gfwleak/tango-tfe
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

修改ssl_chello_parse相关函数,处理TLS Grease导致的客户端标识不准确,详见 https://security.stackexchange.com/questions/176951/google-chrome-weird-random-cipher-suite

Browse Source
This commit is contained in:
zhengchao
2019-05-25 15:54:28 +08:00
parent 72d170aec2
commit 7431a0e50a
5 changed files with 264 additions and 239 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
platform/test/test_chello_parse.cpp
View File

@@ -43,7 +43,7 @@ int ssl2_test(){
};
size_t buff_len = sizeof(buff) / sizeof(char);
enum chello_parse_result result;
struct ssl_chello* chello = ssl_chello_parse(buff, buff_len, 1, &result);
struct ssl_chello* chello = ssl_chello_parse(buff, buff_len, &result);
printf("-----------------------------ssl2.0 only parse version --------------------------------\n");
printf("result is %d\n", result);
printf("min version is %d, %d\n", chello->min_version.major, chello->min_version.minor);
@@ -69,7 +69,7 @@ int ssl3_test(){
};
size_t buff1_len = sizeof(buff1) / sizeof(char);
enum chello_parse_result result1;
struct ssl_chello* chello1 = ssl_chello_parse(buff1, buff1_len, 1, &result1);
struct ssl_chello* chello1 = ssl_chello_parse(buff1, buff1_len, &result1);
printf("--------------------------------ssl3.0, no extensions --------------------------------\n");
printf("result is %d\n", result1);
printf("min version is %d, %d\n", chello1->min_version.major, chello1->min_version.minor);
@@ -102,7 +102,7 @@ int tls12_test(){
};
int len = sizeof(buff);
enum chello_parse_result result;
struct ssl_chello* chello = ssl_chello_parse(buff, len, 1, &result);
struct ssl_chello* chello = ssl_chello_parse(buff, len, &result);
printf("---------------------------tls1.2 --------------------------------\n");
printf("result is %d\n", result);
printf("min version: %d, %d, ossl format: %x\n", chello->min_version.major, chello->min_version.minor, chello->min_version.ossl_format);
@@ -111,7 +111,7 @@ int tls12_test(){
unsigned char cipher_suites[1024];
memcpy(cipher_suites, chello->cipher_suites, chello->cipher_suites_len);
char target_common[1024], target_tls13[1024];
ssl_cipher_suites_convert(chello->cipher_suites, chello->cipher_suites_len, target_common, target_tls13);
ssl_cipher_suites_to_name(chello->cipher_suites, chello->cipher_suites_len, target_common, sizeof(target_common), target_tls13, sizeof(target_tls13));
printf("cipher suites: \n");
for(int i = 0; i < chello->cipher_suites_len; i++){
printf("0x%02x ", cipher_suites[i]);
@@ -202,7 +202,7 @@ int tls13_test(){
};
int len = sizeof(buff);
enum chello_parse_result result;
struct ssl_chello* chello = ssl_chello_parse(buff, len, 1, &result);
struct ssl_chello* chello = ssl_chello_parse(buff, len, &result);
printf("---------------------------tls1.3 --------------------------------\n");
printf("min version: %d, %d, ossl format: %x\n", chello->min_version.major, chello->min_version.minor, chello->min_version.ossl_format);
printf("max version: %d, %d, ossl format: %x\n", chello->max_version.major, chello->max_version.minor, chello->max_version.ossl_format);
@@ -210,7 +210,7 @@ int tls13_test(){
unsigned char cipher_suites[1024];
memcpy(cipher_suites, chello->cipher_suites, chello->cipher_suites_len);
char target_common[1024], target_tls13[1024];
ssl_cipher_suites_convert(chello->cipher_suites, chello->cipher_suites_len, target_common, target_tls13);
ssl_cipher_suites_to_name(chello->cipher_suites, chello->cipher_suites_len, target_common, sizeof(target_common), target_tls13, sizeof(target_tls13));
printf("cipher suites: \n");
for(int i = 0; i < chello->cipher_suites_len; i++){
printf("0x%02x ", cipher_suites[i]);