bivashy/Blitz-Proxy
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Fix: simplify SNI fingerprint generation using OpenSSL only

Browse Source
This commit is contained in:
Whispering Wind
2025-04-11 13:44:23 +03:30
committed by GitHub
parent 7a89de8bbd
commit 44942e3b70
1 changed files with 15 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files

29
core/scripts/hysteria2/change_sni.sh
View File

@ -19,25 +19,26 @@ update_sni() {
openssl req -new -x509 -days 36500 -key ca.key -out ca.crt -subj "/CN=$sni" >/dev/null 2>&1 openssl req -new -x509 -days 36500 -key ca.key -out ca.crt -subj "/CN=$sni" >/dev/null 2>&1
chown hysteria:hysteria /etc/hysteria/ca.key /etc/hysteria/ca.crt chown hysteria:hysteria /etc/hysteria/ca.key /etc/hysteria/ca.crt
chmod 640 /etc/hysteria/ca.key /etc/hysteria/ca.crt chmod 640 /etc/hysteria/ca.key /etc/hysteria/ca.crt
fingerprint=$(openssl x509 -noout -fingerprint -sha256 -inform pem -in ca.crt | sed 's/.*=//;s/://g') sha256=$(openssl x509 -noout -fingerprint -sha256 -inform pem -in ca.crt | sed 's/.*=//;s///g')
sha256=$(python3 - <<EOF # sha256=$(python3 - <<EOF
import base64 # import base64
import binascii # import binascii
# Hexadecimal string # # Hexadecimal string
hex_string = "$fingerprint" # hex_string = "$fingerprint"
# Convert hex to binary # # Convert hex to binary
binary_data = binascii.unhexlify(hex_string) # binary_data = binascii.unhexlify(hex_string)
# Encode binary data to base64 # # Encode binary data to base64
base64_encoded = base64.b64encode(binary_data).decode('utf-8') # base64_encoded = base64.b64encode(binary_data).decode('utf-8')
# # Print the result prefixed with 'sha256/'
# print('sha256/' + base64_encoded)
# EOF
# )
# Print the result prefixed with 'sha256/'
print('sha256/' + base64_encoded)
EOF
)
echo "SHA-256 fingerprint generated: $sha256" echo "SHA-256 fingerprint generated: $sha256"
if [ -f "$CONFIG_FILE" ]; then if [ -f "$CONFIG_FILE" ]; then