Commit Graph

32 Commits (6ba0dbafd7106d08146488d62398a807504f3f8d)

Author SHA1 Message Date
风扇滑翔翼 571777483b
TLS: Add CurvePreferences (to enable kyber768) (#3991)
Co-authored-by: RPRX <63339210+RPRX@users.noreply.github.com>
2024-11-11 04:21:28 +00:00
zonescape 83bab5dd90
Chore: Run gofmt (#3990) 2024-11-09 11:16:11 +00:00
lelemka0 4531a7e228
CertificateObject: Enable auto-reload for cacert & Add buildChain & Fixes (#3607) 2024-07-29 06:58:58 +00:00
yuhan6665 079d0bd8a9
Refactor log (#3446)
* Refactor log

* Add new log methods

* Fix logger test

* Change all logging code

* Clean up pathObj

* Rebase to latest main

* Remove invoking method name after the dot
2024-06-29 14:32:57 -04:00
RPRX 61800fcc66
Revert "nosni"
https://github.com/XTLS/Xray-core/pull/3214#issuecomment-2078502477
2024-04-26 02:27:22 +00:00
Allo fbc56b88da chore: remove the usage of some deprecated tls properties 2024-04-13 17:56:35 -04:00
风扇滑翔翼 ec2224974d Add "nosni" option to send empty SNI (#3214)
* Allow not to send SNI

* Allow reality not to send SNI
2024-04-01 11:08:37 -04:00
yuhan6665 6f092bd212
Add "masterKeyLog" in TLS config (#2758)
* Add "enableMasterKeyLog" in TLS config

Turn on the debug option for Wireshark to decrypt traffic

* Change to "masterKeyLog" to configure a path
2023-11-27 10:08:34 -05:00
RPRX beb603af06 Allow IP address ServerName when "serverName" is not configured
In this case, TLS Client Hello will not have SNI (RFC 6066, Section 3)
2023-03-26 10:57:20 +00:00
Yue Yin 03b8c094de Support SPKI Fingerprint Pinning
Support SPKI Fingerprint Pinning for TLSObject
2023-02-24 11:47:00 -05:00
yuhan6665 acb81ebe3d
Verify peer cert function for better man in the middle prevention (#746)
* verify peer cert function for better man in the middle prevention

* publish cert chain hash generation algorithm

* added calculation of certificate hash as separate command and tlsping, use base64 to represent fingerprint to align with jsonPb

* apply coding style

* added test case for pinned certificates

* refactored cert pin

* pinned cert test

* added json loading of the PinnedPeerCertificateChainSha256

* removed tool to prepare for v5

* Add server cert pinning for Xtls

Change command "xray tls certChainHash" to xray style

Co-authored-by: Shelikhoo <xiaokangwang@outlook.com>
2021-10-22 12:38:40 +08:00
yuhan6665 e286cdcaa8
Style: format code by gofumpt (#761) 2021-10-20 00:57:14 +08:00
WeidiDeng b0b2aaa70c
Fixed refresh error when multiple certificates exist (#663)
* Fix when there are multiple certs, after refresh from file all will be the same as the last.
2021-09-18 03:48:22 +08:00
Arthur Morgan 7a9e72b133
Merge pull request #589 from bhoppi/main
Fix: new cert issuing is incorrectly delayed
2021-09-08 00:50:32 +08:00
Bhoppi Chaw 2220411644 fix new cert issuing is incorrectly delayed 2021-06-05 23:32:05 +08:00
hmol233 e8a8465220
Fix reject unknown sni with single cert 2021-05-10 00:28:40 +08:00
hmol233 1f92b948c0
Fix errNoCertificates 2021-05-10 00:11:45 +08:00
hmol233 53b99efe78
Add: reject unknown SNI
Co-Authored-By: 玖柒Max <60207794+jiuqi9997@users.noreply.github.com>
2021-05-09 23:47:21 +08:00
RPRX 4bf8b6d89c
Fix uTLS fingerprints support
Thank @HirbodBehnam https://github.com/XTLS/Xray-core/issues/461
2021-04-01 09:15:18 +00:00
RPRX 8b9c0ae593
Enable (X)TLS hot reloading by default (#281)
Super BiuBiu
2021-02-20 02:15:57 +00:00
eMeab 81d993158f
Support hot reloading of certificate and key files (#225) 2021-02-12 15:33:19 +00:00
eMeab c13b8ec9bb
Fix OCSP Stapling (#172)
Co-authored-by: RPRX <63339210+rprx@users.noreply.github.com>
2021-01-30 23:17:07 +00:00
RPRX 7df135a5c4
Disable session resumption by default
https://github.com/v2fly/v2ray-core/issues/557#issuecomment-751962569
2021-01-01 11:33:09 +00:00
RPRX a78db47571
Adjust OCSP Stapling 2020-12-25 15:10:12 +00:00
eMeab 3d7e86efba
Add OCSP Stapling for TLS & XTLS (#92) 2020-12-25 08:01:20 +00:00
RPRX ff9bb2d8df
Optimize cipherSuites setting loader 2020-12-17 09:25:30 +00:00
RPRX 38faac5ffc
Adjust config loader of TLS & XTLS 2020-12-16 15:59:04 +00:00
eMeab 88dfed931b
Add cipherSuites setting for TLS & XTLS (#78) 2020-12-16 12:53:55 +00:00
eMeab dab978749c
Add minVersion setting for TLS & XTLS (#77) 2020-12-16 05:20:24 +00:00
RPRX f8faf3c8b8 Removal: confonly 2020-12-11 13:05:29 +08:00
RPRX 16544c18ab v1.1.0 2020-12-04 09:36:16 +08:00
RPRX c7f7c08ead v1.0.0 2020-11-25 19:01:53 +08:00