Release v1.20240513.0

The purpose of this release is to upgrade uTLS from v1.0.0 to v1.6.6 to get access to newer TLS fingerprints.

You can now use -utls random to get a randomized fingerprint (randomized ciphersuites and extensions, not the same as any of the standard fingerprints, called RandomizedALPN internally by uTLS). A randomized fingerprint has worked well as the default for Snowflake for some time now.

The required minimum version of the Go compiler is now go1.21. It’s unfortunate to require such a recent compiler, but it is forced by dependencies. go1.21 is newer than what’s available by default in Debian stable (bookworm): you can install golang-1.21 from bookworm-backports.

The default weighted random distribution of TLS fingerprints has been updated to:


What this means is: add up all the numeric weights to get 14. Then there is a 4/14 chance of selecting random, 3/14 chance of selecting Firefox_120, 1/14 chance of selecting Firefox_105, and so on. You can specify your own weighted distribution using the -utls option.

I did another round of TLS fingerprint compatibility tests, as in Testing branch for uTLS support - #2 by tango. All the fingerprints are compatible with and in both DoH and DoT modes, except for some of the oldest Chrome fingerprints.

fingerprint -doh -dot -doh -dot
none ok ok ok ok
random ok ok ok ok
Firefox_55 ok ok ok ok
Firefox_56 ok ok ok ok
Firefox_63 ok ok ok ok
Firefox_65 ok ok ok ok
Firefox_99 ok ok ok ok
Firefox_102 ok ok ok ok
Firefox_105 ok ok ok ok
Firefox_120 ok ok ok ok
Chrome_58 ERROR ERROR ok ok
Chrome_62 ERROR ERROR ok ok
Chrome_70 ERROR ERROR ok ok
Chrome_72 ok ok ok ok
Chrome_83 ok ok ok ok
Chrome_87 ok ok ok ok
Chrome_96 ok ok ok ok
Chrome_100 ok ok ok ok
Chrome_102 ok ok ok ok
Chrome_120 ok ok ok ok
iOS_11_1 ok ok ok ok
iOS_12_1 ok ok ok ok
iOS_13 ok ok ok ok
iOS_14 ok ok ok ok