mirror of
https://github.com/SagerNet/sing-box.git
synced 2024-11-24 09:31:30 +00:00
Update utls to v1.6.7
This commit is contained in:
parent
846777cd0c
commit
926d6f769e
|
@ -217,18 +217,10 @@ func init() {
|
|||
|
||||
func uTLSClientHelloID(name string) (utls.ClientHelloID, error) {
|
||||
switch name {
|
||||
case "chrome_psk", "chrome_psk_shuffle", "chrome_padding_psk_shuffle", "chrome_pq":
|
||||
fallthrough
|
||||
case "chrome", "":
|
||||
return utls.HelloChrome_Auto, nil
|
||||
case "chrome_psk":
|
||||
return utls.HelloChrome_100_PSK, nil
|
||||
case "chrome_psk_shuffle":
|
||||
return utls.HelloChrome_112_PSK_Shuf, nil
|
||||
case "chrome_padding_psk_shuffle":
|
||||
return utls.HelloChrome_114_Padding_PSK_Shuf, nil
|
||||
case "chrome_pq":
|
||||
return utls.HelloChrome_115_PQ, nil
|
||||
case "chrome_pq_psk":
|
||||
return utls.HelloChrome_115_PQ_PSK, nil
|
||||
case "firefox":
|
||||
return utls.HelloFirefox_Auto, nil
|
||||
case "edge":
|
||||
|
|
|
@ -47,7 +47,7 @@ TLS configuration, see [TLS](/configuration/shared/tls/#inbound).
|
|||
|
||||
#### fallback
|
||||
|
||||
!!! quote ""
|
||||
!!! failure ""
|
||||
|
||||
There is no evidence that GFW detects and blocks Trojan servers based on HTTP responses, and opening the standard http/s port on the server is a much bigger signature.
|
||||
|
||||
|
|
|
@ -4,7 +4,7 @@ icon: material/alert-decagram
|
|||
|
||||
!!! quote "Changes in sing-box 1.10.0"
|
||||
|
||||
:material-plus: [client](#client)
|
||||
:material-plus: [client](#client)
|
||||
:material-delete-clock: [rule_set_ipcidr_match_source](#rule_set_ipcidr_match_source)
|
||||
:material-plus: [rule_set_ip_cidr_match_source](#rule_set_ip_cidr_match_source)
|
||||
:material-plus: [process_path_regex](#process_path_regex)
|
||||
|
|
|
@ -1,4 +1,8 @@
|
|||
!!! quote "Changes in sing-box 1.8.0"
|
||||
---
|
||||
icon: material/alert-decagram
|
||||
---
|
||||
|
||||
!!! quote "Changes in sing-box 1.10.0"
|
||||
|
||||
:material-alert-decagram: [utls](#utls)
|
||||
|
||||
|
@ -210,28 +214,25 @@ The path to the server private key, in PEM format.
|
|||
|
||||
==Client only==
|
||||
|
||||
!!! note ""
|
||||
|
||||
uTLS is poorly maintained and the effect may be unproven, use at your own risk.
|
||||
!!! failure ""
|
||||
|
||||
There is no evidence that GFW detects and blocks servers based on TLS client fingerprinting, and using an imperfect emulation that has not been security reviewed could pose security risks.
|
||||
|
||||
uTLS is a fork of "crypto/tls", which provides ClientHello fingerprinting resistance.
|
||||
|
||||
Available fingerprint values:
|
||||
|
||||
!!! question "Since sing-box 1.8.0"
|
||||
!!! warning "Removed since sing-box 1.10.0"
|
||||
|
||||
:material-plus: chrome_psk
|
||||
:material-plus: chrome_psk_shuffle
|
||||
:material-plus: chrome_padding_psk_shuffle
|
||||
:material-plus: chrome_pq
|
||||
:material-plus: chrome_pq_psk
|
||||
Some legacy chrome fingerprints have been removed and will fallback to chrome:
|
||||
|
||||
:material-close: chrome_psk
|
||||
:material-close: chrome_psk_shuffle
|
||||
:material-close: chrome_padding_psk_shuffle
|
||||
:material-close: chrome_pq
|
||||
:material-close: chrome_pq_psk
|
||||
|
||||
* chrome
|
||||
* chrome_psk
|
||||
* chrome_psk_shuffle
|
||||
* chrome_padding_psk_shuffle
|
||||
* chrome_pq
|
||||
* chrome_pq_psk
|
||||
* firefox
|
||||
* edge
|
||||
* safari
|
||||
|
|
|
@ -1,4 +1,8 @@
|
|||
!!! quote "sing-box 1.8.0 中的更改"
|
||||
---
|
||||
icon: material/alert-decagram
|
||||
---
|
||||
|
||||
!!! quote "sing-box 1.10.0 中的更改"
|
||||
|
||||
:material-alert-decagram: [utls](#utls)
|
||||
|
||||
|
@ -44,8 +48,8 @@
|
|||
"handshake": {
|
||||
"server": "google.com",
|
||||
"server_port": 443,
|
||||
|
||||
... // 拨号字段
|
||||
...
|
||||
// 拨号字段
|
||||
},
|
||||
"private_key": "UuMBgl7MXTPx9inmQp2UC7Jcnwc6XYbwDNebonM-FCc",
|
||||
"short_id": [
|
||||
|
@ -202,28 +206,25 @@ TLS 版本值:
|
|||
|
||||
==仅客户端==
|
||||
|
||||
!!! note ""
|
||||
!!! failure ""
|
||||
|
||||
uTLS 维护不善且其效果可能未经证实,使用风险自负。
|
||||
没有证据表明 GFW 根据 TLS 客户端指纹检测并阻止服务器,并且,使用一个未经安全审查的不完美模拟可能带来安全隐患。
|
||||
|
||||
uTLS 是 "crypto/tls" 的一个分支,它提供了 ClientHello 指纹识别阻力。
|
||||
|
||||
可用的指纹值:
|
||||
|
||||
!!! question "自 sing-box 1.8.0 起"
|
||||
!!! warning "已在 sing-box 1.10.0 移除"
|
||||
|
||||
:material-plus: chrome_psk
|
||||
:material-plus: chrome_psk_shuffle
|
||||
:material-plus: chrome_padding_psk_shuffle
|
||||
:material-plus: chrome_pq
|
||||
:material-plus: chrome_pq_psk
|
||||
一些旧 chrome 指纹已被删除,并将会退到 chrome:
|
||||
|
||||
:material-close: chrome_psk
|
||||
:material-close: chrome_psk_shuffle
|
||||
:material-close: chrome_padding_psk_shuffle
|
||||
:material-close: chrome_pq
|
||||
:material-close: chrome_pq_psk
|
||||
|
||||
* chrome
|
||||
* chrome_psk
|
||||
* chrome_psk_shuffle
|
||||
* chrome_padding_psk_shuffle
|
||||
* chrome_pq
|
||||
* chrome_pq_psk
|
||||
* firefox
|
||||
* edge
|
||||
* safari
|
||||
|
|
3
go.mod
3
go.mod
|
@ -37,7 +37,7 @@ require (
|
|||
github.com/sagernet/sing-tun v0.4.0-beta.16
|
||||
github.com/sagernet/sing-vmess v0.1.12
|
||||
github.com/sagernet/smux v0.0.0-20231208180855-7041f6ea79e7
|
||||
github.com/sagernet/utls v1.5.4
|
||||
github.com/sagernet/utls v1.6.7
|
||||
github.com/sagernet/wireguard-go v0.0.0-20231215174105-89dec3b2f3e8
|
||||
github.com/sagernet/ws v0.0.0-20231204124109-acfe8907c854
|
||||
github.com/spf13/cobra v1.8.0
|
||||
|
@ -61,7 +61,6 @@ require (
|
|||
github.com/andybalholm/brotli v1.0.6 // indirect
|
||||
github.com/davecgh/go-spew v1.1.1 // indirect
|
||||
github.com/fsnotify/fsnotify v1.7.0 // indirect
|
||||
github.com/gaukas/godicttls v0.0.4 // indirect
|
||||
github.com/go-ole/go-ole v1.3.0 // indirect
|
||||
github.com/go-task/slim-sprig v0.0.0-20230315185526-52ccab3ef572 // indirect
|
||||
github.com/gobwas/httphead v0.1.0 // indirect
|
||||
|
|
6
go.sum
6
go.sum
|
@ -17,8 +17,6 @@ github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c
|
|||
github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
|
||||
github.com/fsnotify/fsnotify v1.7.0 h1:8JEhPFa5W2WU7YfeZzPNqzMP6Lwt7L2715Ggo0nosvA=
|
||||
github.com/fsnotify/fsnotify v1.7.0/go.mod h1:40Bi/Hjc2AVfZrqy+aj+yEI+/bRxZnMJyTJwOpGvigM=
|
||||
github.com/gaukas/godicttls v0.0.4 h1:NlRaXb3J6hAnTmWdsEKb9bcSBD6BvcIjdGdeb0zfXbk=
|
||||
github.com/gaukas/godicttls v0.0.4/go.mod h1:l6EenT4TLWgTdwslVb4sEMOCf7Bv0JAK67deKr9/NCI=
|
||||
github.com/go-chi/chi/v5 v5.0.12 h1:9euLV5sTrTNTRUU9POmDUvfxyj6LAABLUcEWO+JJb4s=
|
||||
github.com/go-chi/chi/v5 v5.0.12/go.mod h1:DslCQbL2OYiznFReuXYUmQ2hGd1aDpCnlMNITLSKoi8=
|
||||
github.com/go-chi/render v1.0.3 h1:AsXqd2a1/INaIfUSKq3G5uA8weYx20FOsM7uSoCyyt4=
|
||||
|
@ -137,8 +135,8 @@ github.com/sagernet/sing-vmess v0.1.12 h1:2gFD8JJb+eTFMoa8FIVMnknEi+vCSfaiTXTfEY
|
|||
github.com/sagernet/sing-vmess v0.1.12/go.mod h1:luTSsfyBGAc9VhtCqwjR+dt1QgqBhuYBCONB/POhF8I=
|
||||
github.com/sagernet/smux v0.0.0-20231208180855-7041f6ea79e7 h1:DImB4lELfQhplLTxeq2z31Fpv8CQqqrUwTbrIRumZqQ=
|
||||
github.com/sagernet/smux v0.0.0-20231208180855-7041f6ea79e7/go.mod h1:FP9X2xjT/Az1EsG/orYYoC+5MojWnuI7hrffz8fGwwo=
|
||||
github.com/sagernet/utls v1.5.4 h1:KmsEGbB2dKUtCNC+44NwAdNAqnqQ6GA4pTO0Yik56co=
|
||||
github.com/sagernet/utls v1.5.4/go.mod h1:CTGxPWExIloRipK3XFpYv0OVyhO8kk3XCGW/ieyTh1s=
|
||||
github.com/sagernet/utls v1.6.7 h1:Ep3+aJ8FUGGta+II2IEVNUc3EDhaRCZINWkj/LloIA8=
|
||||
github.com/sagernet/utls v1.6.7/go.mod h1:Uua1TKO/FFuAhLr9rkaVnnrTmmiItzDjv1BUb2+ERwM=
|
||||
github.com/sagernet/wireguard-go v0.0.0-20231215174105-89dec3b2f3e8 h1:R0OMYAScomNAVpTfbHFpxqJpvwuhxSRi+g6z7gZhABs=
|
||||
github.com/sagernet/wireguard-go v0.0.0-20231215174105-89dec3b2f3e8/go.mod h1:K4J7/npM+VAMUeUmTa2JaA02JmyheP0GpRBOUvn3ecc=
|
||||
github.com/sagernet/ws v0.0.0-20231204124109-acfe8907c854 h1:6uUiZcDRnZSAegryaUGwPC/Fj13JSHwiTftrXhMmYOc=
|
||||
|
|
Loading…
Reference in a new issue