From c52f0816474d5aa961765bbb72f5ce4bfb257f8e Mon Sep 17 00:00:00 2001 From: "Ycarus (Yannick Chabanois)" Date: Fri, 13 Oct 2023 21:48:24 +0200 Subject: [PATCH 1/2] Try to get more space on github actions --- .github/workflows/main.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index 3f5f60cfc..dd3bbf058 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -34,6 +34,9 @@ jobs: sudo apt-get autoclean -y >/dev/null 2>&1 || true sudo rm -rf "/usr/local/share/boost" >/dev/null 2>&1 || true sudo rm -rf "$AGENT_TOOLSDIRECTORY" >/dev/null 2>&1 || true + sudo rm -rf /usr/share/dotnet >/dev/null 2>&1 || true + sudo rm -rf /usr/local/lib/android >/dev/null 2>&1 || true + sudo rm -rf /opt/ghc >/dev/null 2>&1 || true sudo docker rmi $(docker images -qf "dangling=true") >/dev/null 2>&1 || true df -h - name: Clone source code From 8369094924ef5e0a4791a0f1620d2e76ed8710f0 Mon Sep 17 00:00:00 2001 From: "Ycarus (Yannick Chabanois)" Date: Tue, 17 Oct 2023 17:35:03 +0200 Subject: [PATCH 2/2] Add XRay VLESS REALITY protocol support --- .../luasrc/controller/openmptcprouter.lua | 11 +++- .../luasrc/view/openmptcprouter/wizard.htm | 1 + .../files/etc/init.d/openmptcprouter-vps | 22 ++++++- xray-core/files/etc/init.d/xray | 64 ++++++++++++++++++- .../files/etc/uci-defaults/3010-omr-xray | 35 +++++++--- 5 files changed, 119 insertions(+), 14 deletions(-) diff --git a/luci-app-openmptcprouter/luasrc/controller/openmptcprouter.lua b/luci-app-openmptcprouter/luasrc/controller/openmptcprouter.lua index 299e3bd95..222036652 100644 --- a/luci-app-openmptcprouter/luasrc/controller/openmptcprouter.lua +++ b/luci-app-openmptcprouter/luasrc/controller/openmptcprouter.lua @@ -716,12 +716,14 @@ function wizard_add() local sectionname = s[".name"] ucic:set("shadowsocks-rust",sectionname,"disabled","1") end) - elseif (default_proxy == "xray" or default_proxy == "xray-vmess" or default_proxy == "xray-trojan" or default_proxy == "xray-shadowsocks" or default_proxy == "xray-socks") and serversnb > 0 and serversnb > disablednb then + elseif (default_proxy == "xray" or default_proxy == "xray-vless-reality" or default_proxy == "xray-vmess" or default_proxy == "xray-trojan" or default_proxy == "xray-shadowsocks" or default_proxy == "xray-socks") and serversnb > 0 and serversnb > disablednb then --ucic:set("shadowsocks-libev","sss0","disabled","1") ucic:set("v2ray","main","enabled","0") ucic:set("xray","main","enabled","1") if default_proxy == "xray" then ucic:set("xray","omrout","protocol","vless") + elseif default_proxy == "xray-vless-reality" then + ucic:set("xray","omrout","protocol","vless-reality") elseif default_proxy == "xray-vmess" then ucic:set("xray","omrout","protocol","vmess") elseif default_proxy == "xray-trojan" then @@ -800,6 +802,7 @@ function wizard_add() ucic:set("v2ray","omrout","s_socks_address",server_ip) ucic:set("xray","omrout","s_vmess_address",server_ip) ucic:set("xray","omrout","s_vless_address",server_ip) + ucic:set("xray","omrout","s_vless_reality_address",server_ip) ucic:set("xray","omrout","s_trojan_address",server_ip) ucic:set("xray","omrout","s_socks_address",server_ip) ucic:set("xray","omrout","s_shadowsocks_address",server_ip) @@ -845,6 +848,7 @@ function wizard_add() ucic:set("v2ray","omrout","s_socks_address",server_ip) ucic:set("xray","omrout","s_vmess_address",server_ip) ucic:set("xray","omrout","s_vless_address",server_ip) + ucic:set("xray","omrout","s_vless_reality_address",server_ip) ucic:set("xray","omrout","s_trojan_address",server_ip) ucic:set("xray","omrout","s_socks_address",server_ip) ucic:set("xray","omrout","s_shadowsocks_address",server_ip) @@ -906,6 +910,7 @@ function wizard_add() ucic:set("v2ray","omrout","s_socks_user_security","none") ucic:set("xray","omrout","s_vmess_user_security","none") ucic:set("xray","omrout","s_vless_user_security","none") + ucic:set("xray","omrout","s_vless_reality_user_security","none") ucic:set("xray","omrout","s_trojan_user_security","none") ucic:set("xray","omrout","s_socks_user_security","none") ucic:set("xray","omrout","s_shadowsocks_method","none") @@ -923,6 +928,7 @@ function wizard_add() ucic:set("v2ray","omrout","s_socks_user_security","aes-128-gcm") ucic:set("xray","omrout","s_vmess_user_security","aes-128-gcm") ucic:set("xray","omrout","s_vless_user_security","aes-128-gcm") + ucic:set("xray","omrout","s_vless_reality_user_security","aes-128-gcm") ucic:set("xray","omrout","s_trojan_user_security","aes-128-gcm") ucic:set("xray","omrout","s_socks_user_security","aes-128-gcm") ucic:set("xray","omrout","s_shadowsocks_method","2022-blake3-aes-256-gcm") @@ -942,6 +948,7 @@ function wizard_add() ucic:set("v2ray","omrout","s_socks_user_security","aes-128-gcm") ucic:set("xray","omrout","s_vmess_user_security","aes-128-gcm") ucic:set("xray","omrout","s_vless_user_security","aes-128-gcm") + ucic:set("xray","omrout","s_vless_reality_user_security","aes-128-gcm") ucic:set("xray","omrout","s_trojan_user_security","aes-128-gcm") ucic:set("xray","omrout","s_socks_user_security","aes-128-gcm") ucic:set("xray","omrout","s_shadowsocks_method","2022-blake3-aes-256-gcm") @@ -961,6 +968,7 @@ function wizard_add() ucic:set("v2ray","omrout","s_socks_user_security","chacha20-poly1305") ucic:set("xray","omrout","s_vmess_user_security","chacha20-poly1305") ucic:set("xray","omrout","s_vless_user_security","chacha20-poly1305") + ucic:set("xray","omrout","s_vless_reality_user_security","chacha20-poly1305") ucic:set("xray","omrout","s_trojan_user_security","chacha20-poly1305") ucic:set("xray","omrout","s_socks_user_security","chacha20-poly1305") ucic:set("xray","omrout","s_shadowsocks_method","2022-blake3-chacha20-poly1305") @@ -1040,6 +1048,7 @@ function wizard_add() ucic:commit("v2ray") ucic:set("xray","omrout","s_vmess_user_id",v2ray_user) ucic:set("xray","omrout","s_vless_user_id",v2ray_user) + ucic:set("xray","omrout","s_vless_reality_user_id",v2ray_user) ucic:set("xray","omrout","s_trojan_user_id",v2ray_user) ucic:set("xray","omrout","s_socks_user_id",v2ray_user) ucic:save("xray") diff --git a/luci-app-openmptcprouter/luasrc/view/openmptcprouter/wizard.htm b/luci-app-openmptcprouter/luasrc/view/openmptcprouter/wizard.htm index 370bfeb2e..47a95a5f2 100644 --- a/luci-app-openmptcprouter/luasrc/view/openmptcprouter/wizard.htm +++ b/luci-app-openmptcprouter/luasrc/view/openmptcprouter/wizard.htm @@ -238,6 +238,7 @@ <% if nixio.fs.access("/etc/init.d/v2ray") then %><% end %> <% if nixio.fs.access("/etc/init.d/v2ray") then %><% end %> <% if nixio.fs.access("/etc/init.d/xray") then %><% end %> + <% if nixio.fs.access("/etc/init.d/xray") then %><% end %> <% if nixio.fs.access("/etc/init.d/xray") then %><% end %> <% if nixio.fs.access("/etc/init.d/xray") then %><% end %> <% if nixio.fs.access("/etc/init.d/xray") then %><% end %> diff --git a/openmptcprouter/files/etc/init.d/openmptcprouter-vps b/openmptcprouter/files/etc/init.d/openmptcprouter-vps index 6da45ffc5..1138bab2b 100755 --- a/openmptcprouter/files/etc/init.d/openmptcprouter-vps +++ b/openmptcprouter/files/etc/init.d/openmptcprouter-vps @@ -351,16 +351,22 @@ _set_v2ray_server_vps() { _set_xray_server_vps() { enabled=$(uci -q get xray.main.enabled) - [ "$enabled" != "1" ] && return userid=$(uci -q get xray.omrout.s_vless_user_id) + protocol=$(uci -q get xray.omrout.protocol) + if [ "$protocol" = "vless-reality" ] && [ "$enabled" = "1" ]; then + vless_reality='true' + else + vless_reality='false' + fi [ -z "$userid" ] && return [ -z "$vps_config" ] && vps_config=$(_get_json "config") [ -z "$vps_config" ] && return current_userid="$(echo "$vps_config" | jsonfilter -q -e '@.xray.config.key')" + current_vlessreality="$(echo "$vps_config" | jsonfilter -q -e '@.xray.config.vless_reality')" - if [ "$current_userid" != "$userid" ]; then + if [ "$current_userid" != "$userid" ] || [ "$current_vlessreality" != "$vless_reality" ]; then local settings - settings='{"userid": "'$userid'"}' + settings='{"userid": "'$userid'","vless_reality": '$vless_reality'}' echo $(_set_json "xray" "$settings") fi } @@ -521,6 +527,8 @@ _get_vps_config() { uci -q batch <<-EOF >/dev/null set v2ray.omrout.s_vmess_address="$vpsip" set v2ray.omrout.s_vless_address="$vpsip" + set v2ray.omrout.s_trojan_address="$vpsip" + set v2ray.omrout.s_socks_address="$vpsip" commit v2ray EOF if [ "$(uci -q get v2ray.main.enabled)" = "1" ]; then @@ -532,6 +540,10 @@ _get_vps_config() { uci -q batch <<-EOF >/dev/null set xray.omrout.s_vmess_address="$vpsip" set xray.omrout.s_vless_address="$vpsip" + set xray.omrout.s_trojan_address="$vpsip" + set xray.omrout.s_socks_address="$vpsip" + set xray.omrout.s_shadowsocks_address="$vpsip" + set xray.omrout.s_vless_reality_address="$vpsip" commit xray EOF if [ "$(uci -q get xray.main.enabled)" = "1" ]; then @@ -1635,6 +1647,7 @@ _set_config_from_vps() { # XRay settings xray_key="$(echo "$vps_config" | jsonfilter -q -e '@.xray.config.key')" xray_sskey="$(echo "$vps_config" | jsonfilter -q -e '@.xray.config.sskey')" + xray_vless_reality_key="$(echo "$vps_config" | jsonfilter -q -e '@.xray.config.vless_reality_key')" #v2ray_port="$(echo "$vps_config" | jsonfilter -q -e '@.v2ray.config.port')" xray_port="65248" if ([ -n "$xray_key" ] && [ "$xray_key" != "$(uci -q get xray.omrout.s_vmess_user_id)" ]) || ([ -n "$xray_port" ] && [ "$xray_port" != "$(uci -q get xray.omrout.s_vmess.port)" ]); then @@ -1649,11 +1662,14 @@ _set_config_from_vps() { set xray.omrout.s_vmess_port="$((xray_port+2))" set xray.omrout.s_vless_user_id="$xray_key" set xray.omrout.s_vless_port="$xray_port" + set xray.omrout.s_vless_reality_user_id="$xray_key" + set xray.omrout.s_vless_reality_public_key="$xray_vless_reality_key" EOF #uci -q set xray.omrout.s_shadowsocks_password=$xray_sskey if [ "$(uci -q get xray.omrout.s_vmess_address)" != "127.0.0.1" ]; then uci -q set xray.omrout.s_vmess_address="$vpsip" uci -q set xray.omrout.s_vless_address="$vpsip" + uci -q set xray.omrout.s_vless_reality_address="$vpsip" uci -q set xray.omrout.s_trojan_address="$vpsip" uci -q set xray.omrout.s_socks_address="$vpsip" uci -q set xray.omrout.s_shadowsocks_address="$vpsip" diff --git a/xray-core/files/etc/init.d/xray b/xray-core/files/etc/init.d/xray index 5d6b49d37..216ef152f 100755 --- a/xray-core/files/etc/init.d/xray +++ b/xray-core/files/etc/init.d/xray @@ -379,6 +379,15 @@ outbound_section_validate() { 's_vless_user_security:or("auto", "aes-128-gcm", "chacha20-poly1305", "none")' \ 's_vless_user_encryption:or("auto", "none")' \ 's_vless_user_level:uinteger' \ + 's_vless_reality_address:host' \ + 's_vless_reality_port:port' \ + 's_vless_reality_user_id:string' \ + 's_vless_reality_user_alter_id:and(uinteger, max(65535))' \ + 's_vless_user_security:or("auto", "aes-128-gcm", "chacha20-poly1305", "none")' \ + 's_vless_reality_user_encryption:or("auto", "none")' \ + 's_vless_reality_flow:string' \ + 's_vless_reality_public_key:string' \ + 's_vless_reality_user_level:uinteger' \ 's_trojan_address:host' \ 's_trojan_port:port' \ 's_trojan_user_id:string' \ @@ -455,7 +464,7 @@ add_xray_redirect_rules() { [ "$(uci -q get xray.main.inbounds | grep omr6)" != "" ] && [ -n "$OUTBOUND_SERVERS_V6" ] && { xray-rules6 -f commandline="-l $((port+1)) -L $((port+1)) -s $OUTBOUND_SERVERS_V6 --rule-name def --src-default forward --dst-default forward --local-default forward" - [ "$(uci -q get xray.main_transparent_proxy.redirect_udp)" = "1" ] && ([ "$(uci -q get xray.omrout.protocol)" = "vless" ] || [ "$(uci -q get xray.omrout.protocol)" = "vmess" ]) && commandline="$commandline -L ${port+1}" + [ "$(uci -q get xray.main_transparent_proxy.redirect_udp)" = "1" ] && ([ "$(uci -q get xray.omrout.protocol)" = "vless-reality" ] || [ "$(uci -q get xray.omrout.protocol)" = "vless" ] || [ "$(uci -q get xray.omrout.protocol)" = "vmess" ]) && commandline="$commandline -L ${port+1}" xray-rules6 $commandline } [ -f /etc/init.d/omr-bypass ] && [ -z "$(pgrep -f omr-bypass)" ] && { @@ -1428,7 +1437,11 @@ add_outbound_setting() { test -n "$send_through" && \ json_add_string "sendThrough" "$send_through" - json_add_string "protocol" "$protocol" + if [ "$protocol" = "vless-reality" ]; then + json_add_string "protocol" "vless" + else + json_add_string "protocol" "$protocol" + fi case "${protocol:-x}" in "blackhole") @@ -1576,6 +1589,37 @@ add_outbound_setting() { json_close_object + json_close_array # vnext + json_close_object # settings + ;; + "vless-reality") + json_add_object "settings" + + json_add_array "vnext" + json_add_object "" + + json_add_string "address" "$s_vless_reality_address" + append_server_address "$s_vless_reality_address" + + json_add_int "port" "$s_vless_reality_port" + + json_add_array "users" + json_add_object "" + json_add_string "id" "$s_vless_reality_user_id" + json_add_int "alterId" "$s_vless_reality_user_alter_id" + test -n "$s_vless_reality_user_security" && \ + json_add_string "security" "$s_vless_reality_user_security" + test -n "$s_vless_reality_user_encryption" && \ + json_add_string "encryption" "$s_vless_reality_user_encryption" + test -n "$s_vless_reality_user_level" && \ + json_add_int "level" "$s_vless_reality_user_level" + test -n "$s_vless_reality_flow" && \ + json_add_string "flow" "$s_vless_reality_flow" + json_close_object + json_close_array # users + + json_close_object + json_close_array # vnext json_close_object # settings ;; @@ -1660,6 +1704,16 @@ add_outbound_setting() { json_close_object # tlsSettings fi fi + if [ "x$protocol" = "xvless-reality" ]; then + json_add_string "security" "reality" + json_add_object "realitySettings" + json_add_string "fingerprint" "chrome" + json_add_string "serverName" "" + json_add_string "publicKey" "$s_vless_reality_public_key" + json_add_string "spiderX" "" + json_add_string "shortId" "" + json_close_object + fi case "${ss_network:-x}" in "tcp") @@ -2206,6 +2260,9 @@ rules_up() { if [ "$(uci -q get xray.omrout.protocol)" = "vless" ]; then OUTBOUND_SERVERS_V4="$(uci -q get xray.omrout.s_vless_address)" OUTBOUND_SERVERS_V6="$(uci -q get xray.omrout.s_vless_address)" + elif [ "$(uci -q get xray.omrout.protocol)" = "vless-reality" ]; then + OUTBOUND_SERVERS_V4="$(uci -q get xray.omrout.s_vless_reality_address)" + OUTBOUND_SERVERS_V6="$(uci -q get xray.omrout.s_vless_reality_address)" elif [ "$(uci -q get xray.omrout.protocol)" = "vmess" ]; then OUTBOUND_SERVERS_V4="$(uci -q get xray.omrout.s_vmess_address)" OUTBOUND_SERVERS_V6="$(uci -q get xray.omrout.s_vmess_address)" @@ -2215,6 +2272,9 @@ rules_up() { elif [ "$(uci -q get xray.omrout.protocol)" = "socks" ]; then OUTBOUND_SERVERS_V4="$(uci -q get xray.omrout.s_socks_address)" OUTBOUND_SERVERS_V6="$(uci -q get xray.omrout.s_socks_address)" + elif [ "$(uci -q get xray.omrout.protocol)" = "shadowsocks" ]; then + OUTBOUND_SERVERS_V4="$(uci -q get xray.omrout.s_shadowsocks_address)" + OUTBOUND_SERVERS_V6="$(uci -q get xray.omrout.s_shadowsocks_address)" fi TRANSPARENT_PROXY_PORT="$(uci -q get xray.omr.port)" [ -n "$OUTBOUND_SERVERS_V4" ] || [ -n "$OUTBOUND_SERVERS_V6" ] && { diff --git a/xray-core/files/etc/uci-defaults/3010-omr-xray b/xray-core/files/etc/uci-defaults/3010-omr-xray index 69cce605e..361f1dbfd 100644 --- a/xray-core/files/etc/uci-defaults/3010-omr-xray +++ b/xray-core/files/etc/uci-defaults/3010-omr-xray @@ -36,24 +36,24 @@ if [ -z "$(uci -q get xray.main)" ]; then set xray.omrout.tag='omrout_tunnel' set xray.omrout.protocol='vless' set xray.omrout.s_vmess_address='' - set xray.omrout.s_vmess_port='65230' + set xray.omrout.s_vmess_port='65250' set xray.omrout.s_vmess_user_id='' set xray.omrout.s_vmess_user_security='none' set xray.omrout.s_vmess_user_alter_id='0' set xray.omrout.s_vless_address='' - set xray.omrout.s_vless_port='65228' + set xray.omrout.s_vless_port='65248' set xray.omrout.s_vless_user_id='' set xray.omrout.s_vless_user_security='none' set xray.omrout.s_vless_user_encryption='none' set xray.omrout.s_vless_user_alter_id='0' set xray.omrout.s_trojan_address='' - set xray.omrout.s_trojan_port='65229' + set xray.omrout.s_trojan_port='65249' set xray.omrout.s_trojan_user_id='' set xray.omrout.s_trojan_user_security='none' set xray.omrout.s_trojan_user_encryption='none' set xray.omrout.s_trojan_user_alter_id='0' set xray.omrout.s_socks_address='' - set xray.omrout.s_socks_port='65231' + set xray.omrout.s_socks_port='65251' set xray.omrout.s_socks_user_id='' set xray.omrout.s_socks_user_security='none' set xray.omrout.s_socks_user_encryption='none' @@ -170,9 +170,9 @@ if [ "$(uci -q get xray.policy_level_0.conn_idle)" = "2400" ]; then EOF fi -if [ "$(uci -q get xray.omrout.s_vmess_port)" = "65228" ]; then +if [ "$(uci -q get xray.omrout.s_vmess_port)" = "65230" ]; then uci -q batch <<-EOF >/dev/null - set xray.omrout.s_vmess_port='65230' + set xray.omrout.s_vmess_port='65250' commit xray EOF fi @@ -180,7 +180,7 @@ fi if [ "$(uci -q get xray.omrout.s_trojan_port)" = "" ]; then uci -q batch <<-EOF >/dev/null set xray.omrout.s_trojan_address='' - set xray.omrout.s_trojan_port='65229' + set xray.omrout.s_trojan_port='65249' set xray.omrout.s_trojan_user_id='' set xray.omrout.s_trojan_user_security='none' set xray.omrout.s_trojan_user_encryption='none' @@ -191,7 +191,7 @@ fi if [ "$(uci -q get xray.omrout.s_socks_port)" = "" ]; then uci -q batch <<-EOF >/dev/null set xray.omrout.s_socks_address='' - set xray.omrout.s_socks_port='65231' + set xray.omrout.s_socks_port='65251' set xray.omrout.s_socks_user_id='' set xray.omrout.s_socks_user_security='none' set xray.omrout.s_socks_user_encryption='none' @@ -199,6 +199,25 @@ if [ "$(uci -q get xray.omrout.s_socks_port)" = "" ]; then commit xray EOF fi +if [ "$(uci -q get xray.omrout.s_shadowsocks_port)" = "" ]; then + uci -q batch <<-EOF >/dev/null + set xray.omrout.s_shadowsocks_address='' + set xray.omrout.s_shadowsocks_port='65252' + commit xray + EOF +fi +if [ "$(uci -q get xray.omrout.s_vless_reality_port)" = "" ]; then + uci -q batch <<-EOF >/dev/null + set xray.omrout.s_vless_reality_address='' + set xray.omrout.s_vless_reality_port='443' + set xray.omrout.s_vless_reality_flow='xtls-rprx-vision' + set xray.omrout.s_vless_reality_user_id='' + set xray.omrout.s_vless_reality_user_security='none' + set xray.omrout.s_vless_reality_user_encryption='none' + set xray.omrout.s_vless_reality_user_alter_id='0' + commit xray + EOF +fi if [ "$(uci -q get xray.omrout.ss_sockopt_mptcp)" = "" ]; then uci -q batch <<-EOF >/dev/null