Shikong/Clash.Meta
1
0
Fork 0
mirror of https://gitclone.com/github.com/MetaCubeX/Clash.Meta synced 2025-05-13 05:28:16 +08:00
Code Issues Packages Projects Releases Wiki Activity

chore: code cleanup

Browse Source
This commit is contained in:
wwqgtxx 2025-04-16 09:39:52 +08:00
parent dcb20e2824
commit ba3c44a169
10 changed files with 35 additions and 32 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

27
common/net/tls.go
View File

@ -3,8 +3,10 @@ package net
import ( import (
"crypto/rand" "crypto/rand"
"crypto/rsa" "crypto/rsa"
"crypto/sha256"
"crypto/tls" "crypto/tls"
"crypto/x509" "crypto/x509"
"encoding/hex"
"encoding/pem" "encoding/pem"
"fmt" "fmt"
"math/big" "math/big"
@ -16,7 +18,11 @@ type Path interface {
func ParseCert(certificate, privateKey string, path Path) (tls.Certificate, error) { func ParseCert(certificate, privateKey string, path Path) (tls.Certificate, error) {
if certificate == "" && privateKey == "" { if certificate == "" && privateKey == "" {
return newRandomTLSKeyPair() var err error
certificate, privateKey, _, err = NewRandomTLSKeyPair()
if err != nil {
return tls.Certificate{}, err
}
} }
cert, painTextErr := tls.X509KeyPair([]byte(certificate), []byte(privateKey)) cert, painTextErr := tls.X509KeyPair([]byte(certificate), []byte(privateKey))
if painTextErr == nil { if painTextErr == nil {
@ -32,10 +38,10 @@ func ParseCert(certificate, privateKey string, path Path) (tls.Certificate, erro
return cert, nil return cert, nil
} }
func newRandomTLSKeyPair() (tls.Certificate, error) { func NewRandomTLSKeyPair() (certificate string, privateKey string, fingerprint string, err error) {
key, err := rsa.GenerateKey(rand.Reader, 2048) key, err := rsa.GenerateKey(rand.Reader, 2048)
if err != nil { if err != nil {
return tls.Certificate{}, err return
} }
template := x509.Certificate{SerialNumber: big.NewInt(1)} template := x509.Certificate{SerialNumber: big.NewInt(1)}
certDER, err := x509.CreateCertificate( certDER, err := x509.CreateCertificate(
@ -45,14 +51,15 @@ func newRandomTLSKeyPair() (tls.Certificate, error) {
&key.PublicKey, &key.PublicKey,
key) key)
if err != nil { if err != nil {
return tls.Certificate{}, err return
} }
keyPEM := pem.EncodeToMemory(&pem.Block{Type: "RSA PRIVATE KEY", Bytes: x509.MarshalPKCS1PrivateKey(key)}) cert, err := x509.ParseCertificate(certDER)
certPEM := pem.EncodeToMemory(&pem.Block{Type: "CERTIFICATE", Bytes: certDER})
tlsCert, err := tls.X509KeyPair(certPEM, keyPEM)
if err != nil { if err != nil {
return tls.Certificate{}, err return
} }
return tlsCert, nil hash := sha256.Sum256(cert.Raw)
fingerprint = hex.EncodeToString(hash[:])
privateKey = string(pem.EncodeToMemory(&pem.Block{Type: "RSA PRIVATE KEY", Bytes: x509.MarshalPKCS1PrivateKey(key)}))
certificate = string(pem.EncodeToMemory(&pem.Block{Type: "CERTIFICATE", Bytes: certDER}))
return
} }

2
component/http/http.go
View File

@ -69,7 +69,7 @@ func HttpRequestWithProxy(ctx context.Context, url, method string, header map[st
TLSHandshakeTimeout: 10 * time.Second, TLSHandshakeTimeout: 10 * time.Second,
ExpectContinueTimeout: 1 * time.Second, ExpectContinueTimeout: 1 * time.Second,
DialContext: func(ctx context.Context, network, address string) (net.Conn, error) { DialContext: func(ctx context.Context, network, address string) (net.Conn, error) {
if conn, err := inner.HandleTcp(address, specialProxy); err == nil { if conn, err := inner.HandleTcp(inner.GetTunnel(), address, specialProxy); err == nil {
return conn, nil return conn, nil
} else { } else {
return dialer.DialContext(ctx, network, address) return dialer.DialContext(ctx, network, address)

2
listener/http/server.go
View File

@ -78,7 +78,7 @@ func NewWithConfig(config LC.AuthServer, tunnel C.Tunnel, additions ...inbound.A
if tlsConfig.Certificates != nil { if tlsConfig.Certificates != nil {
return nil, errors.New("certificate is unavailable in reality") return nil, errors.New("certificate is unavailable in reality")
} }
realityBuilder, err = config.RealityConfig.Build() realityBuilder, err = config.RealityConfig.Build(tunnel)
if err != nil { if err != nil {
return nil, err return nil, err
} }

21
listener/inner/tcp.go
View File

@ -3,8 +3,6 @@ package inner
import ( import (
"errors" "errors"
"net" "net"
"net/netip"
"strconv"
N "github.com/metacubex/mihomo/common/net" N "github.com/metacubex/mihomo/common/net"
C "github.com/metacubex/mihomo/constant" C "github.com/metacubex/mihomo/constant"
@ -16,9 +14,13 @@ func New(t C.Tunnel) {
tunnel = t tunnel = t
} }
func HandleTcp(address string, proxy string) (conn net.Conn, err error) { func GetTunnel() C.Tunnel {
return tunnel
}
func HandleTcp(tunnel C.Tunnel, address string, proxy string) (conn net.Conn, err error) {
if tunnel == nil { if tunnel == nil {
return nil, errors.New("tcp uninitialized") return nil, errors.New("tunnel uninitialized")
} }
// executor Parsed // executor Parsed
conn1, conn2 := N.Pipe() conn1, conn2 := N.Pipe()
@ -31,15 +33,8 @@ func HandleTcp(address string, proxy string) (conn net.Conn, err error) {
if proxy != "" { if proxy != "" {
metadata.SpecialProxy = proxy metadata.SpecialProxy = proxy
} }
if h, port, err := net.SplitHostPort(address); err == nil { if err = metadata.SetRemoteAddress(address); err != nil {
if port, err := strconv.ParseUint(port, 10, 16); err == nil { return nil, err
metadata.DstPort = uint16(port)
}
if ip, err := netip.ParseAddr(h); err == nil {
metadata.DstIP = ip
} else {
metadata.Host = h
}
} }
go tunnel.HandleTCPConn(conn2, metadata) go tunnel.HandleTCPConn(conn2, metadata)

2
listener/mixed/mixed.go
View File

@ -73,7 +73,7 @@ func NewWithConfig(config LC.AuthServer, tunnel C.Tunnel, additions ...inbound.A
if tlsConfig.Certificates != nil { if tlsConfig.Certificates != nil {
return nil, errors.New("certificate is unavailable in reality") return nil, errors.New("certificate is unavailable in reality")
} }
realityBuilder, err = config.RealityConfig.Build() realityBuilder, err = config.RealityConfig.Build(tunnel)
if err != nil { if err != nil {
return nil, err return nil, err
} }

5
listener/reality/reality.go
View File

@ -9,6 +9,7 @@ import (
"net" "net"
"time" "time"
C "github.com/metacubex/mihomo/constant"
"github.com/metacubex/mihomo/listener/inner" "github.com/metacubex/mihomo/listener/inner"
"github.com/metacubex/mihomo/log" "github.com/metacubex/mihomo/log"
"github.com/metacubex/mihomo/ntp" "github.com/metacubex/mihomo/ntp"
@ -27,7 +28,7 @@ type Config struct {
Proxy string Proxy string
} }
func (c Config) Build() (*Builder, error) { func (c Config) Build(tunnel C.Tunnel) (*Builder, error) {
realityConfig := &utls.RealityConfig{} realityConfig := &utls.RealityConfig{}
realityConfig.SessionTicketsDisabled = true realityConfig.SessionTicketsDisabled = true
realityConfig.Type = "tcp" realityConfig.Type = "tcp"
@ -67,7 +68,7 @@ func (c Config) Build() (*Builder, error) {
} }
realityConfig.DialContext = func(ctx context.Context, network, address string) (net.Conn, error) { realityConfig.DialContext = func(ctx context.Context, network, address string) (net.Conn, error) {
return inner.HandleTcp(address, c.Proxy) return inner.HandleTcp(tunnel, address, c.Proxy)
} }
return &Builder{realityConfig}, nil return &Builder{realityConfig}, nil

2
listener/sing_vless/server.go
View File

@ -106,7 +106,7 @@ func New(config LC.VlessServer, tunnel C.Tunnel, additions ...inbound.Addition)
if tlsConfig.Certificates != nil { if tlsConfig.Certificates != nil {
return nil, errors.New("certificate is unavailable in reality") return nil, errors.New("certificate is unavailable in reality")
} }
realityBuilder, err = config.RealityConfig.Build() realityBuilder, err = config.RealityConfig.Build(tunnel)
if err != nil { if err != nil {
return nil, err return nil, err
} }

2
listener/sing_vmess/server.go
View File

@ -90,7 +90,7 @@ func New(config LC.VmessServer, tunnel C.Tunnel, additions ...inbound.Addition)
if tlsConfig.Certificates != nil { if tlsConfig.Certificates != nil {
return nil, errors.New("certificate is unavailable in reality") return nil, errors.New("certificate is unavailable in reality")
} }
realityBuilder, err = config.RealityConfig.Build() realityBuilder, err = config.RealityConfig.Build(tunnel)
if err != nil { if err != nil {
return nil, err return nil, err
} }

2
listener/socks/tcp.go
View File

@ -72,7 +72,7 @@ func NewWithConfig(config LC.AuthServer, tunnel C.Tunnel, additions ...inbound.A
if tlsConfig.Certificates != nil { if tlsConfig.Certificates != nil {
return nil, errors.New("certificate is unavailable in reality") return nil, errors.New("certificate is unavailable in reality")
} }
realityBuilder, err = config.RealityConfig.Build() realityBuilder, err = config.RealityConfig.Build(tunnel)
if err != nil { if err != nil {
return nil, err return nil, err
} }

2
listener/trojan/server.go
View File

@ -84,7 +84,7 @@ func New(config LC.TrojanServer, tunnel C.Tunnel, additions ...inbound.Addition)
if tlsConfig.Certificates != nil { if tlsConfig.Certificates != nil {
return nil, errors.New("certificate is unavailable in reality") return nil, errors.New("certificate is unavailable in reality")
} }
realityBuilder, err = config.RealityConfig.Build() realityBuilder, err = config.RealityConfig.Build(tunnel)
if err != nil { if err != nil {
return nil, err return nil, err
} }