Add utls imitate setting to snowflake client

client/lib/rendezvous.go

@@ -5,6 +5,8 @@ package snowflake_client
 
 import (
 	"errors"
+	"fmt"
+
 	"log"
 	"net/http"
 	"sync"
@@ -14,7 +16,9 @@ import (
 	"git.torproject.org/pluggable-transports/snowflake.git/v2/common/messages"
 	"git.torproject.org/pluggable-transports/snowflake.git/v2/common/nat"
 	"git.torproject.org/pluggable-transports/snowflake.git/v2/common/util"
+	utlsutil "git.torproject.org/pluggable-transports/snowflake.git/v2/common/utls"
 	"github.com/pion/webrtc/v3"
+	utls "github.com/refraction-networking/utls"
 )
 
 const (
@@ -51,10 +55,14 @@ func createBrokerTransport() http.RoundTripper {
 	return transport
 }
 
-// NewBrokerChannel construct a new BrokerChannel, where:
+func NewBrokerChannel(broker, ampCache, front string, keepLocalAddresses bool) (*BrokerChannel, error) {
+	return NewBrokerChannelWithUTlsClientID(broker, ampCache, front, keepLocalAddresses, "")
+}
+
+// NewBrokerChannelWithUTlsClientID construct a new BrokerChannel, where:
 // |broker| is the full URL of the facilitating program which assigns proxies
 // to clients, and |front| is the option fronting domain.
-func NewBrokerChannel(broker, ampCache, front string, keepLocalAddresses bool) (*BrokerChannel, error) {
+func NewBrokerChannelWithUTlsClientID(broker, ampCache, front string, keepLocalAddresses bool, utlsClientID string) (*BrokerChannel, error) {
 	log.Println("Rendezvous using Broker at:", broker)
 	if ampCache != "" {
 		log.Println("Through AMP cache at:", ampCache)
@@ -63,12 +71,23 @@ func NewBrokerChannel(broker, ampCache, front string, keepLocalAddresses bool) (
 		log.Println("Domain fronting using:", front)
 	}
 
+	brokerTransport := createBrokerTransport()
+
+	if utlsClientID != "" {
+		utlsClientHelloID, err := utlsutil.NameToUTlsID(utlsClientID)
+		if err != nil {
+			return nil, fmt.Errorf("unable to create broker channel: %v", err)
+		}
+		config := &utls.Config{}
+		brokerTransport = utlsutil.NewUTLSHTTPRoundTripper(utlsClientHelloID, config, brokerTransport, false)
+	}
+
 	var rendezvous RendezvousMethod
 	var err error
 	if ampCache != "" {
-		rendezvous, err = newAMPCacheRendezvous(broker, ampCache, front, createBrokerTransport())
+		rendezvous, err = newAMPCacheRendezvous(broker, ampCache, front, brokerTransport)
 	} else {
-		rendezvous, err = newHTTPRendezvous(broker, front, createBrokerTransport())
+		rendezvous, err = newHTTPRendezvous(broker, front, brokerTransport)
 	}
 	if err != nil {
 		return nil, err

client/lib/snowflake.go

@@ -97,6 +97,9 @@ type ClientConfig struct {
 	// Max is the maximum number of snowflake proxy peers that the client should attempt to
 	// connect to. Defaults to 1.
 	Max int
+	// UTlsClientID is the type of user application that snowflake should imitate.
+	// If an empty value is provided, it will use Go's default TLS implementation
+	UTlsClientID string
 }
 
 // NewSnowflakeClient creates a new Snowflake transport client that can spawn multiple

client/snowflake.go

@@ -126,6 +126,7 @@ func main() {
 	frontDomain := flag.String("front", "", "front domain")
 	ampCacheURL := flag.String("ampcache", "", "URL of AMP cache to use as a proxy for signaling")
 	logFilename := flag.String("log", "", "name of log file")
+	utlsClientHelloID := flag.String("utls-imitate", "", "type of TLS client to imitate with utls")
 	logToStateDir := flag.Bool("log-to-state-dir", false, "resolve the log file relative to tor's pt state dir")
 	keepLocalAddresses := flag.Bool("keep-local-addresses", false, "keep local LAN address ICE candidates")
 	unsafeLogging := flag.Bool("unsafe-logging", false, "prevent logs from being scrubbed")
@@ -178,6 +179,7 @@ func main() {
 		ICEAddresses:       iceAddresses,
 		KeepLocalAddresses: *keepLocalAddresses || *oldKeepLocalAddresses,
 		Max:                *max,
+		UTlsClientID:       *utlsClientHelloID,
 	}
 
 	// Begin goptlib client process.