5 лет назад · 0e1114eb0c
--- a/vendor/github.com/Psiphon-Labs/tls-tris/handshake_server.go
+++ b/vendor/github.com/Psiphon-Labs/tls-tris/handshake_server.go
@@ -89,7 +89,7 @@ func (c *Conn) serverHandshake() error {
 
															 	// changes, in the passthrough case the ownership of Conn.conn, the client
														
 
															 	// TCP conn, is transferred to the passthrough relay and a closedConn is
														
 
															 	// substituted for Conn.conn. This allows the remaining `tls` code paths to
														
 
															-	// continue reference a net.Conn, albiet one that is closed, so Reads and
														
 
															+	// continue reference a net.Conn, albeit one that is closed, so Reads and
														
 
															 	// Writes will fail.
														
 
															 	if c.config.PassthroughAddress != "" {
														
@@ -105,16 +105,9 @@ func (c *Conn) serverHandshake() error {
 
															 			if !obfuscator.VerifyTLSPassthroughMessage(
														
 
															 				c.config.PassthroughKey, hs.clientHello.random) {
														
 
															-				// Legitimate, older clients that don't use passthrough messages will hit
														
 
															-				// this case. Reduce false positive event logs with this heuristic: if
														
 
															-				// isResume, the client sent a valid session ticket, so either the client
														
 
															-				// sent a valid obfuscated session ticket proving knowledge of the
														
 
															-				// obfuscation key, or the client previously connected and obtained a
														
 
															-				// server-issued session ticket (this latter case shouldn't happen as the
														
 
															-				// passthough message is now required for all connections; but isResume
														
 
															-				// doesn't strictly mean the session ticket was _obfuscated_).
														
 
															-				c.config.PassthroughLogInvalidMessage(
														
 
															-					c.conn.RemoteAddr().String())
														
 
															+				clientAddr := c.conn.RemoteAddr().String()
														
 
															+				clientIP, _, _ := net.SplitHostPort(clientAddr)
														
 
															+				c.config.PassthroughLogInvalidMessage(clientIP)
														
 
															 				doPassthrough = true
														
 
															 				err = errors.New("passthrough: invalid client random")
														
--- a/vendor/vendor.json
+++ b/vendor/vendor.json
@@ -147,10 +147,10 @@
 
															 			"revisionTime": "2020-01-16T02:28:06Z"
														
 
															 		},
														
 
															 		{
														
 
															-			"checksumSHA1": "tP8/SZKnStfvqhHMeB5EpgtoGSQ=",
														
 
															+			"checksumSHA1": "vK+EtAIPYfEe9M9rSoGZYffUsxo=",
														
 
															 			"path": "github.com/Psiphon-Labs/tls-tris",
														
 
															-			"revision": "7ff412878bba4c627909aed23258d42b1f2b14f5",
														
 
															-			"revisionTime": "2020-03-26T18:33:34Z"
														
 
															+			"revision": "16ab4b2ea797315638cb1ee75f438ef9502b617c",
														
 
															+			"revisionTime": "2020-05-04T18:37:24Z"
														
 
															 		},
														
 
															 		{
														
 
															 			"checksumSHA1": "30PBqj9BW03KCVqASvLg3bR+xYc=",