diff --git a/http.go b/http.go index 1741607..fb352e4 100644 --- a/http.go +++ b/http.go @@ -135,12 +135,9 @@ func (h *httpHandler) Handle(conn net.Conn) { } // try to get the actual host. - if req.Host != "" { - if index := strings.IndexByte(req.Host, '.'); index > 0 { - // try to decode the prefix - if name, err := decodeServerName(req.Host[:index]); err == nil { - req.Host = name - } + if v := req.Header.Get("Gost-Target"); v != "" { + if host, err := decodeServerName(v); err == nil { + req.Host = host } } diff --git a/sni.go b/sni.go index 513ac36..8e21722 100644 --- a/sni.go +++ b/sni.go @@ -146,7 +146,6 @@ func (c *sniClientConn) obfuscate(p []byte) ([]byte, error) { return b, nil } - // TODO: HTTP obfuscate buf := &bytes.Buffer{} br := bufio.NewReader(bytes.NewReader(p)) for { @@ -171,12 +170,12 @@ func (c *sniClientConn) obfuscate(p []byte) ([]byte, error) { if strings.HasPrefix(s, "Host") { s = strings.TrimSpace(strings.TrimSuffix(strings.TrimPrefix(s, "Host:"), "\r\n")) - name := encodeServerName(s) + "." + c.host + host := encodeServerName(s) if Debug { - log.Logf("[sni] obfuscate: %s -> %s", s, name) + log.Logf("[sni] obfuscate: %s -> %s", s, c.host) } - buf.WriteString("Host: " + name + "\r\n") - + buf.WriteString("Host: " + c.host + "\r\n") + buf.WriteString("Gost-Target: " + host + "\r\n") // drain the remain bytes. io.Copy(buf, br) break @@ -196,21 +195,31 @@ func readClientHelloRecord(r io.Reader, host string, isClient bool) ([]byte, str if err := clientHello.Decode(record.Opaque); err != nil { return nil, "", err } + + if !isClient { + var extensions []dissector.Extension + + for _, ext := range clientHello.Extensions { + if ext.Type() == 0xFFFE { + if host, err = decodeServerName(string(ext.Bytes()[4:])); err == nil { + continue + } + } + extensions = append(extensions, ext) + } + clientHello.Extensions = extensions + } + for _, ext := range clientHello.Extensions { if ext.Type() == dissector.ExtServerName { snExtension := ext.(*dissector.ServerNameExtension) - serverName := snExtension.Name if isClient { - snExtension.Name = encodeServerName(serverName) + "." + host - } else { - if index := strings.IndexByte(serverName, '.'); index > 0 { - // try to decode the prefix - if name, err := decodeServerName(serverName[:index]); err == nil { - snExtension.Name = name - } - } + clientHello.Extensions = append(clientHello.Extensions, + dissector.NewExtension(0xFFFE, []byte(encodeServerName(snExtension.Name)))) + } + if host != "" { + snExtension.Name = host } - host = snExtension.Name break } } diff --git a/vendor/github.com/ginuerzh/tls-dissector/extension.go b/vendor/github.com/ginuerzh/tls-dissector/extension.go index 259bd77..72e25bd 100644 --- a/vendor/github.com/ginuerzh/tls-dissector/extension.go +++ b/vendor/github.com/ginuerzh/tls-dissector/extension.go @@ -46,6 +46,16 @@ type unknownExtension struct { raw []byte } +func NewExtension(t uint16, data []byte) Extension { + ext := &unknownExtension{ + raw: make([]byte, 2+2+len(data)), + } + binary.BigEndian.PutUint16(ext.raw[:2], t) + binary.BigEndian.PutUint16(ext.raw[2:4], uint16(len(data))) + copy(ext.raw[4:], data) + return ext +} + func (ext *unknownExtension) Type() uint16 { return binary.BigEndian.Uint16(ext.raw) } diff --git a/vendor/vendor.json b/vendor/vendor.json index 7f3e75b..1569af6 100644 --- a/vendor/vendor.json +++ b/vendor/vendor.json @@ -99,10 +99,10 @@ "revisionTime": "2017-02-05T06:52:49Z" }, { - "checksumSHA1": "qBQox+0NNTwkyw+a4eMiuMjDxjY=", + "checksumSHA1": "ZefD404me5Nm13S6NTsfJ57UApI=", "path": "github.com/ginuerzh/tls-dissector", - "revision": "7daf6e2af3aed2de50b3662683f6434297949d2a", - "revisionTime": "2017-10-25T09:37:20Z" + "revision": "ede94e83b36efefb6d06e5a29d28e2211b8bd6a9", + "revisionTime": "2017-10-29T12:10:54Z" }, { "checksumSHA1": "fBx0fqiyrl26gkGo14J9pJ8zB2Y=",