mirror of
https://github.com/bol-van/zapret.git
synced 2025-04-24 10:32:03 +05:00
nfqws,tpws: debug tls version
This commit is contained in:
bol-van
parent
b12b1a5a17
commit
d19f6c19a4
@ -481,3 +481,7 @@ nfqws: update default TLS ClientHello fake. firefox 136.0.4 finger, no kyber, SN
|
|||||||
nfqws: multiple mods for multiple TLS fakes
|
nfqws: multiple mods for multiple TLS fakes
|
||||||
init.d: remove 50-discord
|
init.d: remove 50-discord
|
||||||
blockcheck: use tpws --fix-seg on linux for multiple splits
|
blockcheck: use tpws --fix-seg on linux for multiple splits
|
||||||
|
|
||||||
|
v70.7
|
||||||
|
|
||||||
|
nfqws,tpws: debug tls version
|
||||||
|
|||||||
31
nfq/desync.c
31
nfq/desync.c
@ -83,6 +83,35 @@ const uint8_t fake_tls_clienthello_default[680] = {
|
|||||||
#define TCP_MAX_REASM 16384
|
#define TCP_MAX_REASM 16384
|
||||||
#define UDP_MAX_REASM 16384
|
#define UDP_MAX_REASM 16384
|
||||||
|
|
||||||
|
void TLSDebug(const uint8_t *tls,size_t sz)
|
||||||
|
{
|
||||||
|
if (sz<11) return;
|
||||||
|
|
||||||
|
uint16_t v_rec=pntoh16(tls+1), v_handshake=pntoh16(tls+9), v;
|
||||||
|
DLOG("TLS record layer version : %s\nTLS handshake version : %s\n",TLSVersionStr(v_rec),TLSVersionStr(v_handshake));
|
||||||
|
|
||||||
|
const uint8_t *ext_supvers;
|
||||||
|
size_t len_supvers,len_supvers2;
|
||||||
|
if (TLSFindExt(tls,sz,43,&ext_supvers,&len_supvers,false))
|
||||||
|
{
|
||||||
|
if (len_supvers)
|
||||||
|
{
|
||||||
|
len_supvers2 = ext_supvers[0];
|
||||||
|
if (len_supvers2<len_supvers)
|
||||||
|
{
|
||||||
|
for(ext_supvers++,len_supvers2&=~1 ; len_supvers2 ; len_supvers2-=2,ext_supvers+=2)
|
||||||
|
{
|
||||||
|
v = pntoh16(ext_supvers);
|
||||||
|
DLOG("TLS supported versions ext : %s\n",TLSVersionStr(v));
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
else
|
||||||
|
DLOG("TLS supported versions ext : not present\n");
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
bool desync_valid_zero_stage(enum dpi_desync_mode mode)
|
bool desync_valid_zero_stage(enum dpi_desync_mode mode)
|
||||||
{
|
{
|
||||||
return mode==DESYNC_SYNACK || mode==DESYNC_SYNDATA;
|
return mode==DESYNC_SYNACK || mode==DESYNC_SYNDATA;
|
||||||
@ -966,6 +995,8 @@ static uint8_t dpi_desync_tcp_packet_play(bool replay, size_t reasm_offset, uint
|
|||||||
DLOG(bReqFull ? "packet contains full TLS ClientHello\n" : "packet contains partial TLS ClientHello\n");
|
DLOG(bReqFull ? "packet contains full TLS ClientHello\n" : "packet contains partial TLS ClientHello\n");
|
||||||
l7proto = TLS;
|
l7proto = TLS;
|
||||||
|
|
||||||
|
if (bReqFull && params.debug) TLSDebug(rdata_payload,rlen_payload);
|
||||||
|
|
||||||
bHaveHost=TLSHelloExtractHost(rdata_payload,rlen_payload,host,sizeof(host),TLS_PARTIALS_ENABLE);
|
bHaveHost=TLSHelloExtractHost(rdata_payload,rlen_payload,host,sizeof(host),TLS_PARTIALS_ENABLE);
|
||||||
|
|
||||||
if (ctrack)
|
if (ctrack)
|
||||||
|
|||||||
@ -345,6 +345,19 @@ size_t HttpPos(uint8_t posmarker, int16_t pos, const uint8_t *data, size_t sz)
|
|||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
const char *TLSVersionStr(uint16_t tlsver)
|
||||||
|
{
|
||||||
|
switch(tlsver)
|
||||||
|
{
|
||||||
|
case 0x0301: return "TLS 1.0";
|
||||||
|
case 0x0302: return "TLS 1.1";
|
||||||
|
case 0x0303: return "TLS 1.2";
|
||||||
|
case 0x0304: return "TLS 1.3";
|
||||||
|
default:
|
||||||
|
// 0x0a0a, 0x1a1a, ..., 0xfafa
|
||||||
|
return (((tlsver & 0x0F0F) == 0x0A0A) && ((tlsver>>12)==((tlsver>>4)&0xF))) ? "GREASE" : "UNKNOWN";
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
uint16_t TLSRecordDataLen(const uint8_t *data)
|
uint16_t TLSRecordDataLen(const uint8_t *data)
|
||||||
{
|
{
|
||||||
|
|||||||
@ -57,6 +57,7 @@ int HttpReplyCode(const uint8_t *data, size_t len);
|
|||||||
// must be pre-checked by IsHttpReply
|
// must be pre-checked by IsHttpReply
|
||||||
bool HttpReplyLooksLikeDPIRedirect(const uint8_t *data, size_t len, const char *host);
|
bool HttpReplyLooksLikeDPIRedirect(const uint8_t *data, size_t len, const char *host);
|
||||||
|
|
||||||
|
const char *TLSVersionStr(uint16_t tlsver);
|
||||||
uint16_t TLSRecordDataLen(const uint8_t *data);
|
uint16_t TLSRecordDataLen(const uint8_t *data);
|
||||||
size_t TLSRecordLen(const uint8_t *data);
|
size_t TLSRecordLen(const uint8_t *data);
|
||||||
bool IsTLSRecordFull(const uint8_t *data, size_t len);
|
bool IsTLSRecordFull(const uint8_t *data, size_t len);
|
||||||
|
|||||||
@ -339,6 +339,20 @@ size_t HttpPos(uint8_t posmarker, int16_t pos, const uint8_t *data, size_t sz)
|
|||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
const char *TLSVersionStr(uint16_t tlsver)
|
||||||
|
{
|
||||||
|
switch(tlsver)
|
||||||
|
{
|
||||||
|
case 0x0301: return "TLS 1.0";
|
||||||
|
case 0x0302: return "TLS 1.1";
|
||||||
|
case 0x0303: return "TLS 1.2";
|
||||||
|
case 0x0304: return "TLS 1.3";
|
||||||
|
default:
|
||||||
|
// 0x0a0a, 0x1a1a, ..., 0xfafa
|
||||||
|
return (((tlsver & 0x0F0F) == 0x0A0A) && ((tlsver>>12)==((tlsver>>4)&0xF))) ? "GREASE" : "UNKNOWN";
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
uint16_t TLSRecordDataLen(const uint8_t *data)
|
uint16_t TLSRecordDataLen(const uint8_t *data)
|
||||||
{
|
{
|
||||||
return pntoh16(data + 3);
|
return pntoh16(data + 3);
|
||||||
|
|||||||
@ -53,6 +53,7 @@ int HttpReplyCode(const uint8_t *data, size_t len);
|
|||||||
// must be pre-checked by IsHttpReply
|
// must be pre-checked by IsHttpReply
|
||||||
bool HttpReplyLooksLikeDPIRedirect(const uint8_t *data, size_t len, const char *host);
|
bool HttpReplyLooksLikeDPIRedirect(const uint8_t *data, size_t len, const char *host);
|
||||||
|
|
||||||
|
const char *TLSVersionStr(uint16_t tlsver);
|
||||||
uint16_t TLSRecordDataLen(const uint8_t *data);
|
uint16_t TLSRecordDataLen(const uint8_t *data);
|
||||||
size_t TLSRecordLen(const uint8_t *data);
|
size_t TLSRecordLen(const uint8_t *data);
|
||||||
bool IsTLSRecordFull(const uint8_t *data, size_t len);
|
bool IsTLSRecordFull(const uint8_t *data, size_t len);
|
||||||
|
|||||||
@ -15,6 +15,34 @@ void packet_debug(const uint8_t *data, size_t sz)
|
|||||||
hexdump_limited_dlog(data, sz, PKTDATA_MAXDUMP); VPRINT("\n");
|
hexdump_limited_dlog(data, sz, PKTDATA_MAXDUMP); VPRINT("\n");
|
||||||
}
|
}
|
||||||
|
|
||||||
|
void TLSDebug(const uint8_t *tls,size_t sz)
|
||||||
|
{
|
||||||
|
if (sz<11) return;
|
||||||
|
|
||||||
|
uint16_t v_rec=pntoh16(tls+1), v_handshake=pntoh16(tls+9), v;
|
||||||
|
VPRINT("TLS record layer version : %s\nTLS handshake version : %s\n",TLSVersionStr(v_rec),TLSVersionStr(v_handshake));
|
||||||
|
|
||||||
|
const uint8_t *ext_supvers;
|
||||||
|
size_t len_supvers,len_supvers2;
|
||||||
|
if (TLSFindExt(tls,sz,43,&ext_supvers,&len_supvers,false))
|
||||||
|
{
|
||||||
|
if (len_supvers)
|
||||||
|
{
|
||||||
|
len_supvers2 = ext_supvers[0];
|
||||||
|
if (len_supvers2<len_supvers)
|
||||||
|
{
|
||||||
|
for(ext_supvers++,len_supvers2&=~1 ; len_supvers2 ; len_supvers2-=2,ext_supvers+=2)
|
||||||
|
{
|
||||||
|
v = pntoh16(ext_supvers);
|
||||||
|
VPRINT("TLS supported versions ext : %s\n",TLSVersionStr(v));
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
else
|
||||||
|
VPRINT("TLS supported versions ext : not present\n");
|
||||||
|
}
|
||||||
|
|
||||||
static bool dp_match(struct desync_profile *dp, const struct sockaddr *dest, const char *hostname, t_l7proto l7proto)
|
static bool dp_match(struct desync_profile *dp, const struct sockaddr *dest, const char *hostname, t_l7proto l7proto)
|
||||||
{
|
{
|
||||||
bool bHostlistsEmpty;
|
bool bHostlistsEmpty;
|
||||||
@ -130,6 +158,7 @@ void tamper_out(t_ctrack *ctrack, const struct sockaddr *dest, uint8_t *segment,
|
|||||||
{
|
{
|
||||||
VPRINT("Data block contains TLS ClientHello\n");
|
VPRINT("Data block contains TLS ClientHello\n");
|
||||||
l7proto=TLS;
|
l7proto=TLS;
|
||||||
|
if (params.debug) TLSDebug(segment,*size);
|
||||||
bHaveHost=TLSHelloExtractHost((uint8_t*)segment,*size,Host,sizeof(Host),false);
|
bHaveHost=TLSHelloExtractHost((uint8_t*)segment,*size,Host,sizeof(Host),false);
|
||||||
}
|
}
|
||||||
else
|
else
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user