chore: update utls to 1.7.0

transport/gun/gun.go

@@ -244,7 +244,7 @@ func NewHTTP2Client(dialFn DialFn, tlsConfig *tls.Config, clientFingerprint stri
 		if len(clientFingerprint) != 0 {
 			if realityConfig == nil {
 				if fingerprint, exists := tlsC.GetFingerprint(clientFingerprint); exists {
-					utlsConn := tlsC.UClient(pconn, cfg, fingerprint)
+					utlsConn := tlsC.UClient(pconn, tlsC.UConfig(cfg), fingerprint)
 					if err := utlsConn.HandshakeContext(ctx); err != nil {
 						pconn.Close()
 						return nil, err

transport/restls/restls.go

@@ -19,8 +19,12 @@ func (r *Restls) Upstream() any {
 	return r.UConn.NetConn()
 }
 
+type Config = tls.Config
+
+var NewRestlsConfig = tls.NewRestlsConfig
+
 // NewRestls return a Restls Connection
-func NewRestls(ctx context.Context, conn net.Conn, config *tls.Config) (net.Conn, error) {
+func NewRestls(ctx context.Context, conn net.Conn, config *Config) (net.Conn, error) {
 	clientHellowID := tls.HelloChrome_Auto
 	if config != nil {
 		clientIDPtr := config.ClientID.Load()

transport/sing-shadowtls/shadowtls.go

@@ -11,7 +11,6 @@ import (
 
 	"github.com/metacubex/sing-shadowtls"
 	utls "github.com/metacubex/utls"
-	sing_common "github.com/sagernet/sing/common"
 )
 
 const (
@@ -60,32 +59,15 @@ func NewShadowTLS(ctx context.Context, conn net.Conn, option *ShadowTLSOption) (
 
 func uTLSHandshakeFunc(config *tls.Config, clientFingerprint string) shadowtls.TLSHandshakeFunc {
 	return func(ctx context.Context, conn net.Conn, sessionIDGenerator shadowtls.TLSSessionIDGeneratorFunc) error {
-		tlsConfig := &utls.Config{
-			Rand:                  config.Rand,
-			Time:                  config.Time,
-			VerifyPeerCertificate: config.VerifyPeerCertificate,
-			RootCAs:               config.RootCAs,
-			NextProtos:            config.NextProtos,
-			ServerName:            config.ServerName,
-			InsecureSkipVerify:    config.InsecureSkipVerify,
-			CipherSuites:          config.CipherSuites,
-			MinVersion:            config.MinVersion,
-			MaxVersion:            config.MaxVersion,
-			CurvePreferences: sing_common.Map(config.CurvePreferences, func(it tls.CurveID) utls.CurveID {
-				return utls.CurveID(it)
-			}),
-			SessionTicketsDisabled: config.SessionTicketsDisabled,
-			Renegotiation:          utls.RenegotiationSupport(config.Renegotiation),
-			SessionIDGenerator:     sessionIDGenerator,
-		}
+		tlsConfig := tlsC.UConfig(config)
+		tlsConfig.SessionIDGenerator = sessionIDGenerator
 		clientFingerprint := clientFingerprint
 		if tlsC.HaveGlobalFingerprint() && len(clientFingerprint) == 0 {
 			clientFingerprint = tlsC.GetGlobalFingerprint()
 		}
 		if len(clientFingerprint) != 0 {
 			if fingerprint, exists := tlsC.GetFingerprint(clientFingerprint); exists {
-				clientHelloID := *fingerprint.ClientHelloID
-				tlsConn := utls.UClient(conn, tlsConfig, clientHelloID)
+				tlsConn := tlsC.UClient(conn, tlsConfig, fingerprint)
 				return tlsConn.HandshakeContext(ctx)
 			}
 		}

transport/vless/vision/conn.go

@@ -12,10 +12,10 @@ import (
 
 	"github.com/metacubex/mihomo/common/buf"
 	N "github.com/metacubex/mihomo/common/net"
+	tlsC "github.com/metacubex/mihomo/component/tls"
 	"github.com/metacubex/mihomo/log"
 
 	"github.com/gofrs/uuid/v5"
-	utls "github.com/metacubex/utls"
 )
 
 var (
@@ -187,8 +187,8 @@ func (vc *Conn) WriteBuffer(buffer *buf.Buffer) (err error) {
 				buffer.Release()
 				return ErrNotTLS13
 			}
-		case *utls.UConn:
-			if underlying.ConnectionState().Version != utls.VersionTLS13 {
+		case *tlsC.UConn:
+			if underlying.ConnectionState().Version != tlsC.VersionTLS13 {
 				buffer.Release()
 				return ErrNotTLS13
 			}

transport/vless/vision/vision.go

@@ -14,7 +14,6 @@ import (
 	tlsC "github.com/metacubex/mihomo/component/tls"
 
 	"github.com/gofrs/uuid/v5"
-	utls "github.com/metacubex/utls"
 	"github.com/sagernet/sing/common"
 )
 
@@ -46,16 +45,10 @@ func NewConn(conn connWithUpstream, userUUID *uuid.UUID) (*Conn, error) {
 		c.tlsConn = underlying
 		t = reflect.TypeOf(underlying).Elem()
 		p = unsafe.Pointer(underlying)
-	case *utls.UConn:
-		//log.Debugln("type *utls.UConn")
-		c.Conn = underlying.NetConn()
-		c.tlsConn = underlying
-		t = reflect.TypeOf(underlying.Conn).Elem()
-		p = unsafe.Pointer(underlying.Conn)
 	case *tlsC.UConn:
 		//log.Debugln("type *tlsC.UConn")
 		c.Conn = underlying.NetConn()
-		c.tlsConn = underlying.UConn
+		c.tlsConn = underlying
 		t = reflect.TypeOf(underlying.Conn).Elem()
 		//log.Debugln("t:%v", t)
 		p = unsafe.Pointer(underlying.Conn)

transport/vmess/tls.go

@@ -39,7 +39,7 @@ func StreamTLSConn(ctx context.Context, conn net.Conn, cfg *TLSConfig) (net.Conn
 	if len(clientFingerprint) != 0 {
 		if cfg.Reality == nil {
 			if fingerprint, exists := tlsC.GetFingerprint(clientFingerprint); exists {
-				utlsConn := tlsC.UClient(conn, tlsConfig, fingerprint)
+				utlsConn := tlsC.UClient(conn, tlsC.UConfig(tlsConfig), fingerprint)
 				err = utlsConn.HandshakeContext(ctx)
 				if err != nil {
 					return nil, err

transport/vmess/websocket.go

@@ -360,8 +360,8 @@ func streamWebsocketConn(ctx context.Context, conn net.Conn, c *WebsocketConfig,
 		}
 		if len(clientFingerprint) != 0 {
 			if fingerprint, exists := tlsC.GetFingerprint(clientFingerprint); exists {
-				utlsConn := tlsC.UClient(conn, config, fingerprint)
-				if err = utlsConn.BuildWebsocketHandshakeState(); err != nil {
+				utlsConn := tlsC.UClient(conn, tlsC.UConfig(config), fingerprint)
+				if err = tlsC.BuildWebsocketHandshakeState(utlsConn); err != nil {
 					return nil, fmt.Errorf("parse url %s error: %w", c.Path, err)
 				}
 				conn = utlsConn