nosni/patch.go at master · NightSpaceC/nosni · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
package main

import (
	"crypto/tls"
	_ "unsafe"

	"github.com/agiledragon/gomonkey/v2"
)

//lint:ignore U1000 tlsKeyShare is used in tlsClientHelloMsg
type tlsKeyShare struct {
	group tls.CurveID
	data  []byte
}

//lint:ignore U1000 tlsPSKIdentity is used in tlsClientHelloMsg
type tlsPSKIdentity struct {
	label               []byte
	obfuscatedTicketAge uint32
}

//lint:ignore U1000 tlsClientHelloMsg is a mirror of crypto/tls.keyShare
type tlsClientHelloMsg struct {
	original                         []byte
	vers                             uint16
	random                           []byte
	sessionId                        []byte
	cipherSuites                     []uint16
	compressionMethods               []uint8
	serverName                       string
	ocspStapling                     bool
	supportedCurves                  []tls.CurveID
	supportedPoints                  []uint8
	ticketSupported                  bool
	sessionTicket                    []uint8
	supportedSignatureAlgorithms     []tls.SignatureScheme
	supportedSignatureAlgorithmsCert []tls.SignatureScheme
	secureRenegotiationSupported     bool
	secureRenegotiation              []byte
	extendedMasterSecret             bool
	alpnProtocols                    []string
	scts                             bool
	supportedVersions                []uint16
	cookie                           []byte
	keyShares                        []tlsKeyShare
	earlyData                        bool
	pskModes                         []uint8
	pskIdentities                    []tlsPSKIdentity
	pskBinders                       [][]byte
	quicTransportParameters          []byte
	encryptedClientHello             []byte
	// extensions are only populated on the server-side of a handshake
	extensions []uint16
}

//go:linkname clientHelloMsgMarshal crypto/tls.(*clientHelloMsg).marshal
func clientHelloMsgMarshal(m *tlsClientHelloMsg) ([]byte, error)

//go:linkname clientHelloMsgMarshalMsg crypto/tls.(*clientHelloMsg).marshalMsg
func clientHelloMsgMarshalMsg(m *tlsClientHelloMsg, echInner bool) ([]byte, error)

func clientHelloMsgMarshalPatched(m *tlsClientHelloMsg) ([]byte, error) {
	tmp := *m
	tmp.serverName = ""
	return clientHelloMsgMarshalMsg(&tmp, false)
}

func patchTLSServerName() *gomonkey.Patches {
	return gomonkey.ApplyFunc(clientHelloMsgMarshal, clientHelloMsgMarshalPatched)
}