evan/gost
1
1
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Fix TLS Client verification and SSL Pinning introduced in uTLS

Browse Source
This commit is contained in:
wenyifan
2022-10-27 09:15:31 +08:00
parent b1cd2b2c37
commit a37f4d0019
4 changed files with 33 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
ws.go
View File

@ -837,7 +837,19 @@ func websocketClientConn(url string, conn net.Conn, tlsConfig *tls.Config, optio
return conn, nil
},
NetDialTLSContext: func(ctx context.Context, network, addr string) (net.Conn, error) {
client := utls.UClient(conn, &utls.Config{InsecureSkipVerify: tlsConfig.InsecureSkipVerify, ServerName: tlsConfig.ServerName}, utls.HelloCustom)
utlsConf := &utls.Config{InsecureSkipVerify: tlsConfig.InsecureSkipVerify, ServerName: tlsConfig.ServerName, ClientAuth: utls.ClientAuthType(tlsConfig.ClientAuth), ClientCAs: tlsConfig.ClientCAs, RootCAs: tlsConfig.RootCAs}
if len(tlsConfig.Certificates) > 0 {
for _, certificate := range tlsConfig.Certificates {
utlsConf.Certificates = append(utlsConf.Certificates, utls.Certificate{
Certificate: certificate.Certificate,
PrivateKey: certificate.PrivateKey,
OCSPStaple: certificate.OCSPStaple,
SignedCertificateTimestamps: certificate.SignedCertificateTimestamps,
Leaf: certificate.Leaf,
})
}
}
client := utls.UClient(conn, utlsConf, utls.HelloCustom)
client.ApplyPreset(newWsSpec())
err := client.Handshake()
if err != nil {