Improve tls dialer and listener

This commit is contained in:
世界
2022-07-25 08:14:09 +08:00
parent 32e2730ec6
commit 1f05420745
8 changed files with 265 additions and 28 deletions

View File

@@ -126,14 +126,16 @@ func (o SocksInboundOptions) Equals(other SocksInboundOptions) bool {
type HTTPMixedInboundOptions struct {
ListenOptions
Users []auth.User `json:"users,omitempty"`
SetSystemProxy bool `json:"set_system_proxy,omitempty"`
Users []auth.User `json:"users,omitempty"`
SetSystemProxy bool `json:"set_system_proxy,omitempty"`
TLS *InboundTLSOptions `json:"tls,omitempty"`
}
func (o HTTPMixedInboundOptions) Equals(other HTTPMixedInboundOptions) bool {
return o.ListenOptions == other.ListenOptions &&
common.ComparableSliceEquals(o.Users, other.Users) &&
o.SetSystemProxy == other.SetSystemProxy
o.SetSystemProxy == other.SetSystemProxy &&
common.PtrEquals(o.TLS, other.TLS)
}
type DirectInboundOptions struct {
@@ -174,12 +176,14 @@ type ShadowsocksDestination struct {
type VMessInboundOptions struct {
ListenOptions
Users []VMessUser `json:"users,omitempty"`
Users []VMessUser `json:"users,omitempty"`
TLS *InboundTLSOptions `json:"tls,omitempty"`
}
func (o VMessInboundOptions) Equals(other VMessInboundOptions) bool {
return o.ListenOptions == other.ListenOptions &&
common.ComparableSliceEquals(o.Users, other.Users)
common.ComparableSliceEquals(o.Users, other.Users) &&
common.PtrEquals(o.TLS, other.TLS)
}
type VMessUser struct {

View File

@@ -140,13 +140,6 @@ type HTTPOutboundOptions struct {
TLSOptions *OutboundTLSOptions `json:"tls,omitempty"`
}
type OutboundTLSOptions struct {
Enabled bool `json:"enabled,omitempty"`
DisableSNI bool `json:"disable_sni,omitempty"`
ServerName string `json:"server_name,omitempty"`
Insecure bool `json:"insecure,omitempty"`
}
type ShadowsocksOutboundOptions struct {
OutboundDialerOptions
ServerOptions
@@ -158,13 +151,18 @@ type ShadowsocksOutboundOptions struct {
type VMessOutboundOptions struct {
OutboundDialerOptions
ServerOptions
UUID string `json:"uuid"`
Security string `json:"security"`
AlterId int `json:"alter_id,omitempty"`
GlobalPadding bool `json:"global_padding,omitempty"`
AuthenticatedLength bool `json:"authenticated_length,omitempty"`
Network NetworkList `json:"network,omitempty"`
TLSOptions *OutboundTLSOptions `json:"tls,omitempty"`
UUID string `json:"uuid"`
Security string `json:"security"`
AlterId int `json:"alter_id,omitempty"`
GlobalPadding bool `json:"global_padding,omitempty"`
AuthenticatedLength bool `json:"authenticated_length,omitempty"`
Network NetworkList `json:"network,omitempty"`
TLSOptions *OutboundTLSOptions `json:"tls,omitempty"`
TransportOptions *VMessTransportOptions `json:"transport,omitempty"`
}
type VMessTransportOptions struct {
Network string `json:"network,omitempty"`
}
type SelectorOutboundOptions struct {

77
option/tls.go Normal file
View File

@@ -0,0 +1,77 @@
package option
import (
"crypto/tls"
"github.com/sagernet/sing/common"
E "github.com/sagernet/sing/common/exceptions"
)
type InboundTLSOptions struct {
Enabled bool `json:"enabled,omitempty"`
ServerName string `json:"server_name,omitempty"`
ALPN []string `json:"alpn,omitempty"`
MinVersion string `json:"min_version,omitempty"`
MaxVersion string `json:"max_version,omitempty"`
CipherSuites []string `json:"cipher_suites,omitempty"`
Certificate string `json:"certificate,omitempty"`
CertificatePath string `json:"certificate_path,omitempty"`
Key string `json:"key,omitempty"`
KeyPath string `json:"key_path,omitempty"`
}
func (o InboundTLSOptions) Equals(other InboundTLSOptions) bool {
return o.Enabled == other.Enabled &&
o.ServerName == other.ServerName &&
common.ComparableSliceEquals(o.ALPN, other.ALPN) &&
o.MinVersion == other.MinVersion &&
o.MaxVersion == other.MaxVersion &&
common.ComparableSliceEquals(o.CipherSuites, other.CipherSuites) &&
o.Certificate == other.Certificate &&
o.CertificatePath == other.CertificatePath &&
o.Key == other.Key &&
o.KeyPath == other.KeyPath
}
type OutboundTLSOptions struct {
Enabled bool `json:"enabled,omitempty"`
DisableSNI bool `json:"disable_sni,omitempty"`
ServerName string `json:"server_name,omitempty"`
Insecure bool `json:"insecure,omitempty"`
ALPN []string `json:"alpn,omitempty"`
MinVersion string `json:"min_version,omitempty"`
MaxVersion string `json:"max_version,omitempty"`
CipherSuites []string `json:"cipher_suites,omitempty"`
DisableSystemRoot bool `json:"disable_system_root,omitempty"`
Certificate string `json:"certificate,omitempty"`
CertificatePath string `json:"certificate_path,omitempty"`
}
func (o OutboundTLSOptions) Equals(other OutboundTLSOptions) bool {
return o.Enabled == other.Enabled &&
o.DisableSNI == other.DisableSNI &&
o.ServerName == other.ServerName &&
o.Insecure == other.Insecure &&
common.ComparableSliceEquals(o.ALPN, other.ALPN) &&
o.MinVersion == other.MinVersion &&
o.MaxVersion == other.MaxVersion &&
common.ComparableSliceEquals(o.CipherSuites, other.CipherSuites) &&
o.DisableSystemRoot == other.DisableSystemRoot &&
o.Certificate == other.Certificate &&
o.CertificatePath == other.CertificatePath
}
func ParseTLSVersion(version string) (uint16, error) {
switch version {
case "1.0":
return tls.VersionTLS10, nil
case "1.1":
return tls.VersionTLS11, nil
case "1.2":
return tls.VersionTLS12, nil
case "1.3":
return tls.VersionTLS13, nil
default:
return 0, E.New("unknown tls version:", version)
}
}