Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add Authority to gRPC Transport #3076

Merged
merged 1 commit into from
Feb 29, 2024
Merged

Add Authority to gRPC Transport #3076

merged 1 commit into from
Feb 29, 2024

Conversation

RPRX
Copy link
Member

@RPRX RPRX commented Feb 29, 2024
edited
Loading

今天心血来潮,想研究一下凭啥 gRPC 不能设置 Host,遂发现它有 Authority 可以当 Host 来用

这个 PR 可以实现 TLS ServerName 和 gRPC Authority 不同,已测试兼容 Cloudflare

但是不能让 gRPC 控制 TLS,否则会报错两个值不同,故代码里做了分离

这下 gRPC 也能“域前置”了,没有 ALPN 问题,三年前就该出的

客户端用,配置示例:

"streamSettings": {
    "network": "grpc",
    "grpcSettings": {
        "authority": "grpc.example.com",
        "serviceName": "/path/to/custom"
    },
    "security": "tls",
    "tlsSettings": {
        "serverName": "example.com",
        "fingerprint": "chrome"
    }
}

@RPRX
Add Authority to gRPC Transport
fc84461 
Why couldn't you have Host, for the last three years?
@RPRX RPRX merged commit 7184a81 into main Feb 29, 2024
34 checks passed
@RPRX RPRX deleted the grpc-authority branch February 29, 2024 14:22
@PoneyClairDeLune

This comment was marked as off-topic.

Sign in to view
@Fangliding
Copy link
Member

Fangliding commented Feb 29, 2024
edited
Loading

前排提醒
这个Authority在CF内部的限制和ws host是一样的 反正是做不到那种真正的域前置(使用其他人的link作为SNI)
至于可以干什么,em,可以学ws的path那样传递一个额外的authority过去,服务器根据authority分流,正确的分流去xray,其他的分去伪装站,没有主动探测的问题 不过我们都有reality这种完美兼容所有传输的伪站方案的了 而且grpc应该本来就可以传一个servicename作为分流吧

@RPRX

This comment was marked as off-topic.

Sign in to view
@RPRX
Copy link
Member Author

RPRX commented Mar 2, 2024

前排提醒 这个Authority在CF内部的限制和ws host是一样的 反正是做不到那种真正的域前置(使用其他人的link作为SNI) 至于可以干什么,em,可以学ws的path那样传递一个额外的authority过去,服务器根据authority分流,正确的分流去xray,其他的分去伪装站,没有主动探测的问题 不过我们都有reality这种完美兼容所有传输的伪站方案的了 而且grpc应该本来就可以传一个servicename作为分流吧

同域域前置也是有用的,比如说主域名不是你的,你只有一个子域名,但整个域名套了 Cloudflare,这不就巧了

其它有些支持任意域前置和 gRPC 的 CDN 没测,大家测一下

@PoneyClairDeLune

This comment was marked as off-topic.

Sign in to view
@RPRX

This comment was marked as off-topic.

Sign in to view
@fodhelper fodhelper mentioned this pull request Mar 3, 2024
Closed
arror added a commit to arror/Xray-core that referenced this pull request Mar 11, 2024
@arror
Merge branch 'main' into socket_options
72c572d 
* main: (21 commits)
  Update 1.8.9 and dependencies
  Bump github.com/sagernet/sing from 0.3.5 to 0.3.6
  Tempest isn't only for OpenRC
  Fix user download stats with splice
  add: Add a new xray wrapper
  Bump google.golang.org/grpc from 1.62.0 to 1.62.1
  Bump google.golang.org/protobuf from 1.32.0 to 1.33.0
  Bump github.com/sagernet/sing from 0.3.4 to 0.3.5
  Add initial check for burstObserver
  Bump golang.org/x/net from 0.21.0 to 0.22.0
  Bump golang.org/x/crypto from 0.20.0 to 0.21.0
  Bump github.com/sagernet/sing from 0.3.3 to 0.3.4
  Bump github.com/stretchr/testify from 1.8.4 to 1.9.0
  Correctly propagate error in AuthenticationReader readBuffer
  chore: fix some errors detected by staticcheck (XTLS#3089)
  transport: add httpupgrade
  Add a linux script
  Bump github.com/sagernet/sing from 0.3.2 to 0.3.3
  Add Authority to gRPC Transport (XTLS#3076)
  Doq (XTLS#3073)
  ...
@RPRX RPRX mentioned this pull request Mar 13, 2024
Closed
@wupeng1211
Copy link

这个有上面用?

@RPRX
Copy link
Member Author

RPRX commented Mar 25, 2024

这个有上面用?

技术是在进步的,别人造出了你能看懂的好东西不可怕,最可怕的是别人干了但你看不懂别人在干什么或者说为什么要这么干,就像以前我写的很多东西一样,不过这次我是真的不能细说,或许有一天除了我和 @yuhan6665 之外的人会发现它的真实用途

我一直催 @yuhan6665 发 1.8.9 就是为了它,就是为了这口醋才下了这盘饺子,结果 NG 新版没它我又去说 2dust/v2rayNG#2924

@chika0801 chika0801 mentioned this pull request Mar 25, 2024
Closed
@M03ED M03ED mentioned this pull request Mar 25, 2024
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@RPRX @PoneyClairDeLune @Fangliding @wupeng1211