Merge 983df6f7ae into c5ba790d13

2025-12-24 23:36:43 +08:00 · 2025-10-09 23:49:45 +04:00
7 changed files with 25 additions and 77 deletions
--- a/.github/workflows/c-cpp.yml
+++ b/.github/workflows/c-cpp.yml
@ -34,7 +34,7 @@ jobs:
      run: copy Makefile.win Makefile
    - name: dirs Windows
      if: ${{ startsWith(matrix.target, 'windows') }}
-      run: cmd /C 'echo LIBS := -L "c:/program files/openssl/lib/VC/x64/MT" $(LIBS) >>Makefile.win && echo CFLAGS := -I "c:/program files/openssl/include" $(CFLAGS) >>Makefile.win && type Makefile.win && dir "c:/program files/openssl/lib"'
+      run: cmd /C 'echo LIBS := -L "c:/program files/openssl/lib" $(LIBS) >>Makefile.win && echo CFLAGS := -I "c:/program files/openssl/include" $(CFLAGS) >>Makefile.win && type Makefile.win'
    - name: SSLPlugin Linux
      if: ${{ startsWith(matrix.target, 'ubuntu') }}
      run: "sed -i '/^PLUGIN/s/$/ SSLPlugin/' Makefile && sed -i '/^LIBS/s/$/ -lcrypto -lssl/' Makefile"
--- a/src/common.c
+++ b/src/common.c
@ -93,31 +93,27 @@ char *rotations[] = {


 struct extparam conf = {
-	{0, 0}, /* threadinit */
-	{1, 5, 30, 60, 180, 1800, 15, 60, 15, 5, 0, 0}, /* timeouts */
-	NULL, /* struct ace * acl; */
-	NULL, /* char * conffile; */
-	NULL, NULL, /* struct bandlim * bandlimiter,  *bandlimiterout; */
-	NULL, /* struct connlim * connlimiter; */
-	NULL, /* struct trafcount * trafcounter; */
-	NULL, /* struct srvparam *services; */
-	0, /* int stacksize, */
-	-1, 0, 0, 0, 0, /* counterd, haveerror, rotate, paused, archiverc, */
-	0, 500, 0, 0, 0, 0, 0, 0, 2, /* demon, maxchild, backlog, needreload, timetoexit, version, noforce, bandlimver, parentretries; */
-	6, 600, /* int authcachetype, authcachetime; */
-	1048576, /* int filtermaxsize; */
-	0, 0, 0, /* int gracetraf, gracenum, gracedelay */
-	0, /* int maxseg */
-	NULL, NULL, /* unsigned char *logname, **archiver; */
-	NONE, NONE, /* ROTATION logtype, countertype; */
-	NULL, /* char * counterfile; */
+	{0, 0},
+	{1, 5, 30, 60, 180, 1800, 15, 60, 15, 5, 0, 0},
+	NULL,
+	NULL,
+	NULL, NULL,
+	NULL,
+	NULL,
+	NULL,
+	0,
+	-1, 0, 0, 0, 0, 
+	0, 500, 0, 0, 0, 0, 0, 0, 2,
+	0, 0, 0,
+	6, 600,
+	1048576,
+	NULL, NULL,
+	NONE, NONE,
+	NULL,
 #ifndef NOIPV6
-	{AF_INET},
-	{AF_INET6},
-	{AF_INET}, 
+	{AF_INET},{AF_INET6},{AF_INET}, 
 #else
-	{AF_INET},
-	{AF_INET}, 
+	{AF_INET},{AF_INET}, 
 #endif
 	NULL,
 	NULL,
--- a/src/conf.c
+++ b/src/conf.c
@ -466,11 +466,6 @@ static int h_rotate(int argc, unsigned char **argv){
 	return 0;
 }

-static int h_maxseg(int argc, unsigned char **argv){
-	conf.maxseg = atoi((char *)argv[1]);
-	return 0;
-}
-
 static int h_logformat(int argc, unsigned char **argv){
 	unsigned char * old = conf.logformat;
 	conf.logformat = (unsigned char *)mystrdup((char *)argv[1]);
@ -1650,12 +1645,11 @@ struct commands commandhandlers[]={
 	{commandhandlers+61, "force", h_force, 1, 1},
 	{commandhandlers+62, "noforce", h_noforce, 1, 1},
 	{commandhandlers+63, "parentretries", h_parentretries, 2, 2},
-	{commandhandlers+64, "auto", h_proxy, 1, 0},
+	{commandhandlers+64,  "auto", h_proxy, 1, 0},
 	{commandhandlers+65, "backlog", h_backlog, 2, 2},
-	{commandhandlers+66, "tlspr", h_proxy, 1, 0},
-	{commandhandlers+67, "maxseg", h_maxseg, 2, 2},
+	{commandhandlers+66,  "tlspr", h_proxy, 1, 0},
 #ifndef NORADIUS
-	{commandhandlers+68, "radius", h_radius, 3, 0},
+	{commandhandlers+67, "radius", h_radius, 3, 0},
 #endif
 	{specificcommands, 	 "", h_noop, 1, 0}
 };
--- a/src/plugins/SSLPlugin/my_ssl.h
+++ b/src/plugins/SSLPlugin/my_ssl.h
@ -30,8 +30,6 @@ struct ssl_config {
    char * server_ca_file;
    char * server_ca_dir;
    char * server_ca_store;
-    char * client_sni;
-    char * client_alpn;
    int mitm;
    int serv;
    int cli;
--- a/src/plugins/SSLPlugin/ssl_plugin.c
+++ b/src/plugins/SSLPlugin/ssl_plugin.c
@ -58,8 +58,6 @@ char * client_ciphersuites = NULL;
 char * server_ciphersuites = NULL;
 char * client_cipher_list = NULL;
 char * server_cipher_list = NULL;
-char * client_sni = NULL;
-char * client_alpn = NULL;

 typedef struct _ssl_conn {
 	struct SSL_CTX *ctx;
@ -213,11 +211,6 @@ static ssize_t ssl_recv(void *state, SOCKET s, void *msg, size_t len, int flags)
 	return sso._recv(sso.state, s, msg, len, flags);
 }

-static int WINAPI ssl_shutdown(void *state, SOCKET s, int how){
-	delSSL(state, s);
-	return sso._shutdown(sso.state, s, how);
-}
-
 static int WINAPI ssl_closesocket(void *state, SOCKET s){
 	delSSL(state, s);
 	return sso._closesocket(sso.state, s);
@ -314,11 +307,8 @@ int docli(struct clientparam* param){

 SSL_CONN ServerConn;
 SSL_CERT ServerCert=NULL;
- unsigned char *hostname;
- hostname = param->hostname;
- param->hostname = (unsigned char *)PCONF->client_sni;
+ 
 ServerConn = dosrvcon(param, &ServerCert);
- param->hostname = hostname;
 _ssl_cert_free(ServerCert);

 if(!ServerConn) return 1;
@ -447,9 +437,6 @@ static void* ssl_filter_open(void * idata, struct srvparam * srv){
 	if(server_ca_dir)sc->server_ca_dir=server_ca_dir;
 	if(server_ca_store)sc->server_ca_store=server_ca_store;

-	if(client_sni)sc->client_sni=client_sni;
-	if(client_alpn)sc->client_alpn=client_alpn;
-

 	if(mitm){
 	    if(!server_ca_file){
@ -514,7 +501,6 @@ static void* ssl_filter_open(void * idata, struct srvparam * srv){
 	    srv->so._recv = ssl_recv;
 	    srv->so._sendto = ssl_sendto;
 	    srv->so._recvfrom = ssl_recvfrom;
-	    srv->so._shutdown = ssl_shutdown;
 	    srv->so._closesocket = ssl_closesocket;
 	    srv->so._poll = ssl_poll;
 	}
@ -550,7 +536,7 @@ static void* ssl_filter_open(void * idata, struct srvparam * srv){
 		    SSL_CTX_set_verify(sc->srv_ctx, SSL_VERIFY_PEER|SSL_VERIFY_FAIL_IF_NO_PEER_CERT, NULL);
 	    }
 	}
-#ifdef WITHSPLICE
+#ifdef WIWHSPLICE
 	srv->usesplice = 0;
 #endif
 	return sc;
@ -643,8 +629,6 @@ static void ssl_filter_close(void *fo){
    free(CONFIG->client_ca_file);
    free(CONFIG->client_ca_dir);
    free(CONFIG->client_ca_store);
-    free(CONFIG->client_sni);
-    free(CONFIG->client_alpn);
    free(fo);
 }

@ -845,18 +829,6 @@ static int h_client_ca_store(int argc, unsigned char **argv){
 	return 0;
 }

-static int h_client_sni(int argc, unsigned char **argv){
-	free(client_sni);
-	client_sni = argc > 1? strdup((char *)argv[1]) : NULL;
-	return 0;
-}
-
-static int h_client_alpn(int argc, unsigned char **argv){
-	free(client_alpn);
-	client_alpn = argc > 1? strdup((char *)argv[1]) : NULL;
-	return 0;
-}
-
 static int h_server_ca_dir(int argc, unsigned char **argv){
 	free(server_ca_dir);
 	server_ca_dir = argc > 1? strdup((char *)argv[1]) : NULL;
@ -978,8 +950,6 @@ static struct commands ssl_commandhandlers[] = {
 	{ssl_commandhandlers+31, "ssl_server_no_verify", h_no_server_verify, 1, 1},
 	{ssl_commandhandlers+32, "ssl_server_ca_dir", h_server_ca_dir, 1, 2},
 	{ssl_commandhandlers+33, "ssl_server_ca_store", h_server_ca_store, 1, 2},
-	{ssl_commandhandlers+34, "ssl_client_sni", h_client_sni, 1, 2},
-	{ssl_commandhandlers+35, "ssl_client_alpn", h_client_alpn, 1, 2},
 	{NULL, "ssl_certcache", h_certcache, 2, 2},
 };

--- a/src/proxymain.c
+++ b/src/proxymain.c
@ -170,9 +170,6 @@ struct socketoptions sockopts[] = {
 #endif
 #ifdef TCP_FASTOPEN_CONNECT
 	{TCP_FASTOPEN_CONNECT, "TCP_FASTOPEN_CONNECT"},
-#endif
-#ifdef TCP_MAXSEG
-	{TCP_MAXSEG, "TCP_MAXSEG"},
 #endif
 	{0, NULL}
 };
@ -196,12 +193,6 @@ void setopts(SOCKET s, int opts){
 	int i, opt, set;
 	for(i = 0; opts >= (opt = (1<<i)); i++){
 		set = 1;
-#ifdef TCP_MAXSEG
-		if(sockopts[i].opt == TCP_MAXSEG){
-		    if(!conf.maxseg) continue;
-		    set = conf.maxseg;
-		}
-#endif
 		if(opts & opt) setsockopt(s, *sockopts[i].optname == 'T'? IPPROTO_TCP:
 #ifdef SOL_IP
 			*sockopts[i].optname == 'I'? SOL_IP: 
--- a/src/structures.h
+++ b/src/structures.h
@ -652,7 +652,6 @@ struct extparam {
 	int authcachetype, authcachetime;
 	int filtermaxsize;
 	int gracetraf, gracenum, gracedelay;
-	int maxseg;
 	unsigned char *logname, **archiver;
 	ROTATION logtype, countertype;
 	char * counterfile;