diff --git a/services/http/http.go b/services/http/http.go index 16d41a3..51e7771 100644 --- a/services/http/http.go +++ b/services/http/http.go @@ -344,7 +344,6 @@ func (s *HTTP) OutToTCP(useProxy bool, address string, inConn *net.Conn, req *ut Password: *s.cfg.ParentKey, }) } - outAddr := outConn.RemoteAddr().String() //outLocalAddr := outConn.LocalAddr().String() if req.IsHTTPS() && (!useProxy || *s.cfg.ParentType == "ssh") { @@ -353,8 +352,8 @@ func (s *HTTP) OutToTCP(useProxy bool, address string, inConn *net.Conn, req *ut } else { //https或者http,上级是代理,proxy需要转发 outConn.SetDeadline(time.Now().Add(time.Millisecond * time.Duration(*s.cfg.Timeout))) - //直连目标或上级非代理,清理HTTP头部的代理头信息 - if !useProxy || *s.cfg.ParentType == "ssh" { + //直连目标或上级非代理或非SNI,清理HTTP头部的代理头信息. + if (!useProxy || *s.cfg.ParentType == "ssh") && !req.IsSNI { _, err = outConn.Write(utils.RemoveProxyHeaders(req.HeadBuf)) } else { _, err = outConn.Write(req.HeadBuf) diff --git a/utils/conncrypt/conncrypt.go b/utils/conncrypt/conncrypt.go index f3115e7..82641e8 100644 --- a/utils/conncrypt/conncrypt.go +++ b/utils/conncrypt/conncrypt.go @@ -12,8 +12,8 @@ import ( ) //Confg defaults -const DefaultIterations = 2048 -const DefaultKeySize = 32 //256bits +const DefaultIterations = 1024 +const DefaultKeySize = 24 //256bits var DefaultHashFunc = sha256.New var DefaultSalt = []byte(` (;QUHj.BQ?RXzYSO]ifkXp/G!kFmWyXyEV6Nt!d|@bo+N$L9+