mirror of
https://github.com/Flowseal/tg-ws-proxy.git
synced 2026-07-05 12:51:08 +03:00
Compare commits
2 Commits
v1.6.4
..
37deed29ae
| Author | SHA1 | Date | |
|---|---|---|---|
| 37deed29ae | |||
| b66732f7f9 |
@@ -3,5 +3,3 @@ vmmzovy.com
|
|||||||
mkuosckvso.com
|
mkuosckvso.com
|
||||||
zaewayzmplad.com
|
zaewayzmplad.com
|
||||||
twdmbzcm.com
|
twdmbzcm.com
|
||||||
awzwsldi.com
|
|
||||||
clngqrflngqin.com
|
|
||||||
|
|||||||
@@ -26,7 +26,7 @@ jobs:
|
|||||||
- name: Setup Python
|
- name: Setup Python
|
||||||
uses: actions/setup-python@v6
|
uses: actions/setup-python@v6
|
||||||
with:
|
with:
|
||||||
python-version: "3.11"
|
python-version: "3.12"
|
||||||
cache: "pip"
|
cache: "pip"
|
||||||
|
|
||||||
- name: Setup MSVC 14.40 toolset
|
- name: Setup MSVC 14.40 toolset
|
||||||
@@ -384,8 +384,7 @@ jobs:
|
|||||||
tag_name: ${{ github.event.inputs.version }}
|
tag_name: ${{ github.event.inputs.version }}
|
||||||
name: "TG WS Proxy ${{ github.event.inputs.version }}"
|
name: "TG WS Proxy ${{ github.event.inputs.version }}"
|
||||||
body: |
|
body: |
|
||||||
##
|
## TG WS Proxy ${{ github.event.inputs.version }}
|
||||||
### [❤️ Поддержать развитие проекта](https://github.com/Flowseal/tg-ws-proxy/blob/main/docs/Funding.md)
|
|
||||||
files: |
|
files: |
|
||||||
dist/TgWsProxy_windows.exe
|
dist/TgWsProxy_windows.exe
|
||||||
dist/TgWsProxy_windows_7_64bit.exe
|
dist/TgWsProxy_windows_7_64bit.exe
|
||||||
|
|||||||
@@ -24,4 +24,9 @@ Thumbs.db
|
|||||||
Desktop.ini
|
Desktop.ini
|
||||||
.DS_Store
|
.DS_Store
|
||||||
|
|
||||||
|
# Project-specific (not for the repo)
|
||||||
|
scan_ips.py
|
||||||
|
scan.txt
|
||||||
|
AyuGramDesktop-dev/
|
||||||
|
tweb-master/
|
||||||
/icon.icns
|
/icon.icns
|
||||||
|
|||||||
@@ -1,14 +0,0 @@
|
|||||||
> [!TIP]
|
|
||||||
>
|
|
||||||
> ### 🎉 Поддержать меня
|
|
||||||
>
|
|
||||||
> **USDT (TRC20)**: `TXPnKs2Ww1RD8JN6nChFUVmi5r2hqrWjuu`
|
|
||||||
> **BTC**: `bc1qr8vd6jelkyyry3m4mq6z5txdx4pl856fu6ss0w`
|
|
||||||
> **ETH**: `0x1417878fdc5047E670a77748B34819b9A49C72F1`
|
|
||||||
> **Другие монеты**: https://nowpayments.io/donation/flowseal
|
|
||||||
|
|
||||||
##
|
|
||||||
|
|
||||||
### Проект полностью бесплатен для использования всеми.
|
|
||||||
### Однако его развитие и стабильная работа при росте числа пользователей требуют от меня определённых вложений.
|
|
||||||
### Буду благодарен за любую форму поддержки! Спасибо ❤️
|
|
||||||
+47
-3
@@ -1,6 +1,6 @@
|
|||||||
> [!TIP]
|
> [!TIP]
|
||||||
>
|
>
|
||||||
> ### [🎉 Поддержать меня](https://github.com/Flowseal/tg-ws-proxy/blob/main/docs/Funding.md)
|
> ### 🎉 Поддержать меня
|
||||||
>
|
>
|
||||||
> **USDT (TRC20)**: `TXPnKs2Ww1RD8JN6nChFUVmi5r2hqrWjuu`
|
> **USDT (TRC20)**: `TXPnKs2Ww1RD8JN6nChFUVmi5r2hqrWjuu`
|
||||||
> **BTC**: `bc1qr8vd6jelkyyry3m4mq6z5txdx4pl856fu6ss0w`
|
> **BTC**: `bc1qr8vd6jelkyyry3m4mq6z5txdx4pl856fu6ss0w`
|
||||||
@@ -112,6 +112,50 @@ paru -S tg-ws-proxy-bin
|
|||||||
sudo systemctl start tg-ws-proxy-cli@8888:3075abe65830f0325116bb0416cadf9f
|
sudo systemctl start tg-ws-proxy-cli@8888:3075abe65830f0325116bb0416cadf9f
|
||||||
```
|
```
|
||||||
|
|
||||||
|
Для NixOS используйте [tg-ws-proxy-flake](https://github.com/dmfrpro/tg-ws-proxy-flake):
|
||||||
|
|
||||||
|
```nix
|
||||||
|
inputs = {
|
||||||
|
nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable";
|
||||||
|
|
||||||
|
tg-ws-proxy.url = "github:dmfrpro/tg-ws-proxy-flake";
|
||||||
|
tg-ws-proxy.inputs.nixpkgs.follows = "nixpkgs";
|
||||||
|
};
|
||||||
|
```
|
||||||
|
|
||||||
|
Далее добавляете или системный модуль, или home-manager модуль:
|
||||||
|
```nix
|
||||||
|
outputs = { self, nixpkgs, tg-ws-proxy, ... }: {
|
||||||
|
|
||||||
|
# Или NixOS модуль
|
||||||
|
nixosConfigurations.host = nixpkgs.lib.nixosSystem {
|
||||||
|
system = "x86_64-linux";
|
||||||
|
modules = [
|
||||||
|
tg-ws-proxy.nixosModules.tg-ws-proxy
|
||||||
|
];
|
||||||
|
};
|
||||||
|
|
||||||
|
# Или Home-manager модуль
|
||||||
|
homeConfigurations."user@host" = home-manager.lib.homeManagerConfiguration {
|
||||||
|
inherit pkgs;
|
||||||
|
modules = [
|
||||||
|
tg-ws-proxy.homeModules.tg-ws-proxy
|
||||||
|
];
|
||||||
|
};
|
||||||
|
};
|
||||||
|
```
|
||||||
|
|
||||||
|
и включаете сервис:
|
||||||
|
|
||||||
|
```nix
|
||||||
|
{
|
||||||
|
services.tg-ws-proxy = {
|
||||||
|
enable = true;
|
||||||
|
secret = "3075abe65830f0325116bb0416cadf9f"; # openssl rand -hex 16
|
||||||
|
};
|
||||||
|
}
|
||||||
|
```
|
||||||
|
|
||||||
Для остальных дистрибутивов можно использовать **`TgWsProxy_linux_amd64`** (бинарный файл для x86_64).
|
Для остальных дистрибутивов можно использовать **`TgWsProxy_linux_amd64`** (бинарный файл для x86_64).
|
||||||
|
|
||||||
```bash
|
```bash
|
||||||
@@ -280,7 +324,7 @@ Tray-приложение хранит данные в:
|
|||||||
|
|
||||||
## Автоматическая сборка
|
## Автоматическая сборка
|
||||||
|
|
||||||
Проект содержит спецификации PyInstaller ([`packaging/windows.spec`](../packaging/windows.spec), [`packaging/macos.spec`](../packaging/macos.spec), [`packaging/linux.spec`](../packaging/linux.spec)) и GitHub Actions workflow ([`.github/workflows/build.yml`](../.github/workflows/build.yml)) для автоматической сборки.
|
Проект содержит спецификации PyInstaller ([`packaging/windows.spec`](packaging/windows.spec), [`packaging/macos.spec`](packaging/macos.spec), [`packaging/linux.spec`](packaging/linux.spec)) и GitHub Actions workflow ([`.github/workflows/build.yml`](.github/workflows/build.yml)) для автоматической сборки.
|
||||||
|
|
||||||
Минимально поддерживаемые версии ОС для текущих бинарных сборок:
|
Минимально поддерживаемые версии ОС для текущих бинарных сборок:
|
||||||
|
|
||||||
@@ -293,4 +337,4 @@ Tray-приложение хранит данные в:
|
|||||||
|
|
||||||
## Лицензия
|
## Лицензия
|
||||||
|
|
||||||
[MIT License](https://github.com/Flowseal/tg-ws-proxy/blob/main/LICENSE)
|
[MIT License](LICENSE)
|
||||||
|
|||||||
@@ -309,7 +309,7 @@ def _maybe_notify_update_async() -> None:
|
|||||||
):
|
):
|
||||||
webbrowser.open(url)
|
webbrowser.open(url)
|
||||||
except Exception as exc:
|
except Exception as exc:
|
||||||
log.warning("Update check failed: %s", exc)
|
log.debug("Update check failed: %s", exc)
|
||||||
|
|
||||||
threading.Thread(target=_work, daemon=True, name="update-check").start()
|
threading.Thread(target=_work, daemon=True, name="update-check").start()
|
||||||
|
|
||||||
|
|||||||
+1
-1
@@ -1,6 +1,6 @@
|
|||||||
from .config import parse_dc_ip_list, proxy_config
|
from .config import parse_dc_ip_list, proxy_config
|
||||||
from .utils import get_link_host
|
from .utils import get_link_host
|
||||||
|
|
||||||
__version__ = "1.6.4"
|
__version__ = "1.6.2"
|
||||||
|
|
||||||
__all__ = ["__version__", "get_link_host", "proxy_config", "parse_dc_ip_list"]
|
__all__ = ["__version__", "get_link_host", "proxy_config", "parse_dc_ip_list"]
|
||||||
@@ -1,43 +0,0 @@
|
|||||||
import random
|
|
||||||
from collections import Counter
|
|
||||||
|
|
||||||
from typing import Dict, List, Iterator
|
|
||||||
|
|
||||||
|
|
||||||
class _Balancer:
|
|
||||||
def __init__(self):
|
|
||||||
self.domains: List[str] = []
|
|
||||||
self._dc_to_domain: Dict[int, str] = {}
|
|
||||||
|
|
||||||
def update_domains_list(self, domains_list: List[str]) -> None:
|
|
||||||
if Counter(self.domains) == Counter(domains_list):
|
|
||||||
return
|
|
||||||
|
|
||||||
self.domains = domains_list[:]
|
|
||||||
|
|
||||||
self._dc_to_domain = {
|
|
||||||
dc_id: random.choice(self.domains)
|
|
||||||
for dc_id in (1, 2, 3, 4, 5, 203)
|
|
||||||
}
|
|
||||||
|
|
||||||
def update_domain_for_dc(self, dc_id: int, domain: str) -> bool:
|
|
||||||
if self._dc_to_domain.get(dc_id) == domain:
|
|
||||||
return False
|
|
||||||
|
|
||||||
self._dc_to_domain[dc_id] = domain
|
|
||||||
return True
|
|
||||||
|
|
||||||
def get_domains_for_dc(self, dc_id: int) -> Iterator[str]:
|
|
||||||
current_domain = self._dc_to_domain.get(dc_id)
|
|
||||||
if current_domain is not None:
|
|
||||||
yield current_domain
|
|
||||||
|
|
||||||
shuffled_domains = self.domains[:]
|
|
||||||
random.shuffle(shuffled_domains)
|
|
||||||
|
|
||||||
for domain in shuffled_domains:
|
|
||||||
if domain != current_domain:
|
|
||||||
yield domain
|
|
||||||
|
|
||||||
|
|
||||||
balancer = _Balancer()
|
|
||||||
+26
-20
@@ -7,7 +7,6 @@ from typing import Dict, List, Optional
|
|||||||
|
|
||||||
from .utils import *
|
from .utils import *
|
||||||
from .stats import stats
|
from .stats import stats
|
||||||
from .balancer import balancer
|
|
||||||
from .config import proxy_config
|
from .config import proxy_config
|
||||||
from .raw_websocket import RawWebSocket
|
from .raw_websocket import RawWebSocket
|
||||||
|
|
||||||
@@ -127,7 +126,7 @@ class MsgSplitter:
|
|||||||
|
|
||||||
|
|
||||||
async def do_fallback(reader, writer, relay_init, label,
|
async def do_fallback(reader, writer, relay_init, label,
|
||||||
dc: int, is_media: bool, media_tag: str,
|
dc, is_media, media_tag,
|
||||||
ctx: CryptoCtx, splitter=None):
|
ctx: CryptoCtx, splitter=None):
|
||||||
fallback_dst = DC_DEFAULT_IPS.get(dc)
|
fallback_dst = DC_DEFAULT_IPS.get(dc)
|
||||||
use_cf = proxy_config.fallback_cfproxy
|
use_cf = proxy_config.fallback_cfproxy
|
||||||
@@ -141,9 +140,9 @@ async def do_fallback(reader, writer, relay_init, label,
|
|||||||
for method in methods:
|
for method in methods:
|
||||||
if method == 'cf':
|
if method == 'cf':
|
||||||
ok = await _cfproxy_fallback(
|
ok = await _cfproxy_fallback(
|
||||||
reader, writer, relay_init, label, ctx,
|
reader, writer, relay_init, label,
|
||||||
dc=dc, is_media=is_media,
|
dc=dc, is_media=is_media,
|
||||||
splitter=splitter)
|
ctx=ctx, splitter=splitter)
|
||||||
if ok:
|
if ok:
|
||||||
return True
|
return True
|
||||||
elif method == 'tcp' and fallback_dst:
|
elif method == 'tcp' and fallback_dst:
|
||||||
@@ -151,24 +150,27 @@ async def do_fallback(reader, writer, relay_init, label,
|
|||||||
label, dc, media_tag, fallback_dst)
|
label, dc, media_tag, fallback_dst)
|
||||||
ok = await _tcp_fallback(
|
ok = await _tcp_fallback(
|
||||||
reader, writer, fallback_dst, 443,
|
reader, writer, fallback_dst, 443,
|
||||||
relay_init, label, ctx)
|
relay_init, label, dc=dc, is_media=is_media, ctx=ctx)
|
||||||
if ok:
|
if ok:
|
||||||
return True
|
return True
|
||||||
return False
|
return False
|
||||||
|
|
||||||
|
|
||||||
async def _cfproxy_fallback(reader, writer, relay_init, label,
|
async def _cfproxy_fallback(reader, writer, relay_init, label,
|
||||||
ctx: CryptoCtx,
|
dc=None, is_media=False,
|
||||||
dc: int, is_media: bool,
|
ctx: CryptoCtx = None, splitter=None):
|
||||||
splitter=None):
|
|
||||||
media_tag = ' media' if is_media else ''
|
media_tag = ' media' if is_media else ''
|
||||||
|
|
||||||
|
active = proxy_config.active_cfproxy_domain
|
||||||
|
others = [d for d in proxy_config.cfproxy_domains if d != active]
|
||||||
|
|
||||||
ws = None
|
ws = None
|
||||||
chosen_domain = None
|
chosen_domain = None
|
||||||
|
|
||||||
log.info("[%s] DC%d%s -> trying CF proxy",
|
log.info("[%s] DC%d%s -> trying CF proxy",
|
||||||
label, dc, media_tag)
|
label, dc, media_tag)
|
||||||
|
|
||||||
for base_domain in balancer.get_domains_for_dc(dc):
|
for base_domain in ([active] + others):
|
||||||
domain = f'kws{dc}.{base_domain}'
|
domain = f'kws{dc}.{base_domain}'
|
||||||
try:
|
try:
|
||||||
ws = await RawWebSocket.connect(domain, domain, timeout=10.0)
|
ws = await RawWebSocket.connect(domain, domain, timeout=10.0)
|
||||||
@@ -176,42 +178,45 @@ async def _cfproxy_fallback(reader, writer, relay_init, label,
|
|||||||
break
|
break
|
||||||
except Exception as exc:
|
except Exception as exc:
|
||||||
log.warning("[%s] DC%d%s CF proxy failed: %s",
|
log.warning("[%s] DC%d%s CF proxy failed: %s",
|
||||||
label, dc, media_tag, repr(exc))
|
label, dc, media_tag, exc)
|
||||||
|
|
||||||
if ws is None:
|
if ws is None:
|
||||||
return False
|
return False
|
||||||
|
|
||||||
if chosen_domain and balancer.update_domain_for_dc(dc, chosen_domain):
|
if chosen_domain and chosen_domain != proxy_config.active_cfproxy_domain:
|
||||||
log.info("[%s] Switched active CF domain", label)
|
log.info("[%s] Switching active CF domain", label)
|
||||||
|
proxy_config.active_cfproxy_domain = chosen_domain
|
||||||
|
|
||||||
stats.connections_cfproxy += 1
|
stats.connections_cfproxy += 1
|
||||||
await ws.send(relay_init)
|
await ws.send(relay_init)
|
||||||
await bridge_ws_reencrypt(reader, writer, ws, label, ctx,
|
await bridge_ws_reencrypt(reader, writer, ws, label,
|
||||||
dc=dc, is_media=is_media,
|
dc=dc, is_media=is_media,
|
||||||
splitter=splitter)
|
ctx=ctx, splitter=splitter)
|
||||||
return True
|
return True
|
||||||
|
|
||||||
|
|
||||||
async def _tcp_fallback(reader, writer, dst, port, relay_init, label, ctx: CryptoCtx):
|
async def _tcp_fallback(reader, writer, dst, port, relay_init, label,
|
||||||
|
dc=None, is_media=False, ctx: CryptoCtx = None):
|
||||||
try:
|
try:
|
||||||
rr, rw = await asyncio.wait_for(
|
rr, rw = await asyncio.wait_for(
|
||||||
asyncio.open_connection(dst, port), timeout=10)
|
asyncio.open_connection(dst, port), timeout=10)
|
||||||
except Exception as exc:
|
except Exception as exc:
|
||||||
log.warning("[%s] TCP fallback to %s:%d failed: %s",
|
log.warning("[%s] TCP fallback to %s:%d failed: %s",
|
||||||
label, dst, port, repr(exc))
|
label, dst, port, exc)
|
||||||
return False
|
return False
|
||||||
|
|
||||||
stats.connections_tcp_fallback += 1
|
stats.connections_tcp_fallback += 1
|
||||||
rw.write(relay_init)
|
rw.write(relay_init)
|
||||||
await rw.drain()
|
await rw.drain()
|
||||||
await _bridge_tcp_reencrypt(reader, writer, rr, rw, label, ctx)
|
await _bridge_tcp_reencrypt(reader, writer, rr, rw, label,
|
||||||
|
dc=dc, is_media=is_media, ctx=ctx)
|
||||||
return True
|
return True
|
||||||
|
|
||||||
|
|
||||||
async def bridge_ws_reencrypt(reader, writer, ws: RawWebSocket, label,
|
async def bridge_ws_reencrypt(reader, writer, ws: RawWebSocket, label,
|
||||||
ctx: CryptoCtx,
|
|
||||||
dc=None, is_media=False,
|
dc=None, is_media=False,
|
||||||
splitter: Optional[MsgSplitter] = None):
|
ctx: CryptoCtx = None,
|
||||||
|
splitter: MsgSplitter = None):
|
||||||
"""
|
"""
|
||||||
Bidirectional TCP(client) <-> WS(telegram) with re-encryption.
|
Bidirectional TCP(client) <-> WS(telegram) with re-encryption.
|
||||||
client ciphertext → decrypt(clt_key) → encrypt(tg_key) → WS
|
client ciphertext → decrypt(clt_key) → encrypt(tg_key) → WS
|
||||||
@@ -308,7 +313,8 @@ async def bridge_ws_reencrypt(reader, writer, ws: RawWebSocket, label,
|
|||||||
|
|
||||||
|
|
||||||
async def _bridge_tcp_reencrypt(reader, writer, remote_reader, remote_writer,
|
async def _bridge_tcp_reencrypt(reader, writer, remote_reader, remote_writer,
|
||||||
label, ctx: CryptoCtx):
|
label, dc=None, is_media=False,
|
||||||
|
ctx: CryptoCtx = None):
|
||||||
"""Bidirectional TCP <-> TCP with re-encryption."""
|
"""Bidirectional TCP <-> TCP with re-encryption."""
|
||||||
|
|
||||||
async def forward(src, dst_w, is_up):
|
async def forward(src, dst_w, is_up):
|
||||||
|
|||||||
+8
-6
@@ -9,8 +9,6 @@ from dataclasses import dataclass, field
|
|||||||
from typing import Dict, List
|
from typing import Dict, List
|
||||||
from urllib.request import Request, urlopen
|
from urllib.request import Request, urlopen
|
||||||
|
|
||||||
from .balancer import balancer
|
|
||||||
|
|
||||||
log = logging.getLogger('tg-mtproto-proxy')
|
log = logging.getLogger('tg-mtproto-proxy')
|
||||||
|
|
||||||
CFPROXY_DOMAINS_URL = (
|
CFPROXY_DOMAINS_URL = (
|
||||||
@@ -47,6 +45,8 @@ class ProxyConfig:
|
|||||||
fallback_cfproxy: bool = True
|
fallback_cfproxy: bool = True
|
||||||
fallback_cfproxy_priority: bool = True
|
fallback_cfproxy_priority: bool = True
|
||||||
cfproxy_user_domain: str = ''
|
cfproxy_user_domain: str = ''
|
||||||
|
cfproxy_domains: List[str] = field(default_factory=lambda: list(CFPROXY_DEFAULT_DOMAINS))
|
||||||
|
active_cfproxy_domain: str = field(default_factory=lambda: random.choice(CFPROXY_DEFAULT_DOMAINS))
|
||||||
fake_tls_domain: str = ''
|
fake_tls_domain: str = ''
|
||||||
proxy_protocol: bool = False
|
proxy_protocol: bool = False
|
||||||
|
|
||||||
@@ -66,7 +66,7 @@ def _fetch_cfproxy_domain_list() -> List[str]:
|
|||||||
]
|
]
|
||||||
return [_dd(d) for d in encoded]
|
return [_dd(d) for d in encoded]
|
||||||
except Exception as exc:
|
except Exception as exc:
|
||||||
log.warning("Failed to fetch CF proxy domain list: %s", repr(exc))
|
log.warning("Failed to fetch CF proxy domain list: %s", exc)
|
||||||
return []
|
return []
|
||||||
|
|
||||||
|
|
||||||
@@ -79,8 +79,12 @@ def refresh_cfproxy_domains() -> None:
|
|||||||
if fetched:
|
if fetched:
|
||||||
seen = set()
|
seen = set()
|
||||||
pool = [d for d in fetched if not (d in seen or seen.add(d))]
|
pool = [d for d in fetched if not (d in seen or seen.add(d))]
|
||||||
balancer.update_domains_list(pool)
|
|
||||||
log.info("CF proxy domain pool updated from GitHub (%d domains)", len(pool))
|
log.info("CF proxy domain pool updated from GitHub (%d domains)", len(pool))
|
||||||
|
else:
|
||||||
|
pool = list(proxy_config.cfproxy_domains) or list(CFPROXY_DEFAULT_DOMAINS)
|
||||||
|
|
||||||
|
proxy_config.cfproxy_domains = pool
|
||||||
|
proxy_config.active_cfproxy_domain = random.choice(pool)
|
||||||
|
|
||||||
|
|
||||||
_refresh_stop: threading.Event = threading.Event()
|
_refresh_stop: threading.Event = threading.Event()
|
||||||
@@ -92,8 +96,6 @@ def start_cfproxy_domain_refresh() -> None:
|
|||||||
_refresh_stop = threading.Event()
|
_refresh_stop = threading.Event()
|
||||||
stop = _refresh_stop
|
stop = _refresh_stop
|
||||||
|
|
||||||
balancer.update_domains_list(CFPROXY_DEFAULT_DOMAINS)
|
|
||||||
|
|
||||||
def _loop():
|
def _loop():
|
||||||
refresh_cfproxy_domains()
|
refresh_cfproxy_domains()
|
||||||
while not stop.wait(timeout=3600):
|
while not stop.wait(timeout=3600):
|
||||||
|
|||||||
+2
-2
@@ -213,8 +213,8 @@ async def proxy_to_masking_domain(reader, writer, initial_data: bytes,
|
|||||||
up_reader, up_writer = await asyncio.wait_for(
|
up_reader, up_writer = await asyncio.wait_for(
|
||||||
asyncio.open_connection(domain, 443), timeout=10)
|
asyncio.open_connection(domain, 443), timeout=10)
|
||||||
except Exception as exc:
|
except Exception as exc:
|
||||||
log.warning("[%s] masking: cannot connect to %s:443: %s",
|
log.debug("[%s] masking: cannot connect to %s:443: %s",
|
||||||
label, domain, repr(exc))
|
label, domain, exc)
|
||||||
return
|
return
|
||||||
|
|
||||||
log.debug("[%s] masking -> %s:443", label, domain)
|
log.debug("[%s] masking -> %s:443", label, domain)
|
||||||
|
|||||||
@@ -25,7 +25,7 @@ _ssl_ctx.verify_mode = ssl.CERT_NONE
|
|||||||
|
|
||||||
class WsHandshakeError(Exception):
|
class WsHandshakeError(Exception):
|
||||||
def __init__(self, status_code: int, status_line: str,
|
def __init__(self, status_code: int, status_line: str,
|
||||||
headers: Optional[dict] = None, location: Optional[str] = None):
|
headers: dict = None, location: str = None):
|
||||||
self.status_code = status_code
|
self.status_code = status_code
|
||||||
self.status_line = status_line
|
self.status_line = status_line
|
||||||
self.headers = headers or {}
|
self.headers = headers or {}
|
||||||
|
|||||||
+156
-161
@@ -4,6 +4,7 @@ import os
|
|||||||
import sys
|
import sys
|
||||||
import time
|
import time
|
||||||
import struct
|
import struct
|
||||||
|
import random
|
||||||
import asyncio
|
import asyncio
|
||||||
import hashlib
|
import hashlib
|
||||||
import argparse
|
import argparse
|
||||||
@@ -24,19 +25,18 @@ if __name__ == '__main__' and (__package__ is None or __package__ == ''):
|
|||||||
|
|
||||||
from .utils import *
|
from .utils import *
|
||||||
from .stats import stats
|
from .stats import stats
|
||||||
from .config import proxy_config, parse_dc_ip_list, start_cfproxy_domain_refresh
|
from .config import proxy_config, parse_dc_ip_list, start_cfproxy_domain_refresh, CFPROXY_DEFAULT_DOMAINS
|
||||||
from .bridge import MsgSplitter, CryptoCtx, do_fallback, bridge_ws_reencrypt
|
from .bridge import MsgSplitter, CryptoCtx, do_fallback, bridge_ws_reencrypt
|
||||||
from .raw_websocket import RawWebSocket, WsHandshakeError, set_sock_opts
|
from .raw_websocket import RawWebSocket, WsHandshakeError, set_sock_opts
|
||||||
from .fake_tls import proxy_to_masking_domain, verify_client_hello, build_server_hello, FakeTlsStream, TLS_RECORD_HANDSHAKE
|
from .fake_tls import proxy_to_masking_domain, verify_client_hello, build_server_hello, FakeTlsStream, TLS_RECORD_HANDSHAKE
|
||||||
from .balancer import balancer
|
|
||||||
|
|
||||||
|
|
||||||
log = logging.getLogger('tg-mtproto-proxy')
|
log = logging.getLogger('tg-mtproto-proxy')
|
||||||
|
|
||||||
DC_FAIL_COOLDOWN = 30.0
|
DC_FAIL_COOLDOWN = 30.0
|
||||||
WS_FAIL_TIMEOUT = 2.0
|
WS_FAIL_TIMEOUT = 2.0
|
||||||
ws_blacklist: Set[str] = set()
|
ws_blacklist: Set[Tuple[int, bool]] = set()
|
||||||
dc_fail_until: Dict[str, float] = {}
|
dc_fail_until: Dict[Tuple[int, bool], float] = {}
|
||||||
|
|
||||||
|
|
||||||
def _try_handshake(handshake: bytes, secret: bytes) -> Optional[Tuple[int, bool, bytes, bytes]]:
|
def _try_handshake(handshake: bytes, secret: bytes) -> Optional[Tuple[int, bool, bytes, bytes]]:
|
||||||
@@ -191,7 +191,7 @@ class _WsPool:
|
|||||||
except Exception:
|
except Exception:
|
||||||
pass
|
pass
|
||||||
|
|
||||||
async def warmup(self, dc_redirects: Dict[int, str]):
|
async def warmup(self, dc_redirects: Dict[int, Optional[str]]):
|
||||||
for dc, target_ip in dc_redirects.items():
|
for dc, target_ip in dc_redirects.items():
|
||||||
if target_ip is None:
|
if target_ip is None:
|
||||||
continue
|
continue
|
||||||
@@ -207,146 +207,6 @@ class _WsPool:
|
|||||||
_ws_pool = _WsPool()
|
_ws_pool = _WsPool()
|
||||||
|
|
||||||
|
|
||||||
async def _read_client_init(reader, writer, secret, label, masking):
|
|
||||||
if proxy_config.proxy_protocol:
|
|
||||||
try:
|
|
||||||
pp_line = await asyncio.wait_for(
|
|
||||||
reader.readline(), timeout=10)
|
|
||||||
except asyncio.IncompleteReadError:
|
|
||||||
log.debug("[%s] disconnected during PROXY header", label)
|
|
||||||
return None
|
|
||||||
pp_text = pp_line.decode('ascii', errors='replace').strip()
|
|
||||||
if pp_text.startswith('PROXY '):
|
|
||||||
parts = pp_text.split()
|
|
||||||
if len(parts) >= 6:
|
|
||||||
label = f"{parts[2]}:{parts[4]}"
|
|
||||||
log.debug("[%s] PROXY protocol: %s", label, pp_text)
|
|
||||||
else:
|
|
||||||
log.debug("[%s] expected PROXY header, got: %r", label,
|
|
||||||
pp_text[:60])
|
|
||||||
|
|
||||||
try:
|
|
||||||
first_byte = await asyncio.wait_for(
|
|
||||||
reader.readexactly(1), timeout=10)
|
|
||||||
except asyncio.IncompleteReadError:
|
|
||||||
log.debug("[%s] client disconnected before handshake", label)
|
|
||||||
return None
|
|
||||||
|
|
||||||
if first_byte[0] == TLS_RECORD_HANDSHAKE and masking:
|
|
||||||
try:
|
|
||||||
hdr_rest = await asyncio.wait_for(
|
|
||||||
reader.readexactly(4), timeout=10)
|
|
||||||
except asyncio.IncompleteReadError:
|
|
||||||
log.debug("[%s] incomplete TLS record header", label)
|
|
||||||
return None
|
|
||||||
|
|
||||||
tls_header = first_byte + hdr_rest
|
|
||||||
record_len = struct.unpack('>H', tls_header[3:5])[0]
|
|
||||||
|
|
||||||
try:
|
|
||||||
record_body = await asyncio.wait_for(
|
|
||||||
reader.readexactly(record_len), timeout=10)
|
|
||||||
except asyncio.IncompleteReadError:
|
|
||||||
log.debug("[%s] incomplete TLS record body", label)
|
|
||||||
return None
|
|
||||||
|
|
||||||
client_hello = tls_header + record_body
|
|
||||||
|
|
||||||
tls_result = verify_client_hello(client_hello, secret)
|
|
||||||
|
|
||||||
if tls_result is None:
|
|
||||||
log.debug("[%s] Fake TLS verify failed (size=%d rec=%d) "
|
|
||||||
"-> masking",
|
|
||||||
label, len(client_hello), record_len)
|
|
||||||
await proxy_to_masking_domain(
|
|
||||||
reader, writer, client_hello, masking, label)
|
|
||||||
return None
|
|
||||||
|
|
||||||
client_random, session_id, ts = tls_result
|
|
||||||
log.debug("[%s] Fake TLS handshake ok (ts=%d)", label, ts)
|
|
||||||
|
|
||||||
server_hello = build_server_hello(secret, client_random, session_id)
|
|
||||||
writer.write(server_hello)
|
|
||||||
await writer.drain()
|
|
||||||
|
|
||||||
tls_stream = FakeTlsStream(reader, writer)
|
|
||||||
|
|
||||||
try:
|
|
||||||
handshake = await asyncio.wait_for(
|
|
||||||
tls_stream.readexactly(HANDSHAKE_LEN), timeout=10)
|
|
||||||
except asyncio.IncompleteReadError:
|
|
||||||
log.debug("[%s] incomplete obfs2 init inside TLS", label)
|
|
||||||
return None
|
|
||||||
|
|
||||||
return handshake, tls_stream, tls_stream, label
|
|
||||||
|
|
||||||
elif masking:
|
|
||||||
log.debug("[%s] non-TLS byte 0x%02X -> HTTP redirect", label,
|
|
||||||
first_byte[0])
|
|
||||||
redirect = (
|
|
||||||
f"HTTP/1.1 301 Moved Permanently\r\n"
|
|
||||||
f"Location: https://{masking}/\r\n"
|
|
||||||
f"Content-Length: 0\r\n"
|
|
||||||
f"Connection: close\r\n\r\n"
|
|
||||||
).encode()
|
|
||||||
writer.write(redirect)
|
|
||||||
await writer.drain()
|
|
||||||
return None
|
|
||||||
|
|
||||||
else:
|
|
||||||
try:
|
|
||||||
rest = await asyncio.wait_for(
|
|
||||||
reader.readexactly(HANDSHAKE_LEN - 1), timeout=10)
|
|
||||||
except asyncio.IncompleteReadError:
|
|
||||||
log.debug("[%s] client disconnected before handshake", label)
|
|
||||||
return None
|
|
||||||
return first_byte + rest, reader, writer, label
|
|
||||||
|
|
||||||
|
|
||||||
def _build_crypto_ctx(client_dec_prekey_iv, secret, relay_init):
|
|
||||||
# key = SHA256(prekey + secret), iv from handshake
|
|
||||||
# "dec" = decrypt data from client; "enc" = encrypt data to client
|
|
||||||
clt_dec_prekey = client_dec_prekey_iv[:PREKEY_LEN]
|
|
||||||
clt_dec_iv = client_dec_prekey_iv[PREKEY_LEN:]
|
|
||||||
clt_dec_key = hashlib.sha256(clt_dec_prekey + secret).digest()
|
|
||||||
|
|
||||||
clt_enc_prekey_iv = client_dec_prekey_iv[::-1]
|
|
||||||
clt_enc_key = hashlib.sha256(
|
|
||||||
clt_enc_prekey_iv[:PREKEY_LEN] + secret).digest()
|
|
||||||
clt_enc_iv = clt_enc_prekey_iv[PREKEY_LEN:]
|
|
||||||
|
|
||||||
clt_decryptor = Cipher(
|
|
||||||
algorithms.AES(clt_dec_key), modes.CTR(clt_dec_iv)
|
|
||||||
).encryptor()
|
|
||||||
clt_encryptor = Cipher(
|
|
||||||
algorithms.AES(clt_enc_key), modes.CTR(clt_enc_iv)
|
|
||||||
).encryptor()
|
|
||||||
|
|
||||||
# fast-forward client decryptor past the 64-byte init
|
|
||||||
clt_decryptor.update(ZERO_64)
|
|
||||||
|
|
||||||
# relay side: standard obfuscation (no secret hash, raw key)
|
|
||||||
relay_enc_key = relay_init[SKIP_LEN:SKIP_LEN + PREKEY_LEN]
|
|
||||||
relay_enc_iv = relay_init[SKIP_LEN + PREKEY_LEN:
|
|
||||||
SKIP_LEN + PREKEY_LEN + IV_LEN]
|
|
||||||
|
|
||||||
relay_dec_prekey_iv = relay_init[SKIP_LEN:
|
|
||||||
SKIP_LEN + PREKEY_LEN + IV_LEN][::-1]
|
|
||||||
relay_dec_key = relay_dec_prekey_iv[:KEY_LEN]
|
|
||||||
relay_dec_iv = relay_dec_prekey_iv[KEY_LEN:]
|
|
||||||
|
|
||||||
tg_encryptor = Cipher(
|
|
||||||
algorithms.AES(relay_enc_key), modes.CTR(relay_enc_iv)
|
|
||||||
).encryptor()
|
|
||||||
tg_decryptor = Cipher(
|
|
||||||
algorithms.AES(relay_dec_key), modes.CTR(relay_dec_iv)
|
|
||||||
).encryptor()
|
|
||||||
|
|
||||||
tg_encryptor.update(ZERO_64)
|
|
||||||
|
|
||||||
return CryptoCtx(clt_decryptor, clt_encryptor, tg_encryptor, tg_decryptor)
|
|
||||||
|
|
||||||
|
|
||||||
async def _handle_client(reader, writer, secret: bytes):
|
async def _handle_client(reader, writer, secret: bytes):
|
||||||
stats.connections_total += 1
|
stats.connections_total += 1
|
||||||
stats.connections_active += 1
|
stats.connections_active += 1
|
||||||
@@ -355,25 +215,115 @@ async def _handle_client(reader, writer, secret: bytes):
|
|||||||
|
|
||||||
set_sock_opts(writer.transport, proxy_config.buffer_size)
|
set_sock_opts(writer.transport, proxy_config.buffer_size)
|
||||||
|
|
||||||
|
tls_stream = None
|
||||||
|
masking = proxy_config.fake_tls_domain
|
||||||
|
|
||||||
try:
|
try:
|
||||||
init = await _read_client_init(
|
if proxy_config.proxy_protocol:
|
||||||
reader, writer, secret, label, proxy_config.fake_tls_domain)
|
try:
|
||||||
if init is None:
|
pp_line = await asyncio.wait_for(
|
||||||
|
reader.readline(), timeout=10)
|
||||||
|
except asyncio.IncompleteReadError:
|
||||||
|
log.debug("[%s] disconnected during PROXY header", label)
|
||||||
|
return
|
||||||
|
pp_text = pp_line.decode('ascii', errors='replace').strip()
|
||||||
|
if pp_text.startswith('PROXY '):
|
||||||
|
parts = pp_text.split()
|
||||||
|
if len(parts) >= 6:
|
||||||
|
label = f"{parts[2]}:{parts[4]}"
|
||||||
|
log.debug("[%s] PROXY protocol: %s", label, pp_text)
|
||||||
|
else:
|
||||||
|
log.debug("[%s] expected PROXY header, got: %r", label,
|
||||||
|
pp_text[:60])
|
||||||
|
|
||||||
|
try:
|
||||||
|
first_byte = await asyncio.wait_for(
|
||||||
|
reader.readexactly(1), timeout=10)
|
||||||
|
except asyncio.IncompleteReadError:
|
||||||
|
log.debug("[%s] client disconnected before handshake", label)
|
||||||
return
|
return
|
||||||
|
|
||||||
handshake, clt_reader, clt_writer, label = init
|
if first_byte[0] == TLS_RECORD_HANDSHAKE and masking:
|
||||||
|
try:
|
||||||
|
hdr_rest = await asyncio.wait_for(
|
||||||
|
reader.readexactly(4), timeout=10)
|
||||||
|
except asyncio.IncompleteReadError:
|
||||||
|
log.debug("[%s] incomplete TLS record header", label)
|
||||||
|
return
|
||||||
|
|
||||||
|
tls_header = first_byte + hdr_rest
|
||||||
|
record_len = struct.unpack('>H', tls_header[3:5])[0]
|
||||||
|
|
||||||
|
try:
|
||||||
|
record_body = await asyncio.wait_for(
|
||||||
|
reader.readexactly(record_len), timeout=10)
|
||||||
|
except asyncio.IncompleteReadError:
|
||||||
|
log.debug("[%s] incomplete TLS record body", label)
|
||||||
|
return
|
||||||
|
|
||||||
|
client_hello = tls_header + record_body
|
||||||
|
|
||||||
|
tls_result = verify_client_hello(client_hello, secret)
|
||||||
|
|
||||||
|
if tls_result is None:
|
||||||
|
log.debug("[%s] Fake TLS verify failed (size=%d rec=%d) "
|
||||||
|
"-> masking",
|
||||||
|
label, len(client_hello), record_len)
|
||||||
|
await proxy_to_masking_domain(
|
||||||
|
reader, writer, client_hello, masking, label)
|
||||||
|
return
|
||||||
|
|
||||||
|
client_random, session_id, ts = tls_result
|
||||||
|
log.debug("[%s] Fake TLS handshake ok (ts=%d)", label, ts)
|
||||||
|
|
||||||
|
server_hello = build_server_hello(secret, client_random, session_id)
|
||||||
|
writer.write(server_hello)
|
||||||
|
await writer.drain()
|
||||||
|
|
||||||
|
tls_stream = FakeTlsStream(reader, writer)
|
||||||
|
|
||||||
|
try:
|
||||||
|
handshake = await asyncio.wait_for(
|
||||||
|
tls_stream.readexactly(HANDSHAKE_LEN), timeout=10)
|
||||||
|
except asyncio.IncompleteReadError:
|
||||||
|
log.debug("[%s] incomplete obfs2 init inside TLS", label)
|
||||||
|
return
|
||||||
|
elif masking:
|
||||||
|
log.debug("[%s] non-TLS byte 0x%02X -> HTTP redirect", label,
|
||||||
|
first_byte[0])
|
||||||
|
redirect = (
|
||||||
|
f"HTTP/1.1 301 Moved Permanently\r\n"
|
||||||
|
f"Location: https://{masking}/\r\n"
|
||||||
|
f"Content-Length: 0\r\n"
|
||||||
|
f"Connection: close\r\n\r\n"
|
||||||
|
).encode()
|
||||||
|
writer.write(redirect)
|
||||||
|
await writer.drain()
|
||||||
|
return
|
||||||
|
else:
|
||||||
|
try:
|
||||||
|
rest = await asyncio.wait_for(
|
||||||
|
reader.readexactly(HANDSHAKE_LEN - 1), timeout=10)
|
||||||
|
except asyncio.IncompleteReadError:
|
||||||
|
log.debug("[%s] client disconnected before handshake", label)
|
||||||
|
return
|
||||||
|
handshake = first_byte + rest
|
||||||
|
|
||||||
result = _try_handshake(handshake, secret)
|
result = _try_handshake(handshake, secret)
|
||||||
if result is None:
|
if result is None:
|
||||||
stats.connections_bad += 1
|
stats.connections_bad += 1
|
||||||
log.warning("[%s] bad handshake (wrong secret or proto)", label)
|
log.debug("[%s] bad handshake (wrong secret or proto)", label)
|
||||||
try:
|
try:
|
||||||
while await clt_reader.read(4096):
|
drain_src = tls_stream or reader
|
||||||
|
while await drain_src.read(4096):
|
||||||
pass
|
pass
|
||||||
except Exception:
|
except Exception:
|
||||||
pass
|
pass
|
||||||
return
|
return
|
||||||
|
|
||||||
|
clt_reader = tls_stream or reader
|
||||||
|
clt_writer = tls_stream or writer
|
||||||
|
|
||||||
dc, is_media, proto_tag, client_dec_prekey_iv = result
|
dc, is_media, proto_tag, client_dec_prekey_iv = result
|
||||||
|
|
||||||
if proto_tag == PROTO_TAG_ABRIDGED:
|
if proto_tag == PROTO_TAG_ABRIDGED:
|
||||||
@@ -389,7 +339,48 @@ async def _handle_client(reader, writer, secret: bytes):
|
|||||||
label, dc, ' media' if is_media else '', proto_int)
|
label, dc, ' media' if is_media else '', proto_int)
|
||||||
|
|
||||||
relay_init = _generate_relay_init(proto_tag, dc_idx)
|
relay_init = _generate_relay_init(proto_tag, dc_idx)
|
||||||
ctx = _build_crypto_ctx(client_dec_prekey_iv, secret, relay_init)
|
|
||||||
|
# key = SHA256(prekey + secret), iv from handshake
|
||||||
|
# "dec" = decrypt data from client; "enc" = encrypt data to client
|
||||||
|
clt_dec_prekey = client_dec_prekey_iv[:PREKEY_LEN]
|
||||||
|
clt_dec_iv = client_dec_prekey_iv[PREKEY_LEN:]
|
||||||
|
clt_dec_key = hashlib.sha256(clt_dec_prekey + secret).digest()
|
||||||
|
|
||||||
|
clt_enc_prekey_iv = client_dec_prekey_iv[::-1]
|
||||||
|
clt_enc_key = hashlib.sha256(
|
||||||
|
clt_enc_prekey_iv[:PREKEY_LEN] + secret).digest()
|
||||||
|
clt_enc_iv = clt_enc_prekey_iv[PREKEY_LEN:]
|
||||||
|
|
||||||
|
clt_decryptor = Cipher(
|
||||||
|
algorithms.AES(clt_dec_key), modes.CTR(clt_dec_iv)
|
||||||
|
).encryptor()
|
||||||
|
clt_encryptor = Cipher(
|
||||||
|
algorithms.AES(clt_enc_key), modes.CTR(clt_enc_iv)
|
||||||
|
).encryptor()
|
||||||
|
|
||||||
|
# fast-forward client decryptor past the 64-byte init
|
||||||
|
clt_decryptor.update(ZERO_64)
|
||||||
|
|
||||||
|
# relay side: standard obfuscation (no secret hash, raw key)
|
||||||
|
relay_enc_key = relay_init[SKIP_LEN:SKIP_LEN + PREKEY_LEN]
|
||||||
|
relay_enc_iv = relay_init[SKIP_LEN + PREKEY_LEN:
|
||||||
|
SKIP_LEN + PREKEY_LEN + IV_LEN]
|
||||||
|
|
||||||
|
relay_dec_prekey_iv = relay_init[SKIP_LEN:
|
||||||
|
SKIP_LEN + PREKEY_LEN + IV_LEN][::-1]
|
||||||
|
relay_dec_key = relay_dec_prekey_iv[:KEY_LEN]
|
||||||
|
relay_dec_iv = relay_dec_prekey_iv[KEY_LEN:]
|
||||||
|
|
||||||
|
tg_encryptor = Cipher(
|
||||||
|
algorithms.AES(relay_enc_key), modes.CTR(relay_enc_iv)
|
||||||
|
).encryptor()
|
||||||
|
tg_decryptor = Cipher(
|
||||||
|
algorithms.AES(relay_dec_key), modes.CTR(relay_dec_iv)
|
||||||
|
).encryptor()
|
||||||
|
|
||||||
|
tg_encryptor.update(ZERO_64)
|
||||||
|
|
||||||
|
ctx = CryptoCtx(clt_decryptor, clt_encryptor, tg_encryptor, tg_decryptor)
|
||||||
|
|
||||||
dc_key = f'{dc}{"m" if is_media else ""}'
|
dc_key = f'{dc}{"m" if is_media else ""}'
|
||||||
media_tag = " media" if is_media else ""
|
media_tag = " media" if is_media else ""
|
||||||
@@ -457,7 +448,7 @@ async def _handle_client(reader, writer, secret: bytes):
|
|||||||
stats.ws_errors += 1
|
stats.ws_errors += 1
|
||||||
all_redirects = False
|
all_redirects = False
|
||||||
log.warning("[%s] DC%d%s WS connect failed: %s",
|
log.warning("[%s] DC%d%s WS connect failed: %s",
|
||||||
label, dc, media_tag, repr(exc))
|
label, dc, media_tag, exc)
|
||||||
|
|
||||||
# WS failed -> fallback
|
# WS failed -> fallback
|
||||||
if ws is None:
|
if ws is None:
|
||||||
@@ -499,9 +490,9 @@ async def _handle_client(reader, writer, secret: bytes):
|
|||||||
|
|
||||||
await ws.send(relay_init)
|
await ws.send(relay_init)
|
||||||
|
|
||||||
await bridge_ws_reencrypt(clt_reader, clt_writer, ws, label, ctx,
|
await bridge_ws_reencrypt(clt_reader, clt_writer, ws, label,
|
||||||
dc=dc, is_media=is_media,
|
dc=dc, is_media=is_media,
|
||||||
splitter=splitter)
|
ctx=ctx, splitter=splitter)
|
||||||
|
|
||||||
except asyncio.TimeoutError:
|
except asyncio.TimeoutError:
|
||||||
log.warning("[%s] timeout during handshake", label)
|
log.warning("[%s] timeout during handshake", label)
|
||||||
@@ -515,7 +506,7 @@ async def _handle_client(reader, writer, secret: bytes):
|
|||||||
if getattr(exc, 'winerror', None) == 1236:
|
if getattr(exc, 'winerror', None) == 1236:
|
||||||
log.debug("[%s] connection aborted by local system", label)
|
log.debug("[%s] connection aborted by local system", label)
|
||||||
else:
|
else:
|
||||||
log.error("[%s] unexpected OS error: %s", label, repr(exc))
|
log.error("[%s] unexpected OS error: %s", label, exc)
|
||||||
except Exception as exc:
|
except Exception as exc:
|
||||||
log.error("[%s] unexpected: %s", label, exc, exc_info=True)
|
log.error("[%s] unexpected: %s", label, exc, exc_info=True)
|
||||||
finally:
|
finally:
|
||||||
@@ -544,8 +535,11 @@ async def _run(stop_event: Optional[asyncio.Event] = None):
|
|||||||
if proxy_config.fallback_cfproxy:
|
if proxy_config.fallback_cfproxy:
|
||||||
user = proxy_config.cfproxy_user_domain
|
user = proxy_config.cfproxy_user_domain
|
||||||
if user:
|
if user:
|
||||||
balancer.update_domains_list([user])
|
proxy_config.cfproxy_domains = [user]
|
||||||
|
proxy_config.active_cfproxy_domain = user
|
||||||
else:
|
else:
|
||||||
|
proxy_config.cfproxy_domains = list(CFPROXY_DEFAULT_DOMAINS)
|
||||||
|
proxy_config.active_cfproxy_domain = random.choice(CFPROXY_DEFAULT_DOMAINS)
|
||||||
start_cfproxy_domain_refresh()
|
start_cfproxy_domain_refresh()
|
||||||
|
|
||||||
secret_bytes = bytes.fromhex(proxy_config.secret)
|
secret_bytes = bytes.fromhex(proxy_config.secret)
|
||||||
@@ -591,11 +585,12 @@ async def _run(stop_event: Optional[asyncio.Event] = None):
|
|||||||
user_domain = "user" if proxy_config.cfproxy_user_domain else "auto"
|
user_domain = "user" if proxy_config.cfproxy_user_domain else "auto"
|
||||||
log.info(" CF proxy: enabled (%s | %s)", prio, user_domain)
|
log.info(" CF proxy: enabled (%s | %s)", prio, user_domain)
|
||||||
log.info("=" * 60)
|
log.info("=" * 60)
|
||||||
log.info(" Connect:")
|
log.info(" Connect links:")
|
||||||
if ftls:
|
if ftls:
|
||||||
log.info(" %s", ee_link)
|
log.info(" ee (Fake TLS): %s", ee_link)
|
||||||
else:
|
else:
|
||||||
log.info(" %s", dd_link)
|
log.info(" (standard): %s", proxy_config.secret)
|
||||||
|
log.info(" dd (random padding): %s", dd_link)
|
||||||
log.info("=" * 60)
|
log.info("=" * 60)
|
||||||
|
|
||||||
async def log_stats():
|
async def log_stats():
|
||||||
@@ -721,7 +716,7 @@ def main():
|
|||||||
proxy_config.pool_size = max(0, args.pool_size)
|
proxy_config.pool_size = max(0, args.pool_size)
|
||||||
proxy_config.fallback_cfproxy = not args.no_cfproxy
|
proxy_config.fallback_cfproxy = not args.no_cfproxy
|
||||||
proxy_config.fallback_cfproxy_priority = args.cfproxy_priority
|
proxy_config.fallback_cfproxy_priority = args.cfproxy_priority
|
||||||
proxy_config.cfproxy_user_domain = args.cfproxy_domain.strip()
|
proxy_config.cfproxy_user_domain = args.cfproxy_domain
|
||||||
proxy_config.fake_tls_domain = args.fake_tls_domain.strip()
|
proxy_config.fake_tls_domain = args.fake_tls_domain.strip()
|
||||||
proxy_config.proxy_protocol = args.proxy_protocol
|
proxy_config.proxy_protocol = args.proxy_protocol
|
||||||
|
|
||||||
|
|||||||
+1
-1
@@ -31,7 +31,7 @@ def human_bytes(n: int) -> str:
|
|||||||
for unit in ('B', 'KB', 'MB', 'GB'):
|
for unit in ('B', 'KB', 'MB', 'GB'):
|
||||||
if abs(n) < 1024:
|
if abs(n) < 1024:
|
||||||
return f"{n:.1f}{unit}"
|
return f"{n:.1f}{unit}"
|
||||||
n /= 1024 # type: ignore
|
n /= 1024
|
||||||
return f"{n:.1f}TB"
|
return f"{n:.1f}TB"
|
||||||
|
|
||||||
|
|
||||||
|
|||||||
+3
-3
@@ -6,7 +6,7 @@ from dataclasses import dataclass
|
|||||||
from typing import Any, Callable, Dict, List, Optional, Tuple, Union
|
from typing import Any, Callable, Dict, List, Optional, Tuple, Union
|
||||||
|
|
||||||
from proxy import __version__, get_link_host, parse_dc_ip_list
|
from proxy import __version__, get_link_host, parse_dc_ip_list
|
||||||
from proxy.balancer import balancer
|
from proxy.config import proxy_config
|
||||||
from utils.update_check import RELEASES_PAGE_URL, get_status
|
from utils.update_check import RELEASES_PAGE_URL, get_status
|
||||||
|
|
||||||
|
|
||||||
@@ -358,7 +358,7 @@ def install_tray_config_form(
|
|||||||
text_color="#ffffff", border_width=0,
|
text_color="#ffffff", border_width=0,
|
||||||
command=lambda: (
|
command=lambda: (
|
||||||
header.winfo_toplevel().iconify(),
|
header.winfo_toplevel().iconify(),
|
||||||
webbrowser.open("https://github.com/Flowseal/tg-ws-proxy/blob/main/docs/Funding.md"),
|
webbrowser.open("https://github.com/Flowseal/tg-ws-proxy/blob/main/docs/README.md"),
|
||||||
),
|
),
|
||||||
).pack(side="right", padx=(0, 6))
|
).pack(side="right", padx=(0, 6))
|
||||||
|
|
||||||
@@ -451,7 +451,7 @@ def install_tray_config_form(
|
|||||||
_threading.Thread(target=_worker, daemon=True).start()
|
_threading.Thread(target=_worker, daemon=True).start()
|
||||||
else:
|
else:
|
||||||
def _worker_auto():
|
def _worker_auto():
|
||||||
ok_domain, res = _run_cfproxy_auto_test(balancer.domains)
|
ok_domain, res = _run_cfproxy_auto_test(proxy_config.cfproxy_domains)
|
||||||
if btn:
|
if btn:
|
||||||
btn.after(0, lambda: btn.configure(text="Тест", state="normal"))
|
btn.after(0, lambda: btn.configure(text="Тест", state="normal"))
|
||||||
btn.after(0, lambda: _cfproxy_show_auto_test_results(ok_domain, res))
|
btn.after(0, lambda: _cfproxy_show_auto_test_results(ok_domain, res))
|
||||||
|
|||||||
@@ -132,7 +132,7 @@ def load_config() -> dict:
|
|||||||
data.setdefault(k, v)
|
data.setdefault(k, v)
|
||||||
return data
|
return data
|
||||||
except Exception as exc:
|
except Exception as exc:
|
||||||
log.warning("Failed to load config: %s", repr(exc))
|
log.warning("Failed to load config: %s", exc)
|
||||||
return dict(DEFAULT_CONFIG)
|
return dict(DEFAULT_CONFIG)
|
||||||
|
|
||||||
|
|
||||||
@@ -242,7 +242,7 @@ def _run_proxy_thread(on_port_busy: Callable[[str], None]) -> None:
|
|||||||
try:
|
try:
|
||||||
loop.run_until_complete(_run(stop_event=stop_ev))
|
loop.run_until_complete(_run(stop_event=stop_ev))
|
||||||
except Exception as exc:
|
except Exception as exc:
|
||||||
log.error("Proxy thread crashed: %s", repr(exc))
|
log.error("Proxy thread crashed: %s", exc)
|
||||||
if "Address already in use" in str(exc) or "10048" in str(exc):
|
if "Address already in use" in str(exc) or "10048" in str(exc):
|
||||||
on_port_busy(
|
on_port_busy(
|
||||||
"Не удалось запустить прокси:\n"
|
"Не удалось запустить прокси:\n"
|
||||||
@@ -391,7 +391,7 @@ def maybe_notify_update(
|
|||||||
):
|
):
|
||||||
webbrowser.open(url)
|
webbrowser.open(url)
|
||||||
except Exception as exc:
|
except Exception as exc:
|
||||||
log.warning("Update check failed: %s", repr(exc))
|
log.debug("Update check failed: %s", exc)
|
||||||
|
|
||||||
threading.Thread(target=_work, daemon=True, name="update-check").start()
|
threading.Thread(target=_work, daemon=True, name="update-check").start()
|
||||||
|
|
||||||
|
|||||||
+6
-1
@@ -383,9 +383,14 @@ def run_tray() -> None:
|
|||||||
|
|
||||||
|
|
||||||
def main() -> None:
|
def main() -> None:
|
||||||
if (mutex_result := _acquire_win_mutex()) is False or mutex_result is None and not acquire_lock():
|
if mutex_result := _acquire_win_mutex() is False:
|
||||||
_show_info("Приложение уже запущено.", os.path.basename(sys.argv[0]))
|
_show_info("Приложение уже запущено.", os.path.basename(sys.argv[0]))
|
||||||
return
|
return
|
||||||
|
if mutex_result is None:
|
||||||
|
log.warning("Named mutex unavailable, falling back to lock file")
|
||||||
|
if not acquire_lock():
|
||||||
|
_show_info("Приложение уже запущено.", os.path.basename(sys.argv[0]))
|
||||||
|
return
|
||||||
|
|
||||||
try:
|
try:
|
||||||
run_tray()
|
run_tray()
|
||||||
|
|||||||
Reference in New Issue
Block a user