refactor(mtproto): manage ad-tags per client only

The inbound-level ad-tag duplicated the per-client override for no
gain: the fork's global tag applied to every secret anyway, so one
value had two homes and they could drift. The inbound form field, the
settings key, and the global ad-tag in the generated config and in the
PUT /secrets body are gone; the tag is set on each client instead.
Existing inbound-level values are intentionally not migrated; a
leftover settings key is stripped on the next save.
This commit is contained in:
MHSanaei
2026-07-07 12:19:26 +02:00
parent 406ce54fb2
commit ad7a0f8164
21 changed files with 83 additions and 97 deletions
+20
View File
@@ -493,6 +493,26 @@ func StripMtprotoInboundSecret(settings string) (string, bool) {
return string(out), true
}
// StripMtprotoInboundAdTag drops the dead inbound-level `adTag` — tags live on clients.
func StripMtprotoInboundAdTag(settings string) (string, bool) {
if settings == "" {
return settings, false
}
var parsed map[string]any
if err := json.Unmarshal([]byte(settings), &parsed); err != nil {
return settings, false
}
if _, ok := parsed["adTag"]; !ok {
return settings, false
}
delete(parsed, "adTag")
out, err := json.MarshalIndent(parsed, "", " ")
if err != nil {
return settings, false
}
return string(out), true
}
// mtprotoSecretDomain extracts the FakeTLS domain embedded in the tail of a
// secret, returning an empty string when the secret is malformed. Each mtproto
// client carries its own domain inside its secret, so healing preserves it
@@ -25,6 +25,28 @@ func TestGenerateFakeTLSSecret(t *testing.T) {
}
}
func TestStripMtprotoInboundAdTag(t *testing.T) {
in := `{"adTag":"0123456789abcdef0123456789abcdef","clients":[{"email":"a","adTag":"fedcba9876543210fedcba9876543210"}]}`
out, changed := StripMtprotoInboundAdTag(in)
if !changed {
t.Fatal("expected the inbound-level adTag to be stripped")
}
var parsed map[string]any
if err := json.Unmarshal([]byte(out), &parsed); err != nil {
t.Fatalf("unmarshal: %v", err)
}
if _, ok := parsed["adTag"]; ok {
t.Fatalf("adTag key must be removed, got %s", out)
}
clients := parsed["clients"].([]any)
if clients[0].(map[string]any)["adTag"] != "fedcba9876543210fedcba9876543210" {
t.Fatalf("client adTag must be preserved, got %s", out)
}
if _, changed2 := StripMtprotoInboundAdTag(out); changed2 {
t.Fatal("second strip must be a no-op")
}
}
func TestStripMtprotoInboundSecret(t *testing.T) {
// A multi-client inbound that still carries a dead inbound-level secret has
// it removed while the clients (and every other key) survive untouched.