From 52ad793d1190a100214f97a3cffa15daa34dc3c7 Mon Sep 17 00:00:00 2001
From: wwqgtxx <wwqgtxx@gmail.com>
Date: Tue, 22 Apr 2025 20:09:24 +0800
Subject: [PATCH] fix: shadowtls v1 not work

---
 adapter/outbound/shadowsocks.go       | 2 +-
 transport/sing-shadowtls/shadowtls.go | 3 +++
 2 files changed, 4 insertions(+), 1 deletion(-)

diff --git a/adapter/outbound/shadowsocks.go b/adapter/outbound/shadowsocks.go
index 80d113c7..156b419a 100644
--- a/adapter/outbound/shadowsocks.go
+++ b/adapter/outbound/shadowsocks.go
@@ -84,7 +84,7 @@ type gostObfsOption struct {
 }
 
 type shadowTLSOption struct {
-	Password       string `obfs:"password"`
+	Password       string `obfs:"password,omitempty"`
 	Host           string `obfs:"host"`
 	Fingerprint    string `obfs:"fingerprint,omitempty"`
 	SkipCertVerify bool   `obfs:"skip-cert-verify,omitempty"`
diff --git a/transport/sing-shadowtls/shadowtls.go b/transport/sing-shadowtls/shadowtls.go
index 2f634bcb..ff7a2ccd 100644
--- a/transport/sing-shadowtls/shadowtls.go
+++ b/transport/sing-shadowtls/shadowtls.go
@@ -37,6 +37,9 @@ func NewShadowTLS(ctx context.Context, conn net.Conn, option *ShadowTLSOption) (
 		InsecureSkipVerify: option.SkipCertVerify,
 		ServerName:         option.Host,
 	}
+	if option.Version == 1 {
+		tlsConfig.MaxVersion = tls.VersionTLS12 // ShadowTLS v1 only support TLS 1.2
+	}
 
 	var err error
 	tlsConfig, err = ca.GetSpecifiedFingerprintTLSConfig(tlsConfig, option.Fingerprint)