mirrors/GoodbyeDPI
1
0
Fork 0
mirror of https://github.com/ValdikSS/GoodbyeDPI.git synced 2024-12-22 06:15:27 +00:00
Code Issues Packages Projects Releases Wiki Activity

Add TLS Server Name Indication (SNI) extractor

Browse Source
This commit is contained in:
ValdikSS 2021-12-25 10:09:37 +03:00
parent 787c4d25c3
commit cf7d1c69e0
1 changed files with 46 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

46
src/goodbyedpi.c
View File

@ -326,6 +326,52 @@ static int find_header_and_get_info(const char *pktdata, unsigned int pktlen,
return FALSE;
}
/**
* Very crude Sever Name Indication (TLS ClientHello hostname) extractor.
*/
static int extract_sni(const char *pktdata, unsigned int pktlen,
char **hostnameaddr, unsigned int *hostnamelen) {
uint32_t ptr = 0;
const char *d = pktdata;
const char *hnaddr = 0;
unsigned int hnlen = 0;
while (ptr + 8 < pktlen) {
/* Search for specific Extensions sequence */
if (d[ptr] == '\0' && d[ptr+1] == '\0' && d[ptr+2] == '\0' &&
d[ptr+4] == '\0' && d[ptr+6] == '\0' && d[ptr+7] == '\0' &&
/* Check Extension length, Server Name list length
* and Server Name length relations
*/
d[ptr+3] - d[ptr+5] == 2 && d[ptr+5] - d[ptr+8] == 3)
{
if (ptr + 8 + d[ptr+8] > pktlen) {
return FALSE;
}
hnaddr = &d[ptr+9];
hnlen = d[ptr+8];
/* Limit hostname size up to 254 bytes */
if (hnlen < 2 || hnlen > 254) {
return FALSE;
}
/* Validate that hostname has only ascii lowercase characters */
for (int i=0; i<hnlen; i++) {
if (!(hnaddr[i] >= '1' && hnaddr[i] <= '9' ||
hnaddr[i] >= 'a' && hnaddr[i] <= 'z' ||
hnaddr[i] == '.'))
{
return FALSE;
}
}
*hostnameaddr = hnaddr;
*hostnamelen = hnlen;
return TRUE;
}
ptr++;
}
return FALSE;
}
static inline void change_window_size(const PWINDIVERT_TCPHDR ppTcpHdr, unsigned int size) {
if (size >= 1 && size <= 0xFFFFu) {
ppTcpHdr->Window = htons((u_short)size);