Add "nosni" option to send empty SNI (#3214)

* Allow not to send SNI

* Allow reality not to send SNI
This commit is contained in:
风扇滑翔翼 2024-04-01 23:02:19 +08:00 committed by yuhan6665
parent ba57ccdd45
commit ec2224974d
2 changed files with 11 additions and 1 deletions

View file

@ -116,6 +116,8 @@ func UClient(c net.Conn, config *Config, ctx context.Context, dest net.Destinati
} }
if utlsConfig.ServerName == "" { if utlsConfig.ServerName == "" {
utlsConfig.ServerName = dest.Address.String() utlsConfig.ServerName = dest.Address.String()
} else if strings.ToLower(utlsConfig.ServerName) == "nosni" { // If ServerName is set to "nosni", we set it empty.
utlsConfig.ServerName = ""
} }
uConn.ServerName = utlsConfig.ServerName uConn.ServerName = utlsConfig.ServerName
fingerprint := tls.GetFingerprint(config.Fingerprint) fingerprint := tls.GetFingerprint(config.Fingerprint)

View file

@ -325,6 +325,11 @@ func (c *Config) GetTLSConfig(opts ...Option) *tls.Config {
config.ServerName = sn config.ServerName = sn
} }
// If ServerName is set to "nosni", we set it empty.
if strings.ToLower(c.parseServerName()) == "nosni" {
config.ServerName = ""
}
if len(config.NextProtos) == 0 { if len(config.NextProtos) == 0 {
config.NextProtos = []string{"h2", "http/1.1"} config.NextProtos = []string{"h2", "http/1.1"}
} }
@ -365,7 +370,7 @@ func (c *Config) GetTLSConfig(opts ...Option) *tls.Config {
config.PreferServerCipherSuites = c.PreferServerCipherSuites config.PreferServerCipherSuites = c.PreferServerCipherSuites
if (len(c.MasterKeyLog) > 0 && c.MasterKeyLog != "none") { if len(c.MasterKeyLog) > 0 && c.MasterKeyLog != "none" {
writer, err := os.OpenFile(c.MasterKeyLog, os.O_CREATE|os.O_RDWR|os.O_APPEND, 0644) writer, err := os.OpenFile(c.MasterKeyLog, os.O_CREATE|os.O_RDWR|os.O_APPEND, 0644)
if err != nil { if err != nil {
newError("failed to open ", c.MasterKeyLog, " as master key log").AtError().Base(err).WriteToLog() newError("failed to open ", c.MasterKeyLog, " as master key log").AtError().Base(err).WriteToLog()
@ -381,6 +386,9 @@ func (c *Config) GetTLSConfig(opts ...Option) *tls.Config {
type Option func(*tls.Config) type Option func(*tls.Config)
// WithDestination sets the server name in TLS config. // WithDestination sets the server name in TLS config.
// Due to the incorrect structure of GetTLSConfig(), the config.ServerName will always be empty.
// So the real logic for SNI is:
// set it to dest -> overwrite it with servername(if it's len>0).
func WithDestination(dest net.Destination) Option { func WithDestination(dest net.Destination) Option {
return func(config *tls.Config) { return func(config *tls.Config) {
if config.ServerName == "" { if config.ServerName == "" {