diff --git a/go.mod b/go.mod index b19ccbf..7b03640 100644 --- a/go.mod +++ b/go.mod @@ -4,6 +4,7 @@ go 1.24 require ( github.com/pires/go-proxyproto v0.8.1 - golang.org/x/crypto v0.38.0 + github.com/refraction-networking/utls v1.7.3 + golang.org/x/crypto v0.39.0 golang.org/x/sys v0.33.0 ) diff --git a/go.sum b/go.sum index 86baeb8..2f05018 100644 --- a/go.sum +++ b/go.sum @@ -1,6 +1,8 @@ github.com/pires/go-proxyproto v0.8.1 h1:9KEixbdJfhrbtjpz/ZwCdWDD2Xem0NZ38qMYaASJgp0= github.com/pires/go-proxyproto v0.8.1/go.mod h1:ZKAAyp3cgy5Y5Mo4n9AlScrkCZwUy0g3Jf+slqQVcuU= -golang.org/x/crypto v0.38.0 h1:jt+WWG8IZlBnVbomuhg2Mdq0+BBQaHbtqHEFEigjUV8= -golang.org/x/crypto v0.38.0/go.mod h1:MvrbAqul58NNYPKnOra203SB9vpuZW0e+RRZV+Ggqjw= +github.com/refraction-networking/utls v1.7.3 h1:L0WRhHY7Oq1T0zkdzVZMR6zWZv+sXbHB9zcuvsAEqCo= +github.com/refraction-networking/utls v1.7.3/go.mod h1:TUhh27RHMGtQvjQq+RyO11P6ZNQNBb3N0v7wsEjKAIQ= +golang.org/x/crypto v0.39.0 h1:SHs+kF4LP+f+p14esP5jAoDpHU8Gu/v9lFRK6IT5imM= +golang.org/x/crypto v0.39.0/go.mod h1:L+Xg3Wf6HoL4Bn4238Z6ft6KfEpN0tJGo53AAPC632U= golang.org/x/sys v0.33.0 h1:q3i8TbbEz+JRD9ywIRlyRAQbM0qF7hu24q3teo2hbuw= golang.org/x/sys v0.33.0/go.mod h1:BJP2sWEmIv4KK5OTEluFJCKSidICx8ciO85XgH3Ak8k= diff --git a/record_detect.go b/record_detect.go index 56510b7..ff07bea 100644 --- a/record_detect.go +++ b/record_detect.go @@ -2,7 +2,6 @@ package reality import ( "bytes" - "crypto/tls" "encoding/binary" "io" "net" @@ -10,6 +9,7 @@ import ( "time" "github.com/pires/go-proxyproto" + utls "github.com/refraction-networking/utls" ) var lock sync.Mutex @@ -38,13 +38,13 @@ func DetectPostHandshakeRecords(config *Config) { config: config, sni: sni, } - tlsConn := tls.Client(detectConn, &tls.Config{ + uConn := utls.UClient(detectConn, &utls.Config{ ServerName: sni, - }) - if err = tlsConn.Handshake(); err != nil { + }, utls.HelloChrome_Auto) + if err = uConn.Handshake(); err != nil { return } - io.Copy(io.Discard, tlsConn) + io.Copy(io.Discard, uConn) } } lock.Unlock()