chore: simplifying the old fingerprint processing method

component/tls/reality.go

@@ -26,7 +26,6 @@ import (
 	utls "github.com/metacubex/utls"
 	"golang.org/x/crypto/chacha20poly1305"
 	"golang.org/x/crypto/hkdf"
-	"golang.org/x/exp/slices"
 	"golang.org/x/net/http2"
 )
 
@@ -51,6 +50,10 @@ func GetRealityConn(ctx context.Context, conn net.Conn, fingerprint UClientHello
 			VerifyPeerCertificate:  verifier.VerifyPeerCertificate,
 		}
 
+		if !realityConfig.SupportX25519MLKEM768 && fingerprint == HelloChrome_Auto {
+			fingerprint = HelloChrome_120 // old reality server doesn't work with X25519MLKEM768
+		}
+
 		uConn := utls.UClient(conn, uConfig, fingerprint)
 		verifier.UConn = uConn
 		err := uConn.BuildHandshakeState()
@@ -58,29 +61,6 @@ func GetRealityConn(ctx context.Context, conn net.Conn, fingerprint UClientHello
 			return nil, err
 		}
 
-		if !realityConfig.SupportX25519MLKEM768 {
-			// ------for X25519MLKEM768 does not work properly with the old reality server-------
-			// Iterate over extensions and check
-			for _, extension := range uConn.Extensions {
-				if ce, ok := extension.(*utls.SupportedCurvesExtension); ok {
-					ce.Curves = slices.DeleteFunc(ce.Curves, func(curveID utls.CurveID) bool {
-						return curveID == utls.X25519MLKEM768
-					})
-				}
-				if ks, ok := extension.(*utls.KeyShareExtension); ok {
-					ks.KeyShares = slices.DeleteFunc(ks.KeyShares, func(share utls.KeyShare) bool {
-						return share.Group == utls.X25519MLKEM768
-					})
-				}
-			}
-			// Rebuild the client hello
-			err = uConn.BuildHandshakeState()
-			if err != nil {
-				return nil, err
-			}
-			// --------------------------------------------------------------------
-		}
-
 		hello := uConn.HandshakeState.Hello
 		rawSessionID := hello.Raw[39 : 39+32] // the location of session ID
 		for i := range rawSessionID {         // https://github.com/golang/go/issues/5373

component/tls/utls.go

@@ -16,6 +16,7 @@ type Conn = utls.Conn
 type UConn = utls.UConn
 type UClientHelloID = utls.ClientHelloID
 
+const VersionTLS12 = utls.VersionTLS12
 const VersionTLS13 = utls.VersionTLS13
 
 func Client(c net.Conn, config *utls.Config) *Conn {
@@ -26,6 +27,10 @@ func UClient(c net.Conn, config *utls.Config, fingerprint UClientHelloID) *UConn
 	return utls.UClient(c, config, fingerprint)
 }
 
+func Server(c net.Conn, config *utls.Config) *Conn {
+	return utls.Server(c, config)
+}
+
 func NewListener(inner net.Listener, config *Config) net.Listener {
 	return utls.NewListener(inner, config)
 }
@@ -69,21 +74,26 @@ var randomFingerprint = once.OnceValue(func() UClientHelloID {
 	return fingerprint
 })
 
+var HelloChrome_Auto = utls.HelloChrome_Auto
+var HelloChrome_120 = utls.HelloChrome_120 // special fingerprint for some old protocols doesn't work with HelloChrome_Auto
+
 var fingerprints = map[string]UClientHelloID{
-	"chrome":                     utls.HelloChrome_Auto,
+	"chrome":  utls.HelloChrome_Auto,
+	"firefox": utls.HelloFirefox_Auto,
+	"safari":  utls.HelloSafari_Auto,
+	"ios":     utls.HelloIOS_Auto,
+	"android": utls.HelloAndroid_11_OkHttp,
+	"edge":    utls.HelloEdge_Auto,
+	"360":     utls.Hello360_Auto,
+	"qq":      utls.HelloQQ_Auto,
+	"random":  {},
+
+	// deprecated fingerprints should not be used
 	"chrome_psk":                 utls.HelloChrome_100_PSK,
 	"chrome_psk_shuffle":         utls.HelloChrome_106_Shuffle,
 	"chrome_padding_psk_shuffle": utls.HelloChrome_114_Padding_PSK_Shuf,
 	"chrome_pq":                  utls.HelloChrome_115_PQ,
 	"chrome_pq_psk":              utls.HelloChrome_115_PQ_PSK,
-	"firefox":                    utls.HelloFirefox_Auto,
-	"safari":                     utls.HelloSafari_Auto,
-	"ios":                        utls.HelloIOS_Auto,
-	"android":                    utls.HelloAndroid_11_OkHttp,
-	"edge":                       utls.HelloEdge_Auto,
-	"360":                        utls.Hello360_Auto,
-	"qq":                         utls.HelloQQ_Auto,
-	"random":                     {},
 	"randomized":                 utls.HelloRandomized,
 }