py-mihomo-trojan-interface 0.1.0__tar.gz

py_mihomo_trojan_interface-0.1.0/.gitignore

@@ -0,0 +1,218 @@
+# Byte-compiled / optimized / DLL files
+__pycache__/
+*.py[codz]
+*$py.class
+
+# C extensions
+*.so
+
+# Distribution / packaging
+.Python
+build/
+develop-eggs/
+dist/
+downloads/
+eggs/
+.eggs/
+lib/
+lib64/
+parts/
+sdist/
+var/
+wheels/
+share/python-wheels/
+*.egg-info/
+.installed.cfg
+*.egg
+MANIFEST
+
+# PyInstaller
+#   Usually these files are written by a python script from a template
+#   before PyInstaller builds the exe, so as to inject date/other infos into it.
+*.manifest
+*.spec
+
+# Installer logs
+pip-log.txt
+pip-delete-this-directory.txt
+
+# Unit test / coverage reports
+htmlcov/
+.tox/
+.nox/
+.coverage
+.coverage.*
+.cache
+nosetests.xml
+coverage.xml
+*.cover
+*.py.cover
+.hypothesis/
+.pytest_cache/
+cover/
+
+# Translations
+*.mo
+*.pot
+
+# Django stuff:
+*.log
+local_settings.py
+db.sqlite3
+db.sqlite3-journal
+
+# Flask stuff:
+instance/
+.webassets-cache
+
+# Scrapy stuff:
+.scrapy
+
+# Sphinx documentation
+docs/_build/
+
+# PyBuilder
+.pybuilder/
+target/
+
+# Jupyter Notebook
+.ipynb_checkpoints
+
+# IPython
+profile_default/
+ipython_config.py
+
+# pyenv
+#   For a library or package, you might want to ignore these files since the code is
+#   intended to run in multiple environments; otherwise, check them in:
+# .python-version
+
+# pipenv
+#   According to pypa/pipenv#598, it is recommended to include Pipfile.lock in version control.
+#   However, in case of collaboration, if having platform-specific dependencies or dependencies
+#   having no cross-platform support, pipenv may install dependencies that don't work, or not
+#   install all needed dependencies.
+# Pipfile.lock
+
+# UV
+#   Similar to Pipfile.lock, it is generally recommended to include uv.lock in version control.
+#   This is especially recommended for binary packages to ensure reproducibility, and is more
+#   commonly ignored for libraries.
+# uv.lock
+
+# poetry
+#   Similar to Pipfile.lock, it is generally recommended to include poetry.lock in version control.
+#   This is especially recommended for binary packages to ensure reproducibility, and is more
+#   commonly ignored for libraries.
+#   https://python-poetry.org/docs/basic-usage/#commit-your-poetrylock-file-to-version-control
+# poetry.lock
+# poetry.toml
+
+# pdm
+#   Similar to Pipfile.lock, it is generally recommended to include pdm.lock in version control.
+#   pdm recommends including project-wide configuration in pdm.toml, but excluding .pdm-python.
+#   https://pdm-project.org/en/latest/usage/project/#working-with-version-control
+# pdm.lock
+# pdm.toml
+.pdm-python
+.pdm-build/
+
+# pixi
+#   Similar to Pipfile.lock, it is generally recommended to include pixi.lock in version control.
+# pixi.lock
+#   Pixi creates a virtual environment in the .pixi directory, just like venv module creates one
+#   in the .venv directory. It is recommended not to include this directory in version control.
+.pixi
+
+# PEP 582; used by e.g. github.com/David-OConnor/pyflow and github.com/pdm-project/pdm
+__pypackages__/
+
+# Celery stuff
+celerybeat-schedule
+celerybeat.pid
+
+# Redis
+*.rdb
+*.aof
+*.pid
+
+# RabbitMQ
+mnesia/
+rabbitmq/
+rabbitmq-data/
+
+# ActiveMQ
+activemq-data/
+
+# SageMath parsed files
+*.sage.py
+
+# Environments
+.env
+.envrc
+.venv
+env/
+venv/
+ENV/
+env.bak/
+venv.bak/
+
+# Spyder project settings
+.spyderproject
+.spyproject
+
+# Rope project settings
+.ropeproject
+
+# mkdocs documentation
+/site
+
+# mypy
+.mypy_cache/
+.dmypy.json
+dmypy.json
+
+# Pyre type checker
+.pyre/
+
+# pytype static type analyzer
+.pytype/
+
+# Cython debug symbols
+cython_debug/
+
+# PyCharm
+#   JetBrains specific template is maintained in a separate JetBrains.gitignore that can
+#   be found at https://github.com/github/gitignore/blob/main/Global/JetBrains.gitignore
+#   and can be added to the global gitignore or merged into this file.  For a more nuclear
+#   option (not recommended) you can uncomment the following to ignore the entire idea folder.
+# .idea/
+
+# Abstra
+#   Abstra is an AI-powered process automation framework.
+#   Ignore directories containing user credentials, local state, and settings.
+#   Learn more at https://abstra.io/docs
+.abstra/
+
+# Visual Studio Code
+#   Visual Studio Code specific template is maintained in a separate VisualStudioCode.gitignore 
+#   that can be found at https://github.com/github/gitignore/blob/main/Global/VisualStudioCode.gitignore
+#   and can be added to the global gitignore or merged into this file. However, if you prefer, 
+#   you could uncomment the following to ignore the entire vscode folder
+# .vscode/
+# Temporary file for partial code execution
+tempCodeRunnerFile.py
+
+# Ruff stuff:
+.ruff_cache/
+
+# PyPI configuration file
+.pypirc
+
+# Marimo
+marimo/_static/
+marimo/_lsp/
+__marimo__/
+
+# Streamlit
+.streamlit/secrets.toml

py_mihomo_trojan_interface-0.1.0/LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2026 GGN_2015
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

py_mihomo_trojan_interface-0.1.0/PKG-INFO

@@ -0,0 +1,97 @@
+Metadata-Version: 2.4
+Name: py-mihomo-trojan-interface
+Version: 0.1.0
+Summary: Launch mihomo with an administrator-elevated Trojan config generated from a share URL.
+Author: GGN_2015
+License: MIT License
+        
+        Copyright (c) 2026 GGN_2015
+        
+        Permission is hereby granted, free of charge, to any person obtaining a copy
+        of this software and associated documentation files (the "Software"), to deal
+        in the Software without restriction, including without limitation the rights
+        to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+        copies of the Software, and to permit persons to whom the Software is
+        furnished to do so, subject to the following conditions:
+        
+        The above copyright notice and this permission notice shall be included in all
+        copies or substantial portions of the Software.
+        
+        THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+        IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+        FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+        AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+        LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+        OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+        SOFTWARE.
+License-File: LICENSE
+Keywords: administrator,clash,mihomo,proxy,trojan
+Classifier: Development Status :: 3 - Alpha
+Classifier: Environment :: Console
+Classifier: License :: OSI Approved :: MIT License
+Classifier: Operating System :: MacOS
+Classifier: Operating System :: Microsoft :: Windows
+Classifier: Operating System :: POSIX :: Linux
+Classifier: Programming Language :: Python :: 3
+Classifier: Programming Language :: Python :: 3 :: Only
+Classifier: Topic :: Internet :: Proxy Servers
+Classifier: Topic :: System :: Systems Administration
+Requires-Python: >=3.9
+Requires-Dist: py-admin-launch>=0.1.3
+Description-Content-Type: text/markdown
+
+# py-mihomo-trojan-interface
+
+Generate a mihomo YAML config from a `trojan://` share URL, relaunch with
+administrator privileges through `py-admin-launch`, and start mihomo with the
+generated config.
+
+## Install
+
+```bash
+python -m pip install -e .
+```
+
+## Usage
+
+Prefer passing the Trojan URL through stdin, an environment variable, or a file
+so the full URL does not stay in shell history.
+
+```bash
+printf '%s' 'trojan://<secret>@<host>:<port>?type=tcp&sni=<sni>#<name>' | \
+  mihomo-trojan \
+    --mihomo /path/to/mihomo \
+    --country-mmdb /path/to/Country.mmdb \
+    --trojan-url-stdin
+```
+
+PowerShell example:
+
+```powershell
+$env:MIHOMO_TROJAN_URL = 'trojan://<secret>@<host>:<port>?type=tcp&sni=<sni>#<name>'
+mihomo-trojan `
+  --mihomo C:\path\to\mihomo.exe `
+  --country-mmdb C:\path\to\Country.mmdb `
+  --trojan-url-env MIHOMO_TROJAN_URL
+```
+
+You can also pass the URL directly when needed:
+
+```bash
+mihomo-trojan \
+  --mihomo /path/to/mihomo \
+  --country-mmdb /path/to/Country.mmdb \
+  --trojan-url 'trojan://<secret>@<host>:<port>?type=tcp&sni=<sni>#<name>'
+```
+
+The launcher passes the mihomo data directory with `-d` and the generated YAML
+with `-f`. If `--data-dir` is not provided and the mmdb file is named
+`Country.mmdb`, the file's parent directory is used as the mihomo data
+directory.
+
+Useful options:
+
+```bash
+mihomo-trojan --help
+mihomo-trojan --dry-run --mihomo /path/to/mihomo --country-mmdb /path/to/Country.mmdb --trojan-url-env MIHOMO_TROJAN_URL
+```

py_mihomo_trojan_interface-0.1.0/README.md

@@ -0,0 +1,55 @@
+# py-mihomo-trojan-interface
+
+Generate a mihomo YAML config from a `trojan://` share URL, relaunch with
+administrator privileges through `py-admin-launch`, and start mihomo with the
+generated config.
+
+## Install
+
+```bash
+python -m pip install -e .
+```
+
+## Usage
+
+Prefer passing the Trojan URL through stdin, an environment variable, or a file
+so the full URL does not stay in shell history.
+
+```bash
+printf '%s' 'trojan://<secret>@<host>:<port>?type=tcp&sni=<sni>#<name>' | \
+  mihomo-trojan \
+    --mihomo /path/to/mihomo \
+    --country-mmdb /path/to/Country.mmdb \
+    --trojan-url-stdin
+```
+
+PowerShell example:
+
+```powershell
+$env:MIHOMO_TROJAN_URL = 'trojan://<secret>@<host>:<port>?type=tcp&sni=<sni>#<name>'
+mihomo-trojan `
+  --mihomo C:\path\to\mihomo.exe `
+  --country-mmdb C:\path\to\Country.mmdb `
+  --trojan-url-env MIHOMO_TROJAN_URL
+```
+
+You can also pass the URL directly when needed:
+
+```bash
+mihomo-trojan \
+  --mihomo /path/to/mihomo \
+  --country-mmdb /path/to/Country.mmdb \
+  --trojan-url 'trojan://<secret>@<host>:<port>?type=tcp&sni=<sni>#<name>'
+```
+
+The launcher passes the mihomo data directory with `-d` and the generated YAML
+with `-f`. If `--data-dir` is not provided and the mmdb file is named
+`Country.mmdb`, the file's parent directory is used as the mihomo data
+directory.
+
+Useful options:
+
+```bash
+mihomo-trojan --help
+mihomo-trojan --dry-run --mihomo /path/to/mihomo --country-mmdb /path/to/Country.mmdb --trojan-url-env MIHOMO_TROJAN_URL
+```

py_mihomo_trojan_interface-0.1.0/pyproject.toml

@@ -0,0 +1,37 @@
+[build-system]
+requires = ["hatchling>=1.25"]
+build-backend = "hatchling.build"
+
+[project]
+name = "py-mihomo-trojan-interface"
+version = "0.1.0"
+description = "Launch mihomo with an administrator-elevated Trojan config generated from a share URL."
+readme = "README.md"
+requires-python = ">=3.9"
+license = { file = "LICENSE" }
+authors = [
+  { name = "GGN_2015" },
+]
+keywords = ["mihomo", "clash", "trojan", "proxy", "administrator"]
+classifiers = [
+  "Development Status :: 3 - Alpha",
+  "Environment :: Console",
+  "License :: OSI Approved :: MIT License",
+  "Operating System :: MacOS",
+  "Operating System :: Microsoft :: Windows",
+  "Operating System :: POSIX :: Linux",
+  "Programming Language :: Python :: 3",
+  "Programming Language :: Python :: 3 :: Only",
+  "Topic :: Internet :: Proxy Servers",
+  "Topic :: System :: Systems Administration",
+]
+dependencies = [
+  "py-admin-launch>=0.1.3",
+]
+
+[project.scripts]
+mihomo-trojan = "mihomo_trojan_interface.cli:main"
+py-mihomo-trojan-interface = "mihomo_trojan_interface.cli:main"
+
+[tool.hatch.build.targets.wheel]
+packages = ["src/mihomo_trojan_interface"]

py_mihomo_trojan_interface-0.1.0/src/mihomo_trojan_interface/__init__.py

@@ -0,0 +1,3 @@
+"""Command line helpers for launching mihomo with a generated Trojan config."""
+
+__version__ = "0.1.0"

py_mihomo_trojan_interface-0.1.0/src/mihomo_trojan_interface/__main__.py

@@ -0,0 +1,7 @@
+from __future__ import annotations
+
+from .cli import main
+
+
+if __name__ == "__main__":
+    raise SystemExit(main())

py_mihomo_trojan_interface-0.1.0/src/mihomo_trojan_interface/cli.py

@@ -0,0 +1,313 @@
+from __future__ import annotations
+
+import argparse
+import ctypes
+import os
+import shutil
+import subprocess
+import sys
+import tempfile
+from pathlib import Path
+
+from . import __version__
+from .config import (
+    find_running_mihomo_processes,
+    flush_windows_dns,
+    generate_config,
+    write_config,
+)
+
+
+def is_admin() -> bool:
+    if os.name == "nt":
+        try:
+            return bool(ctypes.windll.shell32.IsUserAnAdmin())
+        except OSError:
+            return False
+    geteuid = getattr(os, "geteuid", None)
+    return bool(geteuid is not None and geteuid() == 0)
+
+
+def build_parser() -> argparse.ArgumentParser:
+    parser = argparse.ArgumentParser(
+        prog="mihomo-trojan",
+        description="Generate a mihomo Trojan YAML config, elevate privileges, and launch mihomo.",
+    )
+    parser.add_argument("trojan_url", nargs="?", help="trojan:// share URL")
+    parser.add_argument("--mihomo", required=True, help="path to the mihomo executable")
+    parser.add_argument("--country-mmdb", required=True, help="path to Country.mmdb")
+    parser.add_argument("--trojan-url", dest="trojan_url_option", help="trojan:// share URL")
+    parser.add_argument("--trojan-url-file", help="read the trojan:// share URL from a text file")
+    parser.add_argument("--trojan-url-env", help="read the trojan:// share URL from an environment variable")
+    parser.add_argument("--trojan-url-stdin", action="store_true", help="read the trojan:// share URL from stdin")
+    parser.add_argument("--config", help="output mihomo YAML path; defaults to <data-dir>/mihomo-trojan.yaml")
+    parser.add_argument("--data-dir", help="mihomo data directory passed to mihomo with -d")
+    parser.add_argument("--mixed-port", type=int, default=7890, help="mihomo mixed proxy port")
+    parser.add_argument("--controller", default="127.0.0.1:9090", help="external-controller address")
+    parser.add_argument("--no-tun", action="store_true", help="disable TUN in generated config")
+    parser.add_argument(
+        "--keep-server-domain",
+        action="store_true",
+        help="keep the original server domain instead of resolving it to IPv4",
+    )
+    parser.add_argument("--server-ip", action="append", default=[], help="pin a server IPv4 address; repeatable")
+    parser.add_argument("--connect-ip", default="", help="IPv4 address to use in proxies[].server")
+    parser.add_argument("--resolve-timeout", type=float, default=5.0, help="DNS/connect timeout in seconds")
+    parser.add_argument("--resolve-dns-server", default="223.5.5.5", help="DNS server used while generating")
+    parser.add_argument("--strict-cert", action="store_true", help="set skip-cert-verify to false")
+    parser.add_argument("--interface-name", default="", help="physical outbound interface name")
+    parser.add_argument("--node-name", default="", help="override proxy node name")
+    parser.add_argument("--host-alias", action="append", default=[], help="additional CNAME/host to pin; repeatable")
+    parser.add_argument("--allow-running", action="store_true", help="continue even when another mihomo process is found")
+    parser.add_argument("--no-flush-dns", action="store_true", help="skip ipconfig /flushdns on Windows")
+    parser.add_argument("--mihomo-arg", action="append", default=[], help="extra argument passed to mihomo; repeatable")
+    parser.add_argument("--no-wait-mihomo", action="store_true", help="start mihomo in the background")
+    parser.add_argument("--dry-run", action="store_true", help="write the config but do not start mihomo")
+    parser.add_argument("--no-elevate", action="store_true", help=argparse.SUPPRESS)
+    parser.add_argument("--delete-trojan-url-file", action="store_true", help=argparse.SUPPRESS)
+    parser.add_argument("--version", action="version", version=f"%(prog)s {__version__}")
+    return parser
+
+
+def read_trojan_url(args: argparse.Namespace, parser: argparse.ArgumentParser) -> str:
+    sources = [
+        value is not None
+        for value in [
+            args.trojan_url,
+            args.trojan_url_option,
+            args.trojan_url_file,
+            args.trojan_url_env,
+        ]
+    ]
+    sources.append(args.trojan_url_stdin)
+    if sum(1 for used in sources if used) != 1:
+        parser.error("provide exactly one trojan URL source")
+
+    if args.trojan_url is not None:
+        link = args.trojan_url
+    elif args.trojan_url_option is not None:
+        link = args.trojan_url_option
+    elif args.trojan_url_file is not None:
+        path = Path(args.trojan_url_file)
+        try:
+            link = path.read_text(encoding="utf-8").strip()
+        finally:
+            if args.delete_trojan_url_file:
+                try:
+                    path.unlink()
+                except FileNotFoundError:
+                    pass
+    elif args.trojan_url_env is not None:
+        link = os.environ.get(args.trojan_url_env, "").strip()
+        if not link:
+            parser.error(f"environment variable {args.trojan_url_env!r} is empty or missing")
+    else:
+        link = sys.stdin.read().strip()
+
+    if not link:
+        parser.error("trojan URL is empty")
+    return link
+
+
+def write_secret_temp_file(secret: str) -> Path:
+    fd, name = tempfile.mkstemp(prefix="mihomo-trojan-url-", suffix=".txt")
+    path = Path(name)
+    try:
+        with os.fdopen(fd, "w", encoding="utf-8", newline="\n") as handle:
+            handle.write(secret)
+            handle.write("\n")
+        try:
+            path.chmod(0o600)
+        except OSError:
+            pass
+    except BaseException:
+        try:
+            path.unlink()
+        finally:
+            raise
+    return path
+
+
+def resolve_executable(value: str) -> Path:
+    candidate = Path(value).expanduser()
+    if candidate.exists():
+        return candidate.resolve()
+
+    resolved = shutil.which(value)
+    if resolved:
+        return Path(resolved).resolve()
+    raise FileNotFoundError(f"mihomo executable not found: {value}")
+
+
+def resolve_existing_file(value: str, label: str) -> Path:
+    path = Path(value).expanduser()
+    if not path.is_file():
+        raise FileNotFoundError(f"{label} not found: {value}")
+    return path.resolve()
+
+
+def prepare_data_dir(country_mmdb: Path, requested_data_dir: str | None) -> Path:
+    if requested_data_dir:
+        data_dir = Path(requested_data_dir).expanduser().resolve()
+        data_dir.mkdir(parents=True, exist_ok=True)
+        target = data_dir / "Country.mmdb"
+        if country_mmdb.resolve() != target.resolve():
+            shutil.copy2(country_mmdb, target)
+        return data_dir
+
+    if country_mmdb.name == "Country.mmdb":
+        return country_mmdb.parent.resolve()
+
+    data_dir = Path(tempfile.gettempdir()) / "mihomo-trojan-interface"
+    data_dir.mkdir(parents=True, exist_ok=True)
+    shutil.copy2(country_mmdb, data_dir / "Country.mmdb")
+    return data_dir.resolve()
+
+
+def config_path_for(args: argparse.Namespace, data_dir: Path) -> Path:
+    if args.config:
+        return Path(args.config).expanduser().resolve()
+    return data_dir / "mihomo-trojan.yaml"
+
+
+def child_argv_from_args(args: argparse.Namespace, trojan_url_file: Path) -> list[str]:
+    child = [
+        "--mihomo",
+        str(args.mihomo),
+        "--country-mmdb",
+        str(args.country_mmdb),
+        "--trojan-url-file",
+        str(trojan_url_file),
+        "--delete-trojan-url-file",
+    ]
+
+    if args.config:
+        child.extend(["--config", args.config])
+    if args.data_dir:
+        child.extend(["--data-dir", args.data_dir])
+    child.extend(["--mixed-port", str(args.mixed_port)])
+    child.extend(["--controller", args.controller])
+    if args.no_tun:
+        child.append("--no-tun")
+    if args.keep_server_domain:
+        child.append("--keep-server-domain")
+    for value in args.server_ip:
+        child.extend(["--server-ip", value])
+    if args.connect_ip:
+        child.extend(["--connect-ip", args.connect_ip])
+    child.extend(["--resolve-timeout", str(args.resolve_timeout)])
+    child.extend(["--resolve-dns-server", args.resolve_dns_server])
+    if args.strict_cert:
+        child.append("--strict-cert")
+    if args.interface_name:
+        child.extend(["--interface-name", args.interface_name])
+    if args.node_name:
+        child.extend(["--node-name", args.node_name])
+    for value in args.host_alias:
+        child.extend(["--host-alias", value])
+    if args.allow_running:
+        child.append("--allow-running")
+    if args.no_flush_dns:
+        child.append("--no-flush-dns")
+    for value in args.mihomo_arg:
+        child.extend(["--mihomo-arg", value])
+    if args.no_wait_mihomo:
+        child.append("--no-wait-mihomo")
+    if args.dry_run:
+        child.append("--dry-run")
+    return child
+
+
+def relaunch_as_admin(args: argparse.Namespace, trojan_url: str) -> int:
+    from py_admin_launch import launch
+
+    args.mihomo = str(resolve_executable(args.mihomo))
+    args.country_mmdb = str(resolve_existing_file(args.country_mmdb, "Country.mmdb"))
+    secret_path = write_secret_temp_file(trojan_url)
+    command = [
+        sys.executable,
+        "-m",
+        "mihomo_trojan_interface",
+        *child_argv_from_args(args, secret_path),
+        "--no-elevate",
+    ]
+    try:
+        result = launch(command, cwd=os.getcwd(), wait=True)
+    except BaseException:
+        try:
+            secret_path.unlink()
+        except OSError:
+            pass
+        raise
+    return 0 if result.returncode is None else int(result.returncode)
+
+
+def run_mihomo(command: list[str], cwd: Path, no_wait: bool) -> int:
+    if no_wait:
+        process = subprocess.Popen(command, cwd=str(cwd))
+        print(f"Started mihomo with PID {process.pid}.")
+        return 0
+    return subprocess.run(command, cwd=str(cwd), check=False).returncode
+
+
+def run(args: argparse.Namespace, trojan_url: str) -> int:
+    mihomo = resolve_executable(args.mihomo)
+    country_mmdb = resolve_existing_file(args.country_mmdb, "Country.mmdb")
+
+    if not args.allow_running:
+        running = find_running_mihomo_processes()
+        if running:
+            print("mihomo appears to be running; refusing to generate a competing config.", file=sys.stderr)
+            print("Use --allow-running to override this check.", file=sys.stderr)
+            return 2
+
+    if not args.no_flush_dns:
+        if flush_windows_dns():
+            print("Flushed Windows DNS cache.")
+        elif sys.platform.startswith("win"):
+            print("Warning: failed to flush Windows DNS cache.", file=sys.stderr)
+
+    data_dir = prepare_data_dir(country_mmdb, args.data_dir)
+    config_path = config_path_for(args, data_dir)
+    generated = generate_config(
+        trojan_url,
+        mixed_port=args.mixed_port,
+        controller=args.controller,
+        enable_tun=not args.no_tun,
+        keep_server_domain=args.keep_server_domain,
+        server_ips=args.server_ip,
+        connect_ip=args.connect_ip,
+        resolve_timeout=args.resolve_timeout,
+        resolve_dns_server=args.resolve_dns_server,
+        skip_cert_verify=not args.strict_cert,
+        interface_name=args.interface_name,
+        node_name=args.node_name,
+        host_aliases=args.host_alias,
+    )
+    write_config(config_path, generated.content)
+
+    print(f"Wrote mihomo config: {config_path}")
+    print(f"Using mihomo data dir: {data_dir}")
+    if args.dry_run:
+        print("Dry run complete; mihomo was not started.")
+        return 0
+
+    command = [str(mihomo), "-d", str(data_dir), "-f", str(config_path), *args.mihomo_arg]
+    print("Starting mihomo with administrator privileges.")
+    return run_mihomo(command, data_dir, args.no_wait_mihomo)
+
+
+def main(argv: list[str] | None = None) -> int:
+    parser = build_parser()
+    args = parser.parse_args(argv)
+
+    try:
+        trojan_url = read_trojan_url(args, parser)
+        if not args.no_elevate and not is_admin():
+            return relaunch_as_admin(args, trojan_url)
+        return run(args, trojan_url)
+    except KeyboardInterrupt:
+        return 130
+    except Exception as exc:
+        print(f"Error: {exc}", file=sys.stderr)
+        return 1

py_mihomo_trojan_interface-0.1.0/src/mihomo_trojan_interface/config.py

@@ -0,0 +1,504 @@
+from __future__ import annotations
+
+import ipaddress
+import os
+import re
+import socket
+import ssl
+import subprocess
+import sys
+import time
+from dataclasses import dataclass
+from pathlib import Path
+from typing import Iterable
+from urllib.parse import parse_qs, unquote, urlsplit
+
+
+DEFAULT_GOOGLE_RULES = [
+    "DOMAIN-SUFFIX,google.com.hk,Proxy",
+    "DOMAIN-SUFFIX,google.com,Proxy",
+    "DOMAIN-SUFFIX,pki.goog,Proxy",
+    "DOMAIN-SUFFIX,googletrustservices.com,Proxy",
+    "DOMAIN-SUFFIX,googleapis.com,Proxy",
+    "DOMAIN-SUFFIX,gstatic.com,Proxy",
+    "DOMAIN-SUFFIX,googleusercontent.com,Proxy",
+    "DOMAIN-SUFFIX,googlevideo.com,Proxy",
+    "DOMAIN-SUFFIX,ggpht.com,Proxy",
+    "DOMAIN-SUFFIX,ytimg.com,Proxy",
+    "DOMAIN-SUFFIX,youtube.com,Proxy",
+    "DOMAIN-KEYWORD,google,Proxy",
+]
+
+
+@dataclass(frozen=True)
+class TrojanLink:
+    name: str
+    password: str
+    host: str
+    port: int
+    sni: str
+    network: str
+
+
+@dataclass(frozen=True)
+class ResolvedTrojanConfig:
+    content: str
+    node: TrojanLink
+    resolved_ips: list[str]
+    connect_ip: str
+    host_aliases: list[str]
+
+
+def yaml_quote(value: object) -> str:
+    text = str(value)
+    text = text.replace("\\", "\\\\").replace('"', '\\"')
+    return f'"{text}"'
+
+
+def yaml_bool(value: bool) -> str:
+    return "true" if value else "false"
+
+
+def first_query_value(query: dict[str, list[str]], key: str, default: str = "") -> str:
+    values = query.get(key)
+    return values[0] if values else default
+
+
+def parse_trojan_link(link: str) -> TrojanLink:
+    link = link.strip().strip('"').strip("'")
+    parsed = urlsplit(link)
+
+    if parsed.scheme.lower() != "trojan":
+        raise ValueError("Only trojan:// links are supported.")
+    if not parsed.hostname:
+        raise ValueError("Trojan link is missing server hostname.")
+    if not parsed.username:
+        raise ValueError("Trojan link is missing password.")
+
+    query = parse_qs(parsed.query, keep_blank_values=True)
+    name = unquote(parsed.fragment) if parsed.fragment else parsed.hostname
+    password = unquote(parsed.username)
+    host = parsed.hostname
+    port = parsed.port or 443
+    sni = first_query_value(query, "sni", host)
+    network = first_query_value(query, "type", "tcp").lower() or "tcp"
+
+    return TrojanLink(
+        name=name,
+        password=password,
+        host=host,
+        port=port,
+        sni=sni,
+        network=network,
+    )
+
+
+def unique_preserve_order(values: Iterable[str]) -> list[str]:
+    seen: set[str] = set()
+    result: list[str] = []
+    for value in values:
+        if value and value not in seen:
+            seen.add(value)
+            result.append(value)
+    return result
+
+
+def is_ip_address(host: str) -> bool:
+    try:
+        ipaddress.ip_address(host)
+        return True
+    except ValueError:
+        return False
+
+
+def _ipv4_from_getaddrinfo(host: str) -> list[str]:
+    try:
+        infos = socket.getaddrinfo(host, None, socket.AF_INET, socket.SOCK_STREAM)
+    except OSError:
+        return []
+    return unique_preserve_order(info[4][0] for info in infos)
+
+
+def resolve_ipv4(host: str, timeout: float = 5.0, dns_server: str = "223.5.5.5") -> list[str]:
+    if is_ip_address(host):
+        return [host] if "." in host else []
+
+    try:
+        completed = subprocess.run(
+            ["nslookup", host, dns_server],
+            check=False,
+            capture_output=True,
+            text=True,
+            timeout=timeout,
+            encoding="utf-8",
+            errors="ignore",
+        )
+    except (OSError, subprocess.TimeoutExpired):
+        return _ipv4_from_getaddrinfo(host)
+
+    output = completed.stdout + "\n" + completed.stderr
+    ips = re.findall(r"\b(?:\d{1,3}\.){3}\d{1,3}\b", output)
+    result = unique_preserve_order(ip for ip in ips if is_ip_address(ip) and ip != dns_server)
+    return result or _ipv4_from_getaddrinfo(host)
+
+
+def resolve_cname_aliases(host: str, timeout: float = 5.0, dns_server: str = "223.5.5.5") -> list[str]:
+    if is_ip_address(host):
+        return []
+
+    try:
+        completed = subprocess.run(
+            ["nslookup", "-type=CNAME", host, dns_server],
+            check=False,
+            capture_output=True,
+            text=True,
+            timeout=timeout,
+            encoding="utf-8",
+            errors="ignore",
+        )
+    except (OSError, subprocess.TimeoutExpired):
+        return []
+
+    output = completed.stdout + "\n" + completed.stderr
+    aliases: list[str] = []
+    for pattern in [
+        r"canonical name\s*=\s*([^\s]+)",
+        r"Aliases:\s*([^\s]+)",
+    ]:
+        aliases.extend(match.rstrip(".") for match in re.findall(pattern, output, flags=re.IGNORECASE))
+    return [alias for alias in unique_preserve_order(aliases) if alias.lower() != host.lower()]
+
+
+def tcp_connects(ip: str, port: int, timeout: float = 3.0) -> bool:
+    try:
+        with socket.create_connection((ip, port), timeout=timeout):
+            return True
+    except OSError:
+        return False
+
+
+def tls_connect_latency(ip: str, port: int, sni: str, timeout: float = 4.0) -> float | None:
+    start = time.monotonic()
+    try:
+        with socket.create_connection((ip, port), timeout=timeout) as raw:
+            context = ssl._create_unverified_context()
+            with context.wrap_socket(raw, server_hostname=sni):
+                return time.monotonic() - start
+    except OSError:
+        return None
+
+
+def choose_connect_ip(ips: list[str], port: int, sni: str, timeout: float) -> str:
+    candidates: list[tuple[float, str]] = []
+    for ip in ips:
+        latency = tls_connect_latency(ip, port, sni, min(timeout, 4.0))
+        if latency is not None:
+            candidates.append((latency, ip))
+    if candidates:
+        return min(candidates)[1]
+
+    tcp_candidates: list[tuple[float, str]] = []
+    for ip in ips:
+        start = time.monotonic()
+        if tcp_connects(ip, port, min(timeout, 3.0)):
+            tcp_candidates.append((time.monotonic() - start, ip))
+    if tcp_candidates:
+        return min(tcp_candidates)[1]
+    return ips[0] if ips else ""
+
+
+def find_running_mihomo_processes() -> list[str]:
+    if sys.platform.startswith("win"):
+        return _find_running_mihomo_processes_windows()
+    return _find_running_mihomo_processes_posix()
+
+
+def _find_running_mihomo_processes_windows() -> list[str]:
+    try:
+        completed = subprocess.run(
+            [
+                "powershell",
+                "-NoProfile",
+                "-Command",
+                "$names = 'mihomo|clash|verge|party'; "
+                "$procs = Get-CimInstance Win32_Process | "
+                "Where-Object { $_.Name -match $names } | "
+                "ForEach-Object { \"$($_.ProcessId):$($_.Name)\" }; "
+                "$ports = Get-NetTCPConnection -State Listen -ErrorAction SilentlyContinue | "
+                "Where-Object { $_.LocalPort -in 7890,9090 } | "
+                "ForEach-Object { \"listen:$($_.LocalAddress):$($_.LocalPort)\" }; "
+                "$procs + $ports",
+            ],
+            check=False,
+            capture_output=True,
+            text=True,
+            timeout=5,
+            encoding="utf-8",
+            errors="ignore",
+        )
+    except (OSError, subprocess.TimeoutExpired):
+        return []
+
+    return unique_preserve_order(line.strip() for line in completed.stdout.splitlines() if line.strip())
+
+
+def _find_running_mihomo_processes_posix() -> list[str]:
+    try:
+        completed = subprocess.run(
+            ["pgrep", "-fl", "mihomo|clash|verge|party"],
+            check=False,
+            capture_output=True,
+            text=True,
+            timeout=5,
+            encoding="utf-8",
+            errors="ignore",
+        )
+    except (OSError, subprocess.TimeoutExpired):
+        return []
+
+    current_pid = str(os.getpid())
+    return unique_preserve_order(
+        line.strip()
+        for line in completed.stdout.splitlines()
+        if line.strip() and not line.strip().startswith(current_pid + " ")
+    )
+
+
+def flush_windows_dns() -> bool:
+    if not sys.platform.startswith("win"):
+        return False
+
+    try:
+        completed = subprocess.run(
+            ["ipconfig", "/flushdns"],
+            check=False,
+            capture_output=True,
+            text=True,
+            timeout=10,
+            encoding="utf-8",
+            errors="ignore",
+        )
+    except (OSError, subprocess.TimeoutExpired):
+        return False
+
+    return completed.returncode == 0
+
+
+def build_yaml(
+    node: TrojanLink,
+    *,
+    mixed_port: int,
+    controller: str,
+    enable_tun: bool,
+    server_ips: list[str],
+    connect_ip: str,
+    skip_cert_verify: bool,
+    interface_name: str,
+    node_name: str,
+    host_aliases: list[str],
+) -> str:
+    pinned_ips = unique_preserve_order([*server_ips, connect_ip])
+    server = connect_ip or (server_ips[0] if server_ips else node.host)
+    route_excludes = pinned_ips if pinned_ips else ([node.host] if is_ip_address(node.host) else [])
+    display_name = node_name or node.name
+
+    host_map: dict[str, list[str]] = {}
+    if pinned_ips and not is_ip_address(node.host):
+        for host in unique_preserve_order([node.host, *host_aliases]):
+            host_map[host] = pinned_ips
+
+    lines: list[str] = [
+        f"mixed-port: {mixed_port}",
+        "allow-lan: false",
+        "bind-address: 127.0.0.1",
+        "mode: rule",
+        "log-level: error",
+        "ipv6: false",
+        f"interface-name: {yaml_quote(interface_name)}" if interface_name else 'interface-name: ""',
+        "geodata-mode: false",
+        "geo-auto-update: false",
+        "geo-update-interval: 24",
+        f"external-controller: {yaml_quote(controller)}",
+        'secret: ""',
+        "unified-delay: true",
+        "tcp-concurrent: false",
+        "",
+        "tun:",
+        f"  enable: {yaml_bool(enable_tun)}",
+        "  stack: mixed",
+        "  auto-route: true",
+        "  auto-detect-interface: true",
+        "  strict-route: false",
+    ]
+
+    if route_excludes:
+        lines.append("  route-exclude-address:")
+        for value in route_excludes:
+            suffix = "/32" if "." in value and "/" not in value else ""
+            lines.append(f"    - {value}{suffix}")
+
+    lines.extend(
+        [
+            "  dns-hijack:",
+            "    - 198.18.0.2:53",
+            "    - tcp://198.18.0.2:53",
+            "    - any:53",
+            "    - tcp://any:53",
+            "",
+            "profile:",
+            "  store-selected: true",
+            "  store-fake-ip: false",
+            "",
+            "dns:",
+            "  enable: true",
+            "  listen: 0.0.0.0:1053",
+            "  ipv6: false",
+            "  enhanced-mode: redir-host",
+            "  use-hosts: true",
+            "  use-system-hosts: true",
+        ]
+    )
+
+    if host_map:
+        lines.append("  nameserver-hosts:")
+        for host, ips in host_map.items():
+            lines.append(f"    {yaml_quote(host)}:")
+            for ip in ips:
+                lines.append(f"      - {ip}")
+
+    lines.extend(
+        [
+            "  default-nameserver:",
+            "    - 223.5.5.5",
+            "    - 119.29.29.29",
+            "  nameserver:",
+            "    - https://dns.alidns.com/dns-query",
+            "    - https://doh.pub/dns-query",
+            "  fallback:",
+            "    - https://1.1.1.1/dns-query",
+            "    - https://8.8.8.8/dns-query",
+            "  fallback-filter:",
+            "    geoip: true",
+            "    geoip-code: CN",
+            "",
+            "sniffer:",
+            "  enable: true",
+            "  force-dns-mapping: true",
+            "  parse-pure-ip: false",
+            "  sniff:",
+            "    TLS:",
+            "      ports:",
+            "        - 443",
+            "        - 8443",
+            "    HTTP:",
+            "      ports:",
+            "        - 80",
+            "        - 8080-8880",
+            "      override-destination: true",
+            "    QUIC:",
+            "      ports:",
+            "        - 443",
+            "        - 8443",
+            "",
+            "proxies:",
+            f"  - name: {yaml_quote(display_name)}",
+            "    type: trojan",
+            f"    server: {server}",
+            f"    port: {node.port}",
+            f"    password: {yaml_quote(node.password)}",
+            "    udp: true",
+            "    tls: true",
+            f"    sni: {yaml_quote(node.sni)}",
+            f"    network: {yaml_quote(node.network)}",
+            f"    skip-cert-verify: {yaml_bool(skip_cert_verify)}",
+            "",
+            "proxy-groups:",
+            '  - name: "Proxy"',
+            "    type: select",
+            "    proxies:",
+            f"      - {yaml_quote(display_name)}",
+            "      - DIRECT",
+            "",
+            "rules:",
+        ]
+    )
+
+    if not is_ip_address(node.host):
+        lines.append(f"  - DOMAIN,{node.host},DIRECT")
+    for host in host_aliases:
+        if not is_ip_address(host):
+            lines.append(f"  - DOMAIN,{host},DIRECT")
+    if node.sni and node.sni != node.host and not is_ip_address(node.sni):
+        lines.append(f"  - DOMAIN,{node.sni},DIRECT")
+    for ip in pinned_ips:
+        lines.append(f"  - IP-CIDR,{ip}/32,DIRECT,no-resolve")
+
+    lines.extend(f"  - {rule}" for rule in DEFAULT_GOOGLE_RULES)
+    lines.extend(
+        [
+            "  - DOMAIN-SUFFIX,local,DIRECT",
+            "  - DOMAIN-SUFFIX,localhost,DIRECT",
+            "  - IP-CIDR,127.0.0.0/8,DIRECT",
+            "  - IP-CIDR,10.0.0.0/8,DIRECT",
+            "  - IP-CIDR,172.16.0.0/12,DIRECT",
+            "  - IP-CIDR,192.168.0.0/16,DIRECT",
+            "  - IP-CIDR,224.0.0.0/4,DIRECT",
+            "  - GEOIP,CN,DIRECT",
+            "  - MATCH,Proxy",
+        ]
+    )
+
+    return "\n".join(lines) + "\n"
+
+
+def generate_config(
+    link: str,
+    *,
+    mixed_port: int,
+    controller: str,
+    enable_tun: bool,
+    keep_server_domain: bool,
+    server_ips: list[str],
+    connect_ip: str,
+    resolve_timeout: float,
+    resolve_dns_server: str,
+    skip_cert_verify: bool,
+    interface_name: str,
+    node_name: str,
+    host_aliases: list[str],
+) -> ResolvedTrojanConfig:
+    node = parse_trojan_link(link)
+    auto_host_aliases = (
+        resolve_cname_aliases(node.host, resolve_timeout, resolve_dns_server) if not keep_server_domain else []
+    )
+    all_host_aliases = unique_preserve_order([*host_aliases, *auto_host_aliases])
+    resolved_ips = unique_preserve_order(server_ips)
+    if not resolved_ips and not keep_server_domain:
+        resolved_ips = resolve_ipv4(node.host, resolve_timeout, resolve_dns_server)
+    selected_connect_ip = connect_ip or choose_connect_ip(resolved_ips, node.port, node.sni, resolve_timeout)
+
+    content = build_yaml(
+        node,
+        mixed_port=mixed_port,
+        controller=controller,
+        enable_tun=enable_tun,
+        server_ips=resolved_ips,
+        connect_ip=selected_connect_ip,
+        skip_cert_verify=skip_cert_verify,
+        interface_name=interface_name,
+        node_name=node_name,
+        host_aliases=all_host_aliases,
+    )
+
+    return ResolvedTrojanConfig(
+        content=content,
+        node=node,
+        resolved_ips=resolved_ips,
+        connect_ip=selected_connect_ip,
+        host_aliases=all_host_aliases,
+    )
+
+
+def write_config(path: Path, content: str) -> None:
+    path.parent.mkdir(parents=True, exist_ok=True)
+    path.write_text(content, encoding="utf-8", newline="\n")

py_mihomo_trojan_interface-0.1.0/tests/test_config.py

@@ -0,0 +1,46 @@
+from __future__ import annotations
+
+import unittest
+
+from mihomo_trojan_interface.config import build_yaml, parse_trojan_link
+
+
+class TrojanConfigTests(unittest.TestCase):
+    def test_parse_trojan_link(self) -> None:
+        node = parse_trojan_link(
+            "trojan://password@example.com:443?security=tls&type=tcp&sni=edge.example.com#Example"
+        )
+
+        self.assertEqual(node.name, "Example")
+        self.assertEqual(node.password, "password")
+        self.assertEqual(node.host, "example.com")
+        self.assertEqual(node.port, 443)
+        self.assertEqual(node.sni, "edge.example.com")
+        self.assertEqual(node.network, "tcp")
+
+    def test_build_yaml_contains_mihomo_trojan_node(self) -> None:
+        node = parse_trojan_link("trojan://password@example.com:443?type=tcp&sni=edge.example.com#Example")
+
+        content = build_yaml(
+            node,
+            mixed_port=7890,
+            controller="127.0.0.1:9090",
+            enable_tun=True,
+            server_ips=["203.0.113.10"],
+            connect_ip="203.0.113.10",
+            skip_cert_verify=True,
+            interface_name="",
+            node_name="",
+            host_aliases=["alias.example.com"],
+        )
+
+        self.assertIn("mixed-port: 7890", content)
+        self.assertIn("type: trojan", content)
+        self.assertIn("server: 203.0.113.10", content)
+        self.assertIn('password: "password"', content)
+        self.assertIn('sni: "edge.example.com"', content)
+        self.assertIn("  - IP-CIDR,203.0.113.10/32,DIRECT,no-resolve", content)
+
+
+if __name__ == "__main__":
+    unittest.main()