v1.1.4

https://github.com/XTLS/Xray-core/issues/68#issuecomment-745231528

README.md

@@ -13,7 +13,7 @@
   - [Xray-script](https://github.com/kirin10000/Xray-script)
 - Docker
   - [teddysun/xray](https://hub.docker.com/r/teddysun/xray)
-  - [charlieethan](https://github.com/users/charlieethan/packages/container/package/xray)
+  - Xray-docker
 - One Click
   - [ProxySU](https://github.com/proxysu/ProxySU)
   - [v2ray-agent](https://github.com/mack-a/v2ray-agent)
@@ -29,10 +29,14 @@
 
 - OpenWrt
   - [PassWall](https://github.com/xiaorouji/openwrt-passwall)
+  - [Hello World](https://github.com/jerrykuku/luci-app-vssr)
+  - [ShadowSocksR Plus+](https://github.com/fw876/helloworld)
 - Windows
   - [v2rayN](https://github.com/2dust/v2rayN)
+  - [Qv2ray](https://github.com/Qv2ray/Qv2ray)
 - Android
   - [v2rayNG](https://github.com/2dust/v2rayNG)
+  - [Kitsunebi](https://github.com/rurirei/Kitsunebi/tree/release_xtls)
 - iOS / Mac
   - [Shadowrocket](https://apps.apple.com/app/shadowrocket/id932747118)
 

app/commander/commander.go

@@ -1,5 +1,3 @@
-// +build !confonly
-
 package commander
 
 //go:generate go run github.com/xtls/xray-core/common/errors/errorgen

app/commander/outbound.go

@@ -1,5 +1,3 @@
-// +build !confonly
-
 package commander
 
 import (

app/commander/service.go

@@ -1,5 +1,3 @@
-// +build !confonly
-
 package commander
 
 import (

app/dispatcher/default.go

@@ -1,5 +1,3 @@
-// +build !confonly
-
 package dispatcher
 
 //go:generate go run github.com/xtls/xray-core/common/errors/errorgen

app/dispatcher/dispatcher.go

@@ -1,5 +1,3 @@
-// +build !confonly
-
 package dispatcher
 
 //go:generate go run github.com/xtls/xray-core/common/errors/errorgen

app/dispatcher/sniffer.go

@@ -1,5 +1,3 @@
-// +build !confonly
-
 package dispatcher
 
 import (

app/dispatcher/stats.go

@@ -1,5 +1,3 @@
-// +build !confonly
-
 package dispatcher
 
 import (

app/dns/dnscommon.go

@@ -1,5 +1,3 @@
-// +build !confonly
-
 package dns
 
 import (

app/dns/dnscommon_test.go

@@ -1,5 +1,3 @@
-// +build !confonly
-
 package dns
 
 import (

app/dns/dohdns.go

@@ -1,5 +1,3 @@
-// +build !confonly
-
 package dns
 
 import (

app/dns/hosts.go

@@ -1,5 +1,3 @@
-// +build !confonly
-
 package dns
 
 import (

app/dns/nameserver.go

@@ -1,5 +1,3 @@
-// +build !confonly
-
 package dns
 
 import (

app/dns/server.go

@@ -1,5 +1,3 @@
-// +build !confonly
-
 package dns
 
 //go:generate go run github.com/xtls/xray-core/common/errors/errorgen

app/dns/udpns.go

@@ -1,5 +1,3 @@
-// +build !confonly
-
 package dns
 
 import (

app/log/command/command.go

@@ -1,5 +1,3 @@
-// +build !confonly
-
 package command
 
 //go:generate go run github.com/xtls/xray-core/common/errors/errorgen
@@ -40,9 +38,15 @@ type service struct {
 }
 
 func (s *service) Register(server *grpc.Server) {
-	RegisterLoggerServiceServer(server, &LoggerServer{
+	ls := &LoggerServer{
 		V: s.v,
-	})
+	}
+	RegisterLoggerServiceServer(server, ls)
+
+	// For compatibility purposes
+	vCoreDesc := _LoggerService_serviceDesc
+	vCoreDesc.ServiceName = "v2ray.core.app.log.command.LoggerService"
+	server.RegisterService(&vCoreDesc, ls)
 }
 
 func init() {

app/log/command/config_grpc.pb.go

@@ -63,7 +63,6 @@ type UnsafeLoggerServiceServer interface {
 
 func RegisterLoggerServiceServer(s grpc.ServiceRegistrar, srv LoggerServiceServer) {
 	s.RegisterService(&_LoggerService_serviceDesc, srv)
-	s.RegisterService(&_LoggerService_serviceDesc2, srv)
 }
 
 func _LoggerService_RestartLogger_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) {
@@ -96,16 +95,3 @@ var _LoggerService_serviceDesc = grpc.ServiceDesc{
 	Streams:  []grpc.StreamDesc{},
 	Metadata: "app/log/command/config.proto",
 }
-
-var _LoggerService_serviceDesc2 = grpc.ServiceDesc{
-	ServiceName: "v2ray.core.app.log.command.LoggerService",
-	HandlerType: (*LoggerServiceServer)(nil),
-	Methods: []grpc.MethodDesc{
-		{
-			MethodName: "RestartLogger",
-			Handler:    _LoggerService_RestartLogger_Handler,
-		},
-	},
-	Streams:  []grpc.StreamDesc{},
-	Metadata: "app/log/command/config.proto",
-}

app/log/log.go

@@ -1,5 +1,3 @@
-// +build !confonly
-
 package log
 
 //go:generate go run github.com/xtls/xray-core/common/errors/errorgen

app/log/log_creator.go

@@ -1,5 +1,3 @@
-// +build !confonly
-
 package log
 
 import (

app/proxyman/command/command.go

@@ -1,5 +1,3 @@
-// +build !confonly
-
 package command
 
 import (
@@ -140,6 +138,11 @@ func (s *service) Register(server *grpc.Server) {
 		hs.ohm = om
 	}))
 	RegisterHandlerServiceServer(server, hs)
+
+	// For compatibility purposes
+	vCoreDesc := _HandlerService_serviceDesc
+	vCoreDesc.ServiceName = "v2ray.core.app.proxyman.command.HandlerService"
+	server.RegisterService(&vCoreDesc, hs)
 }
 
 func init() {

app/proxyman/command/command_grpc.pb.go

@@ -133,7 +133,6 @@ type UnsafeHandlerServiceServer interface {
 
 func RegisterHandlerServiceServer(s grpc.ServiceRegistrar, srv HandlerServiceServer) {
 	s.RegisterService(&_HandlerService_serviceDesc, srv)
-	s.RegisterService(&_HandlerService_serviceDesc2, srv)
 }
 
 func _HandlerService_AddInbound_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) {
@@ -276,36 +275,3 @@ var _HandlerService_serviceDesc = grpc.ServiceDesc{
 	Streams:  []grpc.StreamDesc{},
 	Metadata: "app/proxyman/command/command.proto",
 }
-
-var _HandlerService_serviceDesc2 = grpc.ServiceDesc{
-	ServiceName: "v2ray.core.app.proxyman.command.HandlerService",
-	HandlerType: (*HandlerServiceServer)(nil),
-	Methods: []grpc.MethodDesc{
-		{
-			MethodName: "AddInbound",
-			Handler:    _HandlerService_AddInbound_Handler,
-		},
-		{
-			MethodName: "RemoveInbound",
-			Handler:    _HandlerService_RemoveInbound_Handler,
-		},
-		{
-			MethodName: "AlterInbound",
-			Handler:    _HandlerService_AlterInbound_Handler,
-		},
-		{
-			MethodName: "AddOutbound",
-			Handler:    _HandlerService_AddOutbound_Handler,
-		},
-		{
-			MethodName: "RemoveOutbound",
-			Handler:    _HandlerService_RemoveOutbound_Handler,
-		},
-		{
-			MethodName: "AlterOutbound",
-			Handler:    _HandlerService_AlterOutbound_Handler,
-		},
-	},
-	Streams:  []grpc.StreamDesc{},
-	Metadata: "app/proxyman/command/command.proto",
-}

app/reverse/bridge.go

@@ -1,5 +1,3 @@
-// +build !confonly
-
 package reverse
 
 import (

app/reverse/config.go

@@ -1,5 +1,3 @@
-// +build !confonly
-
 package reverse
 
 import (

app/reverse/portal.go

@@ -1,5 +1,3 @@
-// +build !confonly
-
 package reverse
 
 import (

app/reverse/reverse.go

@@ -1,5 +1,3 @@
-// +build !confonly
-
 package reverse
 
 //go:generate go run github.com/xtls/xray-core/common/errors/errorgen

app/router/balancing.go

@@ -1,5 +1,3 @@
-// +build !confonly
-
 package router
 
 import (

app/router/command/command.go

@@ -1,5 +1,3 @@
-// +build !confonly
-
 package command
 
 //go:generate go run github.com/xtls/xray-core/common/errors/errorgen
@@ -83,7 +81,13 @@ type service struct {
 
 func (s *service) Register(server *grpc.Server) {
 	common.Must(s.v.RequireFeatures(func(router routing.Router, stats stats.Manager) {
-		RegisterRoutingServiceServer(server, NewRoutingServer(router, nil))
+		rs := NewRoutingServer(router, nil)
+		RegisterRoutingServiceServer(server, rs)
+
+		// For compatibility purposes
+		vCoreDesc := _RoutingService_serviceDesc
+		vCoreDesc.ServiceName = "v2ray.core.app.router.command.RoutingService"
+		server.RegisterService(&vCoreDesc, rs)
 	}))
 }
 

app/router/command/command_grpc.pb.go

@@ -100,7 +100,6 @@ type UnsafeRoutingServiceServer interface {
 
 func RegisterRoutingServiceServer(s grpc.ServiceRegistrar, srv RoutingServiceServer) {
 	s.RegisterService(&_RoutingService_serviceDesc, srv)
-	s.RegisterService(&_RoutingService_serviceDesc2, srv)
 }
 
 func _RoutingService_SubscribeRoutingStats_Handler(srv interface{}, stream grpc.ServerStream) error {
@@ -160,22 +159,3 @@ var _RoutingService_serviceDesc = grpc.ServiceDesc{
 	},
 	Metadata: "app/router/command/command.proto",
 }
-
-var _RoutingService_serviceDesc2 = grpc.ServiceDesc{
-	ServiceName: "v2ray.core.app.router.command.RoutingService",
-	HandlerType: (*RoutingServiceServer)(nil),
-	Methods: []grpc.MethodDesc{
-		{
-			MethodName: "TestRoute",
-			Handler:    _RoutingService_TestRoute_Handler,
-		},
-	},
-	Streams: []grpc.StreamDesc{
-		{
-			StreamName:    "SubscribeRoutingStats",
-			Handler:       _RoutingService_SubscribeRoutingStats_Handler,
-			ServerStreams: true,
-		},
-	},
-	Metadata: "app/router/command/command.proto",
-}

app/router/condition.go

@@ -1,5 +1,3 @@
-// +build !confonly
-
 package router
 
 import (

app/router/condition_geoip.go

@@ -1,5 +1,3 @@
-// +build !confonly
-
 package router
 
 import (

app/router/config.go

@@ -1,5 +1,3 @@
-// +build !confonly
-
 package router
 
 import (

app/router/router.go

@@ -1,5 +1,3 @@
-// +build !confonly
-
 package router
 
 //go:generate go run github.com/xtls/xray-core/common/errors/errorgen

app/stats/channel.go

@@ -1,5 +1,3 @@
-// +build !confonly
-
 package stats
 
 import (

app/stats/command/command.go

@@ -1,5 +1,3 @@
-// +build !confonly
-
 package command
 
 //go:generate go run github.com/xtls/xray-core/common/errors/errorgen
@@ -111,7 +109,13 @@ type service struct {
 }
 
 func (s *service) Register(server *grpc.Server) {
-	RegisterStatsServiceServer(server, NewStatsServer(s.statsManager))
+	ss := NewStatsServer(s.statsManager)
+	RegisterStatsServiceServer(server, ss)
+
+	// For compatibility purposes
+	vCoreDesc := _StatsService_serviceDesc
+	vCoreDesc.ServiceName = "v2ray.core.app.stats.command.StatsService"
+	server.RegisterService(&vCoreDesc, ss)
 }
 
 func init() {

app/stats/command/command_grpc.pb.go

@@ -91,7 +91,6 @@ type UnsafeStatsServiceServer interface {
 
 func RegisterStatsServiceServer(s grpc.ServiceRegistrar, srv StatsServiceServer) {
 	s.RegisterService(&_StatsService_serviceDesc, srv)
-	s.RegisterService(&_StatsService_serviceDesc2, srv)
 }
 
 func _StatsService_GetStats_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) {
@@ -168,24 +167,3 @@ var _StatsService_serviceDesc = grpc.ServiceDesc{
 	Streams:  []grpc.StreamDesc{},
 	Metadata: "app/stats/command/command.proto",
 }
-
-var _StatsService_serviceDesc2 = grpc.ServiceDesc{
-	ServiceName: "v2ray.core.app.stats.command.StatsService",
-	HandlerType: (*StatsServiceServer)(nil),
-	Methods: []grpc.MethodDesc{
-		{
-			MethodName: "GetStats",
-			Handler:    _StatsService_GetStats_Handler,
-		},
-		{
-			MethodName: "QueryStats",
-			Handler:    _StatsService_QueryStats_Handler,
-		},
-		{
-			MethodName: "GetSysStats",
-			Handler:    _StatsService_GetSysStats_Handler,
-		},
-	},
-	Streams:  []grpc.StreamDesc{},
-	Metadata: "app/stats/command/command.proto",
-}

app/stats/counter.go

@@ -1,5 +1,3 @@
-// +build !confonly
-
 package stats
 
 import "sync/atomic"

app/stats/stats.go

@@ -1,5 +1,3 @@
-// +build !confonly
-
 package stats
 
 //go:generate go run github.com/xtls/xray-core/common/errors/errorgen

common/net/connection.go

@@ -1,5 +1,3 @@
-// +build !confonly
-
 package net
 
 import (

core/config.go

@@ -1,5 +1,3 @@
-// +build !confonly
-
 package core
 
 import (

core/context.go

@@ -1,5 +1,3 @@
-// +build !confonly
-
 package core
 
 import (

core/core.go

@@ -18,7 +18,7 @@ import (
 )
 
 var (
-	version  = "1.1.2"
+	version  = "1.1.4"
 	build    = "Custom"
 	codename = "Xray, Penetrates Everything."
 	intro    = "A unified platform for anti-censorship."

core/functions.go

@@ -1,5 +1,3 @@
-// +build !confonly
-
 package core
 
 import (

core/mocks.go

@@ -1,8 +1,8 @@
 package core
 
-//go:generate go run github.com/golang/mock/mockgen -package mocks -destination testing/mocks/io.go -mock_names Reader=Reader,Writer=Writer io Reader,Writer
-//go:generate go run github.com/golang/mock/mockgen -package mocks -destination testing/mocks/log.go -mock_names Handler=LogHandler github.com/xtls/xray-core/common/log Handler
-//go:generate go run github.com/golang/mock/mockgen -package mocks -destination testing/mocks/mux.go -mock_names ClientWorkerFactory=MuxClientWorkerFactory github.com/xtls/xray-core/common/mux ClientWorkerFactory
-//go:generate go run github.com/golang/mock/mockgen -package mocks -destination testing/mocks/dns.go -mock_names Client=DNSClient github.com/xtls/xray-core/features/dns Client
-//go:generate go run github.com/golang/mock/mockgen -package mocks -destination testing/mocks/outbound.go -mock_names Manager=OutboundManager,HandlerSelector=OutboundHandlerSelector github.com/xtls/xray-core/features/outbound Manager,HandlerSelector
-//go:generate go run github.com/golang/mock/mockgen -package mocks -destination testing/mocks/proxy.go -mock_names Inbound=ProxyInbound,Outbound=ProxyOutbound github.com/xtls/xray-core/proxy Inbound,Outbound
+//go:generate go run github.com/golang/mock/mockgen -package mocks -destination ../testing/mocks/io.go -mock_names Reader=Reader,Writer=Writer io Reader,Writer
+//go:generate go run github.com/golang/mock/mockgen -package mocks -destination ../testing/mocks/log.go -mock_names Handler=LogHandler github.com/xtls/xray-core/common/log Handler
+//go:generate go run github.com/golang/mock/mockgen -package mocks -destination ../testing/mocks/mux.go -mock_names ClientWorkerFactory=MuxClientWorkerFactory github.com/xtls/xray-core/common/mux ClientWorkerFactory
+//go:generate go run github.com/golang/mock/mockgen -package mocks -destination ../testing/mocks/dns.go -mock_names Client=DNSClient github.com/xtls/xray-core/features/dns Client
+//go:generate go run github.com/golang/mock/mockgen -package mocks -destination ../testing/mocks/outbound.go -mock_names Manager=OutboundManager,HandlerSelector=OutboundHandlerSelector github.com/xtls/xray-core/features/outbound Manager,HandlerSelector
+//go:generate go run github.com/golang/mock/mockgen -package mocks -destination ../testing/mocks/proxy.go -mock_names Inbound=ProxyInbound,Outbound=ProxyOutbound github.com/xtls/xray-core/proxy Inbound,Outbound

core/proto.go

@@ -4,8 +4,9 @@ import "path/filepath"
 
 //go:generate go install -v google.golang.org/protobuf/cmd/protoc-gen-go
 //go:generate go install -v google.golang.org/grpc/cmd/protoc-gen-go-grpc
+//go:generate go get -v -u github.com/gogo/protobuf/protoc-gen-gofast
 //go:generate go install -v github.com/gogo/protobuf/protoc-gen-gofast
-//go:generate go run ../infra/vprotogen/main.go
+//go:generate go run ../infra/vprotogen/main.go -pwd ./..
 
 // ProtoFilesUsingProtocGenGoFast is the map of Proto files
 // that use `protoc-gen-gofast` to generate pb.go files

core/xray.go

@@ -1,5 +1,3 @@
-// +build !confonly
-
 package core
 
 import (

go.mod

@@ -10,16 +10,16 @@ require (
 	github.com/gorilla/websocket v1.4.2
 	github.com/lucas-clemente/quic-go v0.19.3
 	github.com/miekg/dns v1.1.35
-	github.com/pires/go-proxyproto v0.3.2
+	github.com/pires/go-proxyproto v0.3.3
 	github.com/seiflotfy/cuckoofilter v0.0.0-20201009151232-afb285a456ab
 	github.com/stretchr/testify v1.6.1
 	github.com/xtls/go v0.0.0-20201118062508-3632bf3b7499
-	go.starlark.net v0.0.0-20201204201740-42d4f566359b
-	golang.org/x/crypto v0.0.0-20201203163018-be400aefbc4c
-	golang.org/x/net v0.0.0-20201202161906-c7110b5ffcbb
-	golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9
-	golang.org/x/sys v0.0.0-20201204225414-ed752295db88
+	go.starlark.net v0.0.0-20201210151846-e81fc95f7bd5
+	golang.org/x/crypto v0.0.0-20201217014255-9d1352758620
+	golang.org/x/net v0.0.0-20201216054612-986b41b23924
+	golang.org/x/sync v0.0.0-20201207232520-09787c993a3a
+	golang.org/x/sys v0.0.0-20201218084310-7d0127a74742
 	google.golang.org/grpc v1.34.0
 	google.golang.org/protobuf v1.25.0
-	h12.io/socks v1.0.1
+	h12.io/socks v1.0.2
 )

go.sum

@@ -22,6 +22,7 @@ github.com/client9/misspell v0.3.4/go.mod h1:qj6jICC3Q7zFZvVWo7KLAzC3yx5G7kyvSDk
 github.com/cncf/udpa/go v0.0.0-20200629203442-efcf912fb354/go.mod h1:WmhPx2Nbnhtbo57+VJT5O0JRkEi1Wbu0z5j0R8u5Hbk=
 github.com/coreos/go-systemd v0.0.0-20181012123002-c6f51f82210d/go.mod h1:F5haX7vjVVG0kc13fIWeqUViNPyEJxv/OmvnBo0Yme4=
 github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
+github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
 github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
 github.com/dgryski/go-metro v0.0.0-20200812162917-85c65e2d0165 h1:BS21ZUJ/B5X2UVUbczfmdWH7GapPWAhxcMsDnjJTU1E=
 github.com/dgryski/go-metro v0.0.0-20200812162917-85c65e2d0165/go.mod h1:c9O8+fpSOX1DM8cPNSkX/qsBWdkD4yd2dpciOWQjpBw=
@@ -33,6 +34,7 @@ github.com/envoyproxy/protoc-gen-validate v0.1.0/go.mod h1:iSmxcyjqTsJpI2R4NaDN7
 github.com/flynn/go-shlex v0.0.0-20150515145356-3f9db97f8568/go.mod h1:xEzjJPgXI435gkrCt3MPfRiAkVrwSbHsst4LCFVfpJc=
 github.com/francoispqt/gojay v1.2.13/go.mod h1:ehT5mTG4ua4581f1++1WLG0vPdaA9HaiDsoyrBGkyDY=
 github.com/fsnotify/fsnotify v1.4.7/go.mod h1:jwhsz4b93w/PPRr/qN1Yymfu8t87LnFCMoQvtojpjFo=
+github.com/fsnotify/fsnotify v1.4.9 h1:hsms1Qyu0jgnwNXIxa+/V/PDsU6CfLf6CNO8H7IWoS4=
 github.com/fsnotify/fsnotify v1.4.9/go.mod h1:znqG4EE+3YCdAaPaxE2ZRY/06pZUdp0tY4IgpuI1SZQ=
 github.com/ghodss/yaml v1.0.0/go.mod h1:4dBDuWmgqj2HViK6kFavaiC9ZROes6MMH2rRYeMEF04=
 github.com/gliderlabs/ssh v0.1.1/go.mod h1:U7qILu1NlMHj9FlMhZLlkCdDnU1DBEAqr0aevW3Awn0=
@@ -45,6 +47,7 @@ github.com/golang/lint v0.0.0-20180702182130-06c8688daad7/go.mod h1:tluoj9z5200j
 github.com/golang/mock v1.1.1/go.mod h1:oTYuIxOrZwtPieC+H1uAHpcLFnEyAGVDL/k47Jfbm0A=
 github.com/golang/mock v1.2.0/go.mod h1:oTYuIxOrZwtPieC+H1uAHpcLFnEyAGVDL/k47Jfbm0A=
 github.com/golang/mock v1.4.0/go.mod h1:UOMv5ysSaYNkG+OFQykRIcU/QvvxJf3p21QfJ2Bt3cw=
+github.com/golang/mock v1.4.4 h1:l75CXGRSwbaYNpl/Z2X1XIIAMSCquvXgpVZDhwEIJsc=
 github.com/golang/mock v1.4.4/go.mod h1:l3mdAwkq5BuhzHwde/uurv3sEJeZMXNpwsxVWU71h+4=
 github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U=
 github.com/golang/protobuf v1.3.1/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U=
@@ -64,6 +67,7 @@ github.com/google/go-cmp v0.3.0/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMyw
 github.com/google/go-cmp v0.3.1/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU=
 github.com/google/go-cmp v0.4.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
 github.com/google/go-cmp v0.5.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
+github.com/google/go-cmp v0.5.4 h1:L8R9j+yAqZuZjsqh/z+F1NCffTKKLShY6zXTItVIZ8M=
 github.com/google/go-cmp v0.5.4/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
 github.com/google/go-github v17.0.0+incompatible/go.mod h1:zLgOLi98H3fifZn+44m+umXrS52loVEgC2AApnigrVQ=
 github.com/google/go-querystring v1.0.0/go.mod h1:odCYkC5MyYFN7vkCjXpyrEuKhc/BUO6wN/zVPAxq5ck=
@@ -77,42 +81,52 @@ github.com/gorilla/websocket v1.4.2 h1:+/TMaTYc4QFitKJxsQ7Yye35DkWvkdLcvGKqM+x0U
 github.com/gorilla/websocket v1.4.2/go.mod h1:YR8l580nyteQvAITg2hZ9XVh4b55+EU/adAjf1fMHhE=
 github.com/gregjones/httpcache v0.0.0-20180305231024-9cad4c3443a7/go.mod h1:FecbI9+v66THATjSRHfNgh1IVFe/9kFxbXtjV0ctIMA=
 github.com/grpc-ecosystem/grpc-gateway v1.5.0/go.mod h1:RSKVYQBd5MCa4OVpNdGskqpgL2+G+NZTnrVHpWWfpdw=
+github.com/h12w/go-socks5 v0.0.0-20200522160539-76189e178364 h1:5XxdakFhqd9dnXoAZy1Mb2R/DZ6D1e+0bGC/JhucGYI=
 github.com/h12w/go-socks5 v0.0.0-20200522160539-76189e178364/go.mod h1:eDJQioIyy4Yn3MVivT7rv/39gAJTrA7lgmYr8EW950c=
 github.com/hpcloud/tail v1.0.0/go.mod h1:ab1qPbhIpdTxEkNHXyeSf5vhxWSCs/tWer42PpOxQnU=
 github.com/jellevandenhooff/dkim v0.0.0-20150330215556-f50fe3d243e1/go.mod h1:E0B/fFc00Y+Rasa88328GlI/XbtyysCtTHZS8h7IrBU=
 github.com/json-iterator/go v1.1.6/go.mod h1:+SdeFBvtyEkXs7REEP0seUULqWtbJapLOCVDaaPEHmU=
 github.com/jstemmer/go-junit-report v0.0.0-20190106144839-af01ea7f8024/go.mod h1:6v2b51hI/fHJwM22ozAgKL4VKDeJcHhJFhtBdhmNjmU=
 github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck=
+github.com/kr/pretty v0.1.0 h1:L/CwN0zerZDmRFUapSPitk6f+Q3+0za1rQkzVuMiMFI=
 github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo=
 github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ=
 github.com/kr/pty v1.1.3/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ=
+github.com/kr/text v0.1.0 h1:45sCR5RtlFHMR4UwH9sdQ5TC8v0qDQCHnXt+kaKSTVE=
 github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI=
 github.com/lucas-clemente/quic-go v0.19.3 h1:eCDQqvGBB+kCTkA0XrAFtNe81FMa0/fn4QSoeAbmiF4=
 github.com/lucas-clemente/quic-go v0.19.3/go.mod h1:ADXpNbTQjq1hIzCpB+y/k5iz4n4z4IwqoLb94Kh5Hu8=
 github.com/lunixbochs/vtclean v1.0.0/go.mod h1:pHhQNgMf3btfWnGBVipUOjRYhoOsdGqdm/+2c2E2WMI=
 github.com/mailru/easyjson v0.0.0-20190312143242-1de009706dbe/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc=
 github.com/marten-seemann/qpack v0.2.1/go.mod h1:F7Gl5L1jIgN1D11ucXefiuJS9UMVP2opoCp2jDKb7wc=
+github.com/marten-seemann/qtls v0.10.0 h1:ECsuYUKalRL240rRD4Ri33ISb7kAQ3qGDlrrl55b2pc=
 github.com/marten-seemann/qtls v0.10.0/go.mod h1:UvMd1oaYDACI99/oZUYLzMCkBXQVT0aGm99sJhbT8hs=
 github.com/marten-seemann/qtls-go1-15 v0.1.1 h1:LIH6K34bPVttyXnUWixk0bzH6/N07VxbSabxn5A5gZQ=
 github.com/marten-seemann/qtls-go1-15 v0.1.1/go.mod h1:GyFwywLKkRt+6mfU99csTEY1joMZz5vmB1WNZH3P81I=
 github.com/matttproud/golang_protobuf_extensions v1.0.1/go.mod h1:D8He9yQNgCq6Z5Ld7szi9bcBfOoFv/3dc6xSMkL2PC0=
 github.com/microcosm-cc/bluemonday v1.0.1/go.mod h1:hsXNsILzKxV+sX77C5b8FSuKF00vh2OMYv+xgHpAMF4=
+github.com/miekg/dns v1.1.35 h1:oTfOaDH+mZkdcgdIjH6yBajRGtIwcwcaR+rt23ZSrJs=
 github.com/miekg/dns v1.1.35/go.mod h1:KNUDUusw/aVsxyTYZM1oqvCicbwhgbNgztCETuNZ7xM=
 github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q=
 github.com/modern-go/reflect2 v1.0.1/go.mod h1:bx2lNnkwVCuqBIxFjflWJWanXIb3RllmbCylyMrvgv0=
 github.com/neelance/astrewrite v0.0.0-20160511093645-99348263ae86/go.mod h1:kHJEU3ofeGjhHklVoIGuVj85JJwZ6kWPaJwCIxgnFmo=
 github.com/neelance/sourcemap v0.0.0-20151028013722-8c68805598ab/go.mod h1:Qr6/a/Q4r9LP1IltGz7tA7iOK1WonHEYhu1HRBA7ZiM=
+github.com/nxadm/tail v1.4.4 h1:DQuhQpB1tVlglWS2hLQ5OV6B5r8aGxSrPc5Qo6uTN78=
 github.com/nxadm/tail v1.4.4/go.mod h1:kenIhsEOeOJmVchQTgglprH7qJGnHDVpk1VPCcaMI8A=
 github.com/onsi/ginkgo v1.6.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE=
 github.com/onsi/ginkgo v1.12.1/go.mod h1:zj2OWP4+oCPe1qIXoGWkgMRwljMUYCdkwsT2108oapk=
+github.com/onsi/ginkgo v1.14.0 h1:2mOpI4JVVPBN+WQRa0WKH2eXR+Ey+uK4n7Zj0aYpIQA=
 github.com/onsi/ginkgo v1.14.0/go.mod h1:iSB4RoI2tjJc9BBv4NKIKWKya62Rps+oPG/Lv9klQyY=
 github.com/onsi/gomega v1.7.1/go.mod h1:XdKZgCCFLUoM/7CFJVPcG8C1xQ1AJ0vpAezJrB7JYyY=
+github.com/onsi/gomega v1.10.1 h1:o0+MgICZLuZ7xjH7Vx6zS/zcu93/BEp1VwkIW1mEXCE=
 github.com/onsi/gomega v1.10.1/go.mod h1:iN09h71vgCQne3DLsj+A5owkum+a2tYe+TOCB1ybHNo=
 github.com/openzipkin/zipkin-go v0.1.1/go.mod h1:NtoC/o8u3JlF1lSlyPNswIbeQH9bJTmOf0Erfk+hxe8=
+github.com/phayes/freeport v0.0.0-20180830031419-95f893ade6f2 h1:JhzVVoYvbOACxoUmOs6V/G4D5nPVUW73rKvXxP4XUJc=
 github.com/phayes/freeport v0.0.0-20180830031419-95f893ade6f2/go.mod h1:iIss55rKnNBTvrwdmkUpLnDpZoAHvWaiq5+iMmen4AE=
-github.com/pires/go-proxyproto v0.3.2 h1:E5ig1h9SFGne7IWVY6yRu3UCzyAFkQIukXHMkdFUOCA=
-github.com/pires/go-proxyproto v0.3.2/go.mod h1:Odh9VFOZJCf9G8cLW5o435Xf1J95Jw9Gw5rnCjcwzAY=
+github.com/pires/go-proxyproto v0.3.3 h1:jOXGrsAfSQVFiD1hWg1aiHpLYsd6SJw/8cLN594sB7Q=
+github.com/pires/go-proxyproto v0.3.3/go.mod h1:Odh9VFOZJCf9G8cLW5o435Xf1J95Jw9Gw5rnCjcwzAY=
 github.com/pkg/errors v0.8.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
+github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
 github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
 github.com/prometheus/client_golang v0.8.0/go.mod h1:7SWBe2y4D6OKWSNQJUaRYU/AaXPKyh/dDVn+NZz0KFw=
 github.com/prometheus/client_model v0.0.0-20180712105110-5c3871d89910/go.mod h1:MbSGuTsp3dbXC40dX6PRTWyKYBIrTGTE9sqQNg2J8bo=
@@ -151,6 +165,7 @@ github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+
 github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs=
 github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4=
 github.com/stretchr/testify v1.5.1/go.mod h1:5W2xD1RspED5o8YsWQXVCued0rvSQ+mT+I5cxcmMvtA=
+github.com/stretchr/testify v1.6.1 h1:hDPOHmpOpP40lSULcqw7IrRb/u7w6RpDC9399XyoNd0=
 github.com/stretchr/testify v1.6.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
 github.com/tarm/serial v0.0.0-20180830185346-98f6abe2eb07/go.mod h1:kDXzergiv9cbyO7IOYJZWg1U88JhDg3PB6klq9Hg2pA=
 github.com/viant/assertly v0.4.8/go.mod h1:aGifi++jvCrUaklKEKT0BU95igDNaqkvz+49uaYMPRU=
@@ -159,8 +174,8 @@ github.com/xtls/go v0.0.0-20201118062508-3632bf3b7499 h1:QHESTXtfgc1ABV+ArlbPVqU
 github.com/xtls/go v0.0.0-20201118062508-3632bf3b7499/go.mod h1:5TB2+k58gx4A4g2Nf5miSHNDF6CuAzHKpWBooLAshTs=
 go.opencensus.io v0.18.0/go.mod h1:vKdFvxhtzZ9onBp9VKHK8z/sRpBMnKAsufL7wlDrCOA=
 go.opencensus.io v0.22.2/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw=
-go.starlark.net v0.0.0-20201204201740-42d4f566359b h1:yHUzJ1WfcdR1oOafytJ6K1/ntYwnEIXICNVzHb+FzbA=
-go.starlark.net v0.0.0-20201204201740-42d4f566359b/go.mod h1:5YFcFnRptTN+41758c2bMPiqpGg4zBfYji1IQz8wNFk=
+go.starlark.net v0.0.0-20201210151846-e81fc95f7bd5 h1:F1LaLz0cvAJWMa5r3bogEYXD7/5fgA9a9jOX4DAobN8=
+go.starlark.net v0.0.0-20201210151846-e81fc95f7bd5/go.mod h1:vxxlMsgCAPH7BR2LtxjJC4WhhZhCGd/b01+CIpj8H4k=
 go4.org v0.0.0-20180809161055-417644f6feb5/go.mod h1:MkTOUMDaeVYJUOUsaDXIhWPZYa1yOyC1qaOBpL57BhE=
 golang.org/x/build v0.0.0-20190111050920-041ab4dc3f9d/go.mod h1:OWs+y06UdEOHN4y+MfF/py+xQ/tYqIWW03b70/CG9Rw=
 golang.org/x/crypto v0.0.0-20181030102418-4d3f4d9ffa16/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4=
@@ -169,8 +184,8 @@ golang.org/x/crypto v0.0.0-20190313024323-a1f597ede03a/go.mod h1:djNgcEr1/C05ACk
 golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
 golang.org/x/crypto v0.0.0-20200221231518-2aa609cf4a9d/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
 golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
-golang.org/x/crypto v0.0.0-20201203163018-be400aefbc4c h1:9HhBz5L/UjnK9XLtiZhYAdue5BVKep3PMmS2LuPDt8k=
-golang.org/x/crypto v0.0.0-20201203163018-be400aefbc4c/go.mod h1:jdWPYTVW3xRLrWPugEBEK3UY2ZEsg3UU495nc5E+M+I=
+golang.org/x/crypto v0.0.0-20201217014255-9d1352758620 h1:3wPMTskHO3+O6jqTEXyFcsnuxMQOqYSaHsDxcbUXpqA=
+golang.org/x/crypto v0.0.0-20201217014255-9d1352758620/go.mod h1:jdWPYTVW3xRLrWPugEBEK3UY2ZEsg3UU495nc5E+M+I=
 golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
 golang.org/x/lint v0.0.0-20180702182130-06c8688daad7/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE=
 golang.org/x/lint v0.0.0-20181026193005-c67002cb31c3/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE=
@@ -191,8 +206,8 @@ golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLL
 golang.org/x/net v0.0.0-20190923162816-aa69164e4478/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
 golang.org/x/net v0.0.0-20200520004742-59133d7f0dd7/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A=
 golang.org/x/net v0.0.0-20200707034311-ab3426394381/go.mod h1:/O7V0waA8r7cgGh81Ro3o1hOxt32SMVPicZroKQ2sZA=
-golang.org/x/net v0.0.0-20201202161906-c7110b5ffcbb h1:eBmm0M9fYhWpKZLjQUUKka/LtIxf46G4fxeEz5KJr9U=
-golang.org/x/net v0.0.0-20201202161906-c7110b5ffcbb/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU=
+golang.org/x/net v0.0.0-20201216054612-986b41b23924 h1:QsnDpLLOKwHBBDa8nDws4DYNc/ryVW2vCpxCs09d4PY=
+golang.org/x/net v0.0.0-20201216054612-986b41b23924/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg=
 golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U=
 golang.org/x/oauth2 v0.0.0-20181017192945-9dcd33a902f4/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U=
 golang.org/x/oauth2 v0.0.0-20181203162652-d668ce993890/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U=
@@ -204,7 +219,8 @@ golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod h1:RxMgew5VJxzue5/jJ
 golang.org/x/sync v0.0.0-20190227155943-e225da77a7e6/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
-golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
+golang.org/x/sync v0.0.0-20201207232520-09787c993a3a h1:DcqTD9SDLc+1P/r1EmRBwnVsrOwW+kk2vWf9n+1sGhs=
+golang.org/x/sync v0.0.0-20201207232520-09787c993a3a/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
 golang.org/x/sys v0.0.0-20180909124046-d0be0721c37e/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
 golang.org/x/sys v0.0.0-20181029174526-d69651ed3497/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
@@ -221,10 +237,11 @@ golang.org/x/sys v0.0.0-20200223170610-d5e6a3e2c0ae/go.mod h1:h1NjWce9XRLGQEsW7w
 golang.org/x/sys v0.0.0-20200323222414-85ca7c5b95cd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20200519105757-fe76b779f299/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20200803210538-64077c9b5642/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/sys v0.0.0-20201204225414-ed752295db88 h1:KmZPnMocC93w341XZp26yTJg8Za7lhb2KhkYmixoeso=
-golang.org/x/sys v0.0.0-20201204225414-ed752295db88/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20201218084310-7d0127a74742 h1:+CBz4km/0KPU3RGTwARGh/noP3bEwtHcq+0YcBQM2JQ=
+golang.org/x/sys v0.0.0-20201218084310-7d0127a74742/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/term v0.0.0-20201117132131-f5c789dd3221/go.mod h1:Nr5EML6q2oocZ2LXRh80K7BxOlk5/8JxuGnuhpl+muw=
+golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
 golang.org/x/text v0.0.0-20170915032832-14c0d48ead0c/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
 golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
 golang.org/x/text v0.3.1-0.20180807135948-17ff2d5776d2/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
@@ -243,6 +260,7 @@ golang.org/x/tools v0.0.0-20190425150028-36563e24a262/go.mod h1:RgjU9mgBXZiqYHBn
 golang.org/x/tools v0.0.0-20190524140312-2c0ae7006135/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q=
 golang.org/x/tools v0.0.0-20191216052735-49a3e744a425/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28=
 golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
+golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543 h1:E7g+9GITq07hpfrRu66IVDexMakfv52eLZ2CXBWiKr4=
 golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
 google.golang.org/api v0.0.0-20180910000450-7ca32eb868bf/go.mod h1:4mhQ8q/RsB7i+udVvVy5NUi08OU8ZlA0gRVgrF7VFY0=
 google.golang.org/api v0.0.0-20181030000543-1d582fd0359e/go.mod h1:4mhQ8q/RsB7i+udVvVy5NUi08OU8ZlA0gRVgrF7VFY0=
@@ -281,17 +299,22 @@ google.golang.org/protobuf v1.23.1-0.20200526195155-81db48ad09cc/go.mod h1:EGpAD
 google.golang.org/protobuf v1.25.0 h1:Ejskq+SyPohKW+1uil0JJMtmHCgJPJ/qWTxr8qp+R4c=
 google.golang.org/protobuf v1.25.0/go.mod h1:9JNX74DMeImyA3h4bdi1ymwjUzf21/xIlbajtzgsN7c=
 gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
+gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127 h1:qIbj1fsPNlZgppZ+VLlY7N33q108Sa+fhmuc+sWQYwY=
 gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
 gopkg.in/fsnotify.v1 v1.4.7/go.mod h1:Tz8NjZHkW78fSQdbUxIjBTcgA1z1m8ZHf0WmKUhAMys=
 gopkg.in/inf.v0 v0.9.1/go.mod h1:cWUDdTG/fYaXco+Dcufb5Vnc6Gp2YChqWtbxRZE0mXw=
+gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7 h1:uRGJdciOHaEIrze2W8Q3AKkepLTh2hOroT7a+7czfdQ=
 gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7/go.mod h1:dt/ZhP58zS4L8KSrWDmTeBkI65Dw0HsyUHuEVlX15mw=
 gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
 gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
 gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
+gopkg.in/yaml.v2 v2.3.0 h1:clyUAQHOM3G0M3f5vQj7LuJrETvjVot3Z5el9nffUtU=
 gopkg.in/yaml.v2 v2.3.0/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
+gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c h1:dUUwHk2QECo/6vqA44rthZ8ie2QXMNeKRTHCNY2nXvo=
 gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
 grpc.go4.org v0.0.0-20170609214715-11d0a25b4919/go.mod h1:77eQGdRu53HpSqPFJFmuJdjuHRquDANNeA4x7B8WQ9o=
-h12.io/socks v1.0.1/go.mod h1:AIhxy1jOId/XCz9BO+EIgNL2rQiPTBNnOfnVnQ+3Eck=
+h12.io/socks v1.0.2 h1:cZhhbV8+DE0Y1kotwhr1a3RC3kFO7AtuZ4GLr3qKSc8=
+h12.io/socks v1.0.2/go.mod h1:AIhxy1jOId/XCz9BO+EIgNL2rQiPTBNnOfnVnQ+3Eck=
 honnef.co/go/tools v0.0.0-20180728063816-88497007e858/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4=
 honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4=
 honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4=

infra/conf/router.go

@@ -2,6 +2,7 @@ package conf
 
 import (
 	"encoding/json"
+	"runtime"
 	"strconv"
 	"strings"
 
@@ -147,46 +148,109 @@ func ParseIP(s string) (*router.CIDR, error) {
 	}
 }
 
-func loadGeoIP(country string) ([]*router.CIDR, error) {
-	return loadIP("geoip.dat", country)
+func loadGeoIP(code string) ([]*router.CIDR, error) {
+	return loadIP("geoip.dat", code)
 }
 
-func loadIP(filename, country string) ([]*router.CIDR, error) {
-	geoipBytes, err := filesystem.ReadAsset(filename)
-	if err != nil {
-		return nil, newError("failed to open file: ", filename).Base(err)
-	}
-	var geoipList router.GeoIPList
-	if err := proto.Unmarshal(geoipBytes, &geoipList); err != nil {
-		return nil, err
-	}
+var (
+	FileCache = make(map[string][]byte)
+	IPCache   = make(map[string]*router.GeoIP)
+	SiteCache = make(map[string]*router.GeoSite)
+)
 
-	for _, geoip := range geoipList.Entry {
-		if geoip.CountryCode == country {
-			return geoip.Cidr, nil
+func loadFile(file string) ([]byte, error) {
+	if FileCache[file] == nil {
+		bs, err := filesystem.ReadAsset(file)
+		if err != nil {
+			return nil, newError("failed to open file: ", file).Base(err)
 		}
+		if len(bs) == 0 {
+			return nil, newError("empty file: ", file)
+		}
+		// Do not cache file, may save RAM when there
+		// are many files, but consume CPU each time.
+		return bs, nil
+		FileCache[file] = bs
 	}
-
-	return nil, newError("country not found in ", filename, ": ", country)
+	return FileCache[file], nil
 }
 
-func loadSite(filename, country string) ([]*router.Domain, error) {
-	geositeBytes, err := filesystem.ReadAsset(filename)
-	if err != nil {
-		return nil, newError("failed to open file: ", filename).Base(err)
-	}
-	var geositeList router.GeoSiteList
-	if err := proto.Unmarshal(geositeBytes, &geositeList); err != nil {
-		return nil, err
-	}
-
-	for _, site := range geositeList.Entry {
-		if site.CountryCode == country {
-			return site.Domain, nil
+func loadIP(file, code string) ([]*router.CIDR, error) {
+	index := file + ":" + code
+	if IPCache[index] == nil {
+		bs, err := loadFile(file)
+		if err != nil {
+			return nil, newError("failed to load file: ", file).Base(err)
 		}
+		bs = find(bs, []byte(code))
+		if bs == nil {
+			return nil, newError("code not found in ", file, ": ", code)
+		}
+		var geoip router.GeoIP
+		if err := proto.Unmarshal(bs, &geoip); err != nil {
+			return nil, newError("error unmarshal IP in ", file, ": ", code).Base(err)
+		}
+		defer runtime.GC()     // or debug.FreeOSMemory()
+		return geoip.Cidr, nil // do not cache geoip
+		IPCache[index] = &geoip
 	}
+	return IPCache[index].Cidr, nil
+}
 
-	return nil, newError("list not found in ", filename, ": ", country)
+func loadSite(file, code string) ([]*router.Domain, error) {
+	index := file + ":" + code
+	if SiteCache[index] == nil {
+		bs, err := loadFile(file)
+		if err != nil {
+			return nil, newError("failed to load file: ", file).Base(err)
+		}
+		bs = find(bs, []byte(code))
+		if bs == nil {
+			return nil, newError("list not found in ", file, ": ", code)
+		}
+		var geosite router.GeoSite
+		if err := proto.Unmarshal(bs, &geosite); err != nil {
+			return nil, newError("error unmarshal Site in ", file, ": ", code).Base(err)
+		}
+		defer runtime.GC()         // or debug.FreeOSMemory()
+		return geosite.Domain, nil // do not cache geosite
+		SiteCache[index] = &geosite
+	}
+	return SiteCache[index].Domain, nil
+}
+
+func find(data, code []byte) []byte {
+	codeL := len(code)
+	if codeL == 0 {
+		return nil
+	}
+	for {
+		dataL := len(data)
+		if dataL < 2 {
+			return nil
+		}
+		x, y := proto.DecodeVarint(data[1:])
+		if x == 0 && y == 0 {
+			return nil
+		}
+		headL, bodyL := 1+y, int(x)
+		dataL -= headL
+		if dataL < bodyL {
+			return nil
+		}
+		data = data[headL:]
+		if int(data[1]) == codeL {
+			for i := 0; i < codeL && data[2+i] == code[i]; i++ {
+				if i+1 == codeL {
+					return data[:bodyL]
+				}
+			}
+		}
+		if dataL == bodyL {
+			return nil
+		}
+		data = data[bodyL:]
+	}
 }
 
 type AttributeMatcher interface {

infra/conf/transport_internet.go

@@ -288,12 +288,15 @@ func (c *TLSCertConfig) Build() (*tls.Certificate, error) {
 
 type TLSConfig struct {
 	Insecure                 bool             `json:"allowInsecure"`
-	InsecureCiphers          bool             `json:"allowInsecureCiphers"`
 	Certs                    []*TLSCertConfig `json:"certificates"`
 	ServerName               string           `json:"serverName"`
 	ALPN                     *StringList      `json:"alpn"`
 	DisableSessionResumption bool             `json:"disableSessionResumption"`
 	DisableSystemRoot        bool             `json:"disableSystemRoot"`
+	MinVersion               string           `json:"minVersion"`
+	MaxVersion               string           `json:"maxVersion"`
+	CipherSuites             string           `json:"cipherSuites"`
+	PreferServerCipherSuites bool             `json:"preferServerCipherSuites"`
 }
 
 // Build implements Buildable.
@@ -309,7 +312,6 @@ func (c *TLSConfig) Build() (proto.Message, error) {
 	}
 	serverName := c.ServerName
 	config.AllowInsecure = c.Insecure
-	config.AllowInsecureCiphers = c.InsecureCiphers
 	if len(c.ServerName) > 0 {
 		config.ServerName = serverName
 	}
@@ -318,6 +320,10 @@ func (c *TLSConfig) Build() (proto.Message, error) {
 	}
 	config.DisableSessionResumption = c.DisableSessionResumption
 	config.DisableSystemRoot = c.DisableSystemRoot
+	config.MinVersion = c.MinVersion
+	config.MaxVersion = c.MaxVersion
+	config.CipherSuites = c.CipherSuites
+	config.PreferServerCipherSuites = c.PreferServerCipherSuites
 	return config, nil
 }
 
@@ -363,12 +369,15 @@ func (c *XTLSCertConfig) Build() (*xtls.Certificate, error) {
 
 type XTLSConfig struct {
 	Insecure                 bool              `json:"allowInsecure"`
-	InsecureCiphers          bool              `json:"allowInsecureCiphers"`
 	Certs                    []*XTLSCertConfig `json:"certificates"`
 	ServerName               string            `json:"serverName"`
 	ALPN                     *StringList       `json:"alpn"`
 	DisableSessionResumption bool              `json:"disableSessionResumption"`
 	DisableSystemRoot        bool              `json:"disableSystemRoot"`
+	MinVersion               string            `json:"minVersion"`
+	MaxVersion               string            `json:"maxVersion"`
+	CipherSuites             string            `json:"cipherSuites"`
+	PreferServerCipherSuites bool              `json:"preferServerCipherSuites"`
 }
 
 // Build implements Buildable.
@@ -384,7 +393,6 @@ func (c *XTLSConfig) Build() (proto.Message, error) {
 	}
 	serverName := c.ServerName
 	config.AllowInsecure = c.Insecure
-	config.AllowInsecureCiphers = c.InsecureCiphers
 	if len(c.ServerName) > 0 {
 		config.ServerName = serverName
 	}
@@ -393,6 +401,10 @@ func (c *XTLSConfig) Build() (proto.Message, error) {
 	}
 	config.DisableSessionResumption = c.DisableSessionResumption
 	config.DisableSystemRoot = c.DisableSystemRoot
+	config.MinVersion = c.MinVersion
+	config.MaxVersion = c.MaxVersion
+	config.CipherSuites = c.CipherSuites
+	config.PreferServerCipherSuites = c.PreferServerCipherSuites
 	return config, nil
 }
 

infra/conf/trojan.go

@@ -52,6 +52,17 @@ func (c *TrojanClientConfig) Build() (proto.Message, error) {
 			Password: rec.Password,
 			Flow:     rec.Flow,
 		}
+
+		switch account.Flow {
+		case "", "xtls-rprx-origin", "xtls-rprx-origin-udp443", "xtls-rprx-direct", "xtls-rprx-direct-udp443":
+		case "xtls-rprx-splice", "xtls-rprx-splice-udp443":
+			if runtime.GOOS != "linux" && runtime.GOOS != "android" {
+				return nil, newError(`Trojan servers: "` + account.Flow + `" only support linux in this version`)
+			}
+		default:
+			return nil, newError(`Trojan servers: "flow" doesn't support "` + account.Flow + `" in this version`)
+		}
+
 		trojan := &protocol.ServerEndpoint{
 			Address: rec.Address.Build(),
 			Port:    uint32(rec.Port),
@@ -107,6 +118,14 @@ func (c *TrojanServerConfig) Build() (proto.Message, error) {
 			Flow:     rawUser.Flow,
 		}
 
+		switch account.Flow {
+		case "", "xtls-rprx-origin", "xtls-rprx-direct":
+		case "xtls-rprx-splice":
+			return nil, newError(`Trojan clients: inbound doesn't support "xtls-rprx-splice" in this version, please use "xtls-rprx-direct" instead`)
+		default:
+			return nil, newError(`Trojan clients: "flow" doesn't support "` + account.Flow + `" in this version`)
+		}
+
 		user.Email = rawUser.Email
 		user.Level = uint32(rawUser.Level)
 		user.Account = serial.ToTypedMessage(account)

infra/vprotogen/main.go

@@ -1,6 +1,7 @@
 package main
 
 import (
+	"flag"
 	"fmt"
 	"os"
 	"os/exec"
@@ -12,13 +13,25 @@ import (
 	"github.com/xtls/xray-core/core"
 )
 
+var directory = flag.String("pwd", "", "Working directory of Xray vprotogen.")
+
 func main() {
-	pwd, wdErr := os.Getwd()
-	if wdErr != nil {
-		fmt.Println("Can not get current working directory.")
-		os.Exit(1)
+	flag.Usage = func() {
+		fmt.Fprintf(flag.CommandLine.Output(), "Usage of vprotogen:\n")
+		flag.PrintDefaults()
+	}
+	flag.Parse()
+
+	if !filepath.IsAbs(*directory) {
+		pwd, wdErr := os.Getwd()
+		if wdErr != nil {
+			fmt.Println("Can not get current working directory.")
+			os.Exit(1)
+		}
+		*directory = filepath.Join(pwd, *directory)
 	}
 
+	pwd := *directory
 	GOBIN := common.GetGOBIN()
 	binPath := os.Getenv("PATH")
 	pathSlice := []string{binPath, GOBIN, pwd}
@@ -39,7 +52,7 @@ func main() {
 	}
 
 	protoFilesMap := make(map[string][]string)
-	walkErr := filepath.Walk("./", func(path string, info os.FileInfo, err error) error {
+	walkErr := filepath.Walk(pwd, func(path string, info os.FileInfo, err error) error {
 		if err != nil {
 			fmt.Println(err)
 			return err
@@ -52,6 +65,7 @@ func main() {
 		dir := filepath.Dir(path)
 		filename := filepath.Base(path)
 		if strings.HasSuffix(filename, ".proto") {
+			path = path[len(pwd)+1:]
 			protoFilesMap[dir] = append(protoFilesMap[dir], path)
 		}
 
@@ -73,6 +87,7 @@ func main() {
 			args = append(args, relProtoFile)
 			cmd := exec.Command(protoc, args...)
 			cmd.Env = append(cmd.Env, os.Environ()...)
+			cmd.Dir = pwd
 			output, cmdErr := cmd.CombinedOutput()
 			if len(output) > 0 {
 				fmt.Println(string(output))

main/jsonem/jsonem.go

@@ -22,9 +22,13 @@ func init() {
 				for i, arg := range v {
 					newError("Reading config: ", arg).AtInfo().WriteToLog()
 					r, err := confloader.LoadConfig(arg)
-					common.Must(err)
+					if err != nil {
+						return nil, newError("failed to read config: ", arg).Base(err)
+					}
 					c, err := serial.DecodeJSONConfig(r)
-					common.Must(err)
+					if err != nil {
+						return nil, newError("failed to decode config: ", arg).Base(err)
+					}
 					if i == 0 {
 						// This ensure even if the muti-json parser do not support a setting,
 						// It is still respected automatically for the first configure file

main/run.go

@@ -9,12 +9,14 @@ import (
 	"path"
 	"path/filepath"
 	"runtime"
+	"runtime/debug"
 	"strings"
 	"syscall"
 
 	"github.com/xtls/xray-core/common/cmdarg"
 	"github.com/xtls/xray-core/common/platform"
 	"github.com/xtls/xray-core/core"
+	"github.com/xtls/xray-core/infra/conf"
 	"github.com/xtls/xray-core/main/commands/base"
 )
 
@@ -78,8 +80,13 @@ func executeRun(cmd *base.Command, args []string) {
 	}
 	defer server.Close()
 
+	conf.FileCache = nil
+	conf.IPCache = nil
+	conf.SiteCache = nil
+
 	// Explicitly triggering GC to remove garbage from config loading.
 	runtime.GC()
+	debug.FreeOSMemory()
 
 	{
 		osSignals := make(chan os.Signal, 1)
@@ -157,7 +164,7 @@ func startXray() (core.Server, error) {
 
 	config, err := core.LoadConfig(getConfigFormat(), configFiles[0], configFiles)
 	if err != nil {
-		return nil, newError("failed to read config files: [", configFiles.String(), "]").Base(err)
+		return nil, newError("failed to load config files: [", configFiles.String(), "]").Base(err)
 	}
 
 	server, err := core.New(config)

proxy/blackhole/blackhole.go

@@ -1,5 +1,3 @@
-// +build !confonly
-
 // Package blackhole is an outbound handler that blocks all connections.
 package blackhole
 

proxy/dns/dns.go

@@ -1,5 +1,3 @@
-// +build !confonly
-
 package dns
 
 import (

proxy/dokodemo/dokodemo.go

@@ -1,5 +1,3 @@
-// +build !confonly
-
 package dokodemo
 
 //go:generate go run github.com/xtls/xray-core/common/errors/errorgen

proxy/freedom/freedom.go

@@ -1,5 +1,3 @@
-// +build !confonly
-
 package freedom
 
 //go:generate go run github.com/xtls/xray-core/common/errors/errorgen

proxy/http/client.go

@@ -1,5 +1,3 @@
-// +build !confonly
-
 package http
 
 import (

proxy/http/server.go

@@ -1,5 +1,3 @@
-// +build !confonly
-
 package http
 
 import (

proxy/mtproto/server.go

@@ -1,5 +1,3 @@
-// +build !confonly
-
 package mtproto
 
 import (

proxy/shadowsocks/client.go

@@ -1,5 +1,3 @@
-// +build !confonly
-
 package shadowsocks
 
 import (

proxy/shadowsocks/protocol.go

@@ -1,5 +1,3 @@
-// +build !confonly
-
 package shadowsocks
 
 import (

proxy/shadowsocks/server.go

@@ -1,5 +1,3 @@
-// +build !confonly
-
 package shadowsocks
 
 import (

proxy/socks/client.go

@@ -1,5 +1,3 @@
-// +build !confonly
-
 package socks
 
 import (

proxy/socks/config.go

@@ -1,5 +1,3 @@
-// +build !confonly
-
 package socks
 
 import "github.com/xtls/xray-core/common/protocol"

proxy/socks/protocol.go

@@ -1,5 +1,3 @@
-// +build !confonly
-
 package socks
 
 import (

proxy/socks/server.go

@@ -1,5 +1,3 @@
-// +build !confonly
-
 package socks
 
 import (

proxy/trojan/client.go

@@ -1,5 +1,3 @@
-// +build !confonly
-
 package trojan
 
 import (
@@ -81,56 +79,63 @@ func (c *Client) Process(ctx context.Context, link *transport.Link, dialer inter
 
 	defer conn.Close()
 
-	user := server.PickUser()
-	account, ok := user.Account.(*MemoryAccount)
-	if !ok {
-		return newError("user account is not valid")
-	}
-
 	iConn := conn
 	statConn, ok := iConn.(*internet.StatCouterConnection)
 	if ok {
 		iConn = statConn.Connection
 	}
 
-	var rawConn syscall.RawConn
+	user := server.PickUser()
+	account, ok := user.Account.(*MemoryAccount)
+	if !ok {
+		return newError("user account is not valid")
+	}
+
+	connWriter := &ConnWriter{
+		Flow: account.Flow,
+	}
+
+	var rawConn syscall.RawConn
+	var sctx context.Context
 
-	connWriter := &ConnWriter{}
 	allowUDP443 := false
-	switch account.Flow {
-	case XRO + "-udp443", XRD + "-udp443":
+	switch connWriter.Flow {
+	case XRO + "-udp443", XRD + "-udp443", XRS + "-udp443":
 		allowUDP443 = true
-		account.Flow = account.Flow[:16]
+		connWriter.Flow = connWriter.Flow[:16]
 		fallthrough
-	case XRO, XRD:
+	case XRO, XRD, XRS:
 		if destination.Address.Family().IsDomain() && destination.Address.Domain() == muxCoolAddress {
-			return newError(account.Flow + " doesn't support Mux").AtWarning()
+			return newError(connWriter.Flow + " doesn't support Mux").AtWarning()
 		}
 		if destination.Network == net.Network_UDP {
 			if !allowUDP443 && destination.Port == 443 {
-				return newError(account.Flow + " stopped UDP/443").AtInfo()
+				return newError(connWriter.Flow + " stopped UDP/443").AtInfo()
 			}
+			connWriter.Flow = ""
 		} else { // enable XTLS only if making TCP request
 			if xtlsConn, ok := iConn.(*xtls.Conn); ok {
 				xtlsConn.RPRX = true
-				xtlsConn.SHOW = trojanXTLSShow
-				connWriter.Flow = account.Flow
-				if account.Flow == XRD {
-					xtlsConn.DirectMode = true
+				xtlsConn.SHOW = xtls_show
+				xtlsConn.MARK = "XTLS"
+				if connWriter.Flow == XRS {
+					sctx = ctx
+					connWriter.Flow = XRD
 				}
-				if sc, ok := xtlsConn.Connection.(syscall.Conn); ok {
-					rawConn, _ = sc.SyscallConn()
+				if connWriter.Flow == XRD {
+					xtlsConn.DirectMode = true
+					if sc, ok := xtlsConn.Connection.(syscall.Conn); ok {
+						rawConn, _ = sc.SyscallConn()
+					}
 				}
 			} else {
-				return newError(`failed to use ` + account.Flow + `, maybe "security" is not "xtls"`).AtWarning()
+				return newError(`failed to use ` + connWriter.Flow + `, maybe "security" is not "xtls"`).AtWarning()
 			}
 		}
-	case "":
+	default:
 		if _, ok := iConn.(*xtls.Conn); ok {
 			panic(`To avoid misunderstanding, you must fill in Trojan "flow" when using XTLS.`)
 		}
-	default:
-		return newError("unsupported flow " + account.Flow).AtWarning()
 	}
 
 	sessionPolicy := c.policyManager.ForLevel(user.Level)
@@ -185,7 +190,7 @@ func (c *Client) Process(ctx context.Context, link *transport.Link, dialer inter
 			if statConn != nil {
 				counter = statConn.ReadCounter
 			}
-			return ReadV(reader, link.Writer, timer, iConn.(*xtls.Conn), rawConn, counter)
+			return ReadV(reader, link.Writer, timer, iConn.(*xtls.Conn), rawConn, counter, sctx)
 		}
 		return buf.Copy(reader, link.Writer, buf.UpdateActivity(timer))
 	}
@@ -207,6 +212,6 @@ func init() {
 
 	xtlsShow := platform.NewEnvFlag("xray.trojan.xtls.show").GetValue(func() string { return defaultFlagValue })
 	if xtlsShow == "true" {
-		trojanXTLSShow = true
+		xtls_show = true
 	}
 }

proxy/trojan/protocol.go

@@ -1,17 +1,21 @@
 package trojan
 
 import (
+	"context"
 	"encoding/binary"
 	fmt "fmt"
 	"io"
+	"runtime"
 	"syscall"
 
 	"github.com/xtls/xray-core/common/buf"
 	"github.com/xtls/xray-core/common/errors"
 	"github.com/xtls/xray-core/common/net"
 	"github.com/xtls/xray-core/common/protocol"
+	"github.com/xtls/xray-core/common/session"
 	"github.com/xtls/xray-core/common/signal"
 	"github.com/xtls/xray-core/features/stats"
+	"github.com/xtls/xray-core/transport/internet"
 	"github.com/xtls/xray-core/transport/internet/xtls"
 )
 
@@ -24,11 +28,13 @@ var (
 		protocol.AddressFamilyByte(0x03, net.AddressFamilyDomain),
 	)
 
-	trojanXTLSShow = false
+	xtls_show = false
 )
 
 const (
 	maxLength = 8192
+	// XRS is constant for XTLS splice mode
+	XRS = "xtls-rprx-splice"
 	// XRD is constant for XTLS direct mode
 	XRD = "xtls-rprx-direct"
 	// XRO is constant for XTLS origin mode
@@ -84,10 +90,10 @@ func (c *ConnWriter) writeHeader() error {
 	command := commandTCP
 	if c.Target.Network == net.Network_UDP {
 		command = commandUDP
-	} else if c.Flow == XRO {
-		command = commandXRO
 	} else if c.Flow == XRD {
 		command = commandXRD
+	} else if c.Flow == XRO {
+		command = commandXRO
 	}
 
 	if _, err := buffer.Write(c.Account.Key); err != nil {
@@ -205,10 +211,10 @@ func (c *ConnReader) ParseHeader() error {
 	network := net.Network_TCP
 	if command[0] == commandUDP {
 		network = net.Network_UDP
-	} else if command[0] == commandXRO {
-		c.Flow = XRO
 	} else if command[0] == commandXRD {
 		c.Flow = XRD
+	} else if command[0] == commandXRO {
+		c.Flow = XRO
 	}
 
 	addr, port, err := addrParser.ReadAddressPort(nil, c.Reader)
@@ -307,12 +313,42 @@ func (r *PacketReader) ReadMultiBufferWithMetadata() (*PacketPayload, error) {
 	return &PacketPayload{Target: dest, Buffer: mb}, nil
 }
 
-func ReadV(reader buf.Reader, writer buf.Writer, timer signal.ActivityUpdater, conn *xtls.Conn, rawConn syscall.RawConn, counter stats.Counter) error {
+func ReadV(reader buf.Reader, writer buf.Writer, timer signal.ActivityUpdater, conn *xtls.Conn, rawConn syscall.RawConn, counter stats.Counter, sctx context.Context) error {
 	err := func() error {
 		var ct stats.Counter
 		for {
 			if conn.DirectIn {
 				conn.DirectIn = false
+				if sctx != nil {
+					if inbound := session.InboundFromContext(sctx); inbound != nil && inbound.Conn != nil {
+						iConn := inbound.Conn
+						statConn, ok := iConn.(*internet.StatCouterConnection)
+						if ok {
+							iConn = statConn.Connection
+						}
+						if xc, ok := iConn.(*xtls.Conn); ok {
+							iConn = xc.Connection
+						}
+						if tc, ok := iConn.(*net.TCPConn); ok {
+							if conn.SHOW {
+								fmt.Println(conn.MARK, "Splice")
+							}
+							runtime.Gosched() // necessary
+							w, err := tc.ReadFrom(conn.Connection)
+							if counter != nil {
+								counter.Add(w)
+							}
+							if statConn != nil && statConn.WriteCounter != nil {
+								statConn.WriteCounter.Add(w)
+							}
+							return err
+						} else {
+							panic("XTLS Splice: not TCP inbound")
+						}
+					} else {
+						//panic("XTLS Splice: nil inbound or nil inbound.Conn")
+					}
+				}
 				reader = buf.NewReadVReader(conn.Connection, rawConn)
 				ct = counter
 				if conn.SHOW {

proxy/trojan/server.go

@@ -1,5 +1,3 @@
-// +build !confonly
-
 package trojan
 
 import (
@@ -40,7 +38,7 @@ func init() {
 
 	xtlsShow := platform.NewEnvFlag("xray.trojan.xtls.show").GetValue(func() string { return defaultFlagValue })
 	if xtlsShow == "true" {
-		trojanXTLSShow = true
+		xtls_show = true
 	}
 }
 
@@ -221,7 +219,8 @@ func (s *Server) Process(ctx context.Context, network net.Network, conn internet
 			}
 			if xtlsConn, ok := iConn.(*xtls.Conn); ok {
 				xtlsConn.RPRX = true
-				xtlsConn.SHOW = trojanXTLSShow
+				xtlsConn.SHOW = xtls_show
+				xtlsConn.MARK = "XTLS"
 				if clientReader.Flow == XRD {
 					xtlsConn.DirectMode = true
 					if sc, ok := xtlsConn.Connection.(syscall.Conn); ok {
@@ -232,11 +231,9 @@ func (s *Server) Process(ctx context.Context, network net.Network, conn internet
 				return newError(`failed to use ` + clientReader.Flow + `, maybe "security" is not "xtls"`).AtWarning()
 			}
 		} else {
-			return newError("unable to use ", clientReader.Flow).AtWarning()
+			return newError(account.Password + " is not able to use " + clientReader.Flow).AtWarning()
 		}
 	case "":
-	default:
-		return newError("unsupported flow " + account.Flow).AtWarning()
 	}
 
 	ctx = log.ContextWithAccessMessage(ctx, &log.AccessMessage{
@@ -310,7 +307,7 @@ func (s *Server) handleConnection(ctx context.Context, sessionPolicy policy.Sess
 			if statConn != nil {
 				counter = statConn.ReadCounter
 			}
-			err = ReadV(clientReader, link.Writer, timer, iConn.(*xtls.Conn), rawConn, counter)
+			err = ReadV(clientReader, link.Writer, timer, iConn.(*xtls.Conn), rawConn, counter, nil)
 		} else {
 			err = buf.Copy(clientReader, link.Writer, buf.UpdateActivity(timer))
 		}

proxy/trojan/validator.go

@@ -1,5 +1,3 @@
-// +build !confonly
-
 package trojan
 
 import (

proxy/vless/account.go

@@ -1,5 +1,3 @@
-// +build !confonly
-
 package vless
 
 import (

proxy/vless/encoding/addons.go

@@ -1,5 +1,3 @@
-// +build !confonly
-
 package encoding
 
 import (

proxy/vless/encoding/encoding.go

@@ -1,5 +1,3 @@
-// +build !confonly
-
 package encoding
 
 //go:generate go run github.com/xtls/xray-core/common/errors/errorgen
@@ -8,8 +6,8 @@ import (
 	"context"
 	"fmt"
 	"io"
+	"runtime"
 	"syscall"
-	"time"
 
 	"github.com/xtls/xray-core/common/buf"
 	"github.com/xtls/xray-core/common/errors"
@@ -191,11 +189,14 @@ func ReadV(reader buf.Reader, writer buf.Writer, timer signal.ActivityUpdater, c
 						if ok {
 							iConn = statConn.Connection
 						}
+						if xc, ok := iConn.(*xtls.Conn); ok {
+							iConn = xc.Connection
+						}
 						if tc, ok := iConn.(*net.TCPConn); ok {
 							if conn.SHOW {
 								fmt.Println(conn.MARK, "Splice")
 							}
-							time.Sleep(time.Millisecond) // necessary
+							runtime.Gosched() // necessary
 							w, err := tc.ReadFrom(conn.Connection)
 							if counter != nil {
 								counter.Add(w)

proxy/vless/inbound/config.go

@@ -1,3 +1 @@
-// +build !confonly
-
 package inbound

proxy/vless/inbound/inbound.go

@@ -1,5 +1,3 @@
-// +build !confonly
-
 package inbound
 
 //go:generate go run github.com/xtls/xray-core/common/errors/errorgen

proxy/vless/outbound/config.go

@@ -1,3 +1 @@
-// +build !confonly
-
 package outbound

proxy/vless/outbound/outbound.go

@@ -1,5 +1,3 @@
-// +build !confonly
-
 package outbound
 
 //go:generate go run github.com/xtls/xray-core/common/errors/errorgen

proxy/vless/validator.go

@@ -1,5 +1,3 @@
-// +build !confonly
-
 package vless
 
 import (

proxy/vmess/account.go

@@ -1,5 +1,3 @@
-// +build !confonly
-
 package vmess
 
 import (

proxy/vmess/encoding/encoding_test.go

@@ -57,14 +57,14 @@ func TestRequestSerialization(t *testing.T) {
 	defer common.Close(userValidator)
 
 	server := NewServerSession(userValidator, sessionHistory)
-	actualRequest, err := server.DecodeRequestHeader(buffer)
+	actualRequest, err := server.DecodeRequestHeader(buffer, false)
 	common.Must(err)
 
 	if r := cmp.Diff(actualRequest, expectedRequest, cmp.AllowUnexported(protocol.ID{})); r != "" {
 		t.Error(r)
 	}
 
-	_, err = server.DecodeRequestHeader(buffer2)
+	_, err = server.DecodeRequestHeader(buffer2, false)
 	// anti replay attack
 	if err == nil {
 		t.Error("nil error")
@@ -107,7 +107,7 @@ func TestInvalidRequest(t *testing.T) {
 	defer common.Close(userValidator)
 
 	server := NewServerSession(userValidator, sessionHistory)
-	_, err := server.DecodeRequestHeader(buffer)
+	_, err := server.DecodeRequestHeader(buffer, false)
 	if err == nil {
 		t.Error("nil error")
 	}
@@ -148,7 +148,7 @@ func TestMuxRequest(t *testing.T) {
 	defer common.Close(userValidator)
 
 	server := NewServerSession(userValidator, sessionHistory)
-	actualRequest, err := server.DecodeRequestHeader(buffer)
+	actualRequest, err := server.DecodeRequestHeader(buffer, false)
 	common.Must(err)
 
 	if r := cmp.Diff(actualRequest, expectedRequest, cmp.AllowUnexported(protocol.ID{})); r != "" {

proxy/vmess/encoding/server.go

@@ -131,7 +131,7 @@ func parseSecurityType(b byte) protocol.SecurityType {
 }
 
 // DecodeRequestHeader decodes and returns (if successful) a RequestHeader from an input stream.
-func (s *ServerSession) DecodeRequestHeader(reader io.Reader) (*protocol.RequestHeader, error) {
+func (s *ServerSession) DecodeRequestHeader(reader io.Reader, isDrain bool) (*protocol.RequestHeader, error) {
 	buffer := buf.New()
 	behaviorRand := dice.NewDeterministicDice(int64(s.userValidator.GetBehaviorSeed()))
 	BaseDrainSize := behaviorRand.Roll(3266)
@@ -143,7 +143,7 @@ func (s *ServerSession) DecodeRequestHeader(reader io.Reader) (*protocol.Request
 	drainConnection := func(e error) error {
 		// We read a deterministic generated length of data before closing the connection to offset padding read pattern
 		readSizeRemain -= int(buffer.Len())
-		if readSizeRemain > 0 {
+		if readSizeRemain > 0 && isDrain {
 			err := s.DrainConnN(reader, readSizeRemain)
 			if err != nil {
 				return newError("failed to drain connection DrainSize = ", BaseDrainSize, " ", RandDrainMax, " ", RandDrainRolled).Base(err).Base(e)

proxy/vmess/inbound/config.go

@@ -1,5 +1,3 @@
-// +build !confonly
-
 package inbound
 
 // GetDefaultValue returns default settings of DefaultConfig.

proxy/vmess/inbound/inbound.go

@@ -1,5 +1,3 @@
-// +build !confonly
-
 package inbound
 
 //go:generate go run github.com/xtls/xray-core/common/errors/errorgen
@@ -222,9 +220,18 @@ func (h *Handler) Process(ctx context.Context, network net.Network, connection i
 		return newError("unable to set read deadline").Base(err).AtWarning()
 	}
 
+	iConn := connection
+	if statConn, ok := iConn.(*internet.StatCouterConnection); ok {
+		iConn = statConn.Connection
+	}
+	_, isDrain := iConn.(*net.TCPConn)
+	if !isDrain {
+		_, isDrain = iConn.(*net.UnixConn)
+	}
+
 	reader := &buf.BufferedReader{Reader: buf.NewReader(connection)}
 	svrSession := encoding.NewServerSession(h.clients, h.sessionHistory)
-	request, err := svrSession.DecodeRequestHeader(reader)
+	request, err := svrSession.DecodeRequestHeader(reader, isDrain)
 	if err != nil {
 		if errors.Cause(err) != io.EOF {
 			log.Record(&log.AccessMessage{

proxy/vmess/outbound/command.go

@@ -1,5 +1,3 @@
-// +build !confonly
-
 package outbound
 
 import (

proxy/vmess/outbound/outbound.go

@@ -1,5 +1,3 @@
-// +build !confonly
-
 package outbound
 
 //go:generate go run github.com/xtls/xray-core/common/errors/errorgen

proxy/vmess/validator.go

@@ -1,5 +1,3 @@
-// +build !confonly
-
 package vmess
 
 import (

transport/internet/domainsocket/config.go

@@ -1,5 +1,3 @@
-// +build !confonly
-
 package domainsocket
 
 import (

transport/internet/domainsocket/dial.go

@@ -1,6 +1,5 @@
 // +build !windows
 // +build !wasm
-// +build !confonly
 
 package domainsocket
 

transport/internet/domainsocket/listener.go

@@ -1,6 +1,5 @@
 // +build !windows
 // +build !wasm
-// +build !confonly
 
 package domainsocket
 

transport/internet/http/config.go

@@ -1,5 +1,3 @@
-// +build !confonly
-
 package http
 
 import (

transport/internet/http/dialer.go

@@ -1,5 +1,3 @@
-// +build !confonly
-
 package http
 
 import (
@@ -23,7 +21,7 @@ var (
 	globalDialerAccess sync.Mutex
 )
 
-func getHTTPClient(_ context.Context, dest net.Destination, tlsSettings *tls.Config) (*http.Client, error) {
+func getHTTPClient(ctx context.Context, dest net.Destination, tlsSettings *tls.Config) (*http.Client, error) {
 	globalDialerAccess.Lock()
 	defer globalDialerAccess.Unlock()
 
@@ -50,7 +48,7 @@ func getHTTPClient(_ context.Context, dest net.Destination, tlsSettings *tls.Con
 			}
 			address := net.ParseAddress(rawHost)
 
-			pconn, err := internet.DialSystem(context.Background(), net.TCPDestination(address, port), nil)
+			pconn, err := internet.DialSystem(ctx, net.TCPDestination(address, port), nil)
 			if err != nil {
 				return nil, err
 			}

transport/internet/http/hub.go

@@ -1,5 +1,3 @@
-// +build !confonly
-
 package http
 
 import (

transport/internet/kcp/config.go

@@ -1,5 +1,3 @@
-// +build !confonly
-
 package kcp
 
 import (

transport/internet/kcp/connection.go

@@ -1,5 +1,3 @@
-// +build !confonly
-
 package kcp
 
 import (

transport/internet/kcp/crypt.go

@@ -1,5 +1,3 @@
-// +build !confonly
-
 package kcp
 
 import (

transport/internet/kcp/dialer.go

@@ -1,5 +1,3 @@
-// +build !confonly
-
 package kcp
 
 import (

transport/internet/kcp/io.go

@@ -1,5 +1,3 @@
-// +build !confonly
-
 package kcp
 
 import (

transport/internet/kcp/listener.go

@@ -1,5 +1,3 @@
-// +build !confonly
-
 package kcp
 
 import (

transport/internet/kcp/output.go

@@ -1,5 +1,3 @@
-// +build !confonly
-
 package kcp
 
 import (