Release v1.20240513.0

• https://www.bamsoftware.com/software/dnstt/#download
• dnstt-20240513.zip (sig, key)
• https://repo.or.cz/dnstt.git/shortlog/refs/tags/v1.20240513.0
• CHANGELOG

The purpose of this release is to upgrade uTLS from v1.0.0 to v1.6.6 to get access to newer TLS fingerprints.

You can now use -utls random to get a randomized fingerprint (randomized ciphersuites and extensions, not the same as any of the standard fingerprints, called RandomizedALPN internally by uTLS). A randomized fingerprint has worked well as the default for Snowflake for some time now.

The required minimum version of the Go compiler is now go1.21. It’s unfortunate to require such a recent compiler, but it is forced by dependencies. go1.21 is newer than what’s available by default in Debian stable (bookworm): you can install golang-1.21 from bookworm-backports.

The default weighted random distribution of TLS fingerprints has been updated to:

4*random,3*Firefox_120,1*Firefox_105,3*Chrome_120,1*Chrome_102,1*iOS_14,1*iOS_13

What this means is: add up all the numeric weights to get 14. Then there is a 4/14 chance of selecting random, 3/14 chance of selecting Firefox_120, 1/14 chance of selecting Firefox_105, and so on. You can specify your own weighted distribution using the -utls option.

I did another round of TLS fingerprint compatibility tests, as in Testing branch for uTLS support - #2 by tango. All the fingerprints are compatible with dns.google and 1.1.1.1 in both DoH and DoT modes, except for some of the oldest Chrome fingerprints.