From 7eea7b1ae19ff7e9f3037cebfec63691e3d5db86 Mon Sep 17 00:00:00 2001 From: Buffrr Date: Sun, 15 May 2022 16:43:47 -0700 Subject: [PATCH 1/2] Allow a stricter subset of TLS 1.2 ciphersuites --- tls.go | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/tls.go b/tls.go index e7e003a..900cf84 100644 --- a/tls.go +++ b/tls.go @@ -24,6 +24,19 @@ func newTLSConfig(host string, rrs []*dns.TLSA, nameCheck bool) *tls.Config { VerifyConnection: verifyConnection(rrs, nameCheck), ServerName: host, MinVersion: tls.VersionTLS12, + // Supported TLS 1.2 cipher suites + // Crypto package does automatic cipher suite ordering + CipherSuites: []uint16{ + tls.TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, + tls.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, + tls.TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, + tls.TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, + tls.TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256, + tls.TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256, + tls.TLS_AES_128_GCM_SHA256, + tls.TLS_AES_256_GCM_SHA384, + tls.TLS_CHACHA20_POLY1305_SHA256, + }, } } From 2258e51763edbda8bfe6aa8bbb98cb96ceb8e6fd Mon Sep 17 00:00:00 2001 From: Buffrr Date: Sun, 15 May 2022 17:12:20 -0700 Subject: [PATCH 2/2] Fix check if NegotiatedProtocol is empty If peer doesn't support ALPN, ConnectionState.NegotiatedProtocol will be empty. NegotiatedProtocol should only be passed when not empty otherwise connection will fail. We pass what the client supports to the server and look at what was negotiated with the server. On the local end, we pick the exact protocol so that ALPN works. --- tunnel.go | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/tunnel.go b/tunnel.go index 3be5c5d..91794a9 100644 --- a/tunnel.go +++ b/tunnel.go @@ -123,7 +123,9 @@ func (h *tunneler) Tunnel(ctx context.Context, clientConn *proxy.Conn, network, // used by the remote server clientTLSConfig := h.mitm.configForTLSADomain(tlsaDomain) if alpn { - clientTLSConfig.NextProtos = []string{remote.ConnectionState().NegotiatedProtocol} + if serverProto := remote.ConnectionState().NegotiatedProtocol; serverProto != "" { + clientTLSConfig.NextProtos = []string{serverProto} + } } clientTLS := tls.Server(clientConn, clientTLSConfig)