mirror of
https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake.git
synced 2025-10-14 14:11:23 -04:00
Add raw DTLS fingerprints
This commit is contained in:
theodorsm
parent
fd9f08d986
commit
0976198523
6 changed files with 60 additions and 17 deletions
|
|
@ -37,6 +37,7 @@ import (
|
|||
|
||||
"github.com/pion/ice/v4"
|
||||
"github.com/pion/webrtc/v4"
|
||||
"github.com/theodorsm/covert-dtls/pkg/fingerprints"
|
||||
"github.com/xtaci/kcp-go/v5"
|
||||
"github.com/xtaci/smux"
|
||||
|
||||
|
|
@ -118,8 +119,9 @@ type ClientConfig struct {
|
|||
// connect to, as specified in the Bridge line of the torrc.
|
||||
BridgeFingerprint string
|
||||
// CommunicationProxy is the proxy address for network communication
|
||||
CommunicationProxy *url.URL
|
||||
CovertDTLSConfig string
|
||||
CommunicationProxy *url.URL
|
||||
CovertDTLSConfig string
|
||||
CovertDTLSFingerprint string
|
||||
}
|
||||
|
||||
// NewSnowflakeClient creates a new Snowflake transport client that can spawn multiple
|
||||
|
|
@ -165,9 +167,12 @@ func NewSnowflakeClient(config ClientConfig) (*Transport, error) {
|
|||
|
||||
eventsLogger := event.NewSnowflakeEventDispatcher()
|
||||
var transport *Transport
|
||||
// TODO: Add fingerprint config
|
||||
|
||||
if config.CovertDTLSConfig != "" {
|
||||
covertDTLSConfig := covertdtls.ParseConfigString(config.CovertDTLSConfig)
|
||||
if config.CovertDTLSFingerprint != "" {
|
||||
covertDTLSConfig.Fingerprint = fingerprints.ClientHelloFingerprint(*&config.CovertDTLSFingerprint)
|
||||
}
|
||||
transport = &Transport{dialer: NewCovertWebRTCDialerWithEventsAndProxy(broker, iceServers, max, eventsLogger, config.CommunicationProxy, &covertDTLSConfig), eventDispatcher: eventsLogger}
|
||||
} else {
|
||||
transport = &Transport{dialer: NewWebRTCDialerWithEventsAndProxy(broker, iceServers, max, eventsLogger, config.CommunicationProxy), eventDispatcher: eventsLogger}
|
||||
|
|
|
|||
|
|
@ -287,7 +287,17 @@ func (c *WebRTCPeer) preparePeerConnection(
|
|||
|
||||
s.SetNet(vnet)
|
||||
|
||||
if covertDTLSConfig.Mimic {
|
||||
if covertDTLSConfig.Fingerprint != "" {
|
||||
mimic := &mimicry.MimickedClientHello{}
|
||||
err = mimic.LoadFingerprint(covertDTLSConfig.Fingerprint)
|
||||
if err != nil {
|
||||
log.Printf("NewPeerConnection ERROR: %s", err)
|
||||
return err
|
||||
}
|
||||
profiles := utils.DefaultSRTPProtectionProfiles()
|
||||
s.SetSRTPProtectionProfiles(profiles...)
|
||||
s.SetDTLSClientHelloMessageHook(mimic.Hook)
|
||||
} else if covertDTLSConfig.Mimic {
|
||||
mimic := &mimicry.MimickedClientHello{}
|
||||
if covertDTLSConfig.Randomize {
|
||||
err = mimic.LoadRandomFingerprint()
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue