iartamonov/mautrix-telegram
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity
Files
aab48f0dbe219d0077aa5c0f5dea95e566dfb7f4
mautrix-telegram/pkg/gotd/mtproxy/faketls/faketls.go
T
Adam Van Ymeren 7a04f298d2 move gotd fork into repo. (#111) 
- update to latest telegram layer
- remove some references to fields in tg.Entities that don't exist in
the schema
- originally added here:
https://github.com/beeper/td/commit/820929062a2ba0104397bc01235ab58a9cff780e
  - referenced here
-
https://github.com/mautrix/telegramgo/commit/124f0967ed195b5a380c9bd02e170ada9710dde3
-
https://github.com/mautrix/telegramgo/commit/4205047aab2e0639217148b5d125bfaab668bd8e
2025-06-27 20:03:37 -07:00

113 lines
2.5 KiB
Go
Raw Blame History

package faketls
import (
"bytes"
"io"
"sync"
"github.com/go-faster/errors"
"go.mau.fi/mautrix-telegram/pkg/gotd/clock"
"go.mau.fi/mautrix-telegram/pkg/gotd/mtproxy"
)
// FakeTLS implements FakeTLS obfuscation protocol.
type FakeTLS struct {
rand io.Reader
clock clock.Clock
conn io.ReadWriter
version [2]byte
firstPacket bool
readBuf bytes.Buffer
readBufMux sync.Mutex
}
// NewFakeTLS creates new FakeTLS.
func NewFakeTLS(r io.Reader, conn io.ReadWriter) *FakeTLS {
return &FakeTLS{
rand: r,
clock: clock.System,
conn: conn,
version: Version12Bytes,
readBuf: bytes.Buffer{},
}
}
// Handshake performs FakeTLS handshake.
func (o *FakeTLS) Handshake(protocol [4]byte, dc int, s mtproxy.Secret) error {
o.readBufMux.Lock()
o.readBuf.Reset()
o.readBufMux.Unlock()
var sessionID [32]byte
if _, err := o.rand.Read(sessionID[:]); err != nil {
return errors.Wrap(err, "generate sessionID")
}
clientDigest, err := writeClientHello(o.conn, o.clock, sessionID, s.CloakHost, s.Secret)
if err != nil {
return errors.Wrap(err, "send ClientHello")
}
if err := readServerHello(o.conn, clientDigest, s.Secret); err != nil {
return errors.Wrap(err, "receive ServerHello")
}
return nil
}
// Write implements io.Writer.
func (o *FakeTLS) Write(b []byte) (n int, err error) {
// Some proxies require sending first packet with RecordTypeChangeCipherSpec.
//
// See https://github.com/tdlib/td/blob/master/td/mtproto/TcpTransport.cpp#L266.
if !o.firstPacket {
_, err = writeRecord(o.conn, record{
Type: RecordTypeChangeCipherSpec,
Version: o.version,
Data: []byte("\x01"),
})
if err != nil {
return 0, errors.Wrap(err, "write first TLS packet")
}
o.firstPacket = true
}
n, err = writeRecord(o.conn, record{
Type: RecordTypeApplication,
Version: o.version,
Data: b,
})
if err != nil {
return 0, errors.Wrap(err, "write TLS record")
}
return
}
// Read implements io.Reader.
func (o *FakeTLS) Read(b []byte) (n int, err error) {
o.readBufMux.Lock()
defer o.readBufMux.Unlock()
if o.readBuf.Len() > 0 {
return o.readBuf.Read(b)
}
rec, err := readRecord(o.conn)
if err != nil {
return 0, errors.Wrap(err, "read TLS record")
}
switch rec.Type {
case RecordTypeChangeCipherSpec:
case RecordTypeApplication:
case RecordTypeHandshake:
return 0, errors.New("unexpected record type handshake")
default:
return 0, errors.Errorf("unsupported record type %v", rec.Type)
}
o.readBuf.Write(rec.Data)
return o.readBuf.Read(b)
}
Reference in New Issue View Git Blame Copy Permalink