Merge pull request #312 from cbeuw/renovate/github.com-refraction-networking-utls-1.x

fix(deps): update module github.com/refraction-networking/utls to v1.8.0
Merge pull request #310 from cbeuw/utls-1.7.0
2025-07-22 10:03:39 +01:00 · 2025-07-22 08:50:24 +00:00 · 2025-06-08 18:21:55 +01:00 · 2025-06-08 18:19:58 +01:00 · 2025-06-08 18:19:57 +01:00 · 2025-06-08 18:19:48 +01:00
74 changed files with 694 additions and 790 deletions
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@ -7,11 +7,85 @@ jobs:
      matrix:
        os: [ ubuntu-latest, macos-latest, windows-latest ]
    steps:
-      - uses: actions/checkout@v2
-      - uses: actions/setup-go@v2
+      - uses: actions/checkout@v4
+      - uses: actions/setup-go@v5
        with:
-          go-version: '^1.15' # The Go version to download (if necessary) and use.
+          go-version: '^1.24' # The Go version to download (if necessary) and use.
      - run: go test -race -coverprofile coverage.txt -coverpkg ./... -covermode atomic ./...
-      - uses: codecov/codecov-action@v1
+      - uses: codecov/codecov-action@v4
        with:
-          file: coverage.txt
+          files: coverage.txt
+          token: ${{ secrets.CODECOV_TOKEN }}
+
+  compat-test:
+    runs-on: ubuntu-latest
+    strategy:
+      matrix:
+        encryption-method: [ plain, chacha20-poly1305 ]
+        num-conn: [ 0, 1, 4 ]
+    steps:
+      - uses: actions/checkout@v4
+      - uses: actions/setup-go@v5
+        with:
+          go-version: '^1.24'
+      - name: Build Cloak
+        run: make
+      - name: Create configs
+        run: |
+          mkdir config
+          cat << EOF > config/ckclient.json
+            {
+              "Transport": "direct",
+              "ProxyMethod": "iperf",
+              "EncryptionMethod": "${{ matrix.encryption-method }}",
+              "UID": "Q4GAXHVgnDLXsdTpw6bmoQ==",
+              "PublicKey": "4dae/bF43FKGq+QbCc5P/E/MPM5qQeGIArjmJEHiZxc=",
+              "ServerName": "cloudflare.com",
+              "BrowserSig": "firefox",
+              "NumConn": ${{ matrix.num-conn }}
+            }
+          EOF
+          cat << EOF > config/ckserver.json
+            {
+              "ProxyBook": {
+                "iperf": [
+                  "tcp",
+                  "127.0.0.1:5201"
+                ]
+              },
+              "BindAddr": [
+                ":8443"
+              ],
+              "BypassUID": [
+                "Q4GAXHVgnDLXsdTpw6bmoQ=="
+              ],
+              "RedirAddr": "cloudflare.com",
+              "PrivateKey": "AAaskZJRPIAbiuaRLHsvZPvE6gzOeSjg+ZRg1ENau0Y="
+            }
+          EOF
+      - name: Start iperf3 server
+        run: docker run -d --name iperf-server --network host ajoergensen/iperf3:latest --server
+      - name: Test new client against old server
+        run: |
+          docker run -d --name old-cloak-server --network host -v $PWD/config:/go/Cloak/config cbeuw/cloak:latest build/ck-server -c config/ckserver.json --verbosity debug
+          build/ck-client -c config/ckclient.json -s 127.0.0.1 -p 8443 --verbosity debug | tee new-cloak-client.log &
+          docker run --network host ajoergensen/iperf3:latest --client 127.0.0.1 -p 1984
+          docker stop old-cloak-server
+      - name: Test old client against new server
+        run: |
+          build/ck-server -c config/ckserver.json --verbosity debug | tee new-cloak-server.log &
+          docker run -d --name old-cloak-client --network host -v $PWD/config:/go/Cloak/config cbeuw/cloak:latest build/ck-client -c config/ckclient.json -s 127.0.0.1 -p 8443 --verbosity debug
+          docker run --network host ajoergensen/iperf3:latest --client 127.0.0.1 -p 1984
+          docker stop old-cloak-client
+      - name: Dump docker logs
+        if: always()
+        run: |
+          docker container logs iperf-server > iperf-server.log
+          docker container logs old-cloak-server > old-cloak-server.log
+          docker container logs old-cloak-client > old-cloak-client.log
+      - name: Upload logs
+        if: always()
+        uses: actions/upload-artifact@v4
+        with:
+          name: ${{ matrix.encryption-method }}-${{ matrix.num-conn }}-conn-logs
+          path: ./*.log
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@ -9,7 +9,7 @@ jobs:
  build:
    runs-on: ubuntu-latest
    steps:
-      - uses: actions/checkout@v2
+      - uses: actions/checkout@v4
      - name: Build
        run: |
          export PATH=${PATH}:`go env GOPATH`/bin
@ -19,4 +19,32 @@ jobs:
        with:
          files: release/*
        env:
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+
+  build-docker:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
+      - name: Docker meta
+        id: meta
+        uses: docker/metadata-action@v5
+        with:
+          images: |
+            cbeuw/cloak
+          tags: |
+            type=ref,event=branch
+            type=ref,event=pr
+            type=semver,pattern={{version}}
+            type=semver,pattern={{major}}.{{minor}}
+      - name: Login to Docker Hub
+        uses: docker/login-action@v3
+        with:
+          username: ${{ secrets.DOCKERHUB_USERNAME }}
+          password: ${{ secrets.DOCKERHUB_TOKEN }}
+      - name: Build and push
+        uses: docker/build-push-action@v6
+        with:
+          push: true
+          tags: ${{ steps.meta.outputs.tags }}
+          labels: ${{ steps.meta.outputs.labels }}
--- a/.gitignore
+++ b/.gitignore
@ -1,4 +1,6 @@
 corpus/
 suppressions/
 crashers/
-*.zip
+*.zip
+.idea/
+build/
--- a/5
+++ b/5
@ -0,0 +1,5 @@
+FROM golang:latest
+
+RUN git clone https://github.com/cbeuw/Cloak.git
+WORKDIR Cloak
+RUN make
--- a/README.md
+++ b/README.md
@ -3,25 +3,30 @@
 [![Go Report Card](https://goreportcard.com/badge/github.com/cbeuw/Cloak)](https://goreportcard.com/report/github.com/cbeuw/Cloak)
 [![Donate](https://img.shields.io/badge/Donate-PayPal-green.svg)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=SAUYKGSREP8GL&source=url)

-![logo](https://user-images.githubusercontent.com/7034308/96387206-3e214100-1198-11eb-8917-689d7c56e0cd.png)
+<p align="center">
+  <img src="https://user-images.githubusercontent.com/7034308/96387206-3e214100-1198-11eb-8917-689d7c56e0cd.png" />
+  <img src="https://user-images.githubusercontent.com/7034308/155593583-f22bcfe2-ac22-4afb-9288-1a0e8a791a0d.svg" />
+</p>

-![diagram](https://user-images.githubusercontent.com/7034308/65385852-7eab5280-dd2b-11e9-8887-db449b250e2a.png)
+<p align="center">
+  <img src="https://user-images.githubusercontent.com/7034308/155629720-54dd8758-ec98-4fed-b603-623f0ad83b6c.svg" />
+</p>

-Cloak is a [pluggable transport](https://www.ietf.org/proceedings/103/slides/slides-103-pearg-pt-slides-01) that works
-alongside traditional proxy tools like OpenVPN to evade deep-packet-inspection based censorship.
+Cloak is a [pluggable transport](https://datatracker.ietf.org/meeting/103/materials/slides-103-pearg-pt-slides-01) that enhances
+traditional proxy tools like OpenVPN to evade [sophisticated censorship](https://en.wikipedia.org/wiki/Deep_packet_inspection) and [data discrimination](https://en.wikipedia.org/wiki/Net_bias).

-Cloak is not a standalone proxy program. Rather, it works by masquerading proxy tool's traffic as normal web browsing
-traffic. In contrast to traditional tools which have very prominent traffic "fingerprints", it's very difficult to
-precisely target Cloak with little false positives. This increases the collateral damage to censorship actions as
+Cloak is not a standalone proxy program. Rather, it works by masquerading proxied traffic as normal web browsing
+activities. In contrast to traditional tools which have very prominent traffic fingerprints and can be blocked by simple filtering rules,
+it's very difficult to precisely target Cloak with little false positives. This increases the collateral damage to censorship actions as
 attempts to block Cloak could also damage services the censor state relies on.

-To a third party observer, a host running Cloak server is indistinguishable from an innocent web server. Both while
+To any third party observer, a host running Cloak server is indistinguishable from an innocent web server. Both while
 passively observing traffic flow to and from the server, as well as while actively probing the behaviours of a Cloak
 server. This is achieved through the use a series
-of [cryptographic stegnatography techniques](https://github.com/cbeuw/Cloak/wiki/Steganography-and-encryption).
+of [cryptographic steganography techniques](https://github.com/cbeuw/Cloak/wiki/Steganography-and-encryption).

-Since Cloak is transparent, it can be used in conjunction with any proxy software that tunnels traffic through TCP or
-UDP, such as Shadowsocks, OpenVPN and Tor. Multiple proxy servers can be running on the same server host machine and
+Cloak can be used in conjunction with any proxy program that tunnels traffic through TCP or
+UDP, such as Shadowsocks, OpenVPN and Tor. Multiple proxy servers can be running on the same server host and
 Cloak server will act as a reverse proxy, bridging clients with their desired proxy end.

 Cloak multiplexes traffic through multiple underlying TCP connections which reduces head-of-line blocking and eliminates
@ -31,9 +36,8 @@ Cloak provides multi-user support, allowing multiple clients to connect to the p
 default). It also provides traffic management features such as usage credit and bandwidth control. This allows a proxy
 server to serve multiple users even if the underlying proxy software wasn't designed for multiple users

-Cloak has two modes of [_Transport_](https://github.com/cbeuw/Cloak/wiki/CDN-mode): `direct` and `CDN`. Clients can
-either connect to the host running Cloak server directly, or it can instead connect to a CDN edge server, which may be
-used by many other websites as well, thus further increases the collateral damage to censorship.
+Cloak also supports tunneling through an intermediary CDN server such as Amazon Cloudfront. Such services are so widely used,
+attempts to disrupt traffic to them can lead to very high collateral damage for the censor.

 ## Quick Start

@ -133,15 +137,31 @@ random-like. **You may only leave it as `plain` if you are certain that your und
 encryption and authentication (via AEAD or similar techniques).**

 `ServerName` is the domain you want to make your ISP or firewall _think_ you are visiting. Ideally it should
-match `RedirAddr` in the server's configuration, a major site the censor allows, but it doesn't have to.
+match `RedirAddr` in the server's configuration, a major site the censor allows, but it doesn't have to. Use `random` to randomize the server name for every connection made.

-`AlternativeNames` is an array used alongside `ServerName` to shuffle between different ServerNames for every new connection
+`AlternativeNames` is an array used alongside `ServerName` to shuffle between different ServerNames for every new
+connection. **This may conflict with `CDN` Transport mode** if the CDN provider prohibits domain fronting and rejects
+the alternative domains.
+
+Example:
+
+```json
+{
+  "ServerName": "bing.com",
+  "AlternativeNames": ["cloudflare.com", "github.com"]
+}
+```

 `CDNOriginHost` is the domain name of the _origin_ server (i.e. the server running Cloak) under `CDN` mode. This only
 has effect when `Transport` is set to `CDN`. If unset, it will default to the remote hostname supplied via the
 commandline argument (in standalone mode), or by Shadowsocks (in plugin mode). After a TLS session is established with
-the CDN server, this domain name will be used in the HTTP request to ask the CDN server to establish a WebSocket
-connection with this host.
+the CDN server, this domain name will be used in the `Host` header of the HTTP request to ask the CDN server to
+establish a WebSocket connection with this host.
+
+`CDNWsUrlPath` is the url path used to build websocket request sent under `CDN` mode, and also only has effect
+when `Transport` is set to `CDN`. If unset, it will default to "/". This option is used to build the first line of the
+HTTP request after a TLS session is extablished. It's mainly for a Cloak server behind a reverse proxy, while only
+requests under specific url path are forwarded.

 `NumConn` is the amount of underlying TCP connections you want to use. The default of 4 should be appropriate for most
 people. Setting it too high will hinder the performance. Setting it to 0 will disable connection multiplexing and each
@ -149,7 +169,7 @@ TCP connection will spawn a separate short-lived session that will be closed aft
 behave like GoQuiet. This maybe useful for people with unstable connections.

 `BrowserSig` is the browser you want to **appear** to be using. It's not relevant to the browser you are actually using.
-Currently, `chrome` and `firefox` are supported.
+Currently, `chrome`, `firefox` and `safari` are supported.

 `KeepAlive` is the number of seconds to tell the OS to wait after no activity before sending TCP KeepAlive probes to the
 Cloak server. Zero or negative value disables it. Default is 0 (disabled). Warning: Enabling it might make your server
--- a/cmd/ck-client/ck-client.go
+++ b/cmd/ck-client/ck-client.go
@ -1,3 +1,4 @@
+//go:build go1.11
 // +build go1.11

 package main
@ -7,10 +8,11 @@ import (
 	"encoding/binary"
 	"flag"
 	"fmt"
-	"github.com/cbeuw/Cloak/internal/common"
 	"net"
 	"os"

+	"github.com/cbeuw/Cloak/internal/common"
+
 	"github.com/cbeuw/Cloak/internal/client"
 	mux "github.com/cbeuw/Cloak/internal/multiplex"
 	log "github.com/sirupsen/logrus"
--- a/cmd/ck-client/log.go
+++ b/cmd/ck-client/log.go
@ -1,3 +1,4 @@
+//go:build !android
 // +build !android

 package main
--- a/cmd/ck-client/log_android.go
+++ b/cmd/ck-client/log_android.go
@ -2,6 +2,7 @@
 // Use of this source code is governed by a BSD-style
 // license that can be found in the LICENSE file.

+//go:build android
 // +build android

 package main
@ -28,9 +29,10 @@ import "C"

 import (
 	"bufio"
-	log "github.com/sirupsen/logrus"
 	"os"
 	"unsafe"
+
+	log "github.com/sirupsen/logrus"
 )

 var (
--- a/cmd/ck-client/protector.go
+++ b/cmd/ck-client/protector.go
@ -1,3 +1,4 @@
+//go:build !android
 // +build !android

 package main
--- a/cmd/ck-client/protector_android.go
+++ b/cmd/ck-client/protector_android.go
@ -1,3 +1,4 @@
+//go:build android
 // +build android

 package main
@ -65,8 +66,9 @@ void set_timeout(int sock) {
 import "C"

 import (
-	log "github.com/sirupsen/logrus"
 	"syscall"
+
+	log "github.com/sirupsen/logrus"
 )

 // In Android, once an app starts the VpnService, all outgoing traffic are routed by the system
--- a/cmd/ck-server/ck-server.go
+++ b/cmd/ck-server/ck-server.go
@ -3,15 +3,16 @@ package main
 import (
 	"flag"
 	"fmt"
-	"github.com/cbeuw/Cloak/internal/common"
-	"github.com/cbeuw/Cloak/internal/server"
-	log "github.com/sirupsen/logrus"
 	"net"
 	"net/http"
 	_ "net/http/pprof"
 	"os"
 	"runtime"
 	"strings"
+
+	"github.com/cbeuw/Cloak/internal/common"
+	"github.com/cbeuw/Cloak/internal/server"
+	log "github.com/sirupsen/logrus"
 )

 var version string
--- a/cmd/ck-server/ck-server_test.go
+++ b/cmd/ck-server/ck-server_test.go
@ -1,9 +1,10 @@
 package main

 import (
-	"github.com/stretchr/testify/assert"
 	"net"
 	"testing"
+
+	"github.com/stretchr/testify/assert"
 )

 func TestParseBindAddr(t *testing.T) {
--- a/cmd/ck-server/keygen.go
+++ b/cmd/ck-server/keygen.go
@ -3,6 +3,7 @@ package main
 import (
 	"crypto/rand"
 	"encoding/base64"
+
 	"github.com/cbeuw/Cloak/internal/common"
 	"github.com/cbeuw/Cloak/internal/ecdh"
 )
--- a/codecov.yaml
+++ b/codecov.yaml
@ -1,5 +1,4 @@
 coverage:
  status:
-    project:
-      default:
-        threshold: 1%
+    project: off
+    patch: off
--- a/go.mod
+++ b/go.mod
@ -1,24 +1,30 @@
 module github.com/cbeuw/Cloak

-go 1.14
+go 1.24.0
+
+toolchain go1.24.2

 require (
-	github.com/cbeuw/connutil v0.0.0-20200411160121-c5a5c4a9de14
-	github.com/dvyukov/go-fuzz v0.0.0-20201003075337-90825f39c90b // indirect
-	github.com/elazarl/go-bindata-assetfs v1.0.1 // indirect
-	github.com/gorilla/mux v1.7.3
-	github.com/gorilla/websocket v1.4.1
-	github.com/juju/ratelimit v1.0.1
-	github.com/konsorten/go-windows-terminal-sequences v1.0.2 // indirect
-	github.com/kr/pretty v0.1.0 // indirect
-	github.com/mitchellh/gox v1.0.1 // indirect
-	github.com/refraction-networking/utls v0.0.0-20190909200633-43c36d3c1f57
-	github.com/sirupsen/logrus v1.5.0
-	github.com/stephens2424/writerset v1.0.2 // indirect
-	github.com/stretchr/testify v1.6.1
-	go.etcd.io/bbolt v1.3.4
-	golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9
-	golang.org/x/sys v0.0.0-20200413165638-669c56c373c4 // indirect
-	golang.org/x/tools v0.0.0-20201015182029-a5d9e455e9c4 // indirect
-	gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127 // indirect
+	github.com/cbeuw/connutil v0.0.0-20200411215123-966bfaa51ee3
+	github.com/gorilla/mux v1.8.1
+	github.com/gorilla/websocket v1.5.3
+	github.com/juju/ratelimit v1.0.2
+	github.com/refraction-networking/utls v1.8.0
+	github.com/sirupsen/logrus v1.9.3
+	github.com/stretchr/testify v1.10.0
+	go.etcd.io/bbolt v1.4.0
+	golang.org/x/crypto v0.37.0
+)
+
+require (
+	github.com/andybalholm/brotli v1.1.1 // indirect
+	github.com/cloudflare/circl v1.6.1 // indirect
+	github.com/davecgh/go-spew v1.1.1 // indirect
+	github.com/klauspost/compress v1.18.0 // indirect
+	github.com/kr/pretty v0.3.1 // indirect
+	github.com/pmezard/go-difflib v1.0.0 // indirect
+	github.com/rogpeppe/go-internal v1.14.1 // indirect
+	golang.org/x/sys v0.32.0 // indirect
+	gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c // indirect
+	gopkg.in/yaml.v3 v3.0.1 // indirect
 )
--- a/go.sum
+++ b/go.sum
@ -1,85 +1,61 @@
-github.com/Julusian/godocdown v0.0.0-20170816220326-6d19f8ff2df8/go.mod h1:INZr5t32rG59/5xeltqoCJoNY7e5x/3xoY9WSWVWg74=
-github.com/cbeuw/connutil v0.0.0-20200411160121-c5a5c4a9de14 h1:bWJKlzTJR7C9DX0l1qhkTaP1lTEBWVDKhg8C/tNJqKg=
-github.com/cbeuw/connutil v0.0.0-20200411160121-c5a5c4a9de14/go.mod h1:6jR2SzckGv8hIIS9zWJ160mzGVVOYp4AXZMDtacL6LE=
+github.com/andybalholm/brotli v1.1.1 h1:PR2pgnyFznKEugtsUo0xLdDop5SKXd5Qf5ysW+7XdTA=
+github.com/andybalholm/brotli v1.1.1/go.mod h1:05ib4cKhjx3OQYUY22hTVd34Bc8upXjOLL2rKwwZBoA=
+github.com/cbeuw/connutil v0.0.0-20200411215123-966bfaa51ee3 h1:LRxW8pdmWmyhoNh+TxUjxsAinGtCsVGjsl3xg6zoRSs=
+github.com/cbeuw/connutil v0.0.0-20200411215123-966bfaa51ee3/go.mod h1:6jR2SzckGv8hIIS9zWJ160mzGVVOYp4AXZMDtacL6LE=
+github.com/cloudflare/circl v1.6.1 h1:zqIqSPIndyBh1bjLVVDHMPpVKqp8Su/V+6MeDzzQBQ0=
+github.com/cloudflare/circl v1.6.1/go.mod h1:uddAzsPgqdMAYatqJ0lsjX1oECcQLIlRpzZh3pJrofs=
+github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E=
 github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
 github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
 github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
-github.com/dvyukov/go-fuzz v0.0.0-20201003075337-90825f39c90b h1:CXfDl9Y3NKuhOSxF9kXhiLmuYCdufQDrLY2fO1BzqBU=
-github.com/dvyukov/go-fuzz v0.0.0-20201003075337-90825f39c90b/go.mod h1:11Gm+ccJnvAhCNLlf5+cS9KjtbaD5I5zaZpFMsTHWTw=
-github.com/elazarl/go-bindata-assetfs v1.0.1 h1:m0kkaHRKEu7tUIUFVwhGGGYClXvyl4RE03qmvRTNfbw=
-github.com/elazarl/go-bindata-assetfs v1.0.1/go.mod h1:v+YaWX3bdea5J/mo8dSETolEo7R71Vk1u8bnjau5yw4=
-github.com/gorilla/mux v1.7.3 h1:gnP5JzjVOuiZD07fKKToCAOjS0yOpj/qPETTXCCS6hw=
-github.com/gorilla/mux v1.7.3/go.mod h1:1lud6UwP+6orDFRuTfBEV8e9/aOM/c4fVVCaMa2zaAs=
-github.com/gorilla/websocket v1.4.1 h1:q7AeDBpnBk8AogcD4DSag/Ukw/KV+YhzLj2bP5HvKCM=
-github.com/gorilla/websocket v1.4.1/go.mod h1:YR8l580nyteQvAITg2hZ9XVh4b55+EU/adAjf1fMHhE=
-github.com/hashicorp/go-version v1.0.0 h1:21MVWPKDphxa7ineQQTrCU5brh7OuVVAzGOCnnCPtE8=
-github.com/hashicorp/go-version v1.0.0/go.mod h1:fltr4n8CU8Ke44wwGCBoEymUuxUHl09ZGVZPK5anwXA=
-github.com/juju/ratelimit v1.0.1 h1:+7AIFJVQ0EQgq/K9+0Krm7m530Du7tIz0METWzN0RgY=
-github.com/juju/ratelimit v1.0.1/go.mod h1:qapgC/Gy+xNh9UxzV13HGGl/6UXNN+ct+vwSgWNm/qk=
-github.com/konsorten/go-windows-terminal-sequences v1.0.1 h1:mweAR1A6xJ3oS2pRaGiHgQ4OO8tzTaLawm8vnODuwDk=
-github.com/konsorten/go-windows-terminal-sequences v1.0.1/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ=
-github.com/konsorten/go-windows-terminal-sequences v1.0.2 h1:DB17ag19krx9CFsz4o3enTrPXyIXCl+2iCXH/aMAp9s=
-github.com/konsorten/go-windows-terminal-sequences v1.0.2/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ=
-github.com/kr/pretty v0.1.0 h1:L/CwN0zerZDmRFUapSPitk6f+Q3+0za1rQkzVuMiMFI=
-github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo=
+github.com/gorilla/mux v1.8.1 h1:TuBL49tXwgrFYWhqrNgrUNEY92u81SPhu7sTdzQEiWY=
+github.com/gorilla/mux v1.8.1/go.mod h1:AKf9I4AEqPTmMytcMc0KkNouC66V3BtZ4qD5fmWSiMQ=
+github.com/gorilla/websocket v1.5.3 h1:saDtZ6Pbx/0u+bgYQ3q96pZgCzfhKXGPqt7kZ72aNNg=
+github.com/gorilla/websocket v1.5.3/go.mod h1:YR8l580nyteQvAITg2hZ9XVh4b55+EU/adAjf1fMHhE=
+github.com/juju/ratelimit v1.0.2 h1:sRxmtRiajbvrcLQT7S+JbqU0ntsb9W2yhSdNN8tWfaI=
+github.com/juju/ratelimit v1.0.2/go.mod h1:qapgC/Gy+xNh9UxzV13HGGl/6UXNN+ct+vwSgWNm/qk=
+github.com/klauspost/compress v1.18.0 h1:c/Cqfb0r+Yi+JtIEq73FWXVkRonBlf0CRNYc8Zttxdo=
+github.com/klauspost/compress v1.18.0/go.mod h1:2Pp+KzxcywXVXMr50+X0Q/Lsb43OQHYWRCY2AiWywWQ=
+github.com/kr/pretty v0.2.1/go.mod h1:ipq/a2n7PKx3OHsz4KJII5eveXtPO4qwEXGdVfWzfnI=
+github.com/kr/pretty v0.3.1 h1:flRD4NNwYAUpkphVc1HcthR4KEIFJ65n8Mw5qdRn3LE=
+github.com/kr/pretty v0.3.1/go.mod h1:hoEshYVHaxMs3cyo3Yncou5ZscifuDolrwPKZanG3xk=
 github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ=
-github.com/kr/text v0.1.0 h1:45sCR5RtlFHMR4UwH9sdQ5TC8v0qDQCHnXt+kaKSTVE=
 github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI=
-github.com/mitchellh/gox v1.0.1 h1:x0jD3dcHk9a9xPSDN6YEL4xL6Qz0dvNYm8yZqui5chI=
-github.com/mitchellh/gox v1.0.1/go.mod h1:ED6BioOGXMswlXa2zxfh/xdd5QhwYliBFn9V18Ap4z4=
-github.com/mitchellh/iochan v1.0.0 h1:C+X3KsSTLFVBr/tK1eYN/vs4rJcvsiLU338UhYPJWeY=
-github.com/mitchellh/iochan v1.0.0/go.mod h1:JwYml1nuB7xOzsp52dPpHFffvOCDupsG0QubkSMEySY=
+github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY=
+github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE=
+github.com/pkg/diff v0.0.0-20210226163009-20ebb0f2a09e/go.mod h1:pJLUxLENpZxwdsKMEsNbx1VGcRFpLqf3715MtcvvzbA=
 github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
 github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
-github.com/refraction-networking/utls v0.0.0-20190909200633-43c36d3c1f57 h1:SL1K0QAuC1b54KoY1pjPWe6kSlsFHwK9/oC960fKrTY=
-github.com/refraction-networking/utls v0.0.0-20190909200633-43c36d3c1f57/go.mod h1:tz9gX959MEFfFN5whTIocCLUG57WiILqtdVxI8c6Wj0=
-github.com/robertkrimen/godocdown v0.0.0-20130622164427-0bfa04905481/go.mod h1:C9WhFzY47SzYBIvzFqSvHIR6ROgDo4TtdTuRaOMjF/s=
-github.com/sirupsen/logrus v1.5.0 h1:1N5EYkVAPEywqZRJd7cwnRtCb6xJx7NH3T3WUTF980Q=
-github.com/sirupsen/logrus v1.5.0/go.mod h1:+F7Ogzej0PZc/94MaYx/nvG9jOFMD2osvC3s+Squfpo=
-github.com/stephens2424/writerset v1.0.2 h1:znRLgU6g8RS5euYRcy004XeE4W+Tu44kALzy7ghPif8=
-github.com/stephens2424/writerset v1.0.2/go.mod h1:aS2JhsMn6eA7e82oNmW4rfsgAOp9COBTTl8mzkwADnc=
+github.com/refraction-networking/utls v1.6.6 h1:igFsYBUJPYM8Rno9xUuDoM5GQrVEqY4llzEXOkL43Ig=
+github.com/refraction-networking/utls v1.6.6/go.mod h1:BC3O4vQzye5hqpmDTWUqi4P5DDhzJfkV1tdqtawQIH0=
+github.com/refraction-networking/utls v1.7.0/go.mod h1:lV0Gwc1/Fi+HYH8hOtgFRdHfKo4FKSn6+FdyOz9hRms=
+github.com/refraction-networking/utls v1.7.3 h1:L0WRhHY7Oq1T0zkdzVZMR6zWZv+sXbHB9zcuvsAEqCo=
+github.com/refraction-networking/utls v1.7.3/go.mod h1:TUhh27RHMGtQvjQq+RyO11P6ZNQNBb3N0v7wsEjKAIQ=
+github.com/refraction-networking/utls v1.8.0 h1:L38krhiTAyj9EeiQQa2sg+hYb4qwLCqdMcpZrRfbONE=
+github.com/refraction-networking/utls v1.8.0/go.mod h1:jkSOEkLqn+S/jtpEHPOsVv/4V4EVnelwbMQl4vCWXAM=
+github.com/rogpeppe/go-internal v1.9.0/go.mod h1:WtVeX8xhTBvf0smdhujwtBcq4Qrzq/fJaraNFVN+nFs=
+github.com/rogpeppe/go-internal v1.14.1 h1:UQB4HGPB6osV0SQTLymcB4TgvyWu6ZyliaW0tI/otEQ=
+github.com/rogpeppe/go-internal v1.14.1/go.mod h1:MaRKkUm5W0goXpeCfT7UZI6fk/L7L7so1lCWt35ZSgc=
+github.com/sirupsen/logrus v1.9.3 h1:dueUQJ1C2q9oE3F7wvmSGAaVtTmUizReu6fjN8uqzbQ=
+github.com/sirupsen/logrus v1.9.3/go.mod h1:naHLuLoDiP4jHNo9R0sCBMtWGeIprob74mVsIT4qYEQ=
 github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
-github.com/stretchr/testify v1.2.2 h1:bSDNvY7ZPG5RlJ8otE/7V6gMiyenm9RtJ7IUVIAoJ1w=
-github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs=
-github.com/stretchr/testify v1.3.0 h1:TivCn/peBQ7UY8ooIcPgZFpTNSz0Q2U6UrFlUfqbe0Q=
-github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI=
-github.com/stretchr/testify v1.6.1 h1:hDPOHmpOpP40lSULcqw7IrRb/u7w6RpDC9399XyoNd0=
-github.com/stretchr/testify v1.6.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
-github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74=
-go.etcd.io/bbolt v1.3.4 h1:hi1bXHMVrlQh6WwxAy+qZCV/SYIlqo+Ushwdpa4tAKg=
-go.etcd.io/bbolt v1.3.4/go.mod h1:G5EMThwa9y8QZGBClrRx5EY+Yw9kAhnjy3bSjsnlVTQ=
-golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
-golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
-golang.org/x/crypto v0.0.0-20200414173820-0848c9571904 h1:bXoxMPcSLOq08zI3/c5dEBT6lE4eh+jOh886GHrn6V8=
-golang.org/x/crypto v0.0.0-20200414173820-0848c9571904/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
-golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9 h1:psW17arqaxU48Z5kZ0CQnkZWQJsqcURM6tKiBApRjXI=
-golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
-golang.org/x/mod v0.3.0 h1:RM4zey1++hCTbCVQfnWeKs9/IEsaBLA8vTkd0WVtmH4=
-golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
-golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
-golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
-golang.org/x/net v0.0.0-20200822124328-c89045814202/go.mod h1:/O7V0waA8r7cgGh81Ro3o1hOxt32SMVPicZroKQ2sZA=
-golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
-golang.org/x/sync v0.0.0-20200625203802-6e8e738ad208/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
-golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
-golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/sys v0.0.0-20190422165155-953cdadca894 h1:Cz4ceDQGXuKRnVBDTS23GTn/pU5OE2C0WrNTOYK1Uuc=
-golang.org/x/sys v0.0.0-20190422165155-953cdadca894/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/sys v0.0.0-20200202164722-d101bd2416d5 h1:LfCXLvNmTYH9kEmVgqbnsWfruoXZIrh4YBgqVHtDvw0=
-golang.org/x/sys v0.0.0-20200202164722-d101bd2416d5/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/sys v0.0.0-20200323222414-85ca7c5b95cd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/sys v0.0.0-20200413165638-669c56c373c4 h1:opSr2sbRXk5X5/givKrrKj9HXxFpW2sdCiP8MJSKLQY=
-golang.org/x/sys v0.0.0-20200413165638-669c56c373c4/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
-golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
-golang.org/x/tools v0.0.0-20201015182029-a5d9e455e9c4 h1:rQWkJiVIyJ3PgiSHL+RXc8xbrK8duU6jG5eeZ9G7nk8=
-golang.org/x/tools v0.0.0-20201015182029-a5d9e455e9c4/go.mod h1:z6u4i615ZeAfBE4XtMziQW1fSVJXACjjbWkB/mvPzlU=
-golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
-golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
-golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1 h1:go1bK/D/BFZV2I8cIQd1NKEZ+0owSTG1fDTci4IqFcE=
-golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
+github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
+github.com/stretchr/testify v1.10.0 h1:Xv5erBjTwe/5IxqUQTdXv5kgmIvbHo3QQyRwhJsOfJA=
+github.com/stretchr/testify v1.10.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY=
+github.com/xyproto/randomstring v1.0.5 h1:YtlWPoRdgMu3NZtP45drfy1GKoojuR7hmRcnhZqKjWU=
+github.com/xyproto/randomstring v1.0.5/go.mod h1:rgmS5DeNXLivK7YprL0pY+lTuhNQW3iGxZ18UQApw/E=
+go.etcd.io/bbolt v1.4.0 h1:TU77id3TnN/zKr7CO/uk+fBCwF2jGcMuw2B/FMAzYIk=
+go.etcd.io/bbolt v1.4.0/go.mod h1:AsD+OCi/qPN1giOX1aiLAha3o1U8rAz65bvN4j0sRuk=
+golang.org/x/crypto v0.37.0 h1:kJNSjF/Xp7kU0iB2Z+9viTPMW4EqqsrywMXLJOOsXSE=
+golang.org/x/crypto v0.37.0/go.mod h1:vg+k43peMZ0pUMhYmVAWysMK35e6ioLh3wB8ZCAfbVc=
+golang.org/x/sync v0.10.0 h1:3NQrjDixjgGwUOCaF8w2+VYHv0Ve/vGYSbdkTa98gmQ=
+golang.org/x/sync v0.10.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk=
+golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.32.0 h1:s77OFDvIQeibCmezSnk/q6iAfkdiQaJi4VzroCFrN20=
+golang.org/x/sys v0.32.0/go.mod h1:BJP2sWEmIv4KK5OTEluFJCKSidICx8ciO85XgH3Ak8k=
 gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
-gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127 h1:qIbj1fsPNlZgppZ+VLlY7N33q108Sa+fhmuc+sWQYwY=
-gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
-gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c h1:dUUwHk2QECo/6vqA44rthZ8ie2QXMNeKRTHCNY2nXvo=
+gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk=
+gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c/go.mod h1:JHkPIbrfpd72SG/EVd6muEfDQjcINNoR0C8j2r3qZ4Q=
 gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
+gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=
+gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
--- a/internal/client/TLS.go
+++ b/internal/client/TLS.go
@ -1,10 +1,11 @@
 package client

 import (
-	"encoding/binary"
 	"github.com/cbeuw/Cloak/internal/common"
+	utls "github.com/refraction-networking/utls"
 	log "github.com/sirupsen/logrus"
 	"net"
+	"strings"
 )

 const appDataMaxLength = 16401
@ -13,59 +14,125 @@ type clientHelloFields struct {
 	random         []byte
 	sessionId      []byte
 	x25519KeyShare []byte
-	sni            []byte
+	serverName     string
 }

-type browser interface {
-	composeClientHello(clientHelloFields) []byte
-}
+type browser int

-func makeServerName(serverName string) []byte {
-	serverNameListLength := make([]byte, 2)
-	binary.BigEndian.PutUint16(serverNameListLength, uint16(len(serverName)+3))
-	serverNameType := []byte{0x00} // host_name
-	serverNameLength := make([]byte, 2)
-	binary.BigEndian.PutUint16(serverNameLength, uint16(len(serverName)))
-	ret := make([]byte, 2+1+2+len(serverName))
-	copy(ret[0:2], serverNameListLength)
-	copy(ret[2:3], serverNameType)
-	copy(ret[3:5], serverNameLength)
-	copy(ret[5:], serverName)
-	return ret
-}
-
-// addExtensionRecord, add type, length to extension data
-func addExtRec(typ []byte, data []byte) []byte {
-	length := make([]byte, 2)
-	binary.BigEndian.PutUint16(length, uint16(len(data)))
-	ret := make([]byte, 2+2+len(data))
-	copy(ret[0:2], typ)
-	copy(ret[2:4], length)
-	copy(ret[4:], data)
-	return ret
-}
-
-func genStegClientHello(ai authenticationPayload, serverName string) (ret clientHelloFields) {
-	// random is marshalled ephemeral pub key 32 bytes
-	// The authentication ciphertext and its tag are then distributed among SessionId and X25519KeyShare
-	ret.random = ai.randPubKey[:]
-	ret.sessionId = ai.ciphertextWithTag[0:32]
-	ret.x25519KeyShare = ai.ciphertextWithTag[32:64]
-	ret.sni = makeServerName(serverName)
-	return
-}
+const (
+	chrome = iota
+	firefox
+	safari
+)

 type DirectTLS struct {
 	*common.TLSConn
 	browser browser
 }

-// NewClientTransport handles the TLS handshake for a given conn and returns the sessionKey
+var topLevelDomains = []string{"com", "net", "org", "it", "fr", "me", "ru", "cn", "es", "tr", "top", "xyz", "info"}
+
+func randomServerName() string {
+	/*
+		Copyright: Proton AG
+		https://github.com/ProtonVPN/wireguard-go/commit/bcf344b39b213c1f32147851af0d2a8da9266883
+
+		Permission is hereby granted, free of charge, to any person obtaining a copy of
+		this software and associated documentation files (the "Software"), to deal in
+		the Software without restriction, including without limitation the rights to
+		use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies
+		of the Software, and to permit persons to whom the Software is furnished to do
+		so, subject to the following conditions:
+
+		The above copyright notice and this permission notice shall be included in all
+		copies or substantial portions of the Software.
+
+		THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+		IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+		FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+		AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+		LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+		OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+		SOFTWARE.
+	*/
+	charNum := int('z') - int('a') + 1
+	size := 3 + common.RandInt(10)
+	name := make([]byte, size)
+	for i := range name {
+		name[i] = byte(int('a') + common.RandInt(charNum))
+	}
+	return string(name) + "." + common.RandItem(topLevelDomains)
+}
+
+func buildClientHello(browser browser, fields clientHelloFields) ([]byte, error) {
+	// We don't use utls to handle connections (as it'll attempt a real TLS negotiation)
+	// We only want it to build the ClientHello locally
+	fakeConn := net.TCPConn{}
+	var helloID utls.ClientHelloID
+	switch browser {
+	case chrome:
+		helloID = utls.HelloChrome_Auto
+	case firefox:
+		helloID = utls.HelloFirefox_Auto
+	case safari:
+		helloID = utls.HelloSafari_Auto
+	}
+
+	uclient := utls.UClient(&fakeConn, &utls.Config{ServerName: fields.serverName}, helloID)
+	if err := uclient.BuildHandshakeState(); err != nil {
+		return []byte{}, err
+	}
+	if err := uclient.SetClientRandom(fields.random); err != nil {
+		return []byte{}, err
+	}
+
+	uclient.HandshakeState.Hello.SessionId = make([]byte, 32)
+	copy(uclient.HandshakeState.Hello.SessionId, fields.sessionId)
+
+	// Find the X25519 key share and overwrite it
+	var extIndex int
+	var keyShareIndex int
+	for i, ext := range uclient.Extensions {
+		ext, ok := ext.(*utls.KeyShareExtension)
+		if ok {
+			extIndex = i
+			for j, keyShare := range ext.KeyShares {
+				if keyShare.Group == utls.X25519 {
+					keyShareIndex = j
+				}
+			}
+		}
+	}
+	copy(uclient.Extensions[extIndex].(*utls.KeyShareExtension).KeyShares[keyShareIndex].Data, fields.x25519KeyShare)
+
+	if err := uclient.BuildHandshakeState(); err != nil {
+		return []byte{}, err
+	}
+	return uclient.HandshakeState.Hello.Raw, nil
+}
+
+// Handshake handles the TLS handshake for a given conn and returns the sessionKey
 // if the server proceed with Cloak authentication
 func (tls *DirectTLS) Handshake(rawConn net.Conn, authInfo AuthInfo) (sessionKey [32]byte, err error) {
 	payload, sharedSecret := makeAuthenticationPayload(authInfo)
-	chOnly := tls.browser.composeClientHello(genStegClientHello(payload, authInfo.MockDomain))
-	chWithRecordLayer := common.AddRecordLayer(chOnly, common.Handshake, common.VersionTLS11)
+
+	fields := clientHelloFields{
+		random:         payload.randPubKey[:],
+		sessionId:      payload.ciphertextWithTag[0:32],
+		x25519KeyShare: payload.ciphertextWithTag[32:64],
+		serverName:     authInfo.MockDomain,
+	}
+
+	if strings.EqualFold(fields.serverName, "random") {
+		fields.serverName = randomServerName()
+	}
+
+	var ch []byte
+	ch, err = buildClientHello(tls.browser, fields)
+	if err != nil {
+		return
+	}
+	chWithRecordLayer := common.AddRecordLayer(ch, common.Handshake, common.VersionTLS11)
 	_, err = rawConn.Write(chWithRecordLayer)
 	if err != nil {
 		return
--- a/internal/client/TLS_test.go
+++ b/internal/client/TLS_test.go
@ -1,38 +0,0 @@
-package client
-
-import (
-	"encoding/hex"
-	"github.com/stretchr/testify/assert"
-	"testing"
-)
-
-func htob(s string) []byte {
-	b, _ := hex.DecodeString(s)
-	return b
-}
-
-func TestMakeServerName(t *testing.T) {
-	type testingPair struct {
-		serverName string
-		target     []byte
-	}
-
-	pairs := []testingPair{
-		{
-			"www.google.com",
-			htob("001100000e7777772e676f6f676c652e636f6d"),
-		},
-		{
-			"www.gstatic.com",
-			htob("001200000f7777772e677374617469632e636f6d"),
-		},
-		{
-			"googleads.g.doubleclick.net",
-			htob("001e00001b676f6f676c656164732e672e646f75626c65636c69636b2e6e6574"),
-		},
-	}
-
-	for _, p := range pairs {
-		assert.Equal(t, p.target, makeServerName(p.serverName))
-	}
-}
--- a/internal/client/auth.go
+++ b/internal/client/auth.go
@ -2,6 +2,7 @@ package client

 import (
 	"encoding/binary"
+
 	"github.com/cbeuw/Cloak/internal/common"
 	"github.com/cbeuw/Cloak/internal/ecdh"
 	log "github.com/sirupsen/logrus"
--- a/internal/client/auth_test.go
+++ b/internal/client/auth_test.go
@ -2,11 +2,12 @@ package client

 import (
 	"bytes"
+	"testing"
+	"time"
+
 	"github.com/cbeuw/Cloak/internal/common"
 	"github.com/cbeuw/Cloak/internal/multiplex"
 	"github.com/stretchr/testify/assert"
-	"testing"
-	"time"
 )

 func TestMakeAuthenticationPayload(t *testing.T) {
--- a/internal/client/chrome.go
+++ b/internal/client/chrome.go
@ -1,103 +0,0 @@
-// Fingerprint of Chrome 85
-
-package client
-
-import (
-	"encoding/binary"
-	"encoding/hex"
-	"github.com/cbeuw/Cloak/internal/common"
-)
-
-type Chrome struct{}
-
-func makeGREASE() []byte {
-	// see https://tools.ietf.org/html/draft-davidben-tls-grease-01
-	// This is exclusive to Chrome.
-	var one [1]byte
-	common.CryptoRandRead(one[:])
-	sixteenth := one[0] % 16
-	monoGREASE := sixteenth*16 + 0xA
-	doubleGREASE := []byte{monoGREASE, monoGREASE}
-	return doubleGREASE
-}
-
-func (c *Chrome) composeExtensions(sni []byte, keyShare []byte) []byte {
-
-	makeSupportedGroups := func() []byte {
-		suppGroupListLen := []byte{0x00, 0x08}
-		ret := make([]byte, 2+8)
-		copy(ret[0:2], suppGroupListLen)
-		copy(ret[2:4], makeGREASE())
-		copy(ret[4:], []byte{0x00, 0x1d, 0x00, 0x17, 0x00, 0x18})
-		return ret
-	}
-
-	makeKeyShare := func(hidden []byte) []byte {
-		ret := make([]byte, 43)
-		ret[0], ret[1] = 0x00, 0x29 // length 41
-		copy(ret[2:4], makeGREASE())
-		ret[4], ret[5] = 0x00, 0x01 // length 1
-		ret[6] = 0x00
-		ret[7], ret[8] = 0x00, 0x1d  // group x25519
-		ret[9], ret[10] = 0x00, 0x20 // length 32
-		copy(ret[11:43], hidden)
-		return ret
-	}
-
-	// extension length is always 403, and server name length is variable
-
-	var ext [17][]byte
-	ext[0] = addExtRec(makeGREASE(), nil)                         // First GREASE
-	ext[1] = addExtRec([]byte{0x00, 0x00}, sni)                   // server name indication
-	ext[2] = addExtRec([]byte{0x00, 0x17}, nil)                   // extended_master_secret
-	ext[3] = addExtRec([]byte{0xff, 0x01}, []byte{0x00})          // renegotiation_info
-	ext[4] = addExtRec([]byte{0x00, 0x0a}, makeSupportedGroups()) // supported groups
-	ext[5] = addExtRec([]byte{0x00, 0x0b}, []byte{0x01, 0x00})    // ec point formats
-	ext[6] = addExtRec([]byte{0x00, 0x23}, nil)                   // Session tickets
-	APLN, _ := hex.DecodeString("000c02683208687474702f312e31")
-	ext[7] = addExtRec([]byte{0x00, 0x10}, APLN)                                 // app layer proto negotiation
-	ext[8] = addExtRec([]byte{0x00, 0x05}, []byte{0x01, 0x00, 0x00, 0x00, 0x00}) // status request
-	sigAlgo, _ := hex.DecodeString("001004030804040105030805050108060601")
-	ext[9] = addExtRec([]byte{0x00, 0x0d}, sigAlgo)                 // Signature Algorithms
-	ext[10] = addExtRec([]byte{0x00, 0x12}, nil)                    // signed cert timestamp
-	ext[11] = addExtRec([]byte{0x00, 0x33}, makeKeyShare(keyShare)) // key share
-	ext[12] = addExtRec([]byte{0x00, 0x2d}, []byte{0x01, 0x01})     // psk key exchange modes
-	suppVersions, _ := hex.DecodeString("0a9A9A0304030303020301")   // 9A9A needs to be a GREASE
-	copy(suppVersions[1:3], makeGREASE())
-	ext[13] = addExtRec([]byte{0x00, 0x2b}, suppVersions)             // supported versions
-	ext[14] = addExtRec([]byte{0x00, 0x1b}, []byte{0x02, 0x00, 0x02}) // compress certificate
-	ext[15] = addExtRec(makeGREASE(), []byte{0x00})                   // Last GREASE
-	// len(ext[1]) + 170 + len(ext[16]) = 403
-	// len(ext[16]) = 233 - len(ext[1])
-	// 2+2+len(padding) = 233 - len(ext[1])
-	// len(padding) = 229 - len(ext[1])
-	ext[16] = addExtRec([]byte{0x00, 0x15}, make([]byte, 229-len(ext[1]))) // padding
-	var ret []byte
-	for _, e := range ext {
-		ret = append(ret, e...)
-	}
-	return ret
-}
-
-func (c *Chrome) composeClientHello(hd clientHelloFields) (ch []byte) {
-	var clientHello [12][]byte
-	clientHello[0] = []byte{0x01}             // handshake type
-	clientHello[1] = []byte{0x00, 0x01, 0xfc} // length 508
-	clientHello[2] = []byte{0x03, 0x03}       // client version
-	clientHello[3] = hd.random                // random
-	clientHello[4] = []byte{0x20}             // session id length 32
-	clientHello[5] = hd.sessionId             // session id
-	clientHello[6] = []byte{0x00, 0x20}       // cipher suites length 34
-	cipherSuites, _ := hex.DecodeString("130113021303c02bc02fc02cc030cca9cca8c013c014009c009d002f0035")
-	clientHello[7] = append(makeGREASE(), cipherSuites...) // cipher suites
-	clientHello[8] = []byte{0x01}                          // compression methods length 1
-	clientHello[9] = []byte{0x00}                          // compression methods
-	clientHello[11] = c.composeExtensions(hd.sni, hd.x25519KeyShare)
-	clientHello[10] = []byte{0x00, 0x00} // extensions length 403
-	binary.BigEndian.PutUint16(clientHello[10], uint16(len(clientHello[11])))
-	var ret []byte
-	for _, c := range clientHello {
-		ret = append(ret, c...)
-	}
-	return ret
-}
--- a/internal/client/chrome_test.go
+++ b/internal/client/chrome_test.go
@ -1,48 +0,0 @@
-package client
-
-import (
-	"encoding/hex"
-	"testing"
-)
-
-func TestMakeGREASE(t *testing.T) {
-	a := hex.EncodeToString(makeGREASE())
-	if a[1] != 'a' || a[3] != 'a' {
-		t.Errorf("GREASE got %v", a)
-	}
-
-	var GREASEs []string
-	for i := 0; i < 50; i++ {
-		GREASEs = append(GREASEs, hex.EncodeToString(makeGREASE()))
-	}
-	var eqCount int
-	for _, g := range GREASEs {
-		if a == g {
-			eqCount++
-		}
-	}
-	if eqCount > 40 {
-		t.Error("GREASE is not random", GREASEs)
-	}
-}
-
-func TestComposeExtension(t *testing.T) {
-	serverName := "github.com"
-	keyShare, _ := hex.DecodeString("690f074f5c01756982269b66d58c90c47dc0f281d654c7b2c16f63c9033f5604")
-
-	sni := makeServerName(serverName)
-
-	result := (&Chrome{}).composeExtensions(sni, keyShare)
-	target, _ := hex.DecodeString("8a8a00000000000f000d00000a6769746875622e636f6d00170000ff01000100000a000a00088a8a001d00170018000b00020100002300000010000e000c02683208687474702f312e31000500050100000000000d0012001004030804040105030805050108060601001200000033002b00298a8a000100001d0020690f074f5c01756982269b66d58c90c47dc0f281d654c7b2c16f63c9033f5604002d00020101002b000b0a3a3a0304030303020301001b00030200024a4a000100001500d2000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000")
-	for p := 0; p < len(result); p++ {
-		if result[p] != target[p] {
-			if result[p]&0x0F == 0xA && target[p]&0x0F == 0xA &&
-				((p > 0 && result[p-1] == result[p] && target[p-1] == target[p]) ||
-					(p < len(result)-1 && result[p+1] == result[p] && target[p+1] == target[p])) {
-				continue
-			}
-			t.Errorf("inequality at %v", p)
-		}
-	}
-
-}
--- a/internal/client/connector.go
+++ b/internal/client/connector.go
@ -1,12 +1,13 @@
 package client

 import (
-	"github.com/cbeuw/Cloak/internal/common"
 	"net"
 	"sync"
 	"sync/atomic"
 	"time"

+	"github.com/cbeuw/Cloak/internal/common"
+
 	mux "github.com/cbeuw/Cloak/internal/multiplex"
 	log "github.com/sirupsen/logrus"
 )
@ -20,8 +21,10 @@ func MakeSession(connConfig RemoteConnConfig, authInfo AuthInfo, dialer common.D
 	var wg sync.WaitGroup
 	for i := 0; i < connConfig.NumConn; i++ {
 		wg.Add(1)
+		transportConfig := connConfig.Transport
 		go func() {
 		makeconn:
+			transportConn := transportConfig.CreateTransport()
 			remoteConn, err := dialer.Dial("tcp", connConfig.RemoteAddr)
 			if err != nil {
 				log.Errorf("Failed to establish new connections to remote: %v", err)
@ -30,12 +33,20 @@ func MakeSession(connConfig RemoteConnConfig, authInfo AuthInfo, dialer common.D
 				goto makeconn
 			}

-			transportConn := connConfig.TransportMaker()
 			sk, err := transportConn.Handshake(remoteConn, authInfo)
 			if err != nil {
-				transportConn.Close()
 				log.Errorf("Failed to prepare connection to remote: %v", err)
+				transportConn.Close()
+
+				// In Cloak v2.11.0, we've updated uTLS version and subsequently increased the first packet size for chrome above 1500
+				// https://github.com/cbeuw/Cloak/pull/306#issuecomment-2862728738. As a backwards compatibility feature, if we fail
+				// to connect using chrome signature, retry with firefox which has a smaller packet size.
+				if transportConfig.mode == "direct" && transportConfig.browser == chrome {
+					transportConfig.browser = firefox
+					log.Warnf("failed to connect with chrome signature, falling back to retry with firefox")
+				}
 				time.Sleep(time.Second * 3)
+
 				goto makeconn
 			}
 			// sessionKey given by each connection should be identical
--- a/internal/client/firefox.go
+++ b/internal/client/firefox.go
@ -1,77 +0,0 @@
-// Fingerprint of Firefox 68
-
-package client
-
-import (
-	"encoding/binary"
-	"encoding/hex"
-	"github.com/cbeuw/Cloak/internal/common"
-)
-
-type Firefox struct{}
-
-func (f *Firefox) composeExtensions(SNI []byte, keyShare []byte) []byte {
-	composeKeyShare := func(hidden []byte) []byte {
-		ret := make([]byte, 107)
-		ret[0], ret[1] = 0x00, 0x69 // length 105
-		ret[2], ret[3] = 0x00, 0x1d // group x25519
-		ret[4], ret[5] = 0x00, 0x20 // length 32
-		copy(ret[6:38], hidden)
-		ret[38], ret[39] = 0x00, 0x17 // group secp256r1
-		ret[40], ret[41] = 0x00, 0x41 // length 65
-		common.CryptoRandRead(ret[42:107])
-		return ret
-	}
-	// extension length is always 399, and server name length is variable
-	var ext [14][]byte
-	ext[0] = addExtRec([]byte{0x00, 0x00}, SNI)          // server name indication
-	ext[1] = addExtRec([]byte{0x00, 0x17}, nil)          // extended_master_secret
-	ext[2] = addExtRec([]byte{0xff, 0x01}, []byte{0x00}) // renegotiation_info
-	suppGroup, _ := hex.DecodeString("000c001d00170018001901000101")
-	ext[3] = addExtRec([]byte{0x00, 0x0a}, suppGroup)          // supported groups
-	ext[4] = addExtRec([]byte{0x00, 0x0b}, []byte{0x01, 0x00}) // ec point formats
-	ext[5] = addExtRec([]byte{0x00, 0x23}, []byte{})           // Session tickets
-	APLN, _ := hex.DecodeString("000c02683208687474702f312e31")
-	ext[6] = addExtRec([]byte{0x00, 0x10}, APLN)                                 // app layer proto negotiation
-	ext[7] = addExtRec([]byte{0x00, 0x05}, []byte{0x01, 0x00, 0x00, 0x00, 0x00}) // status request
-	ext[8] = addExtRec([]byte{0x00, 0x33}, composeKeyShare(keyShare))            // key share
-	suppVersions, _ := hex.DecodeString("080304030303020301")
-	ext[9] = addExtRec([]byte{0x00, 0x2b}, suppVersions) // supported versions
-	sigAlgo, _ := hex.DecodeString("001604030503060308040805080604010501060102030201")
-	ext[10] = addExtRec([]byte{0x00, 0x0d}, sigAlgo)            // Signature Algorithms
-	ext[11] = addExtRec([]byte{0x00, 0x2d}, []byte{0x01, 0x01}) // psk key exchange modes
-	ext[12] = addExtRec([]byte{0x00, 0x1c}, []byte{0x40, 0x01}) // record size limit
-	// len(ext[0]) + 237 + 4 + len(padding) = 399
-	// len(padding) = 158 - len(ext[0])
-	ext[13] = addExtRec([]byte{0x00, 0x15}, make([]byte, 163-len(SNI))) // padding
-	var ret []byte
-	for _, e := range ext {
-		ret = append(ret, e...)
-	}
-	return ret
-}
-
-func (f *Firefox) composeClientHello(hd clientHelloFields) (ch []byte) {
-	var clientHello [12][]byte
-	clientHello[0] = []byte{0x01}             // handshake type
-	clientHello[1] = []byte{0x00, 0x01, 0xfc} // length 508
-	clientHello[2] = []byte{0x03, 0x03}       // client version
-	clientHello[3] = hd.random                // random
-	clientHello[4] = []byte{0x20}             // session id length 32
-	clientHello[5] = hd.sessionId             // session id
-	clientHello[6] = []byte{0x00, 0x24}       // cipher suites length 36
-	cipherSuites, _ := hex.DecodeString("130113031302c02bc02fcca9cca8c02cc030c00ac009c013c01400330039002f0035000a")
-	clientHello[7] = cipherSuites // cipher suites
-	clientHello[8] = []byte{0x01} // compression methods length 1
-	clientHello[9] = []byte{0x00} // compression methods
-
-	clientHello[11] = f.composeExtensions(hd.sni, hd.x25519KeyShare)
-	clientHello[10] = []byte{0x00, 0x00} // extensions length
-	binary.BigEndian.PutUint16(clientHello[10], uint16(len(clientHello[11])))
-
-	var ret []byte
-	for _, c := range clientHello {
-		ret = append(ret, c...)
-	}
-	return ret
-}
--- a/internal/client/firefox_test.go
+++ b/internal/client/firefox_test.go
@ -1,20 +0,0 @@
-package client
-
-import (
-	"bytes"
-	"encoding/hex"
-	"testing"
-)
-
-func TestComposeExtensions(t *testing.T) {
-	target, _ := hex.DecodeString("000000170015000012636f6e73656e742e676f6f676c652e636f6d00170000ff01000100000a000e000c001d00170018001901000101000b00020100002300000010000e000c02683208687474702f312e310005000501000000000033006b0069001d00206075db0a43812b2e4e0f44157f04295b484ccfc6d70e577c1e6113aa18e088270017004104948052ae52043e654641660ebbadb527c8280262e61f64b0f6f1794f32e1000865a49e4cbe2027c78e7180861e4336300815fa0f1b0091c4d788b97f809a47d3002b0009080304030303020301000d0018001604030503060308040805080604010501060102030201002d00020101001c000240010015008c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000")
-
-	serverName := "consent.google.com"
-	keyShare, _ := hex.DecodeString("6075db0a43812b2e4e0f44157f04295b484ccfc6d70e577c1e6113aa18e08827")
-	sni := makeServerName(serverName)
-	result := (&Firefox{}).composeExtensions(sni, keyShare)
-	// skip random secp256r1
-	if !bytes.Equal(result[:137], target[:137]) || !bytes.Equal(result[202:], target[202:]) {
-		t.Errorf("got %x", result)
-	}
-}
--- a/internal/client/piper.go
+++ b/internal/client/piper.go
@ -1,12 +1,13 @@
 package client

 import (
-	"github.com/cbeuw/Cloak/internal/common"
 	"io"
 	"net"
 	"sync"
 	"time"

+	"github.com/cbeuw/Cloak/internal/common"
+
 	mux "github.com/cbeuw/Cloak/internal/multiplex"
 	log "github.com/sirupsen/logrus"
 )
--- a/internal/client/state.go
+++ b/internal/client/state.go
@ -4,13 +4,14 @@ import (
 	"crypto"
 	"encoding/json"
 	"fmt"
-	"github.com/cbeuw/Cloak/internal/common"
-	log "github.com/sirupsen/logrus"
 	"io/ioutil"
 	"net"
 	"strings"
 	"time"

+	"github.com/cbeuw/Cloak/internal/common"
+	log "github.com/sirupsen/logrus"
+
 	"github.com/cbeuw/Cloak/internal/ecdh"
 	mux "github.com/cbeuw/Cloak/internal/multiplex"
 )
@ -36,16 +37,17 @@ type RawConfig struct {
 	BrowserSig    string // nullable
 	Transport     string // nullable
 	CDNOriginHost string // nullable
+	CDNWsUrlPath  string // nullable
 	StreamTimeout int    // nullable
 	KeepAlive     int    // nullable
 }

 type RemoteConnConfig struct {
-	Singleplex     bool
-	NumConn        int
-	KeepAlive      time.Duration
-	RemoteAddr     string
-	TransportMaker func() Transport
+	Singleplex bool
+	NumConn    int
+	KeepAlive  time.Duration
+	RemoteAddr string
+	Transport  TransportConfig
 }

 type LocalConnConfig struct {
@ -154,6 +156,15 @@ func (raw *RawConfig) ProcessRawConfig(worldState common.WorldState) (local Loca
 		return nullErr("ServerName")
 	}
 	auth.MockDomain = raw.ServerName
+
+	var filteredAlternativeNames []string
+	for _, alternativeName := range raw.AlternativeNames {
+		if len(alternativeName) > 0 {
+			filteredAlternativeNames = append(filteredAlternativeNames, alternativeName)
+		}
+	}
+	raw.AlternativeNames = filteredAlternativeNames
+
 	local.MockDomainList = raw.AlternativeNames
 	local.MockDomainList = append(local.MockDomainList, auth.MockDomain)
 	if raw.ProxyMethod == "" {
@ -215,11 +226,13 @@ func (raw *RawConfig) ProcessRawConfig(worldState common.WorldState) (local Loca
 		} else {
 			cdnDomainPort = net.JoinHostPort(raw.CDNOriginHost, raw.RemotePort)
 		}
+		if raw.CDNWsUrlPath == "" {
+			raw.CDNWsUrlPath = "/"
+		}

-		remote.TransportMaker = func() Transport {
-			return &WSOverTLS{
-				cdnDomainPort: cdnDomainPort,
-			}
+		remote.Transport = TransportConfig{
+			mode:  "cdn",
+			wsUrl: "ws://" + cdnDomainPort + raw.CDNWsUrlPath,
 		}
 	case "direct":
 		fallthrough
@ -227,16 +240,17 @@ func (raw *RawConfig) ProcessRawConfig(worldState common.WorldState) (local Loca
 		var browser browser
 		switch strings.ToLower(raw.BrowserSig) {
 		case "firefox":
-			browser = &Firefox{}
+			browser = firefox
+		case "safari":
+			browser = safari
 		case "chrome":
 			fallthrough
 		default:
-			browser = &Chrome{}
+			browser = chrome
 		}
-		remote.TransportMaker = func() Transport {
-			return &DirectTLS{
-				browser: browser,
-			}
+		remote.Transport = TransportConfig{
+			mode:    "direct",
+			browser: browser,
 		}
 	}

--- a/internal/client/state_test.go
+++ b/internal/client/state_test.go
@ -1,9 +1,10 @@
 package client

 import (
-	"github.com/stretchr/testify/assert"
 	"io/ioutil"
 	"testing"
+
+	"github.com/stretchr/testify/assert"
 )

 func TestParseConfig(t *testing.T) {
--- a/internal/client/transport.go
+++ b/internal/client/transport.go
@ -8,3 +8,26 @@ type Transport interface {
 	Handshake(rawConn net.Conn, authInfo AuthInfo) (sessionKey [32]byte, err error)
 	net.Conn
 }
+
+type TransportConfig struct {
+	mode string
+
+	wsUrl string
+
+	browser browser
+}
+
+func (t TransportConfig) CreateTransport() Transport {
+	switch t.mode {
+	case "cdn":
+		return &WSOverTLS{
+			wsUrl: t.wsUrl,
+		}
+	case "direct":
+		return &DirectTLS{
+			browser: t.browser,
+		}
+	default:
+		return nil
+	}
+}
--- a/internal/client/websocket.go
+++ b/internal/client/websocket.go
@ -4,17 +4,18 @@ import (
 	"encoding/base64"
 	"errors"
 	"fmt"
-	"github.com/cbeuw/Cloak/internal/common"
-	"github.com/gorilla/websocket"
-	utls "github.com/refraction-networking/utls"
 	"net"
 	"net/http"
 	"net/url"
+
+	"github.com/cbeuw/Cloak/internal/common"
+	"github.com/gorilla/websocket"
+	utls "github.com/refraction-networking/utls"
 )

 type WSOverTLS struct {
 	*common.WebSocketConn
-	cdnDomainPort string
+	wsUrl string
 }

 func (ws *WSOverTLS) Handshake(rawConn net.Conn, authInfo AuthInfo) (sessionKey [32]byte, err error) {
@ -23,12 +24,24 @@ func (ws *WSOverTLS) Handshake(rawConn net.Conn, authInfo AuthInfo) (sessionKey
 		InsecureSkipVerify: true,
 	}
 	uconn := utls.UClient(rawConn, utlsConfig, utls.HelloChrome_Auto)
+	err = uconn.BuildHandshakeState()
+	if err != nil {
+		return
+	}
+	for i, extension := range uconn.Extensions {
+		_, ok := extension.(*utls.ALPNExtension)
+		if ok {
+			uconn.Extensions = append(uconn.Extensions[:i], uconn.Extensions[i+1:]...)
+			break
+		}
+	}
+
 	err = uconn.Handshake()
 	if err != nil {
 		return
 	}

-	u, err := url.Parse("ws://" + ws.cdnDomainPort)
+	u, err := url.Parse(ws.wsUrl)
 	if err != nil {
 		return sessionKey, fmt.Errorf("failed to parse ws url: %v", err)
 	}
--- a/internal/common/crypto.go
+++ b/internal/common/crypto.go
@ -6,6 +6,7 @@ import (
 	"crypto/rand"
 	"errors"
 	"io"
+	"math/big"
 	"time"

 	log "github.com/sirupsen/logrus"
@ -52,8 +53,8 @@ func CryptoRandRead(buf []byte) {
 	RandRead(rand.Reader, buf)
 }

-func RandRead(randSource io.Reader, buf []byte) {
-	_, err := randSource.Read(buf)
+func backoff(f func() error) {
+	err := f()
 	if err == nil {
 		return
 	}
@ -61,12 +62,36 @@ func RandRead(randSource io.Reader, buf []byte) {
 		100 * time.Millisecond, 300 * time.Millisecond, 500 * time.Millisecond, 1 * time.Second,
 		3 * time.Second, 5 * time.Second}
 	for i := 0; i < 10; i++ {
-		log.Errorf("Failed to get random bytes: %v. Retrying...", err)
-		_, err = randSource.Read(buf)
+		log.Errorf("Failed to get random: %v. Retrying...", err)
+		err = f()
 		if err == nil {
 			return
 		}
 		time.Sleep(waitDur[i])
 	}
-	log.Fatal("Cannot get random bytes after 10 retries")
+	log.Fatal("Cannot get random after 10 retries")
+}
+
+func RandRead(randSource io.Reader, buf []byte) {
+	backoff(func() error {
+		_, err := randSource.Read(buf)
+		return err
+	})
+}
+
+func RandItem[T any](list []T) T {
+	return list[RandInt(len(list))]
+}
+
+func RandInt(n int) int {
+	s := new(int)
+	backoff(func() error {
+		size, err := rand.Int(rand.Reader, big.NewInt(int64(n)))
+		if err != nil {
+			return err
+		}
+		*s = int(size.Int64())
+		return nil
+	})
+	return *s
 }
--- a/internal/common/crypto_test.go
+++ b/internal/common/crypto_test.go
@ -4,10 +4,11 @@ import (
 	"bytes"
 	"encoding/hex"
 	"errors"
-	"github.com/stretchr/testify/assert"
 	"io"
 	"math/rand"
 	"testing"
+
+	"github.com/stretchr/testify/assert"
 )

 const gcmTagSize = 16
--- a/internal/common/websocket.go
+++ b/internal/common/websocket.go
@ -2,10 +2,11 @@ package common

 import (
 	"errors"
-	"github.com/gorilla/websocket"
 	"io"
 	"sync"
 	"time"
+
+	"github.com/gorilla/websocket"
 )

 // WebSocketConn implements io.ReadWriteCloser
--- a/internal/multiplex/datagramBufferedPipe.go
+++ b/internal/multiplex/datagramBufferedPipe.go
@ -66,46 +66,6 @@ func (d *datagramBufferedPipe) Read(target []byte) (int, error) {
 	return dataLen, nil
 }

-func (d *datagramBufferedPipe) WriteTo(w io.Writer) (n int64, err error) {
-	d.rwCond.L.Lock()
-	defer d.rwCond.L.Unlock()
-	for {
-		if d.closed && len(d.pLens) == 0 {
-			return 0, io.EOF
-		}
-
-		hasRDeadline := !d.rDeadline.IsZero()
-		if hasRDeadline {
-			if time.Until(d.rDeadline) <= 0 {
-				return 0, ErrTimeout
-			}
-		}
-
-		if len(d.pLens) > 0 {
-			var dataLen int
-			dataLen, d.pLens = d.pLens[0], d.pLens[1:]
-			written, er := w.Write(d.buf.Next(dataLen))
-			n += int64(written)
-			if er != nil {
-				d.rwCond.Broadcast()
-				return n, er
-			}
-			d.rwCond.Broadcast()
-		} else {
-			if d.wtTimeout == 0 {
-				if hasRDeadline {
-					d.broadcastAfter(time.Until(d.rDeadline))
-				}
-			} else {
-				d.rDeadline = time.Now().Add(d.wtTimeout)
-				d.broadcastAfter(d.wtTimeout)
-			}
-
-			d.rwCond.Wait()
-		}
-	}
-}
-
 func (d *datagramBufferedPipe) Write(f *Frame) (toBeClosed bool, err error) {
 	d.rwCond.L.Lock()
 	defer d.rwCond.L.Unlock()
@ -151,14 +111,6 @@ func (d *datagramBufferedPipe) SetReadDeadline(t time.Time) {
 	d.rwCond.Broadcast()
 }

-func (d *datagramBufferedPipe) SetWriteToTimeout(t time.Duration) {
-	d.rwCond.L.Lock()
-	defer d.rwCond.L.Unlock()
-
-	d.wtTimeout = t
-	d.rwCond.Broadcast()
-}
-
 func (d *datagramBufferedPipe) broadcastAfter(t time.Duration) {
 	if d.timeoutTimer != nil {
 		d.timeoutTimer.Stop()
--- a/internal/multiplex/datagramBufferedPipe_test.go
+++ b/internal/multiplex/datagramBufferedPipe_test.go
@ -1,9 +1,10 @@
 package multiplex

 import (
-	"github.com/stretchr/testify/assert"
 	"testing"
 	"time"
+
+	"github.com/stretchr/testify/assert"
 )

 func TestDatagramBuffer_RW(t *testing.T) {
--- a/internal/multiplex/mux_test.go
+++ b/internal/multiplex/mux_test.go
@ -2,14 +2,15 @@ package multiplex

 import (
 	"bytes"
-	"github.com/cbeuw/Cloak/internal/common"
-	"github.com/cbeuw/connutil"
-	"github.com/stretchr/testify/assert"
 	"io"
 	"math/rand"
 	"net"
 	"sync"
 	"testing"
+
+	"github.com/cbeuw/Cloak/internal/common"
+	"github.com/cbeuw/connutil"
+	"github.com/stretchr/testify/assert"
 )

 func serveEcho(l net.Listener) {
--- a/internal/multiplex/obfs.go
+++ b/internal/multiplex/obfs.go
@ -3,6 +3,7 @@ package multiplex
 import (
 	"crypto/aes"
 	"crypto/cipher"
+	"crypto/rand"
 	"encoding/binary"
 	"errors"
 	"fmt"
@ -14,6 +15,14 @@ import (
 const frameHeaderLength = 14
 const salsa20NonceSize = 8

+// maxExtraLen equals the max length of padding + AEAD tag.
+// It is 255 bytes because the extra len field in frame header is only one byte.
+const maxExtraLen = 1<<8 - 1
+
+// padFirstNFrames specifies the number of initial frames to pad,
+// to avoid TLS-in-TLS detection
+const padFirstNFrames = 5
+
 const (
 	EncryptionMethodPlain = iota
 	EncryptionMethodAES256GCM
@ -26,8 +35,6 @@ type Obfuscator struct {
 	payloadCipher cipher.AEAD

 	sessionKey [32]byte
-
-	maxOverhead int
 }

 // obfuscate adds multiplexing headers, encrypt and add TLS header
@ -48,45 +55,34 @@ func (o *Obfuscator) obfuscate(f *Frame, buf []byte, payloadOffsetInBuf int) (in
 	// to be large enough that they may never happen in reasonable time frames. Of course, different sessions
 	// will produce the same combination of stream id and frame sequence, but they will have different session keys.
 	//
-	// Salsa20 is assumed to be given a unique nonce each time because we assume the tags produced by payloadCipher
-	// AEAD is unique each time, as payloadCipher itself is given a unique iv/nonce each time due to points made above.
-	// This is relatively a weak guarantee as we are assuming AEADs to produce different tags given different iv/nonces.
-	// This is almost certainly true but I cannot find a source that outright states this.
 	//
 	// Because the frame header, before it being encrypted, is fed into the AEAD, it is also authenticated.
 	// (rfc5116 s.2.1 "The nonce is authenticated internally to the algorithm").
 	//
 	// In case the user chooses to not encrypt the frame payload, payloadCipher will be nil. In this scenario,
-	// we pad the frame payload with random bytes until it reaches Salsa20's nonce size (8 bytes). Then we simply
-	// encrypt the frame header with the last 8 bytes of frame payload as nonce.
-	// If the payload provided by the user is greater than 8 bytes, then we use entirely the user input as nonce.
-	// We can't ensure its uniqueness ourselves, which is why plaintext mode must only be used when the user input
-	// is already random-like. For Cloak it would normally mean that the user is using a proxy protocol that sends
-	// encrypted data.
+	// we generate random bytes to be used as salsa20 nonce.
 	payloadLen := len(f.Payload)
 	if payloadLen == 0 {
 		return 0, errors.New("payload cannot be empty")
 	}
-	var extraLen int
-	if o.payloadCipher == nil {
-		extraLen = salsa20NonceSize - payloadLen
-		if extraLen < 0 {
-			// if our payload is already greater than 8 bytes
-			extraLen = 0
-		}
+	tagLen := 0
+	if o.payloadCipher != nil {
+		tagLen = o.payloadCipher.Overhead()
 	} else {
-		extraLen = o.payloadCipher.Overhead()
-		if extraLen < salsa20NonceSize {
-			return 0, errors.New("AEAD's Overhead cannot be fewer than 8 bytes")
-		}
+		tagLen = salsa20NonceSize
+	}
+	// Pad to avoid size side channel leak
+	padLen := 0
+	if f.Seq < padFirstNFrames {
+		padLen = common.RandInt(maxExtraLen - tagLen + 1)
 	}

-	usefulLen := frameHeaderLength + payloadLen + extraLen
+	usefulLen := frameHeaderLength + payloadLen + padLen + tagLen
 	if len(buf) < usefulLen {
 		return 0, errors.New("obfs buffer too small")
 	}
 	// we do as much in-place as possible to save allocation
-	payload := buf[frameHeaderLength : frameHeaderLength+payloadLen]
+	payload := buf[frameHeaderLength : frameHeaderLength+payloadLen+padLen]
 	if payloadOffsetInBuf != frameHeaderLength {
 		// if payload is not at the correct location in buffer
 		copy(payload, f.Payload)
@ -96,14 +92,15 @@ func (o *Obfuscator) obfuscate(f *Frame, buf []byte, payloadOffsetInBuf int) (in
 	binary.BigEndian.PutUint32(header[0:4], f.StreamID)
 	binary.BigEndian.PutUint64(header[4:12], f.Seq)
 	header[12] = f.Closing
-	header[13] = byte(extraLen)
+	header[13] = byte(padLen + tagLen)

-	if o.payloadCipher == nil {
-		if extraLen != 0 { // read nonce
-			extra := buf[usefulLen-extraLen : usefulLen]
-			common.CryptoRandRead(extra)
-		}
-	} else {
+	// Random bytes for padding and nonce
+	_, err := rand.Read(buf[frameHeaderLength+payloadLen : usefulLen])
+	if err != nil {
+		return 0, fmt.Errorf("failed to pad random: %w", err)
+	}
+
+	if o.payloadCipher != nil {
 		o.payloadCipher.Seal(payload[:0], header[:o.payloadCipher.NonceSize()], payload, nil)
 	}

@ -165,7 +162,6 @@ func MakeObfuscator(encryptionMethod byte, sessionKey [32]byte) (o Obfuscator, e
 	switch encryptionMethod {
 	case EncryptionMethodPlain:
 		o.payloadCipher = nil
-		o.maxOverhead = salsa20NonceSize
 	case EncryptionMethodAES256GCM:
 		var c cipher.Block
 		c, err = aes.NewCipher(sessionKey[:])
@ -176,7 +172,6 @@ func MakeObfuscator(encryptionMethod byte, sessionKey [32]byte) (o Obfuscator, e
 		if err != nil {
 			return
 		}
-		o.maxOverhead = o.payloadCipher.Overhead()
 	case EncryptionMethodAES128GCM:
 		var c cipher.Block
 		c, err = aes.NewCipher(sessionKey[:16])
@ -187,13 +182,11 @@ func MakeObfuscator(encryptionMethod byte, sessionKey [32]byte) (o Obfuscator, e
 		if err != nil {
 			return
 		}
-		o.maxOverhead = o.payloadCipher.Overhead()
 	case EncryptionMethodChaha20Poly1305:
 		o.payloadCipher, err = chacha20poly1305.New(sessionKey[:])
 		if err != nil {
 			return
 		}
-		o.maxOverhead = o.payloadCipher.Overhead()
 	default:
 		return o, fmt.Errorf("unknown encryption method valued %v", encryptionMethod)
 	}
--- a/internal/multiplex/obfs_test.go
+++ b/internal/multiplex/obfs_test.go
@ -3,12 +3,13 @@ package multiplex
 import (
 	"crypto/aes"
 	"crypto/cipher"
-	"github.com/stretchr/testify/assert"
-	"golang.org/x/crypto/chacha20poly1305"
 	"math/rand"
 	"reflect"
 	"testing"
 	"testing/quick"
+
+	"github.com/stretchr/testify/assert"
+	"golang.org/x/crypto/chacha20poly1305"
 )

 func TestGenerateObfs(t *testing.T) {
@ -84,7 +85,6 @@ func TestObfuscate(t *testing.T) {
 		o := Obfuscator{
 			payloadCipher: nil,
 			sessionKey:    sessionKey,
-			maxOverhead:   salsa20NonceSize,
 		}
 		runTest(t, o)
 	})
@ -97,7 +97,6 @@ func TestObfuscate(t *testing.T) {
 		o := Obfuscator{
 			payloadCipher: payloadCipher,
 			sessionKey:    sessionKey,
-			maxOverhead:   payloadCipher.Overhead(),
 		}
 		runTest(t, o)
 	})
@ -110,7 +109,6 @@ func TestObfuscate(t *testing.T) {
 		o := Obfuscator{
 			payloadCipher: payloadCipher,
 			sessionKey:    sessionKey,
-			maxOverhead:   payloadCipher.Overhead(),
 		}
 		runTest(t, o)
 	})
@ -121,7 +119,6 @@ func TestObfuscate(t *testing.T) {
 		o := Obfuscator{
 			payloadCipher: payloadCipher,
 			sessionKey:    sessionKey,
-			maxOverhead:   payloadCipher.Overhead(),
 		}
 		runTest(t, o)
 	})
@ -149,7 +146,6 @@ func BenchmarkObfs(b *testing.B) {
 		obfuscator := Obfuscator{
 			payloadCipher: payloadCipher,
 			sessionKey:    key,
-			maxOverhead:   payloadCipher.Overhead(),
 		}

 		b.SetBytes(int64(len(testFrame.Payload)))
@ -165,7 +161,6 @@ func BenchmarkObfs(b *testing.B) {
 		obfuscator := Obfuscator{
 			payloadCipher: payloadCipher,
 			sessionKey:    key,
-			maxOverhead:   payloadCipher.Overhead(),
 		}
 		b.SetBytes(int64(len(testFrame.Payload)))
 		b.ResetTimer()
@ -177,7 +172,6 @@ func BenchmarkObfs(b *testing.B) {
 		obfuscator := Obfuscator{
 			payloadCipher: nil,
 			sessionKey:    key,
-			maxOverhead:   salsa20NonceSize,
 		}
 		b.SetBytes(int64(len(testFrame.Payload)))
 		b.ResetTimer()
@ -191,7 +185,6 @@ func BenchmarkObfs(b *testing.B) {
 		obfuscator := Obfuscator{
 			payloadCipher: payloadCipher,
 			sessionKey:    key,
-			maxOverhead:   payloadCipher.Overhead(),
 		}
 		b.SetBytes(int64(len(testFrame.Payload)))
 		b.ResetTimer()
@ -221,7 +214,6 @@ func BenchmarkDeobfs(b *testing.B) {
 		obfuscator := Obfuscator{
 			payloadCipher: payloadCipher,
 			sessionKey:    key,
-			maxOverhead:   payloadCipher.Overhead(),
 		}

 		n, _ := obfuscator.obfuscate(testFrame, obfsBuf, 0)
@ -240,7 +232,6 @@ func BenchmarkDeobfs(b *testing.B) {
 		obfuscator := Obfuscator{
 			payloadCipher: payloadCipher,
 			sessionKey:    key,
-			maxOverhead:   payloadCipher.Overhead(),
 		}
 		n, _ := obfuscator.obfuscate(testFrame, obfsBuf, 0)

@ -255,7 +246,6 @@ func BenchmarkDeobfs(b *testing.B) {
 		obfuscator := Obfuscator{
 			payloadCipher: nil,
 			sessionKey:    key,
-			maxOverhead:   salsa20NonceSize,
 		}
 		n, _ := obfuscator.obfuscate(testFrame, obfsBuf, 0)

@ -270,9 +260,8 @@ func BenchmarkDeobfs(b *testing.B) {
 		payloadCipher, _ := chacha20poly1305.New(key[:])

 		obfuscator := Obfuscator{
-			payloadCipher: nil,
+			payloadCipher: payloadCipher,
 			sessionKey:    key,
-			maxOverhead:   payloadCipher.Overhead(),
 		}

 		n, _ := obfuscator.obfuscate(testFrame, obfsBuf, 0)
--- a/internal/multiplex/recvBuffer.go
+++ b/internal/multiplex/recvBuffer.go
@ -14,12 +14,8 @@ type recvBuffer interface {
 	// Instead, it should behave as if it hasn't been closed. Closure is only relevant
 	// when the buffer is empty.
 	io.ReadCloser
-	io.WriterTo
 	Write(*Frame) (toBeClosed bool, err error)
 	SetReadDeadline(time time.Time)
-	// SetWriteToTimeout sets the duration a recvBuffer waits in a WriteTo call when nothing
-	// has been written for a while. After that duration it should return ErrTimeout
-	SetWriteToTimeout(d time.Duration)
 }

 // size we want the amount of unread data in buffer to grow before recvBuffer.Write blocks.
--- a/internal/multiplex/session.go
+++ b/internal/multiplex/session.go
@ -3,12 +3,13 @@ package multiplex
 import (
 	"errors"
 	"fmt"
-	"github.com/cbeuw/Cloak/internal/common"
 	"net"
 	"sync"
 	"sync/atomic"
 	"time"

+	"github.com/cbeuw/Cloak/internal/common"
+
 	log "github.com/sirupsen/logrus"
 )

@ -107,7 +108,7 @@ func MakeSession(id uint32, config SessionConfig) *Session {
 		sesh.InactivityTimeout = defaultInactivityTimeout
 	}

-	sesh.maxStreamUnitWrite = sesh.MsgOnWireSizeLimit - frameHeaderLength - sesh.maxOverhead
+	sesh.maxStreamUnitWrite = sesh.MsgOnWireSizeLimit - frameHeaderLength - maxExtraLen
 	sesh.streamSendBufferSize = sesh.MsgOnWireSizeLimit
 	sesh.connReceiveBufferSize = 20480 // for backwards compatibility

@ -264,6 +265,7 @@ func (sesh *Session) recvDataFromRemote(data []byte) error {
 }

 func (sesh *Session) SetTerminalMsg(msg string) {
+	log.Debug("terminal message set to " + msg)
 	sesh.terminalMsgSetter.Do(func() {
 		sesh.terminalMsg = msg
 	})
--- a/internal/multiplex/session_fuzz.go
+++ b/internal/multiplex/session_fuzz.go
@ -1,3 +1,4 @@
+//go:build gofuzz
 // +build gofuzz

 package multiplex
--- a/internal/multiplex/session_test.go
+++ b/internal/multiplex/session_test.go
@ -2,8 +2,6 @@ package multiplex

 import (
 	"bytes"
-	"github.com/cbeuw/connutil"
-	"github.com/stretchr/testify/assert"
 	"io"
 	"io/ioutil"
 	"math/rand"
@ -13,6 +11,9 @@ import (
 	"sync/atomic"
 	"testing"
 	"time"
+
+	"github.com/cbeuw/connutil"
+	"github.com/stretchr/testify/assert"
 )

 var seshConfigs = map[string]SessionConfig{
@ -556,7 +557,7 @@ func BenchmarkRecvDataFromRemote(b *testing.B) {

 					go func() {
 						stream, _ := sesh.Accept()
-						stream.(*Stream).WriteTo(ioutil.Discard)
+						io.Copy(ioutil.Discard, stream)
 					}()

 					binaryFrames := [maxIter][]byte{}
--- a/internal/multiplex/stream.go
+++ b/internal/multiplex/stream.go
@ -6,9 +6,10 @@ import (
 	"net"
 	"time"

-	log "github.com/sirupsen/logrus"
 	"sync"
 	"sync/atomic"
+
+	log "github.com/sirupsen/logrus"
 )

 var ErrBrokenStream = errors.New("broken stream")
@ -95,17 +96,6 @@ func (s *Stream) Read(buf []byte) (n int, err error) {
 	return
 }

-// WriteTo continuously write data Stream has received into the writer w.
-func (s *Stream) WriteTo(w io.Writer) (int64, error) {
-	// will keep writing until the underlying buffer is closed
-	n, err := s.recvBuf.WriteTo(w)
-	log.Tracef("%v read from stream %v with err %v", n, s.id, err)
-	if err == io.EOF {
-		return n, ErrBrokenStream
-	}
-	return n, nil
-}
-
 func (s *Stream) obfuscateAndSend(buf []byte, payloadOffsetInBuf int) error {
 	cipherTextLen, err := s.session.obfuscate(&s.writingFrame, buf, payloadOffsetInBuf)
 	s.writingFrame.Seq++
@ -209,7 +199,6 @@ func (s *Stream) Close() error {
 func (s *Stream) LocalAddr() net.Addr  { return s.session.addrs.Load().([]net.Addr)[0] }
 func (s *Stream) RemoteAddr() net.Addr { return s.session.addrs.Load().([]net.Addr)[1] }

-func (s *Stream) SetWriteToTimeout(d time.Duration)  { s.recvBuf.SetWriteToTimeout(d) }
 func (s *Stream) SetReadDeadline(t time.Time) error  { s.recvBuf.SetReadDeadline(t); return nil }
 func (s *Stream) SetReadFromTimeout(d time.Duration) { s.readFromTimeout = d }

--- a/internal/multiplex/streamBuffer.go
+++ b/internal/multiplex/streamBuffer.go
@ -13,7 +13,6 @@ package multiplex
 import (
 	"container/heap"
 	"fmt"
-	"io"
 	"sync"
 	"time"
 )
@ -102,10 +101,6 @@ func (sb *streamBuffer) Read(buf []byte) (int, error) {
 	return sb.buf.Read(buf)
 }

-func (sb *streamBuffer) WriteTo(w io.Writer) (int64, error) {
-	return sb.buf.WriteTo(w)
-}
-
 func (sb *streamBuffer) Close() error {
 	sb.recvM.Lock()
 	defer sb.recvM.Unlock()
@ -113,5 +108,4 @@ func (sb *streamBuffer) Close() error {
 	return sb.buf.Close()
 }

-func (sb *streamBuffer) SetReadDeadline(t time.Time)       { sb.buf.SetReadDeadline(t) }
-func (sb *streamBuffer) SetWriteToTimeout(d time.Duration) { sb.buf.SetWriteToTimeout(d) }
+func (sb *streamBuffer) SetReadDeadline(t time.Time) { sb.buf.SetReadDeadline(t) }
--- a/internal/multiplex/streamBuffer_test.go
+++ b/internal/multiplex/streamBuffer_test.go
@ -3,6 +3,7 @@ package multiplex
 import (
 	"encoding/binary"
 	"io"
+
 	//"log"
 	"sort"
 	"testing"
--- a/internal/multiplex/streamBufferedPipe.go
+++ b/internal/multiplex/streamBufferedPipe.go
@ -58,43 +58,6 @@ func (p *streamBufferedPipe) Read(target []byte) (int, error) {
 	return n, err
 }

-func (p *streamBufferedPipe) WriteTo(w io.Writer) (n int64, err error) {
-	p.rwCond.L.Lock()
-	defer p.rwCond.L.Unlock()
-	for {
-		if p.closed && p.buf.Len() == 0 {
-			return 0, io.EOF
-		}
-
-		hasRDeadline := !p.rDeadline.IsZero()
-		if hasRDeadline {
-			if time.Until(p.rDeadline) <= 0 {
-				return 0, ErrTimeout
-			}
-		}
-		if p.buf.Len() > 0 {
-			written, er := p.buf.WriteTo(w)
-			n += written
-			if er != nil {
-				p.rwCond.Broadcast()
-				return n, er
-			}
-			p.rwCond.Broadcast()
-		} else {
-			if p.wtTimeout == 0 {
-				if hasRDeadline {
-					p.broadcastAfter(time.Until(p.rDeadline))
-				}
-			} else {
-				p.rDeadline = time.Now().Add(p.wtTimeout)
-				p.broadcastAfter(p.wtTimeout)
-			}
-
-			p.rwCond.Wait()
-		}
-	}
-}
-
 func (p *streamBufferedPipe) Write(input []byte) (int, error) {
 	p.rwCond.L.Lock()
 	defer p.rwCond.L.Unlock()
@ -131,14 +94,6 @@ func (p *streamBufferedPipe) SetReadDeadline(t time.Time) {
 	p.rwCond.Broadcast()
 }

-func (p *streamBufferedPipe) SetWriteToTimeout(d time.Duration) {
-	p.rwCond.L.Lock()
-	defer p.rwCond.L.Unlock()
-
-	p.wtTimeout = d
-	p.rwCond.Broadcast()
-}
-
 func (p *streamBufferedPipe) broadcastAfter(d time.Duration) {
 	if p.timeoutTimer != nil {
 		p.timeoutTimer.Stop()
--- a/internal/multiplex/streamBufferedPipe_test.go
+++ b/internal/multiplex/streamBufferedPipe_test.go
@ -1,10 +1,11 @@
 package multiplex

 import (
-	"github.com/stretchr/testify/assert"
 	"math/rand"
 	"testing"
 	"time"
+
+	"github.com/stretchr/testify/assert"
 )

 const readBlockTime = 500 * time.Millisecond
--- a/internal/multiplex/stream_test.go
+++ b/internal/multiplex/stream_test.go
@ -2,14 +2,14 @@ package multiplex

 import (
 	"bytes"
-	"github.com/cbeuw/Cloak/internal/common"
-	"github.com/stretchr/testify/assert"
 	"io"
-	"io/ioutil"
 	"math/rand"
 	"testing"
 	"time"

+	"github.com/cbeuw/Cloak/internal/common"
+	"github.com/stretchr/testify/assert"
+
 	"github.com/cbeuw/connutil"
 )

@ -363,31 +363,6 @@ func TestStream_Read(t *testing.T) {
 	}
 }

-func TestStream_SetWriteToTimeout(t *testing.T) {
-	seshes := map[string]*Session{
-		"ordered":   setupSesh(false, emptyKey, EncryptionMethodPlain),
-		"unordered": setupSesh(true, emptyKey, EncryptionMethodPlain),
-	}
-	for name, sesh := range seshes {
-		t.Run(name, func(t *testing.T) {
-			stream, _ := sesh.OpenStream()
-			stream.SetWriteToTimeout(100 * time.Millisecond)
-			done := make(chan struct{})
-			go func() {
-				stream.WriteTo(ioutil.Discard)
-				done <- struct{}{}
-			}()
-
-			select {
-			case <-done:
-				return
-			case <-time.After(500 * time.Millisecond):
-				t.Error("didn't timeout")
-			}
-		})
-	}
-}
-
 func TestStream_SetReadFromTimeout(t *testing.T) {
 	seshes := map[string]*Session{
 		"ordered":   setupSesh(false, emptyKey, EncryptionMethodPlain),
--- a/internal/multiplex/switchboard.go
+++ b/internal/multiplex/switchboard.go
@ -2,12 +2,12 @@ package multiplex

 import (
 	"errors"
+	"github.com/cbeuw/Cloak/internal/common"
 	log "github.com/sirupsen/logrus"
-	"math/rand"
+	"math/rand/v2"
 	"net"
 	"sync"
 	"sync/atomic"
-	"time"
 )

 type switchboardStrategy int
@ -38,19 +38,14 @@ type switchboard struct {
 }

 func makeSwitchboard(sesh *Session) *switchboard {
-	var strategy switchboardStrategy
-	if sesh.Unordered {
-		log.Debug("Connection is unordered")
-		strategy = uniformSpread
-	} else {
-		strategy = fixedConnMapping
-	}
 	sb := &switchboard{
 		session:  sesh,
-		strategy: strategy,
+		strategy: uniformSpread,
 		valve:    sesh.Valve,
 		randPool: sync.Pool{New: func() interface{} {
-			return rand.New(rand.NewSource(int64(time.Now().Nanosecond())))
+			var state [32]byte
+			common.CryptoRandRead(state[:])
+			return rand.New(rand.NewChaCha8(state))
 		}},
 	}
 	return sb
@ -59,8 +54,8 @@ func makeSwitchboard(sesh *Session) *switchboard {
 var errBrokenSwitchboard = errors.New("the switchboard is broken")

 func (sb *switchboard) addConn(conn net.Conn) {
-	atomic.AddUint32(&sb.connsCount, 1)
-	sb.conns.Store(conn, conn)
+	connId := atomic.AddUint32(&sb.connsCount, 1) - 1
+	sb.conns.Store(connId, conn)
 	go sb.deplex(conn)
 }

@ -85,6 +80,9 @@ func (sb *switchboard) send(data []byte, assignedConn *net.Conn) (n int, err err
 			return n, err
 		}
 	case fixedConnMapping:
+		// FIXME: this strategy has a tendency to cause a TLS conn socket buffer to fill up,
+		// which is a problem when multiple streams are mapped to the same conn, resulting
+		// in all such streams being blocked.
 		conn = *assignedConn
 		if conn == nil {
 			conn, err = sb.pickRandConn()
@ -109,7 +107,7 @@ func (sb *switchboard) send(data []byte, assignedConn *net.Conn) (n int, err err
 	return n, nil
 }

-// returns a random connId
+// returns a random conn. This function can be called concurrently.
 func (sb *switchboard) pickRandConn() (net.Conn, error) {
 	if atomic.LoadUint32(&sb.broken) == 1 {
 		return nil, errBrokenSwitchboard
@ -121,22 +119,15 @@ func (sb *switchboard) pickRandConn() (net.Conn, error) {
 	}

 	randReader := sb.randPool.Get().(*rand.Rand)
-
-	r := randReader.Intn(int(connsCount))
+	connId := randReader.Uint32N(connsCount)
 	sb.randPool.Put(randReader)

-	var c int
-	var ret net.Conn
-	sb.conns.Range(func(_, conn interface{}) bool {
-		if r == c {
-			ret = conn.(net.Conn)
-			return false
-		}
-		c++
-		return true
-	})
-
-	return ret, nil
+	ret, ok := sb.conns.Load(connId)
+	if !ok {
+		log.Errorf("failed to get conn %d", connId)
+		return nil, errBrokenSwitchboard
+	}
+	return ret.(net.Conn), nil
 }

 // actively triggered by session.Close()
@ -144,10 +135,10 @@ func (sb *switchboard) closeAll() {
 	if !atomic.CompareAndSwapUint32(&sb.broken, 0, 1) {
 		return
 	}
+	atomic.StoreUint32(&sb.connsCount, 0)
 	sb.conns.Range(func(_, conn interface{}) bool {
 		conn.(net.Conn).Close()
 		sb.conns.Delete(conn)
-		atomic.AddUint32(&sb.connsCount, ^uint32(0))
 		return true
 	})
 }
--- a/internal/multiplex/switchboard_test.go
+++ b/internal/multiplex/switchboard_test.go
@ -1,13 +1,14 @@
 package multiplex

 import (
-	"github.com/cbeuw/connutil"
-	"github.com/stretchr/testify/assert"
 	"math/rand"
 	"sync"
 	"sync/atomic"
 	"testing"
 	"time"
+
+	"github.com/cbeuw/connutil"
+	"github.com/stretchr/testify/assert"
 )

 func TestSwitchboard_Send(t *testing.T) {
--- a/internal/server/TLS.go
+++ b/internal/server/TLS.go
@ -4,11 +4,11 @@ import (
 	"crypto"
 	"errors"
 	"fmt"
+	"io"
+	"net"
+
 	"github.com/cbeuw/Cloak/internal/common"
 	"github.com/cbeuw/Cloak/internal/ecdh"
-	"io"
-	"math/rand"
-	"net"

 	log "github.com/sirupsen/logrus"
 )
@ -45,8 +45,7 @@ func (TLS) makeResponder(clientHelloSessionId []byte, sharedSecret [32]byte) Res
 		// the cert length needs to be the same for all handshakes belonging to the same session
 		// we can use sessionKey as a seed here to ensure consistency
 		possibleCertLengths := []int{42, 27, 68, 59, 36, 44, 46}
-		rand.Seed(int64(sessionKey[0]))
-		cert := make([]byte, possibleCertLengths[rand.Intn(len(possibleCertLengths))])
+		cert := make([]byte, possibleCertLengths[common.RandInt(len(possibleCertLengths))])
 		common.RandRead(randSource, cert)

 		var nonce [12]byte
--- a/internal/server/TLSAux.go
+++ b/internal/server/TLSAux.go
@ -5,6 +5,7 @@ import (
 	"encoding/binary"
 	"errors"
 	"fmt"
+
 	"github.com/cbeuw/Cloak/internal/common"
 )

@ -163,12 +164,12 @@ func parseClientHello(data []byte) (ret *ClientHello, err error) {
 func composeServerHello(sessionId []byte, nonce [12]byte, encryptedSessionKeyWithTag [48]byte) []byte {
 	var serverHello [11][]byte
 	serverHello[0] = []byte{0x02}                                             // handshake type
-	serverHello[1] = []byte{0x00, 0x00, 0x76}                                 // length 77
+	serverHello[1] = []byte{0x00, 0x00, 0x76}                                 // length 118
 	serverHello[2] = []byte{0x03, 0x03}                                       // server version
 	serverHello[3] = append(nonce[0:12], encryptedSessionKeyWithTag[0:20]...) // random 32 bytes
 	serverHello[4] = []byte{0x20}                                             // session id length 32
 	serverHello[5] = sessionId                                                // session id
-	serverHello[6] = []byte{0xc0, 0x30}                                       // cipher suite TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
+	serverHello[6] = []byte{0x13, 0x02}                                       // cipher suite TLS_AES_256_GCM_SHA384
 	serverHello[7] = []byte{0x00}                                             // compression method null
 	serverHello[8] = []byte{0x00, 0x2e}                                       // extensions length 46

--- a/internal/server/activeuser.go
+++ b/internal/server/activeuser.go
@ -1,9 +1,10 @@
 package server

 import (
-	"github.com/cbeuw/Cloak/internal/server/usermanager"
 	"sync"

+	"github.com/cbeuw/Cloak/internal/server/usermanager"
+
 	mux "github.com/cbeuw/Cloak/internal/multiplex"
 )

--- a/internal/server/activeuser_test.go
+++ b/internal/server/activeuser_test.go
@ -3,12 +3,13 @@ package server
 import (
 	"crypto/rand"
 	"encoding/base64"
-	"github.com/cbeuw/Cloak/internal/common"
-	mux "github.com/cbeuw/Cloak/internal/multiplex"
-	"github.com/cbeuw/Cloak/internal/server/usermanager"
 	"io/ioutil"
 	"os"
 	"testing"
+
+	"github.com/cbeuw/Cloak/internal/common"
+	mux "github.com/cbeuw/Cloak/internal/multiplex"
+	"github.com/cbeuw/Cloak/internal/server/usermanager"
 )

 func getSeshConfig(unordered bool) mux.SessionConfig {
--- a/internal/server/auth.go
+++ b/internal/server/auth.go
@ -5,9 +5,10 @@ import (
 	"encoding/binary"
 	"errors"
 	"fmt"
-	"github.com/cbeuw/Cloak/internal/common"
 	"time"

+	"github.com/cbeuw/Cloak/internal/common"
+
 	log "github.com/sirupsen/logrus"
 )

@ -60,7 +61,7 @@ func decryptClientInfo(fragments authFragments, serverTime time.Time) (info Clie

 var ErrReplay = errors.New("duplicate random")
 var ErrBadProxyMethod = errors.New("invalid proxy method")
-var ErrBadDecryption = errors.New("decryption/authentication faliure")
+var ErrBadDecryption = errors.New("decryption/authentication failure")

 // AuthFirstPacket checks if the first packet of data is ClientHello or HTTP GET, and checks if it was from a Cloak client
 // if it is from a Cloak client, it returns the ClientInfo with the decrypted fields. It doesn't check if the user
@ -83,10 +84,6 @@ func AuthFirstPacket(firstPacket []byte, transport Transport, sta *State) (info
 		err = fmt.Errorf("%w: %v", ErrBadDecryption, err)
 		return
 	}
-	if _, ok := sta.ProxyBook[info.ProxyMethod]; !ok {
-		err = ErrBadProxyMethod
-		return
-	}
 	info.Transport = transport
 	return
 }
--- a/internal/server/auth_test.go
+++ b/internal/server/auth_test.go
@ -4,10 +4,11 @@ import (
 	"crypto"
 	"encoding/hex"
 	"fmt"
-	"github.com/cbeuw/Cloak/internal/common"
-	"github.com/cbeuw/Cloak/internal/ecdh"
 	"testing"
 	"time"
+
+	"github.com/cbeuw/Cloak/internal/common"
+	"github.com/cbeuw/Cloak/internal/ecdh"
 )

 func TestDecryptClientInfo(t *testing.T) {
--- a/internal/server/dispatcher.go
+++ b/internal/server/dispatcher.go
@ -6,19 +6,22 @@ import (
 	"encoding/binary"
 	"errors"
 	"fmt"
-	"github.com/cbeuw/Cloak/internal/common"
-	"github.com/cbeuw/Cloak/internal/server/usermanager"
 	"io"
 	"net"
 	"net/http"
 	"time"

+	"github.com/cbeuw/Cloak/internal/common"
+	"github.com/cbeuw/Cloak/internal/server/usermanager"
+
 	mux "github.com/cbeuw/Cloak/internal/multiplex"
 	log "github.com/sirupsen/logrus"
 )

 var b64 = base64.StdEncoding.EncodeToString

+const firstPacketSize = 3000
+
 func Serve(l net.Listener, sta *State) {
 	waitDur := [10]time.Duration{
 		50 * time.Millisecond, 100 * time.Millisecond, 300 * time.Millisecond, 500 * time.Millisecond, 1 * time.Second,
@ -123,7 +126,7 @@ func readFirstPacket(conn net.Conn, buf []byte, timeout time.Duration) (int, Tra

 func dispatchConnection(conn net.Conn, sta *State) {
 	var err error
-	buf := make([]byte, 1500)
+	buf := make([]byte, firstPacketSize)

 	i, transport, redirOnErr, err := readFirstPacket(conn, buf, 15*time.Second)
 	data := buf[:i]
@ -213,6 +216,18 @@ func dispatchConnection(conn net.Conn, sta *State) {
 		return
 	}

+	if _, ok := sta.ProxyBook[ci.ProxyMethod]; !ok {
+		log.WithFields(log.Fields{
+			"remoteAddr":       conn.RemoteAddr(),
+			"UID":              b64(ci.UID),
+			"sessionId":        ci.SessionId,
+			"proxyMethod":      ci.ProxyMethod,
+			"encryptionMethod": ci.EncryptionMethod,
+		}).Error(ErrBadProxyMethod)
+		goWeb()
+		return
+	}
+
 	var user *ActiveUser
 	if sta.IsBypass(ci.UID) {
 		user, err = sta.Panel.GetBypassUser(ci.UID)
--- a/internal/server/dispatcher_test.go
+++ b/internal/server/dispatcher_test.go
@ -2,12 +2,13 @@ package server

 import (
 	"encoding/hex"
-	"github.com/cbeuw/connutil"
-	"github.com/stretchr/testify/assert"
 	"io"
 	"net"
 	"testing"
 	"time"
+
+	"github.com/cbeuw/connutil"
+	"github.com/stretchr/testify/assert"
 )

 type rfpReturnValue struct {
--- a/internal/server/first_packet_fuzz.go
+++ b/internal/server/first_packet_fuzz.go
@ -1,13 +1,15 @@
+//go:build gofuzz
 // +build gofuzz

 package server

 import (
 	"errors"
-	"github.com/cbeuw/Cloak/internal/common"
-	"github.com/cbeuw/connutil"
 	"net"
 	"time"
+
+	"github.com/cbeuw/Cloak/internal/common"
+	"github.com/cbeuw/connutil"
 )

 type rfpReturnValue_fuzz struct {
--- a/internal/server/state.go
+++ b/internal/server/state.go
@ -5,13 +5,14 @@ import (
 	"encoding/json"
 	"errors"
 	"fmt"
-	"github.com/cbeuw/Cloak/internal/common"
-	"github.com/cbeuw/Cloak/internal/server/usermanager"
 	"io/ioutil"
 	"net"
 	"strings"
 	"sync"
 	"time"
+
+	"github.com/cbeuw/Cloak/internal/common"
+	"github.com/cbeuw/Cloak/internal/server/usermanager"
 )

 type RawConfig struct {
--- a/internal/server/state_test.go
+++ b/internal/server/state_test.go
@ -43,13 +43,22 @@ func TestParseRedirAddr(t *testing.T) {
 			t.Errorf("parsing %v error: %v", domainNoPort, err)
 			return
 		}
-		expHost, err := net.ResolveIPAddr("ip", "example.com")
+
+		expIPs, err := net.LookupIP("example.com")
 		if err != nil {
 			t.Errorf("tester error: cannot resolve example.com: %v", err)
 			return
 		}
-		if host.String() != expHost.String() {
-			t.Errorf("expected %v got %v", expHost.String(), host.String())
+
+		contain := false
+		for _, expIP := range expIPs {
+			if expIP.String() == host.String() {
+				contain = true
+			}
+		}
+
+		if !contain {
+			t.Errorf("expected one of %v got %v", expIPs, host.String())
 		}
 		if port != "" {
 			t.Errorf("port not empty when there is no port")
@ -63,13 +72,22 @@ func TestParseRedirAddr(t *testing.T) {
 			t.Errorf("parsing %v error: %v", domainWPort, err)
 			return
 		}
-		expHost, err := net.ResolveIPAddr("ip", "example.com")
+
+		expIPs, err := net.LookupIP("example.com")
 		if err != nil {
 			t.Errorf("tester error: cannot resolve example.com: %v", err)
 			return
 		}
-		if host.String() != expHost.String() {
-			t.Errorf("expected %v got %v", expHost.String(), host.String())
+
+		contain := false
+		for _, expIP := range expIPs {
+			if expIP.String() == host.String() {
+				contain = true
+			}
+		}
+
+		if !contain {
+			t.Errorf("expected one of %v got %v", expIPs, host.String())
 		}
 		if port != "80" {
 			t.Errorf("wrong port: expected %v, got %v", "80", port)
--- a/internal/server/usermanager/api_router_test.go
+++ b/internal/server/usermanager/api_router_test.go
@ -4,12 +4,13 @@ import (
 	"bytes"
 	"encoding/base64"
 	"encoding/json"
-	"github.com/stretchr/testify/assert"
 	"io/ioutil"
 	"net/http"
 	"net/http/httptest"
 	"os"
 	"testing"
+
+	"github.com/stretchr/testify/assert"
 )

 var mockUIDb64 = base64.URLEncoding.EncodeToString(mockUID)
--- a/internal/server/usermanager/localmanager.go
+++ b/internal/server/usermanager/localmanager.go
@ -2,6 +2,7 @@ package usermanager

 import (
 	"encoding/binary"
+
 	"github.com/cbeuw/Cloak/internal/common"
 	log "github.com/sirupsen/logrus"
 	bolt "go.etcd.io/bbolt"
@ -191,6 +192,9 @@ func (manager *localManager) ListAllUsers() (infos []UserInfo, err error) {
 		})
 		return err
 	})
+	if infos == nil {
+		infos = []UserInfo{}
+	}
 	return
 }

--- a/internal/server/usermanager/localmanager_test.go
+++ b/internal/server/usermanager/localmanager_test.go
@ -2,8 +2,6 @@ package usermanager

 import (
 	"encoding/binary"
-	"github.com/cbeuw/Cloak/internal/common"
-	"github.com/stretchr/testify/assert"
 	"io/ioutil"
 	"math/rand"
 	"os"
@ -12,6 +10,9 @@ import (
 	"sync"
 	"testing"
 	"time"
+
+	"github.com/cbeuw/Cloak/internal/common"
+	"github.com/stretchr/testify/assert"
 )

 var mockUID = []byte{0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15}
--- a/internal/server/usermanager/voidmanager.go
+++ b/internal/server/usermanager/voidmanager.go
@ -15,7 +15,7 @@ func (v *Voidmanager) UploadStatus(updates []StatusUpdate) ([]StatusResponse, er
 }

 func (v *Voidmanager) ListAllUsers() ([]UserInfo, error) {
-	return nil, ErrMangerIsVoid
+	return []UserInfo{}, ErrMangerIsVoid
 }

 func (v *Voidmanager) GetUserInfo(UID []byte) (UserInfo, error) {
--- a/internal/server/usermanager/voidmanager_test.go
+++ b/internal/server/usermanager/voidmanager_test.go
@ -1,8 +1,9 @@
 package usermanager

 import (
-	"github.com/stretchr/testify/assert"
 	"testing"
+
+	"github.com/stretchr/testify/assert"
 )

 var v = &Voidmanager{}
--- a/internal/server/userpanel.go
+++ b/internal/server/userpanel.go
@ -2,11 +2,12 @@ package server

 import (
 	"encoding/base64"
-	"github.com/cbeuw/Cloak/internal/server/usermanager"
 	"sync"
 	"sync/atomic"
 	"time"

+	"github.com/cbeuw/Cloak/internal/server/usermanager"
+
 	mux "github.com/cbeuw/Cloak/internal/multiplex"
 	log "github.com/sirupsen/logrus"
 )
--- a/internal/server/userpanel_test.go
+++ b/internal/server/userpanel_test.go
@ -2,12 +2,13 @@ package server

 import (
 	"encoding/base64"
-	"github.com/cbeuw/Cloak/internal/common"
-	"github.com/cbeuw/Cloak/internal/server/usermanager"
 	"io/ioutil"
 	"os"
 	"testing"
 	"time"
+
+	"github.com/cbeuw/Cloak/internal/common"
+	"github.com/cbeuw/Cloak/internal/server/usermanager"
 )

 func TestUserPanel_BypassUser(t *testing.T) {
--- a/internal/server/websocket.go
+++ b/internal/server/websocket.go
@ -7,11 +7,12 @@ import (
 	"encoding/base64"
 	"errors"
 	"fmt"
-	"github.com/cbeuw/Cloak/internal/common"
-	"github.com/cbeuw/Cloak/internal/ecdh"
 	"io"
 	"net"
 	"net/http"
+
+	"github.com/cbeuw/Cloak/internal/common"
+	"github.com/cbeuw/Cloak/internal/ecdh"
 )

 type WebSocket struct{}
--- a/internal/server/websocketAux.go
+++ b/internal/server/websocketAux.go
@ -2,11 +2,12 @@ package server

 import (
 	"errors"
-	"github.com/cbeuw/Cloak/internal/common"
-	"github.com/gorilla/websocket"
 	"net"
 	"net/http"

+	"github.com/cbeuw/Cloak/internal/common"
+	"github.com/gorilla/websocket"
+
 	log "github.com/sirupsen/logrus"
 )

--- a/internal/server/websocketAux_test.go
+++ b/internal/server/websocketAux_test.go
@ -2,8 +2,9 @@ package server

 import (
 	"bytes"
-	"github.com/cbeuw/connutil"
 	"testing"
+
+	"github.com/cbeuw/connutil"
 )

 func TestFirstBuffedConn_Read(t *testing.T) {
--- a/internal/test/integration_test.go
+++ b/internal/test/integration_test.go
@ -5,12 +5,6 @@ import (
 	"encoding/base64"
 	"encoding/binary"
 	"fmt"
-	"github.com/cbeuw/Cloak/internal/client"
-	"github.com/cbeuw/Cloak/internal/common"
-	mux "github.com/cbeuw/Cloak/internal/multiplex"
-	"github.com/cbeuw/Cloak/internal/server"
-	"github.com/cbeuw/connutil"
-	"github.com/stretchr/testify/assert"
 	"io"
 	"math/rand"
 	"net"
@ -18,6 +12,13 @@ import (
 	"testing"
 	"time"

+	"github.com/cbeuw/Cloak/internal/client"
+	"github.com/cbeuw/Cloak/internal/common"
+	mux "github.com/cbeuw/Cloak/internal/multiplex"
+	"github.com/cbeuw/Cloak/internal/server"
+	"github.com/cbeuw/connutil"
+	"github.com/stretchr/testify/assert"
+
 	log "github.com/sirupsen/logrus"
 )

@ -120,7 +121,7 @@ var singleplexTCPConfig = client.RawConfig{
 	RemotePort:       "9999",
 	LocalHost:        "127.0.0.1",
 	LocalPort:        "9999",
-	BrowserSig:       "chrome",
+	BrowserSig:       "safari",
 }

 func generateClientConfigs(rawConfig client.RawConfig, state common.WorldState) (client.LocalConnConfig, client.RemoteConnConfig, client.AuthInfo) {
--- a/release.sh
+++ b/release.sh
@ -1,6 +1,8 @@
 #!/usr/bin/env bash

-go get github.com/mitchellh/gox
+set -eu
+
+go install github.com/mitchellh/gox@latest

 mkdir -p release

@ -18,7 +20,7 @@ echo "Compiling:"

 os="windows linux darwin"
 arch="amd64 386 arm arm64 mips mips64 mipsle mips64le"
-pushd cmd/ck-client || exit 1
+pushd cmd/ck-client
 CGO_ENABLED=0 gox -ldflags "-X main.version=${v}" -os="$os" -arch="$arch" -osarch="$osarch" -output="$output"
 CGO_ENABLED=0 GOOS="linux" GOARCH="mips" GOMIPS="softfloat" go build -ldflags "-X main.version=${v}" -o ck-client-linux-mips_softfloat-"${v}"
 CGO_ENABLED=0 GOOS="linux" GOARCH="mipsle" GOMIPS="softfloat" go build -ldflags "-X main.version=${v}" -o ck-client-linux-mipsle_softfloat-"${v}"
@ -27,7 +29,9 @@ popd

 os="linux"
 arch="amd64 386 arm arm64"
-pushd cmd/ck-server || exit 1
+pushd cmd/ck-server
 CGO_ENABLED=0 gox -ldflags "-X main.version=${v}" -os="$os" -arch="$arch" -osarch="$osarch" -output="$output"
 mv ck-server-* ../../release
-popd
+popd
+
+sha256sum release/*
--- a/renovate.json
+++ b/renovate.json
@ -0,0 +1,13 @@
+{
+  "$schema": "https://docs.renovatebot.com/renovate-schema.json",
+  "extends": [
+    "config:recommended"
+  ],
+  "packageRules": [
+    {
+      "packagePatterns": ["*"],
+      "excludePackagePatterns": ["utls"],
+      "enabled": false
+    }
+  ]
+}
Author	SHA1	Message	Date
Andy Wang	c3d5470ef7	Merge pull request #312 from cbeuw/renovate/github.com-refraction-networking-utls-1.x	2025-07-22 10:03:39 +01:00
renovate[bot]	8f629c7b2e	fix(deps): update module github.com/refraction-networking/utls to v1.8.0	2025-07-22 08:50:24 +00:00
Andy Wang	49357fc20b	Merge pull request #310 from cbeuw/utls-1.7.0 Update utls and increase server first packet buffer size	2025-06-08 18:21:55 +01:00
Andy Wang	8af137637e	Add backwards compatibility fallback to firefox	2025-06-08 18:19:58 +01:00
Andy Wang	51ed286f35	Update utls to 1.7.3	2025-06-08 18:19:57 +01:00
Andy Wang	5146ea8503	Increase server first packet buffer size to 3000	2025-06-08 18:19:48 +01:00
Andy Wang	7f9c17439f	Merge pull request #308 from cbeuw/deps-20250430 Update deps	2025-04-30 21:03:48 +01:00
Andy Wang	c15fd730de	Update Go in CI	2025-04-30 21:00:54 +01:00
Andy Wang	d06c208ace	Fix IP resolution in test	2025-04-30 20:57:23 +01:00
Andy Wang	9800e3685d	Update deps	2025-04-30 20:48:17 +01:00
Andy Wang	07aa197061	Go mod tidy	2025-04-30 20:39:09 +01:00
Andy Wang	cfdd5e6560	Merge pull request #294 from zaferatli/docFix chore: doc link fix	2025-04-30 20:35:14 +01:00
zaferatli	64166bf580	chore: doc link fix	2025-01-02 00:01:32 +03:00
Andy Wang	d229d8b3dc	Merge pull request #283 from cbeuw/padding Pad the first 5 frames to mitigate encapsulated TLS handshakes detection	2024-10-03 23:17:27 +01:00
Andy Wang	8bbc7b08d3	Fix tests	2024-10-03 23:06:42 +01:00
Andy Wang	5cf975f596	Pad the first 5 frames	2024-10-03 23:06:41 +01:00
Andy Wang	19c8cd1f89	Merge pull request #285 from cbeuw/docker-tests Run compatibility tests against previous Cloak version	2024-10-03 23:04:58 +01:00
Andy Wang	5867fa932b	Merge pull request #281 from zestysoft/faliure_typo Fix spelling mistake	2024-10-03 23:04:42 +01:00
Andy Wang	bfaf46d2e9	Update actions	2024-10-03 22:54:48 +01:00
Andy Wang	e362e81d19	Add backwards compatibility CI job	2024-10-03 22:54:48 +01:00
Andy Wang	deb0d26c08	Build and push docker image on release	2024-10-01 21:48:42 +01:00
Ian Brown	3687087c67	Fix spelling mistake Signed-off-by: Ian Brown <ian@zestysoft.com>	2024-09-20 19:45:46 -07:00
Andy Wang	97a03139bc	Merge pull request #262 from cbeuw/renovate/github.com-refraction-networking-utls-1.x Update module github.com/refraction-networking/utls to v1.6.6	2024-06-16 13:19:04 +01:00
renovate[bot]	b3c6426ac5	Update module github.com/refraction-networking/utls to v1.6.6	2024-05-03 23:07:04 +00:00
Andy Wang	dc2e83f75f	Move to common.RandInt	2024-04-14 16:27:00 +01:00
Andy Wang	5988b4337d	Stop using fixedConnMapping	2024-04-14 16:25:54 +01:00
Andy Wang	de4dab6bf3	Merge pull request #242 from notsure2/random-sni Support ServerName randomization (by setting ServerName=random) using ProtonVPN algo	2024-04-13 23:11:19 +01:00
Andy Wang	d5da5d049c	Update copyright	2024-04-13 23:10:09 +01:00
Andy Wang	392fc41de8	Move random utilities to common package	2024-04-13 23:08:34 +01:00
notsure2	3b449b64b3	Support ServerName randomization (by setting ServerName=random) using the same algorithm as ProtonVPN `bcf344b39b`	2024-04-13 22:48:55 +01:00
Andy Wang	a848d2f7e5	Update go version and release script	2024-04-13 22:38:01 +01:00
Andy Wang	de1c7600c1	Update dependencies	2024-04-11 20:54:52 +01:00
Andy Wang	767716b9be	Merge pull request #251 from cbeuw/renovate/github.com-refraction-networking-utls-1.x Update module github.com/refraction-networking/utls to v1.6.4	2024-04-11 20:53:07 +01:00
renovate[bot]	1cc4a1f928	Update module github.com/refraction-networking/utls to v1.6.4	2024-04-11 19:49:31 +00:00
Andy Wang	82687d4419	Merge pull request #256 from BANanaD3V/master Update go mod so it builds on nix	2024-04-11 20:48:56 +01:00
Nikita	6b08af0c18	Update go mod so it builds on nix	2024-03-10 08:43:45 +03:00
Andy Wang	c48a8800d6	Remove old utls	2024-02-09 17:30:22 +00:00
renovate[bot]	c5b31de753	Configure Renovate (#248 ) * Add renovate.json * Renovate only utls --------- Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: Andy Wang <cbeuw.andy@gmail.com>	2024-02-09 17:27:42 +00:00
Andy Wang	b9907c2e18	Disable codecov check	2024-02-09 16:51:32 +00:00
Andy Wang	6417e3393d	Use utls for ClientHello fingerprint Close #223	2024-02-09 16:37:57 +00:00
Andy Wang	b3ec1ab3bc	Make server respond with a TLS 1.3 cipher suite	2024-02-09 15:49:42 +00:00
Andy Wang	eca5f13936	Remove WriteTo from recvBuffer to prevent blocking on external Writer. Fixes #229	2023-11-12 20:47:17 +00:00
Andy Wang	fcb600efff	Print binary sha256 in release	2023-04-23 15:23:10 +02:00
Andy Wang	59919e5ec0	Remove gopacket dependency due to pcap	2023-04-23 15:14:14 +02:00
Andy Wang	d04366ec32	Fix padding calculation	2023-04-23 15:09:35 +02:00
Andy Wang	bc67074610	Add Safari browser signature	2023-04-23 11:04:02 +02:00
Andy Wang	641f6b2a9c	Update to Chrome and Firefox 112	2023-04-23 11:04:02 +02:00
Andy Wang	646a323065	Merge pull request #217 from cbeuw/dependabot/go_modules/golang.org/x/crypto-0.1.0 Bump golang.org/x/crypto from 0.0.0-20220131195533-30dcbda58838 to 0.1.0	2023-03-22 16:55:43 +00:00
dependabot[bot]	b8f04c96c6	Bump golang.org/x/crypto from 0.0.0-20220131195533-30dcbda58838 to 0.1.0 Bumps [golang.org/x/crypto](https://github.com/golang/crypto) from 0.0.0-20220131195533-30dcbda58838 to 0.1.0. - [Release notes](https://github.com/golang/crypto/releases) - [Commits](https://github.com/golang/crypto/commits/v0.1.0) --- updated-dependencies: - dependency-name: golang.org/x/crypto dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com>	2023-03-22 16:37:25 +00:00
Andy Wang	0e0ec0e82b	Merge pull request #216 from githablocal/master Make websocket url sub path configurable	2023-03-07 10:51:17 +00:00
name	6fe603c726	Fix gox not found in release CI	2023-03-07 17:17:19 +08:00
name	11e42dd542	Add WebSocket path for CDN mode add new option to README Change field name and default value of CDNWsUrlPath	2023-03-07 17:13:13 +08:00
name	e696b18187	format using goimports	2023-03-07 17:09:18 +08:00
Andy Wang	e305871d89	Merge pull request #186 from HirbodBehnam/master Update browser fingerprints	2022-03-31 16:16:17 +01:00
HirbodBehnam	9614fbc03d	Update firefox fingerprint	2022-03-24 14:14:50 +04:30
HirbodBehnam	f67ae6e644	Update chrome fingerprint	2022-03-23 21:52:17 +04:30
Andy Wang	68f47f1d49	Merge pull request #184 from moonburnt/master	2022-03-20 23:13:31 +00:00
moonburnt	9e2549c117	Fix typo in README	2022-03-21 01:08:08 +02:00
Andy Wang	39306cf930	Update README.md	2022-02-25 00:21:37 +00:00
Andy Wang	8e07491e98	Update README.md	2022-02-24 19:38:38 +00:00
Andy Wang	847b7e24bf	Update dependencies	2022-02-02 22:18:34 +00:00
Andy Wang	750340126a	Update browser fingerprint versions (no actual fingerprint change)	2022-02-02 22:00:32 +00:00
Andy Wang	611bad91fd	Minor refactors to remove unnecessary function	2022-02-02 22:00:26 +00:00
Andy Wang	e157e73ade	Check proxy method after checking admin uid to allow admin to have an invalid but unused proxy method	2022-01-26 00:58:52 +00:00
Andy Wang	67dba8c8fa	Return empty slices instead of nil for ListAllUsers	2022-01-26 00:57:18 +00:00
Andy Wang	99c4c7730a	Update Go version	2021-09-02 17:49:07 +01:00
Andy Wang	121c27fe1f	Merge pull request #168 from notsure2/fix-empty-alternative-names Fix incorrect addition of empty name in MockDomainList if the config string contains AlternativeNames=;	2021-07-24 16:38:49 +01:00
Andy Wang	d73f464358	Merge pull request #167 from notsure2/support-cloudflare Support CloudFlare CDN. Fixes #155	2021-07-24 16:38:29 +01:00
notsure2	9d5c663618	Fix incorrect addition of empty name in MockDomainList if the config string contains AlternativeNames=;	2021-07-22 20:05:30 +02:00
notsure2	387b76d426	Support CloudFlare CDN. Fixes #155	2021-07-22 14:52:56 +02:00
Andy Wang	cfdff93a1c	Update Chrome version comment (actual signature remains the same)	2021-04-30 16:00:52 +01:00
Andy Wang	8709bc0b2f	Update Firefox signature to version 88	2021-04-30 15:56:08 +01:00
Andy Wang	365f52a0e2	Add example usage of AlternativeNames config option	2021-03-26 15:59:59 +00:00