From 87eaa79e5d25abaa05d3460197799c69645d0459 Mon Sep 17 00:00:00 2001 From: MHSanaei Date: Wed, 27 May 2026 03:14:19 +0200 Subject: [PATCH] fix(schemas): widen VLESS decryption/encryption to accept PQ values The post-quantum auth blocks (ML-KEM-768, X25519) populate `settings.decryption` / `settings.encryption` with values like `mlkem768x25519plus.` and `xchacha20-poly1305.aead.x25519`, but the schema pinned both fields to z.literal('none') so saving an inbound after picking "ML-KEM-768 auth" failed with `Invalid input: expected "none"`. Relax both fields (inbound + outbound + outbound form) to z.string().min(1) keeping the 'none' default. xray-core does its own validation server-side so a string check at the form boundary is enough. --- frontend/src/schemas/forms/outbound-form.ts | 2 +- frontend/src/schemas/protocols/inbound/vless.ts | 4 ++-- frontend/src/schemas/protocols/outbound/vless.ts | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/frontend/src/schemas/forms/outbound-form.ts b/frontend/src/schemas/forms/outbound-form.ts index c4ceb074..96ca63bf 100644 --- a/frontend/src/schemas/forms/outbound-form.ts +++ b/frontend/src/schemas/forms/outbound-form.ts @@ -64,7 +64,7 @@ export const VlessOutboundFormSettingsSchema = z.object({ port: PortSchema.default(443), id: z.string().default(''), flow: z.string().default(''), - encryption: z.literal('none').default('none'), + encryption: z.string().min(1).default('none'), reverseTag: z.string().default(''), reverseSniffing: ReverseSniffingFormSchema.default({ enabled: false, diff --git a/frontend/src/schemas/protocols/inbound/vless.ts b/frontend/src/schemas/protocols/inbound/vless.ts index 9badf0d4..381cd7d5 100644 --- a/frontend/src/schemas/protocols/inbound/vless.ts +++ b/frontend/src/schemas/protocols/inbound/vless.ts @@ -39,8 +39,8 @@ export type VlessClient = z.infer; export const VlessInboundSettingsSchema = z.object({ clients: z.array(VlessClientSchema).default([]), - decryption: z.literal('none').default('none'), - encryption: z.literal('none').default('none'), + decryption: z.string().min(1).default('none'), + encryption: z.string().min(1).default('none'), fallbacks: z.array(VlessFallbackSchema).default([]), // TODO: narrow to flow === 'xtls-rprx-vision' once a per-flow discriminator // exists. 4-positive-int padding seed for xtls-rprx-vision; backend uses diff --git a/frontend/src/schemas/protocols/outbound/vless.ts b/frontend/src/schemas/protocols/outbound/vless.ts index 792e4226..32f5ab93 100644 --- a/frontend/src/schemas/protocols/outbound/vless.ts +++ b/frontend/src/schemas/protocols/outbound/vless.ts @@ -7,7 +7,7 @@ export const VlessOutboundSettingsSchema = z.object({ port: z.number().int().min(1).max(65535), id: z.uuid(), flow: FlowSchema.default(''), - encryption: z.literal('none').default('none'), + encryption: z.string().min(1).default('none'), reverse: z .object({ tag: z.string(),