mirror of
https://github.com/MHSanaei/3x-ui.git
synced 2026-06-08 21:34:33 +00:00
5a90f7e348
Phase 2 smoke fixes on the Inbound add flow surfaced that hysteria2 was
modeled as a separate top-level protocol when it's really just hysteria
v2. The xray transports/hysteria.html docs also pin the hysteria stream
to a minimal shape (version/auth/udpIdleTimeout/masquerade) — the
previous schema carried legacy congestion/up/down/udphop/window knobs
that aren't part of the wire contract.
Hysteria2 removal:
- Drop 'hysteria2' from ProtocolSchema enum and Protocols const
- Drop hysteria2 branches from inbound/outbound discriminated unions
- Drop createDefaultHysteria2InboundSettings / OutboundSettings
- Delete schemas/protocols/inbound/hysteria2.ts and outbound/hysteria2.ts
- Drop hysteria2 case in getInboundClients / genLink (fell through to
the hysteria handler anyway)
- Update client form modals' MULTI_CLIENT_PROTOCOLS sets
- Remove hysteria2-basic fixture + snapshot entries (14 capability
cases, 1 protocols fixture, 1 inbound-defaults factory)
- Keep parseHysteria2Link() outbound parser since hysteria2:// is the
share-link URI prefix for hysteria v2
Hysteria stream alignment with xtls docs:
- HysteriaStreamSettingsSchema reduced to version/auth/udpIdleTimeout/
masquerade per transports/hysteria.html
- Masquerade type adds '' (default 404 page) and defaults to it
- Outbound form drops Congestion/Upload/Download/UDP hop/Max idle/
Keep alive/Disable Path MTU controls and the receive-window note
- newStreamSlice('hysteria') in OutboundFormModal mirrors the trimmed
shape; outbound-link-parser emits the trimmed shape too
- InboundFormModal Masquerade Select gains the default option
New TUN inbound schema:
- Add schemas/protocols/inbound/tun.ts with name/mtu/gateway/dns/
userLevel/autoSystemRoutingTable/autoOutboundsInterface
- Wire into ProtocolSchema enum, InboundSettingsSchema discriminated
union, createDefaultInboundSettings dispatcher
Other Phase 2 smoke fixes folded in:
- Tunnel portMap UI swaps Form.List for HeaderMapEditor v1 — wire
shape is Record<string,string> and the List was producing arrays
- Hysteria onValuesChange seeds full TLS schema defaults + one
empty certificate row (Cipher Suites/Min/Max Version/uTLS/ALPN
were undefined before)
- HTTP/Mixed accounts Add button auto-fills user/pass with
RandomUtil.randomLowerAndNum
- Hysteria security tab gates the 'none' radio out — TLS only
- Hysteria stream tab drops the inbound Auth password field (xray
inbound auth is per-user via 'users', not stream-level)
- Reality onSecurityChange auto-randomizes target/serverNames/
shortIds and fetches an X25519 keypair
- Tag and DB-side fields (up/down/total/expiryTime/
lastTrafficResetTime/clientStats/security) gain hidden Form.Items
so validateFields keeps them in the wire payload (rc-component
form strips unregistered fields)
- WireGuard inbound auto-seeds one peer with generated keypair,
allowedIPs ['10.0.0.2/32'], keepAlive 0 — matches legacy
- WireGuard peer rows separated by Divider with the Peer N title
and a small inline remove button (titlePlacement="center")
252 lines
7.8 KiB
TypeScript
252 lines
7.8 KiB
TypeScript
/// <reference types="vite/client" />
|
|
import { describe, expect, it } from 'vitest';
|
|
|
|
import {
|
|
genHysteriaLink,
|
|
genInboundLinks,
|
|
genShadowsocksLink,
|
|
genTrojanLink,
|
|
genVlessLink,
|
|
genVmessLink,
|
|
genWireguardConfig,
|
|
genWireguardLink,
|
|
resolveAddr,
|
|
} from '@/lib/xray/inbound-link';
|
|
import { InboundSchema } from '@/schemas/api/inbound';
|
|
import type { WireguardInboundSettings } from '@/schemas/protocols/inbound/wireguard';
|
|
|
|
// Snapshot baseline for the share-link generators. Snapshots were locked
|
|
// at the close of the legacy class migration — at that point each
|
|
// generator was verified byte-equal to the corresponding legacy Inbound
|
|
// class method. Future drift past this baseline is a regression.
|
|
|
|
const fullFixtures = import.meta.glob<unknown>(
|
|
'./golden/fixtures/inbound-full/*.json',
|
|
{ eager: true, import: 'default' },
|
|
);
|
|
|
|
function fixtureName(path: string): string {
|
|
const file = path.split('/').pop() ?? path;
|
|
return file.replace(/\.json$/, '');
|
|
}
|
|
|
|
function fixturesForProtocol(protocol: string): Array<[string, Record<string, unknown>]> {
|
|
return Object.entries(fullFixtures)
|
|
.filter(([, raw]) => (raw as { protocol?: string }).protocol === protocol)
|
|
.map(([path, raw]): [string, Record<string, unknown>] => [fixtureName(path), raw as Record<string, unknown>])
|
|
.sort(([a], [b]) => a.localeCompare(b));
|
|
}
|
|
|
|
describe('genVmessLink', () => {
|
|
const fixtures = fixturesForProtocol('vmess');
|
|
expect(fixtures.length, 'need at least one vmess full-inbound fixture').toBeGreaterThan(0);
|
|
|
|
for (const [name, raw] of fixtures) {
|
|
it(`${name}: byte-stable`, () => {
|
|
const typed = InboundSchema.parse(raw);
|
|
const settings = (raw as { settings: { clients: Array<{ id: string; security?: string }> } }).settings;
|
|
const client = settings.clients[0];
|
|
|
|
const link = genVmessLink({
|
|
inbound: typed,
|
|
address: 'example.test',
|
|
port: typed.port,
|
|
forceTls: 'same',
|
|
remark: 'parity-test',
|
|
clientId: client.id,
|
|
security: client.security as never,
|
|
externalProxy: null,
|
|
});
|
|
expect(link).toMatchSnapshot();
|
|
});
|
|
}
|
|
});
|
|
|
|
describe('genVlessLink', () => {
|
|
const fixtures = fixturesForProtocol('vless');
|
|
expect(fixtures.length, 'need at least one vless full-inbound fixture').toBeGreaterThan(0);
|
|
|
|
for (const [name, raw] of fixtures) {
|
|
it(`${name}: byte-stable`, () => {
|
|
const typed = InboundSchema.parse(raw);
|
|
const settings = (raw as { settings: { clients: Array<{ id: string; flow?: string }> } }).settings;
|
|
const client = settings.clients[0];
|
|
|
|
const link = genVlessLink({
|
|
inbound: typed,
|
|
address: 'example.test',
|
|
port: typed.port,
|
|
forceTls: 'same',
|
|
remark: 'parity-test',
|
|
clientId: client.id,
|
|
flow: client.flow as never,
|
|
externalProxy: null,
|
|
});
|
|
expect(link).toMatchSnapshot();
|
|
});
|
|
}
|
|
});
|
|
|
|
describe('genTrojanLink', () => {
|
|
const fixtures = fixturesForProtocol('trojan');
|
|
expect(fixtures.length, 'need at least one trojan full-inbound fixture').toBeGreaterThan(0);
|
|
|
|
for (const [name, raw] of fixtures) {
|
|
it(`${name}: byte-stable`, () => {
|
|
const typed = InboundSchema.parse(raw);
|
|
const settings = (raw as { settings: { clients: Array<{ password: string }> } }).settings;
|
|
const client = settings.clients[0];
|
|
|
|
const link = genTrojanLink({
|
|
inbound: typed,
|
|
address: 'example.test',
|
|
port: typed.port,
|
|
forceTls: 'same',
|
|
remark: 'parity-test',
|
|
clientPassword: client.password,
|
|
externalProxy: null,
|
|
});
|
|
expect(link).toMatchSnapshot();
|
|
});
|
|
}
|
|
});
|
|
|
|
describe('genHysteriaLink', () => {
|
|
const fixtures = fixturesForProtocol('hysteria');
|
|
expect(fixtures.length, 'need at least one hysteria full-inbound fixture').toBeGreaterThan(0);
|
|
|
|
for (const [name, raw] of fixtures) {
|
|
it(`${name}: byte-stable`, () => {
|
|
const typed = InboundSchema.parse(raw);
|
|
const settings = (raw as { settings: { clients: Array<{ auth: string }> } }).settings;
|
|
const client = settings.clients[0];
|
|
|
|
const link = genHysteriaLink({
|
|
inbound: typed,
|
|
address: 'example.test',
|
|
port: typed.port,
|
|
remark: 'parity-test',
|
|
clientAuth: client.auth,
|
|
});
|
|
expect(link).toMatchSnapshot();
|
|
});
|
|
}
|
|
});
|
|
|
|
describe('genWireguardLink + genWireguardConfig', () => {
|
|
const fixtures = fixturesForProtocol('wireguard');
|
|
expect(fixtures.length, 'need at least one wireguard full-inbound fixture').toBeGreaterThan(0);
|
|
|
|
for (const [name, raw] of fixtures) {
|
|
it(`${name}: byte-stable`, () => {
|
|
const typed = InboundSchema.parse(raw);
|
|
if (typed.protocol !== 'wireguard') throw new Error('not a wireguard fixture');
|
|
// InboundSchema is an intersection of two DUs, so TS can't auto-narrow
|
|
// `settings` from `protocol`. The runtime guard above is the real
|
|
// check; this cast just helps the type checker.
|
|
const settings = typed.settings as WireguardInboundSettings;
|
|
|
|
const link = genWireguardLink({
|
|
settings,
|
|
address: 'wg.example.test',
|
|
port: typed.port,
|
|
remark: 'wg-peer-1',
|
|
peerIndex: 0,
|
|
});
|
|
const config = genWireguardConfig({
|
|
settings,
|
|
address: 'wg.example.test',
|
|
port: typed.port,
|
|
remark: 'wg-peer-1',
|
|
peerIndex: 0,
|
|
});
|
|
expect({ link, config }).toMatchSnapshot();
|
|
});
|
|
}
|
|
});
|
|
|
|
describe('resolveAddr precedence', () => {
|
|
const baseInbound = {
|
|
listen: '',
|
|
port: 443,
|
|
protocol: 'vless' as const,
|
|
};
|
|
|
|
it('prefers hostOverride over listen and fallback', () => {
|
|
expect(resolveAddr(
|
|
{ ...baseInbound, listen: '10.0.0.1' } as never,
|
|
'cdn.example.test',
|
|
'fallback.test',
|
|
)).toBe('cdn.example.test');
|
|
});
|
|
|
|
it('uses listen when override is empty and listen is explicit', () => {
|
|
expect(resolveAddr(
|
|
{ ...baseInbound, listen: '10.0.0.1' } as never,
|
|
'',
|
|
'fallback.test',
|
|
)).toBe('10.0.0.1');
|
|
});
|
|
|
|
it('skips listen when it is 0.0.0.0 and falls through to fallbackHostname', () => {
|
|
expect(resolveAddr(
|
|
{ ...baseInbound, listen: '0.0.0.0' } as never,
|
|
'',
|
|
'fallback.test',
|
|
)).toBe('fallback.test');
|
|
});
|
|
|
|
it('falls through to fallbackHostname when listen is empty', () => {
|
|
expect(resolveAddr(
|
|
baseInbound as never,
|
|
'',
|
|
'fallback.test',
|
|
)).toBe('fallback.test');
|
|
});
|
|
});
|
|
|
|
describe('genInboundLinks orchestrator', () => {
|
|
// Every full-inbound fixture should produce the same \r\n-joined link
|
|
// block at this baseline.
|
|
const fixtures = Object.entries(fullFixtures)
|
|
.map(([path, raw]): [string, Record<string, unknown>] => [fixtureName(path), raw as Record<string, unknown>])
|
|
.sort(([a], [b]) => a.localeCompare(b));
|
|
|
|
for (const [name, raw] of fixtures) {
|
|
it(`${name}: byte-stable`, () => {
|
|
const typed = InboundSchema.parse(raw);
|
|
const block = genInboundLinks({
|
|
inbound: typed,
|
|
remark: 'parity-test',
|
|
hostOverride: 'override.test',
|
|
fallbackHostname: 'fallback.test',
|
|
});
|
|
expect(block).toMatchSnapshot();
|
|
});
|
|
}
|
|
});
|
|
|
|
describe('genShadowsocksLink', () => {
|
|
const fixtures = fixturesForProtocol('shadowsocks');
|
|
expect(fixtures.length, 'need at least one shadowsocks full-inbound fixture').toBeGreaterThan(0);
|
|
|
|
for (const [name, raw] of fixtures) {
|
|
it(`${name}: byte-stable`, () => {
|
|
const typed = InboundSchema.parse(raw);
|
|
const settings = (raw as { settings: { clients?: Array<{ password: string }> } }).settings;
|
|
const client = settings.clients?.[0];
|
|
|
|
const link = genShadowsocksLink({
|
|
inbound: typed,
|
|
address: 'example.test',
|
|
port: typed.port,
|
|
forceTls: 'same',
|
|
remark: 'parity-test',
|
|
clientPassword: client?.password ?? '',
|
|
externalProxy: null,
|
|
});
|
|
expect(link).toMatchSnapshot();
|
|
});
|
|
}
|
|
});
|