From c325faef380e8643926cae0d1c343a00f86acfc5 Mon Sep 17 00:00:00 2001 From: RPRX <63339210+rprx@users.noreply.github.com> Date: Wed, 21 Oct 2020 09:32:16 +0000 Subject: [PATCH] Adjust Trojan over XTLS --- proxy/trojan/client.go | 11 ++++++----- proxy/trojan/protocol.go | 8 ++++---- proxy/trojan/server.go | 8 +++----- 3 files changed, 13 insertions(+), 14 deletions(-) diff --git a/proxy/trojan/client.go b/proxy/trojan/client.go index 74b13f91a..1586aeaf1 100644 --- a/proxy/trojan/client.go +++ b/proxy/trojan/client.go @@ -100,26 +100,27 @@ func (c *Client) Process(ctx context.Context, link *transport.Link, dialer inter if destination.Address.Family().IsDomain() && destination.Address.Domain() == muxCoolAddress { return newError(account.Flow + " doesn't support Mux").AtWarning() } - if destination.Network == net.Network_UDP { if !allowUDP443 && destination.Port == 443 { return newError(account.Flow + " stopped UDP/443").AtInfo() } } else { // enable XTLS only if making TCP request if xtlsConn, ok := iConn.(*xtls.Conn); ok { - connWriter.Flow = account.Flow xtlsConn.RPRX = true - + connWriter.Flow = account.Flow if account.Flow == XRD { xtlsConn.DirectMode = true } } else { - return newError(`failed to enable XTLS, maybe "security" is not "xtls"`).AtWarning() + return newError(`failed to use ` + account.Flow + `, maybe "security" is not "xtls"`).AtWarning() } } case "": + if _, ok := iConn.(*xtls.Conn); ok { + panic(`To avoid misunderstanding, you must fill in Trojan "flow" when using XTLS.`) + } default: - return newError("unsupported flow type: ", account.Flow).AtWarning() + return newError("unsupported flow " + account.Flow).AtWarning() } sessionPolicy := c.policyManager.ForLevel(user.Level) diff --git a/proxy/trojan/protocol.go b/proxy/trojan/protocol.go index 9e7553593..5c271ae80 100644 --- a/proxy/trojan/protocol.go +++ b/proxy/trojan/protocol.go @@ -21,17 +21,17 @@ var ( const ( maxLength = 8192 - // XRO is constant for XTLS origin mode - XRO = "xtls-rprx-origin" // XRD is constant for XTLS direct mode XRD = "xtls-rprx-direct" + // XRO is constant for XTLS origin mode + XRO = "xtls-rprx-origin" commandTCP byte = 1 commandUDP byte = 3 - // for xtls + // for XTLS + commandXRD byte = 0xf0 // XTLS direct mode commandXRO byte = 0xf1 // XTLS origin mode - commandXRD byte = 0xf2 // XTLS direct mode ) // ConnWriter is TCP Connection Writer Wrapper for trojan protocol diff --git a/proxy/trojan/server.go b/proxy/trojan/server.go index 35fadaabe..d2f9d3db5 100644 --- a/proxy/trojan/server.go +++ b/proxy/trojan/server.go @@ -194,24 +194,22 @@ func (s *Server) Process(ctx context.Context, network net.Network, conn internet case XRO, XRD: if account.Flow == clientReader.Flow { if destination.Address.Family().IsDomain() && destination.Address.Domain() == muxCoolAddress { - return newError("XTLS doesn't support Mux").AtWarning() + return newError(clientReader.Flow + " doesn't support Mux").AtWarning() } - if xtlsConn, ok := iConn.(*xtls.Conn); ok { xtlsConn.RPRX = true - if clientReader.Flow == XRD { xtlsConn.DirectMode = true } } else { - return newError(`failed to enable XTLS, maybe "security" is not "xtls"`).AtWarning() + return newError(`failed to use ` + clientReader.Flow + `, maybe "security" is not "xtls"`).AtWarning() } } else { return newError("unable to use ", clientReader.Flow).AtWarning() } case "": default: - return newError("unsupported flow type: ", account.Flow).AtWarning() + return newError("unsupported flow " + account.Flow).AtWarning() } ctx = log.ContextWithAccessMessage(ctx, &log.AccessMessage{