Merge pull request #89 from alireza0/TLS-enhancements

TLS-enhancements
2026-03-18 23:05:48 +00:00 · 2023-03-24 12:06:33 +01:00
parent 0f487dc10f dac234357a
commit 3f49aa5541
3 changed files with 48 additions and 19 deletions
--- a/web/assets/css/custom.css
+++ b/web/assets/css/custom.css
@@ -188,7 +188,8 @@

 .ant-card-dark .ant-collapse-content,
 .ant-card-dark .ant-calendar,
-.ant-card-dark .ant-table-placeholder {
+.ant-card-dark .ant-table-placeholder,
+.ant-card-dark .ant-input-group-addon {
    color: hsla(0,0%,100%,.65);
    background-color: #262f3d;
 }
@@ -208,7 +209,8 @@
 .ant-card-dark .ant-calendar-year-select,
 .ant-card-dark .ant-calendar-date,
 .ant-card-dark .ant-collapse>.ant-collapse-item>.ant-collapse-header,
-.ant-card-dark .ant-empty-normal {
+.ant-card-dark .ant-empty-normal,
+.ant-card-dark .ant-checkbox+span {
    color: hsla(0,0%,100%,.65);
 }

@@ -308,7 +310,8 @@
    border-color: #593815;
 }

-.ant-card-dark .ant-table-row-expand-icon {
+.ant-card-dark .ant-table-row-expand-icon,
+.ant-card-dark .ant-checkbox-inner {
    background: none;
 }

@@ -316,12 +319,17 @@
    background-color: #0c61b0;
 }

-.ant-card-dark .ant-btn {
+.ant-card-dark .ant-btn,
+.ant-card-dark .ant-radio-button-wrapper {
    color: hsla(0,0%,100%,.65);
    background: none;
    border: 1px solid hsla(0,0%,100%,.65);
 }

+.ant-card-dark .ant-radio-button-wrapper:hover {
+    color: #177ddc;
+}
+
 .ant-card-dark .ant-btn-primary {
    color:  hsla(0,0%,100%,.65);
    background-color: #073763;
--- a/web/assets/js/model/xray.js
+++ b/web/assets/js/model/xray.js
@@ -95,7 +95,6 @@ const UTLS_FINGERPRINT = {
 const ALPN_OPTION = {
    H2: "h2",
    HTTP1: "http/1.1",
-    BOTH: "h2,http/1.1",
 };

 Object.freeze(Protocols);
@@ -474,8 +473,8 @@ class GrpcStreamSettings extends XrayCommonClass {

 class TlsStreamSettings extends XrayCommonClass {
    constructor(serverName='',
-                minVersion = TLS_VERSION_OPTION.TLS12,
-                maxVersion = TLS_VERSION_OPTION.TLS13,
+                minVersion = TLS_VERSION_OPTION.TLS10,
+                maxVersion = TLS_VERSION_OPTION.TLS12,
                cipherSuites = '',
                certificates=[new TlsStreamSettings.Cert()],
                alpn=[''],
@@ -575,9 +574,9 @@ TlsStreamSettings.Cert = class extends XrayCommonClass {
 };

 TlsStreamSettings.Settings = class extends XrayCommonClass {
-    constructor(insecure = false, fingerprint = '', serverName = '') {
+    constructor(allowInsecure = false, fingerprint = '', serverName = '') {
        super();
-        this.inSecure = insecure;
+        this.allowInsecure = allowInsecure;
        this.fingerprint = fingerprint;
        this.serverName = serverName;
    }
@@ -590,7 +589,7 @@ TlsStreamSettings.Settings = class extends XrayCommonClass {
    }
    toJson() {
        return {
-            allowInsecure: this.inSecure,
+            allowInsecure: this.allowInsecure,
            fingerprint: this.fingerprint,
            serverName: this.serverName,
        };
@@ -1081,6 +1080,10 @@ class Inbound extends XrayCommonClass {
            host: host,
            path: path,
            tls: this.stream.security,
+            sni: this.stream.tls.settings[0]['serverName'],
+            fp: this.stream.tls.settings[0]['fingerprint'],
+            alpn: this.stream.tls.alpn.join(','),
+            allowInsecure: this.stream.tls.settings[0].allowInsecure,
        };
        return 'vmess://' + base64(JSON.stringify(obj, null, 2));
    }
@@ -1092,7 +1095,6 @@ class Inbound extends XrayCommonClass {
        const type = this.stream.network;
        const params = new Map();
        params.set("type", this.stream.network);
-        params.set("security", this.stream.security);
        switch (type) {
            case "tcp":
                const tcp = this.stream.tcp;
@@ -1139,8 +1141,12 @@ class Inbound extends XrayCommonClass {
        }

        if (this.tls) {
+            params.set("security", "tls");
            params.set("fp" , this.stream.tls.settings[0]['fingerprint']);
-            params.set("alpn", this.stream.tls.alpn[0]);
+            params.set("alpn", this.stream.tls.alpn);
+            if(this.stream.tls.settings[0].allowInsecure){
+                params.set("allowInsecure", "1");
+            }
            if (!ObjectUtil.isEmpty(this.stream.tls.server)) {
                address = this.stream.tls.server;
 			}
@@ -1153,6 +1159,11 @@ class Inbound extends XrayCommonClass {
        }

        if (this.xtls) {
+            params.set("security", "tls");
+            params.set("alpn", this.stream.tls.alpn);
+            if(this.stream.tls.settings[0].allowInsecure){
+                params.set("allowInsecure", "1");
+            }
            if (!ObjectUtil.isEmpty(this.stream.tls.server)) {
                address = this.stream.tls.server;
            }
@@ -1188,7 +1199,6 @@ class Inbound extends XrayCommonClass {
        const type = this.stream.network;
        const params = new Map();
        params.set("type", this.stream.network);
-        params.set("security", this.stream.security);
        switch (type) {
            case "tcp":
                const tcp = this.stream.tcp;
@@ -1235,8 +1245,12 @@ class Inbound extends XrayCommonClass {
        }

        if (this.tls) {
+            params.set("security", "tls");
            params.set("fp" , this.stream.tls.settings[0]['fingerprint']);
-            params.set("alpn", this.stream.tls.alpn[0]);
+            params.set("alpn", this.stream.tls.alpn);
+            if(this.stream.tls.settings[0].allowInsecure){
+                params.set("allowInsecure", "1");
+            }
            if (!ObjectUtil.isEmpty(this.stream.tls.server)) {
                address = this.stream.tls.server;
            }
@@ -1246,6 +1260,11 @@ class Inbound extends XrayCommonClass {
        }

 		if (this.xtls) {
+            params.set("security", "tls");
+            params.set("alpn", this.stream.tls.alpn);
+            if(this.stream.tls.settings[0].allowInsecure){
+                params.set("allowInsecure", "1");
+            }
            if (!ObjectUtil.isEmpty(this.stream.tls.server)) {
                address = this.stream.tls.server;
 			}
--- a/web/html/xui/form/tls_settings.html
+++ b/web/html/xui/form/tls_settings.html
@@ -40,11 +40,13 @@
    <a-form-item label='{{ i18n "domainName" }}'>
        <a-input v-model.trim="inbound.stream.tls.server"></a-input>
    </a-form-item>
-    <a-form-item label="Alpn" v-if="inbound.tls">
-        <a-select v-model="inbound.stream.tls.alpn[0]" style="width:200px">
-            <a-select-option value=''>auto</a-select-option>
-            <a-select-option v-for="key in ALPN_OPTION" :value="key">[[ key ]]</a-select-option>
-        </a-select>
+    <a-form-item label="Alpn">
+        <a-checkbox-group v-model="inbound.stream.tls.alpn" style="width:200px">
+            <a-checkbox v-for="key in ALPN_OPTION" :value="key">[[ key ]]</a-checkbox>
+        </a-checkbox-group>
+    </a-form-item>
+    <a-form-item label="Allow insecure">
+        <a-switch v-model="inbound.stream.tls.settings[0].allowInsecure"></a-switch>
    </a-form-item>
    <a-form-item label='{{ i18n "certificate" }}'>
        <a-radio-group v-model="inbound.stream.tls.certs[0].useFile" button-style="solid">