history-museum/Clash.Meta
Archived
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

refactor: replace experimental.fingerprints with custom-certificates and Change the fingerprint verification logic to SSL pinning

Browse Source
This commit is contained in:
Skyxim
2023-01-14 21:08:06 +08:00
parent 2095f4f670
commit b6b6413d04
19 changed files with 91 additions and 97 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
adapter/outbound/http.go
View File

@ -150,7 +150,7 @@ func NewHttp(option HttpOption) (*Http, error) {
sni = option.SNI
}
if len(option.Fingerprint) == 0 {
tlsConfig = tlsC.GetGlobalFingerprintTLSConfig(&tls.Config{
tlsConfig = tlsC.GetGlobalTLSConfig(&tls.Config{
InsecureSkipVerify: option.SkipCertVerify,
ServerName: sni,
})

2
adapter/outbound/hysteria.go
View File

@ -178,7 +178,7 @@ func NewHysteria(option HysteriaOption) (*Hysteria, error) {
return nil, err
}
} else {
tlsConfig = tlsC.GetGlobalFingerprintTLSConfig(tlsConfig)
tlsConfig = tlsC.GetGlobalTLSConfig(tlsConfig)
}
if len(option.ALPN) > 0 {

2
adapter/outbound/shadowsocks.go
View File

@ -223,7 +223,7 @@ func NewShadowSocks(option ShadowSocksOption) (*ShadowSocks, error) {
}
if len(shadowTLSOpt.Fingerprint) == 0 {
tlsConfig = tlsC.GetGlobalFingerprintTLSConfig(tlsConfig)
tlsConfig = tlsC.GetGlobalTLSConfig(tlsConfig)
} else {
if tlsConfig, err = tlsC.GetSpecifiedFingerprintTLSConfig(tlsConfig, shadowTLSOpt.Fingerprint); err != nil {
return nil, err

2
adapter/outbound/socks5.go
View File

@ -167,7 +167,7 @@ func NewSocks5(option Socks5Option) (*Socks5, error) {
}
if len(option.Fingerprint) == 0 {
tlsConfig = tlsC.GetGlobalFingerprintTLSConfig(tlsConfig)
tlsConfig = tlsC.GetGlobalTLSConfig(tlsConfig)
} else {
var err error
if tlsConfig, err = tlsC.GetSpecifiedFingerprintTLSConfig(tlsConfig, option.Fingerprint); err != nil {

2
adapter/outbound/trojan.go
View File

@ -268,7 +268,7 @@ func NewTrojan(option TrojanOption) (*Trojan, error) {
}
if len(option.Fingerprint) == 0 {
tlsConfig = tlsC.GetGlobalFingerprintTLSConfig(tlsConfig)
tlsConfig = tlsC.GetGlobalTLSConfig(tlsConfig)
} else {
var err error
if tlsConfig, err = tlsC.GetSpecifiedFingerprintTLSConfig(tlsConfig, option.Fingerprint); err != nil {

2
adapter/outbound/tuic.go
View File

@ -143,7 +143,7 @@ func NewTuic(option TuicOption) (*Tuic, error) {
return nil, err
}
} else {
tlsConfig = tlsC.GetGlobalFingerprintTLSConfig(tlsConfig)
tlsConfig = tlsC.GetGlobalTLSConfig(tlsConfig)
}
if len(option.ALPN) > 0 {

4
adapter/outbound/vless.go
View File

@ -98,7 +98,7 @@ func (v *Vless) StreamConn(c net.Conn, metadata *C.Metadata) (net.Conn, error) {
}
if len(v.option.Fingerprint) == 0 {
wsOpts.TLSConfig = tlsC.GetGlobalFingerprintTLSConfig(tlsConfig)
wsOpts.TLSConfig = tlsC.GetGlobalTLSConfig(tlsConfig)
} else {
wsOpts.TLSConfig, err = tlsC.GetSpecifiedFingerprintTLSConfig(tlsConfig, v.option.Fingerprint)
}
@ -522,7 +522,7 @@ func NewVless(option VlessOption) (*Vless, error) {
ServiceName: v.option.GrpcOpts.GrpcServiceName,
Host: v.option.ServerName,
}
tlsConfig := tlsC.GetGlobalFingerprintTLSConfig(&tls.Config{
tlsConfig := tlsC.GetGlobalTLSConfig(&tls.Config{
InsecureSkipVerify: v.option.SkipCertVerify,
ServerName: v.option.ServerName,
})

2
adapter/outbound/vmess.go
View File

@ -115,7 +115,7 @@ func (v *Vmess) StreamConn(c net.Conn, metadata *C.Metadata) (net.Conn, error) {
}
if len(v.option.Fingerprint) == 0 {
wsOpts.TLSConfig = tlsC.GetGlobalFingerprintTLSConfig(tlsConfig)
wsOpts.TLSConfig = tlsC.GetGlobalTLSConfig(tlsConfig)
} else {
if wsOpts.TLSConfig, err = tlsC.GetSpecifiedFingerprintTLSConfig(tlsConfig, v.option.Fingerprint); err != nil {
return nil, err