From 3d2cb992faf4a3db2a459bacdf942bc4df4736fa Mon Sep 17 00:00:00 2001
From: wwqgtxx <wwqgtxx@gmail.com>
Date: Wed, 16 Apr 2025 01:00:06 +0800
Subject: [PATCH] fix: grpc outbound not apply ca fingerprint

---
 adapter/outbound/vless.go | 7 +++++--
 adapter/outbound/vmess.go | 7 +++++--
 2 files changed, 10 insertions(+), 4 deletions(-)

diff --git a/adapter/outbound/vless.go b/adapter/outbound/vless.go
index d4444cb0..cfb39e99 100644
--- a/adapter/outbound/vless.go
+++ b/adapter/outbound/vless.go
@@ -600,10 +600,13 @@ func NewVless(option VlessOption) (*Vless, error) {
 		}
 		var tlsConfig *tls.Config
 		if option.TLS {
-			tlsConfig = ca.GetGlobalTLSConfig(&tls.Config{
+			tlsConfig, err = ca.GetSpecifiedFingerprintTLSConfig(&tls.Config{
 				InsecureSkipVerify: v.option.SkipCertVerify,
 				ServerName:         v.option.ServerName,
-			})
+			}, v.option.Fingerprint)
+			if err != nil {
+				return nil, err
+			}
 			if option.ServerName == "" {
 				host, _, _ := net.SplitHostPort(v.addr)
 				tlsConfig.ServerName = host
diff --git a/adapter/outbound/vmess.go b/adapter/outbound/vmess.go
index 285fdc8e..35aacb78 100644
--- a/adapter/outbound/vmess.go
+++ b/adapter/outbound/vmess.go
@@ -511,10 +511,13 @@ func NewVmess(option VmessOption) (*Vmess, error) {
 		}
 		var tlsConfig *tls.Config
 		if option.TLS {
-			tlsConfig = ca.GetGlobalTLSConfig(&tls.Config{
+			tlsConfig, err = ca.GetSpecifiedFingerprintTLSConfig(&tls.Config{
 				InsecureSkipVerify: v.option.SkipCertVerify,
 				ServerName:         v.option.ServerName,
-			})
+			}, v.option.Fingerprint)
+			if err != nil {
+				return nil, err
+			}
 			if option.ServerName == "" {
 				host, _, _ := net.SplitHostPort(v.addr)
 				tlsConfig.ServerName = host