feat: Support REALITY protocol

transport/trojan/trojan.go

@@ -19,6 +19,7 @@ import (
 	"github.com/Dreamacro/clash/transport/socks5"
 	"github.com/Dreamacro/clash/transport/vless"
 	"github.com/Dreamacro/clash/transport/vmess"
+
 	xtls "github.com/xtls/go"
 )
 
@@ -54,6 +55,7 @@ type Option struct {
 	Flow              string
 	FlowShow          bool
 	ClientFingerprint string
+	Reality           *tlsC.RealityConfig
 }
 
 type WebsocketOption struct {
@@ -117,16 +119,24 @@ func (t *Trojan) StreamConn(conn net.Conn) (net.Conn, error) {
 		}
 
 		if len(t.option.ClientFingerprint) != 0 {
-			utlsConn, valid := vmess.GetUtlsConnWithClientFingerprint(conn, t.option.ClientFingerprint, tlsConfig)
-			if valid {
+			if t.option.Reality == nil {
+				utlsConn, valid := vmess.GetUTLSConn(conn, t.option.ClientFingerprint, tlsConfig)
+				if valid {
+					ctx, cancel := context.WithTimeout(context.Background(), C.DefaultTLSTimeout)
+					defer cancel()
+
+					err := utlsConn.(*tlsC.UConn).HandshakeContext(ctx)
+					return utlsConn, err
+				}
+			} else {
 				ctx, cancel := context.WithTimeout(context.Background(), C.DefaultTLSTimeout)
 				defer cancel()
-
-				err := utlsConn.(*tlsC.UConn).HandshakeContext(ctx)
-				return utlsConn, err
-
+				return tlsC.GetRealityConn(ctx, conn, t.option.ClientFingerprint, tlsConfig, t.option.Reality)
 			}
 		}
+		if t.option.Reality != nil {
+			return nil, errors.New("REALITY is based on uTLS, please set a client-fingerprint")
+		}
 
 		tlsConn := tls.Client(conn, tlsConfig)
 

transport/vmess/tls.go

@@ -3,6 +3,7 @@ package vmess
 import (
 	"context"
 	"crypto/tls"
+	"errors"
 	"net"
 
 	tlsC "github.com/Dreamacro/clash/component/tls"
@@ -15,6 +16,7 @@ type TLSConfig struct {
 	FingerPrint       string
 	ClientFingerprint string
 	NextProtos        []string
+	Reality           *tlsC.RealityConfig
 }
 
 func StreamTLSConn(conn net.Conn, cfg *TLSConfig) (net.Conn, error) {
@@ -34,15 +36,25 @@ func StreamTLSConn(conn net.Conn, cfg *TLSConfig) (net.Conn, error) {
 	}
 
 	if len(cfg.ClientFingerprint) != 0 {
-		utlsConn, valid := GetUtlsConnWithClientFingerprint(conn, cfg.ClientFingerprint, tlsConfig)
-		if valid {
+		if cfg.Reality == nil {
+			utlsConn, valid := GetUTLSConn(conn, cfg.ClientFingerprint, tlsConfig)
+			if valid {
+				ctx, cancel := context.WithTimeout(context.Background(), C.DefaultTLSTimeout)
+				defer cancel()
+
+				err := utlsConn.(*tlsC.UConn).HandshakeContext(ctx)
+				return utlsConn, err
+			}
+		} else {
 			ctx, cancel := context.WithTimeout(context.Background(), C.DefaultTLSTimeout)
 			defer cancel()
-
-			err := utlsConn.(*tlsC.UConn).HandshakeContext(ctx)
-			return utlsConn, err
+			return tlsC.GetRealityConn(ctx, conn, cfg.ClientFingerprint, tlsConfig, cfg.Reality)
 		}
 	}
+	if cfg.Reality != nil {
+		return nil, errors.New("REALITY is based on uTLS, please set a client-fingerprint")
+	}
+
 	tlsConn := tls.Client(conn, tlsConfig)
 
 	ctx, cancel := context.WithTimeout(context.Background(), C.DefaultTLSTimeout)
@@ -52,7 +64,7 @@ func StreamTLSConn(conn net.Conn, cfg *TLSConfig) (net.Conn, error) {
 	return tlsConn, err
 }
 
-func GetUtlsConnWithClientFingerprint(conn net.Conn, ClientFingerprint string, tlsConfig *tls.Config) (net.Conn, bool) {
+func GetUTLSConn(conn net.Conn, ClientFingerprint string, tlsConfig *tls.Config) (net.Conn, bool) {
 
 	if fingerprint, exists := tlsC.GetFingerprint(ClientFingerprint); exists {
 		utlsConn := tlsC.UClient(conn, tlsConfig, fingerprint)