Code Monkey home page Code Monkey logo

xray-plugin's Issues

gRPC模式下的serviceName设置

从V2fly的文档上来看,gRPC模式下可以设置serviceName进行分流,但是插件里没有这个选项。请问能否将serviceName的选项添加回去,另外v2ray-plugin那边也没有。

loglevel 参数是否生效?

启动参数

ssserver \
  --server-addr 0.0.0.0:443 \
  --password password \
  --encrypt-method chacha20-ietf-poly1305 \
  --timeout 3600 \
  --udp-timeout 300 \
  --udp-max-associations 1024 \
  --nofile 1048576 \
  --tcp-keep-alive 300 \
  --tcp-fast-open \
  --tcp-no-delay \
  -U \
  --plugin "xray-plugin" \
  --plugin-opts "server;tls;fast-open;host=example.com;loglevel=warning;path=/ws"

虽然设置了 loglevel=warning, 但是仍然在日志里见到有大量这样的输出

2022/01/19 17:17:24 tcp:xx.xx.xx.xx:3958 accepted tcp:127.0.0.1:0
2022/01/19 17:17:27 tcp:xx.xx.xx.xx:3958 accepted tcp:127.0.0.1:0
2022/01/19 17:17:32 tcp:xx.xx.xx.xx:3958 accepted tcp:127.0.0.1:0
2022/01/19 17:17:32 tcp:xx.xx.xx.xx:3958 accepted tcp:127.0.0.1:0
2022/01/19 17:17:36 tcp:xx.xx.xx.xx:3958 accepted tcp:127.0.0.1:0
2022/01/19 17:17:43 tcp:xx.xx.xx.xx:3959 accepted tcp:127.0.0.1:0
2022/01/19 17:17:45 tcp:xx.xx.xx.xx:3959 accepted tcp:127.0.0.1:0
2022/01/19 17:17:50 tcp:xx.xx.xx.xx:3959 accepted tcp:127.0.0.1:0
2022/01/19 17:17:51 tcp:xx.xx.xx.xx:3959 accepted tcp:127.0.0.1:0
2022/01/19 17:17:52 tcp:xx.xx.xx.xx:3959 accepted tcp:127.0.0.1:0
2022/01/19 17:17:57 tcp:xx.xx.xx.xx:3960 accepted tcp:127.0.0.1:0
2022/01/19 17:17:59 tcp:xx.xx.xx.xx:3960 accepted tcp:127.0.0.1:0

fail to build with go 1.21

this package requre a go module "[email protected]" which can't be built with Go 1.21

see log below

2023-08-24T05:40:43.2454535Z github.com/quic-go/quic-go/internal/qtls
2023-08-24T05:40:43.2655194Z # github.com/quic-go/quic-go/internal/qtls


2023-08-24T05:40:43.2656480Z ../../../../../dl/go-mod-cache/github.com/quic-go/[email protected]/internal/qtls/go121.go:5:13
: cannot use "The version of quic-go you're using can't be built on Go 1.21 yet.  <--- !!!! here !!!!
For more details, please see https://github.com/quic-go/quic-go/wiki/quic-go-and-Go-versions." (untyped string constant "The version of quic-go you're using can't be built on Go 1.21 yet. F...) as int value in variable declaration


2023-08-24T05:40:43.2878820Z 
2023-08-24T05:40:43.7770665Z make[3]: *** [Makefile:41: /workdir/openwrt/build_dir/target-aarch64_generic_musl/xray-plugin-1.8.3/.built] Error 1
2023-08-24T05:40:43.7771538Z make[3]: Leaving directory '/workdir/openwrt/feeds/packages/net/xray-plugin'
2023-08-24T05:40:43.7778522Z time: package/feeds/packages/xray-plugin/compile#0.72#0.50#1.80
2023-08-24T05:40:43.7782530Z     ERROR: package/feeds/packages/xray-plugin failed to build.
2023-08-24T05:40:43.7787072Z make[2]: *** [package/Makefile:120: package/feeds/packages/xray-plugin/compile] Error 1
2023-08-24T05:40:43.7799388Z make[2]: Leaving directory '/workdir/openwrt'
2023-08-24T05:40:43.7801142Z make[1]: *** [package/Makefile:114: /workdir/openwrt/staging_dir/target-aarch64_generic_musl/stamp/.package_compile] Error 2
2023-08-24T05:40:43.7808543Z make[1]: Leaving directory '/workdir/openwrt'
2023-08-24T05:40:43.7814073Z make: *** [/workdir/openwrt/include/toplevel.mk:232: world] Error 2
2023-08-24T05:40:43.7865710Z ##[error]Process completed with exit code 2.

同学,您这个项目引入了158个开源组件,存在4个漏洞,辛苦升级一下

检测到 teddysun/xray-plugin 一共引入了158个开源组件,存在4个漏洞

漏洞标题:David Kitchen bluemonday 安全漏洞
缺陷组件:github.com/microcosm-cc/[email protected]
漏洞编号:CVE-2021-42576
漏洞描述:David Kitchen bluemonday是  (David Kitchen)开源的一个应用程序。用于在Go中实现的HTML清理程序。
bluemonday sanitizer 存在安全漏洞,该漏洞源于Go中1.0.16之前的bluemonday和Python中 0.0.8之前的bluemonday(在pybluemonday中),不能正确地强制与SELECT、STYLE和OPTION元素关联的策略。
影响范围:(∞, 1.0.16)
最小修复版本:1.0.16
缺陷组件引入路径:github.com/teddysun/xray-plugin@->github.com/microcosm-cc/[email protected]

另外还有4个漏洞,详细报告:https://mofeisec.com/jr?p=a6c46a

[Bug] xray-plugin作为客户端无法配置0-rtt模式,作为服务端可用。

功能详情:XTLS/Xray-core#375

xray-plugin作为客户端没有进行xray作为客户端的path转header,变量也不提供用户自定义header,导致无法配置0-rtt。
因为xray作为服务端本身就不需配置,xray-plugin作为服务端可以成功被xray作为客户端激活0-rtt。

xray client + xray-plugin server working/-1 RTT
xray plugin client + xray plugin server failed/same RTT
xray plugin client + xray server failed/same RTT

解决方案:进行xray的path转header,或允许用户自定义header。

shadowsocks-android使用xray-plugin后无法联网,而PC端和ios shadowrocket却不受影响。

一、基本情况:
手机为Nexus 4,Shadowsocks-android 5.2.1,xray-plugin 1.3.0。系统为LineageOS 14.1-20180302, Android 7.1.2
二、配置如下:
1. Transport mode: websocket-tls
2. Hostname: mydomain.io
3. Path: / (默认)
4. Concurrent connections: 1 (默认)
5. Certificate for TLS verification: (空)
三、问题情况:
无法联网。如上配置是在正常使用其他插件情况下的基础上进行的,所以问题不会出在插件之外的配置。经adb logcat分析可能是证书问题,但点开5. Certificate for TLS verification: (空),在Documents找到上传的购买的域名证书,发现文件名呈灰色不能正常读取,而且通过插件打开的各个文件夹下的所有文件都呈灰色无法读取。
这是否是插件本身的bug呢,自己知识有限,仰作者大人和各位大神帮忙解决,谢谢。

/lovelive?ed=2056报错

1.8.0版本没有这个问题,加不加都可以正常运行
1.8.9版本加了这个参数就会报错,不加不报错
ss-redir -s aa.bb.cc -p 443 -l 1090 -b 0.0.0.0 -k aaaaaaa -m rc4-md5 --mtu 1200 --fast-open --plugin xray-plugin --plugin-opts "path=/?ed=2056;tls;mux=2;host=aa.bb.cc"

panic: runtime error: invalid memory address or nil pointer dereference
[signal SIGSEGV: segmentation violation code=0x1 addr=0x20 pc=0xc0943e]

goroutine 6 [running]:
github.com/xtls/xray-core/transport/internet/websocket.(*delayDialConn).LocalAddr(0xc00014ee68?)
	<autogenerated>:1 +0x1e
github.com/xtls/xray-core/proxy/freedom.(*Handler).Process(0xc0002e5ad0, {0xf28098, 0xc00011c280}, 0xc000118100, {0xf268f0, 0xc0002f6a80})
	github.com/xtls/[email protected]/proxy/freedom/freedom.go:175 +0x637
github.com/xtls/xray-core/common/mux.(*DialingWorkerFactory).Create.func1({0x7f6177275dc8, 0xc0002e5ad0}, {0xf268f0, 0xc0002f6a80}, {0xf208c0, 0xc0000100c0})
	github.com/xtls/[email protected]/common/mux/client.go:156 +0x18e
created by github.com/xtls/xray-core/common/mux.(*DialingWorkerFactory).Create in goroutine 40
	github.com/xtls/[email protected]/common/mux/client.go:150 +0x1fd
 2024-03-28 17:29:12 ERROR: plugin service exit unexpectedly
 2024-03-28 17:29:12 INFO: error on terminating the plugin.

请教个和v2ray-plugin一样的错误

先说问题
下面是xray-plugin报错:
2021/03/15 19:21:31 [Info] failed to handler mux client connection > proxy/freedom: failed to open connection to tcp:baidu.mydomain.top:443 > common/retry: [transport/internet/websocket: failed to dial WebSocket > transport/internet/websocket: failed to dial to (wss://baidu.mydomain.top/r6of920f5b): > x509: certificate is valid for baidu.mydomain.top, not cloudfront.com] > common/retry: all retry attempts failed
这个报错和v2ray-plugin一模一样

我的VPS上使用的是openresty,tail -f access.log,都没有访问记录。
我猜是域名解析问题,因为第一次启动shadowsocks-libev-redir时域名解析使用cloudflare的代理,但是后来我把代理改成“仅限DNS”,还是不行。我本地主机是网关服务器,上面使用了dnsmasq,我怀疑是dns缓存,就把dnsmasq重启了,同时添加了hosts,把域名直接hosts到VPS,可是报错依旧相同。猜hosts没生效,tail -f dnsmasq.log,发现reply是我的VPS主机ip,报错还是一样,不知道该怎么解决,请高人指点,我的配置如下:

VPS:
ip:123.123.123.123
OS: Debian 10 buster
443 port: openresty提供
shadowsocks-libev-3.2.5+ds-1
xray-plugin-v1.4.0或v2ray-plugin-v1.3.1
域名证书是使用acme.sh签发的

openresty配置文件:
http {
省略
map $http_upgrade $connection_upgrade {
default upgrade;
'' close;
}
server {
listen 443 ssl;
ssl_certificate ssl/baidu.mydomain.top.cer;
ssl_certificate_key ssl/baidu.mydomain.top.key;
server_name baidu.mydomain.top;
root html;
index index.html index.htm;

	location = /r6of920f5b {
		proxy_http_version 1.1;
		proxy_set_header Upgrade $http_upgrade;
		proxy_set_header Connection $connection_upgrade;
		proxy_set_header Host $host;
		proxy_pass http://127.0.0.1:8388;
	}
}
省略

}

shadowsocks-libev-server配置文件如下:
{
"server_host":"127.0.0.1",
"server_port":8388,
"password":"mima",
"timeout":300,
"method":"chacha20-ietf-poly1305",
"mode":"tcp_only",
"plugin":"/etc/shadowsocks-libev/v2ray-plugin",
"plugin_opts":"server;path=/r6of920f5b;loglevel=debug",
"use_syslog": false
}

客户端/网关服务器
OS: Debian 10 buster
shadowsocks-libev-3.2.5+ds-1
xray-plugin-v1.4.0或v2ray-plugin-v1.3.1

shadowsocks-libev-redir配置文件如下:
{
"server": "baidu.mydomain.top",
"server_port": 443,
"ipv6_first": false,
"fast_open": true,
"reuse_port": true,
"local_address": "0.0.0.0",
"local_port": 1080,
"mode": "tcp_only",
"timeout": 60,
"method": "chacha20-ietf-poly1305",
"password": "mima",
"plugin":"/etc/shadowsocks-libev/xray-plugin",
"plugin_opts":"tls;path=/r6of920f5b;loglevel=debug",
"use_syslog": true
}

/etc/hosts配置如下:
123.123.123.123 baidu.mydomain.top

谢谢了!

没法自定义serviceName

v2ray plugin那边的windows x64版本,在配合ss windows使用时,即使添加了 serviceName=MYSERVICENAME 参数后,还是向mydomain.me/GunService/Tun 这个URL发起请求。。。

由于v2ray plugin那边没法提交issue就到这里提交了。。

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.