feat: 🎸 update singbox protocol

Author: messica

Cargo.toml

@@ -22,7 +22,7 @@ serde_yaml = "0.9"
 
 anyhow = "1.0"
 thiserror = "2.0"
-indexmap = "2.12"
+indexmap = { version = "2.12", features = ["serde"] }
 
 tracing = "0.1"
 tracing-subscriber = { version = "0.3", features = ["env-filter"] }

src/protocols/singbox/certificate.rs

@@ -0,0 +1,20 @@
+use serde::{Deserialize, Serialize};
+use serde_with::skip_serializing_none;
+
+#[skip_serializing_none]
+#[derive(Serialize, Deserialize, Debug, Clone)]
+pub struct Certificate {
+    pub store: Option<StoreType>,
+    pub certificate: Option<Vec<String>>,
+    pub certificate_path: Option<Vec<String>>,
+    pub certificate_directory_path: Option<Vec<String>>,
+}
+
+#[derive(Serialize, Deserialize, Debug, Clone)]
+#[serde(rename_all = "lowercase")]
+pub enum StoreType {
+    System,
+    Mozilla,
+    Chrome,
+    None,
+}

src/protocols/singbox/common/base.rs

@@ -38,7 +38,7 @@ pub enum IpVersion {
 #[derive(Serialize, Deserialize, Debug, Clone)]
 #[serde(untagged)]
 pub enum QueryType {
-    Code(usize),
+    Code(u16),
     Name(String),
 }
 
@@ -63,20 +63,13 @@ pub enum LogicalMode {
 }
 
 #[skip_serializing_none]
-#[derive(Default, Serialize, Deserialize, Debug, Clone)]
+#[derive(Serialize, Deserialize, Debug, Clone)]
 pub struct Handshake {
-    detour: Option<String>,
-    bind_interface: Option<String>,
-    inet4_bind_address: Option<String>,
-    inet6_bind_address: Option<String>,
-    routing_mark: Option<usize>,
-    reuse_addr: Option<bool>,
-    connect_timeout: Option<String>,
-    tcp_fast_open: Option<bool>,
-    tcp_multi_path: Option<bool>,
-    udp_fragment: Option<bool>,
-    domain_strategy: Option<Strategy>,
-    fallback_delay: Option<String>,
+    pub server: String,
+    pub server_port: u16,
+
+    #[serde(flatten)]
+    pub dial_params: Option<DialParams>,
 }
 
 #[derive(Serialize, Deserialize, Debug, Clone)]
@@ -98,14 +91,77 @@ impl Default for Stack {
 pub struct ListenParams {
     listen: Option<String>,
     listen_port: Option<u16>,
+    bind_interface: Option<String>,
+    routing_mark: Option<u32>,
+    reuse_addr: Option<bool>,
+    netns: Option<String>,
     tcp_fast_open: Option<bool>,
     tcp_multi_path: Option<bool>,
+    disable_tcp_keep_alive: Option<bool>,
+    tcp_keep_alive: Option<String>,
+    tcp_keep_alive_interval: Option<String>,
     udp_fragment: Option<bool>,
     udp_timeout: Option<String>,
     detour: Option<String>,
-    sniff: Option<bool>,
-    sniff_override_destination: Option<bool>,
-    sniff_timeout: Option<String>,
-    domain_strategy: Option<Strategy>,
-    udp_disable_domain_unmapping: Option<bool>,
 }
+
+#[skip_serializing_none]
+#[derive(Default, Serialize, Deserialize, Debug, Clone)]
+pub struct DialParams {
+    pub detour: Option<String>,
+    pub bind_interface: Option<String>,
+    pub inet4_bind_address: Option<String>,
+    pub inet6_bind_address: Option<String>,
+    /// Only supported on Linux.
+    pub routing_mark: Option<usize>,
+    pub reuse_addr: Option<bool>,
+    /// Only supported on Linux.
+    pub netns: Option<String>,
+    pub connect_timeout: Option<String>,
+    pub tcp_fast_open: Option<bool>,
+    pub tcp_multi_path: Option<bool>,
+    pub disable_tcp_keep_alive: Option<bool>,
+    pub tcp_keep_alive: Option<String>,
+    pub tcp_keep_alive_interval: Option<String>,
+    pub udp_fragment: Option<bool>,
+    pub domain_resolver: Option<DomainResolver>,
+    pub network_strategy: Option<NetworkStrategy>,
+    pub network_type: Option<Vec<NetworkType>>,
+    pub fallback_network_type: Option<Vec<NetworkType>>,
+    pub fallback_delay: Option<u64>,
+}
+
+#[skip_serializing_none]
+#[derive(Default, Serialize, Deserialize, Debug, Clone)]
+pub struct DomainResolver {
+    pub server: String,
+    pub strategy: Option<Strategy>,
+    pub disable_cache: Option<bool>,
+    pub rewrite_ttl: Option<u32>,
+    pub client_subnet: Option<String>,
+}
+
+#[derive(Serialize, Deserialize, Debug, Clone)]
+#[serde(rename_all = "snake_case")]
+pub enum NetworkStrategy {
+    Default,
+    Hybrid,
+    Fallback,
+}
+
+#[derive(Serialize, Deserialize, Debug, Clone)]
+#[serde(rename_all = "snake_case")]
+pub enum NetworkType {
+    Wifi,
+    Cellular,
+    Ethernet,
+    Other,
+}
+
+#[derive(Serialize, Deserialize, Debug, Clone)]
+#[serde(rename_all = "snake_case")]
+pub enum ClashMode {
+    Direct,
+    Global,
+    Rule,
+}

src/protocols/singbox/common/multiplex.rs

@@ -11,9 +11,9 @@ pub enum Multiplex {
     Outbound {
         enabled: bool,
         protocol: MultiplexProtocol,
-        max_connections: usize,
-        min_streams: usize,
-        max_streams: usize,
+        max_connections: u32,
+        min_streams: u32,
+        max_streams: u32,
         padding: bool,
         brutal: Brutal,
     },
@@ -37,6 +37,6 @@ impl Default for MultiplexProtocol {
 pub struct Brutal {
     #[serde(skip_serializing_if = "Option::is_none")]
     enabled: Option<bool>,
-    up_mbps: usize,
-    down_mbps: usize,
+    up_mbps: u32,
+    down_mbps: u32,
 }

src/protocols/singbox/common/tls.rs

@@ -9,23 +9,6 @@ pub enum Tls {
     Outbound(Outbound),
 }
 
-#[skip_serializing_none]
-#[derive(Default, Serialize, Deserialize, Debug, Clone)]
-pub struct Inbound {
-    enabled: Option<bool>,
-    server_name: Option<String>,
-    alpn: Option<Vec<String>>,
-    min_version: Option<String>,
-    max_version: Option<String>,
-    cipher_suites: Option<Vec<String>>,
-    certificate: Option<Vec<String>>,
-    certificate_path: Option<String>,
-    key: Option<Vec<String>>,
-    key_path: Option<String>,
-    acme: Option<ACME>,
-    ech: Option<Ech>,
-    reality: Option<Reality>,
-}
 
 #[skip_serializing_none]
 #[derive(Default, Serialize, Deserialize, Debug, Clone)]
@@ -103,27 +86,87 @@ pub struct RealityHandshake {
     fallback_delay: Option<String>,
 }
 
-#[skip_serializing_none]
-#[derive(Default, Serialize, Deserialize, Debug, Clone)]
-pub struct Outbound {
-    enabled: Option<bool>,
-    disable_sni: Option<bool>,
-    server_name: Option<String>,
-    insecure: Option<bool>,
-    alpn: Option<Vec<String>>,
-    min_version: Option<String>,
-    max_version: Option<String>,
-    cipher_suites: Option<Vec<String>>,
-    certificate: Option<Vec<String>>,
-    certificate_path: Option<String>,
-    ech: Option<Ech>,
-    utls: Option<OutboundUtils>,
-    reality: Option<Reality>,
-}
+
 
 #[skip_serializing_none]
 #[derive(Default, Serialize, Deserialize, Debug, Clone)]
 pub struct OutboundUtils {
     enabled: Option<bool>,
     fingerprint: Option<String>,
 }
+
+#[skip_serializing_none]
+#[derive(Serialize, Deserialize, Debug, Clone)]
+pub struct Inbound {
+    pub enabled: Option<bool>,
+    pub certificate: Option<SingleOrMultipleValue<String>>,
+    pub key: Option<SingleOrMultipleValue<String>>,
+    pub key_password: Option<String>,
+    pub fingerprint: Option<TlsFingerprint>,
+    pub alpn: Option<Vec<String>>,
+    pub alpn_mode: Option<AlpnMode>,
+    pub min_version: Option<String>,
+    pub max_version: Option<String>,
+    pub session_ticket: Option<bool>,
+    pub curves: Option<Vec<String>>,
+    pub signature_algorithms: Option<String>,
+    pub key_share_mode: Option<String>,
+    pub only_grease: Option<bool>,
+    pub force_ciphersuites: Option<Vec<String>>,
+    pub session_cache_size: Option<u32>,
+    pub session_cache_timeout: Option<u64>,
+    pub client_auth: Option<bool>,
+    pub client_ca: Option<SingleOrMultipleValue<String>>,
+}
+
+#[skip_serializing_none]
+#[derive(Serialize, Deserialize, Debug, Clone)]
+pub struct Outbound {
+    pub enabled: Option<bool>,
+    pub insecure: Option<bool>,
+    pub server_name: Option<String>,
+    pub certificate: Option<SingleOrMultipleValue<String>>,
+    pub fingerprint: Option<TlsFingerprint>,
+    pub alpn: Option<Vec<String>>,
+    pub alpn_mode: Option<AlpnMode>,
+    pub min_version: Option<String>,
+    pub max_version: Option<String>,
+    pub session_ticket: Option<bool>,
+    pub curves: Option<Vec<String>>,
+    pub signature_algorithms: Option<String>,
+    pub key_share_mode: Option<String>,
+    pub only_grease: Option<bool>,
+    pub force_ciphersuites: Option<Vec<String>>,
+    pub early_data_size: Option<u32>,
+    pub session_cache_size: Option<u32>,
+    pub session_cache_timeout: Option<u64>,
+    pub client_certificate: Option<ClientCertificateConfig>,
+}
+
+#[derive(Debug, Clone, Serialize, Deserialize, PartialEq, Eq)]
+#[serde(rename_all = "kebab-case")]
+pub enum TlsFingerprint {
+    Chrome,
+    Firefox,
+    Safari,
+    Ios,
+    Android,
+    Edge,
+    Random,
+    Randomized,
+}
+
+#[derive(Debug, Clone, Serialize, Deserialize, PartialEq, Eq)]
+#[serde(rename_all = "snake_case")]
+pub enum AlpnMode {
+    Auto,
+    Strict,
+}
+
+#[derive(Debug, Clone, Serialize, Deserialize, Default)]
+pub struct ClientCertificateConfig {
+    pub certificate_path: Option<String>,
+    pub key_path: Option<String>,
+    pub password: Option<String>,
+    pub ocsp_stapling: Option<u64>,
+}

src/protocols/singbox/common/transport.rs

@@ -1,6 +1,6 @@
 use serde::{Deserialize, Serialize};
 use serde_with::skip_serializing_none;
-use std::collections::HashMap;
+use indexmap::IndexMap;
 
 #[skip_serializing_none]
 #[derive(Serialize, Deserialize, Debug, Clone)]
@@ -19,7 +19,7 @@ pub struct HTTP {
     host: Option<Vec<String>>,
     path: Option<String>,
     method: Option<String>,
-    headers: Option<HashMap<String, String>>,
+    headers: Option<IndexMap<String, String>>,
     idle_timeout: Option<String>,
     ping_timeout: Option<String>,
 }
@@ -28,7 +28,7 @@ pub struct HTTP {
 #[derive(Default, Serialize, Deserialize, Debug, Clone)]
 pub struct WS {
     path: Option<String>,
-    headers: Option<HashMap<String, String>>,
+    headers: Option<IndexMap<String, String>>,
     max_early_data: Option<usize>,
     early_data_header_name: Option<String>,
 }
@@ -51,5 +51,5 @@ pub struct GRPC {
 pub struct HttpUpgrade {
     host: Option<String>,
     path: Option<String>,
-    headers: Option<HashMap<String, String>>,
+    headers: Option<IndexMap<String, String>>,
 }