From fc9e85dba04cb0c8a06040414cc74ef4992daa28 Mon Sep 17 00:00:00 2001
From: Vladislav Yarmak <vladislav-ex-src@vm-0.com>
Date: Sun, 25 Feb 2024 00:01:11 +0200
Subject: [PATCH] final fixes for utls impl.

---
 holaapi.go   | 14 +++++++-------
 plaintext.go |  2 +-
 upstream.go  |  2 +-
 3 files changed, 9 insertions(+), 9 deletions(-)

diff --git a/holaapi.go b/holaapi.go
index bef1b25..b0448ed 100644
--- a/holaapi.go
+++ b/holaapi.go
@@ -399,7 +399,6 @@ func httpClientWithProxy(agent *FallbackAgent) *http.Client {
 		ForceAttemptHTTP2:     true,
 		MaxIdleConns:          100,
 		IdleConnTimeout:       90 * time.Second,
-		TLSHandshakeTimeout:   10 * time.Second,
 		ExpectContinueTimeout: 1 * time.Second,
 	}
 	var dialer ContextDialer = baseDialer
@@ -414,22 +413,23 @@ func httpClientWithProxy(agent *FallbackAgent) *http.Client {
 	t.DialTLSContext = func(ctx context.Context, network, addr string) (net.Conn, error) {
 		host, _, err := net.SplitHostPort(addr)
 		if err != nil {
-			return nil, err
+			return nil, fmt.Errorf("hostname extraction error: %w", err)
 		}
 		conn, err := dialer.DialContext(ctx, network, addr)
 		if err != nil {
-			return nil, err
+			return nil, fmt.Errorf("can't prepare underlying connection for TLS session: %w", err)
 		}
 		var cfg tls.Config
 		if tlsConfig != nil {
 			cfg = *tlsConfig
 		}
 		cfg.ServerName = host
-		conn = tls.UClient(conn, &cfg, tls.HelloChrome_Auto)
-		if err := conn.(*tls.UConn).HandshakeContext(ctx); err != nil {
-			return nil, err
+		tlsConn := tls.UClient(conn, &cfg, tls.HelloRandomized)
+		if err := tlsConn.HandshakeContext(ctx); err != nil {
+			conn.Close()
+			return nil, fmt.Errorf("UClient handshake failed: %w", err)
 		}
-		return conn, nil
+		return tlsConn, nil
 	}
 	return &http.Client{
 		Transport: t,
diff --git a/plaintext.go b/plaintext.go
index 1fb0c2f..3f314c5 100644
--- a/plaintext.go
+++ b/plaintext.go
@@ -62,7 +62,7 @@ func (d *PlaintextDialer) DialContext(ctx context.Context, network, address stri
 				_, err := cs.PeerCertificates[0].Verify(opts)
 				return err
 			},
-		}, tls.HelloChrome_Auto)
+		}, tls.HelloRandomized)
 	}
 	return conn, nil
 }
diff --git a/upstream.go b/upstream.go
index 447bebd..160b1c3 100644
--- a/upstream.go
+++ b/upstream.go
@@ -122,7 +122,7 @@ func (d *ProxyDialer) DialContext(ctx context.Context, network, address string)
 				_, err := cs.PeerCertificates[0].Verify(opts)
 				return err
 			},
-		}, tls.HelloChrome_Auto)
+		}, tls.HelloRandomized)
 	}
 
 	req := &http.Request{