search

ihciah / shadow-tls

A proxy to expose real tls handshake to the firewall
https://www.ihcblog.com/a-better-tls-obfs-proxy/
MIT License
2.32k stars 265 forks source link

Multiple SNI #51

Closed CyrusTheV closed 1 year ago

CyrusTheV commented 1 year ago

Thank you for your wonderful software. Is it possible to use multiple SNI ?

ihciah commented 1 year ago

Now we don't support it. Is there some reasons for using multiple SNIs?

If we support it, we may have to allow users custom selection strategy like a load balancer. For example random, but is it really help anti-detection?

CyrusTheV commented 1 year ago

Something like port hopping will do, for now I run multiple instances.

On Fri, Jan 6, 2023, 7:22 AM ihc童鞋@提不起劲 @.***> wrote:

Now we don't support it. Is there some reasons for using multiple SNIs?

If we support it, we may have to allow users custom selection strategy like a load balancer. For example random, but is it really help anti-detection?

— Reply to this email directly, view it on GitHub https://github.com/ihciah/shadow-tls/issues/51#issuecomment-1373109371, or unsubscribe https://github.com/notifications/unsubscribe-auth/ABN7YNIS7AKITTAH6UMMCFLWQ6JGPANCNFSM6AAAAAATEEQGQE . You are receiving this because you authored the thread.Message ID: @.***>

ihciah commented 1 year ago

I see. You mean not multiple SNI for one backend, but multiple backend. It is right?

CyrusTheV commented 1 year ago

It can be both, using a single sni can put it a risk of detection, switching in between multiple SNIs might help them stay unfiltered.

On Fri, Jan 6, 2023, 9:45 AM ihc童鞋@提不起劲 @.***> wrote:

I see. You mean not multiple SNI for one backend, but multiple backend. It is right?

— Reply to this email directly, view it on GitHub https://github.com/ihciah/shadow-tls/issues/51#issuecomment-1373189965, or unsubscribe https://github.com/notifications/unsubscribe-auth/ABN7YNMZCDEV6U7QFBUSVFDWQ62AXANCNFSM6AAAAAATEEQGQE . You are receiving this because you authored the thread.Message ID: @.***>

ihciah commented 1 year ago

Multiple SNI is supported now.

CyrusTheV commented 1 year ago

Thank you very much

On Fri, Feb 3, 2023, 1:49 PM ihc童鞋@提不起劲 @.***> wrote:

Multiple SNI is supported now.

— Reply to this email directly, view it on GitHub https://github.com/ihciah/shadow-tls/issues/51#issuecomment-1415618126, or unsubscribe https://github.com/notifications/unsubscribe-auth/ABN7YNKE4VDYKGUPA6UL5TLWVTLUJANCNFSM6AAAAAATEEQGQE . You are receiving this because you modified the open/close state.Message ID: @.***>