2025-01-02 19:25:00 +00:00
|
|
|
/*
|
|
|
|
|
youtubeUnblock - https://github.com/Waujito/youtubeUnblock
|
|
|
|
|
|
|
|
|
|
Copyright (C) 2024-2025 Vadim Vetrov <vetrovvd@gmail.com>
|
|
|
|
|
|
|
|
|
|
This program is free software: you can redistribute it and/or modify
|
|
|
|
|
it under the terms of the GNU General Public License as published by
|
|
|
|
|
the Free Software Foundation, either version 3 of the License, or
|
|
|
|
|
(at your option) any later version.
|
|
|
|
|
|
|
|
|
|
This program is distributed in the hope that it will be useful,
|
|
|
|
|
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
|
|
GNU General Public License for more details.
|
|
|
|
|
|
|
|
|
|
You should have received a copy of the GNU General Public License
|
|
|
|
|
along with this program. If not, see <https://www.gnu.org/licenses/>.
|
|
|
|
|
*/
|
|
|
|
|
|
2024-09-26 15:11:05 +00:00
|
|
|
#ifndef TLS_H
|
|
|
|
|
#define TLS_H
|
|
|
|
|
|
|
|
|
|
#include "types.h"
|
2024-10-12 09:19:33 +00:00
|
|
|
#include "utils.h"
|
2024-09-26 15:11:05 +00:00
|
|
|
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Result of analyze_tls_data function
|
|
|
|
|
*/
|
|
|
|
|
struct tls_verdict {
|
2025-01-02 16:02:21 +00:00
|
|
|
const uint8_t *sni_ptr;
|
2024-09-26 15:11:05 +00:00
|
|
|
int sni_len;
|
2025-01-02 16:02:21 +00:00
|
|
|
|
|
|
|
|
int target_sni; /* boolean, 1 if target found */
|
|
|
|
|
const uint8_t *target_sni_ptr; /* pointer to target domain instead of entire sni */
|
|
|
|
|
int target_sni_len; /* length of target domain instead of entire sni */
|
2024-09-26 15:11:05 +00:00
|
|
|
};
|
|
|
|
|
|
2025-01-02 16:02:21 +00:00
|
|
|
#define TLS_CONTENT_TYPE_HANDSHAKE 0x16
|
|
|
|
|
#define TLS_HANDSHAKE_TYPE_CLIENT_HELLO 0x01
|
|
|
|
|
#define TLS_EXTENSION_SNI 0x0000
|
|
|
|
|
#define TLS_EXTENSION_CLIENT_HELLO_ENCRYPTED 0xfe0d
|
|
|
|
|
|
|
|
|
|
#define TLS_MESSAGE_ANALYZE_INVALID -1
|
|
|
|
|
#define TLS_MESSAGE_ANALYZE_FOUND 0
|
|
|
|
|
#define TLS_MESSAGE_ANALYZE_GOTO_NEXT 1
|
|
|
|
|
|
2025-01-02 17:37:34 +00:00
|
|
|
/**
|
|
|
|
|
* Analyzes each TLS Client Hello message (inside TLS Record or QUIC CRYPTO FRAME)
|
|
|
|
|
*/
|
2025-01-02 16:02:21 +00:00
|
|
|
int analyze_tls_message(
|
|
|
|
|
const struct section_config_t *section,
|
|
|
|
|
const uint8_t *message_data,
|
|
|
|
|
size_t message_length,
|
|
|
|
|
struct tls_verdict *tlsv
|
|
|
|
|
);
|
|
|
|
|
|
2025-01-04 14:47:49 +00:00
|
|
|
/**
|
|
|
|
|
* Tries to bruteforce over the packet and match domains as plain text
|
|
|
|
|
*/
|
|
|
|
|
int bruteforce_analyze_sni_str(
|
|
|
|
|
const struct section_config_t *section,
|
|
|
|
|
const uint8_t *data, size_t dlen,
|
|
|
|
|
struct tls_verdict *vrd
|
|
|
|
|
);
|
|
|
|
|
|
2025-01-02 16:02:21 +00:00
|
|
|
|
2024-09-26 15:11:05 +00:00
|
|
|
/**
|
|
|
|
|
* Processes the packet and finds TLS Client Hello information inside it.
|
|
|
|
|
* data pointer points to start of TLS Message (TCP Payload)
|
2025-01-02 16:02:21 +00:00
|
|
|
*
|
|
|
|
|
* Note that all the constant pointers of tls_verdict will be relative to data pointer
|
2024-09-26 15:11:05 +00:00
|
|
|
*/
|
2025-01-06 21:52:36 +00:00
|
|
|
struct tls_verdict analyze_tls_data(const struct section_config_t *section, const uint8_t *data, size_t dlen);
|
2024-09-26 15:11:05 +00:00
|
|
|
|
|
|
|
|
|
|
|
|
|
/**
|
2025-01-09 16:44:30 +00:00
|
|
|
* Allocates and generates the fake client hello message
|
2024-09-26 15:11:05 +00:00
|
|
|
*/
|
|
|
|
|
int gen_fake_sni(struct fake_type type,
|
2025-01-06 21:52:36 +00:00
|
|
|
const void *iph, size_t iph_len,
|
|
|
|
|
const struct tcphdr *tcph, size_t tcph_len,
|
2025-01-09 16:44:30 +00:00
|
|
|
uint8_t **ubuf, size_t *ubuflen);
|
2024-09-26 15:11:05 +00:00
|
|
|
|
|
|
|
|
#endif /* TLS_H */
|
