Support VLESS Encryption (native/random) + XTLS Vision + Any Transport like XHTTP (UDS or not) + TLS/REALITY

https://github.com/XTLS/Xray-core/pull/4952#issuecomment-3200720109
2025-08-22 09:36:49 +08:00 · 2025-08-19 13:20:27 +00:00
parent 49580705f6
commit 84835bec7d
6 changed files with 64 additions and 35 deletions
--- a/proxy/vless/inbound/inbound.go
+++ b/proxy/vless/inbound/inbound.go
@@ -12,6 +12,7 @@ import (
 	"time"
 	"unsafe"

+	"github.com/pires/go-proxyproto"
 	"github.com/xtls/xray-core/common"
 	"github.com/xtls/xray-core/common/buf"
 	"github.com/xtls/xray-core/common/errors"
@@ -31,6 +32,7 @@ import (
 	"github.com/xtls/xray-core/proxy/vless"
 	"github.com/xtls/xray-core/proxy/vless/encoding"
 	"github.com/xtls/xray-core/proxy/vless/encryption"
+	"github.com/xtls/xray-core/transport/internet"
 	"github.com/xtls/xray-core/transport/internet/reality"
 	"github.com/xtls/xray-core/transport/internet/stat"
 	"github.com/xtls/xray-core/transport/internet/tls"
@@ -208,6 +210,11 @@ func (*Handler) Network() []net.Network {

 // Process implements proxy.Inbound.Process().
 func (h *Handler) Process(ctx context.Context, network net.Network, connection stat.Connection, dispatcher routing.Dispatcher) error {
+	iConn := connection
+	if statConn, ok := iConn.(*stat.CounterConnection); ok {
+		iConn = statConn.Connection
+	}
+
 	if h.decryption != nil {
 		var err error
 		connection, err = h.decryption.Handshake(connection)
@@ -216,11 +223,6 @@ func (h *Handler) Process(ctx context.Context, network net.Network, connection s
 		}
 	}

-	iConn := connection
-	if statConn, ok := iConn.(*stat.CounterConnection); ok {
-		iConn = statConn.Connection
-	}
-
 	sessionPolicy := h.policyManager.ForLevel(0)
 	if err := connection.SetReadDeadline(time.Now().Add(sessionPolicy.Timeouts.Handshake)); err != nil {
 		return errors.New("unable to set read deadline").Base(err).AtWarning()
@@ -499,6 +501,13 @@ func (h *Handler) Process(ctx context.Context, network net.Network, connection s
 			case protocol.RequestCommandTCP:
 				if serverConn, ok := connection.(*encryption.ServerConn); ok {
 					peerCache = &serverConn.PeerCache
+					_, ok0 := serverConn.Conn.(*encryption.XorConn)
+					_, ok1 := iConn.(*proxyproto.Conn)
+					_, ok2 := iConn.(*net.TCPConn)
+					_, ok3 := iConn.(*internet.UnixConnWrapper)
+					if ok0 || (!ok1 && !ok2 && !ok3) {
+						inbound.CanSpliceCopy = 3 // xorConn/non-RAW can not use Linux Splice
+					}
 					break
 				}
 				var t reflect.Type