613c63b165
DNS DoH h2c Remote: Add `verifyPeerCertInNames` "fromMitm" support
...
https://github.com/XTLS/Xray-core/issues/4313#issuecomment-2645838663
2025-02-08 18:05:41 +00:00
ae327eb7e6
Chore: Make some Maps into real Sets ( #4362 )
2025-02-07 13:48:33 +00:00
e893fa1828
API: Add user IPs and access times tracking ( #4360 )
2025-02-07 12:19:47 +00:00
a7a83624c5
Upgrade quic-go to official v0.49.0
...
https://github.com/quic-go/quic-go/releases/tag/v0.49.0
https://github.com/quic-go/quic-go/pull/4749
https://github.com/quic-go/quic-go/pull/4798
2025-01-26 11:47:30 +00:00
3a7a78ff3a
UDS: Keep valid source addr ( #4325 )
...
Fixes https://github.com/XTLS/Xray-core/issues/4324
2025-01-26 11:08:36 +00:00
2522cfd7be
DNS DoH: Add h2c Remote mode (with TLS `serverNameToVerify`)
...
https://github.com/XTLS/Xray-core/issues/4313#issuecomment-2609339864
Applies https://github.com/refraction-networking/utls/pull/161
Closes https://github.com/XTLS/Xray-core/issues/4313
2025-01-25 10:51:44 +00:00
f4fd8b8fad
DNS: Implement queryStrategy for "localhost" ( #4303 )
...
Fixes https://github.com/XTLS/Xray-core/issues/4302
2025-01-19 07:39:54 +00:00
42aea01fb5
Core: Add mutex to injection resolution ( #4206 )
...
* Revert "Add RequireFeaturesAsync() that works regardless order of app init"
* Add mutex to injection resolution
- Turns out we already support async DI resolution regardless of feature ordering
Previous code contain a race condition causing some resolution is lost
- Note that the new mutex cover s.pendingResolutions and s.features
but must not cover callbackResolution() due to deadlock
- Refactor some method names and simplify code
* Add OptionalFeatures injection
For example OptionalFeatures() is useful for fakedns module
2024-12-26 12:55:12 +00:00
868799ef04
DNS: Always use a DNS Message ID of 0 for DoH and DoQ ( #4193 )
...
Co-authored-by: dyhkwong <50692134+dyhkwong@users.noreply.github.com>
2024-12-22 09:19:09 +00:00
53b04d560b
XHTTP client: Make H3 httptrace work on v2rayNG
...
Introduced in https://github.com/XTLS/Xray-core/pull/4150
2024-12-20 07:19:41 +00:00
743435d6e6
Core: Fix startup error when `dns` exists but `fakedns` doesn't
...
Fixes https://github.com/XTLS/Xray-core/issues/4155
2024-12-12 06:56:05 +00:00
0e2304c403
Core: Fix memory leaks with RequireFeatures() ( #4095 )
...
Fixes https://github.com/XTLS/Xray-core/issues/4054
Fixes https://github.com/XTLS/Xray-core/issues/3338
Fixes https://github.com/XTLS/Xray-core/issues/3221
2024-12-11 01:07:52 +00:00
46d8d9ef02
XHTTP server: Forbid Mux.Cool except pure XUDP ( #4128 )
...
https://github.com/XTLS/Xray-core/discussions/4113#discussioncomment-11491701
2024-12-07 04:45:45 +00:00
034a485afe
Chore: Refactor tests in app/router ( #4019 )
2024-11-24 22:53:31 -05:00
44b1dd0e67
Test: Change address for DNS over QUIC tests ( #4002 )
...
dns.adguard.com can be blocked in some places
2024-11-11 14:43:57 -05:00
480748403a
Chore: Fix versions in some *.pb.go files
...
47fad1fbfd
2024-11-11 03:27:30 +00:00
83bab5dd90
Chore: Run gofmt ( #3990 )
2024-11-09 11:16:11 +00:00
71cfea8aae
Chore: Fix some spelling errors ( #3976 )
2024-11-06 10:42:43 -05:00
057e6284b2
UDS: prevent crash when proxy udp ( #3967 )
...
* net: Prevent nil pointer err in NetAddr()
* Fix dsworker saddr problem
2024-11-04 10:39:04 -05:00
ccc4b7b2cf
Test: Fix incorrect output format ( #3968 )
2024-11-04 10:36:42 -05:00
2c72864935
API: Add user online stats ( #3637 )
...
* add statsUserOnline bool to policy
* add OnlineMap struct to stats
* apply UserOnline functionality to dispatcher
* add statsonline api command
* fix comments
* Update app/stats/online_map.go
Co-authored-by: mmmray <142015632+mmmray@users.noreply.github.com>
* improve AddIP
* regenerate pb
---------
Co-authored-by: mmmray <142015632+mmmray@users.noreply.github.com>
2024-11-03 08:44:15 -05:00
85a1c33709
API: Add new Get Inbound User ( #3644 )
...
* Add GetInboundUser in proto
* Add get user logic for all existing inbounds
* Add inbounduser command
* Add option to get all users
* Fix shadowsocks2022 config
* Fix init users in shadowsocks2022
* Fix copy
* Add inbound user count command
This api costs much less than get inbound user, could be useful in some case
* Update from latest main
2024-11-03 00:25:23 -04:00
47fad1fbfd
Chore: Generate *.pb.go files with protoc v5.28.2
...
Download https://github.com/protocolbuffers/protobuf/releases/tag/v28.2
go install google.golang.org/protobuf/cmd/protoc-gen-go@v1.35.1
go install google.golang.org/grpc/cmd/protoc-gen-go-grpc@v1.5.1
(Xray-core/) go run ./infra/vprotogen
2024-10-16 04:06:21 +00:00
5164a82185
Routing: Fix regexp syntax support in UserMatcher ( #3900 )
2024-10-11 11:37:01 -04:00
7086d286be
Remove legacy code ( #3838 )
...
* Add feature migration notice
* Remove legacy code of transport processing
* Clear legacy proto field
* Fix missing
* Unify protocolname
* Test remove
* Supressor
* Weird code
* Remove errorgen related comments
2024-09-23 11:28:19 -04:00
57a41f3b4b
Config: Remove more legacy fields ( #3817 )
2024-09-19 01:05:59 +00:00
5f0642a671
Errors: Add PrintRemovedFeatureError & PrintDeprecatedFeatureWarning ( #3804 )
2024-09-15 04:55:54 +00:00
d7c5a0fc5f
Fix int overflow on x32 processors causing panic ( #3810 )
...
During the roll, "duration" is converted to int, causing overflow on x32 processors. The value may be very small or negative, causing a panic in rand.Intn.
2024-09-14 23:47:16 -04:00
781aaee21f
QUIC sniffer: handle multiple initial packets ( #3802 )
...
* QUIC sniffer: handle multiple initial packets
Basically copied from Vigilans/v2ray-core@8f33db0
Co-Authored-By: Vigilans <vigilans@foxmail.com>
* Remove unnecessary file
---------
Co-authored-by: Vigilans <vigilans@foxmail.com>
2024-09-13 13:32:43 -04:00
7970f240de
Log: show the matching rule tag ( #3809 )
2024-09-13 13:05:19 -04:00
88ae774cce
Sniff: Routing “attrs” support non http inbound ( #3808 )
...
* Sniff: Support attrs route in non http inbound
* Add capability to sniff method and path
* Fix test
* Skip HTTP inbound PlainHTTP mode
* Fix test
again
2024-09-13 12:26:36 -04:00
3a8c5f38e8
Routing: Add regexp syntax support to UserMatcher ( #3799 )
2024-09-12 10:48:41 -04:00
1b607ff874
DNS: Do not hit cache if encounted err ( #3784 )
2024-09-12 10:34:45 -04:00
a247997e38
Log: Add MaskAddress option to hide IP addresses ( #3783 )
...
* Log: Add maskAddress option
* Correct IPv6 subnet
2024-09-11 10:45:47 -04:00
f04cb0b288
Config: Remove some legacy fields from V2Ray 3.x era ( #3776 )
...
https://github.com/XTLS/Xray-core/pull/3776#issue-2512316726
2024-09-09 06:03:21 +00:00
8674ed5a0d
Support DNS queryStrategy config for UDP NameServer ( #3728 )
2024-08-27 10:19:33 -04:00
2be03c56cb
Pin protobuf packages ( #3715 )
...
* Pin protobuf packages
It happened in the past that I ran with the wrong protobuf version
installed locally, and apparently there is even still some file wrong in
splithttp. Fix this issue once and for all.
* bump protobuf packages
* Revert "bump protobuf packages"
This reverts commit 7a3509346abb79707d15
2024-08-22 10:18:36 -04:00
790f908f0b
chore: fix some comment typos ( #3716 )
...
Signed-off-by: curlwget <curlwget@icloud.com>
2024-08-22 17:32:38 +08:00
16de0937a8
Fix typos ( #3527 )
2024-07-12 00:20:06 +02:00
079d0bd8a9
Refactor log ( #3446 )
...
* Refactor log
* Add new log methods
* Fix logger test
* Change all logging code
* Clean up pathObj
* Rebase to latest main
* Remove invoking method name after the dot
2024-06-29 14:32:57 -04:00
ae97821e40
Add regex support for domainsExcluded ( #3449 )
...
* Add regx support for domainsExcluded
* format
2024-06-16 10:51:52 -04:00
0a3c449cdf
Inbound worker should fill context outbounds info
...
https://github.com/XTLS/Xray-core/issues/3388
2024-05-26 12:25:25 -04:00
ca07a705dc
Generate *.pb.go files with protoc v5.27.0
...
Download https://github.com/protocolbuffers/protobuf/releases/tag/v27.0
go install google.golang.org/protobuf/cmd/protoc-gen-go@v1.34.1
go install google.golang.org/grpc/cmd/protoc-gen-go-grpc@v1.3.0
(Xray-core/) go run ./infra/vprotogen
2024-05-26 03:20:53 +00:00
017f53b5fc
Add session context outbounds as slice ( #3356 )
...
* Add session context outbounds as slice
slice is needed for dialer proxy where two outbounds work on top of each other
There are two sets of target addr for example
It also enable Xtls to correctly do splice copy by checking both outbounds are ready to do direct copy
* Fill outbound tag info
* Splice now checks capalibility from all outbounds
* Fix unit tests
2024-05-13 21:52:24 -04:00
84eeb56ae4
Select alive only node when fallbackTag is given
...
- Apply to random and roundrobin strategy
- Require observatory config
Co-authored-by: Mark Ma <38940419+mkmark@users.noreply.github.com>
2024-05-05 10:11:29 -04:00
447a49d16a
Add configuration item api->listen. ( #3317 )
...
* add api.listen configuration item
* add unit tests
* typo
---------
Co-authored-by: nobody <nobody@nowhere.mars>
2024-05-01 21:23:55 -04:00
dd16dcec03
chore: fix some typos in comments
...
Signed-off-by: writegr <wellweek@outlook.com>
2024-04-18 12:24:56 +08:00
8374d59ce6
Fix IPv6 random IP logic error ( #3232 )
...
* Update handler.go
fix CIDR6
* Update handler.go
2024-04-06 18:01:07 -04:00
e2302b421c
Update proto file for websocket and httpupgrade (breaking)
2024-03-30 07:42:41 +00:00
53e5814d19
API - Add | Remove Routing Rules ( #3189 )
...
* add RuleTag to routing rules
* add router pb commands
* add and remove routing rules api
* cleanup
* fix
* improve error msg
* add append flag
apply balancer config
2024-03-29 11:17:36 -04:00
70a5fe9a25
Allow to send through random IPv6
2024-03-23 07:23:19 -10:00
657c5c8570
Update HTTPUpgrade spelling and proto
2024-03-20 13:08:43 -04:00
69e1734e3a
Apply FallbackTag to leastping and roundrobin
2024-03-15 14:49:31 -04:00
950a64e9a4
Change the default port of Dns over Quic
2024-03-11 00:02:16 -04:00
601246468a
Add initial check for burstObserver
2024-03-05 23:21:03 -05:00
a994bf8b04
chore: fix some errors detected by staticcheck ( #3089 )
...
* chore: fix some errors detected by staticcheck
* feat: remove `rand.Seed()` usage for possibly using "fastrand64" runtime to avoid locking
ref: https://pkg.go.dev/math/rand#Seed
2024-03-03 10:52:22 -05:00
aa101d9dc2
Doq ( #3073 )
...
* feat: change ALPN of DNS over QUIC
* Fix: length of DNS over QUIC (#1888 )
---------
Co-authored-by: 秋のかえで <autmaple@protonmail.com>
2024-02-28 21:35:35 -05:00
a0f1e1f377
FakeDNS return TTL=1 and drop HTTPS QType 65 request
...
Co-authored-by: qwerr0
2024-02-21 11:09:51 -05:00
fa5d7a255b
Least load balancer ( #2999 )
...
* v5: Health Check & LeastLoad Strategy (rebased from 2c5a71490368500a982018a74a6d519c7e121816)
Some changes will be necessary to integrate it into V2Ray
* Update proto
* parse duration conf with time.Parse()
* moving health ping to observatory as a standalone component
* moving health ping to observatory as a standalone component: auto generated file
* add initialization for health ping
* incorporate changes in router implementation
* support principle target output
* add v4 json support for BurstObservatory & fix balancer reference
* update API command
* remove cancelled API
* return zero length value when observer is not found
* remove duplicated targeted dispatch
* adjust test with updated structure
* bug fix for observer
* fix strategy selector
* fix strategy least load
* Fix ticker usage
ticker.Close does not close ticker.C
* feat: Replace default Health Ping URL to HTTPS (#1991 )
* fix selectLeastLoad() returns wrong number of nodes (#2083 )
* Test: fix leastload strategy unit test
* fix(router): panic caused by concurrent map read and write (#2678 )
* Clean up code
---------
Co-authored-by: Jebbs <qjebbs@gmail.com>
Co-authored-by: Shelikhoo <xiaokangwang@outlook.com>
Co-authored-by: 世界 <i@sekai.icu>
Co-authored-by: Bernd Eichelberger <46166740+4-FLOSS-Free-Libre-Open-Source-Software@users.noreply.github.com>
Co-authored-by: 秋のかえで <autmaple@protonmail.com>
Co-authored-by: Rinka <kujourinka@gmail.com>
2024-02-17 22:51:37 -05:00
d83ccaeea9
Clean up legacy compile directive
2024-02-06 21:17:21 -05:00
d20a835016
Fix concurrent map writes error in ohm.Select(). ( #2943 )
...
* Add unit test for ohm.tagsCache.
* Fix concurrent map writes in ohm.Select().
---------
Co-authored-by: nobody <nobody@nowhere.mars>
2024-01-16 10:52:01 -05:00
7f7f57d3b6
Add tags cache to app.proxyman.ohm.Select() ( #2927 )
...
* Add tags cache to ohm.Select().
* Refactor round-robin.
* Fix a bug.
---------
Co-authored-by: nobody <nobody@nowhere.mars>
2024-01-12 10:36:48 -05:00
81f9f567ff
sort Outbound selector output ( #2914 )
...
* clean code
* sort oubound selector output
* clean up
* fix duplicate outbound
2024-01-10 11:26:27 -05:00
9a2ab9b6a3
fix roundRobin
2024-01-07 14:27:37 -05:00
60f7a03e1b
fix(dns): avoid early return when dns query refused ( #2878 )
...
* avoid early return when dns query refused
* address reviews
2024-01-01 23:03:36 -05:00
01c14a5994
add Round-Robin Strategy to balancer ( #2844 )
...
* add Round-Robin Strategy
* clean up
2023-12-24 15:29:10 -05:00
d60281d0a5
Add DestIpAddress() in Dialer interface
...
Android client prepares an IP before proxy connection is established. It is useful when connecting to wireguard (or quic) outbound with domain address. E.g. engage.cloudflareclient.com:2408
2023-12-18 18:36:56 -05:00
d9fd3f8eb1
Freedom xdomain strategy ( #2719 )
...
* 统一 `domainStrategy` 行为.
* aliases NG.
* 化简.
* 调整.
* Let it crash.
* Update proto
---------
Co-authored-by: rui0572 <125641819+rui0572@users.noreply.github.com>
2023-11-12 16:27:39 -05:00
4f6042c69f
feat(dns): Support DNS queryStrategy config per NameServer.
2023-09-22 10:34:36 -04:00
efd32b0fb2
Enable splice for freedom outbound (downlink only)
...
- Add outbound name
- Add outbound conn in ctx
- Refactor splice: it can be turn on from all inbounds and outbounds
- Refactor splice: Add splice copy to vless inbound
- Fix http error test
- Add freedom splice toggle via env var
- Populate outbound obj in context
- Use CanSpliceCopy to mark a connection
- Turn off splice by default
2023-09-07 14:17:39 -04:00
7264750e28
fix typo in default.go
2023-09-07 12:28:55 -04:00
b8bd243df5
Fix buffer.UDP destination override ( #2356 )
2023-08-29 07:12:36 +00:00
b24a4028f1
fix(app/router): fixed a bug in geoip matching with refactoring ( #2489 )
...
* Refactor the IP address matching with netipx library
* Add a regression test for previous bug
Fixes https://github.com/XTLS/Xray-core/issues/1933
---------
Co-authored-by: Loyalsoldier <10487845+Loyalsoldier@users.noreply.github.com>
2023-08-26 15:11:37 +00:00
f67167bb3b
refactor(deps): replace github.com/golang/protobuf with google.golang.org/protobuf
2023-08-10 10:43:27 -04:00
7aeca33729
fix: revert previous change on IsValid() function; add validation in getUoTConnection();
2023-07-19 15:53:01 -04:00
a6c5c57930
Support regex matching with attr ( #2258 )
...
* Support regex matching with attr
* Add test case
* Optimizing regex parsing at core start
* simpliy
2023-06-27 08:04:09 +00:00
ee21763928
Run "go fmt ./..."
2023-06-18 09:46:57 -04:00
62e881b01a
5*60 -> 2*60
2023-06-18 15:33:30 +00:00
bf4b1fab3c
Simplify http attrabute matching
...
In the past, we use Starlark script, it is over engineered and barely used.
By switching to simple key value string contains logic we can reduce core size about 0.7MB
2023-06-12 10:25:45 -04:00
d11d72be6c
Update proto file and fix protoc version parsing
...
The new protoc cli return version v23.1,
so we parse the file version v4.23.1 without "4."
2023-06-11 13:36:06 -04:00
a4e80f01e4
Add tls serverName to DoQ
2023-06-04 08:45:38 -04:00
86b4b81f1d
Bump github.com/quic-go/quic-go from 0.34.0 to 0.35.1
...
Bumps [github.com/quic-go/quic-go](https://github.com/quic-go/quic-go ) from 0.34.0 to 0.35.1.
- [Release notes](https://github.com/quic-go/quic-go/releases )
- [Changelog](https://github.com/quic-go/quic-go/blob/master/Changelog.md )
- [Commits](https://github.com/quic-go/quic-go/compare/v0.34.0...v0.35.1 )
---
updated-dependencies:
- dependency-name: github.com/quic-go/quic-go
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-06-01 18:23:56 -04:00
bfd5da2f00
fix: dns empty response
2023-05-01 10:19:50 -04:00
18e5b0963f
Update dependencies
2023-04-23 19:32:07 +08:00
06c9e50c52
Add "xudpProxyUDP443" to Mux config & XUDP rejects UDP/443 traffic by default (client side, excluding reverse proxy)
2023-04-14 22:51:18 +00:00
24a2be43ef
Replace "only" with "xudpConcurrency" in Mux config
2023-04-10 10:36:07 +08:00
29d7865d78
Refine "only" in Mux config
2023-04-10 10:15:16 +08:00
be23d5d3b7
XUDP protocol: Add Global ID & UoT Migration
...
The first UoT protocol that supports UoT Migration
Thank @yuhan6665 for testing
2023-04-06 10:21:35 +00:00
f57ec13880
Update UoT protocol
2023-03-17 13:17:08 +08:00
f176ec54ee
v1.7.3
2023-02-02 05:50:21 +00:00
b70912799b
Generate *.pb.go files with protoc v3.21.12
...
https://github.com/protocolbuffers/protobuf/releases/tag/v21.12
go install google.golang.org/protobuf/cmd/protoc-gen-go@v1.28
go install google.golang.org/grpc/cmd/protoc-gen-go-grpc@v1.2
go run ./infra/vprotogen
2023-01-30 04:35:30 +00:00
c4fbdf1b78
Run core/format.go
2022-12-25 19:47:53 -05:00
8117b66949
Generate all protos
2022-10-10 13:17:32 -04:00
debd2e3ba8
Remove compatibility code
...
The minimum support go version is already 1.18
2022-09-16 20:39:07 -04:00
4140bcd11a
Enhancement of "redirect" function, adding support for MacOS
...
Added the function of "MacOS" FreeBSD firewall traffic forwarding and resolving destination address
example:
"inbounds": [
{
"listen": "127.0.0.1",
"port": 1122,
"protocol": "dokodemo-door",
"tag": "dokodemo",
"settings": {
"network": "tcp",
"followRedirect": true,
"userLevel": 0
},
"streamSettings": {
"sockopt": {
"tproxy": "Redirect"
}
}
}
]
还原#1189 提交
2022-08-22 10:33:58 -04:00
59602db02d
Add "tproxy" option ( #1189 )
...
* Add "tproxy" option
Added the function of "MacOS" FreeBSD firewall traffic forwarding and resolving destination address
example:
"inbounds": [
{
"listen": "127.0.0.1",
"port": 1122,
"protocol": "dokodemo-door",
"tag": "dokodemo",
"settings": {
"network": "tcp",
"followRedirect": true,
"userLevel": 0
},
"streamSettings": {
"sockopt": {
"tproxy": "pf"
}
}
}
]
* Add "tproxy" option
Added the function of "MacOS" FreeBSD firewall traffic forwarding and resolving destination address
example:
"inbounds": [
{
"listen": "127.0.0.1",
"port": 1122,
"protocol": "dokodemo-door",
"tag": "dokodemo",
"settings": {
"network": "tcp",
"followRedirect": true,
"userLevel": 0
},
"streamSettings": {
"sockopt": {
"tproxy": "pf"
}
}
}
]
* Add "tproxy" option
Added the function of "MacOS" FreeBSD firewall traffic forwarding and resolving destination address
example:
"inbounds": [
{
"listen": "127.0.0.1",
"port": 1122,
"protocol": "dokodemo-door",
"tag": "dokodemo",
"settings": {
"network": "tcp",
"followRedirect": true,
"userLevel": 0
},
"streamSettings": {
"sockopt": {
"tproxy": "pf"
}
}
}
]
Co-authored-by: Mocking <fanhaiwang0817@gmail.com>
2022-08-20 09:02:18 -04:00
5e323958b6
Unify dns log
2022-07-24 23:54:58 -04:00
c3505632fd
Add udp over tcp support for shadowsocks-2022
2022-06-01 11:49:02 +08:00
6f93ef7736
Remove useless error log
2022-06-01 11:11:53 +08:00
398375d76f
Reformat code (quic sniffers)
2022-05-24 06:57:16 +08:00
RPRX