gandc/mtprotoproxy
1
0
Fork 0
mirror of https://github.com/alexbers/mtprotoproxy.git synced 2026-03-14 07:13:09 +00:00
Code Issues Packages Projects Releases Wiki Activity

get rid from annoying time skew messages, print summary instead

Browse Source
This commit is contained in:
Alexander Bersenev
2019-09-08 02:01:23 +05:00
parent 51c8d68271
commit 1ed13d9efa
1 changed files with 11 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
mtprotoproxy.py
View File

@@ -83,6 +83,7 @@ disable_middle_proxy = False
is_time_skewed = False is_time_skewed = False
fake_cert_len = random.randrange(1024, 4096) fake_cert_len = random.randrange(1024, 4096)
mask_host_cached_ip = None mask_host_cached_ip = None
last_clients_with_time_skew = {}
config = {} config = {}
@@ -903,6 +904,7 @@ async def handle_bad_client(reader_clt, writer_clt, handshake):
async def handle_fake_tls_handshake(handshake, reader, writer, peer): async def handle_fake_tls_handshake(handshake, reader, writer, peer):
global used_handshakes global used_handshakes
global last_clients_with_time_skew
global fake_cert_len global fake_cert_len
TIME_SKEW_MIN = -20 * 60 TIME_SKEW_MIN = -20 * 60
@@ -948,9 +950,7 @@ async def handle_fake_tls_handshake(handshake, reader, writer, peer):
# some clients fail to read unix time and send the time since boot instead # some clients fail to read unix time and send the time since boot instead
client_time_is_small = timestamp < 60*60*24*1000 client_time_is_small = timestamp < 60*60*24*1000
if not client_time_is_ok and not is_time_skewed and not client_time_is_small: if not client_time_is_ok and not is_time_skewed and not client_time_is_small:
err_msg = "Client with time skew detected from %s, can be a replay-attack. " % peer[0] last_clients_with_time_skew[peer[0]] = (time.time() - timestamp) // 60
err_msg += "Its clocks were %d minutes behind" % ((time.time() - timestamp) // 60)
print_err(err_msg)
continue continue
http_data = myrandom.getrandbytes(fake_cert_len) http_data = myrandom.getrandbytes(fake_cert_len)
@@ -1506,6 +1506,7 @@ async def handle_client_wrapper(reader, writer):
async def stats_printer(): async def stats_printer():
global stats global stats
global last_clients_with_time_skew
while True: while True:
await asyncio.sleep(config.STATS_PRINT_PERIOD) await asyncio.sleep(config.STATS_PRINT_PERIOD)
@@ -1516,6 +1517,13 @@ async def stats_printer():
stat["octets"] / 1000000, stat["msgs"])) stat["octets"] / 1000000, stat["msgs"]))
print(flush=True) print(flush=True)
if last_clients_with_time_skew:
print("Clients with time skew (possible replay-attackers):")
for ip, skew_minutes in last_clients_with_time_skew.items():
print("%s, clocks were %d minutes behind" % (ip, skew_minutes))
last_clients_with_time_skew = {}
print(flush=True)
async def make_https_req(url, host="core.telegram.org"): async def make_https_req(url, host="core.telegram.org"):
""" Make request, return resp body and headers. """ """ Make request, return resp body and headers. """