mirror of
https://github.com/hufrea/byedpi.git
synced 2024-12-22 06:15:14 +00:00
check sid only in TLSv1.3
This commit is contained in:
parent
a48a2e87a3
commit
bd290b1b5f
4
extend.c
4
extend.c
@ -217,9 +217,7 @@ int on_response(struct poolhd *pool, struct eval *val,
|
||||
break;
|
||||
}
|
||||
else if ((dp->detect & DETECT_TLS_INVSID)
|
||||
&& neq_tls_sid(req, qn, resp, sn)
|
||||
&& !neq_tls_sid(
|
||||
fake_tls.data, fake_tls.size, resp, sn)) {
|
||||
&& neq_tls_sid(req, qn, resp, sn)) {
|
||||
break;
|
||||
}
|
||||
else if ((dp->detect & DETECT_TLS_ALERT)
|
||||
|
4
main.c
4
main.c
@ -292,8 +292,8 @@ int get_addr(const char *str, struct sockaddr_ina *addr)
|
||||
int get_addr_with_port(const char *str, struct sockaddr_ina *addr)
|
||||
{
|
||||
uint16_t port = 0;
|
||||
char *s = (char *)str, *e = 0;
|
||||
char *end = 0, *p = s;
|
||||
const char *s = str, *p = str, *e = 0;
|
||||
char *end = 0;
|
||||
|
||||
if (*str == '[') {
|
||||
e = strchr(str, ']');
|
||||
|
47
packets.c
47
packets.c
@ -72,22 +72,14 @@ char *strncasestr(char *a, size_t as, char *b, size_t bs)
|
||||
}
|
||||
|
||||
|
||||
size_t find_tls_ext_offset(uint16_t type, char *data, size_t size)
|
||||
size_t find_tls_ext_offset(uint16_t type,
|
||||
char *data, size_t size, size_t skip)
|
||||
{
|
||||
if (size < 44) {
|
||||
if (size <= (skip + 2)) {
|
||||
return 0;
|
||||
}
|
||||
uint8_t sid_len = data[43];
|
||||
if (size < 44 + sid_len + 2) {
|
||||
return 0;
|
||||
}
|
||||
uint16_t cip_len = ANTOHS(data, 44 + sid_len);
|
||||
|
||||
size_t skip = 44 + sid_len + 2 + cip_len + 4;
|
||||
if (size <= skip) {
|
||||
return 0;
|
||||
}
|
||||
uint16_t ext_len = ANTOHS(data, skip - 2);
|
||||
uint16_t ext_len = ANTOHS(data, skip);
|
||||
skip += 2;
|
||||
|
||||
if (ext_len < (size - skip)) {
|
||||
size = ext_len + skip;
|
||||
@ -104,14 +96,30 @@ size_t find_tls_ext_offset(uint16_t type, char *data, size_t size)
|
||||
}
|
||||
|
||||
|
||||
size_t chello_ext_offset(uint16_t type, char *data, size_t size)
|
||||
{
|
||||
if (size < 44) {
|
||||
return 0;
|
||||
}
|
||||
uint8_t sid_len = data[43];
|
||||
if (size < 44 + sid_len + 2) {
|
||||
return 0;
|
||||
}
|
||||
uint16_t cip_len = ANTOHS(data, 44 + sid_len);
|
||||
|
||||
size_t skip = 44 + sid_len + 2 + cip_len + 2;
|
||||
return find_tls_ext_offset(type, data, size, skip);
|
||||
}
|
||||
|
||||
|
||||
int change_tls_sni(const char *host, char *buffer, size_t bsize)
|
||||
{
|
||||
size_t sni_offs, pad_offs;
|
||||
|
||||
if (!(sni_offs = find_tls_ext_offset(0x00, buffer, bsize))) {
|
||||
if (!(sni_offs = chello_ext_offset(0x00, buffer, bsize))) {
|
||||
return -1;
|
||||
}
|
||||
if (!(pad_offs = find_tls_ext_offset(0x15, buffer, bsize))) {
|
||||
if (!(pad_offs = chello_ext_offset(0x15, buffer, bsize))) {
|
||||
return -1;
|
||||
}
|
||||
char *sni = &buffer[sni_offs];
|
||||
@ -154,7 +162,7 @@ int parse_tls(char *buffer, size_t bsize, char **hs)
|
||||
if (!is_tls_chello(buffer, bsize)) {
|
||||
return 0;
|
||||
}
|
||||
size_t sni_offs = find_tls_ext_offset(0x00, buffer, bsize);
|
||||
size_t sni_offs = chello_ext_offset(0x00, buffer, bsize);
|
||||
|
||||
if (!sni_offs || (sni_offs + 12) >= bsize) {
|
||||
return 0;
|
||||
@ -324,10 +332,15 @@ bool neq_tls_sid(char *req, size_t qn, char *resp, size_t sn)
|
||||
|| ANTOHS(resp, 0) != 0x1603) {
|
||||
return 0;
|
||||
}
|
||||
uint8_t sid_len = req[43];
|
||||
size_t skip = 44 + sid_len + 3;
|
||||
|
||||
if (!find_tls_ext_offset(0x2b, resp, sn, skip)) {
|
||||
return 0;
|
||||
}
|
||||
if (req[43] != resp[43]) {
|
||||
return 1;
|
||||
}
|
||||
uint8_t sid_len = req[43];
|
||||
return memcmp(req + 44, resp + 44, sid_len);
|
||||
}
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user