feat: add certificate and private-key to vmess listener

This commit is contained in:
wwqgtxx 2023-10-07 17:08:54 +08:00
parent 791ecfbb32
commit d8fe7a52d6
4 changed files with 32 additions and 10 deletions

View file

@ -937,6 +937,9 @@ listeners:
uuid: 9d0cb9d0-964f-4ef6-897d-6c6b3ccf9e68
alterId: 1
# ws-path: "/" # 如果不为空则开启websocket传输层
# 下面两项如果填写则开启tls需要同时填写
# certificate: ./server.crt
# private-key: ./server.key
- name: tuic-in-1
type: tuic

View file

@ -11,10 +11,12 @@ type VmessUser struct {
}
type VmessServer struct {
Enable bool
Listen string
Users []VmessUser
WsPath string
Enable bool
Listen string
Users []VmessUser
WsPath string
Certificate string
PrivateKey string
}
func (t VmessServer) String() string {

View file

@ -9,8 +9,10 @@ import (
type VmessOption struct {
BaseOption
Users []VmessUser `inbound:"users"`
WsPath string `inbound:"ws-path,omitempty"`
Users []VmessUser `inbound:"users"`
WsPath string `inbound:"ws-path,omitempty"`
Certificate string `inbound:"certificate,omitempty"`
PrivateKey string `inbound:"private-key,omitempty"`
}
type VmessUser struct {
@ -47,10 +49,12 @@ func NewVmess(options *VmessOption) (*Vmess, error) {
Base: base,
config: options,
vs: LC.VmessServer{
Enable: true,
Listen: base.RawAddress(),
Users: users,
WsPath: options.WsPath,
Enable: true,
Listen: base.RawAddress(),
Users: users,
WsPath: options.WsPath,
Certificate: options.Certificate,
PrivateKey: options.PrivateKey,
},
}, nil
}

View file

@ -2,6 +2,7 @@ package sing_vmess
import (
"context"
"crypto/tls"
"net"
"net/http"
"net/url"
@ -67,8 +68,16 @@ func New(config LC.VmessServer, tunnel C.Tunnel, additions ...inbound.Addition)
sl = &Listener{false, config, nil, service}
tlsConfig := &tls.Config{}
var httpMux *http.ServeMux
if config.Certificate != "" && config.PrivateKey != "" {
cert, err := N.ParseCert(config.Certificate, config.PrivateKey, C.Path)
if err != nil {
return nil, err
}
tlsConfig.Certificates = []tls.Certificate{cert}
}
if config.WsPath != "" {
httpMux = http.NewServeMux()
httpMux.HandleFunc(config.WsPath, func(w http.ResponseWriter, r *http.Request) {
@ -79,6 +88,7 @@ func New(config LC.VmessServer, tunnel C.Tunnel, additions ...inbound.Addition)
}
sl.HandleConn(conn, tunnel)
})
tlsConfig.NextProtos = append(tlsConfig.NextProtos, "http/1.1")
}
for _, addr := range strings.Split(config.Listen, ",") {
@ -89,6 +99,9 @@ func New(config LC.VmessServer, tunnel C.Tunnel, additions ...inbound.Addition)
if err != nil {
return nil, err
}
if len(tlsConfig.Certificates) > 0 {
l = tls.NewListener(l, tlsConfig)
}
sl.listeners = append(sl.listeners, l)
go func() {