github.com/Uhtred009/v2ray-core-1@v4.31.2+incompatible/testing/scenarios/tls_test.go (about) 1 package scenarios 2 3 import ( 4 "crypto/x509" 5 "runtime" 6 "testing" 7 "time" 8 9 "golang.org/x/sync/errgroup" 10 11 "v2ray.com/core" 12 "v2ray.com/core/app/proxyman" 13 "v2ray.com/core/common" 14 "v2ray.com/core/common/net" 15 "v2ray.com/core/common/protocol" 16 "v2ray.com/core/common/protocol/tls/cert" 17 "v2ray.com/core/common/serial" 18 "v2ray.com/core/common/uuid" 19 "v2ray.com/core/proxy/dokodemo" 20 "v2ray.com/core/proxy/freedom" 21 "v2ray.com/core/proxy/vmess" 22 "v2ray.com/core/proxy/vmess/inbound" 23 "v2ray.com/core/proxy/vmess/outbound" 24 "v2ray.com/core/testing/servers/tcp" 25 "v2ray.com/core/testing/servers/udp" 26 "v2ray.com/core/transport/internet" 27 "v2ray.com/core/transport/internet/http" 28 "v2ray.com/core/transport/internet/tls" 29 "v2ray.com/core/transport/internet/websocket" 30 ) 31 32 func TestSimpleTLSConnection(t *testing.T) { 33 tcpServer := tcp.Server{ 34 MsgProcessor: xor, 35 } 36 dest, err := tcpServer.Start() 37 common.Must(err) 38 defer tcpServer.Close() 39 40 userID := protocol.NewID(uuid.New()) 41 serverPort := tcp.PickPort() 42 serverConfig := &core.Config{ 43 Inbound: []*core.InboundHandlerConfig{ 44 { 45 ReceiverSettings: serial.ToTypedMessage(&proxyman.ReceiverConfig{ 46 PortRange: net.SinglePortRange(serverPort), 47 Listen: net.NewIPOrDomain(net.LocalHostIP), 48 StreamSettings: &internet.StreamConfig{ 49 SecurityType: serial.GetMessageType(&tls.Config{}), 50 SecuritySettings: []*serial.TypedMessage{ 51 serial.ToTypedMessage(&tls.Config{ 52 Certificate: []*tls.Certificate{tls.ParseCertificate(cert.MustGenerate(nil))}, 53 }), 54 }, 55 }, 56 }), 57 ProxySettings: serial.ToTypedMessage(&inbound.Config{ 58 User: []*protocol.User{ 59 { 60 Account: serial.ToTypedMessage(&vmess.Account{ 61 Id: userID.String(), 62 }), 63 }, 64 }, 65 }), 66 }, 67 }, 68 Outbound: []*core.OutboundHandlerConfig{ 69 { 70 ProxySettings: serial.ToTypedMessage(&freedom.Config{}), 71 }, 72 }, 73 } 74 75 clientPort := tcp.PickPort() 76 clientConfig := &core.Config{ 77 Inbound: []*core.InboundHandlerConfig{ 78 { 79 ReceiverSettings: serial.ToTypedMessage(&proxyman.ReceiverConfig{ 80 PortRange: net.SinglePortRange(clientPort), 81 Listen: net.NewIPOrDomain(net.LocalHostIP), 82 }), 83 ProxySettings: serial.ToTypedMessage(&dokodemo.Config{ 84 Address: net.NewIPOrDomain(dest.Address), 85 Port: uint32(dest.Port), 86 NetworkList: &net.NetworkList{ 87 Network: []net.Network{net.Network_TCP}, 88 }, 89 }), 90 }, 91 }, 92 Outbound: []*core.OutboundHandlerConfig{ 93 { 94 ProxySettings: serial.ToTypedMessage(&outbound.Config{ 95 Receiver: []*protocol.ServerEndpoint{ 96 { 97 Address: net.NewIPOrDomain(net.LocalHostIP), 98 Port: uint32(serverPort), 99 User: []*protocol.User{ 100 { 101 Account: serial.ToTypedMessage(&vmess.Account{ 102 Id: userID.String(), 103 }), 104 }, 105 }, 106 }, 107 }, 108 }), 109 SenderSettings: serial.ToTypedMessage(&proxyman.SenderConfig{ 110 StreamSettings: &internet.StreamConfig{ 111 SecurityType: serial.GetMessageType(&tls.Config{}), 112 SecuritySettings: []*serial.TypedMessage{ 113 serial.ToTypedMessage(&tls.Config{ 114 AllowInsecure: true, 115 }), 116 }, 117 }, 118 }), 119 }, 120 }, 121 } 122 123 servers, err := InitializeServerConfigs(serverConfig, clientConfig) 124 common.Must(err) 125 defer CloseAllServers(servers) 126 127 if err := testTCPConn(clientPort, 1024, time.Second*2)(); err != nil { 128 t.Fatal(err) 129 } 130 } 131 132 func TestAutoIssuingCertificate(t *testing.T) { 133 if runtime.GOOS == "windows" { 134 // Not supported on Windows yet. 135 return 136 } 137 138 if runtime.GOARCH == "arm64" { 139 return 140 } 141 142 tcpServer := tcp.Server{ 143 MsgProcessor: xor, 144 } 145 dest, err := tcpServer.Start() 146 common.Must(err) 147 defer tcpServer.Close() 148 149 caCert, err := cert.Generate(nil, cert.Authority(true), cert.KeyUsage(x509.KeyUsageDigitalSignature|x509.KeyUsageKeyEncipherment|x509.KeyUsageCertSign)) 150 common.Must(err) 151 certPEM, keyPEM := caCert.ToPEM() 152 153 userID := protocol.NewID(uuid.New()) 154 serverPort := tcp.PickPort() 155 serverConfig := &core.Config{ 156 Inbound: []*core.InboundHandlerConfig{ 157 { 158 ReceiverSettings: serial.ToTypedMessage(&proxyman.ReceiverConfig{ 159 PortRange: net.SinglePortRange(serverPort), 160 Listen: net.NewIPOrDomain(net.LocalHostIP), 161 StreamSettings: &internet.StreamConfig{ 162 SecurityType: serial.GetMessageType(&tls.Config{}), 163 SecuritySettings: []*serial.TypedMessage{ 164 serial.ToTypedMessage(&tls.Config{ 165 Certificate: []*tls.Certificate{{ 166 Certificate: certPEM, 167 Key: keyPEM, 168 Usage: tls.Certificate_AUTHORITY_ISSUE, 169 }}, 170 }), 171 }, 172 }, 173 }), 174 ProxySettings: serial.ToTypedMessage(&inbound.Config{ 175 User: []*protocol.User{ 176 { 177 Account: serial.ToTypedMessage(&vmess.Account{ 178 Id: userID.String(), 179 }), 180 }, 181 }, 182 }), 183 }, 184 }, 185 Outbound: []*core.OutboundHandlerConfig{ 186 { 187 ProxySettings: serial.ToTypedMessage(&freedom.Config{}), 188 }, 189 }, 190 } 191 192 clientPort := tcp.PickPort() 193 clientConfig := &core.Config{ 194 Inbound: []*core.InboundHandlerConfig{ 195 { 196 ReceiverSettings: serial.ToTypedMessage(&proxyman.ReceiverConfig{ 197 PortRange: net.SinglePortRange(clientPort), 198 Listen: net.NewIPOrDomain(net.LocalHostIP), 199 }), 200 ProxySettings: serial.ToTypedMessage(&dokodemo.Config{ 201 Address: net.NewIPOrDomain(dest.Address), 202 Port: uint32(dest.Port), 203 NetworkList: &net.NetworkList{ 204 Network: []net.Network{net.Network_TCP}, 205 }, 206 }), 207 }, 208 }, 209 Outbound: []*core.OutboundHandlerConfig{ 210 { 211 ProxySettings: serial.ToTypedMessage(&outbound.Config{ 212 Receiver: []*protocol.ServerEndpoint{ 213 { 214 Address: net.NewIPOrDomain(net.LocalHostIP), 215 Port: uint32(serverPort), 216 User: []*protocol.User{ 217 { 218 Account: serial.ToTypedMessage(&vmess.Account{ 219 Id: userID.String(), 220 }), 221 }, 222 }, 223 }, 224 }, 225 }), 226 SenderSettings: serial.ToTypedMessage(&proxyman.SenderConfig{ 227 StreamSettings: &internet.StreamConfig{ 228 SecurityType: serial.GetMessageType(&tls.Config{}), 229 SecuritySettings: []*serial.TypedMessage{ 230 serial.ToTypedMessage(&tls.Config{ 231 ServerName: "v2ray.com", 232 Certificate: []*tls.Certificate{{ 233 Certificate: certPEM, 234 Usage: tls.Certificate_AUTHORITY_VERIFY, 235 }}, 236 }), 237 }, 238 }, 239 }), 240 }, 241 }, 242 } 243 244 servers, err := InitializeServerConfigs(serverConfig, clientConfig) 245 common.Must(err) 246 defer CloseAllServers(servers) 247 248 for i := 0; i < 10; i++ { 249 if err := testTCPConn(clientPort, 1024, time.Second*2)(); err != nil { 250 t.Error(err) 251 } 252 } 253 } 254 255 func TestTLSOverKCP(t *testing.T) { 256 tcpServer := tcp.Server{ 257 MsgProcessor: xor, 258 } 259 dest, err := tcpServer.Start() 260 common.Must(err) 261 defer tcpServer.Close() 262 263 userID := protocol.NewID(uuid.New()) 264 serverPort := udp.PickPort() 265 serverConfig := &core.Config{ 266 Inbound: []*core.InboundHandlerConfig{ 267 { 268 ReceiverSettings: serial.ToTypedMessage(&proxyman.ReceiverConfig{ 269 PortRange: net.SinglePortRange(serverPort), 270 Listen: net.NewIPOrDomain(net.LocalHostIP), 271 StreamSettings: &internet.StreamConfig{ 272 Protocol: internet.TransportProtocol_MKCP, 273 SecurityType: serial.GetMessageType(&tls.Config{}), 274 SecuritySettings: []*serial.TypedMessage{ 275 serial.ToTypedMessage(&tls.Config{ 276 Certificate: []*tls.Certificate{tls.ParseCertificate(cert.MustGenerate(nil))}, 277 }), 278 }, 279 }, 280 }), 281 ProxySettings: serial.ToTypedMessage(&inbound.Config{ 282 User: []*protocol.User{ 283 { 284 Account: serial.ToTypedMessage(&vmess.Account{ 285 Id: userID.String(), 286 }), 287 }, 288 }, 289 }), 290 }, 291 }, 292 Outbound: []*core.OutboundHandlerConfig{ 293 { 294 ProxySettings: serial.ToTypedMessage(&freedom.Config{}), 295 }, 296 }, 297 } 298 299 clientPort := tcp.PickPort() 300 clientConfig := &core.Config{ 301 Inbound: []*core.InboundHandlerConfig{ 302 { 303 ReceiverSettings: serial.ToTypedMessage(&proxyman.ReceiverConfig{ 304 PortRange: net.SinglePortRange(clientPort), 305 Listen: net.NewIPOrDomain(net.LocalHostIP), 306 }), 307 ProxySettings: serial.ToTypedMessage(&dokodemo.Config{ 308 Address: net.NewIPOrDomain(dest.Address), 309 Port: uint32(dest.Port), 310 NetworkList: &net.NetworkList{ 311 Network: []net.Network{net.Network_TCP}, 312 }, 313 }), 314 }, 315 }, 316 Outbound: []*core.OutboundHandlerConfig{ 317 { 318 ProxySettings: serial.ToTypedMessage(&outbound.Config{ 319 Receiver: []*protocol.ServerEndpoint{ 320 { 321 Address: net.NewIPOrDomain(net.LocalHostIP), 322 Port: uint32(serverPort), 323 User: []*protocol.User{ 324 { 325 Account: serial.ToTypedMessage(&vmess.Account{ 326 Id: userID.String(), 327 }), 328 }, 329 }, 330 }, 331 }, 332 }), 333 SenderSettings: serial.ToTypedMessage(&proxyman.SenderConfig{ 334 StreamSettings: &internet.StreamConfig{ 335 Protocol: internet.TransportProtocol_MKCP, 336 SecurityType: serial.GetMessageType(&tls.Config{}), 337 SecuritySettings: []*serial.TypedMessage{ 338 serial.ToTypedMessage(&tls.Config{ 339 AllowInsecure: true, 340 }), 341 }, 342 }, 343 }), 344 }, 345 }, 346 } 347 348 servers, err := InitializeServerConfigs(serverConfig, clientConfig) 349 common.Must(err) 350 defer CloseAllServers(servers) 351 352 if err := testTCPConn(clientPort, 1024, time.Second*2)(); err != nil { 353 t.Error(err) 354 } 355 } 356 357 func TestTLSOverWebSocket(t *testing.T) { 358 tcpServer := tcp.Server{ 359 MsgProcessor: xor, 360 } 361 dest, err := tcpServer.Start() 362 common.Must(err) 363 defer tcpServer.Close() 364 365 userID := protocol.NewID(uuid.New()) 366 serverPort := tcp.PickPort() 367 serverConfig := &core.Config{ 368 Inbound: []*core.InboundHandlerConfig{ 369 { 370 ReceiverSettings: serial.ToTypedMessage(&proxyman.ReceiverConfig{ 371 PortRange: net.SinglePortRange(serverPort), 372 Listen: net.NewIPOrDomain(net.LocalHostIP), 373 StreamSettings: &internet.StreamConfig{ 374 Protocol: internet.TransportProtocol_WebSocket, 375 SecurityType: serial.GetMessageType(&tls.Config{}), 376 SecuritySettings: []*serial.TypedMessage{ 377 serial.ToTypedMessage(&tls.Config{ 378 Certificate: []*tls.Certificate{tls.ParseCertificate(cert.MustGenerate(nil))}, 379 }), 380 }, 381 }, 382 }), 383 ProxySettings: serial.ToTypedMessage(&inbound.Config{ 384 User: []*protocol.User{ 385 { 386 Account: serial.ToTypedMessage(&vmess.Account{ 387 Id: userID.String(), 388 }), 389 }, 390 }, 391 }), 392 }, 393 }, 394 Outbound: []*core.OutboundHandlerConfig{ 395 { 396 ProxySettings: serial.ToTypedMessage(&freedom.Config{}), 397 }, 398 }, 399 } 400 401 clientPort := tcp.PickPort() 402 clientConfig := &core.Config{ 403 Inbound: []*core.InboundHandlerConfig{ 404 { 405 ReceiverSettings: serial.ToTypedMessage(&proxyman.ReceiverConfig{ 406 PortRange: net.SinglePortRange(clientPort), 407 Listen: net.NewIPOrDomain(net.LocalHostIP), 408 }), 409 ProxySettings: serial.ToTypedMessage(&dokodemo.Config{ 410 Address: net.NewIPOrDomain(dest.Address), 411 Port: uint32(dest.Port), 412 NetworkList: &net.NetworkList{ 413 Network: []net.Network{net.Network_TCP}, 414 }, 415 }), 416 }, 417 }, 418 Outbound: []*core.OutboundHandlerConfig{ 419 { 420 ProxySettings: serial.ToTypedMessage(&outbound.Config{ 421 Receiver: []*protocol.ServerEndpoint{ 422 { 423 Address: net.NewIPOrDomain(net.LocalHostIP), 424 Port: uint32(serverPort), 425 User: []*protocol.User{ 426 { 427 Account: serial.ToTypedMessage(&vmess.Account{ 428 Id: userID.String(), 429 }), 430 }, 431 }, 432 }, 433 }, 434 }), 435 SenderSettings: serial.ToTypedMessage(&proxyman.SenderConfig{ 436 StreamSettings: &internet.StreamConfig{ 437 Protocol: internet.TransportProtocol_WebSocket, 438 TransportSettings: []*internet.TransportConfig{ 439 { 440 Protocol: internet.TransportProtocol_WebSocket, 441 Settings: serial.ToTypedMessage(&websocket.Config{}), 442 }, 443 }, 444 SecurityType: serial.GetMessageType(&tls.Config{}), 445 SecuritySettings: []*serial.TypedMessage{ 446 serial.ToTypedMessage(&tls.Config{ 447 AllowInsecure: true, 448 }), 449 }, 450 }, 451 }), 452 }, 453 }, 454 } 455 456 servers, err := InitializeServerConfigs(serverConfig, clientConfig) 457 common.Must(err) 458 defer CloseAllServers(servers) 459 460 var errg errgroup.Group 461 for i := 0; i < 10; i++ { 462 errg.Go(testTCPConn(clientPort, 10240*1024, time.Second*20)) 463 } 464 if err := errg.Wait(); err != nil { 465 t.Error(err) 466 } 467 } 468 469 func TestHTTP2(t *testing.T) { 470 tcpServer := tcp.Server{ 471 MsgProcessor: xor, 472 } 473 dest, err := tcpServer.Start() 474 common.Must(err) 475 defer tcpServer.Close() 476 477 userID := protocol.NewID(uuid.New()) 478 serverPort := tcp.PickPort() 479 serverConfig := &core.Config{ 480 Inbound: []*core.InboundHandlerConfig{ 481 { 482 ReceiverSettings: serial.ToTypedMessage(&proxyman.ReceiverConfig{ 483 PortRange: net.SinglePortRange(serverPort), 484 Listen: net.NewIPOrDomain(net.LocalHostIP), 485 StreamSettings: &internet.StreamConfig{ 486 Protocol: internet.TransportProtocol_HTTP, 487 TransportSettings: []*internet.TransportConfig{ 488 { 489 Protocol: internet.TransportProtocol_HTTP, 490 Settings: serial.ToTypedMessage(&http.Config{ 491 Host: []string{"v2ray.com"}, 492 Path: "/testpath", 493 }), 494 }, 495 }, 496 SecurityType: serial.GetMessageType(&tls.Config{}), 497 SecuritySettings: []*serial.TypedMessage{ 498 serial.ToTypedMessage(&tls.Config{ 499 Certificate: []*tls.Certificate{tls.ParseCertificate(cert.MustGenerate(nil))}, 500 }), 501 }, 502 }, 503 }), 504 ProxySettings: serial.ToTypedMessage(&inbound.Config{ 505 User: []*protocol.User{ 506 { 507 Account: serial.ToTypedMessage(&vmess.Account{ 508 Id: userID.String(), 509 }), 510 }, 511 }, 512 }), 513 }, 514 }, 515 Outbound: []*core.OutboundHandlerConfig{ 516 { 517 ProxySettings: serial.ToTypedMessage(&freedom.Config{}), 518 }, 519 }, 520 } 521 522 clientPort := tcp.PickPort() 523 clientConfig := &core.Config{ 524 Inbound: []*core.InboundHandlerConfig{ 525 { 526 ReceiverSettings: serial.ToTypedMessage(&proxyman.ReceiverConfig{ 527 PortRange: net.SinglePortRange(clientPort), 528 Listen: net.NewIPOrDomain(net.LocalHostIP), 529 }), 530 ProxySettings: serial.ToTypedMessage(&dokodemo.Config{ 531 Address: net.NewIPOrDomain(dest.Address), 532 Port: uint32(dest.Port), 533 NetworkList: &net.NetworkList{ 534 Network: []net.Network{net.Network_TCP}, 535 }, 536 }), 537 }, 538 }, 539 Outbound: []*core.OutboundHandlerConfig{ 540 { 541 ProxySettings: serial.ToTypedMessage(&outbound.Config{ 542 Receiver: []*protocol.ServerEndpoint{ 543 { 544 Address: net.NewIPOrDomain(net.LocalHostIP), 545 Port: uint32(serverPort), 546 User: []*protocol.User{ 547 { 548 Account: serial.ToTypedMessage(&vmess.Account{ 549 Id: userID.String(), 550 }), 551 }, 552 }, 553 }, 554 }, 555 }), 556 SenderSettings: serial.ToTypedMessage(&proxyman.SenderConfig{ 557 StreamSettings: &internet.StreamConfig{ 558 Protocol: internet.TransportProtocol_HTTP, 559 TransportSettings: []*internet.TransportConfig{ 560 { 561 Protocol: internet.TransportProtocol_HTTP, 562 Settings: serial.ToTypedMessage(&http.Config{ 563 Host: []string{"v2ray.com"}, 564 Path: "/testpath", 565 }), 566 }, 567 }, 568 SecurityType: serial.GetMessageType(&tls.Config{}), 569 SecuritySettings: []*serial.TypedMessage{ 570 serial.ToTypedMessage(&tls.Config{ 571 AllowInsecure: true, 572 }), 573 }, 574 }, 575 }), 576 }, 577 }, 578 } 579 580 servers, err := InitializeServerConfigs(serverConfig, clientConfig) 581 common.Must(err) 582 defer CloseAllServers(servers) 583 584 var errg errgroup.Group 585 for i := 0; i < 10; i++ { 586 errg.Go(testTCPConn(clientPort, 10240*1024, time.Second*40)) 587 } 588 if err := errg.Wait(); err != nil { 589 t.Error(err) 590 } 591 }