.com> Co-authored-by: yuhan6665 <1588741+yuhan6665@users.noreply.github.com> Co-authored-by: Arthur Morgan <4637240+badO1a5A90@users.noreply.github.com> 3 years ago			`case "useip", "use_ip", "use-ip":`
v1.0.0 4 years ago			`config.DomainStrategy = freedom.Config_USE_IP`
Merge dns (#722) * DNS: add clientip for specific nameserver * Refactoring: DNS App * DNS: add DNS over QUIC support * Feat: add disableCache option for DNS * Feat: add queryStrategy option for DNS * Feat: add disableFallback & skipFallback option for DNS * Feat: DNS hosts support multiple addresses * Feat: DNS transport over TCP * DNS: fix typo & refine code * DNS: refine code * Add disableFallbackIfMatch dns option * Feat: routing and freedom outbound ignore Fake DNS Turn off fake DNS for request sent from Routing and Freedom outbound. Fake DNS now only apply to DNS outbound. This is important for Android, where VPN service take over all system DNS traffic and pass it to core. "UseIp" option can be used in Freedom outbound to avoid getting fake IP and fail connection. * Fix test * Fix dns return * Fix local dns return empty * Apply timeout to dns outbound * Update app/dns/config.go Co-authored-by: Loyalsoldier <10487845+loyalsoldier@users.noreply.github.com> Co-authored-by: Ye Zhihao <vigilans@foxmail.com> Co-authored-by: maskedeken <52683904+maskedeken@users.noreply.github.com> Co-authored-by: V2Fly Team <51714622+vcptr@users.noreply.github.com> Co-authored-by: CalmLong <37164399+calmlong@users.noreply.github.com> Co-authored-by: Shelikhoo <xiaokangwang@outlook.com> Co-authored-by: 秋のかえで <autmaple@protonmail.com> Co-authored-by: 朱聖黎 <digglife@gmail.com> Co-authored-by: rurirei <72071920+rurirei@users.noreply.github.com> Co-authored-by: yuhan6665 <1588741+yuhan6665@users.noreply.github.com> Co-authored-by: Arthur Morgan <4637240+badO1a5A90@users.noreply.github.com> 3 years ago			`case "useip4", "useipv4", "use_ip4", "use_ipv4", "use_ip_v4", "use-ip4", "use-ipv4", "use-ip-v4":`
v1.0.0 4 years ago			`config.DomainStrategy = freedom.Config_USE_IP4`
Merge dns (#722) * DNS: add clientip for specific nameserver * Refactoring: DNS App * DNS: add DNS over QUIC support * Feat: add disableCache option for DNS * Feat: add queryStrategy option for DNS * Feat: add disableFallback & skipFallback option for DNS * Feat: DNS hosts support multiple addresses * Feat: DNS transport over TCP * DNS: fix typo & refine code * DNS: refine code * Add disableFallbackIfMatch dns option * Feat: routing and freedom outbound ignore Fake DNS Turn off fake DNS for request sent from Routing and Freedom outbound. Fake DNS now only apply to DNS outbound. This is important for Android, where VPN service take over all system DNS traffic and pass it to core. "UseIp" option can be used in Freedom outbound to avoid getting fake IP and fail connection. * Fix test * Fix dns return * Fix local dns return empty * Apply timeout to dns outbound * Update app/dns/config.go Co-authored-by: Loyalsoldier <10487845+loyalsoldier@users.noreply.github.com> Co-authored-by: Ye Zhihao <vigilans@foxmail.com> Co-authored-by: maskedeken <52683904+maskedeken@users.noreply.github.com> Co-authored-by: V2Fly Team <51714622+vcptr@users.noreply.github.com> Co-authored-by: CalmLong <37164399+calmlong@users.noreply.github.com> Co-authored-by: Shelikhoo <xiaokangwang@outlook.com> Co-authored-by: 秋のかえで <autmaple@protonmail.com> Co-authored-by: 朱聖黎 <digglife@gmail.com> Co-authored-by: rurirei <72071920+rurirei@users.noreply.github.com> Co-authored-by: yuhan6665 <1588741+yuhan6665@users.noreply.github.com> Co-authored-by: Arthur Morgan <4637240+badO1a5A90@users.noreply.github.com> 3 years ago			`case "useip6", "useipv6", "use_ip6", "use_ipv6", "use_ip_v6", "use-ip6", "use-ipv6", "use-ip-v6":`
v1.0.0 4 years ago			`config.DomainStrategy = freedom.Config_USE_IP6`
			`}`

Added tcp fragmentation for freedom outbound (#2021) * Added tcp fragmentation for freedom outbound * Added TCP_NODELAY to outbound sockopt * Changed fragment parameters to accept ranges and changed strategy to use length * Changed packetNumber to packets, supporting range. * Refactored the freedom fragment logic * Refine Write() --------- Co-authored-by: RPRX <63339210+RPRX@users.noreply.github.com> 2 years ago			`if c.Fragment != nil {`
			`if len(c.Fragment.Interval) == 0 \|\| len(c.Fragment.Length) == 0 {`
			`return nil, newError("Invalid interval or length")`
			`}`
			`intervalMinMax := strings.Split(c.Fragment.Interval, "-")`
			`var minInterval, maxInterval int64`
			`var err, err2 error`
			`if len(intervalMinMax) == 2 {`
			`minInterval, err = strconv.ParseInt(intervalMinMax[0], 10, 64)`
			`maxInterval, err2 = strconv.ParseInt(intervalMinMax[1], 10, 64)`
			`} else {`
			`minInterval, err = strconv.ParseInt(intervalMinMax[0], 10, 64)`
			`maxInterval = minInterval`
			`}`
			`if err != nil {`
			`return nil, newError("Invalid minimum interval: ", err).Base(err)`
			`}`
			`if err2 != nil {`
			`return nil, newError("Invalid maximum interval: ", err2).Base(err2)`
			`}`

			`lengthMinMax := strings.Split(c.Fragment.Length, "-")`
			`var minLength, maxLength int64`
			`if len(lengthMinMax) == 2 {`
			`minLength, err = strconv.ParseInt(lengthMinMax[0], 10, 64)`
			`maxLength, err2 = strconv.ParseInt(lengthMinMax[1], 10, 64)`

			`} else {`
			`minLength, err = strconv.ParseInt(lengthMinMax[0], 10, 64)`
			`maxLength = minLength`
			`}`
			`if err != nil {`
			`return nil, newError("Invalid minimum length: ", err).Base(err)`
			`}`
			`if err2 != nil {`
			`return nil, newError("Invalid maximum length: ", err2).Base(err2)`
			`}`

			`if minInterval > maxInterval {`
			`minInterval, maxInterval = maxInterval, minInterval`
			`}`
			`if minLength > maxLength {`
			`minLength, maxLength = maxLength, minLength`
			`}`

			`config.Fragment = &freedom.Fragment{`
			`MinInterval: int32(minInterval),`
			`MaxInterval: int32(maxInterval),`
			`MinLength: int32(minLength),`
			`MaxLength: int32(maxLength),`
			`}`

Add TLS Hello Fragmentation for freedom outbound (#2131) * Replace TCP Segmentation with TLS Hello Fragmentation * Update infra/conf/freedom.go * Refine proxy/freedom/freedom.go --------- Co-authored-by: RPRX <63339210+RPRX@users.noreply.github.com> 1 year ago			`switch strings.ToLower(c.Fragment.Packets) {`
			`case "tlshello":`
			`// TLS Hello Fragmentation (into multiple handshake messages)`
			`config.Fragment.StartPacket = 0`
			`config.Fragment.EndPacket = 1`
			`case "":`
			`// TCP Segmentation (all packets)`
			`config.Fragment.StartPacket = 0`
			`config.Fragment.EndPacket = 0`
			`default:`
			`// TCP Segmentation (range)`
Added tcp fragmentation for freedom outbound (#2021) * Added tcp fragmentation for freedom outbound * Added TCP_NODELAY to outbound sockopt * Changed fragment parameters to accept ranges and changed strategy to use length * Changed packetNumber to packets, supporting range. * Refactored the freedom fragment logic * Refine Write() --------- Co-authored-by: RPRX <63339210+RPRX@users.noreply.github.com> 2 years ago			`packetRange := strings.Split(c.Fragment.Packets, "-")`
			`var startPacket, endPacket int64`
			`if len(packetRange) == 2 {`
			`startPacket, err = strconv.ParseInt(packetRange[0], 10, 64)`
			`endPacket, err2 = strconv.ParseInt(packetRange[1], 10, 64)`
			`} else {`
			`startPacket, err = strconv.ParseInt(packetRange[0], 10, 64)`
			`endPacket = startPacket`
			`}`
			`if err != nil {`
			`return nil, newError("Invalid start packet: ", err).Base(err)`
			`}`
			`if err2 != nil {`
			`return nil, newError("Invalid end packet: ", err2).Base(err2)`
			`}`
			`if startPacket > endPacket {`
			`return nil, newError("Invalid packet range: ", c.Fragment.Packets)`
			`}`
			`if startPacket < 1 {`
			`return nil, newError("Cannot start from packet 0")`
			`}`
			`config.Fragment.StartPacket = int32(startPacket)`
			`config.Fragment.EndPacket = int32(endPacket)`
			`}`
			`}`

v1.0.0 4 years ago			`if c.Timeout != nil {`
			`config.Timeout = *c.Timeout`
			`}`
			`config.UserLevel = c.UserLevel`
			`if len(c.Redirect) > 0 {`
			`host, portStr, err := net.SplitHostPort(c.Redirect)`
			`if err != nil {`
			`return nil, newError("invalid redirect address: ", c.Redirect, ": ", err).Base(err)`
			`}`
			`port, err := v2net.PortFromString(portStr)`
			`if err != nil {`
			`return nil, newError("invalid redirect port: ", c.Redirect, ": ", err).Base(err)`
			`}`
			`config.DestinationOverride = &freedom.DestinationOverride{`
			`Server: &protocol.ServerEndpoint{`
			`Port: uint32(port),`
			`},`
			`}`

			`if len(host) > 0 {`
			`config.DestinationOverride.Server.Address = v2net.NewIPOrDomain(v2net.ParseAddress(host))`
			`}`
			`}`
			`return config, nil`
			`}`