2020-04-03 16:04:24 +08:00
|
|
|
package vmess
|
|
|
|
|
|
|
|
import (
|
2022-01-15 19:33:21 +08:00
|
|
|
"context"
|
2020-04-03 16:04:24 +08:00
|
|
|
"crypto/tls"
|
|
|
|
"net"
|
2022-01-15 19:33:21 +08:00
|
|
|
|
2023-01-13 09:55:01 +08:00
|
|
|
tlsC "github.com/Dreamacro/clash/component/tls"
|
2022-01-15 19:33:21 +08:00
|
|
|
C "github.com/Dreamacro/clash/constant"
|
2023-02-01 22:16:06 +08:00
|
|
|
|
|
|
|
utls "github.com/refraction-networking/utls"
|
2020-04-03 16:04:24 +08:00
|
|
|
)
|
|
|
|
|
|
|
|
type TLSConfig struct {
|
2023-02-01 22:16:06 +08:00
|
|
|
Host string
|
|
|
|
SkipCertVerify bool
|
|
|
|
FingerPrint string
|
|
|
|
ClientFingerprint string
|
|
|
|
NextProtos []string
|
2020-04-03 16:04:24 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
func StreamTLSConn(conn net.Conn, cfg *TLSConfig) (net.Conn, error) {
|
2022-07-11 13:42:28 +08:00
|
|
|
tlsConfig := &tls.Config{
|
2020-04-03 16:04:24 +08:00
|
|
|
ServerName: cfg.Host,
|
|
|
|
InsecureSkipVerify: cfg.SkipCertVerify,
|
2020-09-26 20:33:57 +08:00
|
|
|
NextProtos: cfg.NextProtos,
|
2022-07-11 13:42:28 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
if len(cfg.FingerPrint) == 0 {
|
2023-01-14 21:08:06 +08:00
|
|
|
tlsConfig = tlsC.GetGlobalTLSConfig(tlsConfig)
|
2022-07-11 13:42:28 +08:00
|
|
|
} else {
|
|
|
|
var err error
|
|
|
|
if tlsConfig, err = tlsC.GetSpecifiedFingerprintTLSConfig(tlsConfig, cfg.FingerPrint); err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
|
|
|
}
|
2020-04-03 16:04:24 +08:00
|
|
|
|
2023-02-01 22:16:06 +08:00
|
|
|
if len(cfg.ClientFingerprint) != 0 {
|
2023-02-05 17:31:58 +08:00
|
|
|
utlsConn, valid := GetUtlsConnWithClientFingerprint(conn, cfg.ClientFingerprint, tlsConfig)
|
|
|
|
if valid {
|
2023-02-01 22:16:06 +08:00
|
|
|
ctx, cancel := context.WithTimeout(context.Background(), C.DefaultTLSTimeout)
|
|
|
|
defer cancel()
|
|
|
|
|
|
|
|
err := utlsConn.(*UConn).HandshakeContext(ctx)
|
|
|
|
return utlsConn, err
|
|
|
|
}
|
|
|
|
}
|
2020-04-03 16:04:24 +08:00
|
|
|
tlsConn := tls.Client(conn, tlsConfig)
|
2022-01-15 19:33:21 +08:00
|
|
|
|
|
|
|
ctx, cancel := context.WithTimeout(context.Background(), C.DefaultTLSTimeout)
|
|
|
|
defer cancel()
|
2023-02-01 22:16:06 +08:00
|
|
|
|
2022-01-15 19:33:21 +08:00
|
|
|
err := tlsConn.HandshakeContext(ctx)
|
2020-04-03 16:04:24 +08:00
|
|
|
return tlsConn, err
|
|
|
|
}
|
2023-02-05 17:31:58 +08:00
|
|
|
|
|
|
|
func GetUtlsConnWithClientFingerprint(conn net.Conn, ClientFingerprint string, tlsConfig *tls.Config) (net.Conn, bool) {
|
|
|
|
|
|
|
|
if fingerprint, exists := GetFingerprint(ClientFingerprint); exists {
|
|
|
|
utlsConn := UClient(conn, tlsConfig, &utls.ClientHelloID{
|
|
|
|
Client: fingerprint.Client,
|
|
|
|
Version: fingerprint.Version,
|
|
|
|
Seed: nil,
|
|
|
|
})
|
|
|
|
|
|
|
|
return utlsConn, true
|
|
|
|
}
|
|
|
|
|
|
|
|
return nil, false
|
|
|
|
}
|