Merge 2e01ff19f7 into ea0da32e81

fix: rename verifyPeerCertInNames to verifyPeerCertByName to be compatible with xray-core v26.1.31 (#3723 )
feat: enhance geofile update process with conditional GET and modification time handling
2026-02-28 21:23:01 +00:00 · 2026-01-31 22:03:21 +03:00 · 2026-01-31 19:50:08 +01:00 · 2026-01-22 00:25:32 +03:00
3 changed files with 53 additions and 7 deletions
--- a/web/assets/js/model/inbound.js
+++ b/web/assets/js/model/inbound.js
@ -554,7 +554,7 @@ class TlsStreamSettings extends XrayCommonClass {
        maxVersion = TLS_VERSION_OPTION.TLS13,
        cipherSuites = '',
        rejectUnknownSni = false,
-        verifyPeerCertInNames = ['dns.google', 'cloudflare-dns.com'],
+        verifyPeerCertByName = ['dns.google', 'cloudflare-dns.com'],
        disableSystemRoot = false,
        enableSessionResumption = false,
        certificates = [new TlsStreamSettings.Cert()],
@ -569,7 +569,7 @@ class TlsStreamSettings extends XrayCommonClass {
        this.maxVersion = maxVersion;
        this.cipherSuites = cipherSuites;
        this.rejectUnknownSni = rejectUnknownSni;
-        this.verifyPeerCertInNames = Array.isArray(verifyPeerCertInNames) ? verifyPeerCertInNames.join(",") : verifyPeerCertInNames;
+        this.verifyPeerCertByName = Array.isArray(verifyPeerCertByName) ? verifyPeerCertByName.join(",") : verifyPeerCertByName;
        this.disableSystemRoot = disableSystemRoot;
        this.enableSessionResumption = enableSessionResumption;
        this.certs = certificates;
@ -603,7 +603,7 @@ class TlsStreamSettings extends XrayCommonClass {
            json.maxVersion,
            json.cipherSuites,
            json.rejectUnknownSni,
-            json.verifyPeerCertInNames,
+            json.verifyPeerCertByName,
            json.disableSystemRoot,
            json.enableSessionResumption,
            certs,
@ -621,7 +621,7 @@ class TlsStreamSettings extends XrayCommonClass {
            maxVersion: this.maxVersion,
            cipherSuites: this.cipherSuites,
            rejectUnknownSni: this.rejectUnknownSni,
-            verifyPeerCertInNames: this.verifyPeerCertInNames.split(","),
+            verifyPeerCertByName: this.verifyPeerCertByName.split(","),
            disableSystemRoot: this.disableSystemRoot,
            enableSessionResumption: this.enableSessionResumption,
            certificates: TlsStreamSettings.toJsonArray(this.certs),
--- a/web/html/form/tls_settings.html
+++ b/web/html/form/tls_settings.html
@ -57,8 +57,8 @@
    <a-form-item label="Session Resumption">
      <a-switch v-model="inbound.stream.tls.enableSessionResumption"></a-switch>
    </a-form-item>
-    <a-form-item label="VerifyPeerCertInNames">
-      <a-input v-model.trim="inbound.stream.tls.verifyPeerCertInNames"></a-input>
+    <a-form-item label="verifyPeerCertByName">
+      <a-input v-model.trim="inbound.stream.tls.verifyPeerCertByName"></a-input>
    </a-form-item>
    <a-divider :style="{ margin: '3px 0' }"></a-divider>
    <template v-for="cert,index in inbound.stream.tls.certs">
--- a/web/service/server.go
+++ b/web/service/server.go
@ -1088,12 +1088,57 @@ func (s *ServerService) UpdateGeofile(fileName string) error {
 		}
 	}
 	downloadFile := func(url, destPath string) error {
-		resp, err := http.Get(url)
+		var req *http.Request
+		req, err := http.NewRequest("GET", url, nil)
+		if err != nil {
+				return common.NewErrorf("Failed to create HTTP request for %s: %v", url, err)
+		}
+		var localFileModTime time.Time
+		if fileInfo, err := os.Stat(destPath); err == nil {
+			localFileModTime = fileInfo.ModTime()
+			if !localFileModTime.IsZero() {
+				req.Header.Set("If-Modified-Since", localFileModTime.UTC().Format(http.TimeFormat))
+			}
+		}
+		
+		client := &http.Client{}
+		resp, err := client.Do(req)
 		if err != nil {
 			return common.NewErrorf("Failed to download Geofile from %s: %v", url, err)
 		}
 		defer resp.Body.Close()

+		// Parse Last-Modified header from server
+		var serverModTime time.Time
+		serverModTimeStr := resp.Header.Get("Last-Modified")
+		if serverModTimeStr != "" {
+			parsedTime, err := time.Parse(http.TimeFormat, serverModTimeStr)
+			if err != nil {
+				logger.Warningf("Failed to parse Last-Modified header for %s: %v", url, err)
+			} else {
+				serverModTime = parsedTime
+			}
+		}
+
+		// Function to update local file's modification time
+		updateFileModTime := func() {
+			if !serverModTime.IsZero() {
+				if err := os.Chtimes(destPath, serverModTime, serverModTime); err != nil {
+					logger.Warningf("Failed to update modification time for %s: %v", destPath, err)
+				}
+			}
+		}
+
+		// Handle 304 Not Modified
+		if resp.StatusCode == http.StatusNotModified {
+			updateFileModTime()
+			return nil
+		}
+
+		if resp.StatusCode != http.StatusOK {
+			return common.NewErrorf("Failed to download Geofile from %s: received status code %d", url, resp.StatusCode)
+		}
+
 		file, err := os.Create(destPath)
 		if err != nil {
 			return common.NewErrorf("Failed to create Geofile %s: %v", destPath, err)
@ -1105,6 +1150,7 @@ func (s *ServerService) UpdateGeofile(fileName string) error {
 			return common.NewErrorf("Failed to save Geofile %s: %v", destPath, err)
 		}

+		updateFileModTime()
 		return nil
 	}
Author	SHA1	Message	Date
Nebulosa	feed212682	Merge `2e01ff19f7` into `ea0da32e81`	2026-01-31 22:03:21 +03:00
Farhad H. P. Shirvan	ea0da32e81	fix: rename `verifyPeerCertInNames` to `verifyPeerCertByName` to be compatible with xray-core v26.1.31 (#3723 )	2026-01-31 19:50:08 +01:00
Nebulosa	2e01ff19f7	feat: enhance geofile update process with conditional GET and modification time handling	2026-01-22 00:25:32 +03:00