utls

2023-11-15 15:45:09 +08:00
parent 52aa2027d0
commit 3038eb66d8
5 changed files with 118 additions and 77 deletions
--- a/dialer/mws/dialer.go
+++ b/dialer/mws/dialer.go
@ -3,6 +3,8 @@ package mws
 import (
 	"context"
 	"errors"
+	"github.com/go-gost/x/util"
+	tls "github.com/refraction-networking/utls"
 	"net"
 	"net/url"
 	"sync"
@ -158,6 +160,28 @@ func (d *mwsDialer) initSession(ctx context.Context, host string, conn net.Conn,
 	if d.tlsEnabled {
 		url.Scheme = "wss"
 		dialer.TLSClientConfig = d.options.TLSConfig
+		tlsConfig := d.options.TLSConfig
+		dialer.NetDialTLSContext = func(ctx context.Context, network, addr string) (net.Conn, error) {
+			utlsConf := &tls.Config{InsecureSkipVerify: tlsConfig.InsecureSkipVerify, ServerName: tlsConfig.ServerName, ClientAuth: tls.ClientAuthType(tlsConfig.ClientAuth), ClientCAs: tlsConfig.ClientCAs, RootCAs: tlsConfig.RootCAs}
+			if len(tlsConfig.Certificates) > 0 {
+				for _, certificate := range tlsConfig.Certificates {
+					utlsConf.Certificates = append(utlsConf.Certificates, tls.Certificate{
+						Certificate:                 certificate.Certificate,
+						PrivateKey:                  certificate.PrivateKey,
+						OCSPStaple:                  certificate.OCSPStaple,
+						SignedCertificateTimestamps: certificate.SignedCertificateTimestamps,
+						Leaf:                        certificate.Leaf,
+					})
+				}
+			}
+			client := tls.UClient(conn, utlsConf, tls.HelloCustom)
+			client.ApplyPreset(util.NewWsSpec())
+			err := client.Handshake()
+			if err != nil {
+				return nil, err
+			}
+			return client, nil
+		}
 	}

 	if d.md.handshakeTimeout > 0 {