From dbaee284e4310aea71344f5154b174bd0333b657 Mon Sep 17 00:00:00 2001 From: Larvan2 <78135608+Larvan2@users.noreply.github.com> Date: Sun, 1 Oct 2023 12:04:34 +0800 Subject: [PATCH] fix: hy2/tuic inbound cert isn't path Co-authored-by: wwqgtxx --- common/net/tls.go | 8 +++++++- hub/route/server.go | 2 +- listener/sing_hysteria2/server.go | 5 +---- listener/tuic/server.go | 5 +---- 4 files changed, 10 insertions(+), 10 deletions(-) diff --git a/common/net/tls.go b/common/net/tls.go index e51324f7..b2865503 100644 --- a/common/net/tls.go +++ b/common/net/tls.go @@ -10,7 +10,11 @@ import ( "math/big" ) -func ParseCert(certificate, privateKey string) (tls.Certificate, error) { +type Path interface { + Resolve(path string) string +} + +func ParseCert(certificate, privateKey string, path Path) (tls.Certificate, error) { if certificate == "" && privateKey == "" { return newRandomTLSKeyPair() } @@ -19,6 +23,8 @@ func ParseCert(certificate, privateKey string) (tls.Certificate, error) { return cert, nil } + certificate = path.Resolve(certificate) + privateKey = path.Resolve(privateKey) cert, loadErr := tls.LoadX509KeyPair(certificate, privateKey) if loadErr != nil { return tls.Certificate{}, fmt.Errorf("parse certificate failed, maybe format error:%s, or path error: %s", painTextErr.Error(), loadErr.Error()) diff --git a/hub/route/server.go b/hub/route/server.go index 3d0df95e..aa2d03b8 100644 --- a/hub/route/server.go +++ b/hub/route/server.go @@ -112,7 +112,7 @@ func Start(addr string, tlsAddr string, secret string, if len(tlsAddr) > 0 { go func() { - c, err := CN.ParseCert(certificat, privateKey) + c, err := CN.ParseCert(certificat, privateKey, C.Path) if err != nil { log.Errorln("External controller tls listen error: %s", err) return diff --git a/listener/sing_hysteria2/server.go b/listener/sing_hysteria2/server.go index 7897bd84..bc25ec2a 100644 --- a/listener/sing_hysteria2/server.go +++ b/listener/sing_hysteria2/server.go @@ -50,10 +50,7 @@ func New(config LC.Hysteria2Server, tunnel C.Tunnel, additions ...inbound.Additi sl = &Listener{false, config, nil, nil} - config.Certificate = C.Path.Resolve(config.Certificate) - config.PrivateKey = C.Path.Resolve(config.PrivateKey) - - cert, err := CN.ParseCert(config.Certificate, config.PrivateKey) + cert, err := CN.ParseCert(config.Certificate, config.PrivateKey, C.Path) if err != nil { return nil, err } diff --git a/listener/tuic/server.go b/listener/tuic/server.go index 12a6ac6d..70cf4a01 100644 --- a/listener/tuic/server.go +++ b/listener/tuic/server.go @@ -44,10 +44,7 @@ func New(config LC.TuicServer, tunnel C.Tunnel, additions ...inbound.Addition) ( Additions: additions, } - config.Certificate = C.Path.Resolve(config.Certificate) - config.PrivateKey = C.Path.Resolve(config.PrivateKey) - - cert, err := CN.ParseCert(config.Certificate, config.PrivateKey) + cert, err := CN.ParseCert(config.Certificate, config.PrivateKey, C.Path) if err != nil { return nil, err }