feat: add client alpn extension #42
Conversation
|
Thanks for your PR! |
I read your blog and I agree with your opinion. But it might be kind of hard to make rustls's fingerprint totally same as some browser. Not only because we don't have library like utls ,but also rustls seems just have 9 Cipher Suites , but most browser have more. So I think it's impossible to use rustls as utls now. This should be done by other threads sometime. Adding alpn is what we can do, and may be necessary for some handshake servers(well, That's why this pr is created). |
src/client.rs
Outdated
| .with_safe_defaults() | ||
| .with_root_certificates(root_store) | ||
| .with_no_client_auth(); | ||
| // Set ALPN | ||
| if alpn.len() != 0 { | ||
| tls_config.alpn_protocols = vec![alpn.as_bytes().to_vec()]; |
There was a problem hiding this comment.
I suggest put something like TLSConfig(with impl Default) in ShadowTlsClient::new, and put alpns inside it so we can extend it easily.
Also, since there can be multiple ALPN, maybe something like Vec<Vec<u8>>.
There was a problem hiding this comment.
It's a good idea to put all tls extension config in a struct, but i don't understand about impl Default.
After we create a struct and put config in it, ShadowTlsClient::new may use this struct as a parameter, so why we need default value?
There was a problem hiding this comment.
About multiple ALPN, it's easy to change it into Vec<Vec<u8>>, but i have no idea about how to get a vector from args. I need some help or change the way get config.
|
Closed because I manually rebased onto the master and pushed it. |
In most of time, when you send client hello to server while viewing website, client will set alpn. This PR get alpn from args, and set alpn in
tls_config.