mirrors/Xray-core
1
0
Fork 0
mirror of https://github.com/XTLS/Xray-core.git synced 2025-04-30 17:38:41 +00:00
Code Issues Projects Releases Packages Wiki Activity

MITM: Allow using local received SNI in the outgoing serverName & verifyPeerCertInNames

Browse source 
https://github.com/XTLS/Xray-core/issues/4348#issuecomment-2637370175

Local received SNI was sent by browser/app.

In freedom RAW's `tlsSettings`, set `"serverName": "fromMitm"` to forward it to the real website.

In freedom RAW's `tlsSettings`, set `"verifyPeerCertInNames": ["fromMitm"]` to use all possible names to verify the certificate.
This commit is contained in:
RPRX 2025-02-06 07:37:30 +00:00 committed by GitHub
parent 9b7841178a
commit c6a31f457c
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
8 changed files with 150 additions and 85 deletions
Download patch file Download diff file Expand all files Collapse all files

12
common/session/context.go
View file

@ -24,6 +24,7 @@ const (
allowedNetworkKey ctx.SessionKey = 9
handlerSessionKey ctx.SessionKey = 10
mitmAlpn11Key ctx.SessionKey = 11
mitmServerNameKey ctx.SessionKey = 12
)
func ContextWithInbound(ctx context.Context, inbound *Inbound) context.Context {
@ -174,3 +175,14 @@ func MitmAlpn11FromContext(ctx context.Context) bool {
}
return false
}
func ContextWithMitmServerName(ctx context.Context, serverName string) context.Context {
return context.WithValue(ctx, mitmServerNameKey, serverName)
}
func MitmServerNameFromContext(ctx context.Context) string {
if val, ok := ctx.Value(mitmServerNameKey).(string); ok {
return val
}
return ""
}