xmengnet/mihomo
1
1
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

feat: add certificate and private-key to vmess listener

Browse source
This commit is contained in:
gVisor bot 2023-10-07 17:08:54 +08:00
parent 3e5600c0db
commit 7fcd4e1199
4 changed files with 32 additions and 10 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
docs/config.yaml
View file

@ -937,6 +937,9 @@ listeners:
uuid: 9d0cb9d0-964f-4ef6-897d-6c6b3ccf9e68 uuid: 9d0cb9d0-964f-4ef6-897d-6c6b3ccf9e68
alterId: 1 alterId: 1
# ws-path: "/" # 如果不为空则开启websocket传输层 # ws-path: "/" # 如果不为空则开启websocket传输层
# 下面两项如果填写则开启tls需要同时填写
# certificate: ./server.crt
# private-key: ./server.key
- name: tuic-in-1 - name: tuic-in-1
type: tuic type: tuic

10
listener/config/vmess.go
View file

@ -11,10 +11,12 @@ type VmessUser struct {
} }
type VmessServer struct { type VmessServer struct {
Enable bool Enable bool
Listen string Listen string
Users []VmessUser Users []VmessUser
WsPath string WsPath string
Certificate string
PrivateKey string
} }
func (t VmessServer) String() string { func (t VmessServer) String() string {

16
listener/inbound/vmess.go
View file

@ -9,8 +9,10 @@ import (
type VmessOption struct { type VmessOption struct {
BaseOption BaseOption
Users []VmessUser `inbound:"users"` Users []VmessUser `inbound:"users"`
WsPath string `inbound:"ws-path,omitempty"` WsPath string `inbound:"ws-path,omitempty"`
Certificate string `inbound:"certificate,omitempty"`
PrivateKey string `inbound:"private-key,omitempty"`
} }
type VmessUser struct { type VmessUser struct {
@ -47,10 +49,12 @@ func NewVmess(options *VmessOption) (*Vmess, error) {
Base: base, Base: base,
config: options, config: options,
vs: LC.VmessServer{ vs: LC.VmessServer{
Enable: true, Enable: true,
Listen: base.RawAddress(), Listen: base.RawAddress(),
Users: users, Users: users,
WsPath: options.WsPath, WsPath: options.WsPath,
Certificate: options.Certificate,
PrivateKey: options.PrivateKey,
}, },
}, nil }, nil
} }

13
listener/sing_vmess/server.go
View file

@ -2,6 +2,7 @@ package sing_vmess
import ( import (
"context" "context"
"crypto/tls"
"net" "net"
"net/http" "net/http"
"net/url" "net/url"
@ -67,8 +68,16 @@ func New(config LC.VmessServer, tunnel C.Tunnel, additions ...inbound.Addition)
sl = &Listener{false, config, nil, service} sl = &Listener{false, config, nil, service}
tlsConfig := &tls.Config{}
var httpMux *http.ServeMux var httpMux *http.ServeMux
if config.Certificate != "" && config.PrivateKey != "" {
cert, err := N.ParseCert(config.Certificate, config.PrivateKey, C.Path)
if err != nil {
return nil, err
}
tlsConfig.Certificates = []tls.Certificate{cert}
}
if config.WsPath != "" { if config.WsPath != "" {
httpMux = http.NewServeMux() httpMux = http.NewServeMux()
httpMux.HandleFunc(config.WsPath, func(w http.ResponseWriter, r *http.Request) { httpMux.HandleFunc(config.WsPath, func(w http.ResponseWriter, r *http.Request) {
@ -79,6 +88,7 @@ func New(config LC.VmessServer, tunnel C.Tunnel, additions ...inbound.Addition)
} }
sl.HandleConn(conn, tunnel) sl.HandleConn(conn, tunnel)
}) })
tlsConfig.NextProtos = append(tlsConfig.NextProtos, "http/1.1")
} }
for _, addr := range strings.Split(config.Listen, ",") { for _, addr := range strings.Split(config.Listen, ",") {
@ -89,6 +99,9 @@ func New(config LC.VmessServer, tunnel C.Tunnel, additions ...inbound.Addition)
if err != nil { if err != nil {
return nil, err return nil, err
} }
if len(tlsConfig.Certificates) > 0 {
l = tls.NewListener(l, tlsConfig)
}
sl.listeners = append(sl.listeners, l) sl.listeners = append(sl.listeners, l)
go func() { go func() {