10 месяцев назад · e488d30df8
--- a/go.mod
+++ b/go.mod
@@ -41,7 +41,7 @@ require (
 
				 	github.com/Psiphon-Labs/goptlib v0.0.0-20200406165125-c0e32a7a3464
			
 
				 	github.com/Psiphon-Labs/psiphon-tls v0.0.0-20250318183125-2a2fae2db378
			
 
				 	github.com/Psiphon-Labs/quic-go v0.0.0-20250325201346-c58235406399
			
 
				-	github.com/Psiphon-Labs/utls v0.0.0-20250311210446-c1daf1ce55c1
			
 
				+	github.com/Psiphon-Labs/utls v0.0.0-20250429162420-6dbd45ae7ceb
			
 
				 	github.com/armon/go-proxyproto v0.0.0-20180202201750-5b7edb60ff5f
			
 
				 	github.com/bifurcation/mint v0.0.0-20180306135233-198357931e61
			
 
				 	github.com/bits-and-blooms/bloom/v3 v3.6.0
			
--- a/go.sum
+++ b/go.sum
@@ -26,8 +26,8 @@ github.com/Psiphon-Labs/psiphon-tls v0.0.0-20250318183125-2a2fae2db378 h1:LqI8cx
 
				 github.com/Psiphon-Labs/psiphon-tls v0.0.0-20250318183125-2a2fae2db378/go.mod h1:7ZUnPnWT5z8J8hxfsVjKHYK77Zme/Y0If1b/zeziiJs=
			
 
				 github.com/Psiphon-Labs/quic-go v0.0.0-20250325201346-c58235406399 h1:FuT4mr/LzJC0KVgTDnFCKgWdkftqIHxjb75B39M2Rbg=
			
 
				 github.com/Psiphon-Labs/quic-go v0.0.0-20250325201346-c58235406399/go.mod h1:rONdWgPMbFjyyBai7gB1IBF4pT9r4l0GyiDst5XR1SY=
			
 
				-github.com/Psiphon-Labs/utls v0.0.0-20250311210446-c1daf1ce55c1 h1:4AoKcLPErKMbqVdhA2MmnEP8kC4/CLlADnIR4rULHfM=
			
 
				-github.com/Psiphon-Labs/utls v0.0.0-20250311210446-c1daf1ce55c1/go.mod h1:1vv0gVAzq9e2XYkW8HAKrmtuuZrBdDixQFx5H22KAjI=
			
 
				+github.com/Psiphon-Labs/utls v0.0.0-20250429162420-6dbd45ae7ceb h1:6q4bNLmVD8WtgwqR6w2VPW9dJIMT4yhbez/XuLT+7ac=
			
 
				+github.com/Psiphon-Labs/utls v0.0.0-20250429162420-6dbd45ae7ceb/go.mod h1:1vv0gVAzq9e2XYkW8HAKrmtuuZrBdDixQFx5H22KAjI=
			
 
				 github.com/alexbrainman/sspi v0.0.0-20231016080023-1a75b4708caa h1:LHTHcTQiSGT7VVbI0o4wBRNQIgn917usHWOd6VAffYI=
			
 
				 github.com/alexbrainman/sspi v0.0.0-20231016080023-1a75b4708caa/go.mod h1:cEWa1LVoE5KvSD9ONXsZrj0z6KqySlCCNKHlLzbqAt4=
			
 
				 github.com/andybalholm/brotli v1.1.1 h1:PR2pgnyFznKEugtsUo0xLdDop5SKXd5Qf5ysW+7XdTA=
			
--- a/vendor/github.com/Psiphon-Labs/utls/u_conn.go
+++ b/vendor/github.com/Psiphon-Labs/utls/u_conn.go
@@ -621,6 +621,18 @@ func (c *UConn) clientHandshake(ctx context.Context) (err error) {
 
				 		return err
			
 
				 	}
			
 
				 
			
 
				+	// If we are negotiating a protocol version that's lower than what we
			
 
				+	// support, check for the server downgrade canaries.
			
 
				+	// See RFC 8446, Section 4.1.3.
			
 
				+	maxVers := c.config.maxSupportedVersion(roleClient)
			
 
				+	tls12Downgrade := string(serverHello.random[24:]) == downgradeCanaryTLS12
			
 
				+	tls11Downgrade := string(serverHello.random[24:]) == downgradeCanaryTLS11
			
 
				+	if maxVers == VersionTLS13 && c.vers <= VersionTLS12 && (tls12Downgrade || tls11Downgrade) ||
			
 
				+		maxVers == VersionTLS12 && c.vers <= VersionTLS11 && tls11Downgrade {
			
 
				+		c.sendAlert(alertIllegalParameter)
			
 
				+		return errors.New("tls: downgrade attempt detected, possibly due to a MitM attack or a broken middlebox")
			
 
				+	}
			
 
				+
			
 
				 	// uTLS: do not create new handshakeState, use existing one
			
 
				 	if c.vers == VersionTLS13 {
			
 
				 		hs13 := c.HandshakeState.toPrivate13()
			
--- a/vendor/modules.txt
+++ b/vendor/modules.txt
@@ -57,7 +57,7 @@ github.com/Psiphon-Labs/quic-go/internal/utils/ringbuffer
 
				 github.com/Psiphon-Labs/quic-go/internal/wire
			
 
				 github.com/Psiphon-Labs/quic-go/logging
			
 
				 github.com/Psiphon-Labs/quic-go/quicvarint
			
 
				-# github.com/Psiphon-Labs/utls v0.0.0-20250311210446-c1daf1ce55c1
			
 
				+# github.com/Psiphon-Labs/utls v0.0.0-20250429162420-6dbd45ae7ceb
			
 
				 ## explicit; go 1.23
			
 
				 github.com/Psiphon-Labs/utls
			
 
				 github.com/Psiphon-Labs/utls/byteorder