drygdryg/zapret
1
0
Fork 0
mirror of https://github.com/bol-van/zapret.git synced 2025-05-24 22:32:58 +03:00
Code Issues Packages Projects Releases Wiki Activity

nfqws,tpws: debug tls version

Browse Source
This commit is contained in:
bol-van
2025-04-13 15:27:50 +03:00
parent b12b1a5a17
commit d19f6c19a4
7 changed files with 93 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
tpws/protocol.c
View File

@@ -339,6 +339,20 @@ size_t HttpPos(uint8_t posmarker, int16_t pos, const uint8_t *data, size_t sz)
const char *TLSVersionStr(uint16_t tlsver)
{
switch(tlsver)
{
case 0x0301: return "TLS 1.0";
case 0x0302: return "TLS 1.1";
case 0x0303: return "TLS 1.2";
case 0x0304: return "TLS 1.3";
default:
// 0x0a0a, 0x1a1a, ..., 0xfafa
return (((tlsver & 0x0F0F) == 0x0A0A) && ((tlsver>>12)==((tlsver>>4)&0xF))) ? "GREASE" : "UNKNOWN";
}
}
uint16_t TLSRecordDataLen(const uint8_t *data)
{
return pntoh16(data + 3);

1
tpws/protocol.h
View File

@@ -53,6 +53,7 @@ int HttpReplyCode(const uint8_t *data, size_t len);
// must be pre-checked by IsHttpReply
bool HttpReplyLooksLikeDPIRedirect(const uint8_t *data, size_t len, const char *host);
const char *TLSVersionStr(uint16_t tlsver);
uint16_t TLSRecordDataLen(const uint8_t *data);
size_t TLSRecordLen(const uint8_t *data);
bool IsTLSRecordFull(const uint8_t *data, size_t len);

29
tpws/tamper.c
View File

@@ -15,6 +15,34 @@ void packet_debug(const uint8_t *data, size_t sz)
hexdump_limited_dlog(data, sz, PKTDATA_MAXDUMP); VPRINT("\n");
}
void TLSDebug(const uint8_t *tls,size_t sz)
{
if (sz<11) return;
uint16_t v_rec=pntoh16(tls+1), v_handshake=pntoh16(tls+9), v;
VPRINT("TLS record layer version : %s\nTLS handshake version : %s\n",TLSVersionStr(v_rec),TLSVersionStr(v_handshake));
const uint8_t *ext_supvers;
size_t len_supvers,len_supvers2;
if (TLSFindExt(tls,sz,43,&ext_supvers,&len_supvers,false))
{
if (len_supvers)
{
len_supvers2 = ext_supvers[0];
if (len_supvers2<len_supvers)
{
for(ext_supvers++,len_supvers2&=~1 ; len_supvers2 ; len_supvers2-=2,ext_supvers+=2)
{
v = pntoh16(ext_supvers);
VPRINT("TLS supported versions ext : %s\n",TLSVersionStr(v));
}
}
}
}
else
VPRINT("TLS supported versions ext : not present\n");
}
static bool dp_match(struct desync_profile *dp, const struct sockaddr *dest, const char *hostname, t_l7proto l7proto)
{
bool bHostlistsEmpty;
@@ -130,6 +158,7 @@ void tamper_out(t_ctrack *ctrack, const struct sockaddr *dest, uint8_t *segment,
{
VPRINT("Data block contains TLS ClientHello\n");
l7proto=TLS;
if (params.debug) TLSDebug(segment,*size);
bHaveHost=TLSHelloExtractHost((uint8_t*)segment,*size,Host,sizeof(Host),false);
}
else