gfwleak/tango-tfe
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

修改ssl_chello_parse相关函数,处理TLS Grease导致的客户端标识不准确,详见 https://security.stackexchange.com/questions/176951/google-chrome-weird-random-cipher-suite

Browse Source
This commit is contained in:
zhengchao
2019-05-25 15:54:28 +08:00
parent 72d170aec2
commit 7431a0e50a
5 changed files with 264 additions and 239 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
platform/src/ssl_service_cache.cpp
View File

@@ -81,11 +81,14 @@ static size_t ssl_svc_client_st_mk_key(const struct ssl_chello* chello, char* ke
memcpy(key_buff+key_len, chello->sign_algos, chello->sign_algos_len);
key_len+=chello->sign_algos_len;
}
/*
//Temporary remove EC groups from client identifier for ssl_chello_parse cannot handling GREASE type.
if(chello->supported_groups && sz-key_len > chello->supported_groups_len)
{
memcpy(key_buff+key_len, chello->supported_groups, chello->supported_groups_len);
key_len+=chello->supported_groups_len;
}
*/
return key_len;
}
static long cli_st_read_cb(void * data, const uchar * key, uint size, void * user_arg)