chore: cleanup tls clientFingerprint code

This commit is contained in:
wwqgtxx
2025-04-29 21:15:48 +08:00
parent 936df90ace
commit ee5d77cfd1
8 changed files with 193 additions and 116 deletions

View File

@@ -32,20 +32,14 @@ func StreamTLSConn(ctx context.Context, conn net.Conn, cfg *TLSConfig) (net.Conn
return nil, err
}
clientFingerprint := cfg.ClientFingerprint
if tlsC.HaveGlobalFingerprint() && len(clientFingerprint) == 0 {
clientFingerprint = tlsC.GetGlobalFingerprint()
}
if len(clientFingerprint) != 0 {
if clientFingerprint, ok := tlsC.GetFingerprint(cfg.ClientFingerprint); ok {
if cfg.Reality == nil {
if fingerprint, exists := tlsC.GetFingerprint(clientFingerprint); exists {
utlsConn := tlsC.UClient(conn, tlsC.UConfig(tlsConfig), fingerprint)
err = utlsConn.HandshakeContext(ctx)
if err != nil {
return nil, err
}
return utlsConn, nil
tlsConn := tlsC.UClient(conn, tlsC.UConfig(tlsConfig), clientFingerprint)
err = tlsConn.HandshakeContext(ctx)
if err != nil {
return nil, err
}
return tlsConn, nil
} else {
return tlsC.GetRealityConn(ctx, conn, clientFingerprint, tlsConfig, cfg.Reality)
}

View File

@@ -351,31 +351,26 @@ func streamWebsocketConn(ctx context.Context, conn net.Conn, c *WebsocketConfig,
}
if config.ServerName == "" && !config.InsecureSkipVerify { // users must set either ServerName or InsecureSkipVerify in the config.
config = config.Clone()
config.ServerName = uri.Host
config.ServerName = c.Host
}
clientFingerprint := c.ClientFingerprint
if tlsC.HaveGlobalFingerprint() && len(clientFingerprint) == 0 {
clientFingerprint = tlsC.GetGlobalFingerprint()
}
if len(clientFingerprint) != 0 {
if fingerprint, exists := tlsC.GetFingerprint(clientFingerprint); exists {
utlsConn := tlsC.UClient(conn, tlsC.UConfig(config), fingerprint)
if err = tlsC.BuildWebsocketHandshakeState(utlsConn); err != nil {
return nil, fmt.Errorf("parse url %s error: %w", c.Path, err)
}
conn = utlsConn
if clientFingerprint, ok := tlsC.GetFingerprint(c.ClientFingerprint); ok {
tlsConn := tlsC.UClient(conn, tlsC.UConfig(config), clientFingerprint)
if err = tlsC.BuildWebsocketHandshakeState(tlsConn); err != nil {
return nil, fmt.Errorf("parse url %s error: %w", c.Path, err)
}
} else {
conn = tls.Client(conn, config)
}
if tlsConn, ok := conn.(interface {
HandshakeContext(ctx context.Context) error
}); ok {
if err = tlsConn.HandshakeContext(ctx); err != nil {
err = tlsConn.HandshakeContext(ctx)
if err != nil {
return nil, err
}
conn = tlsConn
} else {
tlsConn := tls.Client(conn, config)
err = tlsConn.HandshakeContext(ctx)
if err != nil {
return nil, err
}
conn = tlsConn
}
}