github/Qv2ray
5
0
Fork 0
mirror of https://github.com/Qv2ray/Qv2ray.git synced 2025-05-20 19:00:22 +08:00
Code Issues Packages Projects Releases Wiki Activity

remove global allowInsecure and setSessionResumption

Browse Source
This commit is contained in:
QxQ 2021-02-14 21:00:37 +08:00
parent 4cc95cb2f6
commit 87be9acfff
10 changed files with 21 additions and 116 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
makespec/BUILDVERSION
View File

@ -1 +1 @@
6150 6151

8
src/base/models/QvSettingsObject.hpp
View File

@ -135,15 +135,11 @@ namespace Qv2ray::base::config
struct Qv2rayConfig_Advanced struct Qv2rayConfig_Advanced
{ {
bool setAllowInsecure = false;
bool setSessionResumption = false;
bool testLatencyPeriodcally = false; bool testLatencyPeriodcally = false;
bool disableSystemRoot = false; bool disableSystemRoot = false;
bool testLatencyOnConnected = false; bool testLatencyOnConnected = false;
JSONSTRUCT_COMPARE(Qv2rayConfig_Advanced, setAllowInsecure, setSessionResumption, testLatencyPeriodcally, disableSystemRoot, JSONSTRUCT_COMPARE(Qv2rayConfig_Advanced, testLatencyPeriodcally, disableSystemRoot, testLatencyOnConnected)
testLatencyOnConnected) JSONSTRUCT_REGISTER(Qv2rayConfig_Advanced, F(testLatencyPeriodcally, disableSystemRoot, testLatencyOnConnected))
JSONSTRUCT_REGISTER(Qv2rayConfig_Advanced,
F(setAllowInsecure, setSessionResumption, testLatencyPeriodcally, disableSystemRoot, testLatencyOnConnected))
}; };
enum Qv2rayLatencyTestingMethod enum Qv2rayLatencyTestingMethod

4
src/components/plugins/QvPluginHost.cpp
View File

@ -248,8 +248,6 @@ namespace Qv2ray::components::plugins
// Populate Plugin Options // Populate Plugin Options
{ {
auto opt = plugin.pluginLoader->instance()->property(QV2RAY_PLUGIN_INTERNAL_PROPERTY_KEY).value<Qv2rayPluginOption>(); auto opt = plugin.pluginLoader->instance()->property(QV2RAY_PLUGIN_INTERNAL_PROPERTY_KEY).value<Qv2rayPluginOption>();
opt[OPTION_SET_TLS_ALLOW_INSECURE] = GlobalConfig.advancedConfig.setAllowInsecure;
opt[OPTION_SET_TLS_SESSION_RESUMPTION] = GlobalConfig.advancedConfig.setSessionResumption;
opt[OPTION_SET_TLS_DISABLE_SYSTEM_CERTS] = GlobalConfig.advancedConfig.disableSystemRoot; opt[OPTION_SET_TLS_DISABLE_SYSTEM_CERTS] = GlobalConfig.advancedConfig.disableSystemRoot;
plugin.pluginLoader->instance()->setProperty(QV2RAY_PLUGIN_INTERNAL_PROPERTY_KEY, QVariant::fromValue(opt)); plugin.pluginLoader->instance()->setProperty(QV2RAY_PLUGIN_INTERNAL_PROPERTY_KEY, QVariant::fromValue(opt));
} }
@ -285,7 +283,7 @@ namespace Qv2ray::components::plugins
return {}; return {};
} }
const void QvPluginHost::SetOutboundInfo(const QString &protocol, const OutboundInfoObject &info, QJsonObject &o) const void QvPluginHost::SetOutboundInfo(const QString &protocol, const OutboundInfoObject &info, QJsonObject &o) const
{ {
for (const auto &plugin : plugins) for (const auto &plugin : plugins)
{ {

2
src/components/plugins/QvPluginHost.hpp
View File

@ -67,7 +67,7 @@ namespace Qv2ray::components::plugins
bool *ok) const; bool *ok) const;
const OutboundInfoObject GetOutboundInfo(const QString &protocol, const QJsonObject &o, bool &status) const; const OutboundInfoObject GetOutboundInfo(const QString &protocol, const QJsonObject &o, bool &status) const;
const void SetOutboundInfo(const QString &protocol, const OutboundInfoObject &info, QJsonObject &o) const; void SetOutboundInfo(const QString &protocol, const OutboundInfoObject &info, QJsonObject &o) const;
// //
void Send_ConnectionStatsEvent(const Events::ConnectionStats::EventObject &object); void Send_ConnectionStatsEvent(const Events::ConnectionStats::EventObject &object);
void Send_ConnectivityEvent(const Events::Connectivity::EventObject &object); void Send_ConnectivityEvent(const Events::Connectivity::EventObject &object);

6
src/core/connection/Serialization.cpp
View File

@ -11,15 +11,9 @@ namespace Qv2ray::core::connection
QString *newGroup) QString *newGroup)
{ {
const auto TLSOptionsFilter = [](QJsonObject &conf) { const auto TLSOptionsFilter = [](QJsonObject &conf) {
const auto allowInsecure = GlobalConfig.advancedConfig.setAllowInsecure;
const auto setSR = GlobalConfig.advancedConfig.setSessionResumption;
const auto disableSystemRoot = GlobalConfig.advancedConfig.disableSystemRoot; const auto disableSystemRoot = GlobalConfig.advancedConfig.disableSystemRoot;
for (const QString &prefix : { "tls", "xtls" }) for (const QString &prefix : { "tls", "xtls" })
{
QJsonIO::SetValue(conf, allowInsecure, { "outbounds", 0, "streamSettings", prefix + "Settings", "allowInsecure" });
QJsonIO::SetValue(conf, !setSR, { "outbounds", 0, "streamSettings", prefix + "Settings", "disableSessionResumption" });
QJsonIO::SetValue(conf, disableSystemRoot, { "outbounds", 0, "streamSettings", prefix + "Settings", "disableSystemRoot" }); QJsonIO::SetValue(conf, disableSystemRoot, { "outbounds", 0, "streamSettings", prefix + "Settings", "disableSystemRoot" });
}
}; };
QList<std::pair<QString, CONFIGROOT>> connectionConf; QList<std::pair<QString, CONFIGROOT>> connectionConf;

2
src/plugin-interface

@ -1 +1 @@
Subproject commit 94f935e544b85cf8992454226c450a6435d7b747 Subproject commit 911c4adbb7b598435162da245ab248d215d3f018

22
src/ui/widgets/windows/w_PreferencesWindow.cpp
View File

@ -209,8 +209,6 @@ PreferencesWindow::PreferencesWindow(QWidget *parent) : QvDialog("PreferenceWind
// //
// Advanced config. // Advanced config.
{ {
setAllowInsecureCB->setChecked(CurrentConfig.advancedConfig.setAllowInsecure);
setSessionResumptionCB->setChecked(CurrentConfig.advancedConfig.setSessionResumption);
setTestLatenctCB->setChecked(CurrentConfig.advancedConfig.testLatencyPeriodcally); setTestLatenctCB->setChecked(CurrentConfig.advancedConfig.testLatencyPeriodcally);
setTestLatenctOnConnectedCB->setChecked(CurrentConfig.advancedConfig.testLatencyOnConnected); setTestLatenctOnConnectedCB->setChecked(CurrentConfig.advancedConfig.testLatencyOnConnected);
disableSystemRootCB->setChecked(CurrentConfig.advancedConfig.disableSystemRoot); disableSystemRootCB->setChecked(CurrentConfig.advancedConfig.disableSystemRoot);
@ -844,16 +842,6 @@ void PreferencesWindow::on_qvProxyPortCB_valueChanged(int arg1)
CurrentConfig.networkConfig.port = arg1; CurrentConfig.networkConfig.port = arg1;
} }
void PreferencesWindow::on_setAllowInsecureCB_stateChanged(int arg1)
{
LOADINGCHECK
if (arg1 == Qt::Checked)
{
QvMessageBoxWarn(this, tr("Dangerous Operation"), tr("You will lose the advantage of TLS and make your connection under MITM attack."));
}
CurrentConfig.advancedConfig.setAllowInsecure = arg1 == Qt::Checked;
}
void PreferencesWindow::on_setTestLatenctCB_stateChanged(int arg1) void PreferencesWindow::on_setTestLatenctCB_stateChanged(int arg1)
{ {
LOADINGCHECK LOADINGCHECK
@ -874,16 +862,6 @@ void PreferencesWindow::on_setTestLatenctOnConnectedCB_stateChanged(int arg1)
CurrentConfig.advancedConfig.testLatencyOnConnected = arg1 == Qt::Checked; CurrentConfig.advancedConfig.testLatencyOnConnected = arg1 == Qt::Checked;
} }
void PreferencesWindow::on_setSessionResumptionCB_stateChanged(int arg1)
{
LOADINGCHECK
if (arg1 == Qt::Checked)
{
QvMessageBoxWarn(this, tr("Dangerous Operation"), tr("This will make your TLS fingerpring different from common Golang programs."));
}
CurrentConfig.advancedConfig.setSessionResumption = arg1 == Qt::Checked;
}
void PreferencesWindow::on_quietModeCB_stateChanged(int arg1) void PreferencesWindow::on_quietModeCB_stateChanged(int arg1)
{ {
LOADINGCHECK LOADINGCHECK

2
src/ui/widgets/windows/w_PreferencesWindow.hpp
View File

@ -94,10 +94,8 @@ class PreferencesWindow
void on_qvProxyAddressTxt_textEdited(const QString &arg1); void on_qvProxyAddressTxt_textEdited(const QString &arg1);
void on_qvProxyTypeCombo_currentTextChanged(const QString &arg1); void on_qvProxyTypeCombo_currentTextChanged(const QString &arg1);
void on_qvProxyPortCB_valueChanged(int arg1); void on_qvProxyPortCB_valueChanged(int arg1);
void on_setAllowInsecureCB_stateChanged(int arg1);
void on_setTestLatenctCB_stateChanged(int arg1); void on_setTestLatenctCB_stateChanged(int arg1);
void on_setTestLatenctOnConnectedCB_stateChanged(int arg1); void on_setTestLatenctOnConnectedCB_stateChanged(int arg1);
void on_setSessionResumptionCB_stateChanged(int arg1);
void on_quietModeCB_stateChanged(int arg1); void on_quietModeCB_stateChanged(int arg1);
void on_tproxyGroupBox_toggled(bool arg1); void on_tproxyGroupBox_toggled(bool arg1);
void on_tProxyPort_valueChanged(int arg1); void on_tProxyPort_valueChanged(int arg1);

68
src/ui/widgets/windows/w_PreferencesWindow.ui
View File

@ -581,48 +581,6 @@ For example, for updating subscriptions.</string>
<string>Advanced Behavior</string> <string>Advanced Behavior</string>
</property> </property>
<layout class="QFormLayout" name="formLayout_5"> <layout class="QFormLayout" name="formLayout_5">
<item row="1" column="0">
<widget class="QLabel" name="label_82">
<property name="text">
<string>Set AllowInsecure By Default</string>
</property>
<property name="textFormat">
<enum>Qt::PlainText</enum>
</property>
</widget>
</item>
<item row="1" column="1">
<widget class="QCheckBox" name="setAllowInsecureCB">
<property name="toolTip">
<string>Enable &quot;AllowInsecure&quot; settings for all connections when importing.
This could resolve the certificate issues, but also could let one performing TLS MITM attack.</string>
</property>
<property name="text">
<string>Enabled</string>
</property>
</widget>
</item>
<item row="3" column="0">
<widget class="QLabel" name="label_83">
<property name="text">
<string>Test Latency Periodcally</string>
</property>
<property name="textFormat">
<enum>Qt::PlainText</enum>
</property>
</widget>
</item>
<item row="3" column="1">
<widget class="QCheckBox" name="setTestLatenctCB">
<property name="toolTip">
<string>Run TCPing or ICMPing periodcally after connecting to a server.
Qv2ray will give a more accurate latency value if Enabled, but makes it easy to fingerprint the connection.</string>
</property>
<property name="text">
<string>Enabled</string>
</property>
</widget>
</item>
<item row="0" column="0" colspan="2"> <item row="0" column="0" colspan="2">
<widget class="QLabel" name="label_84"> <widget class="QLabel" name="label_84">
<property name="font"> <property name="font">
@ -644,45 +602,49 @@ But could damage your server if improperly used.</string>
</property> </property>
</widget> </widget>
</item> </item>
<item row="2" column="0"> <item row="1" column="0">
<widget class="QLabel" name="label_85"> <widget class="QLabel" name="label_83">
<property name="text"> <property name="text">
<string>Enable SessionResumption By Default</string> <string>Test Latency Periodcally</string>
</property> </property>
<property name="textFormat"> <property name="textFormat">
<enum>Qt::PlainText</enum> <enum>Qt::PlainText</enum>
</property> </property>
</widget> </widget>
</item> </item>
<item row="2" column="1"> <item row="1" column="1">
<widget class="QCheckBox" name="setSessionResumptionCB"> <widget class="QCheckBox" name="setTestLatenctCB">
<property name="toolTip">
<string>Run TCPing or ICMPing periodcally after connecting to a server.
Qv2ray will give a more accurate latency value if Enabled, but makes it easy to fingerprint the connection.</string>
</property>
<property name="text"> <property name="text">
<string>Enabled</string> <string>Enabled</string>
</property> </property>
</widget> </widget>
</item> </item>
<item row="4" column="0"> <item row="2" column="0">
<widget class="QLabel" name="label_7"> <widget class="QLabel" name="label_7">
<property name="text"> <property name="text">
<string>Disable System Root Certificates</string> <string>Disable System Root Certificates</string>
</property> </property>
</widget> </widget>
</item> </item>
<item row="4" column="1"> <item row="2" column="1">
<widget class="QCheckBox" name="disableSystemRootCB"> <widget class="QCheckBox" name="disableSystemRootCB">
<property name="text"> <property name="text">
<string>Enabled</string> <string>Enabled</string>
</property> </property>
</widget> </widget>
</item> </item>
<item row="5" column="0"> <item row="3" column="0">
<widget class="QLabel" name="label_44"> <widget class="QLabel" name="label_44">
<property name="text"> <property name="text">
<string>Test Latency On Connected</string> <string>Test Latency On Connected</string>
</property> </property>
</widget> </widget>
</item> </item>
<item row="5" column="1"> <item row="3" column="1">
<widget class="QCheckBox" name="setTestLatenctOnConnectedCB"> <widget class="QCheckBox" name="setTestLatenctOnConnectedCB">
<property name="text"> <property name="text">
<string>Enabled</string> <string>Enabled</string>
@ -1040,8 +1002,8 @@ Custom DNS Settings</string>
<rect> <rect>
<x>0</x> <x>0</x>
<y>0</y> <y>0</y>
<width>904</width> <width>906</width>
<height>612</height> <height>614</height>
</rect> </rect>
</property> </property>
<layout class="QVBoxLayout" name="verticalLayout_2"> <layout class="QVBoxLayout" name="verticalLayout_2">

21
translations/en_US.ts
View File

@ -1334,15 +1334,6 @@ For example, for updating subscriptions.</source>
<source>Advanced Behavior</source> <source>Advanced Behavior</source>
<translation type="unfinished"></translation> <translation type="unfinished"></translation>
</message> </message>
<message>
<source>Set AllowInsecure By Default</source>
<translation type="unfinished"></translation>
</message>
<message>
<source>Enable &quot;AllowInsecure&quot; settings for all connections when importing.
This could resolve the certificate issues, but also could let one performing TLS MITM attack.</source>
<translation type="unfinished"></translation>
</message>
<message> <message>
<source>Test Latency Periodcally</source> <source>Test Latency Periodcally</source>
<translation type="unfinished"></translation> <translation type="unfinished"></translation>
@ -1352,10 +1343,6 @@ This could resolve the certificate issues, but also could let one performing TLS
Qv2ray will give a more accurate latency value if Enabled, but makes it easy to fingerprint the connection.</source> Qv2ray will give a more accurate latency value if Enabled, but makes it easy to fingerprint the connection.</source>
<translation type="unfinished"></translation> <translation type="unfinished"></translation>
</message> </message>
<message>
<source>Enable SessionResumption By Default</source>
<translation type="unfinished"></translation>
</message>
<message> <message>
<source>Kernel Settings</source> <source>Kernel Settings</source>
<translation type="unfinished"></translation> <translation type="unfinished"></translation>
@ -1645,10 +1632,6 @@ Custom DNS Settings</source>
<source>Dangerous Operation</source> <source>Dangerous Operation</source>
<translation type="unfinished"></translation> <translation type="unfinished"></translation>
</message> </message>
<message>
<source>You will lose the advantage of TLS and make your connection under MITM attack.</source>
<translation type="unfinished"></translation>
</message>
<message> <message>
<source>This will (probably) make it easy to fingerprint your connection.</source> <source>This will (probably) make it easy to fingerprint your connection.</source>
<translation type="unfinished"></translation> <translation type="unfinished"></translation>
@ -1809,10 +1792,6 @@ The filename of V2Ray core is usually &apos;v2ray&apos; or &apos;v2ray.exe&apos;
If you insist to proceed, we&apos;re not providing with any support.</source> If you insist to proceed, we&apos;re not providing with any support.</source>
<translation type="unfinished"></translation> <translation type="unfinished"></translation>
</message> </message>
<message>
<source>This will make your TLS fingerpring different from common Golang programs.</source>
<translation type="unfinished"></translation>
</message>
<message> <message>
<source>Force Direct for All Connections</source> <source>Force Direct for All Connections</source>
<translation type="unfinished"></translation> <translation type="unfinished"></translation>