diff --git a/luci-app-passwall/luasrc/model/cbi/passwall/client/type/sing-box.lua b/luci-app-passwall/luasrc/model/cbi/passwall/client/type/sing-box.lua index 0fb4acc6a..d8e5f6868 100644 --- a/luci-app-passwall/luasrc/model/cbi/passwall/client/type/sing-box.lua +++ b/luci-app-passwall/luasrc/model/cbi/passwall/client/type/sing-box.lua @@ -448,6 +448,14 @@ o:value("h2,http/1.1") o:value("h3,h2,http/1.1") o:depends({ [_n("tls")] = true }) +o = s:option(Flag, _n("tls_disable_sni"), translate("Disable SNI"), translate("Do not send server name in ClientHello.")) +o.default = "0" +o:depends({ [_n("tls")] = true }) +o:depends({ [_n("protocol")] = "hysteria"}) +o:depends({ [_n("protocol")] = "tuic" }) +o:depends({ [_n("protocol")] = "hysteria2" }) +o:depends({ [_n("protocol")] = "shadowsocks" }) + o = s:option(Value, _n("tls_serverName"), translate("Domain")) o:depends({ [_n("tls")] = true }) o:depends({ [_n("protocol")] = "hysteria"}) diff --git a/luci-app-passwall/luasrc/passwall/util_sing-box.lua b/luci-app-passwall/luasrc/passwall/util_sing-box.lua index 20bdd42a1..61d620cad 100644 --- a/luci-app-passwall/luasrc/passwall/util_sing-box.lua +++ b/luci-app-passwall/luasrc/passwall/util_sing-box.lua @@ -147,7 +147,7 @@ function gen_outbound(flag, node, tag, proxy_table) end tls = { enabled = true, - disable_sni = false, --不要在 ClientHello 中发送服务器名称. + disable_sni = (node.tls_disable_sni == "1") and true or false, --不要在 ClientHello 中发送服务器名称. server_name = node.tls_serverName, --用于验证返回证书上的主机名,除非设置不安全。它还包含在 ClientHello 中以支持虚拟主机,除非它是 IP 地址。 insecure = (node.tls_allowInsecure == "1") and true or false, --接受任何服务器证书。 alpn = alpn, --支持的应用层协议协商列表,按优先顺序排列。如果两个对等点都支持 ALPN,则选择的协议将是此列表中的一个,如果没有相互支持的协议则连接将失败。 diff --git a/luci-app-passwall/po/zh-cn/passwall.po b/luci-app-passwall/po/zh-cn/passwall.po index a7e2df382..aaeca1528 100644 --- a/luci-app-passwall/po/zh-cn/passwall.po +++ b/luci-app-passwall/po/zh-cn/passwall.po @@ -1303,6 +1303,9 @@ msgstr "原版Trojan只支持'tls',请选择'tls'。" msgid "Transfer mode" msgstr "传输模式" +msgid "Do not send server name in ClientHello." +msgstr "不要在 ClientHello 中发送服务器名称。" + msgid "Domain" msgstr "域名"