From aaef97cf5d1f42cc1090ecf4d66ac90e88f34f9b Mon Sep 17 00:00:00 2001 From: xream Date: Fri, 8 Mar 2024 19:01:01 +0800 Subject: [PATCH] =?UTF-8?q?feat:=20SSH=20=E6=96=B0=E5=A2=9E=20clash.meta(m?= =?UTF-8?q?ihomo),=20=E8=B0=83=E6=95=B4=20Surge=20=E5=92=8C=20sing-box?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- backend/package.json | 2 +- backend/src/core/proxy-utils/parsers/peggy/surge.js | 3 ++- backend/src/core/proxy-utils/parsers/peggy/surge.peg | 3 ++- backend/src/core/proxy-utils/producers/sing-box.js | 3 +++ backend/src/core/proxy-utils/producers/surge.js | 7 +++++++ 5 files changed, 15 insertions(+), 3 deletions(-) diff --git a/backend/package.json b/backend/package.json index 60c99e85b..61ac8a206 100644 --- a/backend/package.json +++ b/backend/package.json @@ -1,6 +1,6 @@ { "name": "sub-store", - "version": "2.14.243", + "version": "2.14.244", "description": "Advanced Subscription Manager for QX, Loon, Surge, Stash and ShadowRocket.", "main": "src/main.js", "scripts": { diff --git a/backend/src/core/proxy-utils/parsers/peggy/surge.js b/backend/src/core/proxy-utils/parsers/peggy/surge.js index d81d72925..61ca022f9 100644 --- a/backend/src/core/proxy-utils/parsers/peggy/surge.js +++ b/backend/src/core/proxy-utils/parsers/peggy/surge.js @@ -77,7 +77,7 @@ http = tag equals "http" address (username password)? (usernamek passwordk)? (ip proxy.type = "http"; handleShadowTLS(); } -ssh = tag equals "ssh" address (username password)? (usernamek passwordk)? (server_fingerprint/idle_timeout/ip_version/underlying_proxy/tos/allow_other_interface/interface/test_url/test_udp/test_timeout/hybrid/no_error_alert/fast_open/shadow_tls_version/shadow_tls_sni/shadow_tls_password/block_quic/others)* { +ssh = tag equals "ssh" address (username password)? (usernamek passwordk)? (server_fingerprint/idle_timeout/private_key/ip_version/underlying_proxy/tos/allow_other_interface/interface/test_url/test_udp/test_timeout/hybrid/no_error_alert/fast_open/shadow_tls_version/shadow_tls_sni/shadow_tls_password/block_quic/others)* { proxy.type = "ssh"; handleShadowTLS(); } @@ -229,6 +229,7 @@ interface = comma "interface" equals match:[^,]+ { proxy.interface = match.join( allow_other_interface = comma "allow-other-interface" equals flag:bool { proxy["allow-other-interface"] = flag; } hybrid = comma "hybrid" equals flag:bool { proxy.hybrid = flag; } idle_timeout = comma "idle-timeout" equals match:$[0-9]+ { proxy["idle-timeout"] = parseInt(match.trim()); } +private_key = comma "private-key" equals match:[^,]+ { proxy["keystore-private-key"] = match.join("").replace(/^"(.*)"$/, '$1'); } server_fingerprint = comma "server-fingerprint" equals match:[^,]+ { proxy["server-fingerprint"] = match.join("").replace(/^"(.*)"$/, '$1'); } block_quic = comma "block-quic" equals match:[^,]+ { proxy["block-quic"] = match.join(""); } shadow_tls_version = comma "shadow-tls-version" equals match:$[0-9]+ { proxy["shadow-tls-version"] = parseInt(match.trim()); } diff --git a/backend/src/core/proxy-utils/parsers/peggy/surge.peg b/backend/src/core/proxy-utils/parsers/peggy/surge.peg index 2578b8751..916477735 100644 --- a/backend/src/core/proxy-utils/parsers/peggy/surge.peg +++ b/backend/src/core/proxy-utils/parsers/peggy/surge.peg @@ -75,7 +75,7 @@ http = tag equals "http" address (username password)? (usernamek passwordk)? (ip proxy.type = "http"; handleShadowTLS(); } -ssh = tag equals "ssh" address (username password)? (usernamek passwordk)? (server_fingerprint/idle_timeout/ip_version/underlying_proxy/tos/allow_other_interface/interface/test_url/test_udp/test_timeout/hybrid/no_error_alert/fast_open/shadow_tls_version/shadow_tls_sni/shadow_tls_password/block_quic/others)* { +ssh = tag equals "ssh" address (username password)? (usernamek passwordk)? (server_fingerprint/idle_timeout/private_key/ip_version/underlying_proxy/tos/allow_other_interface/interface/test_url/test_udp/test_timeout/hybrid/no_error_alert/fast_open/shadow_tls_version/shadow_tls_sni/shadow_tls_password/block_quic/others)* { proxy.type = "ssh"; handleShadowTLS(); } @@ -227,6 +227,7 @@ interface = comma "interface" equals match:[^,]+ { proxy.interface = match.join( allow_other_interface = comma "allow-other-interface" equals flag:bool { proxy["allow-other-interface"] = flag; } hybrid = comma "hybrid" equals flag:bool { proxy.hybrid = flag; } idle_timeout = comma "idle-timeout" equals match:$[0-9]+ { proxy["idle-timeout"] = parseInt(match.trim()); } +private_key = comma "private-key" equals match:[^,]+ { proxy["keystore-private-key"] = match.join("").replace(/^"(.*)"$/, '$1'); } server_fingerprint = comma "server-fingerprint" equals match:[^,]+ { proxy["server-fingerprint"] = match.join("").replace(/^"(.*)"$/, '$1'); } block_quic = comma "block-quic" equals match:[^,]+ { proxy["block-quic"] = match.join(""); } shadow_tls_version = comma "shadow-tls-version" equals match:$[0-9]+ { proxy["shadow-tls-version"] = parseInt(match.trim()); } diff --git a/backend/src/core/proxy-utils/producers/sing-box.js b/backend/src/core/proxy-utils/producers/sing-box.js index 367b6e1ce..50eb5c2b1 100644 --- a/backend/src/core/proxy-utils/producers/sing-box.js +++ b/backend/src/core/proxy-utils/producers/sing-box.js @@ -228,6 +228,9 @@ const sshParser = (proxy = {}) => { throw 'invalid port'; if (proxy.username) parsedProxy.user = proxy.username; if (proxy.password) parsedProxy.password = proxy.password; + // https://wiki.metacubex.one/config/proxies/ssh + // https://sing-box.sagernet.org/zh/configuration/outbound/ssh + if (proxy['privateKey']) parsedProxy.private_key_path = proxy['privateKey']; if (proxy['server-fingerprint']) { parsedProxy.host_key = [proxy['server-fingerprint']]; // https://manual.nssurge.com/policy/ssh.html diff --git a/backend/src/core/proxy-utils/producers/surge.js b/backend/src/core/proxy-utils/producers/surge.js index beb0dffae..653931b3a 100644 --- a/backend/src/core/proxy-utils/producers/surge.js +++ b/backend/src/core/proxy-utils/producers/surge.js @@ -356,8 +356,15 @@ function ssh(proxy) { const result = new Result(proxy); result.append(`${proxy.name}=ssh,${proxy.server},${proxy.port}`); result.appendIfPresent(`,${proxy.username}`, 'username'); + // 所有的类似的字段都有双引号的问题 暂不处理 result.appendIfPresent(`,${proxy.password}`, 'password'); + // https://manual.nssurge.com/policy/ssh.html + // 需配合 Keystore + result.appendIfPresent( + `,private-key=${proxy['keystore-private-key']}`, + 'keystore-private-key', + ); result.appendIfPresent( `,idle-timeout=${proxy['idle-timeout']}`, 'idle-timeout',