Removed tls-tris

README.md

@@ -160,7 +160,6 @@ Psiphon Tunnel Core uses:
 * [bifurcation/mint](https://github.com/bifurcation/mint)
 * [boltdb/bolt](https://github.com/boltdb/bolt)
 * [cheekybits/genny/generic](https://github.com/cheekybits/genny/generic)
-* [cloudflare/tls-tris](https://github.com/cloudflare/tls-tris)
 * [codahale/sss](https://github.com/codahale/sss)
 * [cognusion/go-cache-lru](https://github.com/cognusion/go-cache-lru)
 * [creack/goselect](https://github.com/creack/goselect)

go.mod

@@ -10,8 +10,8 @@ require (
 	github.com/Psiphon-Inc/rotate-safe-writer v0.0.0-20210303140923-464a7a37606e
 	github.com/Psiphon-Labs/bolt v0.0.0-20200624191537-23cedaef7ad7
 	github.com/Psiphon-Labs/goptlib v0.0.0-20200406165125-c0e32a7a3464
-	github.com/Psiphon-Labs/quic-go v0.0.0-20240130155801-3197a7943511
-	github.com/Psiphon-Labs/tls-tris v0.0.0-20230824155421-58bf6d336a9a
+	github.com/Psiphon-Labs/psiphon-tls v0.0.0-20240206031303-574af011ca51
+	github.com/Psiphon-Labs/quic-go v0.0.0-20240206031737-eae23f995bd7
 	github.com/armon/go-proxyproto v0.0.0-20180202201750-5b7edb60ff5f
 	github.com/bifurcation/mint v0.0.0-20180306135233-198357931e61
 	github.com/cheekybits/genny v0.0.0-20170328200008-9127e812e1e9
@@ -53,7 +53,6 @@ require (
 	filippo.io/keygen v0.0.0-20230306160926-5201437acf8e // indirect
 	github.com/AndreasBriese/bbloom v0.0.0-20170702084017-28f7e881ca57 // indirect
 	github.com/BurntSushi/toml v1.3.2 // indirect
-	github.com/Psiphon-Labs/psiphon-tls v0.0.0-20240129160049-e465a08acc16 // indirect
 	github.com/Psiphon-Labs/qtls-go1-20 v0.0.0-20231117202359-5544003bda6f // indirect
 	github.com/andybalholm/brotli v1.0.5 // indirect
 	github.com/davecgh/go-spew v1.1.1 // indirect

go.sum

@@ -13,14 +13,12 @@ github.com/Psiphon-Labs/bolt v0.0.0-20200624191537-23cedaef7ad7 h1:Hx/NCZTnvoKZu
 github.com/Psiphon-Labs/bolt v0.0.0-20200624191537-23cedaef7ad7/go.mod h1:alTtZBo3j4AWFvUrAH6F5ZaHcTj4G5Y01nHz8dkU6vU=
 github.com/Psiphon-Labs/goptlib v0.0.0-20200406165125-c0e32a7a3464 h1:VmnMMMheFXwLV0noxYhbJbLmkV4iaVW3xNnj6xcCNHo=
 github.com/Psiphon-Labs/goptlib v0.0.0-20200406165125-c0e32a7a3464/go.mod h1:Pe5BqN2DdIdChorAXl6bDaQd/wghpCleJfid2NoSli0=
-github.com/Psiphon-Labs/psiphon-tls v0.0.0-20240129160049-e465a08acc16 h1:/uzNbDLPVhmeTieLzcTVYQ9W2m88wcg5Zp3e1rwUfLg=
-github.com/Psiphon-Labs/psiphon-tls v0.0.0-20240129160049-e465a08acc16/go.mod h1:MzvOK7DlXAkfZ7wrgwQmBoBsbo22c9qaz2JYlEXwoTk=
+github.com/Psiphon-Labs/psiphon-tls v0.0.0-20240206031303-574af011ca51 h1:SiQ9M1g2fUWHVf0AgyssaiDFuzjX9s0vPbnUtCk+GJQ=
+github.com/Psiphon-Labs/psiphon-tls v0.0.0-20240206031303-574af011ca51/go.mod h1:MzvOK7DlXAkfZ7wrgwQmBoBsbo22c9qaz2JYlEXwoTk=
 github.com/Psiphon-Labs/qtls-go1-20 v0.0.0-20231117202359-5544003bda6f h1:x33cklt4AZ9K8a9EpmFLjIxjZwPXeWWb124OYstlTmA=
 github.com/Psiphon-Labs/qtls-go1-20 v0.0.0-20231117202359-5544003bda6f/go.mod h1:f6akxitY5DYvGtbI+LkDSvw0bctE75P63bX6nb0V+eg=
-github.com/Psiphon-Labs/quic-go v0.0.0-20240130155801-3197a7943511 h1:G9W0L5vPAUTe3q6WsfiPHWyOR77IPF1WQczrbcpFuvU=
-github.com/Psiphon-Labs/quic-go v0.0.0-20240130155801-3197a7943511/go.mod h1:r1tG/07t55w+vAQ+y4uYSNLWlkXAPYNknfLw/ketvOQ=
-github.com/Psiphon-Labs/tls-tris v0.0.0-20230824155421-58bf6d336a9a h1:BOfU6ghaMsT/c40sWHmf3PXNwIendYXzL6tRv6NbPog=
-github.com/Psiphon-Labs/tls-tris v0.0.0-20230824155421-58bf6d336a9a/go.mod h1:v3y9GXFo9Sf2mO6auD2ExGG7oDgrK8TI7eb49ZnUxrE=
+github.com/Psiphon-Labs/quic-go v0.0.0-20240206031737-eae23f995bd7 h1:PvrEqpGt2dVuC8AJkD4tmSjRRO61jNnKCgg5wsXrysA=
+github.com/Psiphon-Labs/quic-go v0.0.0-20240206031737-eae23f995bd7/go.mod h1:x+q9fpp7vneF9oQjBHkQS7W3jsLJqL3/X18psW4YdkY=
 github.com/andybalholm/brotli v1.0.5 h1:8uQZIdzKmjc/iuPu7O2ioW48L81FgatrcpfFmiq/cCs=
 github.com/andybalholm/brotli v1.0.5/go.mod h1:fO7iG3H7G2nSZ7m0zPUDn85XEX2GTukHGRSepvi9Eig=
 github.com/armon/go-proxyproto v0.0.0-20180202201750-5b7edb60ff5f h1:SaJ6yqg936TshyeFZqQE+N+9hYkIeL9AMr7S4voCl10=

psiphon/server/meek.go

@@ -23,7 +23,7 @@ import (
 	"bytes"
 	"context"
 	"crypto/rand"
-	"crypto/tls"
+	std_tls "crypto/tls"
 	"encoding/base64"
 	"encoding/hex"
 	"encoding/json"
@@ -39,6 +39,7 @@ import (
 	"sync/atomic"
 	"time"
 
+	tls "github.com/Psiphon-Labs/psiphon-tls"
 	"github.com/Psiphon-Labs/psiphon-tunnel-core/psiphon/common"
 	"github.com/Psiphon-Labs/psiphon-tunnel-core/psiphon/common/errors"
 	"github.com/Psiphon-Labs/psiphon-tunnel-core/psiphon/common/monotime"
@@ -48,7 +49,6 @@ import (
 	"github.com/Psiphon-Labs/psiphon-tunnel-core/psiphon/common/protocol"
 	"github.com/Psiphon-Labs/psiphon-tunnel-core/psiphon/common/transforms"
 	"github.com/Psiphon-Labs/psiphon-tunnel-core/psiphon/common/values"
-	tris "github.com/Psiphon-Labs/tls-tris"
 	lrucache "github.com/cognusion/go-cache-lru"
 	"github.com/juju/ratelimit"
 	"golang.org/x/crypto/nacl/box"
@@ -115,7 +115,8 @@ type MeekServer struct {
 	skipExtendedTurnAroundThreshold int
 	maxSessionStaleness             time.Duration
 	httpClientIOTimeout             time.Duration
-	tlsConfig                       *tris.Config
+	tlsConfig                       *tls.Config
+	tlsExtraConfig                  *tls.ExtraConfig
 	obfuscatorSeedHistory           *obfuscator.SeedHistory
 	clientHandler                   func(clientConn net.Conn, data *additionalTransportData)
 	openConns                       *common.Conns
@@ -232,12 +233,13 @@ func NewMeekServer(
 	}
 
 	if useTLS {
-		tlsConfig, err := meekServer.makeMeekTLSConfig(
+		tlsConfig, extraConfig, err := meekServer.makeMeekTLSConfig(
 			isFronted, useObfuscatedSessionTickets)
 		if err != nil {
 			return nil, errors.Trace(err)
 		}
 		meekServer.tlsConfig = tlsConfig
+		meekServer.tlsExtraConfig = extraConfig
 	}
 
 	if useHTTPNormalizer && protocol.TunnelProtocolUsesMeekHTTPNormalizer(listenerTunnelProtocol) {
@@ -306,7 +308,7 @@ func (server *MeekServer) Run() error {
 		},
 
 		// Disable auto HTTP/2 (https://golang.org/doc/go1.6)
-		TLSNextProto: make(map[string]func(*http.Server, *tls.Conn, http.Handler)),
+		TLSNextProto: make(map[string]func(*http.Server, *std_tls.Conn, http.Handler)),
 	}
 
 	// Note: Serve() will be interrupted by listener.Close() call
@@ -1219,31 +1221,32 @@ func (server *MeekServer) getMeekCookiePayload(
 // of the connection is non-circumvention; it's optimized for performance
 // assuming the peer is an uncensored CDN.
 func (server *MeekServer) makeMeekTLSConfig(
-	isFronted bool, useObfuscatedSessionTickets bool) (*tris.Config, error) {
+	isFronted bool, useObfuscatedSessionTickets bool) (*tls.Config, *tls.ExtraConfig, error) {
 
 	certificate, privateKey, err := common.GenerateWebServerCertificate(values.GetHostName())
 	if err != nil {
-		return nil, errors.Trace(err)
+		return nil, nil, errors.Trace(err)
 	}
 
-	tlsCertificate, err := tris.X509KeyPair(
+	tlsCertificate, err := tls.X509KeyPair(
 		[]byte(certificate), []byte(privateKey))
 	if err != nil {
-		return nil, errors.Trace(err)
+		return nil, nil, errors.Trace(err)
 	}
 
 	// Vary the minimum version to frustrate scanning/fingerprinting of unfronted servers.
 	// Limitation: like the certificate, this value changes on restart.
-	minVersionCandidates := []uint16{tris.VersionTLS10, tris.VersionTLS11, tris.VersionTLS12}
+	minVersionCandidates := []uint16{tls.VersionTLS10, tls.VersionTLS11, tls.VersionTLS12}
 	minVersion := minVersionCandidates[prng.Intn(len(minVersionCandidates))]
 
-	config := &tris.Config{
-		Certificates:            []tris.Certificate{tlsCertificate},
-		NextProtos:              []string{"http/1.1"},
-		MinVersion:              minVersion,
-		UseExtendedMasterSecret: true,
+	config := &tls.Config{
+		Certificates: []tls.Certificate{tlsCertificate},
+		NextProtos:   []string{"http/1.1"},
+		MinVersion:   minVersion,
 	}
 
+	extraConfig := &tls.ExtraConfig{}
+
 	if isFronted {
 		// This is a reordering of the supported CipherSuites in golang 1.6[*]. Non-ephemeral key
 		// CipherSuites greatly reduce server load, and we try to select these since the meek
@@ -1257,18 +1260,18 @@ func (server *MeekServer) makeMeekTLSConfig(
 		//
 		// [*] the list has since been updated, removing CipherSuites using RC4 and 3DES.
 		config.CipherSuites = []uint16{
-			tris.TLS_RSA_WITH_AES_128_GCM_SHA256,
-			tris.TLS_RSA_WITH_AES_256_GCM_SHA384,
-			tris.TLS_RSA_WITH_AES_128_CBC_SHA,
-			tris.TLS_RSA_WITH_AES_256_CBC_SHA,
-			tris.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
-			tris.TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
-			tris.TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
-			tris.TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
-			tris.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,
-			tris.TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
-			tris.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,
-			tris.TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
+			tls.TLS_RSA_WITH_AES_128_GCM_SHA256,
+			tls.TLS_RSA_WITH_AES_256_GCM_SHA384,
+			tls.TLS_RSA_WITH_AES_128_CBC_SHA,
+			tls.TLS_RSA_WITH_AES_256_CBC_SHA,
+			tls.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
+			tls.TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
+			tls.TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
+			tls.TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
+			tls.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,
+			tls.TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
+			tls.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,
+			tls.TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
 		}
 		config.PreferServerCipherSuites = true
 	}
@@ -1278,22 +1281,22 @@ func (server *MeekServer) makeMeekTLSConfig(
 		// See obfuscated session ticket overview
 		// in NewObfuscatedClientSessionState.
 
-		config.UseObfuscatedSessionTickets = true
+		extraConfig.UseObfuscatedSessionTickets = true
 
 		var obfuscatedSessionTicketKey [32]byte
 		key, err := hex.DecodeString(server.support.Config.MeekObfuscatedKey)
 		if err == nil && len(key) != 32 {
 			err = std_errors.New("invalid obfuscated session key length")
 		}
 		if err != nil {
-			return nil, errors.Trace(err)
+			return nil, nil, errors.Trace(err)
 		}
 		copy(obfuscatedSessionTicketKey[:], key)
 
 		var standardSessionTicketKey [32]byte
 		_, err = rand.Read(standardSessionTicketKey[:])
 		if err != nil {
-			return nil, errors.Trace(err)
+			return nil, nil, errors.Trace(err)
 		}
 
 		// Note: SessionTicketKey needs to be set, or else, it appears,
@@ -1318,9 +1321,9 @@ func (server *MeekServer) makeMeekTLSConfig(
 
 	if server.passthroughAddress != "" {
 
-		config.PassthroughAddress = server.passthroughAddress
+		extraConfig.PassthroughAddress = server.passthroughAddress
 
-		config.PassthroughVerifyMessage = func(
+		extraConfig.PassthroughVerifyMessage = func(
 			message []byte) bool {
 
 			return obfuscator.VerifyTLSPassthroughMessage(
@@ -1329,7 +1332,7 @@ func (server *MeekServer) makeMeekTLSConfig(
 				message)
 		}
 
-		config.PassthroughLogInvalidMessage = func(
+		extraConfig.PassthroughLogInvalidMessage = func(
 			clientIP string) {
 
 			logIrregularTunnel(
@@ -1341,7 +1344,7 @@ func (server *MeekServer) makeMeekTLSConfig(
 				nil)
 		}
 
-		config.PassthroughHistoryAddNew = func(
+		extraConfig.PassthroughHistoryAddNew = func(
 			clientIP string,
 			clientRandom []byte) bool {
 
@@ -1376,7 +1379,7 @@ func (server *MeekServer) makeMeekTLSConfig(
 		}
 	}
 
-	return config, nil
+	return config, extraConfig, nil
 }
 
 // makeMeekHTTPNormalizerListener returns the meek server listener wrapped in

psiphon/server/net.go

@@ -54,7 +54,7 @@ import (
 	"net"
 	"net/http"
 
-	tris "github.com/Psiphon-Labs/tls-tris"
+	tls "github.com/Psiphon-Labs/psiphon-tls"
 )
 
 // HTTPSServer is a wrapper around http.Server which adds the
@@ -71,9 +71,9 @@ type HTTPSServer struct {
 // shutdown. ListenAndServeTLS also requires the TLS cert and key to be in files
 // and we avoid that here.
 //
-// Note that the http.Server.TLSConfig field is ignored and the tris.Config
+// Note that the http.Server.TLSConfig field is ignored and the tls.Config
 // parameter is used intead.
-func (server *HTTPSServer) ServeTLS(listener net.Listener, config *tris.Config) error {
-	tlsListener := tris.NewListener(listener, config)
+func (server *HTTPSServer) ServeTLS(listener net.Listener, config *tls.Config) error {
+	tlsListener := tls.NewListener(listener, config, nil)
 	return server.Serve(tlsListener)
 }