mtproxy

package

v0.3.1 Latest Latest Go to latest Published: May 19, 2026 License: Apache-2.0 Imports: 12 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/mtgo-labs/mtgo

Links

Open Source Insights

Documentation ¶

Overview ¶

Package mtproxy implements MTProxy client support for connecting to Telegram through intermediate proxy servers.

MTProxy allows bypassing network restrictions by tunneling MTProto traffic through a proxy that mimics normal TLS or uses obfuscated transport.

Three secret types are supported:

Simple (32 hex chars): raw 16-byte secret, uses obfuscated2 transport.
dd-prefixed (34 hex chars): tag byte + 16-byte secret, uses obfuscated2 with PaddedIntermediate codec (most common).
ee-prefixed (36+ hex chars): tag byte + 16-byte secret + domain name, uses fake TLS handshake followed by obfuscated2.

Basic usage:

conn, err := mtproxy.Dial(
    "proxy.example.com:443",
    "dd05fb7acb549be047a7c585116581418",
    2,     // DC ID
    30 * time.Second,
)

Or via the client config:

client, _ := telegram.NewClient(apiID, apiHash, &telegram.Config{
    MTProxy: &telegram.MTProxyConfig{
        Addr:   "proxy.example.com:443",
        Secret: "dd05fb7acb549be047a7c585116581418",
    },
})

Index ¶

Variables
func Dial(addr string, secretHex string, dcID int, timeout time.Duration) (net.Conn, error)
func DialSecret(addr string, secret Secret, dcID int, timeout time.Duration) (net.Conn, error)
func Handshake(conn net.Conn, secret Secret, dcID int) (net.Conn, error)
type Secret
- func ParseSecret(s string) (Secret, error)
- func ParseSecretBytes(raw []byte) (Secret, error)
- func (s Secret) Codec() byte
- func (s Secret) NeedsFakeTLS() bool
type SecretType

Constants ¶

This section is empty.

Variables ¶

View Source

var (
	// ErrInvalidSecretLen is returned when the MTProxy secret is not 16 bytes
	// (standard), 17 bytes (with DD prefix for TLS), or 18+ bytes (with
	// domain for fake TLS).
	ErrInvalidSecretLen = errors.New("mtproxy: secret must be 16, 17, or 18+ bytes")
	// ErrServerHelloFailed is returned when the server's hello response
	// cannot be verified against the expected key derived from the secret.
	ErrServerHelloFailed = errors.New("mtproxy: server hello verification failed")
)

MTProxy errors.

These errors are returned during MTProxy connection setup and the specialized handshake.

Functions ¶

func Dial ¶

func Dial(addr string, secretHex string, dcID int, timeout time.Duration) (net.Conn, error)

Dial connects to an MTProxy server and returns a net.Conn ready for MTProto traffic. The secret is parsed from hex and the connection is established with the appropriate obfuscation (dd: obfuscated2 only, ee: fake TLS + obfuscated2, simple: obfuscated2 only).

func DialSecret ¶

func DialSecret(addr string, secret Secret, dcID int, timeout time.Duration) (net.Conn, error)

DialSecret connects to an MTProxy server using a parsed Secret.

func Handshake ¶

func Handshake(conn net.Conn, secret Secret, dcID int) (net.Conn, error)

Handshake performs the MTProxy handshake on an already-connected TCP conn.

Types ¶

type Secret ¶

type Secret struct {
	Type   SecretType
	Secret []byte // 16-byte secret
	Tag    byte   // protocol tag (0xdd, 0xee, 0xef)
	Domain string // SNI domain (ee-secrets only)
}

func ParseSecret ¶

func ParseSecret(s string) (Secret, error)

func ParseSecretBytes ¶

func ParseSecretBytes(raw []byte) (Secret, error)

func (Secret) Codec ¶

func (s Secret) Codec() byte

func (Secret) NeedsFakeTLS ¶

func (s Secret) NeedsFakeTLS() bool

type SecretType ¶

type SecretType int

const (
	SecretSimple  SecretType = iota
	SecretSecured            // dd-prefix: tag(1) + secret(16)
	SecretTLS                // ee-prefix: tag(1) + secret(16) + domain
)

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL