Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Fix issue with extMap not being thread safe #16

Open
wants to merge 5 commits into
base: master
Choose a base branch
from
Open

Fix issue with extMap not being thread safe #16

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
5 commits
Select commit Hold shift + click to select a range
b51ecbe
Fix issue with extMap not being thread safe
reneManqueros May 1, 2023
df9c5c8
Pin dependency
reneManqueros May 2, 2023
67df9b8
Update go.mod
reneManqueros Jun 2, 2023
26d1635
updated deps
reneManqueros Jun 2, 2023
ef458d3
remove fake certs
reneManqueros Feb 12, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
14 changes: 8 additions & 6 deletions go.mod
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,10 +1,12 @@
module github.com/CUCyber/ja3transport
module github.com/reneManqueros/ja3transport

go 1.13
go 1.20

replace github.com/refraction-networking/utls v1.3.2 => github.com/refraction-networking/utls v0.0.0-20200820030103-33a29038e742

require github.com/refraction-networking/utls v1.3.2

require (
github.com/refraction-networking/utls v0.0.0-20200820030103-33a29038e742
golang.org/x/crypto v0.0.0-20201016220609-9e8e0b390897 // indirect
golang.org/x/net v0.0.0-20191119073136-fc4aabc6c914
golang.org/x/sys v0.0.0-20201029080932-201ba4db2418 // indirect
golang.org/x/crypto v0.9.0 // indirect
golang.org/x/sys v0.8.0 // indirect
)
23 changes: 8 additions & 15 deletions go.sum
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,17 +1,10 @@
github.com/refraction-networking/utls v0.0.0-20190909200633-43c36d3c1f57 h1:SL1K0QAuC1b54KoY1pjPWe6kSlsFHwK9/oC960fKrTY=
github.com/refraction-networking/utls v0.0.0-20190909200633-43c36d3c1f57/go.mod h1:tz9gX959MEFfFN5whTIocCLUG57WiILqtdVxI8c6Wj0=
github.com/refraction-networking/utls v0.0.0-20200820030103-33a29038e742 h1:m1yyAlx20ZxDzjLZK3UWd8IYmK0xo65nRzO02F9s4as=
github.com/refraction-networking/utls v0.0.0-20200820030103-33a29038e742/go.mod h1:tz9gX959MEFfFN5whTIocCLUG57WiILqtdVxI8c6Wj0=
golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
golang.org/x/crypto v0.0.0-20191117063200-497ca9f6d64f h1:kz4KIr+xcPUsI3VMoqWfPMvtnJ6MGfiVwsWSVzphMO4=
golang.org/x/crypto v0.0.0-20191117063200-497ca9f6d64f/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
golang.org/x/crypto v0.0.0-20201016220609-9e8e0b390897 h1:pLI5jrR7OSLijeIDcmRxNmw2api+jEfxLoykJVice/E=
golang.org/x/crypto v0.0.0-20201016220609-9e8e0b390897/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
golang.org/x/net v0.0.0-20191119073136-fc4aabc6c914/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
golang.org/x/sys v0.0.0-20190412213103-97732733099d h1:+R4KGOnez64A81RvjARKc4UT5/tI9ujCIVX+P5KiHuI=
golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20201029080932-201ba4db2418 h1:HlFl4V6pEMziuLXyRkm5BIYq1y1GAbb02pRlWvI54OM=
golang.org/x/sys v0.0.0-20201029080932-201ba4db2418/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
golang.org/x/crypto v0.8.0 h1:pd9TJtTueMTVQXzk8E2XESSMQDj/U7OUu0PqJqPXQjQ=
golang.org/x/crypto v0.8.0/go.mod h1:mRqEX+O9/h5TFCrQhkgjo2yKi0yYA+9ecGkdQoHrywE=
golang.org/x/crypto v0.9.0 h1:LF6fAI+IutBocDJ2OT0Q1g8plpYljMZ4+lty+dsqw3g=
golang.org/x/crypto v0.9.0/go.mod h1:yrmDGqONDYtNj3tH8X9dzUun2m2lzPa9ngI6/RUPGR0=
golang.org/x/sys v0.7.0 h1:3jlCCIQZPdOYu1h8BkNvLz8Kgwtae2cagcG/VamtZRU=
golang.org/x/sys v0.7.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.8.0 h1:EBmGv8NaZBZTWvrbjNoL6HVt+IVy3QDQpJs7VRIw3tU=
golang.org/x/sys v0.8.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
2 changes: 1 addition & 1 deletion ja3client_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,8 +6,8 @@ import (
"net/http"
"testing"

. "github.com/CUCyber/ja3transport"
tls "github.com/refraction-networking/utls"
. "github.com/reneManqueros/ja3transport"
)

const DefaultJA3Sig string = "771,4865-4866-4867-49196-49195-49188-49187-49162-49161-52393-49200-49199-49192-49191-49172-49171-52392-157-156-61-60-53-47-49160-49170-10,65281-0-23-13-5-18-16-11-51-45-43-10-21,29-23-24-25,0"
Expand Down
96 changes: 50 additions & 46 deletions transport.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -29,50 +29,53 @@ func (e ErrExtensionNotExist) Error() string {
// special way. For example, "10" is the SupportedCurves extension which is also
// used to calculate the JA3 signature. These JA3-dependent values are applied
// after the instantiation of the map.
var extMap = map[string]tls.TLSExtension{
"0": &tls.SNIExtension{},
"5": &tls.StatusRequestExtension{},
// These are applied later
// "10": &tls.SupportedCurvesExtension{...}
// "11": &tls.SupportedPointsExtension{...}
"13": &tls.SignatureAlgorithmsExtension{
SupportedSignatureAlgorithms: []tls.SignatureScheme{
tls.ECDSAWithP256AndSHA256,
tls.PSSWithSHA256,
tls.PKCS1WithSHA256,
tls.ECDSAWithP384AndSHA384,
tls.PSSWithSHA384,
tls.PKCS1WithSHA384,
tls.PSSWithSHA512,
tls.PKCS1WithSHA512,
tls.PKCS1WithSHA1,
func getExtMap() map[string]tls.TLSExtension {

return map[string]tls.TLSExtension{
"0": &tls.SNIExtension{},
"5": &tls.StatusRequestExtension{},
// These are applied later
// "10": &tls.SupportedCurvesExtension{...}
// "11": &tls.SupportedPointsExtension{...}
"13": &tls.SignatureAlgorithmsExtension{
SupportedSignatureAlgorithms: []tls.SignatureScheme{
tls.ECDSAWithP256AndSHA256,
tls.PSSWithSHA256,
tls.PKCS1WithSHA256,
tls.ECDSAWithP384AndSHA384,
tls.PSSWithSHA384,
tls.PKCS1WithSHA384,
tls.PSSWithSHA512,
tls.PKCS1WithSHA512,
tls.PKCS1WithSHA1,
},
},
},
"16": &tls.ALPNExtension{
AlpnProtocols: []string{"h2", "http/1.1"},
},
"18": &tls.SCTExtension{},
"21": &tls.UtlsPaddingExtension{GetPaddingLen: tls.BoringPaddingStyle},
"23": &tls.UtlsExtendedMasterSecretExtension{},
"27": &tls.FakeCertCompressionAlgsExtension{},
"28": &tls.FakeRecordSizeLimitExtension{},
"35": &tls.SessionTicketExtension{},
"43": &tls.SupportedVersionsExtension{Versions: []uint16{
tls.GREASE_PLACEHOLDER,
tls.VersionTLS13,
tls.VersionTLS12,
tls.VersionTLS11,
tls.VersionTLS10}},
"44": &tls.CookieExtension{},
"45": &tls.PSKKeyExchangeModesExtension{
Modes: []uint8{
tls.PskModeDHE,
}},
"51": &tls.KeyShareExtension{KeyShares: []tls.KeyShare{}},
"13172": &tls.NPNExtension{},
"65281": &tls.RenegotiationInfoExtension{
Renegotiation: tls.RenegotiateOnceAsClient,
},
"16": &tls.ALPNExtension{
AlpnProtocols: []string{"h2", "http/1.1"},
},
"18": &tls.SCTExtension{},
"21": &tls.UtlsPaddingExtension{GetPaddingLen: tls.BoringPaddingStyle},
"23": &tls.UtlsExtendedMasterSecretExtension{},
//"27": &tls.FakeCertCompressionAlgsExtension{},
"28": &tls.FakeRecordSizeLimitExtension{},
"35": &tls.SessionTicketExtension{},
"43": &tls.SupportedVersionsExtension{Versions: []uint16{
tls.GREASE_PLACEHOLDER,
tls.VersionTLS13,
tls.VersionTLS12,
tls.VersionTLS11,
tls.VersionTLS10}},
"44": &tls.CookieExtension{},
"45": &tls.PSKKeyExchangeModesExtension{
Modes: []uint8{
tls.PskModeDHE,
}},
"51": &tls.KeyShareExtension{KeyShares: []tls.KeyShare{}},
"13172": &tls.NPNExtension{},
"65281": &tls.RenegotiationInfoExtension{
Renegotiation: tls.RenegotiateOnceAsClient,
},
}
}

// NewTransport creates an http.Transport which mocks the given JA3 signature when HTTPS is used
Expand Down Expand Up @@ -110,6 +113,7 @@ func NewTransportWithConfig(ja3 string, config *tls.Config) (*http.Transport, er

// stringToSpec creates a ClientHelloSpec based on a JA3 string
func stringToSpec(ja3 string) (*tls.ClientHelloSpec, error) {
thisExtMap := getExtMap()
tokens := strings.Split(ja3, ",")

version := tokens[0]
Expand All @@ -133,7 +137,7 @@ func stringToSpec(ja3 string) (*tls.ClientHelloSpec, error) {
}
targetCurves = append(targetCurves, tls.CurveID(cid))
}
extMap["10"] = &tls.SupportedCurvesExtension{Curves: targetCurves}
thisExtMap["10"] = &tls.SupportedCurvesExtension{Curves: targetCurves}

// parse point formats
var targetPointFormats []byte
Expand All @@ -144,12 +148,12 @@ func stringToSpec(ja3 string) (*tls.ClientHelloSpec, error) {
}
targetPointFormats = append(targetPointFormats, byte(pid))
}
extMap["11"] = &tls.SupportedPointsExtension{SupportedPoints: targetPointFormats}
thisExtMap["11"] = &tls.SupportedPointsExtension{SupportedPoints: targetPointFormats}

// build extenions list
var exts []tls.TLSExtension
for _, e := range extensions {
te, ok := extMap[e]
te, ok := thisExtMap[e]
if !ok {
return nil, ErrExtensionNotExist(e)
}
Expand Down