Home Explore Help
Sign In
wytfy
/
v2ray-core
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Tree: 5ff7c712f4
Branches Tags
v2ray-core
/
transport
/
internet
/
tls
/
config.proto

config.proto 2.5 KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687 
  1. syntax = "proto3";
    2. 

  2. 

  3. package v2ray.core.transport.internet.tls;
    4. 

  4. option csharp_namespace = "V2Ray.Core.Transport.Internet.Tls";
    5. 

  5. option go_package = "github.com/v2fly/v2ray-core/v5/transport/internet/tls";
    6. 

  6. option java_package = "com.v2ray.core.transport.internet.tls";
    7. 

  7. option java_multiple_files = true;
    8. 

  8. 

  9. import "common/protoext/extensions.proto";
    10. 

  10. 

  11. message Certificate {
    12. 

  12.   // TLS certificate in x509 format.
    13. 

  13.   bytes Certificate = 1;
    14. 

  14. 

  15.   // TLS key in x509 format.
    16. 

  16.   bytes Key = 2;
    17. 

  17. 

  18.   enum Usage {
    19. 

  19.     ENCIPHERMENT = 0;
    20. 

  20.     AUTHORITY_VERIFY = 1;
    21. 

  21.     AUTHORITY_ISSUE = 2;
    22. 

  22.     AUTHORITY_VERIFY_CLIENT = 3;
    23. 

  23.   }
    24. 

  24. 

  25.   Usage usage = 3;
    26. 

  26. 

  27.   string certificate_file = 96001 [(v2ray.core.common.protoext.field_opt).convert_time_read_file_into = "Certificate"];
    28. 

  28.   string key_file = 96002 [(v2ray.core.common.protoext.field_opt).convert_time_read_file_into = "Key"];
    29. 

  29. }
    30. 

  30. 

  31. message Config {
    32. 

  32.   option (v2ray.core.common.protoext.message_opt).type = "security";
    33. 

  33.   option (v2ray.core.common.protoext.message_opt).short_name = "tls";
    34. 

  34.   option (v2ray.core.common.protoext.message_opt).allow_restricted_mode_load = true;
    35. 

  35. 

  36.   // Whether or not to allow self-signed certificates.
    37. 

  37.   bool allow_insecure = 1 [(v2ray.core.common.protoext.field_opt).forbidden = true];
    38. 

  38. 

  39.   // List of certificates to be served on server.
    40. 

  40.   repeated Certificate certificate = 2;
    41. 

  41. 

  42.   // Override server name.
    43. 

  43.   string server_name = 3;
    44. 

  44. 

  45.   // Lists of string as ALPN values.
    46. 

  46.   repeated string next_protocol = 4;
    47. 

  47. 

  48.   // Whether or not to enable session (ticket) resumption.
    49. 

  49.   bool enable_session_resumption = 5;
    50. 

  50. 

  51.   // If true, root certificates on the system will not be loaded for
    52. 

  52.   // verification.
    53. 

  53.   bool disable_system_root = 6;
    54. 

  54. 

  55.   /* @Document A pinned certificate chain sha256 hash.
    56. 

  56.      @Document If the server's hash does not match this value, the connection will be aborted.
    57. 

  57.      @Document This value replace allow_insecure.
    58. 

  58.      @Critical
    59. 

  59.   */
    60. 

  60.   repeated bytes pinned_peer_certificate_chain_sha256 = 7;
    61. 

  61. 

  62.   // If true, the client is required to present a certificate.
    63. 

  63.   bool verify_client_certificate = 8;
    64. 

  64. 

  65.   enum TLSVersion {
    66. 

  66.     Default = 0;
    67. 

  67.     TLS1_0 = 1;
    68. 

  68.     TLS1_1 = 2;
    69. 

  69.     TLS1_2 = 3;
    70. 

  70.     TLS1_3 = 4;
    71. 

  71.   }
    72. 

  72. 

  73.   // Minimum TLS version to support.
    74. 

  74.   TLSVersion min_version = 9;
    75. 

  75. 

  76.   // Maximum TLS version to support.
    77. 

  77.   TLSVersion max_version = 10;
    78. 

  78. 

  79.   // Whether or not to allow self-signed certificates when pinned_peer_certificate_chain_sha256 is present.
    80. 

  80.   bool allow_insecure_if_pinned_peer_certificate = 11;
    81. 

  81. 

  82.   // ECH Config in bytes format
    83. 

  83.   bytes ech_config = 16;
    84. 

  84. 

  85.   // DOH server to query HTTPS record for ECH
    86. 

  86.   string ech_DOHserver = 17;
    87. 

  87. }
    88.