mirror of
https://github.com/XTLS/Xray-core.git
synced 2024-11-22 08:31:28 +00:00
Add "nosni" option to send empty SNI (#3214)
* Allow not to send SNI * Allow reality not to send SNI
This commit is contained in:
parent
ba57ccdd45
commit
ec2224974d
|
@ -116,6 +116,8 @@ func UClient(c net.Conn, config *Config, ctx context.Context, dest net.Destinati
|
||||||
}
|
}
|
||||||
if utlsConfig.ServerName == "" {
|
if utlsConfig.ServerName == "" {
|
||||||
utlsConfig.ServerName = dest.Address.String()
|
utlsConfig.ServerName = dest.Address.String()
|
||||||
|
} else if strings.ToLower(utlsConfig.ServerName) == "nosni" { // If ServerName is set to "nosni", we set it empty.
|
||||||
|
utlsConfig.ServerName = ""
|
||||||
}
|
}
|
||||||
uConn.ServerName = utlsConfig.ServerName
|
uConn.ServerName = utlsConfig.ServerName
|
||||||
fingerprint := tls.GetFingerprint(config.Fingerprint)
|
fingerprint := tls.GetFingerprint(config.Fingerprint)
|
||||||
|
|
|
@ -325,6 +325,11 @@ func (c *Config) GetTLSConfig(opts ...Option) *tls.Config {
|
||||||
config.ServerName = sn
|
config.ServerName = sn
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// If ServerName is set to "nosni", we set it empty.
|
||||||
|
if strings.ToLower(c.parseServerName()) == "nosni" {
|
||||||
|
config.ServerName = ""
|
||||||
|
}
|
||||||
|
|
||||||
if len(config.NextProtos) == 0 {
|
if len(config.NextProtos) == 0 {
|
||||||
config.NextProtos = []string{"h2", "http/1.1"}
|
config.NextProtos = []string{"h2", "http/1.1"}
|
||||||
}
|
}
|
||||||
|
@ -365,7 +370,7 @@ func (c *Config) GetTLSConfig(opts ...Option) *tls.Config {
|
||||||
|
|
||||||
config.PreferServerCipherSuites = c.PreferServerCipherSuites
|
config.PreferServerCipherSuites = c.PreferServerCipherSuites
|
||||||
|
|
||||||
if (len(c.MasterKeyLog) > 0 && c.MasterKeyLog != "none") {
|
if len(c.MasterKeyLog) > 0 && c.MasterKeyLog != "none" {
|
||||||
writer, err := os.OpenFile(c.MasterKeyLog, os.O_CREATE|os.O_RDWR|os.O_APPEND, 0644)
|
writer, err := os.OpenFile(c.MasterKeyLog, os.O_CREATE|os.O_RDWR|os.O_APPEND, 0644)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
newError("failed to open ", c.MasterKeyLog, " as master key log").AtError().Base(err).WriteToLog()
|
newError("failed to open ", c.MasterKeyLog, " as master key log").AtError().Base(err).WriteToLog()
|
||||||
|
@ -381,6 +386,9 @@ func (c *Config) GetTLSConfig(opts ...Option) *tls.Config {
|
||||||
type Option func(*tls.Config)
|
type Option func(*tls.Config)
|
||||||
|
|
||||||
// WithDestination sets the server name in TLS config.
|
// WithDestination sets the server name in TLS config.
|
||||||
|
// Due to the incorrect structure of GetTLSConfig(), the config.ServerName will always be empty.
|
||||||
|
// So the real logic for SNI is:
|
||||||
|
// set it to dest -> overwrite it with servername(if it's len>0).
|
||||||
func WithDestination(dest net.Destination) Option {
|
func WithDestination(dest net.Destination) Option {
|
||||||
return func(config *tls.Config) {
|
return func(config *tls.Config) {
|
||||||
if config.ServerName == "" {
|
if config.ServerName == "" {
|
||||||
|
|
Loading…
Reference in a new issue