add sid for connector log

This commit is contained in:
ginuerzh
2024-09-20 18:20:57 +08:00
parent e37213ac01
commit e09ec08881
22 changed files with 142 additions and 46 deletions
+6 -19
View File
@@ -25,7 +25,7 @@ func Sniffing(ctx context.Context, rdw io.ReadWriter) (rw io.ReadWriter, host st
if err == nil &&
hdr[0] == dissector.Handshake &&
(tlsVersion >= tls.VersionTLS10 && tlsVersion <= tls.VersionTLS13) {
rw, host, err = sniffSNI(ctx, rw)
rw, host, err = sniffSNI(rw)
protocol = ProtoTLS
return
}
@@ -48,32 +48,19 @@ func Sniffing(ctx context.Context, rdw io.ReadWriter) (rw io.ReadWriter, host st
return
}
func sniffSNI(ctx context.Context, rw io.ReadWriter) (io.ReadWriter, string, error) {
func sniffSNI(rw io.ReadWriter) (io.ReadWriter, string, error) {
buf := new(bytes.Buffer)
host, err := getServerName(ctx, io.TeeReader(rw, buf))
host, err := getServerName(io.TeeReader(rw, buf))
rw = xio.NewReadWriter(io.MultiReader(buf, rw), rw)
return rw, host, err
}
func getServerName(ctx context.Context, r io.Reader) (host string, err error) {
record, err := dissector.ReadRecord(r)
func getServerName(r io.Reader) (host string, err error) {
clientHello, err := dissector.ParseClientHello(r)
if err != nil {
return
}
clientHello := dissector.ClientHelloMsg{}
if err = clientHello.Decode(record.Opaque); err != nil {
return
}
for _, ext := range clientHello.Extensions {
if ext.Type() == dissector.ExtServerName {
snExtension := ext.(*dissector.ServerNameExtension)
host = snExtension.Name
break
}
}
host = clientHello.ServerName
return
}
+92 -23
View File
@@ -6,6 +6,7 @@ import (
"fmt"
"net"
"os"
"strconv"
"strings"
"time"
@@ -20,7 +21,9 @@ const (
VersionTLS13 = "VersionTLS13"
)
// Cipher suites from https://pkg.go.dev/crypto/tls#pkg-constants
const (
// TLS 1.0 - 1.2 cipher suites.
TLS_RSA_WITH_RC4_128_SHA = "TLS_RSA_WITH_RC4_128_SHA"
TLS_RSA_WITH_3DES_EDE_CBC_SHA = "TLS_RSA_WITH_3DES_EDE_CBC_SHA"
TLS_RSA_WITH_AES_128_CBC_SHA = "TLS_RSA_WITH_AES_128_CBC_SHA"
@@ -43,8 +46,74 @@ const (
TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 = "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384"
TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 = "TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256"
TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 = "TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256"
// TLS 1.3 cipher suites.
TLS_AES_128_GCM_SHA256 = "TLS_AES_128_GCM_SHA256"
TLS_AES_256_GCM_SHA384 = "TLS_AES_256_GCM_SHA384"
TLS_CHACHA20_POLY1305_SHA256 = "TLS_CHACHA20_POLY1305_SHA256"
// TLS_FALLBACK_SCSV isn't a standard cipher suite but an indicator
// that the client is doing version fallback. See RFC 7507.
TLS_FALLBACK_SCSV = "TLS_FALLBACK_SCSV"
)
var (
cipherSuites = map[uint16]string{
tls.TLS_RSA_WITH_RC4_128_SHA: TLS_RSA_WITH_RC4_128_SHA,
tls.TLS_RSA_WITH_3DES_EDE_CBC_SHA: TLS_RSA_WITH_3DES_EDE_CBC_SHA,
tls.TLS_RSA_WITH_AES_128_CBC_SHA: TLS_RSA_WITH_AES_128_CBC_SHA,
tls.TLS_RSA_WITH_AES_256_CBC_SHA: TLS_RSA_WITH_AES_256_CBC_SHA,
tls.TLS_RSA_WITH_AES_128_CBC_SHA256: TLS_RSA_WITH_AES_128_CBC_SHA256,
tls.TLS_RSA_WITH_AES_128_GCM_SHA256: TLS_RSA_WITH_AES_128_GCM_SHA256,
tls.TLS_RSA_WITH_AES_256_GCM_SHA384: TLS_RSA_WITH_AES_256_GCM_SHA384,
tls.TLS_ECDHE_ECDSA_WITH_RC4_128_SHA: TLS_ECDHE_ECDSA_WITH_RC4_128_SHA,
tls.TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
tls.TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
tls.TLS_ECDHE_RSA_WITH_RC4_128_SHA: TLS_ECDHE_RSA_WITH_RC4_128_SHA,
tls.TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA: TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA,
tls.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,
tls.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,
tls.TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,
tls.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,
tls.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
tls.TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256: TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
tls.TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384: TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
tls.TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384: TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
tls.TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256: TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256,
tls.TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256: TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256,
tls.TLS_AES_128_GCM_SHA256: TLS_AES_128_GCM_SHA256,
tls.TLS_AES_256_GCM_SHA384: TLS_AES_256_GCM_SHA384,
tls.TLS_CHACHA20_POLY1305_SHA256: TLS_CHACHA20_POLY1305_SHA256,
}
versions = map[uint16]string{
tls.VersionSSL30: "sslv3",
tls.VersionTLS10: "tls1.0",
tls.VersionTLS11: "tls1.1",
tls.VersionTLS12: "tls1.2",
tls.VersionTLS13: "tls1.3",
}
)
type CipherSuite uint16
func (cs CipherSuite) String() string {
if v, ok := cipherSuites[uint16(cs)]; ok {
return v
}
return strconv.Itoa(int(cs))
}
type Version uint16
func (ver Version) String() string {
if v, ok := versions[uint16(ver)]; ok {
return v
}
return strconv.Itoa(int(ver))
}
// LoadDefaultConfig loads the certificate from cert & key files and optional CA file.
func LoadDefaultConfig(certFile, keyFile, caFile string) (*tls.Config, error) {
cert, err := tls.LoadX509KeyPair(certFile, keyFile)
@@ -175,50 +244,50 @@ func SetTLSOptions(cfg *tls.Config, opts *config.TLSOptions) {
cfg.MaxVersion = tls.VersionTLS13
}
for _, v := range opts.CipherSuites {
switch strings.ToLower(v) {
case strings.ToLower(TLS_RSA_WITH_RC4_128_SHA):
switch strings.ToUpper(v) {
case TLS_RSA_WITH_RC4_128_SHA:
cfg.CipherSuites = append(cfg.CipherSuites, tls.TLS_RSA_WITH_RC4_128_SHA)
case strings.ToLower(TLS_RSA_WITH_3DES_EDE_CBC_SHA):
case TLS_RSA_WITH_3DES_EDE_CBC_SHA:
cfg.CipherSuites = append(cfg.CipherSuites, tls.TLS_RSA_WITH_3DES_EDE_CBC_SHA)
case strings.ToLower(TLS_RSA_WITH_AES_128_CBC_SHA):
case TLS_RSA_WITH_AES_128_CBC_SHA:
cfg.CipherSuites = append(cfg.CipherSuites, tls.TLS_RSA_WITH_AES_128_CBC_SHA)
case strings.ToLower(TLS_RSA_WITH_AES_256_CBC_SHA):
case TLS_RSA_WITH_AES_256_CBC_SHA:
cfg.CipherSuites = append(cfg.CipherSuites, tls.TLS_RSA_WITH_AES_256_CBC_SHA)
case strings.ToLower(TLS_RSA_WITH_AES_128_CBC_SHA256):
case TLS_RSA_WITH_AES_128_CBC_SHA256:
cfg.CipherSuites = append(cfg.CipherSuites, tls.TLS_RSA_WITH_AES_128_CBC_SHA256)
case strings.ToLower(TLS_RSA_WITH_AES_128_GCM_SHA256):
case TLS_RSA_WITH_AES_128_GCM_SHA256:
cfg.CipherSuites = append(cfg.CipherSuites, tls.TLS_RSA_WITH_AES_128_GCM_SHA256)
case strings.ToLower(TLS_RSA_WITH_AES_256_GCM_SHA384):
case TLS_RSA_WITH_AES_256_GCM_SHA384:
cfg.CipherSuites = append(cfg.CipherSuites, tls.TLS_RSA_WITH_AES_256_GCM_SHA384)
case strings.ToLower(TLS_ECDHE_ECDSA_WITH_RC4_128_SHA):
case TLS_ECDHE_ECDSA_WITH_RC4_128_SHA:
cfg.CipherSuites = append(cfg.CipherSuites, tls.TLS_ECDHE_ECDSA_WITH_RC4_128_SHA)
case strings.ToLower(TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA):
case TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA:
cfg.CipherSuites = append(cfg.CipherSuites, tls.TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA)
case strings.ToLower(TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA):
case TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA:
cfg.CipherSuites = append(cfg.CipherSuites, tls.TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA)
case strings.ToLower(TLS_ECDHE_RSA_WITH_RC4_128_SHA):
case TLS_ECDHE_RSA_WITH_RC4_128_SHA:
cfg.CipherSuites = append(cfg.CipherSuites, tls.TLS_ECDHE_RSA_WITH_RC4_128_SHA)
case strings.ToLower(TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA):
case TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA:
cfg.CipherSuites = append(cfg.CipherSuites, tls.TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA)
case strings.ToLower(TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA):
case TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA:
cfg.CipherSuites = append(cfg.CipherSuites, tls.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA)
case strings.ToLower(TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA):
case TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA:
cfg.CipherSuites = append(cfg.CipherSuites, tls.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA)
case strings.ToLower(TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256):
case TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256:
cfg.CipherSuites = append(cfg.CipherSuites, tls.TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256)
case strings.ToLower(TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256):
case TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256:
cfg.CipherSuites = append(cfg.CipherSuites, tls.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256)
case strings.ToLower(TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256):
case TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256:
cfg.CipherSuites = append(cfg.CipherSuites, tls.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256)
case strings.ToLower(TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256):
case TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256:
cfg.CipherSuites = append(cfg.CipherSuites, tls.TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256)
case strings.ToLower(TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384):
case TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384:
cfg.CipherSuites = append(cfg.CipherSuites, tls.TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384)
case strings.ToLower(TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384):
case TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384:
cfg.CipherSuites = append(cfg.CipherSuites, tls.TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384)
case strings.ToLower(TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256):
case TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256:
cfg.CipherSuites = append(cfg.CipherSuites, tls.TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256)
case strings.ToLower(TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256):
case TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256:
cfg.CipherSuites = append(cfg.CipherSuites, tls.TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256)
}
}