new: add tls tricks options

hiddify · Jan 14, 2024 · 0f536f8 · 0f536f8
1 parent 98cd420
commit 0f536f8
Show file tree

Hide file tree

Showing 6 changed files with 51 additions and 9 deletions.
diff --git a/go.mod b/go.mod
@@ -20,4 +20,4 @@ require (
 	golang.org/x/tools v0.16.0 // indirect
 )
 
-replace github.com/sagernet/sing-box => github.com/hiddify/hiddify-sing-box v1.4.0-rc.3.0.20231223062555-6654baf4ccde
+replace github.com/sagernet/sing-box => github.com/hiddify/hiddify-sing-box v1.7.9-0.20240113144724-d348f6fa8ff2
diff --git a/go.sum b/go.sum
@@ -1,6 +1,6 @@
 github.com/cpuguy83/go-md2man/v2 v2.0.3/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o=
-github.com/hiddify/hiddify-sing-box v1.4.0-rc.3.0.20231223062555-6654baf4ccde h1:vUkIs3cyUtPqGCtq8C3Z3voJJVq3ZMwpRi/HjXkpTZU=
-github.com/hiddify/hiddify-sing-box v1.4.0-rc.3.0.20231223062555-6654baf4ccde/go.mod h1:xCf7THijdQP0UZ2jQ3oUbMtBujhF/a8PXWc43DpUmY4=
+github.com/hiddify/hiddify-sing-box v1.7.9-0.20240113144724-d348f6fa8ff2 h1:A67GgwJYIU0EkoCWpivZ39ElcE8o6US93eMxhFlHTrM=
+github.com/hiddify/hiddify-sing-box v1.7.9-0.20240113144724-d348f6fa8ff2/go.mod h1:cxAxPGP5EAIL5gkgCpx46fkJ/5SUPB3NMCM0wcZAQig=
 github.com/inconshreveable/mousetrap v1.1.0 h1:wN+x4NVGpMsO7ErUn/mUI3vEoE6Jt13X2s0bqwp9tc8=
 github.com/inconshreveable/mousetrap v1.1.0/go.mod h1:vpF70FUmC8bwa3OWnCshd2FqLfsEA9PFc4w1p2J65bw=
 github.com/logrusorgru/aurora v2.0.3+incompatible h1:tOpm7WcpBTn4fjmVfgpQq0EfczGlG91VSDkswnjF5A8=

diff --git a/ray2sing/common.go b/ray2sing/common.go
@@ -8,6 +8,7 @@ import (
 
 	C "github.com/sagernet/sing-box/constant"
 	"github.com/sagernet/sing-box/option"
+	T "github.com/sagernet/sing-box/option"
 	E "github.com/sagernet/sing/common/exceptions"
 
 	"strings"
@@ -42,13 +43,14 @@ func getTLSOptions(decoded map[string]string) *option.OutboundTLSOptions {
 	tlsOptions := &option.OutboundTLSOptions{
 		Enabled:    true,
 		ServerName: serverName,
-		Insecure:   true,
-		DisableSNI: false,
+		Insecure:   decoded["insecure"] == "true",
+		DisableSNI: serverName == "",
 		UTLS: &option.OutboundUTLSOptions{
 			Enabled:     true,
 			Fingerprint: fp,
 		},
-		ECH: ECHOpts,
+		ECH:       ECHOpts,
+		TLSTricks: getTricksOptions(decoded),
 	}
 
 	if alpn, ok := decoded["alpn"]; ok && alpn != "" {
@@ -58,6 +60,33 @@ func getTLSOptions(decoded map[string]string) *option.OutboundTLSOptions {
 	return tlsOptions
 }
 
+func getTricksOptions(decoded map[string]string) *option.TLSTricksOptions {
+	trick := option.TLSTricksOptions{}
+	if decoded["mc"] == "1" {
+		trick.MixedCaseSNI = true
+	}
+	trick.PaddingMode = decoded["padmode"]
+	trick.PaddingSNI = decoded["padsni"]
+	trick.PaddingSize = decoded["padsize"]
+
+	if !trick.MixedCaseSNI && trick.PaddingMode == "" && trick.PaddingSNI == "" && trick.PaddingSize == "" {
+		return nil
+	}
+	return &trick
+}
+func getFragmentOptions(decoded map[string]string) *option.TLSFragmentOptions {
+	trick := option.TLSFragmentOptions{}
+	trick.Size = decoded["fgsize"]
+	trick.Sleep = decoded["fgsleep"]
+
+	if trick.Size != "" {
+		trick.Enabled = true
+	}
+	if !trick.Enabled {
+		return nil
+	}
+	return &trick
+}
 func getTransportOptions(decoded map[string]string) (*option.V2RayTransportOptions, error) {
 	var transportOptions option.V2RayTransportOptions
 	host, net, path := decoded["host"], decoded["net"], decoded["path"]
@@ -130,6 +159,11 @@ func getTransportOptions(decoded map[string]string) (*option.V2RayTransportOptio
 
 	return &transportOptions, nil
 }
+func getDialerOptions(decoded map[string]string) option.DialerOptions {
+	return T.DialerOptions{
+		TLSFragment: getFragmentOptions(decoded),
+	}
+}
 
 func decodeBase64IfNeeded(b64string string) (string, error) {
 	padding := len(b64string) % 4

diff --git a/ray2sing/trojan.go b/ray2sing/trojan.go
@@ -20,7 +20,7 @@ func TrojanSingbox(trojanURL string) (*T.Outbound, error) {
 		Tag:  u.Name,
 		Type: "trojan",
 		TrojanOptions: T.TrojanOutboundOptions{
-			DialerOptions: T.DialerOptions{},
+			DialerOptions: getDialerOptions(decoded),
 			ServerOptions: u.GetServerOption(),
 			Password:      u.Username,
 			TLS:           getTLSOptions(decoded),

diff --git a/ray2sing/vless.go b/ray2sing/vless.go
@@ -28,11 +28,15 @@ func VlessSingbox(vlessURL string) (*T.Outbound, error) {
 	}
 
 	packetEncoding := decoded["packetEncoding"]
+	// if packetEncoding==""{
+	// 	packetEncoding="xudp"
+	// }
 
 	return &T.Outbound{
 		Tag:  u.Name,
 		Type: "vless",
 		VLESSOptions: T.VLESSOutboundOptions{
+			DialerOptions:  getDialerOptions(decoded),
 			ServerOptions:  u.GetServerOption(),
 			UUID:           u.Username,
 			PacketEncoding: &packetEncoding,

diff --git a/ray2sing/vmess.go b/ray2sing/vmess.go
@@ -59,11 +59,15 @@ func VmessSingbox(vmessURL string) (*T.Outbound, error) {
 	if decoded["scy"] != "" {
 		security = decoded["scy"]
 	}
+	packetEncoding := decoded["packetEncoding"]
+	// if packetEncoding == "" {
+	// 	packetEncoding = "xudp"
+	// }
 	return &T.Outbound{
 		Tag:  decoded["ps"],
 		Type: "vmess",
 		VMessOptions: T.VMessOutboundOptions{
-			DialerOptions: T.DialerOptions{},
+			DialerOptions: getDialerOptions(decoded),
 			ServerOptions: T.ServerOptions{
 				Server:     decoded["add"],
 				ServerPort: port,
@@ -73,7 +77,7 @@ func VmessSingbox(vmessURL string) (*T.Outbound, error) {
 			AlterId:             toInt(decoded["aid"]),
 			GlobalPadding:       false,
 			AuthenticatedLength: true,
-			PacketEncoding:      "xudp",
+			PacketEncoding:      packetEncoding,
 			TLS:                 getTLSOptions(decoded),
 			Transport:           transportOptions,
 		},