[Feature Request] Avoid TLS fingerprint

v2ray / v2ray-core

A platform for building proxies to bypass network restrictions.

https://www.v2ray.com/

MIT License

44.99k stars 8.95k forks source link

[Feature Request] Avoid TLS fingerprint #1660

Closed emc2314 closed 4 years ago

emc2314 commented 5 years ago

The authors of The use of TLS in Censorship Circumvention (NDSS 2019) develop a library called uTLS, which is a fork of the Go standard TLS library. It can mimic the fingerprint of popular TLS client (e.g. Chrome), thus reducing the possibility to be detected.

Xyncgas commented 5 years ago

upvote !

emc2314 commented 5 years ago

Note: Already integrated in commit c072d38e2c365f2966b18ae041f5c9ef820b2e53, but not enabled yet. Sorry for disturbing, but may I ask what is experiment 8357? @DarienRaymond

emc2314 commented 4 years ago

在"tlsSettings"中加入"serverName": "experiment:8357"即可开启 utls, 不知道为啥文档里没有提到. 可能是不够稳定或者不太愿意公开. 总之本 issue 关闭.

emc2314 commented 4 years ago

仔细看了下, 功能的确还不完善... 只用了 utls 却没有更改指纹. 而且只有 tcp 支持, ws 并没有相关代码.

emc2314 commented 4 years ago

要支持 ws 需要修改 gorilla/websocket 上游代码, 好难(