From 88e33cab7e50c7aa64961918d15746b21971d1a1 Mon Sep 17 00:00:00 2001
From: changx <changx@gmail.com>
Date: Mon, 29 Oct 2018 16:26:37 +0800
Subject: [PATCH] downgrade to tls12

---
 proxy/tls/tls.go | 9 ++++-----
 1 file changed, 4 insertions(+), 5 deletions(-)

diff --git a/proxy/tls/tls.go b/proxy/tls/tls.go
index 4b19d8c..3cc9e46 100644
--- a/proxy/tls/tls.go
+++ b/proxy/tls/tls.go
@@ -130,10 +130,9 @@ func (s *TLS) ListenAndServe(c net.Conn) {
 
 		tlsConfig = &stdtls.Config{
 			Certificates:     []stdtls.Certificate{cert},
-			MinVersion:       stdtls.VersionTLS12,
-			MaxVersion:       stdtls.VersionTLS13,
+			MinVersion:       stdtls.VersionTLS10,
+			MaxVersion:       stdtls.VersionTLS12,
 			SessionTicketKey: ticketKey,
-			Accept0RTTData:   true,
 		}
 	} else {
 		tlsConfig = nil
@@ -184,8 +183,8 @@ func (s *TLS) Dial(network, addr string) (net.Conn, error) {
 		ServerName:         s.serverName,
 		InsecureSkipVerify: s.skipVerify,
 		ClientSessionCache: stdtls.NewLRUClientSessionCache(64),
-		MinVersion:         stdtls.VersionTLS12,
-		MaxVersion:         stdtls.VersionTLS13,
+		MinVersion:         stdtls.VersionTLS10,
+		MaxVersion:         stdtls.VersionTLS12,
 	}
 
 	c := stdtls.Client(cc, conf)