/// <summary> /// Validate the object. /// </summary> /// <exception cref="ValidationException"> /// Thrown if validation fails /// </exception> public virtual void Validate() { if (TlsSettings != null) { TlsSettings.Validate(); } }
protected sealed override Stream Start(Socket socket) { settings = GetSettings(); settings.EnableDebugging = Parameters.EnableDebugging; monoSslStream = Start(socket, settings); return(monoSslStream); }
protected sealed override Task <Stream> Start(TestContext ctx, Socket socket, CancellationToken cancellationToken) { return(Task.Run <Stream> (() => { settings = GetSettings(); settings.EnableDebugging = Parameters.EnableDebugging; monoSslStream = Start(socket, settings); return monoSslStream; })); }
/// <summary> /// Validate the object. /// </summary> /// <exception cref="ValidationException"> /// Thrown if validation fails /// </exception> public virtual void Validate() { if (HostName == null) { throw new ValidationException(ValidationRules.CannotBeNull, "HostName"); } if (TlsSettings != null) { TlsSettings.Validate(); } }
protected override TlsSettings GetSettings() { var settings = new TlsSettings(); var monoParams = Parameters as IMonoClientParameters; if (monoParams != null) { settings.ClientCertificateParameters = monoParams.ClientCertificateParameters; settings.Instrumentation = monoParams.ClientInstrumentation; } settings.RequestedCiphers = Parameters.ClientCiphers; return(settings); }
protected override TlsSettings GetSettings() { var settings = new TlsSettings(); if (Parameters.RequireClientCertificate) { settings.RequireClientCertificate = true; } else if (Parameters.AskForClientCertificate) { settings.AskForClientCertificate = true; } settings.RequestedCiphers = Parameters.ServerCiphers; return(settings); }
protected override MonoNewTlsStream Start(Socket socket, TlsSettings settings) { #if FIXME var monoParams = Parameters as IMonoServerParameters; if (monoParams != null) { settings.Instrumentation = monoParams.ServerInstrumentation; } #endif settings.ClientCertValidationCallback = ClientCertValidationCallback; var stream = new NetworkStream(socket); return(MonoNewTlsStreamFactory.CreateServer( stream, false, null, null, EncryptionPolicy.RequireEncryption, settings, Certificate.Certificate, false, SslProtocols.Tls12, false)); }
protected override MonoNewTlsStream Start(Socket socket, TlsSettings settings) { Debug("Connected."); var clientCerts = new X509Certificate2Collection(); if (Parameters.ClientCertificate != null) { var clientCert = (ClientCertificate)Parameters.ClientCertificate; clientCerts.Add(clientCert.Certificate); } var targetHost = "Hamiller-Tube.local"; var stream = new NetworkStream(socket); return(MonoNewTlsStreamFactory.CreateClient( stream, false, RemoteValidationCallback, null, EncryptionPolicy.RequireEncryption, settings, targetHost, clientCerts, SslProtocols.Tls12, false)); }
/// <summary> /// vmess协议远程服务器底层传输配置 /// </summary> /// <param name="config"></param> /// <param name="iobound"></param> /// <param name="streamSettings"></param> /// <returns></returns> private static int boundStreamSettings(Config config, string iobound, ref StreamSettings streamSettings) { try { //远程服务器底层传输配置 streamSettings.network = config.network(); streamSettings.security = config.streamSecurity(); //streamSettings switch (config.network()) { //kcp基本配置暂时是默认值,用户能自己设置伪装类型 case "kcp": KcpSettings kcpSettings = new KcpSettings(); kcpSettings.mtu = config.kcpItem.mtu; kcpSettings.tti = config.kcpItem.tti; if (iobound.Equals("out")) { kcpSettings.uplinkCapacity = config.kcpItem.uplinkCapacity; kcpSettings.downlinkCapacity = config.kcpItem.downlinkCapacity; } else if (iobound.Equals("in")) { kcpSettings.uplinkCapacity = config.kcpItem.downlinkCapacity;; kcpSettings.downlinkCapacity = config.kcpItem.downlinkCapacity; } else { kcpSettings.uplinkCapacity = config.kcpItem.uplinkCapacity; kcpSettings.downlinkCapacity = config.kcpItem.downlinkCapacity; } kcpSettings.congestion = config.kcpItem.congestion; kcpSettings.readBufferSize = config.kcpItem.readBufferSize; kcpSettings.writeBufferSize = config.kcpItem.writeBufferSize; kcpSettings.header = new Header(); kcpSettings.header.type = config.headerType(); streamSettings.kcpSettings = kcpSettings; break; //ws case "ws": WsSettings wsSettings = new WsSettings(); wsSettings.connectionReuse = true; string host2 = config.requestHost().Replace(" ", ""); string path = config.path().Replace(" ", ""); if (!string.IsNullOrWhiteSpace(host2)) { wsSettings.headers = new Headers(); wsSettings.headers.Host = host2; } if (!string.IsNullOrWhiteSpace(path)) { wsSettings.path = path; } streamSettings.wsSettings = wsSettings; TlsSettings tlsSettings = new TlsSettings(); tlsSettings.allowInsecure = config.allowInsecure(); streamSettings.tlsSettings = tlsSettings; break; //h2 case "h2": HttpSettings httpSettings = new HttpSettings(); string host3 = config.requestHost().Replace(" ", ""); if (!string.IsNullOrWhiteSpace(host3)) { httpSettings.host = Utils.String2List(host3); } httpSettings.path = config.path().Replace(" ", ""); streamSettings.httpSettings = httpSettings; TlsSettings tlsSettings2 = new TlsSettings(); tlsSettings2.allowInsecure = config.allowInsecure(); streamSettings.tlsSettings = tlsSettings2; break; default: //tcp带http伪装 if (config.headerType().Equals(Global.TcpHeaderHttp)) { TcpSettings tcpSettings = new TcpSettings(); tcpSettings.connectionReuse = true; tcpSettings.header = new Header(); tcpSettings.header.type = config.headerType(); //request填入自定义Host string request = Utils.GetEmbedText(Global.v2raySampleHttprequestFileName); string[] arrHost = config.requestHost().Replace(" ", "").Split(','); string host = string.Join("\",\"", arrHost); request = request.Replace("$requestHost$", string.Format("\"{0}\"", host)); //request = request.Replace("$requestHost$", string.Format("\"{0}\"", config.requestHost())); string response = Utils.GetEmbedText(Global.v2raySampleHttpresponseFileName); tcpSettings.header.request = Utils.FromJson <object>(request); tcpSettings.header.response = Utils.FromJson <object>(response); streamSettings.tcpSettings = tcpSettings; } break; } } catch { } return(0); }
public TlsHandlerWrapper(Func <Stream, SslStream> sslStreamFactory, TlsSettings settings) { handler = new TlsHandler(sslStreamFactory, settings); }
//private void CheckOnRemoteCert() //{ // Task.Run(() => // { // bool stillNoCert = true; // while(stillNoCert) // { // try // { // if (RemoteCertificate != null) // { // stillNoCert = false; // Console.WriteLine("Found the cert!"); // } // } // catch { } // } // }); //} public TlsHandlerWrapper(TlsSettings settings) { handler = new DotNetty.Handlers.Tls.TlsHandler(settings); }
private static void boundStreamSettings(VMess server, ref StreamSettings streamSettings) { try { streamSettings.network = server.TransferProtocol; var host = server.Host; if (server.TLSSecure) { streamSettings.security = "tls"; var tlsSettings = new TlsSettings { allowInsecure = Global.Settings.V2RayConfig.AllowInsecure }; if (!string.IsNullOrWhiteSpace(host)) { tlsSettings.serverName = host; } streamSettings.tlsSettings = tlsSettings; } else { streamSettings.security = ""; } switch (server.TransferProtocol) { case "kcp": var kcpSettings = new KcpSettings { mtu = Global.Settings.V2RayConfig.KcpConfig.mtu, tti = Global.Settings.V2RayConfig.KcpConfig.tti, uplinkCapacity = Global.Settings.V2RayConfig.KcpConfig.uplinkCapacity, downlinkCapacity = Global.Settings.V2RayConfig.KcpConfig.downlinkCapacity, congestion = Global.Settings.V2RayConfig.KcpConfig.congestion, readBufferSize = Global.Settings.V2RayConfig.KcpConfig.readBufferSize, writeBufferSize = Global.Settings.V2RayConfig.KcpConfig.writeBufferSize, header = new Header { type = server.FakeType }, seed = !string.IsNullOrWhiteSpace(server.Path) ? server.Path : null }; streamSettings.kcpSettings = kcpSettings; break; case "ws": var path = server.Path; var wsSettings = new WsSettings { connectionReuse = true, headers = !string.IsNullOrWhiteSpace(host) ? new Headers { Host = host } : null, path = !string.IsNullOrWhiteSpace(path) ? path : null }; streamSettings.wsSettings = wsSettings; break; case "h2": var httpSettings = new HttpSettings { host = new List <string> { string.IsNullOrWhiteSpace(server.Host) ? server.Hostname : server.Host }, path = server.Path }; streamSettings.httpSettings = httpSettings; break; case "quic": var quicSettings = new QuicSettings { security = host, key = server.Path, header = new Header { type = server.FakeType } }; if (server.TLSSecure) { streamSettings.tlsSettings.serverName = server.Hostname; } streamSettings.quicSettings = quicSettings; break; case "xtls": streamSettings.security = server.TransferProtocol; var xtlsSettings = new TlsSettings { allowInsecure = Global.Settings.V2RayConfig.AllowInsecure }; if (!string.IsNullOrWhiteSpace(host)) { xtlsSettings.serverName = host; } streamSettings.xtlsSettings = xtlsSettings; break; default: if (server.FakeType == "http") { var tcpSettings = new TcpSettings { connectionReuse = true, header = new Header { type = server.FakeType, request = new TCPRequest { path = string.IsNullOrWhiteSpace(server.Path) ? "/" : server.Path, headers = new TCPRequestHeaders { Host = string.IsNullOrWhiteSpace(server.Host) ? server.Hostname : server.Host } } } }; streamSettings.tcpSettings = tcpSettings; } break; } } catch { // ignored } }
private static StreamSettings boundStreamSettings(VMessServer server) { // https://xtls.github.io/config/transports var streamSettings = new StreamSettings { network = server.TransferProtocol, security = server.TLSSecureType }; if (server.TLSSecureType != "none") { var tlsSettings = new TlsSettings { allowInsecure = Global.Settings.V2RayConfig.AllowInsecure, serverName = server.ServerName.ValueOrDefault() ?? server.Host.SplitOrDefault()?[0] }; switch (server.TLSSecureType) { case "tls": streamSettings.tlsSettings = tlsSettings; break; case "xtls": streamSettings.xtlsSettings = tlsSettings; break; } } switch (server.TransferProtocol) { case "tcp": streamSettings.tcpSettings = new TcpSettings { header = new { type = server.FakeType, request = server.FakeType switch { "none" => null, "http" => new { path = server.Path.SplitOrDefault(), headers = new { Host = server.Host.SplitOrDefault() } }, _ => throw new MessageException($"Invalid tcp type {server.FakeType}") } } }; break; case "ws": streamSettings.wsSettings = new WsSettings { path = server.Path.ValueOrDefault(), headers = new { Host = server.Host.ValueOrDefault() } }; break; case "kcp": streamSettings.kcpSettings = new KcpSettings { mtu = Global.Settings.V2RayConfig.KcpConfig.mtu, tti = Global.Settings.V2RayConfig.KcpConfig.tti, uplinkCapacity = Global.Settings.V2RayConfig.KcpConfig.uplinkCapacity, downlinkCapacity = Global.Settings.V2RayConfig.KcpConfig.downlinkCapacity, congestion = Global.Settings.V2RayConfig.KcpConfig.congestion, readBufferSize = Global.Settings.V2RayConfig.KcpConfig.readBufferSize, writeBufferSize = Global.Settings.V2RayConfig.KcpConfig.writeBufferSize, header = new { type = server.FakeType }, seed = server.Path.ValueOrDefault() }; break; case "h2": streamSettings.httpSettings = new HttpSettings { host = server.Host.SplitOrDefault(), path = server.Path.ValueOrDefault() }; break; case "quic": streamSettings.quicSettings = new QuicSettings { security = server.QUICSecure, key = server.QUICSecret, header = new { type = server.FakeType } }; break; case "grpc": streamSettings.grpcSettings = new GrpcSettings { serviceName = server.Path, multiMode = server.FakeType == "multi" }; break; default: throw new MessageException($"transfer protocol \"{server.TransferProtocol}\" not implemented yet"); } return(streamSettings); }
public SslSession( TlsSettings settings, X509Certificate peerCert) { this.PeerCert = peerCert; }
protected abstract MonoNewTlsStream Start(Socket socket, TlsSettings settings);
internal MonoNewTlsStream(Stream innerStream, TlsSettings settings) : this(innerStream, false, null, null, settings) { }
internal MonoNewTlsStream(Stream innerStream, bool leaveOpen, TlsSettings settings) : this(innerStream, leaveOpen, null, null, EncryptionPolicy.RequireEncryption, settings) { }