Add certificate store

2025-04-03 20:07:36 +03:00 · 2025-01-08 10:34:45 +08:00 · 2025-01-08 10:34:45 +08:00 · 221c003ce0
commit 221c003ce0
parent 8b7c8dcdb4
30 changed files with 4786 additions and 32 deletions
--- a/adapter/certificate.go
+++ b/adapter/certificate.go
@ -0,0 +1,21 @@
+package adapter
+
+import (
+	"context"
+	"crypto/x509"
+
+	"github.com/sagernet/sing/service"
+)
+
+type CertificateStore interface {
+	LifecycleService
+	Pool() *x509.CertPool
+}
+
+func RootPoolFromContext(ctx context.Context) *x509.CertPool {
+	store := service.FromContext[CertificateStore](ctx)
+	if store == nil {
+		return nil
+	}
+	return store.Pool()
+}
--- a/adapter/experimental.go
+++ b/adapter/experimental.go
@ -6,7 +6,6 @@ import (
 	"encoding/binary"
 	"time"

-	"github.com/sagernet/sing-box/common/urltest"
 	"github.com/sagernet/sing/common/varbin"
 )

@ -15,7 +14,20 @@ type ClashServer interface {
 	ConnectionTracker
 	Mode() string
 	ModeList() []string
-	HistoryStorage() *urltest.HistoryStorage
+	HistoryStorage() URLTestHistoryStorage
+}
+
+type URLTestHistory struct {
+	Time  time.Time `json:"time"`
+	Delay uint16    `json:"delay"`
+}
+
+type URLTestHistoryStorage interface {
+	SetHook(hook chan<- struct{})
+	LoadURLTestHistory(tag string) *URLTestHistory
+	DeleteURLTestHistory(tag string)
+	StoreURLTestHistory(tag string, history *URLTestHistory)
+	Close() error
 }

 type V2RayServer interface {
--- a/adapter/router.go
+++ b/adapter/router.go
@ -2,6 +2,7 @@ package adapter

 import (
 	"context"
+	"crypto/tls"
 	"net"
 	"net/http"
 	"sync"
@ -9,6 +10,7 @@ import (
 	C "github.com/sagernet/sing-box/constant"
 	M "github.com/sagernet/sing/common/metadata"
 	N "github.com/sagernet/sing/common/network"
+	"github.com/sagernet/sing/common/ntp"
 	"github.com/sagernet/sing/common/x/list"

 	"go4.org/netipx"
@ -66,12 +68,14 @@ type RuleSetMetadata struct {
 	ContainsIPCIDRRule  bool
 }
 type HTTPStartContext struct {
+	ctx             context.Context
 	access          sync.Mutex
 	httpClientCache map[string]*http.Client
 }

-func NewHTTPStartContext() *HTTPStartContext {
+func NewHTTPStartContext(ctx context.Context) *HTTPStartContext {
 	return &HTTPStartContext{
+		ctx:             ctx,
 		httpClientCache: make(map[string]*http.Client),
 	}
 }
@ -89,6 +93,10 @@ func (c *HTTPStartContext) HTTPClient(detour string, dialer N.Dialer) *http.Clie
 			DialContext: func(ctx context.Context, network, addr string) (net.Conn, error) {
 				return dialer.DialContext(ctx, network, M.ParseSocksaddr(addr))
 			},
+			TLSClientConfig: &tls.Config{
+				Time:    ntp.TimeFuncFromContext(c.ctx),
+				RootCAs: RootPoolFromContext(c.ctx),
+			},
 		},
 	}
 	c.httpClientCache[detour] = httpClient