From 574313aaae1df0b0bc2740c6438365b46cc6c5f6 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=E4=B8=96=E7=95=8C?= <i@sekai.icu>
Date: Tue, 21 Feb 2023 16:13:51 +0800
Subject: [PATCH] Add strict mode

---
 service.go | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/service.go b/service.go
index 7a39088..b2ef5b4 100644
--- a/service.go
+++ b/service.go
@@ -26,6 +26,7 @@ type ServiceConfig struct {
 	Users                  []User // for protocol version 3
 	Handshake              HandshakeConfig
 	HandshakeForServerName map[string]HandshakeConfig // for protocol version 2/3
+	StrictMode             bool                       // for protocol version 3
 	Handler                Handler
 	Logger                 logger.ContextLogger
 }
@@ -51,6 +52,7 @@ type Service struct {
 	users                  []User
 	handshake              HandshakeConfig
 	handshakeForServerName map[string]HandshakeConfig
+	strictMode             bool
 	handler                Handler
 	logger                 logger.ContextLogger
 }
@@ -62,6 +64,7 @@ func NewService(config ServiceConfig) (*Service, error) {
 		users:                  config.Users,
 		handshake:              config.Handshake,
 		handshakeForServerName: config.HandshakeForServerName,
+		strictMode:             config.StrictMode,
 		handler:                config.Handler,
 		logger:                 config.Logger,
 	}
@@ -196,7 +199,7 @@ func (s *Service) NewConnection(ctx context.Context, conn net.Conn, metadata M.M
 			return bufio.CopyConn(ctx, conn, handshakeConn)
 		}
 
-		if !isServerHelloSupportTLS13(serverHelloFrame.Bytes()) {
+		if s.strictMode && !isServerHelloSupportTLS13(serverHelloFrame.Bytes()) {
 			s.logger.WarnContext(ctx, "TLS 1.3 is not supported, will copy bidirectional")
 			return bufio.CopyConn(ctx, conn, handshakeConn)
 		}