TLS ECH: Handle "h2c://" query correctly by Fangliding · Pull Request #6261 · XTLS/Xray-core

Fangliding · 2026-06-03T17:43:38Z

Co-Authored-By: j2rong4cn <36783515+j2rong4cn@users.noreply.github.com>

j2rong4cn · 2026-06-04T04:47:02Z

内置dns的DOH h2c是支持"fromMitm"，ECH的就不能吗 613c63b

Lines 40 to 68 in fdb9b61

    
           func NewDoHNameServer(url *url.URL, dispatcher routing.Dispatcher, h2c bool, disableCache bool, serveStale bool, serveExpiredTTL uint32, clientIP net.IP) *DoHNameServer { 
        
           	url.Scheme = "https" 
        
           	mode := "DOH" 
        
           	if dispatcher == nil { 
        
           		mode = "DOHL" 
        
           	} 
        
           	errors.LogInfo(context.Background(), "DNS: created ", mode, " client for ", url.String(), ", with h2c ", h2c) 
        
           	s := &DoHNameServer{ 
        
           		cacheController: NewCacheController(mode+"//"+url.Host, disableCache, serveStale, serveExpiredTTL), 
        
           		dohURL:          url.String(), 
        
           		clientIP:        clientIP, 
        
           	} 
        
           	s.httpClient = &http.Client{ 
        
           		Transport: &http2.Transport{ 
        
           			IdleConnTimeout: net.ConnIdleTimeout, 
        
           			ReadIdleTimeout: net.ChromeH2KeepAlivePeriod, 
        
           			DialTLSContext: func(ctx context.Context, network, addr string, cfg *tls.Config) (net.Conn, error) { 
        
           				dest, err := net.ParseDestination(network + ":" + addr) 
        
           				if err != nil { 
        
           					return nil, err 
        
           				} 
        
           				var conn net.Conn 
        
           				if dispatcher != nil { 
        
           					dnsCtx := toDnsContext(ctx, s.dohURL) 
        
           					if h2c { 
        
           						dnsCtx = session.ContextWithMitmAlpn11(dnsCtx, false) // for insurance 
        
           						dnsCtx = session.ContextWithMitmServerName(dnsCtx, url.Hostname()) 
        
           					} 
        
           					link, err := dispatcher.Dispatch(dnsCtx, dest)

Fangliding · 2026-06-04T10:10:44Z

不知道内置DNS是什么时候加的我认为这不是很有必要而且这也不是 "mitm"

…(freedom compatibility) XTLS#6261 — Handle ECH H2C query correctly (Fangliding) - dnsQuery: h2c scheme → https，修复 ECH 配置查询 XTLS#6254 — brutal finalmask (LjhAUMEM) - 新增 force-brutal finalmask 类型，配合 tcp-brutal 内核模块 - 7 文件新增，全新增模块 XTLS#6058 — Direct/Freedom Better Compatibility (Meo597) - strategy 类型从 [][]byte → [11][3]byte 更安全 - freedom 出站新增 DomainStrategy / targetStrategy 支持 - 兼容旧的 freedom.domainStrategy 配置

j2rong4cn · 2026-06-05T09:13:52Z

不知道内置DNS是什么时候加的我认为这不是很有必要而且这也不是 "mitm"

内置dns的DOH h2c支持"fromMitm"，而ECH不支持"fromMitm"？岂不是很迷惑？

RPRX · 2026-06-09T08:56:06Z

~~@Fangliding 我发现我记不清那段时间我都改了啥，可能是我加的吧，@j2rong4cn 你说的那个等有实际需求再加吧~~

…(freedom compatibility) XTLS#6261 — Handle ECH H2C query correctly (Fangliding) - dnsQuery: h2c scheme → https，修复 ECH 配置查询 XTLS#6254 — brutal finalmask (LjhAUMEM) - 新增 force-brutal finalmask 类型，配合 tcp-brutal 内核模块 - 7 文件新增，全新增模块 XTLS#6058 — Direct/Freedom Better Compatibility (Meo597) - strategy 类型从 [][]byte → [11][3]byte 更安全 - freedom 出站新增 DomainStrategy / targetStrategy 支持 - 兼容旧的 freedom.domainStrategy 配置

- PR XTLS#6261 (ECH H2C fix): TLS ECH h2c:// 查询正确处理 - PR XTLS#6254 (brutal): TCP 暴力加速器 - PR XTLS#6258 (Custom sessionID): XHTTP sessionIDTable/sessionIDLength - PR XTLS#4231 (mux maxReuseTimes): Mux 连接复用次数上限 - PR XTLS#6058 (freedom compatibility): Freedom 出站兼容性改进 - XUDP: 改进 UDP over XUDP 传输效率 - 新增 xray.go 配置框架

Handle ECH H2C query correctly

0991024

Co-Authored-By: j2rong4cn <36783515+j2rong4cn@users.noreply.github.com>

RPRX changed the title ~~Handle ECH H2C query correctly~~ TLS ECH: Handle "h2c://" query correctly Jun 9, 2026

RPRX merged commit a0e9347 into main Jun 9, 2026
48 checks passed

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

TLS ECH: Handle "h2c://" query correctly#6261

TLS ECH: Handle "h2c://" query correctly#6261
RPRX merged 1 commit into
mainfrom
ech-h2c

Fangliding commented Jun 3, 2026

Uh oh!

j2rong4cn commented Jun 4, 2026

Uh oh!

Fangliding commented Jun 4, 2026 •

edited

Loading

Uh oh!

j2rong4cn commented Jun 5, 2026

Uh oh!

RPRX commented Jun 9, 2026

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

3 participants

Conversation

Fangliding commented Jun 3, 2026

Uh oh!

j2rong4cn commented Jun 4, 2026

Uh oh!

Fangliding commented Jun 4, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

j2rong4cn commented Jun 5, 2026

Uh oh!

RPRX commented Jun 9, 2026

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

3 participants

Fangliding commented Jun 4, 2026 •

edited

Loading