V2bX/core/sing/node.go

package sing

import (
	"context"
	"crypto/rand"
	"encoding/base64"
	"fmt"
	"github.com/google/uuid"
	"net/netip"
	"net/url"
	"strconv"
	"strings"
	"time"

	"github.com/inazumav/sing-box/inbound"
	F "github.com/sagernet/sing/common/format"

	"github.com/InazumaV/V2bX/api/panel"
	"github.com/InazumaV/V2bX/conf"
	"github.com/goccy/go-json"
	"github.com/inazumav/sing-box/option"
)

type WsNetworkConfig struct {
	Path    string            `json:"path"`
	Headers map[string]string `json:"headers"`
}

func getInboundOptions(tag string, info *panel.NodeInfo, c *conf.Options) (option.Inbound, error) {
	addr, err := netip.ParseAddr(c.ListenIP)
	if err != nil {
		return option.Inbound{}, fmt.Errorf("the listen ip not vail")
	}
	listen := option.ListenOptions{
		Listen:        (*option.ListenAddress)(&addr),
		ListenPort:    uint16(info.Port),
		ProxyProtocol: c.SingOptions.EnableProxyProtocol,
		TCPFastOpen:   c.SingOptions.TCPFastOpen,
		InboundOptions: option.InboundOptions{
			SniffEnabled:             c.SingOptions.SniffEnabled,
			SniffOverrideDestination: c.SingOptions.SniffOverrideDestination,
		},
	}
	var tls option.InboundTLSOptions
	if info.Tls || info.Type == "hysteria" {
		if c.CertConfig == nil {
			return option.Inbound{}, fmt.Errorf("the CertConfig is not vail")
		}
		tls.Enabled = true
		tls.Insecure = true
		tls.ServerName = info.ServerName
		switch c.CertConfig.CertMode {
		case "none", "":
			break // disable
		case "reality":
			if c.CertConfig.RealityConfig == nil {
				return option.Inbound{}, fmt.Errorf("RealityConfig is not valid")
			}
			rc := c.CertConfig.RealityConfig
			tls.ServerName = rc.ServerNames[0]
			if len(rc.ShortIds) == 0 {
				rc.ShortIds = []string{""}
			}
			dest, _ := strconv.Atoi(rc.Dest)
			mtd, _ := strconv.Atoi(strconv.FormatUint(rc.MaxTimeDiff, 10))
			tls.Reality = &option.InboundRealityOptions{
				Enabled:           true,
				ShortID:           rc.ShortIds,
				PrivateKey:        rc.PrivateKey,
				MaxTimeDifference: option.Duration(time.Duration(mtd) * time.Second),
				Handshake: option.InboundRealityHandshakeOptions{
					ServerOptions: option.ServerOptions{
						Server:     rc.ServerNames[0],
						ServerPort: uint16(dest),
					},
				},
			}

		case "remote":
			if info.ExtraConfig.EnableReality == "true" {
				if c.CertConfig.RealityConfig == nil {
					return option.Inbound{}, fmt.Errorf("RealityConfig is not valid")
				}
				rc := info.ExtraConfig.RealityConfig
				if len(rc.ShortIds) == 0 {
					rc.ShortIds = []string{""}
				}
				dest, _ := strconv.Atoi(rc.Dest)
				mtd, _ := strconv.Atoi(rc.MaxTimeDiff)
				tls.Reality = &option.InboundRealityOptions{
					Enabled:           true,
					ShortID:           rc.ShortIds,
					PrivateKey:        rc.PrivateKey,
					MaxTimeDifference: option.Duration(time.Duration(mtd) * time.Second),
					Handshake: option.InboundRealityHandshakeOptions{
						ServerOptions: option.ServerOptions{
							Server:     rc.ServerNames[0],
							ServerPort: uint16(dest),
						},
					},
				}
			}
		default:
			tls.CertificatePath = c.CertConfig.CertFile
			tls.KeyPath = c.CertConfig.KeyFile
		}
	}
	in := option.Inbound{
		Tag: tag,
	}
	switch info.Type {
	case "v2ray":
		t := option.V2RayTransportOptions{
			Type: info.Network,
		}
		switch info.Network {
		case "tcp":
			t.Type = ""
		case "ws":
			network := WsNetworkConfig{}
			err := json.Unmarshal(info.NetworkSettings, &network)
			if err != nil {
				return option.Inbound{}, fmt.Errorf("decode NetworkSettings error: %s", err)
			}
			var u *url.URL
			u, err = url.Parse(network.Path)
			if err != nil {
				return option.Inbound{}, fmt.Errorf("parse path error: %s", err)
			}
			ed, _ := strconv.Atoi(u.Query().Get("ed"))
			h := make(map[string]option.Listable[string], len(network.Headers))
			for k, v := range network.Headers {
				h[k] = option.Listable[string]{
					v,
				}
			}
			t.WebsocketOptions = option.V2RayWebsocketOptions{
				Path:                u.Path,
				EarlyDataHeaderName: "Sec-WebSocket-Protocol",
				MaxEarlyData:        uint32(ed),
				Headers:             h,
			}
		case "grpc":
			err := json.Unmarshal(info.NetworkSettings, &t.GRPCOptions)
			if err != nil {
				return option.Inbound{}, fmt.Errorf("decode NetworkSettings error: %s", err)
			}
		}
		if info.ExtraConfig.EnableVless == "true" {
			in.Type = "vless"
			in.VLESSOptions = option.VLESSInboundOptions{
				ListenOptions: listen,
				TLS:           &tls,
				Transport:     &t,
			}
		} else {
			in.Type = "vmess"
			in.VMessOptions = option.VMessInboundOptions{
				ListenOptions: listen,
				TLS:           &tls,
				Transport:     &t,
			}
		}
	case "shadowsocks":
		in.Type = "shadowsocks"
		var keyLength int
		switch info.Cipher {
		case "2022-blake3-aes-128-gcm":
			keyLength = 16
		case "2022-blake3-aes-256-gcm":
			keyLength = 32
		default:
			keyLength = 16
		}
		in.ShadowsocksOptions = option.ShadowsocksInboundOptions{
			ListenOptions: listen,
			Method:        info.Cipher,
		}
		p := make([]byte, keyLength)
		_, _ = rand.Read(p)
		randomPasswd := string(p)
		if strings.Contains(info.Cipher, "2022") {
			in.ShadowsocksOptions.Password = info.ServerKey
			randomPasswd = base64.StdEncoding.EncodeToString([]byte(randomPasswd))
		}
		in.ShadowsocksOptions.Users = []option.ShadowsocksUser{{
			Password: randomPasswd,
		}}
	case "trojan":
		in.Type = "trojan"
		t := option.V2RayTransportOptions{
			Type: info.Network,
		}
		switch info.Network {
		case "tcp":
			t.Type = ""
		case "grpc":
			err := json.Unmarshal(info.NetworkSettings, &t.GRPCOptions)
			if err != nil {
				return option.Inbound{}, fmt.Errorf("decode NetworkSettings error: %s", err)
			}
		}
		randomPasswd := uuid.New().String()
		in.TrojanOptions = option.TrojanInboundOptions{
			ListenOptions: listen,
			Users: []option.TrojanUser{{
				Name:     randomPasswd,
				Password: randomPasswd,
			}},
			TLS:       &tls,
			Transport: &t,
		}
		if c.SingOptions.FallBackConfigs != nil {
			// fallback handling
			fallback := c.SingOptions.FallBackConfigs.FallBack
			fallbackPort, err := strconv.Atoi(fallback.ServerPort)
			if err == nil {
				in.TrojanOptions.Fallback = &option.ServerOptions{
					Server:     fallback.Server,
					ServerPort: uint16(fallbackPort),
				}
			}
			fallbackForALPNMap := c.SingOptions.FallBackConfigs.FallBackForALPN
			fallbackForALPN := make(map[string]*option.ServerOptions, len(fallbackForALPNMap))
			if err := processFallback(c, fallbackForALPN); err == nil {
				in.TrojanOptions.FallbackForALPN = fallbackForALPN
			}
		}
	}
	return in, nil
}

func (b *Box) AddNode(tag string, info *panel.NodeInfo, config *conf.Options) error {
	c, err := getInboundOptions(tag, info, config)
	if err != nil {
		return err
	}
	in, err := inbound.New(
		context.Background(),
		b.router,
		b.logFactory.NewLogger(F.ToString("inbound/", c.Type, "[", tag, "]")),
		c,
		nil,
	)
	b.inbounds[tag] = in
	err = in.Start()
	if err != nil {
		return fmt.Errorf("start inbound error: %s", err)
	}
	err = b.router.AddInbound(in)
	if err != nil {
		return fmt.Errorf("add inbound error: %s", err)
	}
	return nil
}

func (b *Box) DelNode(tag string) error {
	err := b.inbounds[tag].Close()
	if err != nil {
		return fmt.Errorf("close inbound error: %s", err)
	}
	err = b.router.DelInbound(tag)
	if err != nil {
		return fmt.Errorf("delete inbound error: %s", err)
	}
	return nil
}
add singbox core(just started) 2023-07-27 21:13:11 -04:00			`package sing`

			`import (`
			`"context"`
			`"crypto/rand"`
			`"encoding/base64"`
			`"fmt"`
chore: trojan and singConfigs 2023-08-07 00:23:34 -04:00			`"github.com/google/uuid"`
add singbox core(just started) 2023-07-27 21:13:11 -04:00			`"net/netip"`
			`"net/url"`
			`"strconv"`
			`"strings"`
chore: support reality 2023-08-07 02:52:50 -04:00			`"time"`
add singbox core(just started) 2023-07-27 21:13:11 -04:00
			`"github.com/inazumav/sing-box/inbound"`
			`F "github.com/sagernet/sing/common/format"`

update 2023-07-29 07:27:15 -04:00			`"github.com/InazumaV/V2bX/api/panel"`
			`"github.com/InazumaV/V2bX/conf"`
add singbox core(just started) 2023-07-27 21:13:11 -04:00			`"github.com/goccy/go-json"`
			`"github.com/inazumav/sing-box/option"`
			`)`

			`type WsNetworkConfig struct {`
update sing-box support 2023-07-29 06:47:47 -04:00			Path string `json:"path"`
			Headers map[string]string `json:"headers"`
add singbox core(just started) 2023-07-27 21:13:11 -04:00			`}`

update sing-box support 2023-07-29 06:47:47 -04:00			`func getInboundOptions(tag string, info panel.NodeInfo, c conf.Options) (option.Inbound, error) {`
			`addr, err := netip.ParseAddr(c.ListenIP)`
			`if err != nil {`
			`return option.Inbound{}, fmt.Errorf("the listen ip not vail")`
			`}`
add singbox core(just started) 2023-07-27 21:13:11 -04:00			`listen := option.ListenOptions{`
chore: trojan and singConfigs 2023-08-07 00:23:34 -04:00			`Listen: (*option.ListenAddress)(&addr),`
			`ListenPort: uint16(info.Port),`
			`ProxyProtocol: c.SingOptions.EnableProxyProtocol,`
			`TCPFastOpen: c.SingOptions.TCPFastOpen,`
			`InboundOptions: option.InboundOptions{`
			`SniffEnabled: c.SingOptions.SniffEnabled,`
			`SniffOverrideDestination: c.SingOptions.SniffOverrideDestination,`
			`},`
add singbox core(just started) 2023-07-27 21:13:11 -04:00			`}`
chore: support reality 2023-08-07 02:52:50 -04:00			`var tls option.InboundTLSOptions`
			`if info.Tls \|\| info.Type == "hysteria" {`
			`if c.CertConfig == nil {`
			`return option.Inbound{}, fmt.Errorf("the CertConfig is not vail")`
			`}`
			`tls.Enabled = true`
			`tls.Insecure = true`
			`tls.ServerName = info.ServerName`
			`switch c.CertConfig.CertMode {`
			`case "none", "":`
			`break // disable`
			`case "reality":`
			`if c.CertConfig.RealityConfig == nil {`
			`return option.Inbound{}, fmt.Errorf("RealityConfig is not valid")`
			`}`
			`rc := c.CertConfig.RealityConfig`
			`tls.ServerName = rc.ServerNames[0]`
			`if len(rc.ShortIds) == 0 {`
			`rc.ShortIds = []string{""}`
			`}`
			`dest, _ := strconv.Atoi(rc.Dest)`
			`mtd, _ := strconv.Atoi(strconv.FormatUint(rc.MaxTimeDiff, 10))`
			`tls.Reality = &option.InboundRealityOptions{`
			`Enabled: true,`
			`ShortID: rc.ShortIds,`
			`PrivateKey: rc.PrivateKey,`
			`MaxTimeDifference: option.Duration(time.Duration(mtd) * time.Second),`
			`Handshake: option.InboundRealityHandshakeOptions{`
			`ServerOptions: option.ServerOptions{`
			`Server: rc.ServerNames[0],`
			`ServerPort: uint16(dest),`
			`},`
			`},`
			`}`

			`case "remote":`
			`if info.ExtraConfig.EnableReality == "true" {`
			`if c.CertConfig.RealityConfig == nil {`
			`return option.Inbound{}, fmt.Errorf("RealityConfig is not valid")`
			`}`
			`rc := info.ExtraConfig.RealityConfig`
			`if len(rc.ShortIds) == 0 {`
			`rc.ShortIds = []string{""}`
			`}`
			`dest, _ := strconv.Atoi(rc.Dest)`
			`mtd, _ := strconv.Atoi(rc.MaxTimeDiff)`
			`tls.Reality = &option.InboundRealityOptions{`
			`Enabled: true,`
			`ShortID: rc.ShortIds,`
			`PrivateKey: rc.PrivateKey,`
			`MaxTimeDifference: option.Duration(time.Duration(mtd) * time.Second),`
			`Handshake: option.InboundRealityHandshakeOptions{`
			`ServerOptions: option.ServerOptions{`
			`Server: rc.ServerNames[0],`
			`ServerPort: uint16(dest),`
			`},`
			`},`
			`}`
			`}`
			`default:`
			`tls.CertificatePath = c.CertConfig.CertFile`
			`tls.KeyPath = c.CertConfig.KeyFile`
			`}`
add singbox core(just started) 2023-07-27 21:13:11 -04:00			`}`
			`in := option.Inbound{`
			`Tag: tag,`
			`}`
			`switch info.Type {`
			`case "v2ray":`
			`t := option.V2RayTransportOptions{`
			`Type: info.Network,`
			`}`
			`switch info.Network {`
			`case "tcp":`
update sing-box support 2023-07-29 06:47:47 -04:00			`t.Type = ""`
add singbox core(just started) 2023-07-27 21:13:11 -04:00			`case "ws":`
			`network := WsNetworkConfig{}`
			`err := json.Unmarshal(info.NetworkSettings, &network)`
			`if err != nil {`
			`return option.Inbound{}, fmt.Errorf("decode NetworkSettings error: %s", err)`
			`}`
			`var u *url.URL`
			`u, err = url.Parse(network.Path)`
			`if err != nil {`
			`return option.Inbound{}, fmt.Errorf("parse path error: %s", err)`
			`}`
			`ed, _ := strconv.Atoi(u.Query().Get("ed"))`
update sing-box support 2023-07-29 06:47:47 -04:00			`h := make(map[string]option.Listable[string], len(network.Headers))`
			`for k, v := range network.Headers {`
			`h[k] = option.Listable[string]{`
			`v,`
			`}`
			`}`
add singbox core(just started) 2023-07-27 21:13:11 -04:00			`t.WebsocketOptions = option.V2RayWebsocketOptions{`
			`Path: u.Path,`
			`EarlyDataHeaderName: "Sec-WebSocket-Protocol",`
			`MaxEarlyData: uint32(ed),`
update sing-box support 2023-07-29 06:47:47 -04:00			`Headers: h,`
add singbox core(just started) 2023-07-27 21:13:11 -04:00			`}`
			`case "grpc":`
update sing-box support 2023-07-29 06:47:47 -04:00			`err := json.Unmarshal(info.NetworkSettings, &t.GRPCOptions)`
			`if err != nil {`
			`return option.Inbound{}, fmt.Errorf("decode NetworkSettings error: %s", err)`
add singbox core(just started) 2023-07-27 21:13:11 -04:00			`}`
			`}`
support vless for sing 2023-07-30 07:49:42 -04:00			`if info.ExtraConfig.EnableVless == "true" {`
			`in.Type = "vless"`
			`in.VLESSOptions = option.VLESSInboundOptions{`
			`ListenOptions: listen,`
			`TLS: &tls,`
			`Transport: &t,`
			`}`
			`} else {`
			`in.Type = "vmess"`
			`in.VMessOptions = option.VMessInboundOptions{`
			`ListenOptions: listen,`
			`TLS: &tls,`
			`Transport: &t,`
			`}`
add singbox core(just started) 2023-07-27 21:13:11 -04:00			`}`
			`case "shadowsocks":`
			`in.Type = "shadowsocks"`
fix: shadowsocks 2023-08-06 01:02:34 -04:00			`var keyLength int`
			`switch info.Cipher {`
			`case "2022-blake3-aes-128-gcm":`
			`keyLength = 16`
			`case "2022-blake3-aes-256-gcm":`
			`keyLength = 32`
			`default:`
fix random pw strength 2023-08-06 22:00:36 -04:00			`keyLength = 16`
add singbox core(just started) 2023-07-27 21:13:11 -04:00			`}`
			`in.ShadowsocksOptions = option.ShadowsocksInboundOptions{`
			`ListenOptions: listen,`
			`Method: info.Cipher,`
			`}`
fix: shadowsocks 2023-08-06 01:02:34 -04:00			`p := make([]byte, keyLength)`
			`_, _ = rand.Read(p)`
fix random pw strength 2023-08-06 22:00:36 -04:00			`randomPasswd := string(p)`
fix: shadowsocks 2023-08-06 01:02:34 -04:00			`if strings.Contains(info.Cipher, "2022") {`
fix: shadowsocks 2023-08-06 21:50:48 -04:00			`in.ShadowsocksOptions.Password = info.ServerKey`
fix: shadowsocks 2023-08-06 01:02:34 -04:00			`randomPasswd = base64.StdEncoding.EncodeToString([]byte(randomPasswd))`
			`}`
			`in.ShadowsocksOptions.Users = []option.ShadowsocksUser{{`
			`Password: randomPasswd,`
			`}}`
chore: trojan and singConfigs 2023-08-07 00:23:34 -04:00			`case "trojan":`
			`in.Type = "trojan"`
			`t := option.V2RayTransportOptions{`
			`Type: info.Network,`
			`}`
			`switch info.Network {`
			`case "tcp":`
			`t.Type = ""`
			`case "grpc":`
			`err := json.Unmarshal(info.NetworkSettings, &t.GRPCOptions)`
			`if err != nil {`
			`return option.Inbound{}, fmt.Errorf("decode NetworkSettings error: %s", err)`
			`}`
			`}`
			`randomPasswd := uuid.New().String()`
			`in.TrojanOptions = option.TrojanInboundOptions{`
			`ListenOptions: listen,`
			`Users: []option.TrojanUser{{`
			`Name: randomPasswd,`
			`Password: randomPasswd,`
			`}},`
			`TLS: &tls,`
			`Transport: &t,`
			`}`
			`if c.SingOptions.FallBackConfigs != nil {`
			`// fallback handling`
			`fallback := c.SingOptions.FallBackConfigs.FallBack`
			`fallbackPort, err := strconv.Atoi(fallback.ServerPort)`
			`if err == nil {`
			`in.TrojanOptions.Fallback = &option.ServerOptions{`
			`Server: fallback.Server,`
			`ServerPort: uint16(fallbackPort),`
			`}`
			`}`
			`fallbackForALPNMap := c.SingOptions.FallBackConfigs.FallBackForALPN`
			`fallbackForALPN := make(map[string]*option.ServerOptions, len(fallbackForALPNMap))`
			`if err := processFallback(c, fallbackForALPN); err == nil {`
			`in.TrojanOptions.FallbackForALPN = fallbackForALPN`
			`}`
			`}`
add singbox core(just started) 2023-07-27 21:13:11 -04:00			`}`
			`return in, nil`
			`}`

update sing-box support 2023-07-29 06:47:47 -04:00			`func (b Box) AddNode(tag string, info panel.NodeInfo, config *conf.Options) error {`
add singbox core(just started) 2023-07-27 21:13:11 -04:00			`c, err := getInboundOptions(tag, info, config)`
			`if err != nil {`
			`return err`
			`}`
			`in, err := inbound.New(`
			`context.Background(),`
			`b.router,`
			`b.logFactory.NewLogger(F.ToString("inbound/", c.Type, "[", tag, "]")),`
			`c,`
			`nil,`
			`)`
			`b.inbounds[tag] = in`
			`err = in.Start()`
			`if err != nil {`
			`return fmt.Errorf("start inbound error: %s", err)`
			`}`
			`err = b.router.AddInbound(in)`
			`if err != nil {`
			`return fmt.Errorf("add inbound error: %s", err)`
			`}`
			`return nil`
			`}`

			`func (b *Box) DelNode(tag string) error {`
			`err := b.inbounds[tag].Close()`
			`if err != nil {`
			`return fmt.Errorf("close inbound error: %s", err)`
			`}`
			`err = b.router.DelInbound(tag)`
			`if err != nil {`
			`return fmt.Errorf("delete inbound error: %s", err)`
			`}`
			`return nil`
			`}`