diff --git a/docs/configuration/inbound/hysteria.md b/docs/configuration/inbound/hysteria.md index ce4bd333..50260104 100644 --- a/docs/configuration/inbound/hysteria.md +++ b/docs/configuration/inbound/hysteria.md @@ -74,14 +74,10 @@ Hysteria users #### users.auth -==Required if `auth_str` is empty== - Authentication password, in base64. #### users.auth_str -==Required if `auth` is empty== - Authentication password. #### recv_window_conn diff --git a/docs/configuration/inbound/hysteria.zh.md b/docs/configuration/inbound/hysteria.zh.md index 856f22f4..b7534058 100644 --- a/docs/configuration/inbound/hysteria.zh.md +++ b/docs/configuration/inbound/hysteria.zh.md @@ -74,14 +74,10 @@ Hysteria 用户 #### users.auth -==与 auth_str 必填一个== - base64 编码的认证密码。 #### users.auth_str -==与 auth 必填一个== - 认证密码。 #### recv_window_conn diff --git a/inbound/hysteria.go b/inbound/hysteria.go index 14d00846..9c7d8ab0 100644 --- a/inbound/hysteria.go +++ b/inbound/hysteria.go @@ -187,20 +187,24 @@ func (h *Hysteria) accept(ctx context.Context, conn quic.Connection) error { if err != nil { return err } - userIndex := slices.Index(h.authKey, string(clientHello.Auth)) - if userIndex == -1 { - err = hysteria.WriteServerHello(controlStream, hysteria.ServerHello{ - Message: "wrong password", - }) - return E.Errors(E.New("wrong password: ", string(clientHello.Auth)), err) - } - user := h.authUser[userIndex] - if user == "" { - user = F.ToString(userIndex) + if len(h.authKey) > 0 { + userIndex := slices.Index(h.authKey, string(clientHello.Auth)) + if userIndex == -1 { + err = hysteria.WriteServerHello(controlStream, hysteria.ServerHello{ + Message: "wrong password", + }) + return E.Errors(E.New("wrong password: ", string(clientHello.Auth)), err) + } + user := h.authUser[userIndex] + if user == "" { + user = F.ToString(userIndex) + } else { + ctx = auth.ContextWithUser(ctx, user) + } + h.logger.InfoContext(ctx, "[", user, "] inbound connection from ", conn.RemoteAddr()) } else { - ctx = auth.ContextWithUser(ctx, user) + h.logger.InfoContext(ctx, "inbound connection from ", conn.RemoteAddr()) } - h.logger.InfoContext(ctx, "[", user, "] inbound connection from ", conn.RemoteAddr()) h.logger.DebugContext(ctx, "peer send speed: ", clientHello.SendBPS/1024/1024, " MBps, peer recv speed: ", clientHello.RecvBPS/1024/1024, " MBps") if clientHello.SendBPS == 0 || clientHello.RecvBPS == 0 { return E.New("invalid rate from client")