delete insecure hint

2025-12-17 12:34:37 +03:00 · 2023-04-24 14:21:06 +09:00
parent 923f15e69c
commit bc9c5799b1
16 changed files with 8 additions and 122 deletions
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -170,7 +170,6 @@ set(PROJECT_SOURCES
        fmt/Bean2CoreObj_box.cpp
        fmt/Bean2External.cpp
        fmt/Bean2Link.cpp
        fmt/InsecureHint.cpp
        fmt/Link2Bean.cpp
        fmt/ChainBean.hpp # translate
--- a/fmt/AbstractBean.hpp
+++ b/fmt/AbstractBean.hpp
@@ -63,10 +63,6 @@ namespace NekoRay::fmt {
        virtual ExternalBuildResult BuildExternal(int mapping_port, int socks_port, int external_stat) { return {}; };
        virtual QString ToShareLink() { return {}; };
        virtual QString InsecureHint() { return {}; };
        QString DisplayInsecureHint();
    };
 } // namespace NekoRay::fmt
--- a/fmt/InsecureHint.cpp
+++ b/fmt/InsecureHint.cpp
@@ -1,61 +0,0 @@
 #include "V2RayStreamSettings.hpp"
 #include "ShadowSocksBean.hpp"
 #include "VMessBean.hpp"
 #include "TrojanVLESSBean.hpp"
 #include "SocksHttpBean.hpp"
 namespace NekoRay::fmt {
    QString AbstractBean::DisplayInsecureHint() {
        if (!dataStore->insecure_hint) return {};
        auto insecure_hint = InsecureHint();
        auto stream = GetStreamSettings(this);
        if (stream != nullptr) insecure_hint += "\n" + stream->InsecureHint();
        return insecure_hint.trimmed();
    }
    QString V2rayStreamSettings::InsecureHint() const {
        if (allow_insecure) {
            return QObject::tr("The configuration (insecure) can be detected and identified, the transmission is fully visible to the censor and is not resistant to man-in-the-middle tampering with the content of the communication.");
        }
        return {};
    }
    QString ShadowSocksBean::InsecureHint() {
        if (method.contains("-poly") || method.contains("-gcm")) {
            return {};
        }
        return QObject::tr(
            "This configuration (Shadowsocks streaming cipher) can be accurately proactively detected and decrypted by censors without requiring a password, and cannot be mitigated by turning on IV replay filters on the server side.\n"
            "\n"
            "Learn more: https://github.com/net4people/bbs/issues/24");
    }
    QString VMessBean::InsecureHint() {
        if (security == "none" || security == "zero") {
            if (stream->security.isEmpty()) {
                return QObject::tr("This profile is cleartext, don't use it if the server is not in your local network.");
            }
        }
        if (aid > 0) {
            return QObject::tr(
                "This configuration (VMess MD5 authentication) has been deprecated by upstream because of its questionable resistance to tampering and concealment.\n"
                "\n"
                "As of January 1, 2022, compatibility with MD5 authentication information will be disabled on the server side by default. Any client using MD5 authentication information will not be able to connect to a server with VMess MD5 authentication information disabled.");
        }
        return {};
    }
    QString TrojanVLESSBean::InsecureHint() {
        if (stream->security.isEmpty()) {
            return QObject::tr("This profile is cleartext, don't use it if the server is not in your local network.");
        }
        return {};
    }
    QString SocksHttpBean::InsecureHint() {
        if (stream->security.isEmpty()) {
            return QObject::tr("This profile is cleartext, don't use it if the server is not in your local network.");
        }
        return {};
    }
 } // namespace NekoRay::fmt
--- a/fmt/ShadowSocksBean.hpp
+++ b/fmt/ShadowSocksBean.hpp
@@ -28,7 +28,5 @@ namespace NekoRay::fmt {
        bool TryParseLink(const QString &link);
        QString ToShareLink() override;
        QString InsecureHint() override;
    };
 } // namespace NekoRay::fmt
--- a/fmt/SocksHttpBean.hpp
+++ b/fmt/SocksHttpBean.hpp
@@ -33,7 +33,5 @@ namespace NekoRay::fmt {
        bool TryParseLink(const QString &link);
        QString ToShareLink() override;
        QString InsecureHint() override;
    };
 } // namespace NekoRay::fmt
--- a/fmt/TrojanVLESSBean.hpp
+++ b/fmt/TrojanVLESSBean.hpp
@@ -31,7 +31,5 @@ namespace NekoRay::fmt {
        bool TryParseLink(const QString &link);
        QString ToShareLink() override;
        QString InsecureHint() override;
    };
 } // namespace NekoRay::fmt
--- a/fmt/V2RayStreamSettings.hpp
+++ b/fmt/V2RayStreamSettings.hpp
@@ -47,8 +47,6 @@ namespace NekoRay::fmt {
        QJsonObject BuildStreamSettingsV2Ray();
        void BuildStreamSettingsSingBox(QJsonObject *outbound);
        [[nodiscard]] QString InsecureHint() const;
    };
    inline V2rayStreamSettings *GetStreamSettings(AbstractBean *bean) {
--- a/fmt/VMessBean.hpp
+++ b/fmt/VMessBean.hpp
@@ -28,7 +28,5 @@ namespace NekoRay::fmt {
        bool TryParseLink(const QString &link);
        QString ToShareLink() override;
        QString InsecureHint() override;
    };
 } // namespace NekoRay::fmt
--- a/main/NekoRay.cpp
+++ b/main/NekoRay.cpp
@@ -47,7 +47,6 @@ namespace NekoRay {
        _add(new configItem("remember_enable", &remember_enable, itemType::boolean));
        _add(new configItem("language", &language, itemType::integer));
        _add(new configItem("spmode", &remember_spmode, itemType::integer));
        _add(new configItem("insecure_hint", &insecure_hint, itemType::boolean));
        _add(new configItem("skip_cert", &skip_cert, itemType::boolean));
        _add(new configItem("hk_mw", &hotkey_mainwindow, itemType::string));
        _add(new configItem("hk_group", &hotkey_group, itemType::string));
--- a/main/NekoRay_DataStore.hpp
+++ b/main/NekoRay_DataStore.hpp
@@ -99,7 +99,6 @@ namespace NekoRay {
        bool sub_insecure = false;
        // Security
        bool insecure_hint = true;
        bool skip_cert = false;
        int enable_js_hook = 0;
        QString utlsFingerprint = "";
--- a/translations/fa_IR.ts
+++ b/translations/fa_IR.ts
@@ -102,7 +102,7 @@
    </message>
    <message>
        <source>Insecure hint</source>
-        <translation>اشاره ناامن</translation>
+        <translation type="vanished">اشاره ناامن</translation>
    </message>
    <message>
        <source>Statistics refresh rate</source>
@@ -1328,7 +1328,7 @@ End: %2</source>
    </message>
    <message>
        <source>Profile is insecure: %1</source>
-        <translation>پروفایل ناامن می باشد: %1</translation>
+        <translation type="vanished">پروفایل ناامن می باشد: %1</translation>
    </message>
    <message>
        <source>Stopping profile %1</source>
@@ -1465,26 +1465,6 @@ Deleted %3 Profiles:
        <source>Chain Proxy</source>
        <translation>پروکسی زنجیره ای</translation>
    </message>
    <message>
        <source>The configuration (insecure) can be detected and identified, the transmission is fully visible to the censor and is not resistant to man-in-the-middle tampering with the content of the communication.</source>
        <translation type="unfinished"></translation>
    </message>
    <message>
        <source>This configuration (Shadowsocks streaming cipher) can be accurately proactively detected and decrypted by censors without requiring a password, and cannot be mitigated by turning on IV replay filters on the server side.
 Learn more: https://github.com/net4people/bbs/issues/24</source>
        <translation type="unfinished"></translation>
    </message>
    <message>
        <source>This profile is cleartext, don&apos;t use it if the server is not in your local network.</source>
        <translation type="unfinished"></translation>
    </message>
    <message>
        <source>This configuration (VMess MD5 authentication) has been deprecated by upstream because of its questionable resistance to tampering and concealment.
 As of January 1, 2022, compatibility with MD5 authentication information will be disabled on the server side by default. Any client using MD5 authentication information will not be able to connect to a server with VMess MD5 authentication information disabled.</source>
        <translation type="unfinished"></translation>
    </message>
    <message>
        <source>Core not found: %1</source>
        <translation type="unfinished"></translation>
--- a/translations/zh_CN.ts
+++ b/translations/zh_CN.ts
@@ -97,7 +97,7 @@
    </message>
    <message>
        <source>Insecure hint</source>
-        <translation>提示不安全的配置</translation>
+        <translation type="vanished">提示不安全的配置</translation>
    </message>
    <message>
        <source>Statistics refresh rate</source>
@@ -1144,7 +1144,7 @@ End: %2</source>
    </message>
    <message>
        <source>Profile is insecure: %1</source>
-        <translation>配置不安全: %1</translation>
+        <translation type="vanished">配置不安全: %1</translation>
    </message>
    <message>
        <source>Remove Unavailable</source>
@@ -1453,13 +1453,13 @@ Release note:
    </message>
    <message>
        <source>The configuration (insecure) can be detected and identified, the transmission is fully visible to the censor and is not resistant to man-in-the-middle tampering with the content of the communication.</source>
-        <translation>该配置 (不安全) 能够被检测识别，传输的内容对审查者完全可见，并且无法抵抗中间人篡改通讯内容.</translation>
+        <translation type="vanished">该配置 (不安全) 能够被检测识别，传输的内容对审查者完全可见，并且无法抵抗中间人篡改通讯内容.</translation>
    </message>
    <message>
        <source>This configuration (Shadowsocks streaming cipher) can be accurately proactively detected and decrypted by censors without requiring a password, and cannot be mitigated by turning on IV replay filters on the server side.
 Learn more: https://github.com/net4people/bbs/issues/24</source>
-        <translation>该配置 (Shadowsocks 流式密码) 可以被准确地主动探测、在不需要密码的情况下被审查者解密流量, 且服务端开启 IV 重放过滤器也无法缓解.
+        <translation type="vanished">该配置 (Shadowsocks 流式密码) 可以被准确地主动探测、在不需要密码的情况下被审查者解密流量, 且服务端开启 IV 重放过滤器也无法缓解.
 了解更多: https://github.com/net4people/bbs/issues/24</translation>
    </message>
@@ -1467,7 +1467,7 @@ Learn more: https://github.com/net4people/bbs/issues/24</source>
        <source>This configuration (VMess MD5 authentication) has been deprecated by upstream because of its questionable resistance to tampering and concealment.
 As of January 1, 2022, compatibility with MD5 authentication information will be disabled on the server side by default. Any client using MD5 authentication information will not be able to connect to a server with VMess MD5 authentication information disabled.</source>
-        <translation>该配置 (VMess MD5 认证) 抗篡改能力存疑, 隐蔽性存疑, 已被上游废弃.
+        <translation type="vanished">该配置 (VMess MD5 认证) 抗篡改能力存疑, 隐蔽性存疑, 已被上游废弃.
 自 2022 年 1 月 1 日起, 服务器端将默认禁用对于 MD5 认证信息 的兼容. 任何使用 MD5 认证信息的客户端将无法连接到禁用 VMess MD5 认证信息的服务器端.</translation>
    </message>
@@ -1489,7 +1489,7 @@ As of January 1, 2022, compatibility with MD5 authentication information will be
    </message>
    <message>
        <source>This profile is cleartext, don&apos;t use it if the server is not in your local network.</source>
-        <translation>该配置为明文传输，如果服务器不在本地局域网，请不要使用。</translation>
+        <translation type="vanished">该配置为明文传输，如果服务器不在本地局域网，请不要使用。</translation>
    </message>
    <message>
        <source>Select</source>
--- a/ui/dialog_basic_settings.cpp
+++ b/ui/dialog_basic_settings.cpp
@@ -248,7 +248,6 @@ DialogBasicSettings::DialogBasicSettings(QWidget *parent)
    ui->utlsFingerprint->addItems(IS_NEKO_BOX ? Preset::SingBox::UtlsFingerPrint : Preset::V2Ray::UtlsFingerPrint);
    D_LOAD_BOOL(insecure_hint)
    D_LOAD_BOOL(skip_cert)
    ui->enable_js_hook->setCurrentIndex(NekoRay::dataStore->enable_js_hook);
    ui->utlsFingerprint->setCurrentText(NekoRay::dataStore->utlsFingerprint);
@@ -304,7 +303,6 @@ void DialogBasicSettings::accept() {
    // Security
    D_SAVE_BOOL(insecure_hint)
    D_SAVE_BOOL(skip_cert)
    NekoRay::dataStore->enable_js_hook = ui->enable_js_hook->currentIndex();
    NekoRay::dataStore->utlsFingerprint = ui->utlsFingerprint->currentText();
--- a/ui/dialog_basic_settings.ui
+++ b/ui/dialog_basic_settings.ui
@@ -663,13 +663,6 @@
       <string>Security</string>
      </attribute>
      <layout class="QVBoxLayout" name="verticalLayout_4">
       <item>
        <widget class="QCheckBox" name="insecure_hint">
         <property name="text">
          <string>Insecure hint</string>
         </property>
        </widget>
       </item>
       <item>
        <widget class="QCheckBox" name="skip_cert">
         <property name="text">
--- a/ui/mainwindow.cpp
+++ b/ui/mainwindow.cpp
@@ -933,11 +933,6 @@ void MainWindow::refresh_proxy_list_impl_refresh_data(const int &id) {
        // C0: Type
        auto f = f0->clone();
        f->setText(profile->bean->DisplayType());
        auto insecure_hint = profile->bean->DisplayInsecureHint();
        if (!insecure_hint.isEmpty()) {
            f->setBackground(Qt::red);
            f->setToolTip(insecure_hint);
        }
        ui->proxyListTable->setItem(row, 0, f);
        // C1: Address+Port
--- a/ui/mainwindow_grpc.cpp
+++ b/ui/mainwindow_grpc.cpp
@@ -216,8 +216,6 @@ void MainWindow::neko_start(int _id) {
    if (NekoRay::dataStore->started_id >= 0) neko_stop();
    show_log_impl(">>>>>>>> " + tr("Starting profile %1").arg(ent->bean->DisplayTypeAndName()));
    auto insecure_hint = ent->bean->DisplayInsecureHint();
    if (!insecure_hint.isEmpty()) show_log_impl(">>>>>>>> " + tr("Profile is insecure: %1").arg(insecure_hint));
 #ifndef NKR_NO_GRPC
    libcore::LoadConfigReq req;