utls
This commit is contained in:
wenyifan
@ -2,6 +2,7 @@ package ws
|
||||
|
||||
import (
|
||||
"context"
|
||||
"github.com/go-gost/x/util"
|
||||
tls "github.com/refraction-networking/utls"
|
||||
"net"
|
||||
"net/url"
|
||||
@ -111,7 +112,7 @@ func (d *wsDialer) Handshake(ctx context.Context, conn net.Conn, options ...dial
|
||||
}
|
||||
}
|
||||
client := tls.UClient(conn, utlsConf, tls.HelloCustom)
|
||||
client.ApplyPreset(newWsSpec())
|
||||
client.ApplyPreset(util.NewWsSpec())
|
||||
err := client.Handshake()
|
||||
if err != nil {
|
||||
return nil, err
|
||||
@ -159,76 +160,3 @@ func (d *wsDialer) keepalive(conn ws_util.WebsocketConn) {
|
||||
conn.SetWriteDeadline(time.Time{})
|
||||
}
|
||||
}
|
||||
|
||||
func newWsSpec() *tls.ClientHelloSpec {
|
||||
return &tls.ClientHelloSpec{
|
||||
CipherSuites: []uint16{
|
||||
tls.GREASE_PLACEHOLDER,
|
||||
tls.TLS_AES_128_GCM_SHA256,
|
||||
tls.TLS_AES_256_GCM_SHA384,
|
||||
tls.TLS_CHACHA20_POLY1305_SHA256,
|
||||
tls.TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
|
||||
tls.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
|
||||
tls.TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
|
||||
tls.TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
|
||||
tls.TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305,
|
||||
tls.TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305,
|
||||
tls.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,
|
||||
tls.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,
|
||||
tls.TLS_RSA_WITH_AES_128_GCM_SHA256,
|
||||
tls.TLS_RSA_WITH_AES_256_GCM_SHA384,
|
||||
tls.TLS_RSA_WITH_AES_128_CBC_SHA,
|
||||
tls.TLS_RSA_WITH_AES_256_CBC_SHA,
|
||||
},
|
||||
CompressionMethods: []byte{
|
||||
0x00, // compressionNone
|
||||
},
|
||||
Extensions: []tls.TLSExtension{
|
||||
&tls.UtlsGREASEExtension{},
|
||||
&tls.SNIExtension{},
|
||||
&tls.ExtendedMasterSecretExtension{},
|
||||
&tls.RenegotiationInfoExtension{Renegotiation: tls.RenegotiateOnceAsClient},
|
||||
&tls.SupportedCurvesExtension{[]tls.CurveID{
|
||||
tls.GREASE_PLACEHOLDER,
|
||||
tls.X25519,
|
||||
tls.CurveP256,
|
||||
tls.CurveP384,
|
||||
}},
|
||||
&tls.SupportedPointsExtension{SupportedPoints: []byte{
|
||||
0x00, // pointFormatUncompressed
|
||||
}},
|
||||
&tls.SessionTicketExtension{},
|
||||
&tls.ALPNExtension{AlpnProtocols: []string{"http/1.1"}},
|
||||
&tls.StatusRequestExtension{},
|
||||
&tls.SignatureAlgorithmsExtension{SupportedSignatureAlgorithms: []tls.SignatureScheme{
|
||||
tls.ECDSAWithP256AndSHA256,
|
||||
tls.PSSWithSHA256,
|
||||
tls.PKCS1WithSHA256,
|
||||
tls.ECDSAWithP384AndSHA384,
|
||||
tls.PSSWithSHA384,
|
||||
tls.PKCS1WithSHA384,
|
||||
tls.PSSWithSHA512,
|
||||
tls.PKCS1WithSHA512,
|
||||
}},
|
||||
&tls.SCTExtension{},
|
||||
&tls.KeyShareExtension{[]tls.KeyShare{
|
||||
{Group: tls.CurveID(tls.GREASE_PLACEHOLDER), Data: []byte{0}},
|
||||
{Group: tls.X25519},
|
||||
}},
|
||||
&tls.PSKKeyExchangeModesExtension{[]uint8{
|
||||
tls.PskModeDHE,
|
||||
}},
|
||||
&tls.SupportedVersionsExtension{[]uint16{
|
||||
tls.GREASE_PLACEHOLDER,
|
||||
tls.VersionTLS13,
|
||||
tls.VersionTLS12,
|
||||
}},
|
||||
&tls.UtlsCompressCertExtension{[]tls.CertCompressionAlgo{
|
||||
tls.CertCompressionBrotli,
|
||||
}},
|
||||
&tls.ApplicationSettingsExtension{SupportedProtocols: []string{"h2"}},
|
||||
&tls.UtlsGREASEExtension{},
|
||||
&tls.UtlsPaddingExtension{GetPaddingLen: tls.BoringPaddingStyle},
|
||||
},
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user