Fix: vmess pure TLS mode

This commit is contained in:
gVisor bot 2020-04-03 16:04:24 +08:00
parent 618b7e6101
commit 158727f7b3
2 changed files with 36 additions and 1 deletions

View File

@ -77,7 +77,18 @@ func (v *Vmess) StreamConn(c net.Conn, metadata *C.Metadata) (net.Conn, error) {
Headers: v.option.HTTPOpts.Headers,
}
c, err = vmess.StreamHTTPConn(c, httpOpts), nil
c = vmess.StreamHTTPConn(c, httpOpts)
default:
// handle TLS
if v.option.TLS {
host, _, _ := net.SplitHostPort(v.addr)
tlsOpts := &vmess.TLSConfig{
Host: host,
SkipCertVerify: v.option.SkipCertVerify,
SessionCache: getClientSessionCache(),
}
c, err = vmess.StreamTLSConn(c, tlsOpts)
}
}
if err != nil {

24
component/vmess/tls.go Normal file
View File

@ -0,0 +1,24 @@
package vmess
import (
"crypto/tls"
"net"
)
type TLSConfig struct {
Host string
SkipCertVerify bool
SessionCache tls.ClientSessionCache
}
func StreamTLSConn(conn net.Conn, cfg *TLSConfig) (net.Conn, error) {
tlsConfig := &tls.Config{
ServerName: cfg.Host,
InsecureSkipVerify: cfg.SkipCertVerify,
ClientSessionCache: cfg.SessionCache,
}
tlsConn := tls.Client(conn, tlsConfig)
err := tlsConn.Handshake()
return tlsConn, err
}