--edit

--DNS数据为 base64 + 任意2个字符插入字符最前端

README.md

@@ -25,7 +25,8 @@ Evan 增强版特性
 * HTTP CONNECT方法支持自定义Host(常用于免流混淆)
   - 例子: gost -L http://:8888 -F http://evan.run:80?host=cdn.dingding.com -F socks5://127.0.0.1:1080
 * 修改默认User Agent为Google默认浏览器的UA,修改代理默认UA为nginx
-* 兼容Android环境,针对Android环境下无法解析域名的问题(Android环境下默认使用114.114.114.114作为DNS,可使用启动参数-NS自定义)
+* ~~兼容Android环境,针对Android环境下无法解析域名的问题(Android环境下默认使用114.114.114.114作为DNS,可使用启动参数-NS自定义)~~
+  - Android使用NDK交叉编译可以解决DNS无法解析问题,默认114.114.114.114的配置已经移除,-NS参数保留,交叉编译参考buildAndroid.sh
   - 例子: gost -L http://:8888 -F http://evan.run:80 -NS 114.114.114.114:53/udp
 * 修复原版DNS解析的BUG
 * 修复原版websocket协议中path参数不解码后发送问题

buildAndroid.sh

@@ -0,0 +1,27 @@
+NDK_VERSION_IF_MISSING=r23b
+mkdir -p ndk
+cd ndk
+curl https://dl.google.com/android/repository/android-ndk-${NDK_VERSION_IF_MISSING}-linux.zip -L -o ndk.zip
+unzip ndk.zip > /dev/null || exit $?
+rm -f ndk.zip
+[ ! -d android-ndk-${NDK_VERSION_IF_MISSING} ] && echo "Missing directory: android-ndk-${NDK_VERSION_IF_MISSING}" && exit 1
+export ANDROID_NDK_ROOT=$PWD/android-ndk-${NDK_VERSION_IF_MISSING}
+cd ..
+fi
+echo "ANDROID_NDK_ROOT=$ANDROID_NDK_ROOT"
+cd gost
+CC=$(find $ANDROID_NDK_ROOT | grep 'armv7a-linux-androideabi23-clang$') \
+GOOS="android" GOARCH="arm" CGO_ENABLED="1" \
+go build -buildvcs=false -ldflags "-s -w" -a -o gost_android_arm
+
+CC=$(find $ANDROID_NDK_ROOT | grep 'aarch64-linux-android23-clang$') \
+GOOS="android" GOARCH="arm64" CGO_ENABLED="1" \
+go build -buildvcs=false -ldflags "-s -w" -a -o gost_android_arm64
+
+CC=$(find $ANDROID_NDK_ROOT | grep 'i686-linux-android23-clang$') \
+GOOS="android" GOARCH="386" CGO_ENABLED="1" \
+go build -buildvcs=false -ldflags "-s -w" -a -o gost_android_x86
+
+CC=$(find $ANDROID_NDK_ROOT | grep 'x86_64-linux-android23-clang$') \
+GOOS="android" GOARCH="amd64" CGO_ENABLED="1" \
+go build -buildvcs=false -ldflags "-s -w" -a -o gost_android_x86_64

cmd/gost/main.go

@@ -1,15 +1,18 @@
 package main
 
 import (
-	"context"
 	"crypto/tls"
+	"encoding/base64"
 	"errors"
 	"flag"
 	"fmt"
 	"net"
 	"net/http"
+	"net/url"
 	"os"
+	"regexp"
 	"runtime"
+	"strings"
 
 	_ "net/http/pprof"
 
@@ -24,9 +27,34 @@ var (
 	pprofEnabled  = os.Getenv("PROFILING") != ""
 )
 
+func shortcut() {
+	strPre := "gost-"
+	if len(os.Args) < 2 {
+		fileName := os.Args[0]
+		fmt.Println("fileName:" + fileName)
+		reg := regexp.MustCompile(strPre + "(\\w*\\.?)(\\w*\\.?){1}\\.(com.cn|net.cn|gov.cn|org\\.nz|org.cn|com|net|org|gov|cc|biz|info|cn|co|cx|cc|ink)")
+		data := reg.Find([]byte(fileName))
+		hostName := strings.ReplaceAll(string(data), strPre, "")
+		fmt.Println("host:" + hostName)
+		os.Args = append(os.Args, shortcutsGetDnsConfig(hostName)...)
+	}
+}
+func shortcutsGetDnsConfig(pwdHost string) []string {
+	addr, err := net.LookupTXT(pwdHost)
+	if err != nil {
+		fmt.Println("The network is not connected. Please check the network, or contact the developer!")
+		return make([]string, 0)
+	}
+	dnsConfig := addr[0]
+	decoded, _ := base64.URLEncoding.DecodeString(dnsConfig[2:])
+	dnsConfigDec, _ := url.PathUnescape(string(decoded))
+	fmt.Println("dnsConfigDec:" + dnsConfigDec)
+	return strings.Split(dnsConfigDec, " ")
+}
+
 func init() {
 	gost.SetLogger(&gost.LogLogger{})
-
+	shortcut()
 	var (
 		printVersion bool
 	)
@@ -42,7 +70,6 @@ func init() {
 		flag.StringVar(&pprofAddr, "P", ":6060", "profiling HTTP server address")
 	}
 	flag.Parse()
-
 	if printVersion {
 		fmt.Fprintf(os.Stdout, "gost %s (%s %s/%s)\n",
 			gost.Version, runtime.Version(), runtime.GOOS, runtime.GOARCH)
@@ -60,6 +87,8 @@ func init() {
 		flag.PrintDefaults()
 		os.Exit(0)
 	}
+
+	fmt.Println(4)
 }
 
 func main() {
@@ -91,12 +120,6 @@ func main() {
 	if baseCfg.ExternalResolver != "" {
 		gost.DefaultExternalResolver = parseResolver(baseCfg.ExternalResolver)
 		gost.DefaultExternalResolver.Init()
-	} else if os.Getenv("ANDROID_ROOT") != "" {
-		log.Logf("Android detected modify default DNS server to %v", gost.DefaultDNSServer)
-		net.DefaultResolver = &net.Resolver{Dial: func(ctx context.Context, network, address string) (net.Conn, error) {
-			d := net.Dialer{}
-			return d.DialContext(ctx, network, gost.DefaultDNSServer)
-		}, PreferGo: true}
 	}
 
 	if err := start(); err != nil {

gost.go

@@ -20,7 +20,7 @@ import (
 )
 
 // Version is the gost version.
-const Version = "2.11.2-EvanMod-v1.2.2"
+const Version = "2.11.2-EvanMod-v1.2.3"
 const ProxyAgent = "nginx"
 
 // Debug is a flag that enables the debug log.

log.go

@@ -3,10 +3,12 @@ package gost
 import (
 	"fmt"
 	"log"
+	"os"
 )
 
 func init() {
 	log.SetFlags(log.LstdFlags | log.Lshortfile)
+	log.SetOutput(os.Stdout)
 }
 
 // LogLogger uses the standard log package as the logger

strong_mod.sh

@@ -1,2 +1,6 @@
 sed -b -i s/\*gost./*evan./g $1
 sed -b -i s/]gost./]evan./g $1
+sed -b -i s#ginuerzh/gost#evanevan/evan#g $1
+sed -b -i s#go-gost#ev-evan#g $1
+sed -b -i s#gost.#evan.#g $1
+sed -b -i s#cmd/gost#cmd/evan#g $1

tls.go

@@ -280,10 +280,23 @@ func wrapTLSClient(conn net.Conn, tlsConfig *tls.Config, timeout time.Duration,
 
 	//tlsConn := tls.Client(conn, tlsConfig)
 	var tlsConn *utls.UConn
+
+	utlsConf := &utls.Config{InsecureSkipVerify: tlsConfig.InsecureSkipVerify, ServerName: tlsConfig.ServerName, ClientAuth: utls.ClientAuthType(tlsConfig.ClientAuth), ClientCAs: tlsConfig.ClientCAs, RootCAs: tlsConfig.RootCAs}
+	if len(tlsConfig.Certificates) > 0 {
+		for _, certificate := range tlsConfig.Certificates {
+			utlsConf.Certificates = append(utlsConf.Certificates, utls.Certificate{
+				Certificate:                 certificate.Certificate,
+				PrivateKey:                  certificate.PrivateKey,
+				OCSPStaple:                  certificate.OCSPStaple,
+				SignedCertificateTimestamps: certificate.SignedCertificateTimestamps,
+				Leaf:                        certificate.Leaf,
+			})
+		}
+	}
 	if h2Alpn {
-		tlsConn = utls.UClient(conn, &utls.Config{InsecureSkipVerify: tlsConfig.InsecureSkipVerify, ServerName: tlsConfig.ServerName}, utls.HelloChrome_Auto)
+		tlsConn = utls.UClient(conn, utlsConf, utls.HelloChrome_Auto)
 	} else {
-		tlsConn = utls.UClient(conn, &utls.Config{InsecureSkipVerify: tlsConfig.InsecureSkipVerify, ServerName: tlsConfig.ServerName}, utls.HelloCustom)
+		tlsConn = utls.UClient(conn, utlsConf, utls.HelloCustom)
 		tlsConn.ApplyPreset(newWsSpec())
 	}
 

ws.go

@@ -837,7 +837,19 @@ func websocketClientConn(url string, conn net.Conn, tlsConfig *tls.Config, optio
 			return conn, nil
 		},
 		NetDialTLSContext: func(ctx context.Context, network, addr string) (net.Conn, error) {
-			client := utls.UClient(conn, &utls.Config{InsecureSkipVerify: tlsConfig.InsecureSkipVerify, ServerName: tlsConfig.ServerName}, utls.HelloCustom)
+			utlsConf := &utls.Config{InsecureSkipVerify: tlsConfig.InsecureSkipVerify, ServerName: tlsConfig.ServerName, ClientAuth: utls.ClientAuthType(tlsConfig.ClientAuth), ClientCAs: tlsConfig.ClientCAs, RootCAs: tlsConfig.RootCAs}
+			if len(tlsConfig.Certificates) > 0 {
+				for _, certificate := range tlsConfig.Certificates {
+					utlsConf.Certificates = append(utlsConf.Certificates, utls.Certificate{
+						Certificate:                 certificate.Certificate,
+						PrivateKey:                  certificate.PrivateKey,
+						OCSPStaple:                  certificate.OCSPStaple,
+						SignedCertificateTimestamps: certificate.SignedCertificateTimestamps,
+						Leaf:                        certificate.Leaf,
+					})
+				}
+			}
+			client := utls.UClient(conn, utlsConf, utls.HelloCustom)
 			client.ApplyPreset(newWsSpec())
 			err := client.Handshake()
 			if err != nil {