use utls instead of go-tls
This commit is contained in:
wenyifan
7
tls.go
7
tls.go
@ -3,6 +3,7 @@ package gost
|
||||
import (
|
||||
"crypto/tls"
|
||||
"errors"
|
||||
utls "github.com/refraction-networking/utls"
|
||||
"net"
|
||||
"sync"
|
||||
"time"
|
||||
@ -269,7 +270,6 @@ func (l *mtlsListener) Close() error {
|
||||
// https://github.com/hashicorp/consul/blob/master/tlsutil/config.go
|
||||
func wrapTLSClient(conn net.Conn, tlsConfig *tls.Config, timeout time.Duration) (net.Conn, error) {
|
||||
var err error
|
||||
var tlsConn *tls.Conn
|
||||
|
||||
if timeout <= 0 {
|
||||
timeout = HandshakeTimeout // default timeout
|
||||
@ -278,7 +278,10 @@ func wrapTLSClient(conn net.Conn, tlsConfig *tls.Config, timeout time.Duration)
|
||||
conn.SetDeadline(time.Now().Add(timeout))
|
||||
defer conn.SetDeadline(time.Time{})
|
||||
|
||||
tlsConn = tls.Client(conn, tlsConfig)
|
||||
tlsConn := utls.UClient(conn, &utls.Config{
|
||||
ServerName: tlsConfig.ServerName,
|
||||
InsecureSkipVerify: tlsConfig.InsecureSkipVerify,
|
||||
}, utls.HelloChrome_102)
|
||||
|
||||
// Otherwise perform handshake, but don't verify the domain
|
||||
//
|
||||
|
||||
Reference in New Issue
Block a user