SpoofDPI/proxy/https.go

133 lines
3.4 KiB
Go
Raw Permalink Normal View History

2024-07-22 04:49:18 +00:00
package proxy
import (
2024-07-22 10:59:11 +00:00
"net"
"strconv"
2024-07-22 04:49:18 +00:00
log "github.com/sirupsen/logrus"
"github.com/xvzc/SpoofDPI/packet"
)
2024-07-22 11:58:30 +00:00
func (pxy *Proxy) handleHttps(lConn *net.TCPConn, initPkt *packet.HttpPacket, ip string) {
2024-07-22 04:49:18 +00:00
// Create a connection to the requested server
2024-07-22 10:59:11 +00:00
var port int = 443
var err error
2024-07-22 04:49:18 +00:00
if initPkt.Port() != "" {
2024-07-22 10:59:11 +00:00
port, err = strconv.Atoi(initPkt.Port())
if err != nil {
log.Debug("[HTTPS] Error while parsing port for ", initPkt.Domain(), " aborting..")
}
2024-07-22 04:49:18 +00:00
}
2024-07-22 10:59:11 +00:00
rConn, err := net.DialTCP("tcp", nil, &net.TCPAddr{IP: net.ParseIP(ip), Port: port})
2024-07-22 04:49:18 +00:00
if err != nil {
2024-07-22 10:59:11 +00:00
lConn.Close()
2024-07-22 04:49:18 +00:00
log.Debug("[HTTPS] ", err)
return
}
defer func() {
lConn.Close()
log.Debug("[HTTPS] Closing client Connection.. ", lConn.RemoteAddr())
rConn.Close()
log.Debug("[HTTPS] Closing server Connection.. ", initPkt.Domain(), " ", rConn.LocalAddr())
}()
log.Debug("[HTTPS] New connection to the server ", initPkt.Domain(), " ", rConn.LocalAddr())
_, err = lConn.Write([]byte(initPkt.Version() + " 200 Connection Established\r\n\r\n"))
if err != nil {
log.Debug("[HTTPS] Error sending 200 Connection Established to the client", err)
return
}
log.Debug("[HTTPS] Sent 200 Connection Estabalished to ", lConn.RemoteAddr())
// Read client hello
2024-07-22 10:59:11 +00:00
clientHello, err := ReadBytes(lConn)
2024-07-22 04:49:18 +00:00
if err != nil {
log.Debug("[HTTPS] Error reading client hello from the client", err)
return
}
log.Debug("[HTTPS] Client sent hello ", len(clientHello), "bytes")
// Generate a go routine that reads from the server
chPkt := packet.NewHttpsPacket(clientHello)
2024-07-22 11:58:30 +00:00
// lConn.SetLinger(3)
// rConn.SetLinger(3)
2024-07-22 10:59:11 +00:00
go Serve(rConn, lConn, "[HTTPS]", rConn.RemoteAddr().String(), initPkt.Domain(), pxy.timeout)
2024-07-22 04:49:18 +00:00
if pxy.patternExists() && !pxy.patternMatches([]byte(initPkt.Domain())) {
2024-07-22 10:59:11 +00:00
log.Debug("[HTTPS] Writing plain client hello to ", initPkt.Domain())
if _, err := rConn.Write(chPkt.Raw()); err != nil {
log.Debug("[HTTPS] Error writing plain client hello to ", initPkt.Domain(), err)
return
}
2024-07-22 04:49:18 +00:00
} else {
2024-07-22 10:59:11 +00:00
log.Debug("[HTTPS] Writing chunked client hello to ", initPkt.Domain())
2024-08-03 07:43:51 +00:00
chunks := pxy.splitInChunks(chPkt.Raw())
2024-07-22 10:59:11 +00:00
if _, err := WriteChunks(rConn, chunks); err != nil {
log.Debug("[HTTPS] Error writing chunked client hello to ", initPkt.Domain(), err)
return
}
}
Serve(lConn, rConn, "[HTTPS]", lConn.RemoteAddr().String(), initPkt.Domain(), pxy.timeout)
2024-07-22 04:49:18 +00:00
}
2024-08-03 07:43:51 +00:00
func (pxy *Proxy) splitInChunks(bytes []byte) [][]byte {
2024-07-22 04:49:18 +00:00
// If the packet matches the pattern or the URLs, we don't split it
if pxy.patternExists() && !pxy.patternMatches(bytes) {
return [][]byte{bytes}
}
var chunks [][]byte
var raw []byte = bytes
2024-08-03 07:43:51 +00:00
var size = pxy.windowSize
2024-07-22 04:49:18 +00:00
2024-08-03 07:43:51 +00:00
log.Debug("[HTTPS] window-size: ", size)
if size > 0 {
2024-07-23 00:41:13 +00:00
for {
if len(raw) == 0 {
break
}
// necessary check to avoid slicing beyond
// slice capacity
if len(raw) < size {
size = len(raw)
}
chunks = append(chunks, raw[0:size])
raw = raw[size:]
2024-07-22 04:49:18 +00:00
}
2024-07-23 00:41:13 +00:00
return chunks
}
2024-07-22 04:49:18 +00:00
2024-07-27 02:00:53 +00:00
// When the given window-size <= 0
2024-07-23 00:41:13 +00:00
if len(raw) < 1 {
return [][]byte{raw}
2024-07-22 04:49:18 +00:00
}
2024-07-23 00:41:13 +00:00
log.Debug("[HTTPS] Using legacy fragmentation.")
return [][]byte{raw[:1], raw[1:]}
2024-07-22 04:49:18 +00:00
}
func (pxy *Proxy) patternExists() bool {
return pxy.allowedPattern != nil || pxy.allowedUrls != nil
}
2024-07-22 11:58:30 +00:00
func (pxy *Proxy) patternMatches(bytes []byte) bool {
return (pxy.allowedPattern != nil && pxy.allowedPattern.Match(bytes)) ||
(pxy.allowedUrls != nil && pxy.allowedUrls.Match(bytes))
2024-07-22 04:49:18 +00:00
}