diff options
| -rw-r--r-- | sub/subJsonService.go | 3 | ||||
| -rw-r--r-- | sub/subService.go | 26 | ||||
| -rw-r--r-- | web/assets/js/model/inbound.js | 18 | ||||
| -rw-r--r-- | web/assets/js/model/outbound.js | 12 | ||||
| -rw-r--r-- | web/html/form/outbound.html | 14 | ||||
| -rw-r--r-- | web/html/form/tls_settings.html | 3 |
6 files changed, 15 insertions, 61 deletions
diff --git a/sub/subJsonService.go b/sub/subJsonService.go index 8222491a..72c5c6f1 100644 --- a/sub/subJsonService.go +++ b/sub/subJsonService.go @@ -253,9 +253,6 @@ func (s *SubJsonService) tlsData(tData map[string]any) map[string]any { tlsData["serverName"] = tData["serverName"] tlsData["alpn"] = tData["alpn"] - if allowInsecure, ok := tlsClientSettings["allowInsecure"].(bool); ok { - tlsData["allowInsecure"] = allowInsecure - } if fingerprint, ok := tlsClientSettings["fingerprint"].(string); ok { tlsData["fingerprint"] = fingerprint } diff --git a/sub/subService.go b/sub/subService.go index e046ebb4..818f193b 100644 --- a/sub/subService.go +++ b/sub/subService.go @@ -270,9 +270,6 @@ func (s *SubService) genVmessLink(inbound *model.Inbound, email string) string { if fpValue, ok := searchKey(tlsSettings, "fingerprint"); ok { obj["fp"], _ = fpValue.(string) } - if insecure, ok := searchKey(tlsSettings, "allowInsecure"); ok { - obj["allowInsecure"], _ = insecure.(bool) - } } } @@ -296,7 +293,7 @@ func (s *SubService) genVmessLink(inbound *model.Inbound, email string) string { newSecurity, _ := ep["forceTls"].(string) newObj := map[string]any{} for key, value := range obj { - if !(newSecurity == "none" && (key == "alpn" || key == "sni" || key == "fp" || key == "allowInsecure")) { + if !(newSecurity == "none" && (key == "alpn" || key == "sni" || key == "fp")) { newObj[key] = value } } @@ -431,11 +428,6 @@ func (s *SubService) genVlessLink(inbound *model.Inbound, email string) string { if fpValue, ok := searchKey(tlsSettings, "fingerprint"); ok { params["fp"], _ = fpValue.(string) } - if insecure, ok := searchKey(tlsSettings, "allowInsecure"); ok { - if insecure.(bool) { - params["allowInsecure"] = "1" - } - } } if streamNetwork == "tcp" && len(clients[clientIndex].Flow) > 0 { @@ -501,7 +493,7 @@ func (s *SubService) genVlessLink(inbound *model.Inbound, email string) string { q := url.Query() for k, v := range params { - if !(newSecurity == "none" && (k == "alpn" || k == "sni" || k == "fp" || k == "allowInsecure")) { + if !(newSecurity == "none" && (k == "alpn" || k == "sni" || k == "fp")) { q.Add(k, v) } } @@ -632,11 +624,6 @@ func (s *SubService) genTrojanLink(inbound *model.Inbound, email string) string if fpValue, ok := searchKey(tlsSettings, "fingerprint"); ok { params["fp"], _ = fpValue.(string) } - if insecure, ok := searchKey(tlsSettings, "allowInsecure"); ok { - if insecure.(bool) { - params["allowInsecure"] = "1" - } - } } } @@ -698,7 +685,7 @@ func (s *SubService) genTrojanLink(inbound *model.Inbound, email string) string q := url.Query() for k, v := range params { - if !(newSecurity == "none" && (k == "alpn" || k == "sni" || k == "fp" || k == "allowInsecure")) { + if !(newSecurity == "none" && (k == "alpn" || k == "sni" || k == "fp")) { q.Add(k, v) } } @@ -837,11 +824,6 @@ func (s *SubService) genShadowsocksLink(inbound *model.Inbound, email string) st if fpValue, ok := searchKey(tlsSettings, "fingerprint"); ok { params["fp"], _ = fpValue.(string) } - if insecure, ok := searchKey(tlsSettings, "allowInsecure"); ok { - if insecure.(bool) { - params["allowInsecure"] = "1" - } - } } } @@ -870,7 +852,7 @@ func (s *SubService) genShadowsocksLink(inbound *model.Inbound, email string) st q := url.Query() for k, v := range params { - if !(newSecurity == "none" && (k == "alpn" || k == "sni" || k == "fp" || k == "allowInsecure")) { + if !(newSecurity == "none" && (k == "alpn" || k == "sni" || k == "fp")) { q.Add(k, v) } } diff --git a/web/assets/js/model/inbound.js b/web/assets/js/model/inbound.js index 9bc93c30..b6059cf7 100644 --- a/web/assets/js/model/inbound.js +++ b/web/assets/js/model/inbound.js @@ -635,7 +635,7 @@ class TlsStreamSettings extends XrayCommonClass { } if (!ObjectUtil.isEmpty(json.settings)) { - settings = new TlsStreamSettings.Settings(json.settings.allowInsecure, json.settings.fingerprint, json.settings.echConfigList); + settings = new TlsStreamSettings.Settings(json.settings.fingerprint, json.settings.echConfigList); } return new TlsStreamSettings( json.serverName, @@ -738,25 +738,21 @@ TlsStreamSettings.Cert = class extends XrayCommonClass { TlsStreamSettings.Settings = class extends XrayCommonClass { constructor( - allowInsecure = false, fingerprint = UTLS_FINGERPRINT.UTLS_CHROME, echConfigList = '', ) { super(); - this.allowInsecure = allowInsecure; this.fingerprint = fingerprint; this.echConfigList = echConfigList; } static fromJson(json = {}) { return new TlsStreamSettings.Settings( - json.allowInsecure, json.fingerprint, json.echConfigList, ); } toJson() { return { - allowInsecure: this.allowInsecure, fingerprint: this.fingerprint, echConfigList: this.echConfigList }; @@ -1417,9 +1413,6 @@ class Inbound extends XrayCommonClass { if (this.stream.tls.alpn.length > 0) { obj.alpn = this.stream.tls.alpn.join(','); } - if (this.stream.tls.settings.allowInsecure) { - obj.allowInsecure = this.stream.tls.settings.allowInsecure; - } } return 'vmess://' + Base64.encode(JSON.stringify(obj, null, 2)); @@ -1480,9 +1473,6 @@ class Inbound extends XrayCommonClass { if (this.stream.isTls) { params.set("fp", this.stream.tls.settings.fingerprint); params.set("alpn", this.stream.tls.alpn); - if (this.stream.tls.settings.allowInsecure) { - params.set("allowInsecure", "1"); - } if (!ObjectUtil.isEmpty(this.stream.tls.sni)) { params.set("sni", this.stream.tls.sni); } @@ -1583,9 +1573,6 @@ class Inbound extends XrayCommonClass { if (this.stream.isTls) { params.set("fp", this.stream.tls.settings.fingerprint); params.set("alpn", this.stream.tls.alpn); - if (this.stream.tls.settings.allowInsecure) { - params.set("allowInsecure", "1"); - } if (this.stream.tls.settings.echConfigList?.length > 0) { params.set("ech", this.stream.tls.settings.echConfigList); } @@ -1662,9 +1649,6 @@ class Inbound extends XrayCommonClass { if (this.stream.isTls) { params.set("fp", this.stream.tls.settings.fingerprint); params.set("alpn", this.stream.tls.alpn); - if (this.stream.tls.settings.allowInsecure) { - params.set("allowInsecure", "1"); - } if (this.stream.tls.settings.echConfigList?.length > 0) { params.set("ech", this.stream.tls.settings.echConfigList); } diff --git a/web/assets/js/model/outbound.js b/web/assets/js/model/outbound.js index fc110b4e..56606231 100644 --- a/web/assets/js/model/outbound.js +++ b/web/assets/js/model/outbound.js @@ -345,16 +345,14 @@ class TlsStreamSettings extends CommonClass { serverName = '', alpn = [], fingerprint = '', - allowInsecure = false, echConfigList = '', - verifyPeerCertByName = 'cloudflare-dns.com', + verifyPeerCertByName = '', pinnedPeerCertSha256 = '', ) { super(); this.serverName = serverName; this.alpn = alpn; this.fingerprint = fingerprint; - this.allowInsecure = allowInsecure; this.echConfigList = echConfigList; this.verifyPeerCertByName = verifyPeerCertByName; this.pinnedPeerCertSha256 = pinnedPeerCertSha256; @@ -365,7 +363,6 @@ class TlsStreamSettings extends CommonClass { json.serverName, json.alpn, json.fingerprint, - json.allowInsecure, json.echConfigList, json.verifyPeerCertByName, json.pinnedPeerCertSha256, @@ -377,7 +374,6 @@ class TlsStreamSettings extends CommonClass { serverName: this.serverName, alpn: this.alpn, fingerprint: this.fingerprint, - allowInsecure: this.allowInsecure, echConfigList: this.echConfigList, verifyPeerCertByName: this.verifyPeerCertByName, pinnedPeerCertSha256: this.pinnedPeerCertSha256 @@ -936,8 +932,7 @@ class Outbound extends CommonClass { stream.tls = new TlsStreamSettings( json.sni, json.alpn ? json.alpn.split(',') : [], - json.fp, - json.allowInsecure); + json.fp); } const port = json.port * 1; @@ -978,10 +973,9 @@ class Outbound extends CommonClass { if (security == 'tls') { let fp = url.searchParams.get('fp') ?? 'none'; let alpn = url.searchParams.get('alpn'); - let allowInsecure = url.searchParams.get('allowInsecure'); let sni = url.searchParams.get('sni') ?? ''; let ech = url.searchParams.get('ech') ?? ''; - stream.tls = new TlsStreamSettings(sni, alpn ? alpn.split(',') : [], fp, allowInsecure == 1, ech); + stream.tls = new TlsStreamSettings(sni, alpn ? alpn.split(',') : [], fp, ech); } if (security == 'reality') { diff --git a/web/html/form/outbound.html b/web/html/form/outbound.html index 4df095d4..a2de920a 100644 --- a/web/html/form/outbound.html +++ b/web/html/form/outbound.html @@ -700,14 +700,12 @@ <a-form-item label="ECH Config List"> <a-input v-model.trim="outbound.stream.tls.echConfigList"></a-input> </a-form-item> - <a-form-item label="Allow Insecure"> - <a-switch v-model="outbound.stream.tls.allowInsecure"></a-switch> - </a-form-item> <a-form-item label="verify Peer Cert By Name"> <a-input - v-model.trim="outbound.stream.tls.verifyPeerCertByName"></a-input> + v-model.trim="outbound.stream.tls.verifyPeerCertByName" + placeholder="cloudflare-dns.com"></a-input> </a-form-item> - <a-form-item label="pinned Peer Cert Sha256"> + <a-form-item label=" pinned Peer Cert Sha256"> <a-input v-model.trim="outbound.stream.tls.pinnedPeerCertSha256" placeholder="Enter SHA256 fingerprints (base64)"> </a-input> @@ -772,7 +770,8 @@ <a-switch v-model="outbound.stream.sockopt.tcpFastOpen"></a-switch> </a-form-item> <a-form-item label="Multipath TCP"> - <a-switch v-model.trim="outbound.stream.sockopt.tcpMptcp"></a-switch> + <a-switch + v-model.trim="outbound.stream.sockopt.tcpMptcp"></a-switch> </a-form-item> <a-form-item label="Penetrate"> <a-switch v-model="outbound.stream.sockopt.penetrate"></a-switch> @@ -799,7 +798,8 @@ </a-form-item> <template v-if="outbound.mux.enabled"> <a-form-item label="Concurrency"> - <a-input-number v-model.number="outbound.mux.concurrency" :min="-1" + <a-input-number v-model.number="outbound.mux.concurrency" + :min="-1" :max="1024"></a-input-number> </a-form-item> <a-form-item label="xudp Concurrency"> diff --git a/web/html/form/tls_settings.html b/web/html/form/tls_settings.html index b2368d4f..2fe82388 100644 --- a/web/html/form/tls_settings.html +++ b/web/html/form/tls_settings.html @@ -58,9 +58,6 @@ ]]</a-select-option> </a-select> </a-form-item> - <a-form-item label="Allow Insecure"> - <a-switch v-model="inbound.stream.tls.settings.allowInsecure"></a-switch> - </a-form-item> <a-form-item label="Reject Unknown SNI"> <a-switch v-model="inbound.stream.tls.rejectUnknownSni"></a-switch> </a-form-item> |