Fix: remove ClientSessionCache and add NextProtos for vmess to fix #1468

2024-11-14 21:31:16 +08:00 · 2021-07-03 20:34:44 +08:00 · 2021-07-03 20:34:44 +08:00 · 995aa7a8fc
commit 995aa7a8fc
parent 3ca5d17c40
13 changed files with 9 additions and 48 deletions
--- a/adapter/outbound/http.go
+++ b/adapter/outbound/http.go
@ -125,7 +125,6 @@ func NewHttp(option HttpOption) *Http {
 		}
 		tlsConfig = &tls.Config{
 			InsecureSkipVerify: option.SkipCertVerify,
-			ClientSessionCache: getClientSessionCache(),
 			ServerName:         sni,
 		}
 	}
--- a/adapter/outbound/shadowsocks.go
+++ b/adapter/outbound/shadowsocks.go
@ -149,7 +149,6 @@ func NewShadowSocks(option ShadowSocksOption) (*ShadowSocks, error) {
 		if opts.TLS {
 			v2rayOption.TLS = true
 			v2rayOption.SkipCertVerify = opts.SkipCertVerify
-			v2rayOption.SessionCache = getClientSessionCache()
 		}
 	}

--- a/adapter/outbound/socks5.go
+++ b/adapter/outbound/socks5.go
@ -145,7 +145,6 @@ func NewSocks5(option Socks5Option) *Socks5 {
 	if option.TLS {
 		tlsConfig = &tls.Config{
 			InsecureSkipVerify: option.SkipCertVerify,
-			ClientSessionCache: getClientSessionCache(),
 			ServerName:         option.Server,
 		}
 	}
--- a/adapter/outbound/trojan.go
+++ b/adapter/outbound/trojan.go
@ -127,11 +127,10 @@ func NewTrojan(option TrojanOption) (*Trojan, error) {
 	addr := net.JoinHostPort(option.Server, strconv.Itoa(option.Port))

 	tOption := &trojan.Option{
-		Password:           option.Password,
-		ALPN:               option.ALPN,
-		ServerName:         option.Server,
-		SkipCertVerify:     option.SkipCertVerify,
-		ClientSessionCache: getClientSessionCache(),
+		Password:       option.Password,
+		ALPN:           option.ALPN,
+		ServerName:     option.Server,
+		SkipCertVerify: option.SkipCertVerify,
 	}

 	if option.SNI != "" {
@ -163,7 +162,6 @@ func NewTrojan(option TrojanOption) (*Trojan, error) {
 			MinVersion:         tls.VersionTLS12,
 			InsecureSkipVerify: tOption.SkipCertVerify,
 			ServerName:         tOption.ServerName,
-			ClientSessionCache: getClientSessionCache(),
 		}

 		t.transport = gun.NewHTTP2Client(dialFn, tlsConfig)
--- a/adapter/outbound/util.go
+++ b/adapter/outbound/util.go
@ -2,10 +2,8 @@ package outbound

 import (
 	"bytes"
-	"crypto/tls"
 	"net"
 	"strconv"
-	"sync"
 	"time"

 	"github.com/Dreamacro/clash/component/resolver"
@ -13,11 +11,6 @@ import (
 	"github.com/Dreamacro/clash/transport/socks5"
 )

-var (
-	globalClientSessionCache tls.ClientSessionCache
-	once                     sync.Once
-)
-
 func tcpKeepAlive(c net.Conn) {
 	if tcp, ok := c.(*net.TCPConn); ok {
 		tcp.SetKeepAlive(true)
@ -25,13 +18,6 @@ func tcpKeepAlive(c net.Conn) {
 	}
 }

-func getClientSessionCache() tls.ClientSessionCache {
-	once.Do(func() {
-		globalClientSessionCache = tls.NewLRUClientSessionCache(128)
-	})
-	return globalClientSessionCache
-}
-
 func serializesSocksAddr(metadata *C.Metadata) []byte {
 	var buf [][]byte
 	aType := uint8(metadata.AddrType)
--- a/adapter/outbound/vmess.go
+++ b/adapter/outbound/vmess.go
@ -86,7 +86,6 @@ func (v *Vmess) StreamConn(c net.Conn, metadata *C.Metadata) (net.Conn, error) {

 		if v.option.TLS {
 			wsOpts.TLS = true
-			wsOpts.SessionCache = getClientSessionCache()
 			wsOpts.SkipCertVerify = v.option.SkipCertVerify
 			wsOpts.ServerName = v.option.ServerName
 		}
@ -98,7 +97,6 @@ func (v *Vmess) StreamConn(c net.Conn, metadata *C.Metadata) (net.Conn, error) {
 			tlsOpts := &vmess.TLSConfig{
 				Host:           host,
 				SkipCertVerify: v.option.SkipCertVerify,
-				SessionCache:   getClientSessionCache(),
 			}

 			if v.option.ServerName != "" {
@ -125,7 +123,6 @@ func (v *Vmess) StreamConn(c net.Conn, metadata *C.Metadata) (net.Conn, error) {
 		tlsOpts := vmess.TLSConfig{
 			Host:           host,
 			SkipCertVerify: v.option.SkipCertVerify,
-			SessionCache:   getClientSessionCache(),
 			NextProtos:     []string{"h2"},
 		}

@ -153,7 +150,6 @@ func (v *Vmess) StreamConn(c net.Conn, metadata *C.Metadata) (net.Conn, error) {
 			tlsOpts := &vmess.TLSConfig{
 				Host:           host,
 				SkipCertVerify: v.option.SkipCertVerify,
-				SessionCache:   getClientSessionCache(),
 			}

 			if v.option.ServerName != "" {
--- a/dns/doh.go
+++ b/dns/doh.go
@ -3,7 +3,6 @@ package dns
 import (
 	"bytes"
 	"context"
-	"crypto/tls"
 	"io/ioutil"
 	"net"
 	"net/http"
@ -76,7 +75,6 @@ func newDoHClient(url string, r *Resolver) *dohClient {
 	return &dohClient{
 		url: url,
 		transport: &http.Transport{
-			TLSClientConfig:   &tls.Config{ClientSessionCache: globalSessionCache},
 			ForceAttemptHTTP2: true,
 			DialContext: func(ctx context.Context, network, addr string) (net.Conn, error) {
 				host, port, err := net.SplitHostPort(addr)
--- a/dns/resolver.go
+++ b/dns/resolver.go
@ -2,7 +2,6 @@ package dns

 import (
 	"context"
-	"crypto/tls"
 	"errors"
 	"fmt"
 	"math/rand"
@ -20,10 +19,6 @@ import (
 	"golang.org/x/sync/singleflight"
 )

-var (
-	globalSessionCache = tls.NewLRUClientSessionCache(64)
-)
-
 type dnsClient interface {
 	Exchange(m *D.Msg) (msg *D.Msg, err error)
 	ExchangeContext(ctx context.Context, m *D.Msg) (msg *D.Msg, err error)
--- a/dns/util.go
+++ b/dns/util.go
@ -127,7 +127,6 @@ func transform(servers []NameServer, resolver *Resolver) []dnsClient {
 			Client: &D.Client{
 				Net: s.Net,
 				TLSConfig: &tls.Config{
-					ClientSessionCache: globalSessionCache,
 					// alpn identifier, see https://tools.ietf.org/html/draft-hoffman-dprive-dns-tls-alpn-00#page-6
 					NextProtos: []string{"dns"},
 					ServerName: host,
--- a/transport/trojan/trojan.go
+++ b/transport/trojan/trojan.go
@ -34,11 +34,10 @@ var (
 )

 type Option struct {
-	Password           string
-	ALPN               []string
-	ServerName         string
-	SkipCertVerify     bool
-	ClientSessionCache tls.ClientSessionCache
+	Password       string
+	ALPN           []string
+	ServerName     string
+	SkipCertVerify bool
 }

 type Trojan struct {
@ -57,7 +56,6 @@ func (t *Trojan) StreamConn(conn net.Conn) (net.Conn, error) {
 		MinVersion:         tls.VersionTLS12,
 		InsecureSkipVerify: t.option.SkipCertVerify,
 		ServerName:         t.option.ServerName,
-		ClientSessionCache: t.option.ClientSessionCache,
 	}

 	tlsConn := tls.Client(conn, tlsConfig)
--- a/transport/v2ray-plugin/websocket.go
+++ b/transport/v2ray-plugin/websocket.go
@ -1,7 +1,6 @@
 package obfs

 import (
-	"crypto/tls"
 	"net"
 	"net/http"

@ -16,7 +15,6 @@ type Option struct {
 	Headers        map[string]string
 	TLS            bool
 	SkipCertVerify bool
-	SessionCache   tls.ClientSessionCache
 	Mux            bool
 }

@ -34,7 +32,6 @@ func NewV2rayObfs(conn net.Conn, option *Option) (net.Conn, error) {
 		TLS:            option.TLS,
 		Headers:        header,
 		SkipCertVerify: option.SkipCertVerify,
-		SessionCache:   option.SessionCache,
 	}

 	var err error
--- a/transport/vmess/tls.go
+++ b/transport/vmess/tls.go
@ -8,7 +8,6 @@ import (
 type TLSConfig struct {
 	Host           string
 	SkipCertVerify bool
-	SessionCache   tls.ClientSessionCache
 	NextProtos     []string
 }

@ -16,7 +15,6 @@ func StreamTLSConn(conn net.Conn, cfg *TLSConfig) (net.Conn, error) {
 	tlsConfig := &tls.Config{
 		ServerName:         cfg.Host,
 		InsecureSkipVerify: cfg.SkipCertVerify,
-		ClientSessionCache: cfg.SessionCache,
 		NextProtos:         cfg.NextProtos,
 	}

--- a/transport/vmess/websocket.go
+++ b/transport/vmess/websocket.go
@ -32,7 +32,6 @@ type WebsocketConfig struct {
 	TLS            bool
 	SkipCertVerify bool
 	ServerName     string
-	SessionCache   tls.ClientSessionCache
 }

 // Read implements net.Conn.Read()
@ -130,7 +129,7 @@ func StreamWebsocketConn(conn net.Conn, c *WebsocketConfig) (net.Conn, error) {
 		dialer.TLSClientConfig = &tls.Config{
 			ServerName:         c.Host,
 			InsecureSkipVerify: c.SkipCertVerify,
-			ClientSessionCache: c.SessionCache,
+			NextProtos:         []string{"http/1.1"},
 		}

 		if c.ServerName != "" {