txlyre synced new reference v3.4.2 to txlyre/3x-ui from mirror
hai 15 horas
txlyre synced commits to main at txlyre/3x-ui from mirror
86813758cc fix(node): stop the offline-sync toast firing on saves to online nodes IsNodePending fed the user-facing "saved locally, node offline, will sync on reconnect" toast off three conditions, one of which was the node's config_dirty flag. But every node-backed client/inbound edit marks the node dirty unconditionally inside its write transaction — it is the reconcile self-heal marker, set even for edits pushed live to a healthy online node. The controller reads that freshly-set flag right after the save, so the warning fired on every save to a node-backed inbound regardless of the node actually being online. Drop the dirty term so the predicate reflects only what the message claims: the node being unreachable (offline or disabled). Offline and disabled nodes still mark dirty and still surface the toast. Add regression tests: online+dirty must not be pending; offline and disabled must be.
7a5d6da28c fix(xray): clean stale routing references when a balancer or outbound is deleted (#5648) * feat(xray): reference-cleanup helpers for entity deletion When an outbound or balancer is deleted on the Xray page, routing rules and balancers that reference it must be repaired in the same edit, or the saved config breaks the core: a dangling balancerTag stops Router.Init (whole core down), a dangling outboundTag black-holes matched traffic at the dispatcher. Add pure plan*/apply* helpers that compute and apply the cleanup. A rule is kept when a destination (outboundTag or balancerTag) remains and dropped when none does. Deleting an outbound cascades: emptying a balancer selector removes that balancer too, then repairs its rules in one pass against the full removed set; fallbackTag and dialerProxy references are cleared and observatories re-synced. * fix(balancers): clean routing rules referencing a deleted balancer Deleting a balancer left routing rules pointing at its balancerTag. xray-core's Router.Init then fails ("balancer <tag> not found"), the core won't restart and every inbound drops — the saved config passes CheckXrayConfig (JSON shape only), so it breaks only on the next restart. The delete confirm now lists the affected rules (modified vs removed) next to the existing observatory warning and applies planBalancerDeletion's cleanup: a rule keeps its outboundTag when present, otherwise the whole rule is dropped. Adds the shared DeletionImpactList and refCleanup strings across all 13 locales. * fix(outbounds): clean rules, balancer selectors and dialerProxy on outbound delete Deleting an outbound left routing rules pointing at its outboundTag (matched traffic black-holed at the dispatcher), plus stale references in balancer selectors / fallbackTag and other outbounds' dialerProxy. The delete confirm now shows planOutboundDeletion's impact and applies the cascade: rules keep a remaining balancerTag (else are dropped), the tag is pulled from balancer selectors and fallbacks, dialerProxy references are cleared, and a balancer whose selector is emptied is removed along with its own now-targetless rules. * refactor(xray): share one rule classifier across preview and apply Code review flagged that the keep/drop predicate was transcribed twice — in ruleImpacts (the delete-modal preview) and in applyCleanup (the mutation) — kept in sync only by a parity test. Extract a single classifyRule() that both call, so the preview can never disagree with what apply actually does. Also harden balancersEmptiedBy to skip tagless balancers: an empty/missing tag would otherwise enter the removed set as "" and silently drop every other tagless balancer (only reachable via a hand-edited config, but a silent data loss). And remove observersRemovedByDeletingBalancer, orphaned once BalancersTab switched to planBalancerDeletion. * fix(xray): null-guard reference cleanup against unvalidated configs The PR review noted that classifyRule and applyCleanup dereferenced rule / balancer entries directly, while the sibling propagateOutboundTagRename uses optional chaining — because fetchXrayConfig falls back to the unvalidated parsed object when Zod validation fails, a stray null in rules / balancers can survive into the editor and would throw during the delete preview/apply. Match that defensive style: classifyRule and balancersEmptiedBy read through optional chaining, the balancer loop skips nullish entries, and the dialerProxy walk guards the outbound. A delete on a hand-edited config with null entries now degrades gracefully instead of throwing.
- Ver comparación destas 6 achegas »
hai 23 horas
txlyre synced commits to main at txlyre/3x-ui from mirror
- Ver comparación destas 2 achegas »
hai 1 día
txlyre synced commits to main at txlyre/3x-ui from mirror
60c54827aa feat: ldap skip tls verify (#5637) * feat(ldap): add InsecureSkipVerify field and tlsConfig helper Extract the inline TLS config at both LDAPS dial sites (FetchVlessFlags, AuthenticateUser) into a tlsConfig(cfg) helper, and add a new Config.InsecureSkipVerify bool that flows through to tls.Config.InsecureSkipVerify. This unblocks enterprise environments (e.g. Microsoft AD CS with internal CAs) where the server certificate chain cannot be imported into the system trust store. Behavior is identical when InsecureSkipVerify is false (the default) - pure refactor + plumbing. The helper is unit-testable without a live server, which is why it is extracted. Closes https://github.com/MHSanaei/3x-ui/issues/5538 * feat(settings): add LdapInsecureSkipVerify setting Plumb the new LDAP skip-TLS-verify toggle through the settings stack: - AllSetting struct field (json/form tag: ldapInsecureSkipVerify) - defaultValueMap default ("false") - GetLdapInsecureSkipVerify() getter - ldap_sync_job wiring into ldaputil.Config (FetchVlessFlags path) - panel/user.go wiring into ldaputil.Config (AuthenticateUser path; the original issue's file list missed this) Persistence is handled by UpdateAllSetting's reflect loop, matching the existing pattern used by ldapUseTLS (no explicit setter). Closes https://github.com/MHSanaei/3x-ui/issues/5538 * feat(ui): add Skip TLS verification switch in LDAP settings Wire the new ldapInsecureSkipVerify setting into the hand-written frontend model and Zod schema, and render it as a new Switch in GeneralTab right under "Use TLS (LDAPS)". The switch is disabled when TLS is off (the setting is meaningless without LDAPS) and shows an insecure-warning description to make the security implication visible to operators. Also adds a Vitest round-trip test pinning schema acceptance and model default-to-false behavior. Closes https://github.com/MHSanaei/3x-ui/issues/5538 * chore(i18n): add Skip TLS verification strings to all locales Add pages.settings.ldap.skipTlsVerify and skipTlsVerifyDesc to all 13 backend-served translation files, matching the existing repo convention of keeping LDAP keys present in every locale (en-US, fa-IR, ru-RU, zh-CN, zh-TW, pt-BR, ar-EG, uk-UA, id-ID, tr-TR, vi-VN, ja-JP, es-ES). No translation-parity test exists in CI, but every other LDAP key is replicated across all files, so this keeps the invariant intact. Closes https://github.com/MHSanaei/3x-ui/issues/5538 * chore(codegen): regenerate frontend artifacts Regenerate frontend/src/generated/{zod,types,schemas,examples}.ts and frontend/public/openapi.json via `npm run gen` to reflect the new ldapInsecureSkipVerify field. The codegen CI job runs `git diff --exit-code` on these files; failing to commit them would break the build. Closes https://github.com/MHSanaei/3x-ui/issues/5538
aef35ee0de fix(sync): mark node dirty inside the mutation transaction (atomic ConfigDirty) (#5611) * fix(sync): mark node dirty inside the mutation transaction ConfigDirty is currently set by MarkNodeDirty AFTER the mutation, on a separate DB handle outside the mutation's transaction. A crash or error between the committed change and the mark leaves a committed config change that never reconciles to the node (silent drift). Add MarkNodeDirtyTx(tx, id) and call it inside each mutation's transaction so the dirty mark commits atomically with the change. * fix(test): initialize DB in TestResolveInboundAddress and group gorm import Two CI failures on this branch: - race (-shuffle=on): TestResolveInboundAddress reaches resolveInboundAddress -> configuredPublicHost -> GetSubDomain, which reads the global DB. The test never initialized one, relying on another sub-package test to do so first; under shuffle it ran first and nil-dereferenced gorm. Call initSubDB(t) so it is self-sufficient (empty DB yields an empty subDomain, so the subscriber-host fallback still holds). - golangci goimports: gorm.io/gorm was grouped with the github.com/mhsanaei/3x-ui local imports in node_dirty_test.go. Move it into the third-party group.
- Ver comparación destas 9 achegas »
hai 1 día
txlyre synced commits to main at txlyre/3x-ui from mirror
- Ver comparación destas 3 achegas »
hai 2 días
txlyre synced commits to main at txlyre/3x-ui from mirror
- Ver comparación destas 15 achegas »
hai 3 días
txlyre synced commits to main at txlyre/3x-ui from mirror
7a2179535a fix(settings): normalize API token timestamps (#5599) * fix(settings): normalize API token timestamps * refactor(api-token): share timestamp threshold --------- Co-authored-by: Tomilla <5007859+[email protected]>
hai 3 días
txlyre synced commits to main at txlyre/3x-ui from mirror
- Ver comparación destas 2 achegas »
hai 3 días
txlyre synced commits to main at txlyre/3x-ui from mirror
- Ver comparación destas 2 achegas »
hai 4 días
txlyre synced new reference v3.4.1 to txlyre/3x-ui from mirror
hai 4 días