gandc/mtprotoproxy
1
0
Fork 0
mirror of https://github.com/alexbers/mtprotoproxy.git synced 2026-03-14 07:13:09 +00:00
Code Issues Packages Projects Releases Wiki Activity

Commit Graph

  • 4f8b1b16db modify the workaround Alexander Bersenev 2019-08-23 18:12:53 +05:00
  • 27f5d249a7 add a workaround against the clients who send zero as their itimestamp Alexander Bersenev 2019-08-23 17:19:03 +05:00
  • c51f6f85b8 correct the byte in the initial server hello Alexander Bersenev 2019-08-23 05:24:18 +05:00
  • 44a52bf958 remove the workaround Alexander Bersenev 2019-08-23 02:19:21 +05:00
  • 8520a26837 ability to disable replay protection Alexander Bersenev 2019-08-23 01:59:53 +05:00
  • 068996ab36 fix small typo Alexander Bersenev 2019-08-23 01:45:54 +05:00
  • 4faa96732f workaround: the fifth telegram server doesn't answer on IPv6 Alexander Bersenev 2019-08-23 01:43:44 +05:00
  • bee0b3be6b cache the ip address of mask host Alexander Bersenev 2019-08-23 01:18:24 +05:00
  • 09fec8ca99 Merge branch 'master' of github.com:alexbers/mtprotoproxy Alexander Bersenev 2019-08-21 16:15:31 +05:00
  • 25d76bee09 do not create the copy of cryptography adapter classes Alexander Bersenev 2019-08-21 16:14:48 +05:00
  • a680b3e854 Update README.md Alexander Bersenev 2019-08-21 03:06:20 +05:00
  • 3fe87954a2 Update README.md Alexander Bersenev 2019-08-21 02:50:34 +05:00
  • 3fb3da139f Update README.md Alexander Bersenev 2019-08-21 02:05:57 +05:00
  • 014e450e62 change readme Alexander Bersenev 2019-08-21 02:03:55 +05:00
  • 04491f8a6a use hand-made random generator to make randoms more unpredictable Alexander Bersenev 2019-08-20 01:58:19 +05:00
  • e081d6b727 generate plausible x25519 public key for server hello also Alexander Bersenev 2019-08-19 21:48:54 +05:00
  • ea28a7055a small readme fixes Alexander Bersenev 2019-08-19 19:16:36 +05:00
  • 45cb849ca9 change tls status from experimental to new Alexander Bersenev 2019-08-19 18:50:52 +05:00
  • e66818326e generate plausible keys in the key share extension Alexander Bersenev 2019-08-19 17:48:10 +05:00
  • 4a1bf1ec6a print warning about default settings on stderr Alexander Bersenev 2019-08-19 04:59:05 +05:00
  • 854aaa1f24 add flush on print Alexander Bersenev 2019-08-19 04:57:48 +05:00
  • 5b0ad45cb9 cosmetic fix Alexander Bersenev 2019-08-19 04:56:37 +05:00
  • 26e00a7409 give some advices about non-secure settings on startup Alexander Bersenev 2019-08-19 04:55:09 +05:00
  • ac6d20a897 redesing exception handling logic in handle_bad_client Alexander Bersenev 2019-08-19 04:13:50 +05:00
  • 06ed40c815 handle unknown ip situation, for example for unix-sockets Alexander Bersenev 2019-08-19 03:44:08 +05:00
  • 1938c7d3bb change comment Alexander Bersenev 2019-08-19 03:33:04 +05:00
  • 01fd1a34c2 be more clear about proxy protocol usage Alexander Bersenev 2019-08-19 03:31:10 +05:00
  • 1a0977b10e handle the connection resets Alexander Bersenev 2019-08-19 00:25:54 +05:00
  • 9dc8521c18 copy the way how the mask server closes the tcp connection to the client Alexander Bersenev 2019-08-18 21:59:33 +05:00
  • 4169e6acab move the import to the top of the file Alexander Bersenev 2019-08-17 15:20:05 +05:00
  • 121a8974de add unix socket support (#127) Vladislav Grishenko 2019-08-17 15:11:49 +05:00
  • fdf5efe3d2 change max tls record size to make it look like complying https://tools.ietf.org/html/rfc8446\#section-5.2 instead of the section 5.1 Alexander Bersenev 2019-08-17 14:42:49 +05:00
  • 015d0a2012 be more tolerate to time skewing. This should cover 90% of cases Alexander Bersenev 2019-08-17 13:21:57 +05:00
  • dcad0bd51b if the client time is skewed, just print a message for a while. Additional analysis needed Alexander Bersenev 2019-08-17 04:48:17 +05:00
  • da9e51ed03 better error texts Alexander Bersenev 2019-08-17 02:07:17 +05:00
  • 59306e6e67 take cert length from the masked host Alexander Bersenev 2019-08-16 20:25:23 +05:00
  • 7502d1dc31 add one more message about the client time skew Alexander Bersenev 2019-08-16 18:11:50 +05:00
  • 9df42cda79 time based protection against replay attack Alexander Bersenev 2019-08-16 18:01:20 +05:00
  • a65f7a8e17 add one more nonce in the reserved nonces list Alexander Bersenev 2019-08-16 16:45:22 +05:00
  • 8a4bc77125 make default client handshake timeout random Alexander Bersenev 2019-08-16 16:23:14 +05:00
  • 294cb65738 rename the function from pseudo tls to the fake tls to make the terminology consistent Alexander Bersenev 2019-08-16 16:15:09 +05:00
  • 559c577df1 early break if the protocol is not tls Alexander Bersenev 2019-08-16 15:17:07 +05:00
  • ccc8c3fb14 read initial tls header byte by byte Alexander Bersenev 2019-08-16 15:07:27 +05:00
  • e061cd81c4 optimize reading a handshake by detecting tls early Alexander Bersenev 2019-08-15 18:26:56 +05:00
  • 7527d402d6 mimic as tls 1.3 instead of tls 1.2 to bypass uncrypted certificates problem Alexander Bersenev 2019-08-15 16:23:44 +05:00
  • f51a4bfe34 Add proxy protocol v1/v2 support (#119) Vladislav Grishenko 2019-08-14 23:03:01 +05:00
  • d9fa5b222a remove unused variable Alexander Bersenev 2019-08-14 04:07:36 +05:00
  • 91ec36653e add slots to classes, thanks to MrMrRobat Alexander Bersenev 2019-08-14 03:59:44 +05:00
  • e43ae99911 Fix default port in the main script. Allineer 2019-08-13 08:20:19 +03:00
  • ab52521a25 change the tls links to hex encoding until base64 is fixed Alexander Bersenev 2019-08-13 16:26:38 +05:00
  • 53184470e9 fixed cached readings in fake tls Alexander Bersenev 2019-08-13 15:23:47 +05:00
  • 48330f1e8a shrunk max tls record size according to https://tools.ietf.org/html/rfc8446\#section-5.1 Alexander Bersenev 2019-08-13 03:31:49 +05:00
  • 4e2cb87685 change the comment Alexander Bersenev 2019-08-13 02:52:41 +05:00
  • a030ae2978 redirect bad clients to some host Alexander Bersenev 2019-08-13 02:06:17 +05:00
  • 3d8961316e use urlsafe version of base64 encoder Alexander Bersenev 2019-08-11 21:28:55 +05:00
  • d7c163c0dc add tls only mode Alexander Bersenev 2019-08-11 21:22:10 +05:00
  • 80062c95bc print proxy addresses and logins on reload Alexander Bersenev 2019-07-26 14:51:41 +05:00
  • c1fdc4c0a3 move setting instant rst into a function Alexander Bersenev 2019-07-25 02:09:10 +05:00
  • f5d41e9aa7 close tcp connection with rst when tls failed Alexander Bersenev 2019-07-25 02:05:04 +05:00
  • 4e754a75bd add an experimental note for the new proto Alexander Bersenev 2019-07-24 03:16:03 +05:00
  • 1a934f992d add fake-tls mode Alexander Bersenev 2019-07-24 03:03:36 +05:00
  • c543bc1c3d launch script explicitely using python Alexander Bersenev 2019-07-23 18:01:44 +05:00
  • 96ba65aba0 add one more reserved string in the nonce beginnings Alexander Bersenev 2019-07-23 10:26:58 +05:00
  • 985e3eb546 add user data quotas Alexander Bersenev 2019-07-22 21:34:09 +05:00
  • 129f5cc981 use global var to enable direct connect Alexander Bersenev 2019-07-22 18:55:27 +05:00
  • 6fb022284e check if ipv6 is available every time before using Alexander Bersenev 2019-07-22 18:24:03 +05:00
  • 4691917c34 optimize docker containers for reloading Alexander Bersenev 2019-07-22 17:21:43 +05:00
  • 7d11ff07bd cancel all tasks on exit Alexander Bersenev 2019-07-19 15:58:54 +05:00
  • 1c875e3d31 do not listen if listen addr is zero Alexander Bersenev 2019-07-19 15:46:34 +05:00
  • a2890cf213 redesign the config handling Alexander Bersenev 2019-07-19 03:11:18 +05:00
  • 026849cb54 rename USER_EXPIRATION to USER_EXPIRATIONS and reformat the code to comply pep8 Alexander Bersenev 2019-06-29 13:15:08 +05:00
  • 4f1fea79eb Merge pull request #107 from pouryare/master Alexander Bersenev 2019-06-29 12:51:51 +05:00
  • 50df84bc80 Update mtprotoproxy.py #107 pouryare 2019-06-28 16:41:41 +04:30
  • 6823117c63 Update mtprotoproxy.py pouryare 2019-06-27 06:23:45 +04:30
  • d21eab60c2 Update mtprotoproxy.py pouryare 2019-06-27 06:05:01 +04:30
  • 312539c3b8 more reliable protection from replay attacks Alexander Bersenev 2019-05-30 14:36:24 +05:00
  • a9e12bb1bb add warning about default secrets Alexander Bersenev 2019-05-17 02:45:24 +05:00
  • 6c5155ce07 rename USER_CONN_LIMITS to USER_MAX_TCP_CONNS Alexander Bersenev 2019-05-17 02:35:39 +05:00
  • 422c409480 update the ip address of one of the telegram servers Alexander Bersenev 2019-05-17 00:27:40 +05:00
  • cdd4fef49e better comment Alexander Bersenev 2019-05-15 17:42:33 +05:00
  • 9da90d25d3 ability to specify user limits Alexander Bersenev 2019-05-15 17:16:01 +05:00
  • eba7f9be69 protect from time skewing. The proxy protocol is very sensible to clock skew. If the skew is detected, disable advertising, making the connection directly to tg servers, instead of middle proxies v1.0.5 Alexander Bersenev 2019-05-12 01:42:20 +05:00
  • af8c102449 disable one fingerprinting protection by default because it causes trouble on some ios clinets Alexander Bersenev 2019-05-09 03:29:53 +05:00
  • a01896522d changed the comment Alexander Bersenev 2019-05-09 02:59:06 +05:00
  • 6f70ff3003 adaptive buffer sizes Alexander Bersenev 2019-05-09 02:51:36 +05:00
  • d48c177e36 comment out the message active fingerprinting - there is too many messages Alexander Bersenev 2019-04-23 15:01:34 +05:00
  • f55ae68092 even more protect against replay-based fingerprinting Alexander Bersenev 2019-04-20 15:02:13 +05:00
  • 4cae6290b9 active fingerprinting detection and blocking Alexander Bersenev 2019-04-20 04:44:11 +05:00
  • 830d55fe77 fix ipv4 resolver url v1.0.4 Alexander Bersenev 2019-04-04 16:06:24 +05:00
  • 66d9c03ff9 set secure mode on by default because most tg clients support this mode and many countries are able to detect proxies in non-secure mode Alexander Bersenev 2019-03-10 23:02:27 +05:00
  • 73592c4f72 change ip address resovers since the old one doesnt work anymore v1.0.3 Alexander Bersenev 2019-02-15 20:11:57 +05:00
  • b0cb48f684 ignore errors in setsockopt on old kernels Alexander Bersenev 2018-12-30 14:44:28 +05:00
  • cb10355681 more verbose error messages on https failures Alexander Bersenev 2018-12-30 14:25:17 +05:00
  • bd8e0f935d add some endlines Alexander Bersenev 2018-11-27 22:25:47 +05:00
  • e2435461ca refactoring Alexander Bersenev 2018-11-27 22:15:38 +05:00
  • 47218748aa more reliable ip detection Alexander Bersenev 2018-11-25 22:25:13 +05:00
  • b082d06f9b Merge branch 'master' into stable v1.0.2 Alexander Bersenev 2018-11-14 02:46:31 +05:00
  • 5187725088 Revert "just for history: attempting to pretent cloudfare service" Alexander Bersenev 2018-11-13 02:18:13 +05:00
  • dd1d0a6262 just for history: attempting to pretent cloudfare service Alexander Bersenev 2018-11-13 02:18:04 +05:00
  • d5daf8bbdf add secure only mode example in config Alexander Bersenev 2018-11-13 01:11:24 +05:00