gandc/mtprotoproxy
1
0
Fork 0
mirror of https://github.com/alexbers/mtprotoproxy.git synced 2026-03-13 23:03:09 +00:00
Code Issues Packages Projects Releases Wiki Activity

mimic as tls 1.3 instead of tls 1.2 to bypass uncrypted certificates problem

Browse Source
This commit is contained in:
Alexander Bersenev
2019-08-15 16:23:44 +05:00
parent f51a4bfe34
commit 7527d402d6
1 changed files with 9 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
mtprotoproxy.py
View File

@@ -77,6 +77,7 @@ MAX_MSG_LEN = 2 ** 24
my_ip_info = {"ipv4": None, "ipv6": None}
used_handshakes = collections.OrderedDict()
disable_middle_proxy = False
fake_cert_len = random.randrange(1024, 4096)
config = {}
@@ -839,11 +840,10 @@ async def handle_bad_client(reader_clt, writer_clt, handshake):
async def handle_pseudo_tls_handshake(handshake, reader, writer, peer):
global used_handshakes
global fake_cert_len
TLS_VERS = b"\x03\x03"
TLS_CIPHERSUITE = b"\xc0\x2f"
TLS_EXTENSIONS = b"\x00\x12" + b"\xff\x01\x00\x01\x00" + b"\x00\x05\x00\x00"
TLS_EXTENSIONS += b"\x00\x10\x00\x05\x00\x03\x02\x68\x32"
TLS_CIPHERSUITE = b"\x13\x01"
TLS_CHANGE_CIPHER = b"\x14" + TLS_VERS + b"\x00\x01\x01"
TLS_APP_HTTP2_HDR = b"\x17" + TLS_VERS
@@ -853,6 +853,10 @@ async def handle_pseudo_tls_handshake(handshake, reader, writer, peer):
SESSION_ID_LEN_POS = DIGEST_POS + DIGEST_LEN
SESSION_ID_POS = SESSION_ID_LEN_POS + 1
tls_extensions = b"\x00\x2e" + b"\x00\x33\x00\x24" + b"\x00\x1d\x00\x20"
tls_extensions += bytes([random.randrange(0, 256) for i in range(32)])
tls_extensions += b"\x00\x2b\x00\x02\x03\x04"
digest = handshake[DIGEST_POS: DIGEST_POS + DIGEST_LEN]
if digest in used_handshakes:
@@ -875,10 +879,10 @@ async def handle_pseudo_tls_handshake(handshake, reader, writer, peer):
if not digest_good:
continue
http_data = bytearray([random.randrange(0, 256) for i in range(random.randrange(1, 256))])
http_data = bytearray([random.randrange(0, 256) for i in range(fake_cert_len)])
srv_hello = TLS_VERS + b"\x00"*DIGEST_LEN + bytes([sess_id_len]) + sess_id
srv_hello += TLS_CIPHERSUITE + b"\x00" + TLS_EXTENSIONS
srv_hello += TLS_CIPHERSUITE + b"\x00" + tls_extensions
hello_pkt = b"\x16" + TLS_VERS + int.to_bytes(len(srv_hello) + 4, 2, "big")
hello_pkt += b"\x02" + int.to_bytes(len(srv_hello), 3, "big") + srv_hello