astelm/telemt
1
0
Fork 0
mirror of https://github.com/telemt/telemt.git synced 2026-04-15 17:44:11 +03:00
Code Issues Packages Projects Releases Wiki Activity

TLS-F tuning

Browse Source 
Once - full certificate chain, next - only metadata
This commit is contained in:
Alexey
2026-02-23 05:42:07 +03:00
parent 3e4b98b002
commit cfe8fc72a5
3 changed files with 139 additions and 29 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
src/proxy/handshake.rs
View File

@@ -108,11 +108,18 @@ where
let cached = if config.censorship.tls_emulation {
if let Some(cache) = tls_cache.as_ref() {
if let Some(sni) = tls::extract_sni_from_client_hello(handshake) {
Some(cache.get(&sni).await)
let selected_domain = if let Some(sni) = tls::extract_sni_from_client_hello(handshake) {
if cache.contains_domain(&sni).await {
sni
} else {
config.censorship.tls_domain.clone()
}
} else {
Some(cache.get(&config.censorship.tls_domain).await)
}
config.censorship.tls_domain.clone()
};
let cached_entry = cache.get(&selected_domain).await;
let use_full_cert_payload = cache.take_full_cert_budget(&selected_domain).await;
Some((cached_entry, use_full_cert_payload))
} else {
None
}
@@ -137,12 +144,13 @@ where
None
};
let response = if let Some(cached_entry) = cached {
let response = if let Some((cached_entry, use_full_cert_payload)) = cached {
emulator::build_emulated_server_hello(
secret,
&validation.digest,
&validation.session_id,
&cached_entry,
use_full_cert_payload,
rng,
selected_alpn.clone(),
config.censorship.tls_new_session_tickets,