aheh/MasterHttpRelayVPN-RUST
1
0
Fork 0
mirror of https://github.com/therealaleph/MasterHttpRelayVPN-RUST.git synced 2026-05-18 23:54:48 +03:00
Code Issues Packages Projects Releases Wiki Activity

Revert "v0.3.1: IP-literal destinations -> plain TCP passthrough (always)"

Browse Source 
This reverts commit eed64caf87.
This commit is contained in:
therealaleph
2026-04-21 21:15:07 +03:00
parent eed64caf87
commit c694073da8
4 changed files with 5 additions and 25 deletions
Download Patch File Download Diff File Expand all files Collapse all files
src/proxy_server.rs
+1 -18
View File
@@ -308,17 +308,7 @@ async fn dispatch_tunnel(
return do_sni_rewrite_tunnel_from_tcp(sock, &host, port, mitm, rewrite_ctx).await;
}
// 2. IP-literal destinations are almost always app-level custom protocols
// (xray/VLESS, torrent, SSH, VPN, raw TCP). Browsers never use raw IPs
// in CONNECT. MITMing these would break the app's own TLS/auth, and
// trying to relay opaque bytes through Apps Script always fails.
// Always plain TCP passthrough for IP literals.
if is_ip_literal(&host) {
plain_tcp_passthrough(sock, &host, port).await;
return Ok(());
}
// 3. Peek at the first byte to detect TLS vs plain. Time-bounded — if the
// 2. Peek at the first byte to detect TLS vs plain. Time-bounded — if the
// client doesn't send anything within 300ms, assume server-first
// protocol (SMTP, POP3, FTP banner) and jump straight to plain TCP.
let mut peek_buf = [0u8; 8];
@@ -355,13 +345,6 @@ async fn dispatch_tunnel(
Ok(())
}
// ---------- IP literal detection ----------
fn is_ip_literal(host: &str) -> bool {
let h = host.trim_start_matches('[').trim_end_matches(']');
h.parse::<std::net::IpAddr>().is_ok()
}
// ---------- Plain TCP passthrough ----------
async fn plain_tcp_passthrough(mut sock: TcpStream, host: &str, port: u16) {