yanistyle/sing-box-extended
1
0
Fork 0
mirror of https://github.com/shtorm-7/sing-box-extended.git synced 2026-06-27 04:39:02 +03:00
Code Issues Packages Projects Releases Wiki Activity

feat(masque): make TLS SNI configurable via server_name

Browse Source 
MASQUE outbound previously hardcoded the TLS SNI to consumer-masque.cloudflareclient.com. Add a server_name field to the MASQUE outbound TLS options. When empty it falls back to the existing default (cloudflare.ConnectSNI), so existing configs are unaffected.
This commit is contained in:
v14d4n
2026-06-22 14:12:40 +04:00
parent 2cbc7691f0
commit 7bfad732e2
3 changed files with 7 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
protocol/masque/outbound.go
View File

@@ -100,7 +100,11 @@ func NewOutbound(ctx context.Context, router adapter.Router, logger log.ContextL
logger.ErrorContext(ctx, E.New("failed to generate cert: ", err))
return
}
tlsConfig, err := tls.NewMASQUEClient(ctx, logger, "consumer-masque.cloudflareclient.com", cert, privKey, peerPubKey, common.PtrValueOrDefault(options.TLS))
serverName := cloudflare.ConnectSNI
if options.TLS != nil && options.TLS.ServerName != "" {
serverName = options.TLS.ServerName
}
tlsConfig, err := tls.NewMASQUEClient(ctx, logger, serverName, cert, privKey, peerPubKey, common.PtrValueOrDefault(options.TLS))
if err != nil {
logger.ErrorContext(ctx, E.New("failed to prepare TLS config: ", err))
return