Update fingerprints + add default spec version (#25)

Update fingerprints + add default spec version * Adds fingerprints for Chrome 75, iOS 12.1, and Firefox 65(=Firefox 63) * If min/max tls versions are not explicitly specified in the ClientHelloSpec, uTLS will try to parse versions from SupportedVersions extension, and fallback to [TLS 1.0, TLS 1.2] if SupportedVersions is absent. * Adds mimicked FakeRecordSizeLimitExtension and FakeCertCompressionAlgsExtension to be used instead of GenericExtension{} for clarity and extensibility (we are ready to use those with Firefox and Chrome fps with correct values whenever actual functionality is implemented) * SetTLSVers: parse the right extensions + cosmetics
2025-04-03 03:57:36 +03:00 · 2019-03-27 10:53:10 -06:00 · 2019-03-27 10:53:10 -06:00 · b7c656eec2
commit b7c656eec2
parent 05163f8a36
5 changed files with 310 additions and 46 deletions
--- a/u_conn.go
+++ b/u_conn.go
@ -480,8 +480,58 @@ func (uconn *UConn) GetOutKeystream(length int) ([]byte, error) {
 	return nil, errors.New("Could not convert OutCipher to cipher.AEAD")
 }

-// SetVersCreateState set min and max TLS version in all appropriate places.
-func (uconn *UConn) SetTLSVers(minTLSVers, maxTLSVers uint16) error {
+// SetTLSVers sets min and max TLS version in all appropriate places.
+// Function will use first non-zero version parsed in following order:
+//   1) Provided minTLSVers, maxTLSVers
+//   2) specExtensions may have SupportedVersionsExtension
+//   3) [default] min = TLS 1.0, max = TLS 1.2
+//
+// Error is only returned if things are in clearly undesirable state
+// to help user fix them.
+func (uconn *UConn) SetTLSVers(minTLSVers, maxTLSVers uint16, specExtensions []TLSExtension) error {
+	if minTLSVers == 0 && maxTLSVers == 0 {
+		// if version is not set explicitly in the ClientHelloSpec, check the SupportedVersions extension
+		supportedVersionsExtensionsPresent := 0
+		for _, e := range specExtensions {
+			switch ext := e.(type) {
+			case *SupportedVersionsExtension:
+				findVersionsInSupportedVersionsExtensions := func(versions []uint16) (uint16, uint16) {
+					// returns (minVers, maxVers)
+					minVers := uint16(0)
+					maxVers := uint16(0)
+					for _, vers := range versions {
+						if vers == GREASE_PLACEHOLDER {
+							continue
+						}
+						if maxVers < vers || maxVers == 0 {
+							maxVers = vers
+						}
+						if minVers > vers || minVers == 0 {
+							minVers = vers
+						}
+					}
+					return minVers, maxVers
+				}
+
+				supportedVersionsExtensionsPresent += 1
+				minTLSVers, maxTLSVers = findVersionsInSupportedVersionsExtensions(ext.Versions)
+				if minTLSVers == 0 && maxTLSVers == 0 {
+					return fmt.Errorf("SupportedVersions extension has invalid Versions field")
+				} // else: proceed
+			}
+		}
+		switch supportedVersionsExtensionsPresent {
+		case 0:
+			// if mandatory for TLS 1.3 extension is not present, just default to 1.2
+			minTLSVers = VersionTLS10
+			maxTLSVers = VersionTLS12
+		case 1:
+		default:
+			return fmt.Errorf("uconn.Extensions contains %v separate SupportedVersions extensions",
+				supportedVersionsExtensionsPresent)
+		}
+	}
+
 	if minTLSVers < VersionTLS10 || minTLSVers > VersionTLS12 {
 		return fmt.Errorf("uTLS does not support 0x%X as min version", minTLSVers)
 	}