Temporary fix #17

This commit will entirely disable Fake SNI if flag -DNO_FAKE_SNI is set
Waujito · Aug 2, 2024 · a96d621 · a96d621
1 parent 10006d4
commit a96d621
Show file tree

Hide file tree

Showing 3 changed files with 12 additions and 5 deletions.
diff --git a/Makefile b/Makefile
@@ -3,7 +3,7 @@ DEPSDIR := $(BUILD_DIR)/deps
 
 CC := gcc
 LD := gcc
-CFLAGS:=-Wall -Wpedantic -Wno-unused-variable -I$(DEPSDIR)/include -Os 
+CFLAGS:=-Wall -Wpedantic -Wno-unused-variable -I$(DEPSDIR)/include -Os
 LDFLAGS:=-L$(DEPSDIR)/lib -static
 
 LIBNFNETLINK_CFLAGS := -I$(DEPSDIR)/include

diff --git a/README.md b/README.md
@@ -34,7 +34,7 @@ Also DNS over HTTPS (DOH) is preferred for additional anonimity.
 If you have any troubles with youtubeUnblock, here are some options to tune. If them don't work in your case, please, open an issue. You can pass these options in make CFLAGS (`make CFLAGS=...`) or edit CFLAGS variable in Makefile.
 Available flags:
 - -DUSE_SEG2_DELAY This flag forces youtubeUnblock to wait little bit before send the 2nd part of the split packet. You can tune the amount of time in `#define SEG2_DELAY 100` where 100 stands for milliseconds.
-- -DNO_FAKE_SNI This flag forces youtubeUnblock to send at least three packets instead of one with TLS ClientHello: Fake ClientHello, 1st part of original ClientHello, 2nd part of original ClientHello.
+- -DNO_FAKE_SNI This flag disables -DFAKE_SNI which forces youtubeUnblock to send at least three packets instead of one with TLS ClientHello: Fake ClientHello, 1st part of original ClientHello, 2nd part of original ClientHello. Use this flag if you got gen_fake_sni error. Track this issue in https://github.com/Waujito/youtubeUnblock/issues/17
 - -DNOUSE_GSO This flag disables fix for Google Chrome fat ClientHello. The GSO is well tested now, so this flag probably won't fix anything.
 
 ## OpenWRT case

diff --git a/youtubeUnblock.c b/youtubeUnblock.c
@@ -701,18 +701,18 @@ static int process_packet(const struct packet_data packet) {
 
 
 #ifdef USE_TCP_SEGMENTATION
+		int ret = 0;
+#ifdef FAKE_SNI
 		struct pkt_buff *fake_sni = gen_fake_sni(ip_header, tcph);
 		if (fake_sni == NULL) goto fallback;
 
-		int ret = 0;
-#ifdef FAKE_SNI
 		ret = send_raw_socket(fake_sni);
-#endif
 		if (ret < 0) {
 			perror("send fake sni\n");
 			pktb_free(fake_sni);
 			goto fallback;
 		}
+#endif
 
 		size_t ipd_offset = vrd.sni_offset;
 		size_t mid_offset = ipd_offset + vrd.sni_len / 2;
@@ -725,14 +725,19 @@ static int process_packet(const struct packet_data packet) {
 
 		if (pktb == NULL) {
 			perror("pktb_alloc of payload");
+#ifdef FAKE_SNI
 			pktb_free(fake_sni);
+#endif
 			goto fallback;
 		}
 
 		if (tcp4_frag(pktb, mid_offset, &frag1, &frag2) < 0) {
 			perror("tcp4_frag");
 			pktb_free(pktb);
+#ifdef FAKE_SNI
 			pktb_free(fake_sni);
+#endif
+
 			goto fallback;
 		}
 
@@ -764,7 +769,9 @@ static int process_packet(const struct packet_data packet) {
 err:
 		pktb_free(frag2);
 		pktb_free(pktb);
+#ifdef FAKE_SNI
 		pktb_free(fake_sni);
+#endif
 
 #else
 		// TODO: Implement compute of tcp checksum