add "certificate" environment variable

2025-04-03 22:03:36 +03:00 · 2025-03-24 00:46:37 +03:30 · 2025-03-24 00:46:37 +03:30 · c6beeabf04
commit c6beeabf04
parent 607c2a6d31
6 changed files with 27 additions and 8 deletions
--- a/common/platform/filesystem/file.go
+++ b/common/platform/filesystem/file.go
@ -3,6 +3,7 @@ package filesystem
 import (
 	"io"
 	"os"
+	"path/filepath"

 	"github.com/xtls/xray-core/common/buf"
 	"github.com/xtls/xray-core/common/platform"
@ -28,6 +29,13 @@ func ReadAsset(file string) ([]byte, error) {
 	return ReadFile(platform.GetAssetLocation(file))
 }

+func ReadCertificate(file string) ([]byte, error) {
+	if filepath.IsAbs(file) {
+		return ReadFile(file)
+	}
+	return ReadFile(platform.GetCertificateLocation(file))
+}
+
 func CopyFile(dst string, src string) error {
 	bytes, err := ReadFile(src)
 	if err != nil {
--- a/common/platform/others.go
+++ b/common/platform/others.go
@ -42,3 +42,8 @@ func GetAssetLocation(file string) string {
 	// asset not found, let the caller throw out the error
 	return defPath
 }
+
+func GetCertificateLocation(file string) string {
+	certificatePath := NewEnvFlag(CertificateLocation).GetValue(getExecutableDir)
+	return filepath.Join(certificatePath, file)
+}
--- a/common/platform/platform.go
+++ b/common/platform/platform.go
@ -8,11 +8,12 @@ import (
 )

 const (
-	PluginLocation  = "xray.location.plugin"
-	ConfigLocation  = "xray.location.config"
-	ConfdirLocation = "xray.location.confdir"
-	ToolLocation    = "xray.location.tool"
-	AssetLocation   = "xray.location.asset"
+	PluginLocation      = "xray.location.plugin"
+	ConfigLocation      = "xray.location.config"
+	ConfdirLocation     = "xray.location.confdir"
+	ToolLocation        = "xray.location.tool"
+	AssetLocation       = "xray.location.asset"
+	CertificateLocation = "xray.location.certificate"

 	UseReadV         = "xray.buf.readv"
 	UseFreedomSplice = "xray.buf.splice"
--- a/common/platform/windows.go
+++ b/common/platform/windows.go
@ -24,3 +24,8 @@ func GetAssetLocation(file string) string {
 	assetPath := NewEnvFlag(AssetLocation).GetValue(getExecutableDir)
 	return filepath.Join(assetPath, file)
 }
+
+func GetCertificateLocation(file string) string {
+	certificatePath := NewEnvFlag(CertificateLocation).GetValue(getExecutableDir)
+	return filepath.Join(certificatePath, file)
+}
--- a/infra/conf/transport_internet.go
+++ b/infra/conf/transport_internet.go
@ -334,7 +334,7 @@ func (c *SplitHTTPConfig) Build() (proto.Message, error) {

 func readFileOrString(f string, s []string) ([]byte, error) {
 	if len(f) > 0 {
-		return filesystem.ReadFile(f)
+		return filesystem.ReadCertificate(f)
 	}
 	if len(s) > 0 {
 		return []byte(strings.Join(s, "\n")), nil
--- a/transport/internet/tls/config.go
+++ b/transport/internet/tls/config.go
@ -109,12 +109,12 @@ func setupOcspTicker(entry *Certificate, callback func(isReloaded, isOcspstaplin
 		for {
 			var isReloaded bool
 			if entry.CertificatePath != "" && entry.KeyPath != "" {
-				newCert, err := filesystem.ReadFile(entry.CertificatePath)
+				newCert, err := filesystem.ReadCertificate(entry.CertificatePath)
 				if err != nil {
 					errors.LogErrorInner(context.Background(), err, "failed to parse certificate")
 					return
 				}
-				newKey, err := filesystem.ReadFile(entry.KeyPath)
+				newKey, err := filesystem.ReadCertificate(entry.KeyPath)
 				if err != nil {
 					errors.LogErrorInner(context.Background(), err, "failed to parse key")
 					return