fix: unify Trojan server_name/allow_insecure to tls_settings across all protocols
This commit is contained in:
xboard
@@ -238,10 +238,10 @@ class Clash extends AbstractProtocol
|
||||
$array['port'] = $server['port'];
|
||||
$array['password'] = $password;
|
||||
$array['udp'] = true;
|
||||
if ($serverName = data_get($protocol_settings, 'server_name')) {
|
||||
if ($serverName = data_get($protocol_settings, 'tls_settings.server_name')) {
|
||||
$array['sni'] = $serverName;
|
||||
}
|
||||
$array['skip-cert-verify'] = (bool) data_get($protocol_settings, 'allow_insecure');
|
||||
$array['skip-cert-verify'] = (bool) data_get($protocol_settings, 'tls_settings.allow_insecure', false);
|
||||
|
||||
switch (data_get($protocol_settings, 'network')) {
|
||||
case 'tcp':
|
||||
|
||||
@@ -535,8 +535,8 @@ class ClashMeta extends AbstractProtocol
|
||||
];
|
||||
break;
|
||||
default: // Standard TLS
|
||||
$array['skip-cert-verify'] = (bool) data_get($protocol_settings, 'tls_settings.allow_insecure', data_get($protocol_settings, 'allow_insecure', false));
|
||||
if ($serverName = data_get($protocol_settings, 'tls_settings.server_name', data_get($protocol_settings, 'server_name'))) {
|
||||
$array['skip-cert-verify'] = (bool) data_get($protocol_settings, 'tls_settings.allow_insecure', false);
|
||||
if ($serverName = data_get($protocol_settings, 'tls_settings.server_name')) {
|
||||
$array['sni'] = $serverName;
|
||||
}
|
||||
self::appendEch($array, data_get($protocol_settings, 'tls_settings.ech'));
|
||||
|
||||
@@ -262,8 +262,8 @@ class General extends AbstractProtocol
|
||||
}
|
||||
break;
|
||||
default: // Standard TLS
|
||||
$array['allowInsecure'] = data_get($protocol_settings, 'allow_insecure', false);
|
||||
if ($serverName = data_get($protocol_settings, 'server_name')) {
|
||||
$array['allowInsecure'] = (bool) data_get($protocol_settings, 'tls_settings.allow_insecure', false);
|
||||
if ($serverName = data_get($protocol_settings, 'tls_settings.server_name')) {
|
||||
$array['peer'] = $serverName;
|
||||
$array['sni'] = $serverName;
|
||||
}
|
||||
|
||||
@@ -205,10 +205,10 @@ class Loon extends AbstractProtocol
|
||||
$config[] = 'skip-cert-verify=' . (data_get($protocol_settings, 'reality_settings.allow_insecure', false) ? 'true' : 'false');
|
||||
break;
|
||||
default: // Standard TLS
|
||||
if ($serverName = data_get($protocol_settings, 'server_name')) {
|
||||
if ($serverName = data_get($protocol_settings, 'tls_settings.server_name')) {
|
||||
$config[] = "tls-name={$serverName}";
|
||||
}
|
||||
$config[] = 'skip-cert-verify=' . (data_get($protocol_settings, 'allow_insecure') ? 'true' : 'false');
|
||||
$config[] = 'skip-cert-verify=' . (data_get($protocol_settings, 'tls_settings.allow_insecure', false) ? 'true' : 'false');
|
||||
break;
|
||||
}
|
||||
|
||||
|
||||
@@ -191,8 +191,8 @@ class QuantumultX extends AbstractProtocol
|
||||
];
|
||||
|
||||
$tlsData = [
|
||||
'allow_insecure' => data_get($protocol_settings, 'allow_insecure', false),
|
||||
'server_name' => data_get($protocol_settings, 'server_name'),
|
||||
'allow_insecure' => data_get($protocol_settings, 'tls_settings.allow_insecure', false),
|
||||
'server_name' => data_get($protocol_settings, 'tls_settings.server_name'),
|
||||
];
|
||||
self::applyTransportSettings($config, $protocol_settings, true, $tlsData);
|
||||
self::applyCommonSettings($config, $server);
|
||||
|
||||
@@ -546,9 +546,9 @@ class SingBox extends AbstractProtocol
|
||||
];
|
||||
break;
|
||||
default: // Standard TLS
|
||||
$tlsConfig['insecure'] = (bool) data_get($protocol_settings, 'tls_settings.allow_insecure', data_get($protocol_settings, 'allow_insecure', false));
|
||||
$tlsConfig['insecure'] = (bool) data_get($protocol_settings, 'tls_settings.allow_insecure', false);
|
||||
$this->appendEch($tlsConfig, data_get($protocol_settings, 'tls_settings.ech'));
|
||||
if ($serverName = data_get($protocol_settings, 'tls_settings.server_name', data_get($protocol_settings, 'server_name'))) {
|
||||
if ($serverName = data_get($protocol_settings, 'tls_settings.server_name')) {
|
||||
$tlsConfig['server_name'] = $serverName;
|
||||
}
|
||||
break;
|
||||
|
||||
@@ -397,10 +397,10 @@ class Stash extends AbstractProtocol
|
||||
];
|
||||
break;
|
||||
default: // Standard TLS
|
||||
if ($serverName = data_get($protocol_settings, 'server_name')) {
|
||||
if ($serverName = data_get($protocol_settings, 'tls_settings.server_name')) {
|
||||
$array['sni'] = $serverName;
|
||||
}
|
||||
$array['skip-cert-verify'] = (bool) data_get($protocol_settings, 'allow_insecure', false);
|
||||
$array['skip-cert-verify'] = (bool) data_get($protocol_settings, 'tls_settings.allow_insecure', false);
|
||||
break;
|
||||
}
|
||||
|
||||
|
||||
@@ -186,12 +186,12 @@ class Surfboard extends AbstractProtocol
|
||||
"{$server['host']}",
|
||||
"{$server['port']}",
|
||||
"password={$password}",
|
||||
data_get($protocol_settings, 'server_name') ? "sni=" . data_get($protocol_settings, 'server_name') : "",
|
||||
data_get($protocol_settings, 'tls_settings.server_name') ? "sni=" . data_get($protocol_settings, 'tls_settings.server_name') : "",
|
||||
'tfo=true',
|
||||
'udp-relay=true'
|
||||
];
|
||||
if (data_get($protocol_settings, 'allow_insecure')) {
|
||||
array_push($config, !!data_get($protocol_settings, 'allow_insecure') ? 'skip-cert-verify=true' : 'skip-cert-verify=false');
|
||||
if (data_get($protocol_settings, 'tls_settings.allow_insecure', false)) {
|
||||
$config[] = 'skip-cert-verify=true';
|
||||
}
|
||||
$config = array_filter($config);
|
||||
$uri = implode(',', $config);
|
||||
|
||||
@@ -195,12 +195,12 @@ class Surge extends AbstractProtocol
|
||||
"{$server['host']}",
|
||||
"{$server['port']}",
|
||||
"password={$password}",
|
||||
data_get($protocol_settings, 'server_name') ? "sni=" . data_get($protocol_settings, 'server_name') : "",
|
||||
data_get($protocol_settings, 'tls_settings.server_name') ? "sni=" . data_get($protocol_settings, 'tls_settings.server_name') : "",
|
||||
'tfo=true',
|
||||
'udp-relay=true'
|
||||
];
|
||||
if (!empty($protocol_settings['allow_insecure'])) {
|
||||
array_push($config, !!data_get($protocol_settings, 'allow_insecure') ? 'skip-cert-verify=true' : 'skip-cert-verify=false');
|
||||
if (data_get($protocol_settings, 'tls_settings.allow_insecure', false)) {
|
||||
$config[] = 'skip-cert-verify=true';
|
||||
}
|
||||
$config = array_filter($config);
|
||||
$uri = implode(',', $config);
|
||||
|
||||
@@ -284,15 +284,12 @@ class ServerService
|
||||
'trojan' => [
|
||||
...$baseConfig,
|
||||
'host' => $host,
|
||||
'server_name' => data_get($protocolSettings, 'tls_settings.server_name') ?? $protocolSettings['server_name'],
|
||||
'server_name' => data_get($protocolSettings, 'tls_settings.server_name'),
|
||||
'multiplex' => data_get($protocolSettings, 'multiplex'),
|
||||
'tls' => (int) $protocolSettings['tls'],
|
||||
'tls_settings' => match ((int) $protocolSettings['tls']) {
|
||||
2 => $protocolSettings['reality_settings'],
|
||||
default => array_merge($protocolSettings['tls_settings'] ?? [], [
|
||||
'server_name' => data_get($protocolSettings, 'tls_settings.server_name') ?? $protocolSettings['server_name'],
|
||||
'allow_insecure' => data_get($protocolSettings, 'tls_settings.allow_insecure', $protocolSettings['allow_insecure']),
|
||||
]),
|
||||
default => $protocolSettings['tls_settings'],
|
||||
},
|
||||
],
|
||||
'vless' => [
|
||||
|
||||
Reference in New Issue
Block a user