utls

Fork of the Go standard TLS library, providing low-level access to the ClientHello for mimicry purposes.

BSD-3-CLAUSE License

Stars
1.7K
Committers
134
View Code on GitHub
Ecosystems: Go

Bot releases are hidden (Show)

utls - v1.4.0 Quiet uTLS Is Cool

Published by gaukas about 1 year ago

Security Fix

What's New

What's Changed

Full Changelog: https://github.com/refraction-networking/utls/compare/v1.3.3...v1.4.0

This is enlisted as pre-release because it syncs with Go 1.21rc4 -- which is not a stable release of Go.

utls - v1.3.3 Compatibility and Optimization

Published by gaukas over 1 year ago

What's Changed

Full Changelog: https://github.com/refraction-networking/utls/compare/v1.3.2...v1.3.3

utls - v1.3.2 bug fixes, robustness, and new (beta) ClientHelloSpecs

Published by gaukas over 1 year ago

What's Changed

Note

Added HelloChrome_100_PSK and HelloChrome_112_PSK_Shuf, which includes PreSharedKey automatically instead of Padding as the last TLS extensions.

To use them correctly, you are required to use (*UConn).ApplyPreset():

conn := utls.UClient(plainConn, utlsConfig, utls.HelloCustom)
preset, err := utls.UTLSIdToSpec(utls.HelloChrome_112_PSK_Shuf) // correct
if err != nil {
	return nil, err
}
if pskExt, ok := preset.Extensions[len(preset.Extensions)-1].(*utls.FakePreSharedKeyExtension); ok {
	pskExt.PskIdentities = []utls.PskIdentity{ // must set identity
		{
			Label:               []byte("blahblahblah"), // change this
			ObfuscatedTicketAge: 0, // change this
		},
	}
	// each fake binder is 32 bytes of zeros
	pskExt.PskBinders = [][]byte{ // must set psk binders
		{
			0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,  // change this
		},
	} // byte slices
}
conn.ApplyPreset(&preset) // make sure to apply preset to the connection

Instead of

conn := utls.UClient(plainConn, utlsConfig, utls.HelloChrome_112_PSK_Shuf) // incorrect! PSK extension will use empty payload!

New Contributors

Full Changelog: https://github.com/refraction-networking/utls/compare/v1.3.1...v1.3.2

utls - v1.3.1 Hotfix: InsecureServerNameToVerify for loadSession

Published by gaukas over 1 year ago

What's Changed

New Contributors

Full Changelog: https://github.com/refraction-networking/utls/compare/v1.3.0...v1.3.1

utls - v1.3.0 Update: Security, and Compatibility

Published by gaukas over 1 year ago

What's Changed

New Contributors

Important Notice

#170 and #171 patched vulnerabilities allowing a strong attacker to detect and break uTLS (and Go's crypto/tls) connections. Please consider updating your go.mod to use the latest version of uTLS.

Full Changelog: https://github.com/refraction-networking/utls/compare/v1.2.2...v1.3.0

utls - v1.2.2 Hotfix: Allow custom weights in generateRandomizedSpec()

Published by gaukas over 1 year ago

What's Changed

Full Changelog: https://github.com/refraction-networking/utls/compare/v1.2.1...v1.2.2

utls - v1.2.1 Improvements and Fix

Published by gaukas over 1 year ago

What's Changed

New Contributors

Full Changelog: https://github.com/refraction-networking/utls/compare/v1.2.0...v1.2.1

We will not sync with upstream crypto/tls until the next tagged version.

utls - v1.2.0 Refactored and Made Anew

Published by gaukas almost 2 years ago

TL;DR

This update includes some major refactorizations and improvements, ALPS (ApplicationSettingsExtension) support, and included a new experimental anti-fingerprinting fingerprint from Chrome/Chromium.

What's Changed

Minimum Go version: 1.16 -> 1.19

New Contributors

Full Changelog: https://github.com/refraction-networking/utls/compare/v1.1.5...v1.2.0

utls - v1.1.5 Sync & New Architecture

Published by gaukas about 2 years ago

Note: this is the last tagged version in which we support old Go versions.

From next release, we will support go 1.19 and above only.

What's Changed

New Contributors

Full Changelog: https://github.com/refraction-networking/utls/compare/v1.1.3...v1.1.5

utls - v1.1.3 ClientHello Diversity

Published by gaukas about 2 years ago

What's Changed

Full Changelog: https://github.com/refraction-networking/utls/compare/v1.1.2...v1.1.3

utls - v1.1.2

Published by gaukas about 2 years ago

What's Changed

New Contributors

Full Changelog: https://github.com/refraction-networking/utls/compare/v1.1.1...v1.1.2

utls - v1.1.1

Published by gaukas over 2 years ago

What's Changed

New Contributors

Full Changelog: https://github.com/refraction-networking/utls/compare/v1.0.0...v1.1.1

utls - v1.0.0

Published by sergeyfrolov almost 3 years ago

First tagged release.

Package Rankings
Top 0.98% on Proxy.golang.org
Badges
Extracted from project README
Build Status godoc
Related Projects
kcp-go

A Crypto-Secure Reliable-UDP Library for golang with FEC

16 Jun 2015 4,067
go-httpclient

Advanced HTTP client for golang

14 Feb 2014 465
goic

Golang OpenID Connect Client

11 Oct 2021 30
holster

A place to keep useful golang functions and small libraries

20 Feb 2017 288
certmagic

Automatic HTTPS for any Go program: fully-managed TLS certificate issuance and renewal

10 Dec 2018 4,848
chisel

A fast TCP/UDP tunnel over HTTP

25 Feb 2015 12,104
pagoda

Rapid, easy full-stack web development starter kit in Go

03 Dec 2021 1,514
kcptun

A Stable & Secure Tunnel based on KCP with N:M multiplexing and FEC. Available for ARM, MIPS, 386...

26 Feb 2016 13,660
mtproto

Telegram MTProto and its proxy (over gRPC) in Go (golang). API Layer: 71

20 Nov 2017 150