zhao/openwrt_helloworld
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

luci-app-ssr-plus: improve v2ray ss support

Browse Source 
1. Added ShadowSocks AEAD-2022 ciphers support
2. Added ShadowSocks SIP003 plugins support
3. Added ShadowSocks SUoT protocol support
4. Reused option `encrypt_method_ss`

Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
This commit is contained in:
Tianling Shen 2022-04-08 02:13:15 +08:00 committed by sbwml
parent a73a32360e
commit d509afb398
7 changed files with 64 additions and 65 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

52
luci-app-ssr-plus/luasrc/model/cbi/shadowsocksr/client-config.lua
View File

@ -6,7 +6,7 @@ require "luci.sys"
require "luci.http"
require "luci.model.ipkg"
local m, s, o, kcp_enable
local m, s, o
local sid = arg[1]
local uuid = luci.sys.exec("cat /proc/sys/kernel/random/uuid")
@ -47,12 +47,16 @@ local encrypt_methods = {
}
local encrypt_methods_ss = {
-- plain
"none",
"plain",
-- aead
"aes-128-gcm",
"aes-192-gcm",
"aes-256-gcm",
"chacha20-ietf-poly1305",
"xchacha20-ietf-poly1305",
-- aead 2022
"2022-blake3-aes-128-gcm",
"2022-blake3-aes-256-gcm",
"2022-blake3-chacha20-poly1305"
@ -77,22 +81,6 @@ local encrypt_methods_ss = {
"chacha20-ietf" ]]
}
local encrypt_methods_v2ray_ss = {
-- xray_ss
"none",
"plain",
-- aead
"aes-128-gcm",
"aes-256-gcm",
"chacha20-poly1305",
"chacha20-ietf-poly1305",
"xchacha20-ietf-poly1305",
"aead_aes_128_gcm",
"aead_aes_256_gcm",
"aead_chacha20_poly1305",
"aead_xchacha20_poly1305"
}
local protocol = {
-- ssr
"origin",
@ -108,7 +96,7 @@ local protocol = {
"auth_chain_f"
}
obfs = {
local obfs = {
-- ssr
"plain",
"http_simple",
@ -127,7 +115,7 @@ local securitys = {
}
local flows = {
-- xlts
-- xtls
"xtls-rprx-origin",
"xtls-rprx-origin-udp443",
"xtls-rprx-direct",
@ -258,13 +246,13 @@ for _, v in ipairs(encrypt_methods_ss) do
end
o.rmempty = true
o:depends("type", "ss")
o:depends({type = "v2ray", v2ray_protocol = "shadowsocks"})
o = s:option(ListValue, "encrypt_method_v2ray_ss", translate("Encrypt Method"))
for _, v in ipairs(encrypt_methods_v2ray_ss) do
o:value(v)
end
o = s:option(Flag, "uot", translate("UDP over TCP"))
o.description = translate("Enable the SUoT protocol, requires server support.")
o.rmempty = true
o:depends({type = "v2ray", v2ray_protocol = "shadowsocks"})
o.default = "0"
o = s:option(Flag, "ivCheck", translate("Bloom Filter"))
o.rmempty = true
@ -277,7 +265,7 @@ o:value("none", translate("None"))
if is_finded("obfs-local") then
o:value("obfs-local", translate("obfs-local"))
end
if is_finded("v2ray-plugin") then
if is_finded("v2ray-plugin") or is_installed("sagernet-core") then
o:value("v2ray-plugin", translate("v2ray-plugin"))
end
if is_finded("xray-plugin") then
@ -285,12 +273,12 @@ if is_finded("xray-plugin") then
end
o.rmempty = true
o:depends("type", "ss")
o:depends({type = "v2ray", v2ray_protocol = "shadowsocks"})
o = s:option(Value, "plugin_opts", translate("Plugin Opts"))
o.rmempty = true
o:depends({type = "ss", plugin = "obfs-local"})
o:depends({type = "ss", plugin = "v2ray-plugin"})
o:depends({type = "ss", plugin = "xray-plugin"})
o:depends("type", "ss")
o:depends({type = "v2ray", v2ray_protocol = "shadowsocks"})
o = s:option(ListValue, "protocol", translate("Protocol"))
for _, v in ipairs(protocol) do
@ -650,11 +638,11 @@ o.default = 1234
o.rmempty = false
if is_finded("kcptun-client") then
kcp_enable = s:option(Flag, "kcp_enable", translate("KcpTun Enable"))
kcp_enable.rmempty = true
kcp_enable.default = "0"
kcp_enable:depends("type", "ssr")
kcp_enable:depends("type", "ss")
o = s:option(Flag, "kcp_enable", translate("KcpTun Enable"))
o.rmempty = true
o.default = "0"
o:depends("type", "ssr")
o:depends("type", "ss")
o = s:option(Value, "kcp_port", translate("KcpTun Port"))
o.datatype = "port"

1
luci-app-ssr-plus/luasrc/model/cbi/shadowsocksr/server-config.lua
View File

@ -39,6 +39,7 @@ local encrypt_methods_ss = {
"aes-256-gcm",
"chacha20-ietf-poly1305",
"xchacha20-ietf-poly1305",
-- aead 2022
"2022-blake3-aes-128-gcm",
"2022-blake3-aes-256-gcm",
"2022-blake3-chacha20-poly1305"

1
luci-app-ssr-plus/luasrc/model/cbi/shadowsocksr/server.lua
View File

@ -35,6 +35,7 @@ local encrypt_methods_ss = {
"aes-256-gcm",
"chacha20-ietf-poly1305",
"xchacha20-ietf-poly1305",
-- aead 2022
"2022-blake3-aes-128-gcm",
"2022-blake3-aes-256-gcm",
"2022-blake3-chacha20-poly1305"

6
luci-app-ssr-plus/po/zh-cn/ssr-plus.po
View File

@ -61,6 +61,12 @@ msgstr "密码"
msgid "Encrypt Method"
msgstr "加密方式"
msgid "Enable the SUoT protocol, requires server support."
msgstr "启用 SUoT 协议,需要服务端支持。"
msgid "Bloom Filter"
msgstr "布隆过滤器"
msgid "VLESS Encryption"
msgstr "VLESS 加密"

15
luci-app-ssr-plus/root/etc/uci-defaults/luci-ssr-plus
View File

@ -1,9 +1,11 @@
#!/bin/sh
uci -q batch <<-EOF >/dev/null
delete ucitrack.@shadowsocksr[-1]
add ucitrack shadowsocksr
set ucitrack.@shadowsocksr[-1].init=shadowsocksr
commit ucitrack
delete firewall.shadowsocksr
set firewall.shadowsocksr=include
set firewall.shadowsocksr.type=script
@ -11,6 +13,7 @@ set firewall.shadowsocksr.path=/var/etc/shadowsocksr.include
set firewall.shadowsocksr.reload=1
commit firewall
EOF
rm -rf /etc/config/shadowsocksr-opkg /etc/ssrplus/*opkg
touch /etc/ssrplus/china_ssr.txt
touch /etc/ssrplus/deny.list
@ -23,15 +26,17 @@ touch /etc/ssrplus/gfw_list.conf
touch /etc/ssrplus/oversea_list.conf
touch /etc/ssrplus/ad.conf
touch /etc/config/shadowsocksr
if [ ! -s "/etc/config/shadowsocksr" ]; then
/etc/init.d/shadowsocksr reset
fi
sed -i "s/option type 'vmess'"/"option type 'v2ray'\n\toption v2ray_protocol 'vmess'/g" /etc/config/shadowsocksr
sed -i "s/option type 'vless'"/"option type 'v2ray'\n\toption v2ray_protocol 'vless'/g" /etc/config/shadowsocksr
[ -s "/etc/config/shadowsocksr" ] || /etc/init.d/shadowsocksr reset
sed -i "s/option type 'vmess'/option type 'v2ray'\n\toption v2ray_protocol 'vmess'/g" /etc/config/shadowsocksr
sed -i "s/option type 'vless'/option type 'v2ray'\n\toption v2ray_protocol 'vless'/g" /etc/config/shadowsocksr
sed -i "s/option encrypt_method_v2ray_ss/option encrypt_method_ss/g" /etc/config/shadowsocksr
if [ -s "/etc/uwsgi/vassals/luci-webui.ini" ];then
limit=$(cat /etc/uwsgi/vassals/luci-webui.ini | grep -Eo "limit-as.*"|grep -Eo "[0-9]+")
[ $limit -lt 5000 ] && sed -i '/limit-as/c\limit-as = 5000' /etc/uwsgi/vassals/luci-webui.ini && \
/etc/init.d/uwsgi restart
fi
rm -rf /tmp/luci-modulecache /tmp/luci-indexcache
exit 0

9
luci-app-ssr-plus/root/usr/share/shadowsocksr/gen_config.lua
View File

@ -32,14 +32,17 @@ function vmess_vless()
end
function trojan_shadowsocks()
outbound_settings = {
plugin = (server.v2ray_protocol == "shadowsocks") and server.plugin ~= "none" and server.plugin or nil,
pluginOpts = (server.v2ray_protocol == "shadowsocks") and server.plugin_opts or nil,
servers = {
{
address = server.server,
port = tonumber(server.server_port),
password = server.password,
method = (server.v2ray_protocol == "shadowsocks") and server.encrypt_method_v2ray_ss or nil,
flow = (server.v2ray_protocol == "trojan") and (server.xtls == '1') and (server.vless_flow and server.vless_flow or "xtls-rprx-splice") or nil,
ivCheck = (server.v2ray_protocol == "shadowsocks") and (server.ivCheck == '1') or nil
method = (server.v2ray_protocol == "shadowsocks") and server.encrypt_method_ss or nil,
uot = (server.v2ray_protocol == "shadowsocks") and server.uot or nil,
ivCheck = (server.v2ray_protocol == "shadowsocks") and (server.ivCheck == '1') or nil,
flow = (server.v2ray_protocol == "trojan") and (server.xtls == '1') and (server.vless_flow and server.vless_flow or "xtls-rprx-splice") or nil
}
}
}

25
luci-app-ssr-plus/root/usr/share/shadowsocksr/subscribe.lua
View File

@ -33,12 +33,16 @@ local log = function(...)
print(os.date("%Y-%m-%d %H:%M:%S ") .. table.concat({...}, " "))
end
local encrypt_methods_ss = {
-- plain
"none",
"plain",
-- aead
"aes-128-gcm",
"aes-192-gcm",
"aes-256-gcm",
"chacha20-ietf-poly1305",
"xchacha20-ietf-poly1305",
-- aead 2022
"2022-blake3-aes-128-gcm",
"2022-blake3-aes-256-gcm",
"2022-blake3-chacha20-poly1305"
@ -243,6 +247,8 @@ local function processData(szType, content)
local password = userinfo:sub(userinfo:find(":") + 1, #userinfo)
result.alias = UrlDecode(alias)
result.type = v2_ss
result.v2ray_protocol = (v2_ss == "v2ray") and "shadowsocks" or nil
result.encrypt_method_ss = method
result.password = password
result.server = host[1]
if host[2]:find("/%?") then
@ -273,33 +279,27 @@ local function processData(szType, content)
if not checkTabValue(encrypt_methods_ss)[method] then
-- 1202 年了还不支持 SS AEAD 的屑机场
result.server = nil
elseif v2_ss == "v2ray" then
result.v2ray_protocol = "shadowsocks"
result.encrypt_method_v2ray_ss = method
else
result.encrypt_method_ss = method
end
elseif szType == "sip008" then
result.type = v2_ss
result.v2ray_protocol = (v2_ss == "v2ray") and "shadowsocks" or nil
result.server = content.server
result.server_port = content.server_port
result.password = content.password
result.encrypt_method_ss = content.method
result.plugin = content.plugin
result.plugin_opts = content.plugin_opts
result.alias = content.remarks
if not checkTabValue(encrypt_methods_ss)[content.method] then
result.server = nil
elseif v2_ss == "v2ray" then
result.v2ray_protocol = "shadowsocks"
result.encrypt_method_v2ray_ss = content.method
else
result.encrypt_method_ss = content.method
end
elseif szType == "ssd" then
result.type = v2_ss
result.v2ray_protocol = (v2_ss == "v2ray") and "shadowsocks" or nil
result.server = content.server
result.server_port = content.port
result.password = content.password
result.encrypt_method_ss = content.method
result.plugin_opts = content.plugin_options
result.alias = "[" .. content.airport .. "] " .. content.remarks
if content.plugin == "simple-obfs" then
@ -309,11 +309,6 @@ local function processData(szType, content)
end
if not checkTabValue(encrypt_methods_ss)[content.encryption] then
result.server = nil
elseif v2_ss == "v2ray" then
result.v2ray_protocol = "shadowsocks"
result.encrypt_method_v2ray_ss = content.method
else
result.encrypt_method_ss = content.method
end
elseif szType == "trojan" then
local idx_sp = 0