From ed174789619ecaa20838f8c91bb3573052870675 Mon Sep 17 00:00:00 2001
From: H1JK <hell0jack@protonmail.com>
Date: Sat, 13 May 2023 09:38:14 +0800
Subject: [PATCH] feat: Support insecure gRPC

---
 adapter/outbound/vless.go | 22 +++++++++++++---------
 adapter/outbound/vmess.go | 27 ++++++++++++---------------
 transport/gun/gun.go      |  5 ++++-
 3 files changed, 29 insertions(+), 25 deletions(-)

diff --git a/adapter/outbound/vless.go b/adapter/outbound/vless.go
index 82ecf9273b..048350e9b4 100644
--- a/adapter/outbound/vless.go
+++ b/adapter/outbound/vless.go
@@ -596,15 +596,19 @@ func NewVless(option VlessOption) (*Vless, error) {
 			Host:              v.option.ServerName,
 			ClientFingerprint: v.option.ClientFingerprint,
 		}
-		tlsConfig := tlsC.GetGlobalTLSConfig(&tls.Config{
-			InsecureSkipVerify: v.option.SkipCertVerify,
-			ServerName:         v.option.ServerName,
-		})
-
-		if v.option.ServerName == "" {
-			host, _, _ := net.SplitHostPort(v.addr)
-			tlsConfig.ServerName = host
-			gunConfig.Host = host
+		if option.ServerName == "" {
+			gunConfig.Host = v.addr
+		}
+		var tlsConfig *tls.Config
+		if option.TLS {
+			tlsConfig = tlsC.GetGlobalTLSConfig(&tls.Config{
+				InsecureSkipVerify: v.option.SkipCertVerify,
+				ServerName:         v.option.ServerName,
+			})
+			if option.ServerName == "" {
+				host, _, _ := net.SplitHostPort(v.addr)
+				tlsConfig.ServerName = host
+			}
 		}
 
 		v.gunTLSConfig = tlsConfig
diff --git a/adapter/outbound/vmess.go b/adapter/outbound/vmess.go
index 91e509d73b..c0063b3e6c 100644
--- a/adapter/outbound/vmess.go
+++ b/adapter/outbound/vmess.go
@@ -413,13 +413,6 @@ func NewVmess(option VmessOption) (*Vmess, error) {
 		option.PacketAddr = false
 	}
 
-	switch option.Network {
-	case "h2", "grpc":
-		if !option.TLS {
-			option.TLS = true
-		}
-	}
-
 	v := &Vmess{
 		Base: &Base{
 			name:   option.Name,
@@ -464,15 +457,19 @@ func NewVmess(option VmessOption) (*Vmess, error) {
 			Host:              v.option.ServerName,
 			ClientFingerprint: v.option.ClientFingerprint,
 		}
-		tlsConfig := &tls.Config{
-			InsecureSkipVerify: v.option.SkipCertVerify,
-			ServerName:         v.option.ServerName,
+		if option.ServerName == "" {
+			gunConfig.Host = v.addr
 		}
-
-		if v.option.ServerName == "" {
-			host, _, _ := net.SplitHostPort(v.addr)
-			tlsConfig.ServerName = host
-			gunConfig.Host = host
+		var tlsConfig *tls.Config
+		if option.TLS {
+			tlsConfig = tlsC.GetGlobalTLSConfig(&tls.Config{
+				InsecureSkipVerify: v.option.SkipCertVerify,
+				ServerName:         v.option.ServerName,
+			})
+			if option.ServerName == "" {
+				host, _, _ := net.SplitHostPort(v.addr)
+				tlsConfig.ServerName = host
+			}
 		}
 
 		v.gunTLSConfig = tlsConfig
diff --git a/transport/gun/gun.go b/transport/gun/gun.go
index 36cf68f8aa..e98f7fb5b7 100644
--- a/transport/gun/gun.go
+++ b/transport/gun/gun.go
@@ -199,9 +199,12 @@ func NewHTTP2Client(dialFn DialFn, tlsConfig *tls.Config, Fingerprint string, re
 		if err != nil {
 			return nil, err
 		}
-
 		wrap.remoteAddr = pconn.RemoteAddr()
 
+		if tlsConfig == nil {
+			return pconn, nil
+		}
+
 		if len(Fingerprint) != 0 {
 			if realityConfig == nil {
 				if fingerprint, exists := tlsC.GetFingerprint(Fingerprint); exists {