Files
3x-ui/internal/database/model/model_shadowsocks_removed_test.go
T
MHSanaei 814cda3fb4 feat(xray): update xray-core to v26.7.11 and adapt panel
Bump xtls/xray-core to 50231eaf (v26.7.11) and the three binary pins
(DockerInit.sh, release.yml x2) in lockstep.

Adapt the panel to the upstream changes:

- Shadowsocks "none"/"plain" and VMess "none"/"zero" were removed from
  the core. A migration rewrites stored none/plain SS methods to a
  supported cipher and none/zero VMess security to "auto" (on both the
  clients column and inbound settings JSON); the SS build-time heal does
  the same so a row injected after boot cannot brick startup. The removed
  values are dropped from every frontend option list, schema and adapter,
  and coerced to "auto" at the Go link/sub/Clash emit sites and both link
  importers. Fix the CipherType_NONE sentinel that no longer compiles.

- Unencrypted vless/trojan outbounds to a public address are now refused
  by the core. Validate outbounds through the vendored config loader when
  saving the xray template and when storing/merging outbound
  subscriptions, so one such outbound cannot keep the core from starting.

- New TCP finalmask type "xmc" (Minecraft mimicry): add it to the sub
  link allowlist, the frontend enum and the FinalMask form (hostname,
  usernames, required password), and document it.

- streamSettings gained a "method" alias for "network"; canonicalize it
  to "network" at inbound save time and in the form adapters/schema so a
  method-keyed config keeps its transport.

- New root "env" config key is passed through xray.Config, compared in
  Equals, and forces a restart in the hot diff.

- REALITY now defaults minClientVer to 26.3.27; update the form
  placeholder.
2026-07-12 00:30:47 +02:00

44 lines
1.8 KiB
Go

package model
import (
"encoding/json"
"testing"
)
// TestHealShadowsocksClientMethods_RewritesRemovedCipher covers the last-gate
// build-time heal for xray-core v26.7.11's removed "none"/"plain" ciphers: a
// row that survives to config generation (restored backup, direct DB edit)
// must be rewritten to a supported cipher on both the inbound method and its
// clients so one such inbound cannot keep xray from starting.
func TestHealShadowsocksClientMethods_RewritesRemovedCipher(t *testing.T) {
settings := `{"method": "plain", "clients": [{"email": "a@x", "password": "p", "method": "plain"}]}`
healed, ok := HealShadowsocksClientMethods(settings)
if !ok {
t.Fatal("expected heal to report a change for a removed cipher")
}
var parsed struct {
Method string `json:"method"`
Clients []map[string]any `json:"clients"`
}
if err := json.Unmarshal([]byte(healed), &parsed); err != nil {
t.Fatalf("parse healed settings: %v", err)
}
if parsed.Method != "chacha20-ietf-poly1305" {
t.Fatalf("expected inbound method rewritten to a supported cipher, got %q", parsed.Method)
}
if parsed.Clients[0]["method"] != "chacha20-ietf-poly1305" {
t.Fatalf("expected client method to match the healed cipher, got %v", parsed.Clients[0]["method"])
}
}
func TestReplaceRemovedShadowsocksCipher(t *testing.T) {
for _, method := range []string{"none", "plain"} {
if got, removed := ReplaceRemovedShadowsocksCipher(method); !removed || got != "chacha20-ietf-poly1305" {
t.Fatalf("ReplaceRemovedShadowsocksCipher(%q) = (%q, %v), want a supported replacement", method, got, removed)
}
}
if got, removed := ReplaceRemovedShadowsocksCipher("aes-256-gcm"); removed || got != "aes-256-gcm" {
t.Fatalf("ReplaceRemovedShadowsocksCipher(aes-256-gcm) = (%q, %v), want it left untouched", got, removed)
}
}