Commit graph

42 commits

Author SHA1 Message Date
RPRX beb603af06 Allow IP address ServerName when "serverName" is not configured
In this case, TLS Client Hello will not have SNI (RFC 6066, Section 3)
2023-03-26 10:57:20 +00:00
Yue Yin 03b8c094de Support SPKI Fingerprint Pinning
Support SPKI Fingerprint Pinning for TLSObject
2023-02-24 11:47:00 -05:00
RPRX 4d5c3195d2
Refine random
Fixes https://github.com/XTLS/Xray-core/issues/1666
2023-02-18 05:55:19 +00:00
RPRX f32921df30
Refine randomized
But we should avoid using it unless we have to, see
https://github.com/refraction-networking/utls/pull/157#issuecomment-1417156797
2023-02-08 14:51:15 +08:00
RPRX dc72cf2c78
Refine fingerprints
Fixes https://github.com/XTLS/Xray-core/issues/1577
2023-02-01 12:58:17 +00:00
RPRX b70912799b
Generate *.pb.go files with protoc v3.21.12
https://github.com/protocolbuffers/protobuf/releases/tag/v21.12
go install google.golang.org/protobuf/cmd/protoc-gen-go@v1.28
go install google.golang.org/grpc/cmd/protoc-gen-go-grpc@v1.2
go run ./infra/vprotogen
2023-01-30 04:35:30 +00:00
mra9776 f571aa72df
uTLS PinnedPeerCertificateChainSha256 (#1556)
* Add tests for utls PinnedPeerCertificateChain

* Fix utls not checking PinnedPeerCertificate

Co-authored-by: ahmadi <ahmadi@meshkan.com>
2023-01-27 04:19:49 +00:00
yuhan6665 3fb67f065a
Add fingerprint xray_random (#1540)
* Add fingerprint xray_random

xray_random means to pick a random uTLS fingerprint at the core startup
This way, the fingerprint is stable for a user for some days. While there is no identifiable signature for the whole xray community

* Fingerprint "random" refine

Exclude old fingerprint from RNG
2023-01-20 23:36:08 -05:00
yuhan6665 32ce7cd730 Add new uTLS fingerprints
- correct safari
- new format is the variable name in https://github.com/refraction-networking/utls/blob/master/u_common.go#L163
- notable ones "HelloChrome_106_Shuffle", "Hello360_Auto", "HelloQQ_Auto"
2023-01-09 09:19:53 -05:00
yuhan6665 c4fbdf1b78 Run core/format.go 2022-12-25 19:47:53 -05:00
Hirbod Behnam da0b13cca0
Added uTLS to gRPC (#1264)
* Added uTLS to gRPC

* Use base 16 of ciphers as StandardName
2022-10-21 21:06:36 -04:00
Hirbod Behnam 1f93cbbc5d
Added utls to websocket (#1256)
* Added utls to websocket

* Slightly better code

One less allocation
2022-10-18 10:34:41 -04:00
Hirbod Behnam 93c7ebe382 Added utls to http2 transport 2022-10-13 10:44:49 -04:00
yuhan6665 8117b66949 Generate all protos 2022-10-10 13:17:32 -04:00
世界 f046feb9ca
Reformat code 2022-05-18 15:29:01 +08:00
yuhan6665 acb81ebe3d
Verify peer cert function for better man in the middle prevention (#746)
* verify peer cert function for better man in the middle prevention

* publish cert chain hash generation algorithm

* added calculation of certificate hash as separate command and tlsping, use base64 to represent fingerprint to align with jsonPb

* apply coding style

* added test case for pinned certificates

* refactored cert pin

* pinned cert test

* added json loading of the PinnedPeerCertificateChainSha256

* removed tool to prepare for v5

* Add server cert pinning for Xtls

Change command "xray tls certChainHash" to xray style

Co-authored-by: Shelikhoo <xiaokangwang@outlook.com>
2021-10-22 12:38:40 +08:00
yuhan6665 e286cdcaa8
Style: format code by gofumpt (#761) 2021-10-20 00:57:14 +08:00
hmol233 7033f7cf5f
Fix: protobuf file (#724) 2021-09-20 22:41:09 +08:00
Arthur Morgan ffc2f7c4e2 Style: format code 2021-09-20 21:00:55 +08:00
WeidiDeng b0b2aaa70c
Fixed refresh error when multiple certificates exist (#663)
* Fix when there are multiple certs, after refresh from file all will be the same as the last.
2021-09-18 03:48:22 +08:00
yuhan6665 42d158bd85
vprotogen refine (#717)
* Update all proto files with existing vprotogen
* Chore: remove protoc-gen-gofast
* Feat: vprotogen adds version detector to block generation code from old protobuf version
* Feat: vprotogen refine logic

Co-authored-by: Loyalsoldier <10487845+Loyalsoldier@users.noreply.github.com>
2021-09-18 01:16:14 +08:00
Arthur Morgan 7a9e72b133
Merge pull request #589 from bhoppi/main
Fix: new cert issuing is incorrectly delayed
2021-09-08 00:50:32 +08:00
Bhoppi Chaw 2220411644 fix new cert issuing is incorrectly delayed 2021-06-05 23:32:05 +08:00
hmol233 e8a8465220
Fix reject unknown sni with single cert 2021-05-10 00:28:40 +08:00
hmol233 1f92b948c0
Fix errNoCertificates 2021-05-10 00:11:45 +08:00
hmol233 53b99efe78
Add: reject unknown SNI
Co-Authored-By: 玖柒Max <60207794+jiuqi9997@users.noreply.github.com>
2021-05-09 23:47:21 +08:00
RPRX 4bf8b6d89c
Fix uTLS fingerprints support
Thank @HirbodBehnam https://github.com/XTLS/Xray-core/issues/461
2021-04-01 09:15:18 +00:00
RPRX a9e11075d1
Add uTLS fingerprints support (#451) 2021-03-29 10:08:29 +00:00
RPRX 8b9c0ae593
Enable (X)TLS hot reloading by default (#281)
Super BiuBiu
2021-02-20 02:15:57 +00:00
eMeab 81d993158f
Support hot reloading of certificate and key files (#225) 2021-02-12 15:33:19 +00:00
eMeab c13b8ec9bb
Fix OCSP Stapling (#172)
Co-authored-by: RPRX <63339210+rprx@users.noreply.github.com>
2021-01-30 23:17:07 +00:00
RPRX 7df135a5c4
Disable session resumption by default
https://github.com/v2fly/v2ray-core/issues/557#issuecomment-751962569
2021-01-01 11:33:09 +00:00
RPRX a78db47571
Adjust OCSP Stapling 2020-12-25 15:10:12 +00:00
eMeab 3d7e86efba
Add OCSP Stapling for TLS & XTLS (#92) 2020-12-25 08:01:20 +00:00
RPRX ff9bb2d8df
Optimize cipherSuites setting loader 2020-12-17 09:25:30 +00:00
RPRX 38faac5ffc
Adjust config loader of TLS & XTLS 2020-12-16 15:59:04 +00:00
eMeab 88dfed931b
Add cipherSuites setting for TLS & XTLS (#78) 2020-12-16 12:53:55 +00:00
RPRX ed0e9b12dc
Adjust ProtoBuf of TLS & XTLS 2020-12-16 08:50:18 +00:00
eMeab dab978749c
Add minVersion setting for TLS & XTLS (#77) 2020-12-16 05:20:24 +00:00
RPRX f8faf3c8b8 Removal: confonly 2020-12-11 13:05:29 +08:00
RPRX 16544c18ab v1.1.0 2020-12-04 09:36:16 +08:00
RPRX c7f7c08ead v1.0.0 2020-11-25 19:01:53 +08:00