move some code

2026-02-04 04:30:08 +00:00 · 2023-05-22 21:01:31 +08:00
parent 62d2805906
commit 2f400190ff
12 changed files with 228 additions and 228 deletions
--- a/common/builder/inbound.go
+++ b/common/builder/inbound.go
@@ -0,0 +1,315 @@
+package builder
+
+import (
+	"crypto/rand"
+	"encoding/base64"
+	"encoding/hex"
+	"fmt"
+	"github.com/Yuzuki616/V2bX/api/panel"
+	"github.com/Yuzuki616/V2bX/common/file"
+	"github.com/Yuzuki616/V2bX/conf"
+	"github.com/Yuzuki616/V2bX/node/lego"
+	"github.com/goccy/go-json"
+	"github.com/xtls/xray-core/common/net"
+	"github.com/xtls/xray-core/core"
+	coreConf "github.com/xtls/xray-core/infra/conf"
+)
+
+// BuildInbound build Inbound config for different protocol
+func BuildInbound(config *conf.ControllerConfig, nodeInfo *panel.NodeInfo, tag string) (*core.InboundHandlerConfig, error) {
+	in := &coreConf.InboundDetourConfig{}
+	// Set network protocol
+	t := coreConf.TransportProtocol(nodeInfo.Network)
+	in.StreamSetting = &coreConf.StreamConfig{Network: &t}
+	var err error
+	switch nodeInfo.NodeType {
+	case "v2ray":
+		err = buildV2ray(config, nodeInfo, in)
+	case "trojan":
+		err = buildTrojan(config, nodeInfo, in)
+	case "shadowsocks":
+		err = buildShadowsocks(config, nodeInfo, in)
+	default:
+		return nil, fmt.Errorf("unsupported node type: %s, Only support: V2ray, Trojan, Shadowsocks", nodeInfo.NodeType)
+	}
+	if err != nil {
+		return nil, err
+	}
+	// Set server port
+	in.PortList = &coreConf.PortList{
+		Range: []coreConf.PortRange{{From: uint32(nodeInfo.ServerPort), To: uint32(nodeInfo.ServerPort)}},
+	}
+	// Set Listen IP address
+	ipAddress := net.ParseAddress(config.ListenIP)
+	in.ListenOn = &coreConf.Address{Address: ipAddress}
+	// Set SniffingConfig
+	sniffingConfig := &coreConf.SniffingConfig{
+		Enabled:      true,
+		DestOverride: &coreConf.StringList{"http", "tls"},
+	}
+	if config.DisableSniffing {
+		sniffingConfig.Enabled = false
+	}
+	in.SniffingConfig = sniffingConfig
+	if *in.StreamSetting.Network == "tcp" {
+		if in.StreamSetting.TCPSettings != nil {
+			in.StreamSetting.TCPSettings.AcceptProxyProtocol = config.EnableProxyProtocol
+		} else {
+			tcpSetting := &coreConf.TCPConfig{
+				AcceptProxyProtocol: config.EnableProxyProtocol,
+			} //Enable proxy protocol
+			in.StreamSetting.TCPSettings = tcpSetting
+		}
+	} else if *in.StreamSetting.Network == "ws" {
+		in.StreamSetting.WSSettings = &coreConf.WebSocketConfig{
+			AcceptProxyProtocol: config.EnableProxyProtocol} //Enable proxy protocol
+	}
+	// Set TLS and XTLS settings
+	if nodeInfo.Tls != 0 {
+		if config.CertConfig.CertMode != "none" {
+			// Normal tls
+			in.StreamSetting.Security = "tls"
+			certFile, keyFile, err := getCertFile(config.CertConfig)
+			if err != nil {
+				return nil, err
+			}
+			in.StreamSetting.TLSSettings = &coreConf.TLSConfig{
+				Certs: []*coreConf.TLSCertConfig{
+					{
+						CertFile:     certFile,
+						KeyFile:      keyFile,
+						OcspStapling: 3600,
+					},
+				},
+				RejectUnknownSNI: config.CertConfig.RejectUnknownSni,
+			}
+		} else if config.EnableReality {
+			// Reality
+			in.StreamSetting.Security = "reality"
+			d, err := json.Marshal(config.RealityConfig.Dest)
+			if err != nil {
+				return nil, fmt.Errorf("marshal reality dest error: %s", err)
+			}
+			in.StreamSetting.REALITYSettings = &coreConf.REALITYConfig{
+				Dest:         d,
+				Xver:         config.RealityConfig.Xver,
+				ServerNames:  config.RealityConfig.ServerNames,
+				PrivateKey:   config.RealityConfig.PrivateKey,
+				MinClientVer: config.RealityConfig.MinClientVer,
+				MaxClientVer: config.RealityConfig.MaxClientVer,
+				MaxTimeDiff:  config.RealityConfig.MaxTimeDiff,
+				ShortIds:     config.RealityConfig.ShortIds,
+			}
+		}
+	}
+	// Support ProxyProtocol for any transport protocol
+	if *in.StreamSetting.Network != "tcp" &&
+		*in.StreamSetting.Network != "ws" &&
+		config.EnableProxyProtocol {
+		sockoptConfig := &coreConf.SocketConfig{
+			AcceptProxyProtocol: config.EnableProxyProtocol,
+		} //Enable proxy protocol
+		in.StreamSetting.SocketSettings = sockoptConfig
+	}
+	in.Tag = tag
+	return in.Build()
+}
+
+func buildV2ray(config *conf.ControllerConfig, nodeInfo *panel.NodeInfo, inbound *coreConf.InboundDetourConfig) error {
+	if config.EnableVless {
+		//Set vless
+		inbound.Protocol = "vless"
+		if config.EnableFallback {
+			// Set fallback
+			fallbackConfigs, err := buildVlessFallbacks(config.FallBackConfigs)
+			if err != nil {
+				return err
+			}
+			s, err := json.Marshal(&coreConf.VLessInboundConfig{
+				Decryption: "none",
+				Fallbacks:  fallbackConfigs,
+			})
+			if err != nil {
+				return fmt.Errorf("marshal vless fallback config error: %s", err)
+			}
+			inbound.Settings = (*json.RawMessage)(&s)
+		} else {
+			var err error
+			s, err := json.Marshal(&coreConf.VLessInboundConfig{
+				Decryption: "none",
+			})
+			if err != nil {
+				return fmt.Errorf("marshal vless config error: %s", err)
+			}
+			inbound.Settings = (*json.RawMessage)(&s)
+		}
+	} else {
+		// Set vmess
+		inbound.Protocol = "vmess"
+		var err error
+		s, err := json.Marshal(&coreConf.VMessInboundConfig{})
+		if err != nil {
+			return fmt.Errorf("marshal vmess settings error: %s", err)
+		}
+		inbound.Settings = (*json.RawMessage)(&s)
+	}
+	if len(nodeInfo.NetworkSettings) == 0 {
+		return nil
+	}
+	switch nodeInfo.Network {
+	case "tcp":
+		err := json.Unmarshal(nodeInfo.NetworkSettings, &inbound.StreamSetting.TCPSettings)
+		if err != nil {
+			return fmt.Errorf("unmarshal tcp settings error: %s", err)
+		}
+	case "ws":
+		err := json.Unmarshal(nodeInfo.NetworkSettings, &inbound.StreamSetting.WSSettings)
+		if err != nil {
+			return fmt.Errorf("unmarshal ws settings error: %s", err)
+		}
+	case "grpc":
+		err := json.Unmarshal(nodeInfo.NetworkSettings, &inbound.StreamSetting.GRPCConfig)
+		if err != nil {
+			return fmt.Errorf("unmarshal grpc settings error: %s", err)
+		}
+	}
+	return nil
+}
+
+func buildTrojan(config *conf.ControllerConfig, nodeInfo *panel.NodeInfo, inbound *coreConf.InboundDetourConfig) error {
+	inbound.Protocol = "trojan"
+	if config.EnableFallback {
+		// Set fallback
+		fallbackConfigs, err := buildTrojanFallbacks(config.FallBackConfigs)
+		if err != nil {
+			return err
+		}
+		s, err := json.Marshal(&coreConf.TrojanServerConfig{
+			Fallbacks: fallbackConfigs,
+		})
+		inbound.Settings = (*json.RawMessage)(&s)
+		if err != nil {
+			return fmt.Errorf("marshal trojan fallback config error: %s", err)
+		}
+	} else {
+		s := []byte("{}")
+		inbound.Settings = (*json.RawMessage)(&s)
+	}
+	t := coreConf.TransportProtocol(nodeInfo.Network)
+	inbound.StreamSetting = &coreConf.StreamConfig{Network: &t}
+	return nil
+}
+
+func buildShadowsocks(config *conf.ControllerConfig, nodeInfo *panel.NodeInfo, inbound *coreConf.InboundDetourConfig) error {
+	inbound.Protocol = "shadowsocks"
+	settings := &coreConf.ShadowsocksServerConfig{
+		Cipher: nodeInfo.Cipher,
+	}
+	p := make([]byte, 32)
+	_, err := rand.Read(p)
+	if err != nil {
+		return fmt.Errorf("generate random password error: %s", err)
+	}
+	randomPasswd := hex.EncodeToString(p)
+	cipher := nodeInfo.Cipher
+	if nodeInfo.ServerKey != "" {
+		settings.Password = nodeInfo.ServerKey
+		randomPasswd = base64.StdEncoding.EncodeToString([]byte(randomPasswd))
+		cipher = ""
+	}
+	defaultSSuser := &coreConf.ShadowsocksUserConfig{
+		Cipher:   cipher,
+		Password: randomPasswd,
+	}
+	settings.Users = append(settings.Users, defaultSSuser)
+	settings.NetworkList = &coreConf.NetworkList{"tcp", "udp"}
+	settings.IVCheck = true
+	if config.DisableIVCheck {
+		settings.IVCheck = false
+	}
+	t := coreConf.TransportProtocol("tcp")
+	inbound.StreamSetting = &coreConf.StreamConfig{Network: &t}
+	s, err := json.Marshal(settings)
+	inbound.Settings = (*json.RawMessage)(&s)
+	if err != nil {
+		return fmt.Errorf("marshal shadowsocks settings error: %s", err)
+	}
+	return nil
+}
+
+func getCertFile(certConfig *conf.CertConfig) (certFile string, keyFile string, err error) {
+	if certConfig.CertFile == "" || certConfig.KeyFile == "" {
+		return "", "", fmt.Errorf("cert file path or key file path not exist")
+	}
+	switch certConfig.CertMode {
+	case "file":
+		return certConfig.CertFile, certConfig.KeyFile, nil
+	case "dns", "http":
+		if file.IsExist(certConfig.CertFile) && file.IsExist(certConfig.KeyFile) {
+			return certConfig.CertFile, certConfig.KeyFile, nil
+		}
+		l, err := lego.New(certConfig)
+		if err != nil {
+			return "", "", fmt.Errorf("create lego object error: %s", err)
+		}
+		err = l.CreateCert()
+		if err != nil {
+			return "", "", fmt.Errorf("create cert error: %s", err)
+		}
+		return certConfig.CertFile, certConfig.KeyFile, nil
+	}
+	return "", "", fmt.Errorf("unsupported certmode: %s", certConfig.CertMode)
+}
+
+func buildVlessFallbacks(fallbackConfigs []conf.FallBackConfig) ([]*coreConf.VLessInboundFallback, error) {
+	if fallbackConfigs == nil {
+		return nil, fmt.Errorf("you must provide FallBackConfigs")
+	}
+	vlessFallBacks := make([]*coreConf.VLessInboundFallback, len(fallbackConfigs))
+	for i, c := range fallbackConfigs {
+		if c.Dest == "" {
+			return nil, fmt.Errorf("dest is required for fallback fialed")
+		}
+		var dest json.RawMessage
+		dest, err := json.Marshal(c.Dest)
+		if err != nil {
+			return nil, fmt.Errorf("marshal dest %s config fialed: %s", dest, err)
+		}
+		vlessFallBacks[i] = &coreConf.VLessInboundFallback{
+			Name: c.SNI,
+			Alpn: c.Alpn,
+			Path: c.Path,
+			Dest: dest,
+			Xver: c.ProxyProtocolVer,
+		}
+	}
+	return vlessFallBacks, nil
+}
+
+func buildTrojanFallbacks(fallbackConfigs []conf.FallBackConfig) ([]*coreConf.TrojanInboundFallback, error) {
+	if fallbackConfigs == nil {
+		return nil, fmt.Errorf("you must provide FallBackConfigs")
+	}
+
+	trojanFallBacks := make([]*coreConf.TrojanInboundFallback, len(fallbackConfigs))
+	for i, c := range fallbackConfigs {
+
+		if c.Dest == "" {
+			return nil, fmt.Errorf("dest is required for fallback fialed")
+		}
+
+		var dest json.RawMessage
+		dest, err := json.Marshal(c.Dest)
+		if err != nil {
+			return nil, fmt.Errorf("marshal dest %s config fialed: %s", dest, err)
+		}
+		trojanFallBacks[i] = &coreConf.TrojanInboundFallback{
+			Name: c.SNI,
+			Alpn: c.Alpn,
+			Path: c.Path,
+			Dest: dest,
+			Xver: c.ProxyProtocolVer,
+		}
+	}
+	return trojanFallBacks, nil
+}
--- a/common/builder/outbound.go
+++ b/common/builder/outbound.go
@@ -0,0 +1,44 @@
+package builder
+
+import (
+	"fmt"
+	"github.com/Yuzuki616/V2bX/api/panel"
+	conf2 "github.com/Yuzuki616/V2bX/conf"
+	"github.com/goccy/go-json"
+	"github.com/xtls/xray-core/common/net"
+	"github.com/xtls/xray-core/core"
+	"github.com/xtls/xray-core/infra/conf"
+)
+
+// BuildOutbound build freedom outbund config for addoutbound
+func BuildOutbound(config *conf2.ControllerConfig, nodeInfo *panel.NodeInfo, tag string) (*core.OutboundHandlerConfig, error) {
+	outboundDetourConfig := &conf.OutboundDetourConfig{}
+	outboundDetourConfig.Protocol = "freedom"
+	outboundDetourConfig.Tag = tag
+
+	// Build Send IP address
+	if config.SendIP != "" {
+		ipAddress := net.ParseAddress(config.SendIP)
+		outboundDetourConfig.SendThrough = &conf.Address{Address: ipAddress}
+	}
+
+	// Freedom Protocol setting
+	var domainStrategy = "Asis"
+	if config.EnableDNS {
+		if config.DNSType != "" {
+			domainStrategy = config.DNSType
+		} else {
+			domainStrategy = "UseIP"
+		}
+	}
+	proxySetting := &conf.FreedomConfig{
+		DomainStrategy: domainStrategy,
+	}
+	var setting json.RawMessage
+	setting, err := json.Marshal(proxySetting)
+	if err != nil {
+		return nil, fmt.Errorf("marshal proxy %s config fialed: %s", nodeInfo.NodeType, err)
+	}
+	outboundDetourConfig.Settings = &setting
+	return outboundDetourConfig.Build()
+}
--- a/common/builder/user.go
+++ b/common/builder/user.go
@@ -0,0 +1,129 @@
+package builder
+
+import (
+	"encoding/base64"
+	"fmt"
+	"github.com/Yuzuki616/V2bX/api/panel"
+	"github.com/xtls/xray-core/common/protocol"
+	"github.com/xtls/xray-core/common/serial"
+	"github.com/xtls/xray-core/infra/conf"
+	"github.com/xtls/xray-core/proxy/shadowsocks"
+	"github.com/xtls/xray-core/proxy/shadowsocks_2022"
+	"github.com/xtls/xray-core/proxy/trojan"
+	"github.com/xtls/xray-core/proxy/vless"
+	"strings"
+)
+
+const xtlsFLow = "xtls-rprx-vision"
+
+func BuildVmessUsers(tag string, userInfo []panel.UserInfo) (users []*protocol.User) {
+	users = make([]*protocol.User, len(userInfo))
+	for i, user := range userInfo {
+		users[i] = BuildVmessUser(tag, &user)
+	}
+	return users
+}
+
+func BuildVmessUser(tag string, userInfo *panel.UserInfo) (user *protocol.User) {
+	vmessAccount := &conf.VMessAccount{
+		ID:       userInfo.Uuid,
+		AlterIds: 0,
+		Security: "auto",
+	}
+	return &protocol.User{
+		Level:   0,
+		Email:   BuildUserTag(tag, userInfo), // Uid: InboundTag|email|uid
+		Account: serial.ToTypedMessage(vmessAccount.Build()),
+	}
+}
+
+func BuildVlessUsers(tag string, userInfo []panel.UserInfo, xtls bool) (users []*protocol.User) {
+	users = make([]*protocol.User, len(userInfo))
+	for i := range userInfo {
+		users[i] = BuildVlessUser(tag, &(userInfo)[i], xtls)
+	}
+	return users
+}
+
+func BuildVlessUser(tag string, userInfo *panel.UserInfo, xtls bool) (user *protocol.User) {
+	vlessAccount := &vless.Account{
+		Id: userInfo.Uuid,
+	}
+	if xtls {
+		vlessAccount.Flow = xtlsFLow
+	}
+	return &protocol.User{
+		Level:   0,
+		Email:   BuildUserTag(tag, userInfo),
+		Account: serial.ToTypedMessage(vlessAccount),
+	}
+}
+
+func BuildTrojanUsers(tag string, userInfo []panel.UserInfo) (users []*protocol.User) {
+	users = make([]*protocol.User, len(userInfo))
+	for i := range userInfo {
+		users[i] = BuildTrojanUser(tag, &(userInfo)[i])
+	}
+	return users
+}
+
+func BuildTrojanUser(tag string, userInfo *panel.UserInfo) (user *protocol.User) {
+	trojanAccount := &trojan.Account{
+		Password: userInfo.Uuid,
+	}
+	return &protocol.User{
+		Level:   0,
+		Email:   BuildUserTag(tag, userInfo),
+		Account: serial.ToTypedMessage(trojanAccount),
+	}
+}
+
+func getCipherFromString(c string) shadowsocks.CipherType {
+	switch strings.ToLower(c) {
+	case "aes-128-gcm", "aead_aes_128_gcm":
+		return shadowsocks.CipherType_AES_128_GCM
+	case "aes-256-gcm", "aead_aes_256_gcm":
+		return shadowsocks.CipherType_AES_256_GCM
+	case "chacha20-poly1305", "aead_chacha20_poly1305", "chacha20-ietf-poly1305":
+		return shadowsocks.CipherType_CHACHA20_POLY1305
+	case "none", "plain":
+		return shadowsocks.CipherType_NONE
+	default:
+		return shadowsocks.CipherType_UNKNOWN
+	}
+}
+
+func BuildSSUsers(tag string, userInfo []panel.UserInfo, cypher shadowsocks.CipherType, serverKey string) (users []*protocol.User) {
+	users = make([]*protocol.User, len(userInfo))
+	for i := range userInfo {
+		users[i] = BuildSSUser(tag, &userInfo[i], cypher, serverKey)
+	}
+	return users
+}
+
+func BuildSSUser(tag string, userInfo *panel.UserInfo, cypher shadowsocks.CipherType, serverKey string) (user *protocol.User) {
+	if serverKey == "" {
+		ssAccount := &shadowsocks.Account{
+			Password:   userInfo.Uuid,
+			CipherType: cypher,
+		}
+		return &protocol.User{
+			Level:   0,
+			Email:   tag,
+			Account: serial.ToTypedMessage(ssAccount),
+		}
+	} else {
+		ssAccount := &shadowsocks_2022.User{
+			Key: base64.StdEncoding.EncodeToString([]byte(userInfo.Uuid[:32])),
+		}
+		return &protocol.User{
+			Level:   0,
+			Email:   tag,
+			Account: serial.ToTypedMessage(ssAccount),
+		}
+	}
+}
+
+func BuildUserTag(tag string, user *panel.UserInfo) string {
+	return fmt.Sprintf("%s|%s|%d", tag, user.Uuid, user.Id)
+}