2023-11-17 01:44:01 -05:00
|
|
|
|
<?php
|
|
|
|
|
|
|
|
|
|
namespace App\Protocols;
|
|
|
|
|
|
|
|
|
|
use App\Models\ServerHysteria;
|
|
|
|
|
use Symfony\Component\Yaml\Yaml;
|
2025-01-06 12:20:11 -05:00
|
|
|
|
use App\Contracts\ProtocolInterface;
|
2023-11-17 01:44:01 -05:00
|
|
|
|
|
2025-01-06 12:20:11 -05:00
|
|
|
|
class Stash implements ProtocolInterface
|
2023-11-17 01:44:01 -05:00
|
|
|
|
{
|
2025-01-06 12:20:11 -05:00
|
|
|
|
public $flags = ['stash'];
|
2023-11-17 01:44:01 -05:00
|
|
|
|
private $servers;
|
|
|
|
|
private $user;
|
|
|
|
|
|
|
|
|
|
public function __construct($user, $servers)
|
|
|
|
|
{
|
|
|
|
|
$this->user = $user;
|
|
|
|
|
$this->servers = $servers;
|
|
|
|
|
}
|
|
|
|
|
|
2025-01-06 12:20:11 -05:00
|
|
|
|
public function getFlags(): array
|
|
|
|
|
{
|
|
|
|
|
return $this->flags;
|
|
|
|
|
}
|
|
|
|
|
|
2023-11-17 01:44:01 -05:00
|
|
|
|
public function handle()
|
|
|
|
|
{
|
|
|
|
|
$servers = $this->servers;
|
|
|
|
|
$user = $this->user;
|
|
|
|
|
$appName = admin_setting('app_name', 'XBoard');
|
|
|
|
|
// 暂时使用clash配置文件,后续根据Stash更新情况更新
|
|
|
|
|
$defaultConfig = base_path() . '/resources/rules/default.clash.yaml';
|
2024-05-14 09:57:36 -04:00
|
|
|
|
$customClashConfig = base_path() . '/resources/rules/custom.clash.yaml';
|
|
|
|
|
$customStashConfig = base_path() . '/resources/rules/custom.stash.yaml';
|
|
|
|
|
if (\File::exists($customStashConfig)) {
|
|
|
|
|
$config = Yaml::parseFile($customStashConfig);
|
|
|
|
|
} elseif (\File::exists($customClashConfig)) {
|
|
|
|
|
$config = Yaml::parseFile($customClashConfig);
|
2023-11-17 01:44:01 -05:00
|
|
|
|
} else {
|
|
|
|
|
$config = Yaml::parseFile($defaultConfig);
|
|
|
|
|
}
|
|
|
|
|
$proxy = [];
|
|
|
|
|
$proxies = [];
|
|
|
|
|
|
|
|
|
|
foreach ($servers as $item) {
|
2025-01-06 12:20:11 -05:00
|
|
|
|
if (
|
|
|
|
|
$item['type'] === 'shadowsocks'
|
|
|
|
|
&& in_array(data_get($item, 'protocol_settings.cipher'), [
|
2023-11-17 01:44:01 -05:00
|
|
|
|
'aes-128-gcm',
|
|
|
|
|
'aes-192-gcm',
|
|
|
|
|
'aes-256-gcm',
|
|
|
|
|
'chacha20-ietf-poly1305'
|
|
|
|
|
])
|
|
|
|
|
) {
|
2024-05-24 10:45:27 -04:00
|
|
|
|
array_push($proxy, self::buildShadowsocks($item['password'], $item));
|
2023-11-17 01:44:01 -05:00
|
|
|
|
array_push($proxies, $item['name']);
|
|
|
|
|
}
|
|
|
|
|
if ($item['type'] === 'vmess') {
|
|
|
|
|
array_push($proxy, self::buildVmess($user['uuid'], $item));
|
|
|
|
|
array_push($proxies, $item['name']);
|
|
|
|
|
}
|
|
|
|
|
// if ($item['type'] === 'vless') {
|
|
|
|
|
// array_push($proxy, self::buildVless($user['uuid'], $item));
|
|
|
|
|
// array_push($proxies, $item['name']);
|
|
|
|
|
// }
|
|
|
|
|
if ($item['type'] === 'hysteria') {
|
|
|
|
|
array_push($proxy, self::buildHysteria($user['uuid'], $item));
|
|
|
|
|
array_push($proxies, $item['name']);
|
|
|
|
|
}
|
|
|
|
|
if ($item['type'] === 'trojan') {
|
|
|
|
|
array_push($proxy, self::buildTrojan($user['uuid'], $item));
|
|
|
|
|
array_push($proxies, $item['name']);
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
$config['proxies'] = array_merge($config['proxies'] ? $config['proxies'] : [], $proxy);
|
|
|
|
|
foreach ($config['proxy-groups'] as $k => $v) {
|
2025-01-06 12:20:11 -05:00
|
|
|
|
if (!is_array($config['proxy-groups'][$k]['proxies']))
|
|
|
|
|
$config['proxy-groups'][$k]['proxies'] = [];
|
2023-11-17 01:44:01 -05:00
|
|
|
|
$isFilter = false;
|
|
|
|
|
foreach ($config['proxy-groups'][$k]['proxies'] as $src) {
|
|
|
|
|
foreach ($proxies as $dst) {
|
2025-01-06 12:20:11 -05:00
|
|
|
|
if (!$this->isRegex($src))
|
|
|
|
|
continue;
|
2023-11-17 01:44:01 -05:00
|
|
|
|
$isFilter = true;
|
|
|
|
|
$config['proxy-groups'][$k]['proxies'] = array_values(array_diff($config['proxy-groups'][$k]['proxies'], [$src]));
|
|
|
|
|
if ($this->isMatch($src, $dst)) {
|
|
|
|
|
array_push($config['proxy-groups'][$k]['proxies'], $dst);
|
|
|
|
|
}
|
|
|
|
|
}
|
2025-01-06 12:20:11 -05:00
|
|
|
|
if ($isFilter)
|
|
|
|
|
continue;
|
2023-11-17 01:44:01 -05:00
|
|
|
|
}
|
2025-01-06 12:20:11 -05:00
|
|
|
|
if ($isFilter)
|
|
|
|
|
continue;
|
2023-11-17 01:44:01 -05:00
|
|
|
|
$config['proxy-groups'][$k]['proxies'] = array_merge($config['proxy-groups'][$k]['proxies'], $proxies);
|
|
|
|
|
}
|
2025-01-06 12:20:11 -05:00
|
|
|
|
$config['proxy-groups'] = array_filter($config['proxy-groups'], function ($group) {
|
2023-11-17 01:44:01 -05:00
|
|
|
|
return $group['proxies'];
|
|
|
|
|
});
|
|
|
|
|
$config['proxy-groups'] = array_values($config['proxy-groups']);
|
|
|
|
|
// Force the current subscription domain to be a direct rule
|
|
|
|
|
$subsDomain = request()->header('Host');
|
|
|
|
|
if ($subsDomain) {
|
|
|
|
|
array_unshift($config['rules'], "DOMAIN,{$subsDomain},DIRECT");
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
$yaml = Yaml::dump($config, 2, 4, Yaml::DUMP_EMPTY_ARRAY_AS_SEQUENCE);
|
|
|
|
|
$yaml = str_replace('$app_name', admin_setting('app_name', 'XBoard'), $yaml);
|
|
|
|
|
return response($yaml, 200)
|
|
|
|
|
->header('subscription-userinfo', "upload={$user['u']}; download={$user['d']}; total={$user['transfer_enable']}; expire={$user['expired_at']}")
|
|
|
|
|
->header('profile-update-interval', '24')
|
|
|
|
|
->header('content-disposition', 'attachment;filename*=UTF-8\'\'' . rawurlencode($appName));
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
public static function buildShadowsocks($uuid, $server)
|
|
|
|
|
{
|
2025-01-06 12:20:11 -05:00
|
|
|
|
$protocol_settings = $server['protocol_settings'];
|
2023-11-17 01:44:01 -05:00
|
|
|
|
$array = [];
|
|
|
|
|
$array['name'] = $server['name'];
|
|
|
|
|
$array['type'] = 'ss';
|
|
|
|
|
$array['server'] = $server['host'];
|
|
|
|
|
$array['port'] = $server['port'];
|
2025-01-06 12:20:11 -05:00
|
|
|
|
$array['cipher'] = data_get($protocol_settings, 'cipher');
|
2023-11-17 01:44:01 -05:00
|
|
|
|
$array['password'] = $uuid;
|
|
|
|
|
$array['udp'] = true;
|
|
|
|
|
return $array;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
public static function buildVmess($uuid, $server)
|
|
|
|
|
{
|
2025-01-06 12:20:11 -05:00
|
|
|
|
$protocol_settings = $server['protocol_settings'];
|
2023-11-17 01:44:01 -05:00
|
|
|
|
$array = [];
|
|
|
|
|
$array['name'] = $server['name'];
|
|
|
|
|
$array['type'] = 'vmess';
|
|
|
|
|
$array['server'] = $server['host'];
|
|
|
|
|
$array['port'] = $server['port'];
|
|
|
|
|
$array['uuid'] = $uuid;
|
|
|
|
|
$array['alterId'] = 0;
|
|
|
|
|
$array['cipher'] = 'auto';
|
|
|
|
|
$array['udp'] = true;
|
|
|
|
|
|
2025-01-06 12:20:11 -05:00
|
|
|
|
$array['tls'] = data_get($protocol_settings, 'tls');
|
|
|
|
|
$array['skip-cert-verify'] = data_get($protocol_settings, 'tls_settings.allow_insecure');
|
2025-01-12 10:57:24 -05:00
|
|
|
|
if ($serverName = data_get($protocol_settings, 'tls_settings.server_name')) {
|
|
|
|
|
$array['servername'] = $serverName;
|
|
|
|
|
}
|
2025-01-06 12:20:11 -05:00
|
|
|
|
|
|
|
|
|
switch (data_get($protocol_settings, 'network')) {
|
|
|
|
|
case 'tcp':
|
|
|
|
|
$array['network'] = data_get($protocol_settings, 'network_settings.header.type');
|
|
|
|
|
$array['http-opts']['path'] = data_get($protocol_settings, 'network_settings.header.request.path', ['/'])[0];
|
|
|
|
|
break;
|
|
|
|
|
case 'ws':
|
|
|
|
|
$array['network'] = 'ws';
|
|
|
|
|
$array['ws-opts']['path'] = data_get($protocol_settings, 'network_settings.path');
|
2025-01-12 08:10:52 -05:00
|
|
|
|
if ($host = data_get($protocol_settings, 'network_settings.headers.Host')) {
|
|
|
|
|
$array['ws-opts']['headers'] = ['Host' => $host];
|
|
|
|
|
}
|
2025-01-06 12:20:11 -05:00
|
|
|
|
break;
|
|
|
|
|
case 'grpc':
|
|
|
|
|
$array['network'] = 'grpc';
|
2023-11-17 01:44:01 -05:00
|
|
|
|
$array['grpc-opts'] = [];
|
2025-01-06 12:20:11 -05:00
|
|
|
|
$array['grpc-opts']['grpc-service-name'] = data_get($protocol_settings, 'network_settings.serviceName');
|
|
|
|
|
break;
|
|
|
|
|
default:
|
|
|
|
|
break;
|
2023-11-17 01:44:01 -05:00
|
|
|
|
}
|
|
|
|
|
return $array;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
public static function buildVless($uuid, $server)
|
|
|
|
|
{
|
2025-01-06 12:20:11 -05:00
|
|
|
|
$protocol_settings = $server['protocol_settings'];
|
2023-11-17 01:44:01 -05:00
|
|
|
|
$array = [];
|
|
|
|
|
$array['name'] = $server['name'];
|
|
|
|
|
$array['type'] = 'vless';
|
|
|
|
|
$array['server'] = $server['host'];
|
|
|
|
|
$array['port'] = $server['port'];
|
|
|
|
|
$array['uuid'] = $uuid;
|
2025-01-06 12:20:11 -05:00
|
|
|
|
$array['flow'] = data_get($protocol_settings, 'flow');
|
2023-11-17 01:44:01 -05:00
|
|
|
|
$array['udp'] = true;
|
|
|
|
|
|
|
|
|
|
$fingerprints = ['chrome', 'firefox', 'safari', 'ios', 'edge', 'qq']; //随机客户端指纹
|
2025-01-06 12:20:11 -05:00
|
|
|
|
$array['client-fingerprint'] = $fingerprints[rand(0, count($fingerprints) - 1)];
|
2023-11-17 01:44:01 -05:00
|
|
|
|
|
2025-01-06 12:20:11 -05:00
|
|
|
|
switch (data_get($protocol_settings, 'tls')) {
|
|
|
|
|
case 1:
|
|
|
|
|
$array['tls'] = true;
|
|
|
|
|
$array['skip-cert-verify'] = data_get($protocol_settings, 'tls_settings.allow_insecure');
|
2025-01-12 10:57:24 -05:00
|
|
|
|
if ($serverName = data_get($protocol_settings, 'tls_settings.server_name')) {
|
|
|
|
|
$array['servername'] = $serverName;
|
|
|
|
|
}
|
2025-01-06 12:20:11 -05:00
|
|
|
|
break;
|
|
|
|
|
case 2:
|
|
|
|
|
$array['tls'] = true;
|
|
|
|
|
$array['skip-cert-verify'] = data_get($protocol_settings, 'reality_settings.allow_insecure');
|
|
|
|
|
$array['servername'] = data_get($protocol_settings, 'reality_settings.server_name');
|
|
|
|
|
$array['reality-opts'] = [
|
|
|
|
|
'public-key' => data_get($protocol_settings, 'reality_settings.public_key'),
|
|
|
|
|
'short-id' => data_get($protocol_settings, 'reality_settings.short_id')
|
|
|
|
|
];
|
|
|
|
|
break;
|
2023-11-17 01:44:01 -05:00
|
|
|
|
}
|
|
|
|
|
|
2025-01-06 12:20:11 -05:00
|
|
|
|
switch (data_get($protocol_settings, 'network')) {
|
|
|
|
|
case 'tcp':
|
|
|
|
|
$array['network'] = data_get($protocol_settings, 'network_settings.header.type');
|
|
|
|
|
$array['http-opts']['path'] = data_get($protocol_settings, 'network_settings.header.request.path', ['/'])[0];
|
|
|
|
|
break;
|
|
|
|
|
case 'ws':
|
|
|
|
|
$array['network'] = 'ws';
|
|
|
|
|
$array['ws-opts']['path'] = data_get($protocol_settings, 'network_settings.path');
|
2025-01-12 08:10:52 -05:00
|
|
|
|
if ($host = data_get($protocol_settings, 'network_settings.headers.Host')) {
|
|
|
|
|
$array['ws-opts']['headers'] = ['Host' => $host];
|
|
|
|
|
}
|
2025-01-06 12:20:11 -05:00
|
|
|
|
break;
|
|
|
|
|
case 'grpc':
|
|
|
|
|
$array['network'] = 'grpc';
|
|
|
|
|
$array['grpc-opts']['grpc-service-name'] = data_get($protocol_settings, 'network_settings.serviceName');
|
|
|
|
|
break;
|
2023-11-17 01:44:01 -05:00
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return $array;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
public static function buildTrojan($password, $server)
|
|
|
|
|
{
|
2025-01-06 12:20:11 -05:00
|
|
|
|
$protocol_settings = $server['protocol_settings'];
|
2023-11-17 01:44:01 -05:00
|
|
|
|
$array = [];
|
|
|
|
|
$array['name'] = $server['name'];
|
|
|
|
|
$array['type'] = 'trojan';
|
|
|
|
|
$array['server'] = $server['host'];
|
|
|
|
|
$array['port'] = $server['port'];
|
|
|
|
|
$array['password'] = $password;
|
|
|
|
|
$array['udp'] = true;
|
2025-01-06 12:20:11 -05:00
|
|
|
|
switch (data_get($protocol_settings, 'network')) {
|
|
|
|
|
case 'tcp':
|
|
|
|
|
$array['network'] = data_get($protocol_settings, 'network_settings.header.type');
|
|
|
|
|
$array['http-opts']['path'] = data_get($protocol_settings, 'network_settings.header.request.path', ['/'])[0];
|
|
|
|
|
break;
|
|
|
|
|
case 'ws':
|
|
|
|
|
$array['network'] = 'ws';
|
|
|
|
|
$array['ws-opts']['path'] = data_get($protocol_settings, 'network_settings.path');
|
|
|
|
|
$array['ws-opts']['headers'] = data_get($protocol_settings, 'network_settings.headers.Host') ? ['Host' => data_get($protocol_settings, 'network_settings.headers.Host')] : null;
|
|
|
|
|
break;
|
|
|
|
|
}
|
2025-01-12 10:57:24 -05:00
|
|
|
|
if ($serverName = data_get($protocol_settings, 'server_name')) {
|
|
|
|
|
$array['sni'] = $serverName;
|
|
|
|
|
}
|
2025-01-06 12:20:11 -05:00
|
|
|
|
$array['skip-cert-verify'] = data_get($protocol_settings, 'allow_insecure');
|
2023-11-17 01:44:01 -05:00
|
|
|
|
return $array;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
public static function buildHysteria($password, $server)
|
|
|
|
|
{
|
2025-01-06 12:20:11 -05:00
|
|
|
|
$protocol_settings = $server['protocol_settings'];
|
2023-11-17 01:44:01 -05:00
|
|
|
|
$array['name'] = $server['name'];
|
|
|
|
|
$array['server'] = $server['host'];
|
|
|
|
|
$array['port'] = $server['port'];
|
2025-01-06 12:20:11 -05:00
|
|
|
|
$array['up-speed'] = data_get($protocol_settings, 'bandwidth.up');
|
|
|
|
|
$array['down-speed'] = data_get($protocol_settings, 'bandwidth.down');
|
|
|
|
|
$array['skip-cert-verify'] = data_get($protocol_settings, 'tls.allow_insecure');
|
2025-01-12 10:57:24 -05:00
|
|
|
|
if ($serverName = data_get($protocol_settings, 'tls.server_name')) {
|
|
|
|
|
$array['sni'] = $serverName;
|
|
|
|
|
}
|
2025-01-06 12:20:11 -05:00
|
|
|
|
switch (data_get($protocol_settings, 'version')) {
|
2023-11-17 01:44:01 -05:00
|
|
|
|
case 1:
|
|
|
|
|
$array['type'] = 'hysteria';
|
|
|
|
|
$array['auth-str'] = $password;
|
|
|
|
|
$array['protocol'] = 'udp';
|
2025-01-06 12:20:11 -05:00
|
|
|
|
$array['obfs'] = data_get($protocol_settings, 'obfs.open') ? data_get($protocol_settings, 'obfs.type') : null;
|
2023-11-17 01:44:01 -05:00
|
|
|
|
break;
|
|
|
|
|
case 2:
|
|
|
|
|
$array['type'] = 'hysteria2';
|
|
|
|
|
$array['auth'] = $password;
|
|
|
|
|
$array['fast-open'] = true;
|
2025-01-06 12:20:11 -05:00
|
|
|
|
$array['ports'] = data_get($protocol_settings, 'ports');
|
2023-11-17 01:44:01 -05:00
|
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
return $array;
|
|
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
private function isRegex($exp)
|
|
|
|
|
{
|
2025-01-12 23:53:23 -05:00
|
|
|
|
if (empty($exp)) {
|
|
|
|
|
return false;
|
|
|
|
|
}
|
|
|
|
|
return @preg_match($exp, '') !== false;
|
2023-11-17 01:44:01 -05:00
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
private function isMatch($exp, $str)
|
|
|
|
|
{
|
|
|
|
|
try {
|
|
|
|
|
return preg_match($exp, $str);
|
|
|
|
|
} catch (\Exception $e) {
|
|
|
|
|
return false;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|