mirror of
https://github.com/MetaCubeX/mihomo.git
synced 2026-03-03 12:17:31 +00:00
chore: update quic-go to 0.57.1
This commit is contained in:
wwqgtxx
@@ -1,17 +1,17 @@
|
||||
package tls
|
||||
package ca
|
||||
|
||||
import (
|
||||
utls "github.com/metacubex/utls"
|
||||
"github.com/metacubex/tls"
|
||||
)
|
||||
|
||||
type ClientAuthType = utls.ClientAuthType
|
||||
type ClientAuthType = tls.ClientAuthType
|
||||
|
||||
const (
|
||||
NoClientCert = utls.NoClientCert
|
||||
RequestClientCert = utls.RequestClientCert
|
||||
RequireAnyClientCert = utls.RequireAnyClientCert
|
||||
VerifyClientCertIfGiven = utls.VerifyClientCertIfGiven
|
||||
RequireAndVerifyClientCert = utls.RequireAndVerifyClientCert
|
||||
NoClientCert = tls.NoClientCert
|
||||
RequestClientCert = tls.RequestClientCert
|
||||
RequireAnyClientCert = tls.RequireAnyClientCert
|
||||
VerifyClientCertIfGiven = tls.VerifyClientCertIfGiven
|
||||
RequireAndVerifyClientCert = tls.RequireAndVerifyClientCert
|
||||
)
|
||||
|
||||
func ClientAuthTypeFromString(s string) ClientAuthType {
|
||||
@@ -1,7 +1,6 @@
|
||||
package ca
|
||||
|
||||
import (
|
||||
"crypto/tls"
|
||||
"crypto/x509"
|
||||
_ "embed"
|
||||
"errors"
|
||||
@@ -13,6 +12,8 @@ import (
|
||||
"github.com/metacubex/mihomo/common/once"
|
||||
C "github.com/metacubex/mihomo/constant"
|
||||
"github.com/metacubex/mihomo/ntp"
|
||||
|
||||
"github.com/metacubex/tls"
|
||||
)
|
||||
|
||||
var globalCertPool *x509.CertPool
|
||||
|
||||
@@ -7,13 +7,14 @@ import (
|
||||
"crypto/elliptic"
|
||||
"crypto/rand"
|
||||
"crypto/rsa"
|
||||
"crypto/tls"
|
||||
"crypto/x509"
|
||||
"encoding/pem"
|
||||
"fmt"
|
||||
"math/big"
|
||||
"os"
|
||||
"time"
|
||||
|
||||
"github.com/metacubex/tls"
|
||||
)
|
||||
|
||||
type Path interface {
|
||||
|
||||
@@ -5,13 +5,33 @@ import (
|
||||
"fmt"
|
||||
|
||||
tlsC "github.com/metacubex/mihomo/component/tls"
|
||||
"github.com/metacubex/tls"
|
||||
)
|
||||
|
||||
type Config struct {
|
||||
GetEncryptedClientHelloConfigList func(ctx context.Context, serverName string) ([]byte, error)
|
||||
}
|
||||
|
||||
func (cfg *Config) ClientHandle(ctx context.Context, tlsConfig *tlsC.Config) (err error) {
|
||||
func (cfg *Config) ClientHandle(ctx context.Context, tlsConfig *tls.Config) (err error) {
|
||||
if cfg == nil {
|
||||
return nil
|
||||
}
|
||||
echConfigList, err := cfg.GetEncryptedClientHelloConfigList(ctx, tlsConfig.ServerName)
|
||||
if err != nil {
|
||||
return fmt.Errorf("resolve ECH config error: %w", err)
|
||||
}
|
||||
|
||||
tlsConfig.EncryptedClientHelloConfigList = echConfigList
|
||||
if tlsConfig.MinVersion != 0 && tlsConfig.MinVersion < tls.VersionTLS13 {
|
||||
tlsConfig.MinVersion = tls.VersionTLS13
|
||||
}
|
||||
if tlsConfig.MaxVersion != 0 && tlsConfig.MaxVersion < tls.VersionTLS13 {
|
||||
tlsConfig.MaxVersion = tls.VersionTLS13
|
||||
}
|
||||
return nil
|
||||
}
|
||||
|
||||
func (cfg *Config) ClientHandleUTLS(ctx context.Context, tlsConfig *tlsC.Config) (err error) {
|
||||
if cfg == nil {
|
||||
return nil
|
||||
}
|
||||
|
||||
@@ -10,8 +10,8 @@ import (
|
||||
"os"
|
||||
|
||||
"github.com/metacubex/mihomo/component/ca"
|
||||
tlsC "github.com/metacubex/mihomo/component/tls"
|
||||
|
||||
"github.com/metacubex/tls"
|
||||
"golang.org/x/crypto/cryptobyte"
|
||||
)
|
||||
|
||||
@@ -85,11 +85,11 @@ func GenECHConfig(publicName string) (configBase64 string, keyPem string, err er
|
||||
return
|
||||
}
|
||||
|
||||
func UnmarshalECHKeys(raw []byte) ([]tlsC.EncryptedClientHelloKey, error) {
|
||||
var keys []tlsC.EncryptedClientHelloKey
|
||||
func UnmarshalECHKeys(raw []byte) ([]tls.EncryptedClientHelloKey, error) {
|
||||
var keys []tls.EncryptedClientHelloKey
|
||||
rawString := cryptobyte.String(raw)
|
||||
for !rawString.Empty() {
|
||||
var key tlsC.EncryptedClientHelloKey
|
||||
var key tls.EncryptedClientHelloKey
|
||||
if !rawString.ReadUint16LengthPrefixed((*cryptobyte.String)(&key.PrivateKey)) {
|
||||
return nil, errors.New("error parsing private key")
|
||||
}
|
||||
@@ -104,7 +104,7 @@ func UnmarshalECHKeys(raw []byte) ([]tlsC.EncryptedClientHelloKey, error) {
|
||||
return keys, nil
|
||||
}
|
||||
|
||||
func LoadECHKey(key string, tlsConfig *tlsC.Config, path ca.Path) error {
|
||||
func LoadECHKey(key string, tlsConfig *tls.Config, path ca.Path) error {
|
||||
if key == "" {
|
||||
return nil
|
||||
}
|
||||
@@ -129,7 +129,7 @@ func LoadECHKey(key string, tlsConfig *tlsC.Config, path ca.Path) error {
|
||||
return nil
|
||||
}
|
||||
|
||||
func loadECHKey(echKey []byte, tlsConfig *tlsC.Config) error {
|
||||
func loadECHKey(echKey []byte, tlsConfig *tls.Config) error {
|
||||
block, rest := pem.Decode(echKey)
|
||||
if block == nil || block.Type != "ECH KEYS" || len(rest) > 0 {
|
||||
return errors.New("invalid ECH keys pem")
|
||||
|
||||
@@ -4,7 +4,6 @@ import (
|
||||
"context"
|
||||
"fmt"
|
||||
"io"
|
||||
"net/http"
|
||||
"os"
|
||||
"sync"
|
||||
"time"
|
||||
@@ -14,6 +13,8 @@ import (
|
||||
"github.com/metacubex/mihomo/component/mmdb"
|
||||
C "github.com/metacubex/mihomo/constant"
|
||||
"github.com/metacubex/mihomo/log"
|
||||
|
||||
"github.com/metacubex/http"
|
||||
)
|
||||
|
||||
var (
|
||||
|
||||
@@ -4,7 +4,6 @@ import (
|
||||
"context"
|
||||
"io"
|
||||
"net"
|
||||
"net/http"
|
||||
URL "net/url"
|
||||
"runtime"
|
||||
"strings"
|
||||
@@ -13,6 +12,8 @@ import (
|
||||
"github.com/metacubex/mihomo/component/ca"
|
||||
"github.com/metacubex/mihomo/component/dialer"
|
||||
"github.com/metacubex/mihomo/listener/inner"
|
||||
|
||||
"github.com/metacubex/http"
|
||||
)
|
||||
|
||||
var (
|
||||
|
||||
@@ -4,7 +4,6 @@ import (
|
||||
"context"
|
||||
"errors"
|
||||
"io"
|
||||
"net/http"
|
||||
"os"
|
||||
"path/filepath"
|
||||
"time"
|
||||
@@ -13,6 +12,8 @@ import (
|
||||
mihomoHttp "github.com/metacubex/mihomo/component/http"
|
||||
"github.com/metacubex/mihomo/component/profile/cachefile"
|
||||
P "github.com/metacubex/mihomo/constant/provider"
|
||||
|
||||
"github.com/metacubex/http"
|
||||
)
|
||||
|
||||
const (
|
||||
|
||||
@@ -3,14 +3,13 @@ package tls
|
||||
import (
|
||||
"context"
|
||||
"net"
|
||||
"net/http"
|
||||
"runtime/debug"
|
||||
"time"
|
||||
|
||||
N "github.com/metacubex/mihomo/common/net"
|
||||
"github.com/metacubex/mihomo/log"
|
||||
|
||||
"golang.org/x/net/http2"
|
||||
"github.com/metacubex/http"
|
||||
)
|
||||
|
||||
func extractTlsHandshakeTimeoutFromServer(s *http.Server) time.Duration {
|
||||
@@ -35,8 +34,8 @@ func extractTlsHandshakeTimeoutFromServer(s *http.Server) time.Duration {
|
||||
// only do tls handshake and check NegotiatedProtocol with std's *tls.Conn
|
||||
// so we do the same logic to let http2 (not h2c) work fine
|
||||
func NewListenerForHttps(l net.Listener, httpServer *http.Server, tlsConfig *Config) net.Listener {
|
||||
http2Server := &http2.Server{}
|
||||
_ = http2.ConfigureServer(httpServer, http2Server)
|
||||
http2Server := &http.Http2Server{}
|
||||
_ = http.Http2ConfigureServer(httpServer, http2Server)
|
||||
return N.NewHandleContextListener(context.Background(), l, func(ctx context.Context, conn net.Conn) (net.Conn, error) {
|
||||
c := Server(conn, tlsConfig)
|
||||
|
||||
@@ -58,8 +57,8 @@ func NewListenerForHttps(l net.Listener, httpServer *http.Server, tlsConfig *Con
|
||||
_ = conn.SetWriteDeadline(time.Time{})
|
||||
}
|
||||
|
||||
if c.ConnectionState().NegotiatedProtocol == http2.NextProtoTLS {
|
||||
http2Server.ServeConn(c, &http2.ServeConnOpts{BaseConfig: httpServer})
|
||||
if c.ConnectionState().NegotiatedProtocol == http.Http2NextProtoTLS {
|
||||
http2Server.ServeConn(c, &http.Http2ServeConnOpts{BaseConfig: httpServer})
|
||||
return nil, net.ErrClosed
|
||||
}
|
||||
return c, nil
|
||||
|
||||
@@ -10,22 +10,21 @@ import (
|
||||
"crypto/hmac"
|
||||
"crypto/sha256"
|
||||
"crypto/sha512"
|
||||
"crypto/tls"
|
||||
"crypto/x509"
|
||||
"encoding/binary"
|
||||
"errors"
|
||||
"net"
|
||||
"net/http"
|
||||
"strings"
|
||||
"time"
|
||||
|
||||
"github.com/metacubex/mihomo/log"
|
||||
"github.com/metacubex/mihomo/ntp"
|
||||
|
||||
"github.com/metacubex/http"
|
||||
"github.com/metacubex/randv2"
|
||||
"github.com/metacubex/tls"
|
||||
utls "github.com/metacubex/utls"
|
||||
"golang.org/x/crypto/hkdf"
|
||||
"golang.org/x/net/http2"
|
||||
)
|
||||
|
||||
const RealityMaxShortIDLen = 8
|
||||
@@ -132,7 +131,7 @@ func GetRealityConn(ctx context.Context, conn net.Conn, fingerprint UClientHello
|
||||
func realityClientFallback(uConn net.Conn, serverName string, fingerprint utls.ClientHelloID) {
|
||||
defer uConn.Close()
|
||||
client := http.Client{
|
||||
Transport: &http2.Transport{
|
||||
Transport: &http.Http2Transport{
|
||||
DialTLSContext: func(ctx context.Context, network, addr string, config *tls.Config) (net.Conn, error) {
|
||||
return uConn, nil
|
||||
},
|
||||
|
||||
@@ -1,13 +1,13 @@
|
||||
package tls
|
||||
|
||||
import (
|
||||
"crypto/tls"
|
||||
"net"
|
||||
|
||||
"github.com/metacubex/mihomo/common/once"
|
||||
"github.com/metacubex/mihomo/common/utils"
|
||||
"github.com/metacubex/mihomo/log"
|
||||
|
||||
"github.com/metacubex/tls"
|
||||
utls "github.com/metacubex/utls"
|
||||
"github.com/mroth/weightedrand/v2"
|
||||
)
|
||||
|
||||
@@ -6,7 +6,6 @@ import (
|
||||
"context"
|
||||
"fmt"
|
||||
"io"
|
||||
"net/http"
|
||||
"os"
|
||||
"os/exec"
|
||||
"path/filepath"
|
||||
@@ -20,6 +19,8 @@ import (
|
||||
C "github.com/metacubex/mihomo/constant"
|
||||
"github.com/metacubex/mihomo/constant/features"
|
||||
"github.com/metacubex/mihomo/log"
|
||||
|
||||
"github.com/metacubex/http"
|
||||
)
|
||||
|
||||
const (
|
||||
|
||||
@@ -3,11 +3,12 @@ package updater
|
||||
import (
|
||||
"context"
|
||||
"io"
|
||||
"net/http"
|
||||
"os"
|
||||
"time"
|
||||
|
||||
mihomoHttp "github.com/metacubex/mihomo/component/http"
|
||||
|
||||
"github.com/metacubex/http"
|
||||
)
|
||||
|
||||
const defaultHttpTimeout = time.Second * 90
|
||||
|
||||
Reference in New Issue
Block a user