chore: adjust client-fingerprint's snippet

This commit is contained in:
Larvan2 2023-03-13 07:02:47 +00:00
parent 6f159d0cac
commit c330d2c82c
3 changed files with 36 additions and 31 deletions

View File

@ -8,7 +8,6 @@ import (
"strconv" "strconv"
"time" "time"
restlsC "github.com/3andne/restls-client-go"
N "github.com/Dreamacro/clash/common/net" N "github.com/Dreamacro/clash/common/net"
"github.com/Dreamacro/clash/common/structure" "github.com/Dreamacro/clash/common/structure"
"github.com/Dreamacro/clash/component/dialer" "github.com/Dreamacro/clash/component/dialer"
@ -19,6 +18,7 @@ import (
"github.com/Dreamacro/clash/transport/socks5" "github.com/Dreamacro/clash/transport/socks5"
v2rayObfs "github.com/Dreamacro/clash/transport/v2ray-plugin" v2rayObfs "github.com/Dreamacro/clash/transport/v2ray-plugin"
restlsC "github.com/3andne/restls-client-go"
shadowsocks "github.com/metacubex/sing-shadowsocks" shadowsocks "github.com/metacubex/sing-shadowsocks"
"github.com/metacubex/sing-shadowsocks/shadowimpl" "github.com/metacubex/sing-shadowsocks/shadowimpl"
"github.com/sagernet/sing/common/bufio" "github.com/sagernet/sing/common/bufio"
@ -41,15 +41,16 @@ type ShadowSocks struct {
type ShadowSocksOption struct { type ShadowSocksOption struct {
BasicOption BasicOption
Name string `proxy:"name"` Name string `proxy:"name"`
Server string `proxy:"server"` Server string `proxy:"server"`
Port int `proxy:"port"` Port int `proxy:"port"`
Password string `proxy:"password"` Password string `proxy:"password"`
Cipher string `proxy:"cipher"` Cipher string `proxy:"cipher"`
UDP bool `proxy:"udp,omitempty"` UDP bool `proxy:"udp,omitempty"`
Plugin string `proxy:"plugin,omitempty"` Plugin string `proxy:"plugin,omitempty"`
PluginOpts map[string]any `proxy:"plugin-opts,omitempty"` PluginOpts map[string]any `proxy:"plugin-opts,omitempty"`
UDPOverTCP bool `proxy:"udp-over-tcp,omitempty"` UDPOverTCP bool `proxy:"udp-over-tcp,omitempty"`
ClientFingerprint string `proxy:"client-fingerprint,omitempty"`
} }
type simpleObfsOption struct { type simpleObfsOption struct {
@ -69,20 +70,18 @@ type v2rayObfsOption struct {
} }
type shadowTLSOption struct { type shadowTLSOption struct {
Password string `obfs:"password"` Password string `obfs:"password"`
Host string `obfs:"host"` Host string `obfs:"host"`
Fingerprint string `obfs:"fingerprint,omitempty"` Fingerprint string `obfs:"fingerprint,omitempty"`
ClientFingerprint string `obfs:"client-fingerprint,omitempty"` SkipCertVerify bool `obfs:"skip-cert-verify,omitempty"`
SkipCertVerify bool `obfs:"skip-cert-verify,omitempty"` Version int `obfs:"version,omitempty"`
Version int `obfs:"version,omitempty"`
} }
type restlsOption struct { type restlsOption struct {
Password string `obfs:"password"` Password string `obfs:"password"`
Host string `obfs:"host"` Host string `obfs:"host"`
VersionHint string `obfs:"version-hint"` VersionHint string `obfs:"version-hint"`
RestlsScript string `obfs:"restls-script,omitempty"` RestlsScript string `obfs:"restls-script,omitempty"`
ClientFingerprint string `obfs:"client-fingerprint,omitempty"`
} }
// StreamConn implements C.ProxyAdapter // StreamConn implements C.ProxyAdapter
@ -269,7 +268,7 @@ func NewShadowSocks(option ShadowSocksOption) (*ShadowSocks, error) {
Password: opt.Password, Password: opt.Password,
Host: opt.Host, Host: opt.Host,
Fingerprint: opt.Fingerprint, Fingerprint: opt.Fingerprint,
ClientFingerprint: opt.ClientFingerprint, ClientFingerprint: option.ClientFingerprint,
SkipCertVerify: opt.SkipCertVerify, SkipCertVerify: opt.SkipCertVerify,
Version: opt.Version, Version: opt.Version,
} }
@ -280,7 +279,7 @@ func NewShadowSocks(option ShadowSocksOption) (*ShadowSocks, error) {
return nil, fmt.Errorf("ss %s initialize restls-plugin error: %w", addr, err) return nil, fmt.Errorf("ss %s initialize restls-plugin error: %w", addr, err)
} }
restlsConfig, err = restlsC.NewRestlsConfig(restlsOpt.Host, restlsOpt.Password, restlsOpt.VersionHint, restlsOpt.RestlsScript, restlsOpt.ClientFingerprint) restlsConfig, err = restlsC.NewRestlsConfig(restlsOpt.Host, restlsOpt.Password, restlsOpt.VersionHint, restlsOpt.RestlsScript, option.ClientFingerprint)
restlsConfig.SessionTicketsDisabled = true restlsConfig.SessionTicketsDisabled = true
if err != nil { if err != nil {
return nil, fmt.Errorf("ss %s initialize restls-plugin error: %w", addr, err) return nil, fmt.Errorf("ss %s initialize restls-plugin error: %w", addr, err)

View File

@ -24,6 +24,11 @@ func ParseProxy(mapping map[string]any) (C.Proxy, error) {
switch proxyType { switch proxyType {
case "ss": case "ss":
ssOption := &outbound.ShadowSocksOption{} ssOption := &outbound.ShadowSocksOption{}
if GlobalUtlsClient := tlsC.GetGlobalFingerprint(); len(GlobalUtlsClient) != 0 {
ssOption.ClientFingerprint = GlobalUtlsClient
}
err = decoder.Decode(mapping, ssOption) err = decoder.Decode(mapping, ssOption)
if err != nil { if err != nil {
break break

View File

@ -331,53 +331,54 @@ proxies: # socks5
# headers: # headers:
# custom: value # custom: value
- name: "ss4" - name: "ss4-shadow-tls"
type: ss type: ss
server: server server: server
port: 443 port: 443
cipher: chacha20-ietf-poly1305 cipher: chacha20-ietf-poly1305
password: "password" password: "password"
plugin: shadow-tls plugin: shadow-tls
client-fingerprint: chrome
plugin-opts: plugin-opts:
host: "cloud.tencent.com" host: "cloud.tencent.com"
password: "shadow_tls_password" password: "shadow_tls_password"
version: 2 # support 1/2/3 version: 2 # support 1/2/3
- name: ss-restls-tls13 - name: "ss-restls-tls13"
type: ss type: ss
server: [YOUR_SERVER_IP] server: [YOUR_SERVER_IP]
port: 443 port: 443
cipher: chacha20-ietf-poly1305 cipher: chacha20-ietf-poly1305
password: [YOUR_SS_PASSWORD] password: [YOUR_SS_PASSWORD]
client-fingerprint: chrome # One of: chrome, ios, firefox or safari
# 可以是chrome, ios, firefox, safari中的一个
plugin: restls plugin: restls
plugin-opts: plugin-opts:
host: "www.microsoft.com" # Must be a TLS 1.3 server host: "www.microsoft.com" # Must be a TLS 1.3 server
# 应当是一个TLS 1.3 服务器 # 应当是一个TLS 1.3 服务器
password: [YOUR_RESTLS_PASSWORD] password: [YOUR_RESTLS_PASSWORD]
version-hint: "tls13" version-hint: "tls13"
client-fingerprint: chrome # One of: chrome, ios, firefox or safari
# 可以是chrome, ios, firefox, safari中的一个
# Control your post-handshake traffic through restls-script # Control your post-handshake traffic through restls-script
# Hide proxy behaviors like "tls in tls". # Hide proxy behaviors like "tls in tls".
# see https://github.com/3andne/restls/blob/main/Restls-Script:%20Hide%20Your%20Proxy%20Traffic%20Behavior.md # see https://github.com/3andne/restls/blob/main/Restls-Script:%20Hide%20Your%20Proxy%20Traffic%20Behavior.md
# 用restls剧本来控制握手后的行为隐藏"tls in tls"等特征 # 用restls剧本来控制握手后的行为隐藏"tls in tls"等特征
# 详情https://github.com/3andne/restls/blob/main/Restls-Script:%20%E9%9A%90%E8%97%8F%E4%BD%A0%E7%9A%84%E4%BB%A3%E7%90%86%E8%A1%8C%E4%B8%BA.md # 详情https://github.com/3andne/restls/blob/main/Restls-Script:%20%E9%9A%90%E8%97%8F%E4%BD%A0%E7%9A%84%E4%BB%A3%E7%90%86%E8%A1%8C%E4%B8%BA.md
restls-script: "300?100<1,400~100,350~100,600~100,300~200,300~100" restls-script: "300?100<1,400~100,350~100,600~100,300~200,300~100"
- name: ss-restls-tls12
- name: "ss-restls-tls12"
type: ss type: ss
server: [YOUR_SERVER_IP] server: [YOUR_SERVER_IP]
port: 443 port: 443
cipher: chacha20-ietf-poly1305 cipher: chacha20-ietf-poly1305
password: [YOUR_SS_PASSWORD] password: [YOUR_SS_PASSWORD]
client-fingerprint: chrome # One of: chrome, ios, firefox or safari
# 可以是chrome, ios, firefox, safari中的一个
plugin: restls plugin: restls
plugin-opts: plugin-opts:
host: "vscode.dev" # Must be a TLS 1.2 server host: "vscode.dev" # Must be a TLS 1.2 server
# 应当是一个TLS 1.2 服务器 # 应当是一个TLS 1.2 服务器
password: [YOUR_RESTLS_PASSWORD] password: [YOUR_RESTLS_PASSWORD]
version-hint: "tls12" version-hint: "tls12"
client-fingerprint: chrome # One of: chrome, ios, firefox or safari
# 可以是chrome, ios, firefox, safari中的一个
restls-script: "1000?100<1,500~100,350~100,600~100,400~200" restls-script: "1000?100<1,500~100,350~100,600~100,400~200"
# vmess # vmess