Update utls to v1.6.7

This commit is contained in:
世界 2024-09-23 16:51:55 +08:00
parent 846777cd0c
commit 926d6f769e
No known key found for this signature in database
GPG key ID: CD109927C34A63C4
7 changed files with 40 additions and 49 deletions

View file

@ -217,18 +217,10 @@ func init() {
func uTLSClientHelloID(name string) (utls.ClientHelloID, error) {
switch name {
case "chrome_psk", "chrome_psk_shuffle", "chrome_padding_psk_shuffle", "chrome_pq":
fallthrough
case "chrome", "":
return utls.HelloChrome_Auto, nil
case "chrome_psk":
return utls.HelloChrome_100_PSK, nil
case "chrome_psk_shuffle":
return utls.HelloChrome_112_PSK_Shuf, nil
case "chrome_padding_psk_shuffle":
return utls.HelloChrome_114_Padding_PSK_Shuf, nil
case "chrome_pq":
return utls.HelloChrome_115_PQ, nil
case "chrome_pq_psk":
return utls.HelloChrome_115_PQ_PSK, nil
case "firefox":
return utls.HelloFirefox_Auto, nil
case "edge":

View file

@ -47,7 +47,7 @@ TLS configuration, see [TLS](/configuration/shared/tls/#inbound).
#### fallback
!!! quote ""
!!! failure ""
There is no evidence that GFW detects and blocks Trojan servers based on HTTP responses, and opening the standard http/s port on the server is a much bigger signature.

View file

@ -4,7 +4,7 @@ icon: material/alert-decagram
!!! quote "Changes in sing-box 1.10.0"
:material-plus: [client](#client)
:material-plus: [client](#client)
:material-delete-clock: [rule_set_ipcidr_match_source](#rule_set_ipcidr_match_source)
:material-plus: [rule_set_ip_cidr_match_source](#rule_set_ip_cidr_match_source)
:material-plus: [process_path_regex](#process_path_regex)

View file

@ -1,4 +1,8 @@
!!! quote "Changes in sing-box 1.8.0"
---
icon: material/alert-decagram
---
!!! quote "Changes in sing-box 1.10.0"
:material-alert-decagram: [utls](#utls)
@ -210,28 +214,25 @@ The path to the server private key, in PEM format.
==Client only==
!!! note ""
uTLS is poorly maintained and the effect may be unproven, use at your own risk.
!!! failure ""
There is no evidence that GFW detects and blocks servers based on TLS client fingerprinting, and using an imperfect emulation that has not been security reviewed could pose security risks.
uTLS is a fork of "crypto/tls", which provides ClientHello fingerprinting resistance.
Available fingerprint values:
!!! question "Since sing-box 1.8.0"
!!! warning "Removed since sing-box 1.10.0"
:material-plus: chrome_psk
:material-plus: chrome_psk_shuffle
:material-plus: chrome_padding_psk_shuffle
:material-plus: chrome_pq
:material-plus: chrome_pq_psk
Some legacy chrome fingerprints have been removed and will fallback to chrome:
:material-close: chrome_psk
:material-close: chrome_psk_shuffle
:material-close: chrome_padding_psk_shuffle
:material-close: chrome_pq
:material-close: chrome_pq_psk
* chrome
* chrome_psk
* chrome_psk_shuffle
* chrome_padding_psk_shuffle
* chrome_pq
* chrome_pq_psk
* firefox
* edge
* safari

View file

@ -1,4 +1,8 @@
!!! quote "sing-box 1.8.0 中的更改"
---
icon: material/alert-decagram
---
!!! quote "sing-box 1.10.0 中的更改"
:material-alert-decagram: [utls](#utls)
@ -44,8 +48,8 @@
"handshake": {
"server": "google.com",
"server_port": 443,
... // 拨号字段
...
// 拨号字段
},
"private_key": "UuMBgl7MXTPx9inmQp2UC7Jcnwc6XYbwDNebonM-FCc",
"short_id": [
@ -202,28 +206,25 @@ TLS 版本值:
==仅客户端==
!!! note ""
!!! failure ""
uTLS 维护不善且其效果可能未经证实,使用风险自负
没有证据表明 GFW 根据 TLS 客户端指纹检测并阻止服务器,并且,使用一个未经安全审查的不完美模拟可能带来安全隐患
uTLS 是 "crypto/tls" 的一个分支,它提供了 ClientHello 指纹识别阻力。
可用的指纹值:
!!! question "自 sing-box 1.8.0 起"
!!! warning "已在 sing-box 1.10.0 移除"
:material-plus: chrome_psk
:material-plus: chrome_psk_shuffle
:material-plus: chrome_padding_psk_shuffle
:material-plus: chrome_pq
:material-plus: chrome_pq_psk
一些旧 chrome 指纹已被删除,并将会退到 chrome
:material-close: chrome_psk
:material-close: chrome_psk_shuffle
:material-close: chrome_padding_psk_shuffle
:material-close: chrome_pq
:material-close: chrome_pq_psk
* chrome
* chrome_psk
* chrome_psk_shuffle
* chrome_padding_psk_shuffle
* chrome_pq
* chrome_pq_psk
* firefox
* edge
* safari

3
go.mod
View file

@ -37,7 +37,7 @@ require (
github.com/sagernet/sing-tun v0.4.0-beta.16
github.com/sagernet/sing-vmess v0.1.12
github.com/sagernet/smux v0.0.0-20231208180855-7041f6ea79e7
github.com/sagernet/utls v1.5.4
github.com/sagernet/utls v1.6.7
github.com/sagernet/wireguard-go v0.0.0-20231215174105-89dec3b2f3e8
github.com/sagernet/ws v0.0.0-20231204124109-acfe8907c854
github.com/spf13/cobra v1.8.0
@ -61,7 +61,6 @@ require (
github.com/andybalholm/brotli v1.0.6 // indirect
github.com/davecgh/go-spew v1.1.1 // indirect
github.com/fsnotify/fsnotify v1.7.0 // indirect
github.com/gaukas/godicttls v0.0.4 // indirect
github.com/go-ole/go-ole v1.3.0 // indirect
github.com/go-task/slim-sprig v0.0.0-20230315185526-52ccab3ef572 // indirect
github.com/gobwas/httphead v0.1.0 // indirect

6
go.sum
View file

@ -17,8 +17,6 @@ github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c
github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
github.com/fsnotify/fsnotify v1.7.0 h1:8JEhPFa5W2WU7YfeZzPNqzMP6Lwt7L2715Ggo0nosvA=
github.com/fsnotify/fsnotify v1.7.0/go.mod h1:40Bi/Hjc2AVfZrqy+aj+yEI+/bRxZnMJyTJwOpGvigM=
github.com/gaukas/godicttls v0.0.4 h1:NlRaXb3J6hAnTmWdsEKb9bcSBD6BvcIjdGdeb0zfXbk=
github.com/gaukas/godicttls v0.0.4/go.mod h1:l6EenT4TLWgTdwslVb4sEMOCf7Bv0JAK67deKr9/NCI=
github.com/go-chi/chi/v5 v5.0.12 h1:9euLV5sTrTNTRUU9POmDUvfxyj6LAABLUcEWO+JJb4s=
github.com/go-chi/chi/v5 v5.0.12/go.mod h1:DslCQbL2OYiznFReuXYUmQ2hGd1aDpCnlMNITLSKoi8=
github.com/go-chi/render v1.0.3 h1:AsXqd2a1/INaIfUSKq3G5uA8weYx20FOsM7uSoCyyt4=
@ -137,8 +135,8 @@ github.com/sagernet/sing-vmess v0.1.12 h1:2gFD8JJb+eTFMoa8FIVMnknEi+vCSfaiTXTfEY
github.com/sagernet/sing-vmess v0.1.12/go.mod h1:luTSsfyBGAc9VhtCqwjR+dt1QgqBhuYBCONB/POhF8I=
github.com/sagernet/smux v0.0.0-20231208180855-7041f6ea79e7 h1:DImB4lELfQhplLTxeq2z31Fpv8CQqqrUwTbrIRumZqQ=
github.com/sagernet/smux v0.0.0-20231208180855-7041f6ea79e7/go.mod h1:FP9X2xjT/Az1EsG/orYYoC+5MojWnuI7hrffz8fGwwo=
github.com/sagernet/utls v1.5.4 h1:KmsEGbB2dKUtCNC+44NwAdNAqnqQ6GA4pTO0Yik56co=
github.com/sagernet/utls v1.5.4/go.mod h1:CTGxPWExIloRipK3XFpYv0OVyhO8kk3XCGW/ieyTh1s=
github.com/sagernet/utls v1.6.7 h1:Ep3+aJ8FUGGta+II2IEVNUc3EDhaRCZINWkj/LloIA8=
github.com/sagernet/utls v1.6.7/go.mod h1:Uua1TKO/FFuAhLr9rkaVnnrTmmiItzDjv1BUb2+ERwM=
github.com/sagernet/wireguard-go v0.0.0-20231215174105-89dec3b2f3e8 h1:R0OMYAScomNAVpTfbHFpxqJpvwuhxSRi+g6z7gZhABs=
github.com/sagernet/wireguard-go v0.0.0-20231215174105-89dec3b2f3e8/go.mod h1:K4J7/npM+VAMUeUmTa2JaA02JmyheP0GpRBOUvn3ecc=
github.com/sagernet/ws v0.0.0-20231204124109-acfe8907c854 h1:6uUiZcDRnZSAegryaUGwPC/Fj13JSHwiTftrXhMmYOc=