Add CovertDTLSConfig

2025-10-13 20:11:19 -04:00 · 2024-12-18 00:09:15 +01:00 · 2024-12-18 00:09:15 +01:00 · bb11646e73
commit bb11646e73
parent 5912e2892a
11 changed files with 89 additions and 56 deletions
--- a/client/snowflake.go
+++ b/client/snowflake.go
@ -123,6 +123,9 @@ func socksAcceptLoop(ln *pt.SocksListener, config sf.ClientConfig, shutdown chan
 			if arg, ok := conn.Req.Args.Get("fingerprint"); ok {
 				config.BridgeFingerprint = arg
 			}
+			if arg, ok := conn.Req.Args.Get("covertdtls-config"); ok {
+				config.CovertDTLSConfig = arg
+			}
 			transport, err := sf.NewSnowflakeClient(config)
 			if err != nil {
 				conn.Reject()
@ -174,8 +177,7 @@ func main() {
 	max := flag.Int("max", DefaultSnowflakeCapacity,
 		"capacity for number of multiplexed WebRTC peers")
 	versionFlag := flag.Bool("version", false, "display version info to stderr and quit")
-	dtlsRandomize := flag.Bool("dtls-randomize", false, "randomize DTLS client hello")
-	dtlsMimic := flag.Bool("dtls-mimic", false, "mimic DTLS client hello of Chrome and Firefox")
+	covertDTLSConfig := flag.String("covertdtls-config", "", "Configuration of dtls mimicking and randomization: mimic, randomize, randomizemimic")

 	// Deprecated
 	oldLogToStateDir := flag.Bool("logToStateDir", false, "use -log-to-state-dir instead")
@ -188,10 +190,6 @@ func main() {
 		os.Exit(0)
 	}

-	if *dtlsMimic && *dtlsRandomize {
-		log.Fatal("Cannot both Randomize and Mimic DTLS client hello")
-	}
-
 	log.SetFlags(log.LstdFlags | log.LUTC)

 	// Don't write to stderr; versions of tor earlier than about 0.3.5.6 do
@ -246,8 +244,7 @@ func main() {
 		ICEAddresses:       iceAddresses,
 		KeepLocalAddresses: *keepLocalAddresses || *oldKeepLocalAddresses,
 		Max:                *max,
-		DTLSRandomize:      *dtlsRandomize,
-		DTLSMimic:          *dtlsMimic,
+		CovertDTLSConfig:   *covertDTLSConfig,
 	}

 	// Begin goptlib client process.