From 28d52193ac568da332df76fb195f67282ec49181 Mon Sep 17 00:00:00 2001 From: xiaorouji <60100640+xiaorouji@users.noreply.github.com> Date: Sat, 4 Feb 2023 15:43:57 +0800 Subject: [PATCH] luci: remove Xray old XTLS version The old version of XTLS, which is deprecated now and will be removed soon. Please use flow "xtls-rprx-vision" with "tls & tlsSettings" instead. --- .../model/cbi/passwall/api/gen_v2ray.lua | 16 ++----------- .../model/cbi/passwall/client/node_config.lua | 24 ++++--------------- .../model/cbi/passwall/server/api/v2ray.lua | 19 +-------------- .../luasrc/model/cbi/passwall/server/user.lua | 13 +--------- .../passwall/node_list/link_share_man.htm | 24 ------------------- .../root/usr/share/passwall/subscribe.lua | 9 ++----- 6 files changed, 10 insertions(+), 95 deletions(-) diff --git a/luci-app-passwall/luasrc/model/cbi/passwall/api/gen_v2ray.lua b/luci-app-passwall/luasrc/model/cbi/passwall/api/gen_v2ray.lua index b54b55b11..921a90dff 100644 --- a/luci-app-passwall/luasrc/model/cbi/passwall/api/gen_v2ray.lua +++ b/luci-app-passwall/luasrc/model/cbi/passwall/api/gen_v2ray.lua @@ -131,9 +131,6 @@ function gen_outbound(node, tag, proxy_table) else if node.tls and node.tls == "1" then node.stream_security = "tls" - if node.type == "Xray" and node.xtls and node.xtls == "1" then - node.stream_security = "xtls" - end end end @@ -144,7 +141,7 @@ function gen_outbound(node, tag, proxy_table) tag = tag, proxySettings = node.proxySettings or nil, protocol = node.protocol, - mux = (node.stream_security ~= "xtls") and { + mux = { enabled = (node.mux == "1") and true or false, concurrency = (node.mux_concurrency) and tonumber(node.mux_concurrency) or 8 } or nil, @@ -156,11 +153,6 @@ function gen_outbound(node, tag, proxy_table) }, network = node.transport, security = node.stream_security, - xtlsSettings = (node.stream_security == "xtls") and { - serverName = node.tls_serverName, - allowInsecure = (node.tls_allowInsecure == "1") and true or false, - fingerprint = (node.type == "Xray" and node.fingerprint and node.fingerprint ~= "disable") and node.fingerprint or nil - } or nil, tlsSettings = (node.stream_security == "tls") and { serverName = node.tls_serverName, allowInsecure = (node.tls_allowInsecure == "1") and true or false, @@ -228,7 +220,7 @@ function gen_outbound(node, tag, proxy_table) level = 0, security = (node.protocol == "vmess") and node.security or nil, encryption = node.encryption or "none", - flow = node.flow or (node.tls == '1' and node.xtls ~= '1' and node.tlsflow) and node.tlsflow or nil + flow = (node.protocol == "vless" and node.tls == '1' and node.tlsflow) and node.tlsflow or nil } } } @@ -238,7 +230,6 @@ function gen_outbound(node, tag, proxy_table) address = node.address, port = tonumber(node.port), method = node.method or nil, - flow = node.flow or (node.tls == '1' and node.xtls ~= '1' and node.tlsflow) and node.tlsflow or nil, ivCheck = (node.protocol == "shadowsocks") and node.iv_check == "1" or nil, uot = (node.protocol == "shadowsocks") and node.uot == "1" or nil, password = node.password or "", @@ -273,9 +264,6 @@ function gen_outbound(node, tag, proxy_table) if result.streamSettings.tlsSettings then result.streamSettings.tlsSettings.alpn = alpn end - if result.streamSettings.xtlsSettings then - result.streamSettings.xtlsSettings.alpn = alpn - end end end return result diff --git a/luci-app-passwall/luasrc/model/cbi/passwall/client/node_config.lua b/luci-app-passwall/luasrc/model/cbi/passwall/client/node_config.lua index 7d431fe8e..c48f590ce 100644 --- a/luci-app-passwall/luasrc/model/cbi/passwall/client/node_config.lua +++ b/luci-app-passwall/luasrc/model/cbi/passwall/client/node_config.lua @@ -512,27 +512,12 @@ tls:depends("type", "Trojan") tls:depends("type", "Trojan-Plus") tls:depends("type", "Trojan-Go") -xtls = s:option(Flag, "xtls", translate("XTLS")) -xtls.default = 0 -xtls:depends({ type = "Xray", protocol = "vless", tls = true }) -xtls:depends({ type = "Xray", protocol = "trojan", tls = true }) - tlsflow = s:option(Value, "tlsflow", translate("flow")) tlsflow.default = "" tlsflow:value("", translate("Disable")) tlsflow:value("xtls-rprx-vision") tlsflow:value("xtls-rprx-vision-udp443") -tlsflow:depends({ type = "Xray", protocol = "vless", tls = true , xtls = false }) - -flow = s:option(Value, "flow", translate("flow")) -flow.default = "xtls-rprx-direct" -flow:value("xtls-rprx-origin") -flow:value("xtls-rprx-origin-udp443") -flow:value("xtls-rprx-direct") -flow:value("xtls-rprx-direct-udp443") -flow:value("xtls-rprx-splice") -flow:value("xtls-rprx-splice-udp443") -flow:depends("xtls", true) +tlsflow:depends({ type = "Xray", protocol = "vless", tls = true }) alpn = s:option(ListValue, "alpn", translate("alpn")) alpn.default = "default" @@ -591,8 +576,7 @@ xray_fingerprint:value("qq") xray_fingerprint:value("random") xray_fingerprint:value("randomized") xray_fingerprint.default = "disable" -xray_fingerprint:depends({ type = "Xray", tls = true, xtls = false }) -xray_fingerprint:depends({ type = "Xray", tls = true, xtls = true }) +xray_fingerprint:depends({ type = "Xray", tls = true }) function xray_fingerprint.cfgvalue(self, section) return m:get(section, "fingerprint") end @@ -837,13 +821,13 @@ mux:depends("type", "Trojan-Go") -- [[ Mux ]]-- mux = s:option(Flag, "mux", translate("Mux")) mux:depends({ type = "V2ray", protocol = "vmess" }) -mux:depends({ type = "V2ray", protocol = "vless", xtls = false }) +mux:depends({ type = "V2ray", protocol = "vless" }) mux:depends({ type = "V2ray", protocol = "http" }) mux:depends({ type = "V2ray", protocol = "socks" }) mux:depends({ type = "V2ray", protocol = "shadowsocks" }) mux:depends({ type = "V2ray", protocol = "trojan" }) mux:depends({ type = "Xray", protocol = "vmess" }) -mux:depends({ type = "Xray", protocol = "vless", xtls = false }) +mux:depends({ type = "Xray", protocol = "vless" }) mux:depends({ type = "Xray", protocol = "http" }) mux:depends({ type = "Xray", protocol = "socks" }) mux:depends({ type = "Xray", protocol = "shadowsocks" }) diff --git a/luci-app-passwall/luasrc/model/cbi/passwall/server/api/v2ray.lua b/luci-app-passwall/luasrc/model/cbi/passwall/server/api/v2ray.lua index 5728fca36..95b04ecdd 100644 --- a/luci-app-passwall/luasrc/model/cbi/passwall/server/api/v2ray.lua +++ b/luci-app-passwall/luasrc/model/cbi/passwall/server/api/v2ray.lua @@ -14,7 +14,7 @@ function gen_config(user) for i = 1, #user.uuid do clients[i] = { id = user.uuid[i], - flow = ("1" == user.xtls) and user.flow or ("1" == user.tls and "1" ~= user.xtls and user.tlsflow) and user.tlsflow or nil + flow = ("vless" == user.protocol and "1" == user.tls and user.tlsflow) and user.tlsflow or nil } end settings = { @@ -57,7 +57,6 @@ function gen_config(user) local clients = {} for i = 1, #user.uuid do clients[i] = { - flow = ("1" == user.xtls) and user.flow or ("1" == user.tls and "1" ~= user.xtls and user.tlsflow) and user.tlsflow or nil, password = user.uuid[i], } end @@ -151,15 +150,6 @@ function gen_config(user) streamSettings = { network = user.transport, security = "none", - xtlsSettings = ("1" == user.tls and "1" == user.xtls) and { - disableSystemRoot = false, - certificates = { - { - certificateFile = user.tls_certificateFile, - keyFile = user.tls_keyFile - } - } - } or nil, tlsSettings = ("1" == user.tls) and { disableSystemRoot = false, certificates = { @@ -229,17 +219,10 @@ function gen_config(user) if config.inbounds[1].streamSettings.tlsSettings then config.inbounds[1].streamSettings.tlsSettings.alpn = alpn end - if config.inbounds[1].streamSettings.xtlsSettings then - config.inbounds[1].streamSettings.xtlsSettings.alpn = alpn - end end if "1" == user.tls then config.inbounds[1].streamSettings.security = "tls" - if user.type == "Xray" and user.xtls and user.xtls == "1" then - config.inbounds[1].streamSettings.security = "xtls" - config.inbounds[1].streamSettings.tlsSettings = nil - end end return config diff --git a/luci-app-passwall/luasrc/model/cbi/passwall/server/user.lua b/luci-app-passwall/luasrc/model/cbi/passwall/server/user.lua index 5317798c5..f7d82dbff 100644 --- a/luci-app-passwall/luasrc/model/cbi/passwall/server/user.lua +++ b/luci-app-passwall/luasrc/model/cbi/passwall/server/user.lua @@ -387,23 +387,12 @@ tls:depends("type", "Trojan") tls:depends("type", "Trojan-Plus") tls:depends("type", "Trojan-Go") -xtls = s:option(Flag, "xtls", translate("XTLS")) -xtls.default = 0 -xtls:depends({ type = "Xray", protocol = "vless", tls = true }) -xtls:depends({ type = "Xray", protocol = "trojan", tls = true }) - tlsflow = s:option(Value, "tlsflow", translate("flow")) tlsflow.default = "" tlsflow:value("", translate("Disable")) tlsflow:value("xtls-rprx-vision") tlsflow:value("xtls-rprx-vision-udp443") -tlsflow:depends({ type = "Xray", protocol = "vless", tls = true , xtls = false }) - -flow = s:option(Value, "flow", translate("flow")) -flow.default = "xtls-rprx-direct" -flow:value("xtls-rprx-origin") -flow:value("xtls-rprx-direct") -flow:depends("xtls", true) +tlsflow:depends({ type = "Xray", protocol = "vless", tls = true }) alpn = s:option(ListValue, "alpn", translate("alpn")) alpn.default = "h2,http/1.1" diff --git a/luci-app-passwall/luasrc/view/passwall/node_list/link_share_man.htm b/luci-app-passwall/luasrc/view/passwall/node_list/link_share_man.htm index bbd339abc..d82736c6e 100644 --- a/luci-app-passwall/luasrc/view/passwall/node_list/link_share_man.htm +++ b/luci-app-passwall/luasrc/view/passwall/node_list/link_share_man.htm @@ -297,18 +297,6 @@ local has_xray = api.is_finded("xray") params += opt.query("sni", "tls_serverName"); } - if (opt.get("xtls").checked) { - var v_security = "xtls"; - var v_flow = "xtls-rprx-direct"; - if (opt.get("flow").value) { - v_flow = opt.get("flow").value; - } - params += "&flow=" + v_flow; - params += "&security=" + v_security; - params += opt.query("sni", "tls_serverName"); - } - - params += "#" + encodeURI(v_alias.value); if (params[0] == "&") { params = params.substring(1); @@ -863,7 +851,6 @@ local has_xray = api.is_finded("xray") if (queryParam.security) { if (queryParam.security == "tls") { opt.set('tls', true); - opt.set('xtls',false); opt.set('tlsflow', queryParam.flow || ''); opt.set('tls_serverName', queryParam.sni || ''); opt.set('tls_allowInsecure', true); @@ -871,17 +858,6 @@ local has_xray = api.is_finded("xray") opt.set('tls_allowInsecure', false); } } - - if (queryParam.security == "xtls") { - opt.set('tls', true); - opt.set('xtls',true); - opt.set('flow', queryParam.flow || "xtls-rprx-direct"); - opt.set('tls_serverName', queryParam.sni || ''); - opt.set('tls_allowInsecure', true); - if (queryParam.allowinsecure === '0') { - opt.set('tls_allowInsecure', false); - } - } } queryParam.type = queryParam.type.toLowerCase(); diff --git a/luci-app-passwall/root/usr/share/passwall/subscribe.lua b/luci-app-passwall/root/usr/share/passwall/subscribe.lua index 0b5b87a8e..c387dccf6 100755 --- a/luci-app-passwall/root/usr/share/passwall/subscribe.lua +++ b/luci-app-passwall/root/usr/share/passwall/subscribe.lua @@ -771,14 +771,9 @@ local function processData(szType, content, add_mode, add_from) result.encryption = params.encryption or "none" result.tls = "0" - if params.security == "tls" or params.security == "xtls" then + if params.security == "tls" then result.tls = "1" - if params.security == "xtls" then - result.xtls = "1" - result.flow = params.flow or "xtls-rprx-direct" - else - result.tlsflow = params.flow or nil - end + result.tlsflow = params.flow or nil result.tls_serverName = (params.sni and params.sni ~= "") and params.sni or params.host end