feat: SSH 新增 clash.meta(mihomo), 调整 Surge 和 sing-box

sub-store-org · Mar 8, 2024 · aaef97c · aaef97c
1 parent 7beff40
commit aaef97c
Show file tree

Hide file tree

Showing 5 changed files with 15 additions and 3 deletions.
diff --git a/backend/package.json b/backend/package.json
@@ -1,6 +1,6 @@
 {
   "name": "sub-store",
-  "version": "2.14.243",
+  "version": "2.14.244",
   "description": "Advanced Subscription Manager for QX, Loon, Surge, Stash and ShadowRocket.",
   "main": "src/main.js",
   "scripts": {

diff --git a/backend/src/core/proxy-utils/parsers/peggy/surge.js b/backend/src/core/proxy-utils/parsers/peggy/surge.js
@@ -77,7 +77,7 @@ http = tag equals "http" address (username password)? (usernamek passwordk)? (ip
     proxy.type = "http";
     handleShadowTLS();
 }
-ssh = tag equals "ssh" address (username password)? (usernamek passwordk)? (server_fingerprint/idle_timeout/ip_version/underlying_proxy/tos/allow_other_interface/interface/test_url/test_udp/test_timeout/hybrid/no_error_alert/fast_open/shadow_tls_version/shadow_tls_sni/shadow_tls_password/block_quic/others)* {
+ssh = tag equals "ssh" address (username password)? (usernamek passwordk)? (server_fingerprint/idle_timeout/private_key/ip_version/underlying_proxy/tos/allow_other_interface/interface/test_url/test_udp/test_timeout/hybrid/no_error_alert/fast_open/shadow_tls_version/shadow_tls_sni/shadow_tls_password/block_quic/others)* {
     proxy.type = "ssh";
     handleShadowTLS();
 }
@@ -229,6 +229,7 @@ interface = comma "interface" equals match:[^,]+ { proxy.interface = match.join(
 allow_other_interface = comma "allow-other-interface" equals flag:bool { proxy["allow-other-interface"] = flag; }
 hybrid = comma "hybrid" equals flag:bool { proxy.hybrid = flag; }
 idle_timeout = comma "idle-timeout" equals match:$[0-9]+ { proxy["idle-timeout"] = parseInt(match.trim()); }
+private_key = comma "private-key" equals match:[^,]+ { proxy["keystore-private-key"] = match.join("").replace(/^"(.*)"$/, '$1'); }
 server_fingerprint = comma "server-fingerprint" equals match:[^,]+ { proxy["server-fingerprint"] = match.join("").replace(/^"(.*)"$/, '$1'); }
 block_quic = comma "block-quic" equals match:[^,]+ { proxy["block-quic"] = match.join(""); }
 shadow_tls_version = comma "shadow-tls-version" equals match:$[0-9]+ { proxy["shadow-tls-version"] = parseInt(match.trim()); }

diff --git a/backend/src/core/proxy-utils/parsers/peggy/surge.peg b/backend/src/core/proxy-utils/parsers/peggy/surge.peg
@@ -75,7 +75,7 @@ http = tag equals "http" address (username password)? (usernamek passwordk)? (ip
     proxy.type = "http";
     handleShadowTLS();
 }
-ssh = tag equals "ssh" address (username password)? (usernamek passwordk)? (server_fingerprint/idle_timeout/ip_version/underlying_proxy/tos/allow_other_interface/interface/test_url/test_udp/test_timeout/hybrid/no_error_alert/fast_open/shadow_tls_version/shadow_tls_sni/shadow_tls_password/block_quic/others)* {
+ssh = tag equals "ssh" address (username password)? (usernamek passwordk)? (server_fingerprint/idle_timeout/private_key/ip_version/underlying_proxy/tos/allow_other_interface/interface/test_url/test_udp/test_timeout/hybrid/no_error_alert/fast_open/shadow_tls_version/shadow_tls_sni/shadow_tls_password/block_quic/others)* {
     proxy.type = "ssh";
     handleShadowTLS();
 }
@@ -227,6 +227,7 @@ interface = comma "interface" equals match:[^,]+ { proxy.interface = match.join(
 allow_other_interface = comma "allow-other-interface" equals flag:bool { proxy["allow-other-interface"] = flag; }
 hybrid = comma "hybrid" equals flag:bool { proxy.hybrid = flag; }
 idle_timeout = comma "idle-timeout" equals match:$[0-9]+ { proxy["idle-timeout"] = parseInt(match.trim()); }
+private_key = comma "private-key" equals match:[^,]+ { proxy["keystore-private-key"] = match.join("").replace(/^"(.*)"$/, '$1'); }
 server_fingerprint = comma "server-fingerprint" equals match:[^,]+ { proxy["server-fingerprint"] = match.join("").replace(/^"(.*)"$/, '$1'); }
 block_quic = comma "block-quic" equals match:[^,]+ { proxy["block-quic"] = match.join(""); }
 shadow_tls_version = comma "shadow-tls-version" equals match:$[0-9]+ { proxy["shadow-tls-version"] = parseInt(match.trim()); }

diff --git a/backend/src/core/proxy-utils/producers/sing-box.js b/backend/src/core/proxy-utils/producers/sing-box.js
@@ -228,6 +228,9 @@ const sshParser = (proxy = {}) => {
         throw 'invalid port';
     if (proxy.username) parsedProxy.user = proxy.username;
     if (proxy.password) parsedProxy.password = proxy.password;
+    // https://wiki.metacubex.one/config/proxies/ssh
+    // https://sing-box.sagernet.org/zh/configuration/outbound/ssh
+    if (proxy['privateKey']) parsedProxy.private_key_path = proxy['privateKey'];
     if (proxy['server-fingerprint']) {
         parsedProxy.host_key = [proxy['server-fingerprint']];
         // https://manual.nssurge.com/policy/ssh.html

diff --git a/backend/src/core/proxy-utils/producers/surge.js b/backend/src/core/proxy-utils/producers/surge.js
@@ -356,8 +356,15 @@ function ssh(proxy) {
     const result = new Result(proxy);
     result.append(`${proxy.name}=ssh,${proxy.server},${proxy.port}`);
     result.appendIfPresent(`,${proxy.username}`, 'username');
+    // 所有的类似的字段都有双引号的问题 暂不处理
     result.appendIfPresent(`,${proxy.password}`, 'password');
 
+    // https://manual.nssurge.com/policy/ssh.html
+    // 需配合 Keystore
+    result.appendIfPresent(
+        `,private-key=${proxy['keystore-private-key']}`,
+        'keystore-private-key',
+    );
     result.appendIfPresent(
         `,idle-timeout=${proxy['idle-timeout']}`,
         'idle-timeout',