{"id":15107332,"url":"https://github.com/irinesistiana/simple-tls","last_synced_at":"2025-10-23T02:31:01.981Z","repository":{"id":53014712,"uuid":"250473638","full_name":"IrineSistiana/simple-tls","owner":"IrineSistiana","description":null,"archived":false,"fork":false,"pushed_at":"2022-10-20T08:52:00.000Z","size":305,"stargazers_count":104,"open_issues_count":3,"forks_count":19,"subscribers_count":14,"default_branch":"master","last_synced_at":"2025-01-30T16:52:45.030Z","etag":null,"topics":["shadowsocks","shadowsocks-android","shadowsocks-plugin","simple-tls","sip003"],"latest_commit_sha":null,"homepage":"","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"gpl-3.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/IrineSistiana.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2020-03-27T07:55:36.000Z","updated_at":"2024-11-23T11:50:37.000Z","dependencies_parsed_at":"2022-08-13T02:10:50.576Z","dependency_job_id":null,"html_url":"https://github.com/IrineSistiana/simple-tls","commit_stats":null,"previous_names":[],"tags_count":33,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/IrineSistiana%2Fsimple-tls","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/IrineSistiana%2Fsimple-tls/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/IrineSistiana%2Fsimple-tls/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/IrineSistiana%2Fsimple-tls/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/IrineSistiana","download_url":"https://codeload.github.com/IrineSistiana/simple-tls/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":237763855,"owners_count":19362310,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["shadowsocks","shadowsocks-android","shadowsocks-plugin","simple-tls","sip003"],"created_at":"2024-09-25T21:23:30.940Z","updated_at":"2025-10-23T02:31:01.634Z","avatar_url":"https://github.com/IrineSistiana.png","language":"Go","funding_links":[],"categories":[],"sub_categories":[],"readme":"# simple-tls\n\n简单易用的 TCP 连接转发器。可为原始数据流加一层 TLS。支持通过 gRPC 传输。\n\n---\n\n## 参数\n\n```text\n 客户端监听地址 服务端监听地址\n | |\n|客户端|--\u003e|simple-tls 客户端|--TLS1.3--\u003e|simple-tls 服务端|--\u003e|最终目的地|\n | | \n 客户端目的地地址 服务端目的地地址 \n\n# 通用参数\n -b string\n [Host:Port] (必需) 监听地址。\n -d string\n [Host:Port] (必需) 目的地地址。\n -grpc\n 使用 gRPC 协议。客户端和服务端需一致。\n -grpc-path string\n (可选) gRPC 服务路径。客户端和服务端需一致。\n\n# 客户端参数\n# e.g. simple-tls -b 127.0.0.1:1080 -d your_server_ip:1080 -n your.server.name\n\n -n string\n 服务器证书名。用于验证服务端的证书的合法性。也用作 SNI。\n -no-verify\n 客户端将不会验证服务端的证书的合法性。(证书链验证)\n -ca string\n 用于验证服务端的证书的 CA 证书文件。(默认使用系统证书池)\n -cert-hash string\n 服务器证书的 hash。(服务端证书锁定)\n tips: 使用 -hash-cert 命令可以生成证书的 hash\n\n# 服务端参数\n# e.g. simple-tls -b :1080 -d 127.0.0.1:12345 -s -key /path/to/your/key -cert /path/to/your/cert\n# 证书格式必须是 PEM (base64) 。\n# -cert 和 -key 可以同时留空,会在内存中生成一个临时证书。证书的域名默认随机,但也可以取自 `-n` 参数。\n# e.g. simple-tls -b :1080 -d 127.0.0.1:12345 -s -n my.test.domain\n\n -s \n (必需) 以服务端运行。\n -cert string\n 证书路径。\n -key string\n 密钥路径。\n\n# 其他通用参数\n\n -t int\n 连接空闲超时,单位秒 (默认300)。\n -outbound-buf int\n 设置出站 tcp rw socket buf。\n -inbound-buf \n 设置入站 tcp rw socket buf。\n\n# 命令\n\n -gen-cert\n 生成一个密钥长度为 256 的 ECC 证书到当前目录。\n 证书的 dns name 可以用 `-n` 设定。默认是随机字符串。\n 可以用 `-template` 指定模板证书。除密钥等关键参数外,其他参数都会从模板证书复制。\n 可以用 `-cert` 和 `-key` 指定证书输出位置。(默认当前目录且文件名是证书的 dns name)\n e.g. simple-tls -gen-cert -n my.domain\n 会生成证书 my.domain.cert 和密钥 my.domain.key 两个文件到当前目录。\n -hash-cert\n 显示证书的 hash 值。(用于客户端的 -cert-hash)\n e.g. simple-tls -hash-cert ./my.cert\n -v\n 显示目前程序版本\n```\n\n## 服务端无合法证书时如何快速使用 \n\n服务端使用临时证书,客户端不做任何验证。下层连接有安全措施时可以使用该方案。\n\n```shell\n# 服务端的 -cert 和 -key 同时留空,会在内存生成一个临时证书。\nsimple-tls -b :1080 -d 127.0.0.1:12345 -s -n my.cert.domain\n# 客户端禁用证书链验证。\nsimple-tls -b :1080 -d your.server.address:1080 -n my.cert.domain -no-verify\n```\n\n服务端使用固定证书,客户端使用 hash 验证服务端证书 (证书锁定)。\n\n```shell\n# 服务端生成一个证书。\nsimple-tls -gen-cert -n my.cert.domain\n# 然后显示证书的 hash。e.g. 8910fe28d2fb40398a...\nsimple-tls -hash-cert ./my.cert.domain.cert\n# 使用这个证书启动服务端\nsimple-tls -b :1080 -d 127.0.0.1:12345 -s -key ./my.cert.domain.key -cert ./my.cert.domain.cert\n# 客户端禁用证书链验证但启用证书 hash 验证。\nsimple-tls -b :1080 -d your.server.address:1080 -n my.cert.domain -no-verify -cert-hash 8910fe28d2fb40398a...\n```\n\n## 作为 SIP003 插件使用\n\n支持 shadowsocks 的 [SIP003](https://shadowsocks.org/en/wiki/Plugin.html) 插件协议。shadowsocks 主程序会自动设定监听地址 `-b` 和目的地地址 `-d`。\n\n以 [shadowsocks-rust](https://github.com/shadowsocks/shadowsocks-rust) 为例:\n\n```shell\nssserver -c config.json --plugin simple-tls --plugin-opts \"s;key=/path/to/your/key;cert=/path/to/your/cert\"\nsslocal -c config.json --plugin simple-tls --plugin-opts \"n=your.server.certificates.dnsname\"\n```\n\n### Android SIP003 插件\n\nsimple-tls-android 是 [shadowsocks-android](https://github.com/shadowsocks/shadowsocks-android) 的带 GUI 的插件。目前随 simple-tls 一起发布。可从 release 界面下载全平台通用的 apk。\n\nsimple-tls-android 的源代码在 [这里](https://github.com/IrineSistiana/simple-tls-android) 。\n\n### Beta 版本\n\nsimple-tls 目前不保证版本之间的兼容性。","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Firinesistiana%2Fsimple-tls","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Firinesistiana%2Fsimple-tls","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Firinesistiana%2Fsimple-tls/lists"}