From a69fea65a61ad6617e14af74a48a00b939627451 Mon Sep 17 00:00:00 2001 From: howmp Date: Wed, 27 Nov 2024 18:40:29 +0800 Subject: [PATCH] add mips arch, add skip client cert verify option --- README.md | 7 +++++++ build.sh | 3 +++ client.go | 2 ++ cmd/grss/gen.go | 2 ++ server.go | 2 ++ 5 files changed, 16 insertions(+) diff --git a/README.md b/README.md index 5672be3..7d45154 100644 --- a/README.md +++ b/README.md @@ -43,6 +43,7 @@ Help Options: -e= expire second (default: 30) -o= server config output path (default: config.json) -c= client count (default: 3) + -s skip client cert verify --dir= client output directory (default: .) [gen command arguments] @@ -104,3 +105,9 @@ Usage of grsu: 1. 也可以NTP同步客户端、用户端、服务端时间 1. 服务端配置重新生成后,也需要使用最新的`grsc`和`grsu`,否则预共享密钥不匹配 1. 客户端的网络可能被劫持 + +### 为什么客户端/用户端提示`certificate signed by unknown authority`? + +运行环境缺少根证书,可以生成时指定`-s`选项,跳过验证 + +`grss gen -s www.qq.com:443 127.0.0.1:443` \ No newline at end of file diff --git a/build.sh b/build.sh index 5969e3c..984727e 100755 --- a/build.sh +++ b/build.sh @@ -5,12 +5,14 @@ CGO_ENABLED=0 GOOS=darwin GOARCH=amd64 go build -trimpath -ldflags "-s -w" -o ./ CGO_ENABLED=0 GOOS=darwin GOARCH=arm64 go build -trimpath -ldflags "-s -w" -o ./cmd/grss/client/grsc_darwin_arm64 ./cmd/grsc CGO_ENABLED=0 GOOS=linux GOARCH=amd64 go build -trimpath -ldflags "-s -w" -o ./cmd/grss/client/grsc_linux_amd64 ./cmd/grsc CGO_ENABLED=0 GOOS=linux GOARCH=arm64 go build -trimpath -ldflags "-s -w" -o ./cmd/grss/client/grsc_linux_arm64 ./cmd/grsc +CGO_ENABLED=0 GOOS=linux GOARCH=mips go build -trimpath -ldflags "-s -w" -o ./cmd/grss/client/grsc_linux_mips ./cmd/grsc CGO_ENABLED=0 GOOS=windows GOARCH=386 go build -trimpath -ldflags "-s -w" -o ./cmd/grss/client/grsc_windows.exe ./cmd/grsc CGO_ENABLED=0 GOOS=darwin GOARCH=amd64 go build -trimpath -ldflags "-s -w" -o ./cmd/grss/client/grsu_darwin_amd64 ./cmd/grsu CGO_ENABLED=0 GOOS=darwin GOARCH=arm64 go build -trimpath -ldflags "-s -w" -o ./cmd/grss/client/grsu_darwin_arm64 ./cmd/grsu CGO_ENABLED=0 GOOS=linux GOARCH=amd64 go build -trimpath -ldflags "-s -w" -o ./cmd/grss/client/grsu_linux_amd64 ./cmd/grsu CGO_ENABLED=0 GOOS=linux GOARCH=arm64 go build -trimpath -ldflags "-s -w" -o ./cmd/grss/client/grsu_linux_arm64 ./cmd/grsu +CGO_ENABLED=0 GOOS=linux GOARCH=mips go build -trimpath -ldflags "-s -w" -o ./cmd/grss/client/grsu_linux_mips ./cmd/grsu CGO_ENABLED=0 GOOS=windows GOARCH=386 go build -trimpath -ldflags "-s -w" -o ./cmd/grss/client/grsu_windows.exe ./cmd/grsu go-bindata -nomemcopy -nometadata -prefix cmd/grss/client -o ./cmd/grss/files.go ./cmd/grss/client/ @@ -19,6 +21,7 @@ CGO_ENABLED=0 GOOS=darwin GOARCH=amd64 go build -tags forceposix -trimpath -ldfl CGO_ENABLED=0 GOOS=darwin GOARCH=arm64 go build -tags forceposix -trimpath -ldflags "-s -w" -o ./dist/grss_darwin_arm64 ./cmd/grss CGO_ENABLED=0 GOOS=linux GOARCH=amd64 go build -tags forceposix -trimpath -ldflags "-s -w" -o ./dist/grss_linux_amd64 ./cmd/grss CGO_ENABLED=0 GOOS=linux GOARCH=arm64 go build -tags forceposix -trimpath -ldflags "-s -w" -o ./dist/grss_linux_arm64 ./cmd/grss +CGO_ENABLED=0 GOOS=linux GOARCH=mips go build -tags forceposix -trimpath -ldflags "-s -w" -o ./dist/grss_linux_mips ./cmd/grss CGO_ENABLED=0 GOOS=windows GOARCH=386 go build -tags forceposix -trimpath -ldflags "-s -w" -o ./dist/grss_windows.exe ./cmd/grss cp README.md ./dist diff --git a/client.go b/client.go index afe17ed..320161f 100644 --- a/client.go +++ b/client.go @@ -21,6 +21,7 @@ import ( type ClientConfig struct { ServerAddr string `json:"server_addr"` SNI string `json:"sni_name"` + SkipVerify bool `json:"skip_verify"` PublicKeyECDH string `json:"public_key_ecdh"` PublicKeyVerify string `json:"public_key_verify"` FingerPrint string `json:"finger_print"` @@ -185,6 +186,7 @@ func NewClient(ctx context.Context, config *ClientConfig) (net.Conn, error) { ServerName: config.SNI, SessionTicketsDisabled: true, MaxVersion: utls.VersionTLS12, + InsecureSkipVerify: config.SkipVerify, }, *config.fingerPrint, ) diff --git a/cmd/grss/gen.go b/cmd/grss/gen.go index 0f501d4..f13a3df 100644 --- a/cmd/grss/gen.go +++ b/cmd/grss/gen.go @@ -22,6 +22,7 @@ type gen struct { ExpireSecond uint32 `short:"e" default:"30" description:"expire second"` ConfigPath string `short:"o" default:"config.json" description:"server config output path"` ClientCount byte `short:"c" default:"3" description:"client count"` + SkipVerify bool `short:"s" description:"skip client cert verify"` ClientOutputDir string `long:"dir" default:"." description:"client output directory"` Positional struct { SNIAddr string `description:"tls server address, e.g. example.com:443"` @@ -109,6 +110,7 @@ func (c *gen) genConfig() (*reality.ServerConfig, error) { config.Debug = c.Debug config.ClientFingerPrint = c.FingerPrint config.ExpireSecond = c.ExpireSecond + config.SkipVerify = c.SkipVerify data, err := json.MarshalIndent(config, "", " ") if err != nil { return nil, err diff --git a/server.go b/server.go index 23e99ed..9837d9b 100644 --- a/server.go +++ b/server.go @@ -22,6 +22,7 @@ import ( type ServerConfig struct { SNIAddr string `json:"sni_addr"` ServerAddr string `json:"server_addr"` + SkipVerify bool `json:"skip_verify"` PrivateKeyECDH string `json:"private_key_ecdh"` PrivateKeySign string `json:"private_key_sign"` ExpireSecond uint32 `json:"expire_second"` @@ -111,6 +112,7 @@ func (s *ServerConfig) ToClientConfig(overlayData byte) *ClientConfig { return &ClientConfig{ SNI: s.sniHost, ServerAddr: s.ServerAddr, + SkipVerify: s.SkipVerify, PublicKeyECDH: base64.StdEncoding.EncodeToString(s.privateKeyECDH.PublicKey().Bytes()), PublicKeyVerify: base64.StdEncoding.EncodeToString(s.privateKeySign.Public().(ed25519.PublicKey)), ExpireSecond: s.ExpireSecond,