bughz/3proxy
1
0
Fork 0
mirror of https://github.com/3proxy/3proxy.git synced 2025-12-16 11:36:43 +08:00
Code Issues Actions Packages Projects Releases Wiki Activity

client_sni command added; do not send hostname from request as SNI in SSL client configuration
Some checks failed
C/C++ CI / ${{ matrix.target }} (macos-15) (push) Has been cancelled
Details
C/C++ CI / ${{ matrix.target }} (ubuntu-24.04-arm) (push) Has been cancelled
Details
C/C++ CI / ${{ matrix.target }} (ubuntu-latest) (push) Has been cancelled
Details
C/C++ CI / ${{ matrix.target }} (windows-2022) (push) Has been cancelled
Details

Browse Source
This commit is contained in:
Vladimir Dubrovin 2025-12-12 19:08:26 +03:00
parent ec7004cd6f
commit b5ab5b8906
2 changed files with 27 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/plugins/SSLPlugin/my_ssl.h
View File

@ -30,6 +30,8 @@ struct ssl_config {
char * server_ca_file;
char * server_ca_dir;
char * server_ca_store;
char * client_sni;
char * client_alpn;
int mitm;
int serv;
int cli;

26
src/plugins/SSLPlugin/ssl_plugin.c
View File

@ -58,6 +58,8 @@ char * client_ciphersuites = NULL;
char * server_ciphersuites = NULL;
char * client_cipher_list = NULL;
char * server_cipher_list = NULL;
char * client_sni = NULL;
char * client_alpn = NULL;
typedef struct _ssl_conn {
struct SSL_CTX *ctx;
@ -312,8 +314,11 @@ int docli(struct clientparam* param){
SSL_CONN ServerConn;
SSL_CERT ServerCert=NULL;
unsigned char *hostname;
hostname = param->hostname;
param->hostname = (unsigned char *)PCONF->client_sni;
ServerConn = dosrvcon(param, &ServerCert);
param->hostname = hostname;
_ssl_cert_free(ServerCert);
if(!ServerConn) return 1;
@ -442,6 +447,9 @@ static void* ssl_filter_open(void * idata, struct srvparam * srv){
if(server_ca_dir)sc->server_ca_dir=server_ca_dir;
if(server_ca_store)sc->server_ca_store=server_ca_store;
if(client_sni)sc->client_sni=client_sni;
if(client_alpn)sc->client_alpn=client_alpn;
if(mitm){
if(!server_ca_file){
@ -635,6 +643,8 @@ static void ssl_filter_close(void *fo){
free(CONFIG->client_ca_file);
free(CONFIG->client_ca_dir);
free(CONFIG->client_ca_store);
free(CONFIG->client_sni);
free(CONFIG->client_alpn);
free(fo);
}
@ -835,6 +845,18 @@ static int h_client_ca_store(int argc, unsigned char **argv){
return 0;
}
static int h_client_sni(int argc, unsigned char **argv){
free(client_sni);
client_sni = argc > 1? strdup((char *)argv[1]) : NULL;
return 0;
}
static int h_client_alpn(int argc, unsigned char **argv){
free(client_alpn);
client_alpn = argc > 1? strdup((char *)argv[1]) : NULL;
return 0;
}
static int h_server_ca_dir(int argc, unsigned char **argv){
free(server_ca_dir);
server_ca_dir = argc > 1? strdup((char *)argv[1]) : NULL;
@ -956,6 +978,8 @@ static struct commands ssl_commandhandlers[] = {
{ssl_commandhandlers+31, "ssl_server_no_verify", h_no_server_verify, 1, 1},
{ssl_commandhandlers+32, "ssl_server_ca_dir", h_server_ca_dir, 1, 2},
{ssl_commandhandlers+33, "ssl_server_ca_store", h_server_ca_store, 1, 2},
{ssl_commandhandlers+34, "ssl_client_sni", h_client_sni, 1, 2},
{ssl_commandhandlers+35, "ssl_client_alpn", h_client_alpn, 1, 2},
{NULL, "ssl_certcache", h_certcache, 2, 2},
};