Skip to content

Commands: Add vlessenc (generate complete json pair directly) #5078

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 9 commits into from
Sep 4, 2025
Merged

Commands: Add vlessenc (generate complete json pair directly) #5078

merged 9 commits into from
Sep 4, 2025

Conversation

@Fangliding
Copy link
Member

@Fangliding Fangliding commented Sep 1, 2025
edited
Loading

所见即所得 使我的网页面板/一键脚本旋转 生成格式人类易读
image
允许直接使用命令生成一串常用的默认配置
选项 [-key x25519/mlkem] [-mode native/xorpub/random] 默认x25519/random 有预检查
重构x25519命令和mlkem命令的实现将生成过程单独分离以供新命令使用 小修改:x25519和mlkem抛出结果时在最后添加换行符避免console进入一个诡异的状态

还是觉得如此复杂使用分开的json更好

@RPRX
Copy link
Member

RPRX commented Sep 2, 2025

  1. 指令有点长,改为 vlessenc
  2. decryption 放上面,纠正下拼写错误
  3. 默认 native 即可,没必要 random,又不是直接过墙
  4. mlkem 那个改成简单的 -pq 之类的吧,不确定是一个 - 还是两个
  5. 把 padding 参数也随机生成一下,这样这个命令比较有意义

@Fangliding
Copy link
Member Author

Fangliding commented Sep 2, 2025
edited
Loading

1 猜到要改了
2 昨天晚上写的有点认不得这两个单词了 截图有typo 代码是好的
3 怕有人看了哪里的教程真拿去过墙才默认random的 反正不是说每个包包头而已开销就一点点
4 我觉得mlkem并不长 直接pq可能和以后要加的算法冲突(万一以后加mldsa或者其他pq算法呢?用哪个) 至于横杠在go的flag包里是随便几个的来着
5 padding在核心里已经有随机默认值了 我是觉得如果有更好的默认值不如直接加在核心的留空选择里 再就是range我也拿不准范围 写到参数里又过于麻烦需要自定义的还不如自己写了拼进去

@Fangliding
Copy link
Member Author

Fangliding commented Sep 2, 2025

写这个命令主要是有的人pr小作文读不明白 自己拼了试半天可能还是个错的才弄的 直接生成不怕错格式

@RPRX
Copy link
Member

RPRX commented Sep 3, 2025
edited
Loading

我觉得直接过墙来说 random 和 native 没差,反正全随机数早就被 GFW 拉黑了,拿全随机数直接过墙也是被封,但是 random 会导致不能 ReadV/Splice,所以还是改成 native 吧,如果有一天中转禁止了 native 外观了再改成 random

mode 去掉,有功夫输入这 mode 还不如手动改,改成 -pq 是需要的,毕竟不 pq 也是默认 x25519 了,以后加其它算法了再说

@RPRX
Copy link
Member

RPRX commented Sep 3, 2025

@Fangliding 改一下,准备发版了

@RPRX
Copy link
Member

RPRX commented Sep 3, 2025

小修改:x25519和mlkem抛出结果时在最后添加换行符避免console进入一个诡异的状态

ML-DSA-65 等其它命令有这种情况的话也改一下吧

@Fangliding
Copy link
Member Author

Fangliding commented Sep 3, 2025

那就这样吧 几个生成生成命令好像只有mldsa65还没加

@RPRX
Copy link
Member

RPRX commented Sep 3, 2025
edited
Loading

我想了下也别 -pq 了,直接两种都生成然后用户自己选吧,不然会导致 ML-KEM-768 认证方式没人用

------ decryption (Authentication: X25519, not Post-Quantum) ------
...
------ encryption (Authentication: X25519, not Post-Quantum) ------
...

------ decryption (Authentication: ML-KEM-768, Post-Quantum) ------
...
------ encryption (Authentication: ML-KEM-768, Post-Quantum) ------
...

这样即可,注意空格,还有两种方式间加一个空行

@Fangliding
Copy link
Member Author

Fangliding commented Sep 3, 2025

我猜会有人用mlkem的服务端然后用个x25519的客户端问为什么连不上

@RPRX
Copy link
Member

RPRX commented Sep 3, 2025

不管傻子

@RPRX
Copy link
Member

RPRX commented Sep 3, 2025

Update:把 P 和 Q 改成了大写

@Fangliding
Copy link
Member Author

Fangliding commented Sep 3, 2025

not Post-Quantum 也不对吧 mlkem只是验证服务端身份而已 密钥交换无论如何都是pq的 不然现在的tls都叫not Post-Quantum了

@RPRX
Copy link
Member

RPRX commented Sep 3, 2025

所以标的是 Authentication

@Fangliding
Copy link
Member Author

Fangliding commented Sep 3, 2025

我在最上面加了个提示
image

@RPRX
Copy link
Member

RPRX commented Sep 3, 2025

把 decryption 放上面吧

@Fangliding
Copy link
Member Author

Fangliding commented Sep 3, 2025

本来是decryption在上面的 但是之前ech是服务端参数在上面所以我改掉的

@RPRX
Copy link
Member

RPRX commented Sep 3, 2025

改到上面吧,其它命令都是服务端的在上面

RPRX
RPRX reviewed Sep 3, 2025
View reviewed changes
@RPRX
Copy link
Member

RPRX commented Sep 3, 2025

-pq 忘删了,另外加个括号 (VLESS) 和其它命令一致,其它没啥问题了

@RPRX
Copy link
Member

RPRX commented Sep 4, 2025

@Fangliding

@RPRX
Copy link
Member

RPRX commented Sep 4, 2025

b509492 改为了直接输出 json pair

@RPRX RPRX changed the title 使用命令生成vless加密配置 Commands: Add vlessenc (generate complete json pair directly) Sep 4, 2025
@RPRX RPRX merged commit ac6ec90 into main Sep 4, 2025
77 of 78 checks passed
@RPRX RPRX deleted the gen-vless branch September 4, 2025 15:10
@Fangliding
Copy link
Member Author

Fangliding commented Sep 4, 2025

genx25519也改名字就没必要了吧 搁wg里就是正常公私钥了啊

@RPRX
Copy link
Member

RPRX commented Sep 4, 2025

然而 wg 那个输出现在也是 privateKey,password,hash32,随便吧,总有人看到 publicKey 字样就高潮

RPRX added a commit that referenced this pull request Sep 4, 2025
@Fangliding @RPRX
Commands: Add vlessenc (generate complete json pair directly) (#5078)
8e4f881 
#5078 (comment)

---------

Co-authored-by: RPRX <[email protected]>
RPRX added a commit that referenced this pull request Sep 4, 2025
@Fangliding @RPRX
Commands: Add vlessenc (generate complete json pair directly) (#5078)
dae2949 
#5078 (comment)

---------

Co-authored-by: RPRX <[email protected]>
@RPRX
Copy link
Member

RPRX commented Sep 4, 2025

dae2949 想了下还是改回默认 random 吧,因为要先做好 SS、VMess 的平替,配合 XTLS 省去二次加解密已经很好了,过 CDN、伊朗 non-TLS、非 Linux 等场景也吃不到 Splice,还有就是防止中转被通报赖到 native 头上,我在尝试给 VLESS 入站加 relay 功能

RPRX added a commit that referenced this pull request Sep 5, 2025
@Fangliding @RPRX
Commands: Add vlessenc (generate complete json pair directly) (#5078)
8b579bf 
#5078 (comment)

---------

Co-authored-by: RPRX <[email protected]>
@RPRX
Copy link
Member

RPRX commented Sep 5, 2025
edited
Loading

8b579bf 又改回了默认 native,因为看代码发现 random 不止影响 Splice 还影响 ReadV,那等我给那俩 conn 实现了 ReadV 再说

@BrewTestBot BrewTestBot mentioned this pull request Sep 5, 2025
Merged
1 task
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@RPRX RPRX RPRX left review comments

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@Fangliding @RPRX