From fbc1fc8670c31d7d8c9c948518a98e57d83ceef6 Mon Sep 17 00:00:00 2001 From: gitea-action Date: Thu, 1 May 2025 16:30:20 +0800 Subject: [PATCH] luci-app-passwall2: sync upstream last commit: https://github.com/xiaorouji/openwrt-passwall2/commit/71cc1f363ddaafa9f23314f83f14229c14481bdd --- .../luasrc/model/cbi/passwall2/client/type/sing-box.lua | 8 ++++++++ luci-app-passwall2/luasrc/passwall2/util_sing-box.lua | 2 +- luci-app-passwall2/po/zh-cn/passwall2.po | 3 +++ 3 files changed, 12 insertions(+), 1 deletion(-) diff --git a/luci-app-passwall2/luasrc/model/cbi/passwall2/client/type/sing-box.lua b/luci-app-passwall2/luasrc/model/cbi/passwall2/client/type/sing-box.lua index 3859e57ce..f995a5f78 100644 --- a/luci-app-passwall2/luasrc/model/cbi/passwall2/client/type/sing-box.lua +++ b/luci-app-passwall2/luasrc/model/cbi/passwall2/client/type/sing-box.lua @@ -446,6 +446,14 @@ o:value("h2,http/1.1") o:value("h3,h2,http/1.1") o:depends({ [_n("tls")] = true }) +o = s:option(Flag, _n("tls_disable_sni"), translate("Disable SNI"), translate("Do not send server name in ClientHello.")) +o.default = "0" +o:depends({ [_n("tls")] = true }) +o:depends({ [_n("protocol")] = "hysteria"}) +o:depends({ [_n("protocol")] = "tuic" }) +o:depends({ [_n("protocol")] = "hysteria2" }) +o:depends({ [_n("protocol")] = "shadowsocks" }) + o = s:option(Value, _n("tls_serverName"), translate("Domain")) o:depends({ [_n("tls")] = true }) o:depends({ [_n("protocol")] = "hysteria"}) diff --git a/luci-app-passwall2/luasrc/passwall2/util_sing-box.lua b/luci-app-passwall2/luasrc/passwall2/util_sing-box.lua index 06ebb558b..480e987b2 100644 --- a/luci-app-passwall2/luasrc/passwall2/util_sing-box.lua +++ b/luci-app-passwall2/luasrc/passwall2/util_sing-box.lua @@ -88,7 +88,7 @@ function gen_outbound(flag, node, tag, proxy_table) end tls = { enabled = true, - disable_sni = false, --不要在 ClientHello 中发送服务器名称. + disable_sni = (node.tls_disable_sni == "1") and true or false, --不要在 ClientHello 中发送服务器名称. server_name = node.tls_serverName, --用于验证返回证书上的主机名,除非设置不安全。它还包含在 ClientHello 中以支持虚拟主机,除非它是 IP 地址。 insecure = (node.tls_allowInsecure == "1") and true or false, --接受任何服务器证书。 alpn = alpn, --支持的应用层协议协商列表,按优先顺序排列。如果两个对等点都支持 ALPN,则选择的协议将是此列表中的一个,如果没有相互支持的协议则连接将失败。 diff --git a/luci-app-passwall2/po/zh-cn/passwall2.po b/luci-app-passwall2/po/zh-cn/passwall2.po index 2b6784bea..9a2760187 100644 --- a/luci-app-passwall2/po/zh-cn/passwall2.po +++ b/luci-app-passwall2/po/zh-cn/passwall2.po @@ -1174,6 +1174,9 @@ msgstr "原版Trojan只支持'tls',请选择'tls'。" msgid "Transfer mode" msgstr "传输模式" +msgid "Do not send server name in ClientHello." +msgstr "不要在 ClientHello 中发送服务器名称." + msgid "Domain" msgstr "域名"