luci: add sing-box ECH options
This commit is contained in:
parent
56c8c25111
commit
35b3423c74
@ -378,6 +378,27 @@ o:depends({ [option_name("protocol")] = "hysteria"})
|
|||||||
o:depends({ [option_name("protocol")] = "tuic" })
|
o:depends({ [option_name("protocol")] = "tuic" })
|
||||||
o:depends({ [option_name("protocol")] = "hysteria2" })
|
o:depends({ [option_name("protocol")] = "hysteria2" })
|
||||||
|
|
||||||
|
if singbox_tags:find("with_ech") then
|
||||||
|
o = s:option(Flag, option_name("ech"), translate("ECH"))
|
||||||
|
o.default = "0"
|
||||||
|
o:depends({ [option_name("tls")] = true, [option_name("flow")] = "", [option_name("reality")] = false })
|
||||||
|
o:depends({ [option_name("protocol")] = "tuic" })
|
||||||
|
o:depends({ [option_name("protocol")] = "hysteria" })
|
||||||
|
o:depends({ [option_name("protocol")] = "hysteria2" })
|
||||||
|
|
||||||
|
o = s:option(Value, option_name("ech_config"), translate("ECH Config"))
|
||||||
|
o.default = ""
|
||||||
|
o:depends({ [option_name("ech")] = true })
|
||||||
|
|
||||||
|
o = s:option(Flag, option_name("pq_signature_schemes_enabled"), translate("PQ signature schemes"))
|
||||||
|
o.default = "0"
|
||||||
|
o:depends({ [option_name("ech")] = true })
|
||||||
|
|
||||||
|
o = s:option(Flag, option_name("dynamic_record_sizing_disabled"), translate("Disable adaptive sizing of TLS records"))
|
||||||
|
o.default = "0"
|
||||||
|
o:depends({ [option_name("ech")] = true })
|
||||||
|
end
|
||||||
|
|
||||||
if singbox_tags:find("with_utls") then
|
if singbox_tags:find("with_utls") then
|
||||||
o = s:option(Flag, option_name("utls"), translate("uTLS"))
|
o = s:option(Flag, option_name("utls"), translate("uTLS"))
|
||||||
o.default = "0"
|
o.default = "0"
|
||||||
@ -533,11 +554,8 @@ o:depends({ [option_name("mux")] = true })
|
|||||||
|
|
||||||
o = s:option(Flag, option_name("shadowtls"), "ShadowTLS")
|
o = s:option(Flag, option_name("shadowtls"), "ShadowTLS")
|
||||||
o.default = 0
|
o.default = 0
|
||||||
o:depends({ [option_name("protocol")] = "vmess" })
|
o:depends({ [option_name("protocol")] = "vmess", [option_name("tls")] = false })
|
||||||
o:depends({ [option_name("protocol")] = "vless" })
|
o:depends({ [option_name("protocol")] = "shadowsocks", [option_name("tls")] = false })
|
||||||
o:depends({ [option_name("protocol")] = "socks" })
|
|
||||||
o:depends({ [option_name("protocol")] = "trojan" })
|
|
||||||
o:depends({ [option_name("protocol")] = "shadowsocks" })
|
|
||||||
|
|
||||||
o = s:option(ListValue, option_name("shadowtls_version"), "ShadowTLS " .. translate("Version"))
|
o = s:option(ListValue, option_name("shadowtls_version"), "ShadowTLS " .. translate("Version"))
|
||||||
o.default = "1"
|
o.default = "1"
|
||||||
|
@ -284,6 +284,28 @@ o.validate = function(self, value, t)
|
|||||||
return nil
|
return nil
|
||||||
end
|
end
|
||||||
|
|
||||||
|
if singbox_tags:find("with_ech") then
|
||||||
|
o = s:option(Flag, option_name("ech"), translate("ECH"))
|
||||||
|
o.default = "0"
|
||||||
|
o:depends({ [option_name("tls")] = true, [option_name("flow")] = "", [option_name("reality")] = false })
|
||||||
|
o:depends({ [option_name("protocol")] = "naive" })
|
||||||
|
o:depends({ [option_name("protocol")] = "hysteria" })
|
||||||
|
o:depends({ [option_name("protocol")] = "tuic" })
|
||||||
|
o:depends({ [option_name("protocol")] = "hysteria2" })
|
||||||
|
|
||||||
|
o = s:option(Value, option_name("ech_key"), translate("ECH Key"))
|
||||||
|
o.default = ""
|
||||||
|
o:depends({ [option_name("ech")] = true })
|
||||||
|
|
||||||
|
o = s:option(Flag, option_name("pq_signature_schemes_enabled"), translate("PQ signature schemes"))
|
||||||
|
o.default = "0"
|
||||||
|
o:depends({ [option_name("ech")] = true })
|
||||||
|
|
||||||
|
o = s:option(Flag, option_name("dynamic_record_sizing_disabled"), translate("Disable adaptive sizing of TLS records"))
|
||||||
|
o.default = "0"
|
||||||
|
o:depends({ [option_name("ech")] = true })
|
||||||
|
end
|
||||||
|
|
||||||
o = s:option(ListValue, option_name("transport"), translate("Transport"))
|
o = s:option(ListValue, option_name("transport"), translate("Transport"))
|
||||||
o:value("tcp", "TCP")
|
o:value("tcp", "TCP")
|
||||||
o:value("http", "HTTP")
|
o:value("http", "HTTP")
|
||||||
|
@ -93,6 +93,12 @@ function gen_outbound(flag, node, tag, proxy_table)
|
|||||||
alpn = alpn, --支持的应用层协议协商列表,按优先顺序排列。如果两个对等点都支持 ALPN,则选择的协议将是此列表中的一个,如果没有相互支持的协议则连接将失败。
|
alpn = alpn, --支持的应用层协议协商列表,按优先顺序排列。如果两个对等点都支持 ALPN,则选择的协议将是此列表中的一个,如果没有相互支持的协议则连接将失败。
|
||||||
--min_version = "1.2",
|
--min_version = "1.2",
|
||||||
--max_version = "1.3",
|
--max_version = "1.3",
|
||||||
|
ech = {
|
||||||
|
enabled = (node.ech == "1") and true or false,
|
||||||
|
config = (node.ech_config and node.ech_config:gsub("\\n","\n")) and node.ech_config:gsub("\\n","\n") or nil,
|
||||||
|
pq_signature_schemes_enabled = node.pq_signature_schemes_enabled and true or false,
|
||||||
|
dynamic_record_sizing_disabled = node.dynamic_record_sizing_disabled and true or false
|
||||||
|
},
|
||||||
utls = {
|
utls = {
|
||||||
enabled = (node.utls == "1" or node.reality == "1") and true or false,
|
enabled = (node.utls == "1" or node.reality == "1") and true or false,
|
||||||
fingerprint = node.fingerprint or "chrome"
|
fingerprint = node.fingerprint or "chrome"
|
||||||
@ -282,7 +288,13 @@ function gen_outbound(flag, node, tag, proxy_table)
|
|||||||
insecure = (node.tls_allowInsecure == "1") and true or false,
|
insecure = (node.tls_allowInsecure == "1") and true or false,
|
||||||
alpn = (node.hysteria_alpn and node.hysteria_alpn ~= "") and {
|
alpn = (node.hysteria_alpn and node.hysteria_alpn ~= "") and {
|
||||||
node.hysteria_alpn
|
node.hysteria_alpn
|
||||||
} or nil
|
} or nil,
|
||||||
|
ech = {
|
||||||
|
enabled = (node.ech == "1") and true or false,
|
||||||
|
config = (node.ech_config and node.ech_config:gsub("\\n","\n")) and node.ech_config:gsub("\\n","\n") or nil,
|
||||||
|
pq_signature_schemes_enabled = node.pq_signature_schemes_enabled and true or false,
|
||||||
|
dynamic_record_sizing_disabled = node.dynamic_record_sizing_disabled and true or false
|
||||||
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
end
|
end
|
||||||
@ -311,7 +323,13 @@ function gen_outbound(flag, node, tag, proxy_table)
|
|||||||
alpn = (node.tuic_alpn and node.tuic_alpn ~= "") and {
|
alpn = (node.tuic_alpn and node.tuic_alpn ~= "") and {
|
||||||
node.tuic_alpn
|
node.tuic_alpn
|
||||||
} or nil,
|
} or nil,
|
||||||
},
|
ech = {
|
||||||
|
enabled = (node.ech == "1") and true or false,
|
||||||
|
config = (node.ech_config and node.ech_config:gsub("\\n","\n")) and node.ech_config:gsub("\\n","\n") or nil,
|
||||||
|
pq_signature_schemes_enabled = node.pq_signature_schemes_enabled and true or false,
|
||||||
|
dynamic_record_sizing_disabled = node.dynamic_record_sizing_disabled and true or false
|
||||||
|
}
|
||||||
|
}
|
||||||
}
|
}
|
||||||
end
|
end
|
||||||
|
|
||||||
@ -328,7 +346,13 @@ function gen_outbound(flag, node, tag, proxy_table)
|
|||||||
enabled = true,
|
enabled = true,
|
||||||
server_name = node.tls_serverName,
|
server_name = node.tls_serverName,
|
||||||
insecure = (node.tls_allowInsecure == "1") and true or false,
|
insecure = (node.tls_allowInsecure == "1") and true or false,
|
||||||
},
|
ech = {
|
||||||
|
enabled = (node.ech == "1") and true or false,
|
||||||
|
config = (node.ech_config and node.ech_config:gsub("\\n","\n")) and node.ech_config:gsub("\\n","\n") or nil,
|
||||||
|
pq_signature_schemes_enabled = node.pq_signature_schemes_enabled and true or false,
|
||||||
|
dynamic_record_sizing_disabled = node.dynamic_record_sizing_disabled and true or false
|
||||||
|
}
|
||||||
|
}
|
||||||
}
|
}
|
||||||
end
|
end
|
||||||
|
|
||||||
@ -369,6 +393,15 @@ function gen_config_server(node)
|
|||||||
}
|
}
|
||||||
end
|
end
|
||||||
|
|
||||||
|
if node.tls == "1" and node.ech == "1" then
|
||||||
|
tls.ech = {
|
||||||
|
enabled = true,
|
||||||
|
key = (node.ech_key and node.ech_key:gsub("\\n","\n")) and node.ech_key:gsub("\\n","\n") or nil,
|
||||||
|
pq_signature_schemes_enabled = (node.pq_signature_schemes_enabled == "1") and true or false,
|
||||||
|
dynamic_record_sizing_disabled = (node.dynamic_record_sizing_disabled == "1") and true or false,
|
||||||
|
}
|
||||||
|
end
|
||||||
|
|
||||||
local v2ray_transport = nil
|
local v2ray_transport = nil
|
||||||
|
|
||||||
if node.transport == "http" then
|
if node.transport == "http" then
|
||||||
|
@ -1512,3 +1512,15 @@ msgstr "协议参数。 如果启用会随机浪费流量。"
|
|||||||
|
|
||||||
msgid "Protocol parameter. Enable length block encryption."
|
msgid "Protocol parameter. Enable length block encryption."
|
||||||
msgstr "协议参数。启用长度块加密。"
|
msgstr "协议参数。启用长度块加密。"
|
||||||
|
|
||||||
|
msgid "ECH Config"
|
||||||
|
msgstr "ECH 密钥"
|
||||||
|
|
||||||
|
msgid "ECH Key"
|
||||||
|
msgstr "ECH 配置"
|
||||||
|
|
||||||
|
msgid "PQ signature schemes"
|
||||||
|
msgstr "后量子对等证书签名方案"
|
||||||
|
|
||||||
|
msgid "Disable adaptive sizing of TLS records"
|
||||||
|
msgstr "禁用 TLS 记录的自适应大小调整"
|
||||||
|
Loading…
Reference in New Issue
Block a user