WireGuard inbound: Support dynamic peer management (#6360)

https://github.com/XTLS/Xray-core/pull/6360#issuecomment-4780311547

Closes https://github.com/XTLS/Xray-core/issues/6314

---------

Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com>
Co-authored-by: LjhAUMEM <llnu14702@gmail.com>
This commit is contained in:
bitwiresys
2026-06-27 14:41:22 +03:00
committed by GitHub
parent f496437b84
commit 345c76f9a8
14 changed files with 280 additions and 114 deletions
+4 -1
View File
@@ -22,7 +22,6 @@ func (c *HysteriaClientConfig) Build() (proto.Message, error) {
}
config := &hysteria.ClientConfig{}
config.Version = c.Version
config.Server = &protocol.ServerEndpoint{
Address: c.Address.Build(),
Port: uint32(c.Port),
@@ -44,6 +43,10 @@ type HysteriaServerConfig struct {
}
func (c *HysteriaServerConfig) Build() (proto.Message, error) {
if c.Version != 2 {
return nil, errors.New("version != 2")
}
config := new(hysteria.ServerConfig)
if c.Clients != nil {
-1
View File
@@ -571,7 +571,6 @@ func (c *HysteriaConfig) Build() (proto.Message, error) {
}
config := &hysteria.Config{}
config.Version = c.Version
config.Auth = c.Auth
config.UdpIdleTimeout = c.UdpIdleTimeout
config.MasqType = c.Masquerade.Type
+27 -3
View File
@@ -7,6 +7,9 @@ import (
"strings"
"github.com/xtls/xray-core/common/errors"
"github.com/xtls/xray-core/common/protocol"
"github.com/xtls/xray-core/common/serial"
"github.com/xtls/xray-core/common/task"
"github.com/xtls/xray-core/proxy/wireguard"
"google.golang.org/protobuf/proto"
)
@@ -17,9 +20,12 @@ type WireGuardPeerConfig struct {
Endpoint string `json:"endpoint"`
KeepAlive uint32 `json:"keepAlive"`
AllowedIPs []string `json:"allowedIPs,omitempty"`
Level uint32 `json:"level"`
Email string `json:"email"`
}
func (c *WireGuardPeerConfig) Build() (proto.Message, error) {
func (c *WireGuardPeerConfig) Build() (*wireguard.PeerConfig, error) {
var err error
config := new(wireguard.PeerConfig)
@@ -78,14 +84,32 @@ func (c *WireGuardConfig) Build() (proto.Message, error) {
config.Endpoint = c.Address
}
if c.Peers != nil {
if c.IsClient {
config.Peers = make([]*wireguard.PeerConfig, len(c.Peers))
for i, p := range c.Peers {
msg, err := p.Build()
if err != nil {
return nil, err
}
config.Peers[i] = msg.(*wireguard.PeerConfig)
config.Peers[i] = msg
}
} else {
config.Users = make([]*protocol.User, len(c.Peers))
processUser := func(idx int) error {
p := c.Peers[idx]
m, err := p.Build()
if err != nil {
return err
}
config.Users[idx] = &protocol.User{
Email: p.Email,
Level: p.Level,
Account: serial.ToTypedMessage(m),
}
return nil
}
if err := task.ParallelForN(len(c.Peers), processUser); err != nil {
return nil, err
}
}
-50
View File
@@ -1,50 +0,0 @@
package conf_test
import (
"testing"
. "github.com/xtls/xray-core/infra/conf"
"github.com/xtls/xray-core/proxy/wireguard"
)
func TestWireGuardConfig(t *testing.T) {
creator := func() Buildable {
return new(WireGuardConfig)
}
runMultiTestCase(t, []TestCase{
{
Input: `{
"secretKey": "uJv5tZMDltsiYEn+kUwb0Ll/CXWhMkaSCWWhfPEZM3A=",
"address": ["10.1.1.1", "fd59:7153:2388:b5fd:0000:0000:1234:0001"],
"peers": [
{
"publicKey": "6e65ce0be17517110c17d77288ad87e7fd5252dcc7d09b95a39d61db03df832a",
"endpoint": "127.0.0.1:1234"
}
],
"mtu": 1300,
"workers": 2,
"domainStrategy": "ForceIPv6v4",
"noKernelTun": false
}`,
Parser: loadJSON(creator),
Output: &wireguard.DeviceConfig{
// key converted into hex form
SecretKey: "b89bf9b5930396db226049fe914c1bd0b97f0975a13246920965a17cf1193370",
Endpoint: []string{"10.1.1.1", "fd59:7153:2388:b5fd:0000:0000:1234:0001"},
Peers: []*wireguard.PeerConfig{
{
// also can read from hex form directly
PublicKey: "6e65ce0be17517110c17d77288ad87e7fd5252dcc7d09b95a39d61db03df832a",
Endpoint: "127.0.0.1:1234",
AllowedIps: []string{"0.0.0.0/0", "::0/0"},
},
},
Mtu: 1300,
DomainStrategy: wireguard.DeviceConfig_FORCE_IP64,
NoKernelTun: false,
},
},
})
}