Update utls to v1.6.7

2024-09-23 16:51:55 +08:00
parent 846777cd0c
commit 926d6f769e
7 changed files with 40 additions and 49 deletions
--- a/docs/configuration/inbound/trojan.md
+++ b/docs/configuration/inbound/trojan.md
@@ -47,7 +47,7 @@ TLS configuration, see [TLS](/configuration/shared/tls/#inbound).

 #### fallback

-!!! quote ""
+!!! failure ""

    There is no evidence that GFW detects and blocks Trojan servers based on HTTP responses, and opening the standard http/s port on the server is a much bigger signature.

--- a/docs/configuration/route/rule.md
+++ b/docs/configuration/route/rule.md
@@ -4,7 +4,7 @@ icon: material/alert-decagram

 !!! quote "Changes in sing-box 1.10.0"

-    :material-plus: [client](#client)
+    :material-plus: [client](#client)  
    :material-delete-clock: [rule_set_ipcidr_match_source](#rule_set_ipcidr_match_source)  
    :material-plus: [rule_set_ip_cidr_match_source](#rule_set_ip_cidr_match_source)  
    :material-plus: [process_path_regex](#process_path_regex)
--- a/docs/configuration/shared/tls.md
+++ b/docs/configuration/shared/tls.md
@@ -1,4 +1,8 @@
-!!! quote "Changes in sing-box 1.8.0"
+---
+icon: material/alert-decagram
+---
+
+!!! quote "Changes in sing-box 1.10.0"

    :material-alert-decagram: [utls](#utls)  

@@ -210,28 +214,25 @@ The path to the server private key, in PEM format.

 ==Client only==

-!!! note ""
-
-    uTLS is poorly maintained and the effect may be unproven, use at your own risk.
+!!! failure ""
+    
+    There is no evidence that GFW detects and blocks servers based on TLS client fingerprinting, and using an imperfect emulation that has not been security reviewed could pose security risks.

 uTLS is a fork of "crypto/tls", which provides ClientHello fingerprinting resistance.

 Available fingerprint values:

-!!! question "Since sing-box 1.8.0"
+!!! warning "Removed since sing-box 1.10.0"

-    :material-plus: chrome_psk  
-    :material-plus: chrome_psk_shuffle  
-    :material-plus: chrome_padding_psk_shuffle  
-    :material-plus: chrome_pq  
-    :material-plus: chrome_pq_psk
+    Some legacy chrome fingerprints have been removed and will fallback to chrome:
+
+    :material-close: chrome_psk  
+    :material-close: chrome_psk_shuffle  
+    :material-close: chrome_padding_psk_shuffle  
+    :material-close: chrome_pq  
+    :material-close: chrome_pq_psk

 * chrome
-* chrome_psk
-* chrome_psk_shuffle
-* chrome_padding_psk_shuffle
-* chrome_pq
-* chrome_pq_psk
 * firefox
 * edge
 * safari
--- a/docs/configuration/shared/tls.zh.md
+++ b/docs/configuration/shared/tls.zh.md
@@ -1,4 +1,8 @@
-!!! quote "sing-box 1.8.0 中的更改"
+---
+icon: material/alert-decagram
+---
+
+!!! quote "sing-box 1.10.0 中的更改"

    :material-alert-decagram: [utls](#utls)  

@@ -44,8 +48,8 @@
    "handshake": {
      "server": "google.com",
      "server_port": 443,
-
-      ... // 拨号字段
+      ...
+      // 拨号字段
    },
    "private_key": "UuMBgl7MXTPx9inmQp2UC7Jcnwc6XYbwDNebonM-FCc",
    "short_id": [
@@ -202,28 +206,25 @@ TLS 版本值：

 ==仅客户端==

-!!! note ""
+!!! failure ""

-    uTLS 维护不善且其效果可能未经证实，使用风险自负。
+    没有证据表明 GFW 根据 TLS 客户端指纹检测并阻止服务器，并且，使用一个未经安全审查的不完美模拟可能带来安全隐患。

 uTLS 是 "crypto/tls" 的一个分支，它提供了 ClientHello 指纹识别阻力。

 可用的指纹值：

-!!! question "自 sing-box 1.8.0 起"
+!!! warning "已在 sing-box 1.10.0 移除"

-    :material-plus: chrome_psk  
-    :material-plus: chrome_psk_shuffle  
-    :material-plus: chrome_padding_psk_shuffle  
-    :material-plus: chrome_pq  
-    :material-plus: chrome_pq_psk
+    一些旧 chrome 指纹已被删除，并将会退到 chrome：
+
+    :material-close: chrome_psk  
+    :material-close: chrome_psk_shuffle  
+    :material-close: chrome_padding_psk_shuffle  
+    :material-close: chrome_pq  
+    :material-close: chrome_pq_psk

 * chrome
-* chrome_psk
-* chrome_psk_shuffle
-* chrome_padding_psk_shuffle
-* chrome_pq
-* chrome_pq_psk
 * firefox
 * edge
 * safari