Merge pull request #79 from HyNetwork/wip-servername

Add TLS server name option for client

README.md

@@ -267,6 +267,7 @@ hysteria_traffic_uplink_bytes_total{auth="aGFja2VyISE="} 37452
   "obfs": "AMOGUS", // Obfuscation password
   "auth": "[BASE64]", // Authentication payload in Base64
   "auth_str": "yubiyubi", // Authentication payload in string, mutually exclusive with the option above
+  "server_name": "real.name.com", // TLS hostname used to verify the server certificate
   "insecure": false, // Ignore all certificate errors 
   "ca": "my.ca", // Custom CA file
   "recv_window_conn": 15728640, // QUIC stream receive window

README.zh.md

@@ -254,6 +254,7 @@ hysteria_traffic_uplink_bytes_total{auth="aGFja2VyISE="} 37452
   "obfs": "AMOGUS", // 混淆密码
   "auth": "[BASE64]", // Base64 验证密钥
   "auth_str": "yubiyubi", // 字符串验证密钥，和上面的选项二选一
+  "server_name": "real.name.com", // 用于验证服务端证书的 hostname
   "insecure": false, // 忽略一切证书错误 
   "ca": "my.ca", // 自定义 CA
   "recv_window_conn": 15728640, // QUIC stream receive window

cmd/client.go

@@ -26,6 +26,7 @@ func client(config *clientConfig) {
 	logrus.WithField("config", config.String()).Info("Client configuration loaded")
 	// TLS
 	tlsConfig := &tls.Config{
+		ServerName:         config.ServerName,
 		InsecureSkipVerify: config.Insecure,
 		NextProtos:         []string{tlsProtocolName},
 		MinVersion:         tls.VersionTLS13,

cmd/config.go

@@ -110,6 +110,7 @@ type clientConfig struct {
 	Obfs              string `json:"obfs"`
 	Auth              []byte `json:"auth"`
 	AuthString        string `json:"auth_str"`
+	ServerName        string `json:"server_name"`
 	Insecure          bool   `json:"insecure"`
 	CustomCA          string `json:"ca"`
 	ReceiveWindowConn uint64 `json:"recv_window_conn"`