From 7917f24f428e40ac20b8b8f953b02cf59d1be334 Mon Sep 17 00:00:00 2001 From: wwqgtxx Date: Sat, 20 Sep 2025 01:13:55 +0800 Subject: [PATCH] chore: more check in listeners start --- listener/http/server.go | 3 +++ listener/mixed/mixed.go | 3 +++ listener/sing_vless/server.go | 3 +++ listener/sing_vmess/server.go | 3 +++ listener/socks/tcp.go | 3 +++ listener/trojan/server.go | 3 +++ 6 files changed, 18 insertions(+) diff --git a/listener/http/server.go b/listener/http/server.go index 1bec2555..8b86ac62 100644 --- a/listener/http/server.go +++ b/listener/http/server.go @@ -100,6 +100,9 @@ func NewWithConfig(config LC.AuthServer, tunnel C.Tunnel, additions ...inbound.A if tlsConfig.Certificates != nil { return nil, errors.New("certificate is unavailable in reality") } + if tlsConfig.ClientAuth != tlsC.NoClientCert { + return nil, errors.New("client-auth is unavailable in reality") + } realityBuilder, err = config.RealityConfig.Build(tunnel) if err != nil { return nil, err diff --git a/listener/mixed/mixed.go b/listener/mixed/mixed.go index 38c3393c..3df49d2c 100644 --- a/listener/mixed/mixed.go +++ b/listener/mixed/mixed.go @@ -96,6 +96,9 @@ func NewWithConfig(config LC.AuthServer, tunnel C.Tunnel, additions ...inbound.A if tlsConfig.Certificates != nil { return nil, errors.New("certificate is unavailable in reality") } + if tlsConfig.ClientAuth != tlsC.NoClientCert { + return nil, errors.New("client-auth is unavailable in reality") + } realityBuilder, err = config.RealityConfig.Build(tunnel) if err != nil { return nil, err diff --git a/listener/sing_vless/server.go b/listener/sing_vless/server.go index 48e9001a..a210d70a 100644 --- a/listener/sing_vless/server.go +++ b/listener/sing_vless/server.go @@ -111,6 +111,9 @@ func New(config LC.VlessServer, tunnel C.Tunnel, additions ...inbound.Addition) if tlsConfig.Certificates != nil { return nil, errors.New("certificate is unavailable in reality") } + if tlsConfig.ClientAuth != tlsC.NoClientCert { + return nil, errors.New("client-auth is unavailable in reality") + } realityBuilder, err = config.RealityConfig.Build(tunnel) if err != nil { return nil, err diff --git a/listener/sing_vmess/server.go b/listener/sing_vmess/server.go index 1ce90259..24c323ba 100644 --- a/listener/sing_vmess/server.go +++ b/listener/sing_vmess/server.go @@ -111,6 +111,9 @@ func New(config LC.VmessServer, tunnel C.Tunnel, additions ...inbound.Addition) if tlsConfig.Certificates != nil { return nil, errors.New("certificate is unavailable in reality") } + if tlsConfig.ClientAuth != tlsC.NoClientCert { + return nil, errors.New("client-auth is unavailable in reality") + } realityBuilder, err = config.RealityConfig.Build(tunnel) if err != nil { return nil, err diff --git a/listener/socks/tcp.go b/listener/socks/tcp.go index 1ec3a1f1..60eaa741 100644 --- a/listener/socks/tcp.go +++ b/listener/socks/tcp.go @@ -95,6 +95,9 @@ func NewWithConfig(config LC.AuthServer, tunnel C.Tunnel, additions ...inbound.A if tlsConfig.Certificates != nil { return nil, errors.New("certificate is unavailable in reality") } + if tlsConfig.ClientAuth != tlsC.NoClientCert { + return nil, errors.New("client-auth is unavailable in reality") + } realityBuilder, err = config.RealityConfig.Build(tunnel) if err != nil { return nil, err diff --git a/listener/trojan/server.go b/listener/trojan/server.go index df5f3aba..03fb02cf 100644 --- a/listener/trojan/server.go +++ b/listener/trojan/server.go @@ -106,6 +106,9 @@ func New(config LC.TrojanServer, tunnel C.Tunnel, additions ...inbound.Addition) if tlsConfig.Certificates != nil { return nil, errors.New("certificate is unavailable in reality") } + if tlsConfig.ClientAuth != tlsC.NoClientCert { + return nil, errors.New("client-auth is unavailable in reality") + } realityBuilder, err = config.RealityConfig.Build(tunnel) if err != nil { return nil, err