88 lines
2.7 KiB
Go
88 lines
2.7 KiB
Go
package singbox
|
|
|
|
import (
|
|
"github.com/perfect-panel/server/pkg/adapter/proxy"
|
|
)
|
|
|
|
type OutboundTLSOptions struct {
|
|
Enabled bool `json:"enabled,omitempty"`
|
|
DisableSNI bool `json:"disable_sni,omitempty"`
|
|
ServerName string `json:"server_name,omitempty"`
|
|
Insecure bool `json:"insecure,omitempty"`
|
|
ALPN Listable[string] `json:"alpn,omitempty"`
|
|
MinVersion string `json:"min_version,omitempty"`
|
|
MaxVersion string `json:"max_version,omitempty"`
|
|
CipherSuites Listable[string] `json:"cipher_suites,omitempty"`
|
|
Certificate Listable[string] `json:"certificate,omitempty"`
|
|
CertificatePath string `json:"certificate_path,omitempty"`
|
|
ECH *OutboundECHOptions `json:"ech,omitempty"`
|
|
UTLS *OutboundUTLSOptions `json:"utls,omitempty"`
|
|
Reality *OutboundRealityOptions `json:"reality,omitempty"`
|
|
}
|
|
|
|
func NewOutboundTLSOptions(security string, cfg proxy.SecurityConfig) *OutboundTLSOptions {
|
|
var tls = &OutboundTLSOptions{}
|
|
switch security {
|
|
case "none":
|
|
return nil
|
|
case "tls":
|
|
tls.Enabled = true
|
|
if cfg.SNI != "" {
|
|
tls.ServerName = cfg.SNI
|
|
} else {
|
|
tls.DisableSNI = true
|
|
}
|
|
tls.Insecure = cfg.AllowInsecure
|
|
if cfg.Fingerprint != "" {
|
|
tls.UTLS = &OutboundUTLSOptions{
|
|
Enabled: true,
|
|
Fingerprint: cfg.Fingerprint,
|
|
}
|
|
}
|
|
case "reality":
|
|
tls.Enabled = true
|
|
if cfg.SNI != "" {
|
|
tls.ServerName = cfg.SNI
|
|
} else {
|
|
tls.DisableSNI = true
|
|
}
|
|
tls.Insecure = cfg.AllowInsecure
|
|
if cfg.Fingerprint != "" {
|
|
tls.UTLS = &OutboundUTLSOptions{
|
|
Enabled: true,
|
|
Fingerprint: cfg.Fingerprint,
|
|
}
|
|
}
|
|
tls.Reality = &OutboundRealityOptions{
|
|
Enabled: true,
|
|
PublicKey: cfg.RealityPublicKey,
|
|
ShortID: cfg.RealityShortId,
|
|
}
|
|
}
|
|
return tls
|
|
}
|
|
|
|
type OutboundECHOptions struct {
|
|
Enabled bool `json:"enabled,omitempty"`
|
|
PQSignatureSchemesEnabled bool `json:"pq_signature_schemes_enabled,omitempty"`
|
|
DynamicRecordSizingDisabled bool `json:"dynamic_record_sizing_disabled,omitempty"`
|
|
Config Listable[string] `json:"config,omitempty"`
|
|
ConfigPath string `json:"config_path,omitempty"`
|
|
}
|
|
|
|
type OutboundRealityOptions struct {
|
|
Enabled bool `json:"enabled,omitempty"`
|
|
PublicKey string `json:"public_key,omitempty"`
|
|
ShortID string `json:"short_id,omitempty"`
|
|
}
|
|
|
|
type OutboundUTLSOptions struct {
|
|
Enabled bool `json:"enabled,omitempty"`
|
|
Fingerprint string `json:"fingerprint,omitempty"`
|
|
}
|
|
type Listable[T any] []T
|
|
|
|
type OutboundTLSOptionsContainer struct {
|
|
TLS *OutboundTLSOptions `json:"tls,omitempty"`
|
|
}
|