mirror of
https://github.com/MHSanaei/3x-ui.git
synced 2026-07-09 22:26:09 +00:00
fix(tls): ping the inbound's own port for remote cert pinning
The pin-from-remote button passed only the SNI to 'xray tls ping', which defaults to :443 — so it never reached a self-hosted inbound on another port and failed with a vague 'no certificate hash found'. Append the inbound's port when the SNI carries none, and surface the underlying ping failure (dial refused, timeout) in the error.
This commit is contained in:
@@ -143,9 +143,14 @@ export function useSecurityActions({ form, setSaving, messageApi, nodeId }: UseS
|
||||
messageApi.warning(t('pages.inbounds.form.pinFromRemoteNoSni'));
|
||||
return;
|
||||
}
|
||||
// `xray tls ping` defaults to :443, but a self-hosted inbound rarely
|
||||
// listens there. Append the inbound's own port (unless the SNI already
|
||||
// carries one) so the ping reaches the actual TLS endpoint.
|
||||
const port = form.getFieldValue('port') as number | undefined;
|
||||
const target = /:\d+$/.test(server) || !port ? server : `${server}:${port}`;
|
||||
setSaving(true);
|
||||
try {
|
||||
const msg = await HttpUtil.post('/panel/api/server/getRemoteCertHash', { server });
|
||||
const msg = await HttpUtil.post('/panel/api/server/getRemoteCertHash', { server: target });
|
||||
if (!msg?.success) {
|
||||
messageApi.warning(msg?.msg || t('pages.inbounds.form.pinFromRemoteFailed'));
|
||||
return;
|
||||
|
||||
Reference in New Issue
Block a user