mirror of
https://github.com/e1732a364fed/v2ray_simple.git
synced 2026-04-23 14:39:33 +08:00
e1732a364fed
108 lines
2.4 KiB
Go
108 lines
2.4 KiB
Go
package proxy
|
|
|
|
import (
|
|
"net"
|
|
"net/url"
|
|
|
|
"github.com/e1732a364fed/v2ray_simple/httpLayer"
|
|
"github.com/e1732a364fed/v2ray_simple/tlsLayer"
|
|
)
|
|
|
|
//use dc.Host, dc.Insecure, dc.Utls, dc.Alpn.
|
|
func prepareTLS_forClient(com ProxyCommon, dc *DialConf) error {
|
|
alpnList := dc.Alpn
|
|
|
|
clic := com.getCommon()
|
|
if clic == nil {
|
|
return nil
|
|
}
|
|
|
|
switch com.AdvancedLayer() {
|
|
case "quic":
|
|
clic.setNetwork("udp")
|
|
return nil
|
|
case "grpc":
|
|
has_h2 := false
|
|
for _, a := range alpnList {
|
|
if a == httpLayer.H2_Str {
|
|
has_h2 = true
|
|
break
|
|
}
|
|
}
|
|
if !has_h2 {
|
|
alpnList = append([]string{httpLayer.H2_Str}, alpnList...)
|
|
}
|
|
}
|
|
clic.setTLS_Client(tlsLayer.NewClient(dc.Host, dc.Insecure, dc.Utls, alpnList))
|
|
return nil
|
|
}
|
|
|
|
//use lc.Host, lc.TLSCert, lc.TLSKey, lc.Insecure, lc.Alpn.
|
|
func prepareTLS_forServer(com ProxyCommon, lc *ListenConf) error {
|
|
// 这里直接不检查 字符串就直接传给 tlsLayer.NewServer
|
|
// 所以要求 cert和 key 不在程序本身目录 的话,就要给出完整路径
|
|
|
|
serc := com.getCommon()
|
|
if serc == nil {
|
|
return nil
|
|
}
|
|
|
|
alpnList := lc.Alpn
|
|
switch com.AdvancedLayer() {
|
|
case "quic":
|
|
|
|
serc.setNetwork("udp")
|
|
return nil
|
|
|
|
case "grpc":
|
|
has_h2 := false
|
|
for _, a := range alpnList {
|
|
if a == httpLayer.H2_Str {
|
|
has_h2 = true
|
|
break
|
|
}
|
|
}
|
|
if !has_h2 {
|
|
alpnList = append([]string{httpLayer.H2_Str}, alpnList...)
|
|
}
|
|
}
|
|
|
|
tlsserver, err := tlsLayer.NewServer(lc.Host, lc.TLSCert, lc.TLSKey, lc.Insecure, alpnList)
|
|
if err == nil {
|
|
serc.setTLS_Server(tlsserver)
|
|
} else {
|
|
return err
|
|
}
|
|
return nil
|
|
}
|
|
|
|
//给 ProxyCommon 的tls做一些配置上的准备,从url读取配置
|
|
func prepareTLS_forProxyCommon_withURL(u *url.URL, isclient bool, com ProxyCommon) error {
|
|
insecureStr := u.Query().Get("insecure")
|
|
insecure := false
|
|
if insecureStr != "" && insecureStr != "false" && insecureStr != "0" {
|
|
insecure = true
|
|
}
|
|
|
|
if isclient {
|
|
utlsStr := u.Query().Get("utls")
|
|
useUtls := utlsStr != "" && utlsStr != "false" && utlsStr != "0"
|
|
com.getCommon().setTLS_Client(tlsLayer.NewClient(u.Host, insecure, useUtls, nil))
|
|
|
|
} else {
|
|
certFile := u.Query().Get("cert")
|
|
keyFile := u.Query().Get("key")
|
|
|
|
hostAndPort := u.Host
|
|
sni, _, _ := net.SplitHostPort(hostAndPort)
|
|
|
|
tlsserver, err := tlsLayer.NewServer(sni, certFile, keyFile, insecure, nil)
|
|
if err == nil {
|
|
com.getCommon().setTLS_Server(tlsserver)
|
|
} else {
|
|
return err
|
|
}
|
|
}
|
|
return nil
|
|
}
|