Add h2Alpn option for TLS ClientHello

tls.go

@@ -36,7 +36,7 @@ func (tr *tlsTransporter) Handshake(conn net.Conn, options ...HandshakeOption) (
 		timeout = HandshakeTimeout
 	}
 
-	return wrapTLSClient(conn, opts.TLSConfig, timeout)
+	return wrapTLSClient(conn, opts.TLSConfig, timeout, opts.H2Alpn)
 }
 
 type mtlsTransporter struct {
@@ -131,7 +131,7 @@ func (tr *mtlsTransporter) initSession(addr string, conn net.Conn, opts *Handsha
 	if opts.TLSConfig == nil {
 		opts.TLSConfig = &tls.Config{InsecureSkipVerify: true}
 	}
-	conn, err := wrapTLSClient(conn, opts.TLSConfig, opts.Timeout)
+	conn, err := wrapTLSClient(conn, opts.TLSConfig, opts.Timeout, opts.H2Alpn)
 	if err != nil {
 		return nil, err
 	}
@@ -268,7 +268,7 @@ func (l *mtlsListener) Close() error {
 //
 // This code is taken from consul:
 // https://github.com/hashicorp/consul/blob/master/tlsutil/config.go
-func wrapTLSClient(conn net.Conn, tlsConfig *tls.Config, timeout time.Duration) (net.Conn, error) {
+func wrapTLSClient(conn net.Conn, tlsConfig *tls.Config, timeout time.Duration, h2Alpn bool) (net.Conn, error) {
 	var err error
 
 	if timeout <= 0 {
@@ -279,7 +279,13 @@ func wrapTLSClient(conn net.Conn, tlsConfig *tls.Config, timeout time.Duration)
 	defer conn.SetDeadline(time.Time{})
 
 	//tlsConn := tls.Client(conn, tlsConfig)
-	tlsConn := utls.UClient(conn, &utls.Config{InsecureSkipVerify: tlsConfig.InsecureSkipVerify, ServerName: tlsConfig.ServerName}, utls.HelloChrome_Auto)
+	var tlsConn *utls.UConn
+	if h2Alpn {
+		tlsConn = utls.UClient(conn, &utls.Config{InsecureSkipVerify: tlsConfig.InsecureSkipVerify, ServerName: tlsConfig.ServerName}, utls.HelloChrome_Auto)
+	} else {
+		tlsConn = utls.UClient(conn, &utls.Config{InsecureSkipVerify: tlsConfig.InsecureSkipVerify, ServerName: tlsConfig.ServerName}, utls.HelloCustom)
+		tlsConn.ApplyPreset(newWsSpec())
+	}
 
 	// Otherwise perform handshake, but don't verify the domain
 	//