diff --git a/Cargo.lock b/Cargo.lock index 0215480..2d30574 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -379,9 +379,9 @@ dependencies = [ [[package]] name = "monoio-rustls-fork-shadow-tls" -version = "0.0.7" +version = "0.0.8-mod.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "0d853bb7dc693f20d7918e0c1344c5c2ad1209e0c0061d962e041bc5423b3e02" +checksum = "c9ce576264fc2b3a54f3f9d0159e6968cccfcd59cbd24aaac422999490678434" dependencies = [ "bytes", "monoio", @@ -594,9 +594,9 @@ dependencies = [ [[package]] name = "rustls-fork-shadow-tls" -version = "0.20.8" +version = "0.20.9-mod.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "227b89ca93267855a168e5293f66c74d43afabcdf2239947d3b5904928388161" +checksum = "a095c00ed7b7606a456667abd022d50437f66bd2b6db1d90c93227e8f329dec8" dependencies = [ "log", "ring", @@ -756,10 +756,11 @@ dependencies = [ [[package]] name = "thread_local" -version = "1.1.4" +version = "1.1.7" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "5516c27b78311c50bf42c071425c560ac799b11c30b31f87e3081965fe5e0180" +checksum = "3fdd6f064ccff2d6567adcb3873ca630700f00b5ad3f060c25b5dcfd9a4ce152" dependencies = [ + "cfg-if", "once_cell", ] diff --git a/Cargo.toml b/Cargo.toml index a816c98..fc7d6f5 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -11,8 +11,8 @@ version = "0.2.15" [dependencies] monoio = {version = "0.0.9"} -monoio-rustls-fork-shadow-tls = {version = "0.0.7"} -rustls-fork-shadow-tls = {version = "0.20", default-features = false} +monoio-rustls-fork-shadow-tls = {version = "0.0.8-mod.2"} +rustls-fork-shadow-tls = {version = "0.20.9-mod.2", default-features = false} anyhow = "1" byteorder = "1" diff --git a/src/client.rs b/src/client.rs index aa1187e..edc0d8a 100644 --- a/src/client.rs +++ b/src/client.rs @@ -545,5 +545,6 @@ fn generate_session_id(hmac: &Hmac, buf: &[u8]) -> [u8; TLS_SESSION_ID_SIZE] { HMAC_SIZE, ) } + tracing::debug!("ClientHello before sign: {buf:?}, session_id {session_id:?}"); session_id } diff --git a/src/server.rs b/src/server.rs index c2424b5..fb5993a 100644 --- a/src/server.rs +++ b/src/server.rs @@ -257,7 +257,7 @@ impl ShadowTlsServer { let mut handshake_stream = TcpStream::connect(addr).await?; mod_tcp_conn(&mut handshake_stream, true, self.nodelay); tracing::debug!("handshake server connected: {addr}"); - + tracing::trace!("ClientHello frame {first_client_frame:?}"); let (res, _) = handshake_stream.write_all(first_client_frame).await; res?; if !client_hello_pass { @@ -281,7 +281,7 @@ impl ShadowTlsServer { return Ok(()); } }; - tracing::debug!("ServerRandom extracted: {server_random:?}"); + tracing::debug!("Client authenticated. ServerRandom extracted: {server_random:?}"); if !support_tls13(&first_server_frame) { tracing::error!("TLS 1.3 is not supported, will copy bidirectional"); @@ -780,21 +780,13 @@ async fn copy_by_frame_until_hmac_matches( let mut g_buffer = Vec::new(); loop { - tracing::debug!("copy_by_frame_until_hmac_matches getting frame"); let buffer = read_exact_frame_into(&mut read, g_buffer).await?; - tracing::debug!("copy_by_frame_until_hmac_matches get a frame: {buffer:?}",); if buffer.len() > 9 && buffer[0] == APPLICATION_DATA { // check hmac let mut tmp_hmac = hmac.to_owned(); tmp_hmac.update(&buffer[TLS_HMAC_HEADER_SIZE..]); let h = tmp_hmac.finalize(); - tracing::debug!( - "tmp hmac({:?}) = {h:?}, raw = {:?}", - &buffer[TLS_HMAC_HEADER_SIZE..], - &buffer[TLS_HEADER_SIZE..TLS_HMAC_HEADER_SIZE] - ); - if buffer[TLS_HEADER_SIZE..TLS_HMAC_HEADER_SIZE] == h { hmac.update(&buffer[TLS_HMAC_HEADER_SIZE..]); hmac.update(&buffer[TLS_HEADER_SIZE..TLS_HMAC_HEADER_SIZE]); @@ -829,7 +821,6 @@ async fn copy_by_frame_with_modification( monoio::select! { // this function can be stopped by a channel when reading. _ = &mut stop => { - tracing::debug!("copy_by_frame_with_modification recv stop"); return Ok(()); }, buffer_res = read_exact_frame_into(&mut read, g_buffer) => { @@ -893,10 +884,11 @@ fn support_tls13(frame: &[u8]) -> bool { read_ok!(cursor.skip_by_u16()); continue; } - tracing::debug!("found supported_versions extension"); let ext_len = read_ok!(cursor.read_u16::()); let ext_val = read_ok!(cursor.read_u16::()); - return ext_len == 2 && ext_val == TLS_13; + let use_tls13 = ext_len == 2 && ext_val == TLS_13; + tracing::debug!("found supported_versions extension, tls1.3: {use_tls13}"); + return use_tls13; } false }