diff --git a/tlsLayer/client.go b/tlsLayer/client.go index bd42342..9a7d0a3 100644 --- a/tlsLayer/client.go +++ b/tlsLayer/client.go @@ -31,6 +31,8 @@ func NewClient(conf Conf) *Client { c.alpnList = conf.AlpnList switch conf.Tls_type { + case shadowTls2_t: + fallthrough case shadowTls_t: //fallthrough c.tlsConfig = GetTlsConfig(false, conf) @@ -93,11 +95,23 @@ func (c *Client) Handshake(underlay net.Conn) (tlsConn *Conn, err error) { } tlsConn = &Conn{ - Conn: underlay, - //Conn: utlsConn, - //ptr: unsafe.Pointer(utlsConn.Conn), + Conn: underlay, tlsType: shadowTls_t, } + + case shadowTls2_t: + configCopy := c.uTlsConfig + utlsConn := utls.UClient(underlay, &configCopy, utls.HelloChrome_Auto) + err = utlsConn.Handshake() + if err != nil { + return + } + + tlsConn = &Conn{ + Conn: underlay, + tlsType: shadowTls2_t, + } + } return diff --git a/tlsLayer/server.go b/tlsLayer/server.go index fdec3c0..a83393e 100644 --- a/tlsLayer/server.go +++ b/tlsLayer/server.go @@ -3,18 +3,16 @@ package tlsLayer import ( "crypto/tls" "net" - "sync" "unsafe" "github.com/e1732a364fed/v2ray_simple/utils" - "go.uber.org/zap" "golang.org/x/exp/slices" ) type Server struct { tlsConfig *tls.Config - isShadow bool + tlstype int } // 如 certFile, keyFile 有一项没给出,则会自动生成随机证书 @@ -38,66 +36,16 @@ func NewServer(conf Conf) (*Server, error) { s := &Server{ tlsConfig: GetTlsConfig(true, conf), - isShadow: conf.Tls_type == shadowTls_t, + tlstype: conf.Tls_type, } return s, nil } func (s *Server) Handshake(clientConn net.Conn) (tlsConn *Conn, err error) { - if s.isShadow { - var fakeConn net.Conn - fakeConn, err = net.Dial("tcp", s.tlsConfig.ServerName+":443") - if err != nil { - if ce := utils.CanLogErr("Failed shadowTls server fake dial server "); ce != nil { - ce.Write(zap.Error(err)) - } - return - } - if ce := utils.CanLogDebug("shadowTls ready to fake "); ce != nil { - ce.Write() - } + if s.tlstype == shadowTls_t { - var wg sync.WaitGroup - var e1, e2 error - wg.Add(2) - go func() { - e1 = copyTls12Handshake(true, fakeConn, clientConn) - wg.Done() - - if ce := utils.CanLogDebug("shadowTls copy client end"); ce != nil { - ce.Write(zap.Error(e1)) - } - }() - go func() { - e2 = copyTls12Handshake(false, clientConn, fakeConn) - wg.Done() - - if ce := utils.CanLogDebug("shadowTls copy server end"); ce != nil { - ce.Write( - zap.Error(e2), - ) - } - }() - - wg.Wait() - - if e1 != nil || e2 != nil { - e := utils.Errs{} - e.Add(utils.ErrsItem{Index: 1, E: e1}) - e.Add(utils.ErrsItem{Index: 2, E: e2}) - return nil, e - } - - if ce := utils.CanLogDebug("shadowTls fake ok "); ce != nil { - ce.Write() - } - - tlsConn = &Conn{ - Conn: clientConn, - } - - return + return shadowTls1(s.tlsConfig.ServerName, clientConn) } rawTlsConn := tls.Server(clientConn, s.tlsConfig) diff --git a/tlsLayer/shadow.go b/tlsLayer/shadow.go index a901294..894051e 100644 --- a/tlsLayer/shadow.go +++ b/tlsLayer/shadow.go @@ -5,11 +5,68 @@ import ( "encoding/binary" "errors" "io" + "net" + "sync" "github.com/e1732a364fed/v2ray_simple/utils" "go.uber.org/zap" ) +func shadowTls1(servername string, clientConn net.Conn) (tlsConn *Conn, err error) { + var fakeConn net.Conn + fakeConn, err = net.Dial("tcp", servername+":443") + if err != nil { + if ce := utils.CanLogErr("Failed shadowTls server fake dial server "); ce != nil { + ce.Write(zap.Error(err)) + } + return + } + if ce := utils.CanLogDebug("shadowTls ready to fake "); ce != nil { + ce.Write() + } + + var wg sync.WaitGroup + var e1, e2 error + wg.Add(2) + go func() { + e1 = copyTls12Handshake(true, fakeConn, clientConn) + wg.Done() + + if ce := utils.CanLogDebug("shadowTls copy client end"); ce != nil { + ce.Write(zap.Error(e1)) + } + }() + go func() { + e2 = copyTls12Handshake(false, clientConn, fakeConn) + wg.Done() + + if ce := utils.CanLogDebug("shadowTls copy server end"); ce != nil { + ce.Write( + zap.Error(e2), + ) + } + }() + + wg.Wait() + + if e1 != nil || e2 != nil { + e := utils.Errs{} + e.Add(utils.ErrsItem{Index: 1, E: e1}) + e.Add(utils.ErrsItem{Index: 2, E: e2}) + return nil, e + } + + if ce := utils.CanLogDebug("shadowTls fake ok "); ce != nil { + ce.Write() + } + + tlsConn = &Conn{ + Conn: clientConn, + } + + return +} + func copyTls12Handshake(isSrcClient bool, dst io.Writer, src io.Reader) error { var tls_plaintxt [5]byte step := 0 diff --git a/tlsLayer/tlsLayer.go b/tlsLayer/tlsLayer.go index cf68819..a02e838 100644 --- a/tlsLayer/tlsLayer.go +++ b/tlsLayer/tlsLayer.go @@ -20,6 +20,7 @@ const ( tls_t = iota uTls_t shadowTls_t + shadowTls2_t ) func StrToType(str string) int { @@ -33,6 +34,8 @@ func StrToType(str string) int { return uTls_t case "shadow", "shadowtls": return shadowTls_t + case "shadow2", "shadowtls2", "shadowtlsv2", "shadowtls_v2": + return shadowTls2_t } }