/// <summary>
/// Validate the object.
/// </summary>
/// <exception cref="ValidationException">
/// Thrown if validation fails
/// </exception>
public virtual void Validate()
{
if (TlsSettings != null)
{
TlsSettings.Validate();
}
}
protected sealed override Stream Start(Socket socket)
{
settings = GetSettings();
settings.EnableDebugging = Parameters.EnableDebugging;
monoSslStream = Start(socket, settings);
return(monoSslStream);
}
protected sealed override Task <Stream> Start(TestContext ctx, Socket socket, CancellationToken cancellationToken)
{
return(Task.Run <Stream> (() => {
settings = GetSettings();
settings.EnableDebugging = Parameters.EnableDebugging;
monoSslStream = Start(socket, settings);
return monoSslStream;
}));
}
/// <summary>
/// Validate the object.
/// </summary>
/// <exception cref="ValidationException">
/// Thrown if validation fails
/// </exception>
public virtual void Validate()
{
if (HostName == null)
{
throw new ValidationException(ValidationRules.CannotBeNull, "HostName");
}
if (TlsSettings != null)
{
TlsSettings.Validate();
}
}
protected override TlsSettings GetSettings()
{
var settings = new TlsSettings();
var monoParams = Parameters as IMonoClientParameters;
if (monoParams != null)
{
settings.ClientCertificateParameters = monoParams.ClientCertificateParameters;
settings.Instrumentation = monoParams.ClientInstrumentation;
}
settings.RequestedCiphers = Parameters.ClientCiphers;
return(settings);
}
protected override TlsSettings GetSettings()
{
var settings = new TlsSettings();
if (Parameters.RequireClientCertificate)
{
settings.RequireClientCertificate = true;
}
else if (Parameters.AskForClientCertificate)
{
settings.AskForClientCertificate = true;
}
settings.RequestedCiphers = Parameters.ServerCiphers;
return(settings);
}
protected override MonoNewTlsStream Start(Socket socket, TlsSettings settings)
{
#if FIXME
var monoParams = Parameters as IMonoServerParameters;
if (monoParams != null)
{
settings.Instrumentation = monoParams.ServerInstrumentation;
}
#endif
settings.ClientCertValidationCallback = ClientCertValidationCallback;
var stream = new NetworkStream(socket);
return(MonoNewTlsStreamFactory.CreateServer(
stream, false, null, null, EncryptionPolicy.RequireEncryption, settings,
Certificate.Certificate, false, SslProtocols.Tls12, false));
}
protected override MonoNewTlsStream Start(Socket socket, TlsSettings settings)
{
Debug("Connected.");
var clientCerts = new X509Certificate2Collection();
if (Parameters.ClientCertificate != null)
{
var clientCert = (ClientCertificate)Parameters.ClientCertificate;
clientCerts.Add(clientCert.Certificate);
}
var targetHost = "Hamiller-Tube.local";
var stream = new NetworkStream(socket);
return(MonoNewTlsStreamFactory.CreateClient(
stream, false, RemoteValidationCallback, null, EncryptionPolicy.RequireEncryption, settings,
targetHost, clientCerts, SslProtocols.Tls12, false));
}
/// <summary>
/// vmess协议远程服务器底层传输配置
/// </summary>
/// <param name="config"></param>
/// <param name="iobound"></param>
/// <param name="streamSettings"></param>
/// <returns></returns>
private static int boundStreamSettings(Config config, string iobound, ref StreamSettings streamSettings)
{
try
{
//远程服务器底层传输配置
streamSettings.network = config.network();
streamSettings.security = config.streamSecurity();
//streamSettings
switch (config.network())
{
//kcp基本配置暂时是默认值,用户能自己设置伪装类型
case "kcp":
KcpSettings kcpSettings = new KcpSettings();
kcpSettings.mtu = config.kcpItem.mtu;
kcpSettings.tti = config.kcpItem.tti;
if (iobound.Equals("out"))
{
kcpSettings.uplinkCapacity = config.kcpItem.uplinkCapacity;
kcpSettings.downlinkCapacity = config.kcpItem.downlinkCapacity;
}
else if (iobound.Equals("in"))
{
kcpSettings.uplinkCapacity = config.kcpItem.downlinkCapacity;;
kcpSettings.downlinkCapacity = config.kcpItem.downlinkCapacity;
}
else
{
kcpSettings.uplinkCapacity = config.kcpItem.uplinkCapacity;
kcpSettings.downlinkCapacity = config.kcpItem.downlinkCapacity;
}
kcpSettings.congestion = config.kcpItem.congestion;
kcpSettings.readBufferSize = config.kcpItem.readBufferSize;
kcpSettings.writeBufferSize = config.kcpItem.writeBufferSize;
kcpSettings.header = new Header();
kcpSettings.header.type = config.headerType();
streamSettings.kcpSettings = kcpSettings;
break;
//ws
case "ws":
WsSettings wsSettings = new WsSettings();
wsSettings.connectionReuse = true;
string host2 = config.requestHost().Replace(" ", "");
string path = config.path().Replace(" ", "");
if (!string.IsNullOrWhiteSpace(host2))
{
wsSettings.headers = new Headers();
wsSettings.headers.Host = host2;
}
if (!string.IsNullOrWhiteSpace(path))
{
wsSettings.path = path;
}
streamSettings.wsSettings = wsSettings;
TlsSettings tlsSettings = new TlsSettings();
tlsSettings.allowInsecure = config.allowInsecure();
streamSettings.tlsSettings = tlsSettings;
break;
//h2
case "h2":
HttpSettings httpSettings = new HttpSettings();
string host3 = config.requestHost().Replace(" ", "");
if (!string.IsNullOrWhiteSpace(host3))
{
httpSettings.host = Utils.String2List(host3);
}
httpSettings.path = config.path().Replace(" ", "");
streamSettings.httpSettings = httpSettings;
TlsSettings tlsSettings2 = new TlsSettings();
tlsSettings2.allowInsecure = config.allowInsecure();
streamSettings.tlsSettings = tlsSettings2;
break;
default:
//tcp带http伪装
if (config.headerType().Equals(Global.TcpHeaderHttp))
{
TcpSettings tcpSettings = new TcpSettings();
tcpSettings.connectionReuse = true;
tcpSettings.header = new Header();
tcpSettings.header.type = config.headerType();
//request填入自定义Host
string request = Utils.GetEmbedText(Global.v2raySampleHttprequestFileName);
string[] arrHost = config.requestHost().Replace(" ", "").Split(',');
string host = string.Join("\",\"", arrHost);
request = request.Replace("$requestHost$", string.Format("\"{0}\"", host));
//request = request.Replace("$requestHost$", string.Format("\"{0}\"", config.requestHost()));
string response = Utils.GetEmbedText(Global.v2raySampleHttpresponseFileName);
tcpSettings.header.request = Utils.FromJson <object>(request);
tcpSettings.header.response = Utils.FromJson <object>(response);
streamSettings.tcpSettings = tcpSettings;
}
break;
}
}
catch
{
}
return(0);
}
public TlsHandlerWrapper(Func <Stream, SslStream> sslStreamFactory, TlsSettings settings)
{
handler = new TlsHandler(sslStreamFactory, settings);
}
//private void CheckOnRemoteCert()
//{
// Task.Run(() =>
// {
// bool stillNoCert = true;
// while(stillNoCert)
// {
// try
// {
// if (RemoteCertificate != null)
// {
// stillNoCert = false;
// Console.WriteLine("Found the cert!");
// }
// }
// catch { }
// }
// });
//}
public TlsHandlerWrapper(TlsSettings settings)
{
handler = new DotNetty.Handlers.Tls.TlsHandler(settings);
}
private static void boundStreamSettings(VMess server, ref StreamSettings streamSettings)
{
try
{
streamSettings.network = server.TransferProtocol;
var host = server.Host;
if (server.TLSSecure)
{
streamSettings.security = "tls";
var tlsSettings = new TlsSettings
{
allowInsecure = Global.Settings.V2RayConfig.AllowInsecure
};
if (!string.IsNullOrWhiteSpace(host))
{
tlsSettings.serverName = host;
}
streamSettings.tlsSettings = tlsSettings;
}
else
{
streamSettings.security = "";
}
switch (server.TransferProtocol)
{
case "kcp":
var kcpSettings = new KcpSettings
{
mtu = Global.Settings.V2RayConfig.KcpConfig.mtu,
tti = Global.Settings.V2RayConfig.KcpConfig.tti,
uplinkCapacity = Global.Settings.V2RayConfig.KcpConfig.uplinkCapacity,
downlinkCapacity = Global.Settings.V2RayConfig.KcpConfig.downlinkCapacity,
congestion = Global.Settings.V2RayConfig.KcpConfig.congestion,
readBufferSize = Global.Settings.V2RayConfig.KcpConfig.readBufferSize,
writeBufferSize = Global.Settings.V2RayConfig.KcpConfig.writeBufferSize,
header = new Header
{
type = server.FakeType
},
seed = !string.IsNullOrWhiteSpace(server.Path) ? server.Path : null
};
streamSettings.kcpSettings = kcpSettings;
break;
case "ws":
var path = server.Path;
var wsSettings = new WsSettings
{
connectionReuse = true,
headers = !string.IsNullOrWhiteSpace(host)
? new Headers
{
Host = host
}
: null,
path = !string.IsNullOrWhiteSpace(path) ? path : null
};
streamSettings.wsSettings = wsSettings;
break;
case "h2":
var httpSettings = new HttpSettings
{
host = new List <string>
{
string.IsNullOrWhiteSpace(server.Host) ? server.Hostname : server.Host
},
path = server.Path
};
streamSettings.httpSettings = httpSettings;
break;
case "quic":
var quicSettings = new QuicSettings
{
security = host,
key = server.Path,
header = new Header
{
type = server.FakeType
}
};
if (server.TLSSecure)
{
streamSettings.tlsSettings.serverName = server.Hostname;
}
streamSettings.quicSettings = quicSettings;
break;
case "xtls":
streamSettings.security = server.TransferProtocol;
var xtlsSettings = new TlsSettings
{
allowInsecure = Global.Settings.V2RayConfig.AllowInsecure
};
if (!string.IsNullOrWhiteSpace(host))
{
xtlsSettings.serverName = host;
}
streamSettings.xtlsSettings = xtlsSettings;
break;
default:
if (server.FakeType == "http")
{
var tcpSettings = new TcpSettings
{
connectionReuse = true,
header = new Header
{
type = server.FakeType,
request = new TCPRequest
{
path = string.IsNullOrWhiteSpace(server.Path) ? "/" : server.Path,
headers = new TCPRequestHeaders
{
Host = string.IsNullOrWhiteSpace(server.Host) ? server.Hostname : server.Host
}
}
}
};
streamSettings.tcpSettings = tcpSettings;
}
break;
}
}
catch
{
// ignored
}
}
private static StreamSettings boundStreamSettings(VMessServer server)
{
// https://xtls.github.io/config/transports
var streamSettings = new StreamSettings
{
network = server.TransferProtocol,
security = server.TLSSecureType
};
if (server.TLSSecureType != "none")
{
var tlsSettings = new TlsSettings
{
allowInsecure = Global.Settings.V2RayConfig.AllowInsecure,
serverName = server.ServerName.ValueOrDefault() ?? server.Host.SplitOrDefault()?[0]
};
switch (server.TLSSecureType)
{
case "tls":
streamSettings.tlsSettings = tlsSettings;
break;
case "xtls":
streamSettings.xtlsSettings = tlsSettings;
break;
}
}
switch (server.TransferProtocol)
{
case "tcp":
streamSettings.tcpSettings = new TcpSettings
{
header = new
{
type = server.FakeType,
request = server.FakeType switch
{
"none" => null,
"http" => new
{
path = server.Path.SplitOrDefault(),
headers = new
{
Host = server.Host.SplitOrDefault()
}
},
_ => throw new MessageException($"Invalid tcp type {server.FakeType}")
}
}
};
break;
case "ws":
streamSettings.wsSettings = new WsSettings
{
path = server.Path.ValueOrDefault(),
headers = new
{
Host = server.Host.ValueOrDefault()
}
};
break;
case "kcp":
streamSettings.kcpSettings = new KcpSettings
{
mtu = Global.Settings.V2RayConfig.KcpConfig.mtu,
tti = Global.Settings.V2RayConfig.KcpConfig.tti,
uplinkCapacity = Global.Settings.V2RayConfig.KcpConfig.uplinkCapacity,
downlinkCapacity = Global.Settings.V2RayConfig.KcpConfig.downlinkCapacity,
congestion = Global.Settings.V2RayConfig.KcpConfig.congestion,
readBufferSize = Global.Settings.V2RayConfig.KcpConfig.readBufferSize,
writeBufferSize = Global.Settings.V2RayConfig.KcpConfig.writeBufferSize,
header = new
{
type = server.FakeType
},
seed = server.Path.ValueOrDefault()
};
break;
case "h2":
streamSettings.httpSettings = new HttpSettings
{
host = server.Host.SplitOrDefault(),
path = server.Path.ValueOrDefault()
};
break;
case "quic":
streamSettings.quicSettings = new QuicSettings
{
security = server.QUICSecure,
key = server.QUICSecret,
header = new
{
type = server.FakeType
}
};
break;
case "grpc":
streamSettings.grpcSettings = new GrpcSettings
{
serviceName = server.Path,
multiMode = server.FakeType == "multi"
};
break;
default:
throw new MessageException($"transfer protocol \"{server.TransferProtocol}\" not implemented yet");
}
return(streamSettings);
}
public SslSession(
TlsSettings settings,
X509Certificate peerCert)
{
this.PeerCert = peerCert;
}
protected abstract MonoNewTlsStream Start(Socket socket, TlsSettings settings);
internal MonoNewTlsStream(Stream innerStream, TlsSettings settings)
: this(innerStream, false, null, null, settings)
{
}
internal MonoNewTlsStream(Stream innerStream, bool leaveOpen, TlsSettings settings)
: this(innerStream, leaveOpen, null, null, EncryptionPolicy.RequireEncryption, settings)
{
}
