lkddi/Xboard
1
0
Fork 0
mirror of https://github.com/lkddi/Xboard.git synced 2026-04-24 03:57:27 +08:00
Code Issues Packages Projects Releases Wiki Activity

feat: machine mode, ECH subscriptions, batch ops & security hardening

Browse Source
This commit is contained in:
xboard
2026-04-17 02:27:47 +08:00
parent edbd8de356
commit e297b5fe9f
25 changed files with 1564 additions and 343 deletions
Download Patch File Download Diff File Expand all files Collapse all files
app/Protocols/ClashMeta.php
+77 -2
View File
@@ -58,6 +58,66 @@ class ClashMeta extends AbstractProtocol
'flclash.hysteria.protocol_settings.version' => [
2 => '0.8.0',
],
'meta.vmess.protocol_settings.tls_settings.ech.enabled' => [
1 => '1.19.9',
],
'meta.vless.protocol_settings.tls_settings.ech.enabled' => [
1 => '1.19.9',
],
'meta.trojan.protocol_settings.tls_settings.ech.enabled' => [
1 => '1.19.9',
],
'meta.anytls.protocol_settings.tls.ech.enabled' => [
1 => '1.19.9',
],
'verge.vmess.protocol_settings.tls_settings.ech.enabled' => [
1 => '1.19.9',
],
'verge.vless.protocol_settings.tls_settings.ech.enabled' => [
1 => '1.19.9',
],
'verge.trojan.protocol_settings.tls_settings.ech.enabled' => [
1 => '1.19.9',
],
'verge.anytls.protocol_settings.tls.ech.enabled' => [
1 => '1.19.9',
],
'flclash.vmess.protocol_settings.tls_settings.ech.enabled' => [
1 => '1.19.9',
],
'flclash.vless.protocol_settings.tls_settings.ech.enabled' => [
1 => '1.19.9',
],
'flclash.trojan.protocol_settings.tls_settings.ech.enabled' => [
1 => '1.19.9',
],
'flclash.anytls.protocol_settings.tls.ech.enabled' => [
1 => '1.19.9',
],
'nekobox.vmess.protocol_settings.tls_settings.ech.enabled' => [
1 => '1.19.9',
],
'nekobox.vless.protocol_settings.tls_settings.ech.enabled' => [
1 => '1.19.9',
],
'nekobox.trojan.protocol_settings.tls_settings.ech.enabled' => [
1 => '1.19.9',
],
'nekobox.anytls.protocol_settings.tls.ech.enabled' => [
1 => '1.19.9',
],
'clashmetaforandroid.vmess.protocol_settings.tls_settings.ech.enabled' => [
1 => '1.19.9',
],
'clashmetaforandroid.vless.protocol_settings.tls_settings.ech.enabled' => [
1 => '1.19.9',
],
'clashmetaforandroid.trojan.protocol_settings.tls_settings.ech.enabled' => [
1 => '1.19.9',
],
'clashmetaforandroid.anytls.protocol_settings.tls.ech.enabled' => [
1 => '1.19.9',
],
];
public function handle()
@@ -264,6 +324,7 @@ class ClashMeta extends AbstractProtocol
$array['tls'] = (bool) data_get($protocol_settings, 'tls');
$array['skip-cert-verify'] = (bool) data_get($protocol_settings, 'tls_settings.allow_insecure', false);
$array['servername'] = data_get($protocol_settings, 'tls_settings.server_name');
self::appendEch($array, data_get($protocol_settings, 'tls_settings.ech'));
}
self::appendUtls($array, $protocol_settings);
@@ -346,6 +407,7 @@ class ClashMeta extends AbstractProtocol
if ($serverName = data_get($protocol_settings, 'tls_settings.server_name')) {
$array['servername'] = $serverName;
}
self::appendEch($array, data_get($protocol_settings, 'tls_settings.ech'));
self::appendUtls($array, $protocol_settings);
break;
case 2:
@@ -440,10 +502,11 @@ class ClashMeta extends AbstractProtocol
];
break;
default: // Standard TLS
$array['skip-cert-verify'] = (bool) data_get($protocol_settings, 'allow_insecure', false);
if ($serverName = data_get($protocol_settings, 'server_name')) {
$array['skip-cert-verify'] = (bool) data_get($protocol_settings, 'tls_settings.allow_insecure', data_get($protocol_settings, 'allow_insecure', false));
if ($serverName = data_get($protocol_settings, 'tls_settings.server_name', data_get($protocol_settings, 'server_name'))) {
$array['sni'] = $serverName;
}
self::appendEch($array, data_get($protocol_settings, 'tls_settings.ech'));
break;
}
@@ -584,6 +647,7 @@ class ClashMeta extends AbstractProtocol
if ($allowInsecure = data_get($protocol_settings, 'tls.allow_insecure')) {
$array['skip-cert-verify'] = (bool) $allowInsecure;
}
self::appendEch($array, data_get($protocol_settings, 'tls.ech'));
return $array;
}
@@ -705,4 +769,15 @@ class ClashMeta extends AbstractProtocol
}
}
}
protected static function appendEch(&$array, $ech): void
{
if ($normalized = Helper::normalizeEchSettings($ech)) {
$array['ech-opts'] = array_filter([
'enable' => true,
'config' => Helper::toMihomoEchConfig(data_get($normalized, 'config')),
'query-server-name' => data_get($normalized, 'query_server_name'),
], fn($value) => $value !== null);
}
}
}