mihomo/adapter/outbound/vless.go

474 lines
12 KiB
Go
Raw Normal View History

2021-11-17 15:00:32 +08:00
package outbound
import (
"context"
"crypto/tls"
2021-12-20 12:59:06 +08:00
"encoding/binary"
2021-11-17 15:00:32 +08:00
"errors"
"fmt"
2022-03-29 23:50:41 +08:00
"io"
2021-11-17 15:00:32 +08:00
"net"
"net/http"
"strconv"
2021-12-20 12:59:06 +08:00
"sync"
2021-11-17 15:00:32 +08:00
2022-11-11 09:19:28 +08:00
"github.com/Dreamacro/clash/common/convert"
2021-11-17 15:00:32 +08:00
"github.com/Dreamacro/clash/component/dialer"
"github.com/Dreamacro/clash/component/resolver"
2022-11-11 09:19:28 +08:00
tlsC "github.com/Dreamacro/clash/component/tls"
2021-11-17 15:00:32 +08:00
C "github.com/Dreamacro/clash/constant"
"github.com/Dreamacro/clash/transport/gun"
2022-11-11 09:19:28 +08:00
"github.com/Dreamacro/clash/transport/socks5"
2021-11-17 15:00:32 +08:00
"github.com/Dreamacro/clash/transport/vless"
"github.com/Dreamacro/clash/transport/vmess"
)
2021-12-20 12:59:06 +08:00
const (
// max packet length
2022-03-29 23:50:41 +08:00
maxLength = 1024 << 3
2021-12-20 12:59:06 +08:00
)
2021-11-17 15:00:32 +08:00
type Vless struct {
*Base
client *vless.Client
option *VlessOption
// for gun mux
gunTLSConfig *tls.Config
gunConfig *gun.Config
transport *gun.TransportWrap
2021-11-17 15:00:32 +08:00
}
type VlessOption struct {
BasicOption
2021-07-01 22:49:29 +08:00
Name string `proxy:"name"`
Server string `proxy:"server"`
Port int `proxy:"port"`
UUID string `proxy:"uuid"`
2021-07-06 23:55:34 +08:00
Flow string `proxy:"flow,omitempty"`
2021-07-09 02:19:43 +08:00
FlowShow bool `proxy:"flow-show,omitempty"`
TLS bool `proxy:"tls,omitempty"`
2021-07-01 22:49:29 +08:00
UDP bool `proxy:"udp,omitempty"`
Network string `proxy:"network,omitempty"`
HTTPOpts HTTPOptions `proxy:"http-opts,omitempty"`
HTTP2Opts HTTP2Options `proxy:"h2-opts,omitempty"`
GrpcOpts GrpcOptions `proxy:"grpc-opts,omitempty"`
2021-09-01 00:38:43 +08:00
WSOpts WSOptions `proxy:"ws-opts,omitempty"`
2021-07-01 22:49:29 +08:00
WSPath string `proxy:"ws-path,omitempty"`
WSHeaders map[string]string `proxy:"ws-headers,omitempty"`
SkipCertVerify bool `proxy:"skip-cert-verify,omitempty"`
2022-07-11 13:42:28 +08:00
Fingerprint string `proxy:"fingerprint,omitempty"`
2021-07-01 22:49:29 +08:00
ServerName string `proxy:"servername,omitempty"`
2021-11-17 15:00:32 +08:00
}
func (v *Vless) StreamConn(c net.Conn, metadata *C.Metadata) (net.Conn, error) {
var err error
switch v.option.Network {
case "ws":
host, port, _ := net.SplitHostPort(v.addr)
wsOpts := &vmess.WebsocketConfig{
Host: host,
Port: port,
Path: v.option.WSOpts.Path,
MaxEarlyData: v.option.WSOpts.MaxEarlyData,
EarlyDataHeaderName: v.option.WSOpts.EarlyDataHeaderName,
Headers: http.Header{},
2021-11-17 15:00:32 +08:00
}
if len(v.option.WSOpts.Headers) != 0 {
for key, value := range v.option.WSOpts.Headers {
wsOpts.Headers.Add(key, value)
2021-11-17 15:00:32 +08:00
}
}
if v.option.TLS {
wsOpts.TLS = true
2022-07-11 13:42:28 +08:00
tlsConfig := &tls.Config{
MinVersion: tls.VersionTLS12,
ServerName: host,
InsecureSkipVerify: v.option.SkipCertVerify,
NextProtos: []string{"http/1.1"},
2022-07-11 13:42:28 +08:00
}
if len(v.option.Fingerprint) == 0 {
wsOpts.TLSConfig = tlsC.GetGlobalFingerprintTLCConfig(tlsConfig)
} else {
wsOpts.TLSConfig, err = tlsC.GetSpecifiedFingerprintTLSConfig(tlsConfig, v.option.Fingerprint)
}
if v.option.ServerName != "" {
wsOpts.TLSConfig.ServerName = v.option.ServerName
} else if host := wsOpts.Headers.Get("Host"); host != "" {
wsOpts.TLSConfig.ServerName = host
}
2022-06-08 01:47:50 +08:00
} else {
if host := wsOpts.Headers.Get("Host"); host == "" {
wsOpts.Headers.Set("Host", convert.RandHost())
convert.SetUserAgent(wsOpts.Headers)
}
2021-11-17 15:00:32 +08:00
}
c, err = vmess.StreamWebsocketConn(c, wsOpts)
case "http":
// readability first, so just copy default TLS logic
c, err = v.streamTLSOrXTLSConn(c, false)
if err != nil {
return nil, err
}
host, _, _ := net.SplitHostPort(v.addr)
httpOpts := &vmess.HTTPConfig{
Host: host,
Method: v.option.HTTPOpts.Method,
Path: v.option.HTTPOpts.Path,
Headers: v.option.HTTPOpts.Headers,
}
c = vmess.StreamHTTPConn(c, httpOpts)
case "h2":
c, err = v.streamTLSOrXTLSConn(c, true)
if err != nil {
return nil, err
}
h2Opts := &vmess.H2Config{
Hosts: v.option.HTTP2Opts.Host,
Path: v.option.HTTP2Opts.Path,
}
c, err = vmess.StreamH2Conn(c, h2Opts)
case "grpc":
if v.isXTLSEnabled() {
c, err = gun.StreamGunWithXTLSConn(c, v.gunTLSConfig, v.gunConfig)
} else {
c, err = gun.StreamGunWithConn(c, v.gunTLSConfig, v.gunConfig)
}
default:
2022-03-29 07:18:09 +08:00
// default tcp network
2021-11-17 15:00:32 +08:00
// handle TLS And XTLS
c, err = v.streamTLSOrXTLSConn(c, false)
2021-11-17 15:00:32 +08:00
}
if err != nil {
return nil, err
}
return v.client.StreamConn(c, parseVlessAddr(metadata))
}
func (v *Vless) streamTLSOrXTLSConn(conn net.Conn, isH2 bool) (net.Conn, error) {
host, _, _ := net.SplitHostPort(v.addr)
if v.isXTLSEnabled() {
xtlsOpts := vless.XTLSConfig{
Host: host,
SkipCertVerify: v.option.SkipCertVerify,
2022-07-11 13:42:28 +08:00
FingerPrint: v.option.Fingerprint,
2021-11-17 15:00:32 +08:00
}
if isH2 {
xtlsOpts.NextProtos = []string{"h2"}
}
if v.option.ServerName != "" {
xtlsOpts.Host = v.option.ServerName
}
return vless.StreamXTLSConn(conn, &xtlsOpts)
} else if v.option.TLS {
2021-11-17 15:00:32 +08:00
tlsOpts := vmess.TLSConfig{
Host: host,
SkipCertVerify: v.option.SkipCertVerify,
2022-07-11 13:42:28 +08:00
FingerPrint: v.option.Fingerprint,
2021-11-17 15:00:32 +08:00
}
if isH2 {
tlsOpts.NextProtos = []string{"h2"}
}
if v.option.ServerName != "" {
tlsOpts.Host = v.option.ServerName
}
return vmess.StreamTLSConn(conn, &tlsOpts)
}
return conn, nil
2021-11-17 15:00:32 +08:00
}
func (v *Vless) isXTLSEnabled() bool {
return v.client.Addons != nil
}
// DialContext implements C.ProxyAdapter
func (v *Vless) DialContext(ctx context.Context, metadata *C.Metadata, opts ...dialer.Option) (_ C.Conn, err error) {
// gun transport
if v.transport != nil && len(opts) == 0 {
c, err := gun.StreamGunWithTransport(v.transport, v.gunConfig)
if err != nil {
return nil, err
}
defer safeConnClose(c, err)
c, err = v.client.StreamConn(c, parseVlessAddr(metadata))
if err != nil {
return nil, err
}
return NewConn(c, v), nil
}
c, err := dialer.DialContext(ctx, "tcp", v.addr, v.Base.DialOptions(opts...)...)
if err != nil {
return nil, fmt.Errorf("%s connect error: %s", v.addr, err.Error())
}
tcpKeepAlive(c)
defer safeConnClose(c, err)
c, err = v.StreamConn(c, metadata)
return NewConn(c, v), err
}
// ListenPacketContext implements C.ProxyAdapter
func (v *Vless) ListenPacketContext(ctx context.Context, metadata *C.Metadata, opts ...dialer.Option) (_ C.PacketConn, err error) {
2022-03-29 07:18:09 +08:00
// vless use stream-oriented udp with a special address, so we needs a net.UDPAddr
2021-11-17 15:00:32 +08:00
if !metadata.Resolved() {
ip, err := resolver.ResolveIP(ctx, metadata.Host)
2021-11-17 15:00:32 +08:00
if err != nil {
return nil, errors.New("can't resolve ip")
}
metadata.DstIP = ip
}
var c net.Conn
// gun transport
if v.transport != nil && len(opts) == 0 {
c, err = gun.StreamGunWithTransport(v.transport, v.gunConfig)
if err != nil {
return nil, err
}
defer safeConnClose(c, err)
c, err = v.client.StreamConn(c, parseVlessAddr(metadata))
} else {
c, err = dialer.DialContext(ctx, "tcp", v.addr, v.Base.DialOptions(opts...)...)
if err != nil {
return nil, fmt.Errorf("%s connect error: %s", v.addr, err.Error())
}
tcpKeepAlive(c)
defer safeConnClose(c, err)
c, err = v.StreamConn(c, metadata)
}
if err != nil {
return nil, fmt.Errorf("new vless client error: %v", err)
}
return v.ListenPacketOnStreamConn(c, metadata)
}
// ListenPacketOnStreamConn implements C.ProxyAdapter
func (v *Vless) ListenPacketOnStreamConn(c net.Conn, metadata *C.Metadata) (_ C.PacketConn, err error) {
2021-11-17 15:00:32 +08:00
return newPacketConn(&vlessPacketConn{Conn: c, rAddr: metadata.UDPAddr()}, v), nil
}
// SupportUOT implements C.ProxyAdapter
func (v *Vless) SupportUOT() bool {
return true
}
2021-11-17 15:00:32 +08:00
func parseVlessAddr(metadata *C.Metadata) *vless.DstAddr {
var addrType byte
var addr []byte
2022-11-11 09:19:28 +08:00
switch metadata.AddrType() {
case socks5.AtypIPv4:
2022-04-21 18:56:33 +08:00
addrType = vless.AtypIPv4
2021-11-17 15:00:32 +08:00
addr = make([]byte, net.IPv4len)
2022-04-20 01:52:51 +08:00
copy(addr[:], metadata.DstIP.AsSlice())
2022-11-11 09:19:28 +08:00
case socks5.AtypIPv6:
2022-04-21 18:56:33 +08:00
addrType = vless.AtypIPv6
2021-11-17 15:00:32 +08:00
addr = make([]byte, net.IPv6len)
2022-04-20 01:52:51 +08:00
copy(addr[:], metadata.DstIP.AsSlice())
2022-11-11 09:19:28 +08:00
case socks5.AtypDomainName:
2022-04-21 18:56:33 +08:00
addrType = vless.AtypDomainName
2021-11-17 15:00:32 +08:00
addr = make([]byte, len(metadata.Host)+1)
addr[0] = byte(len(metadata.Host))
2022-04-21 18:56:33 +08:00
copy(addr[1:], metadata.Host)
2021-11-17 15:00:32 +08:00
}
2022-03-29 07:18:09 +08:00
port, _ := strconv.ParseUint(metadata.DstPort, 10, 16)
2021-11-17 15:00:32 +08:00
return &vless.DstAddr{
UDP: metadata.NetWork == C.UDP,
AddrType: addrType,
Addr: addr,
Port: uint(port),
}
}
type vlessPacketConn struct {
net.Conn
rAddr net.Addr
2021-12-20 12:59:06 +08:00
remain int
mux sync.Mutex
cache [2]byte
2021-11-17 15:00:32 +08:00
}
func (c *vlessPacketConn) writePacket(payload []byte) (int, error) {
binary.BigEndian.PutUint16(c.cache[:], uint16(len(payload)))
if _, err := c.Conn.Write(c.cache[:]); err != nil {
return 0, err
2021-12-20 12:59:06 +08:00
}
return c.Conn.Write(payload)
2021-12-20 12:59:06 +08:00
}
func (c *vlessPacketConn) WriteTo(b []byte, addr net.Addr) (int, error) {
2022-03-29 23:50:41 +08:00
total := len(b)
if total == 0 {
return 0, nil
}
if total <= maxLength {
return c.writePacket(b)
2021-12-20 12:59:06 +08:00
}
offset := 0
2021-12-20 12:59:06 +08:00
for offset < total {
cursor := offset + maxLength
if cursor > total {
cursor = total
}
n, err := c.writePacket(b[offset:cursor])
2021-12-20 12:59:06 +08:00
if err != nil {
return offset + n, err
}
offset = cursor
2022-03-29 23:50:41 +08:00
if offset == total {
break
}
2021-12-20 12:59:06 +08:00
}
return total, nil
2021-11-17 15:00:32 +08:00
}
2021-12-20 12:59:06 +08:00
func (c *vlessPacketConn) ReadFrom(b []byte) (int, net.Addr, error) {
c.mux.Lock()
defer c.mux.Unlock()
if c.remain > 0 {
2022-03-29 23:50:41 +08:00
length := len(b)
2021-12-20 12:59:06 +08:00
if c.remain < length {
length = c.remain
}
n, err := c.Conn.Read(b[:length])
if err != nil {
return 0, c.rAddr, err
2021-12-20 12:59:06 +08:00
}
c.remain -= n
return n, c.rAddr, nil
}
if _, err := c.Conn.Read(b[:2]); err != nil {
return 0, c.rAddr, err
2021-12-20 12:59:06 +08:00
}
2022-03-29 23:50:41 +08:00
total := int(binary.BigEndian.Uint16(b[:2]))
if total == 0 {
return 0, c.rAddr, nil
2021-12-20 12:59:06 +08:00
}
2021-11-17 15:00:32 +08:00
2022-03-29 23:50:41 +08:00
length := len(b)
if length > total {
length = total
2021-11-17 19:09:01 +08:00
}
2021-11-17 15:00:32 +08:00
if _, err := io.ReadFull(c.Conn, b[:length]); err != nil {
return 0, c.rAddr, errors.New("read packet error")
2022-03-29 23:50:41 +08:00
}
c.remain = total - length
2022-02-23 01:00:27 +08:00
return length, c.rAddr, nil
2022-03-29 23:50:41 +08:00
}
func NewVless(option VlessOption) (*Vless, error) {
2021-11-17 15:00:32 +08:00
var addons *vless.Addons
if option.Network != "ws" && len(option.Flow) >= 16 {
option.Flow = option.Flow[:16]
switch option.Flow {
case vless.XRO, vless.XRD, vless.XRS:
addons = &vless.Addons{
Flow: option.Flow,
}
default:
2022-03-29 23:50:41 +08:00
return nil, fmt.Errorf("unsupported xtls flow type: %s", option.Flow)
2021-11-17 15:00:32 +08:00
}
}
client, err := vless.NewClient(option.UUID, addons, option.FlowShow)
2021-11-17 15:00:32 +08:00
if err != nil {
return nil, err
}
v := &Vless{
Base: &Base{
2022-08-28 13:41:19 +08:00
name: option.Name,
addr: net.JoinHostPort(option.Server, strconv.Itoa(option.Port)),
tp: C.Vless,
udp: option.UDP,
iface: option.Interface,
prefer: C.NewDNSPrefer(option.IPVersion),
2021-11-17 15:00:32 +08:00
},
client: client,
option: &option,
}
switch option.Network {
case "h2":
if len(option.HTTP2Opts.Host) == 0 {
option.HTTP2Opts.Host = append(option.HTTP2Opts.Host, "www.example.com")
}
case "grpc":
dialFn := func(network, addr string) (net.Conn, error) {
c, err := dialer.DialContext(context.Background(), "tcp", v.addr, v.Base.DialOptions()...)
if err != nil {
return nil, fmt.Errorf("%s connect error: %s", v.addr, err.Error())
}
tcpKeepAlive(c)
return c, nil
}
gunConfig := &gun.Config{
ServiceName: v.option.GrpcOpts.GrpcServiceName,
Host: v.option.ServerName,
}
2022-07-11 13:42:28 +08:00
tlsConfig := tlsC.GetGlobalFingerprintTLCConfig(&tls.Config{
2021-11-17 15:00:32 +08:00
InsecureSkipVerify: v.option.SkipCertVerify,
ServerName: v.option.ServerName,
2022-07-10 20:44:24 +08:00
})
2021-11-17 15:00:32 +08:00
if v.option.ServerName == "" {
host, _, _ := net.SplitHostPort(v.addr)
tlsConfig.ServerName = host
gunConfig.Host = host
}
v.gunTLSConfig = tlsConfig
v.gunConfig = gunConfig
if v.isXTLSEnabled() {
v.transport = gun.NewHTTP2XTLSClient(dialFn, tlsConfig)
} else {
v.transport = gun.NewHTTP2Client(dialFn, tlsConfig)
}
}
return v, nil
}