tls_client

package module
v0.0.0-...-e3accbf Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Apr 25, 2023 License: BSD-4-Clause Imports: 26 Imported by: 0

README

TLS-Client

Preface

This TLS Client is built upon https://github.com/Carcraftz/fhttp and https://github.com/Carcraftz/utls. Big thanks to all contributors so far. Sadly it seems that the original repositories are not maintained anymore.

What is TLS Fingerprinting?

Some people think it is enough to change the user-agent header of a request to let the server think that the client requesting a resource is a specific browser. Nowadays this is not enough, because the server might use a technique to detect the client browser which is called TLS Fingerprinting.

Even tho this article is about TLS Fingerprinting in NodeJS it well describes the technique in general. https://httptoolkit.tech/blog/tls-fingerprinting-node-js/#how-does-tls-fingerprinting-work

Why is this library needed?

With this library you are able to create a http client implementing an interface which is similar to golangs net/http client interface. This TLS Client allows you to specify the Client (Browser and Version) you want to use, when requesting a server.

The Interface of the HTTP Client looks like the following and extends the base net/http Client Interface by some useful functions. Most likely you will use the Do() function like you did before with net/http Client.

type HttpClient interface {
    GetCookies(u *url.URL) []*http.Cookie
    SetCookies(u *url.URL, cookies []*http.Cookie)
    SetCookieJar(jar http.CookieJar)
    SetProxy(proxyUrl string) error
    GetProxy() string
    SetFollowRedirect(followRedirect bool)
    GetFollowRedirect() bool
    Do(req *http.Request) (*http.Response, error)
    Get(url string) (resp *http.Response, err error)
    Head(url string) (resp *http.Response, err error)
    Post(url, contentType string, body io.Reader) (resp *http.Response, err error)
}
Quick Usage Example
package main

import (
	"fmt"
	"io"
	"log"

	http "github.com/jsnjack/fhttp"
	tls_client "github.com/jsnjack/tls-client"
)

func main() {
    jar := tls_client.NewCookieJar()
	options := []tls_client.HttpClientOption{
		tls_client.WithTimeoutSeconds(30),
		tls_client.WithClientProfile(tls_client.Chrome_105),
		tls_client.WithNotFollowRedirects(),
		tls_client.WithCookieJar(jar), // create cookieJar instance and pass it as argument
	}

	client, err := tls_client.NewHttpClient(tls_client.NewNoopLogger(), options...)
	if err != nil {
		log.Println(err)
		return
	}

	req, err := http.NewRequest(http.MethodGet, "https://tls.peet.ws/api/all", nil)
	if err != nil {
		log.Println(err)
		return
	}

	req.Header = http.Header{
		"accept":                    {"*/*"},
		"accept-language":           {"de-DE,de;q=0.9,en-US;q=0.8,en;q=0.7"},
		"user-agent":                {"Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36"},
		http.HeaderOrderKey: {
			"accept",
			"accept-language",
			"user-agent",
		},
	}

	resp, err := client.Do(req)
	if err != nil {
		log.Println(err)
		return
	}

	defer resp.Body.Close()

	log.Println(fmt.Sprintf("status code: %d", resp.StatusCode))

	readBytes, err := io.ReadAll(resp.Body)
	if err != nil {
		log.Println(err)
		return
	}

	log.Println(string(readBytes))
}
Detailed Documentation

https://bogdanfinn.gitbook.io/open-source-oasis/

Questions?

Join my discord support server for free: https://discord.gg/7Ej9eJvHqk No Support in DMs!

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var Chrome_103 = ClientProfile{
	// contains filtered or unexported fields
}
View Source 
var Chrome_104 = ClientProfile{
	// contains filtered or unexported fields
}
View Source 
var Chrome_105 = ClientProfile{
	// contains filtered or unexported fields
}
View Source 
var Chrome_106 = ClientProfile{
	// contains filtered or unexported fields
}
View Source 
var Chrome_107 = ClientProfile{
	// contains filtered or unexported fields
}
View Source 
var Chrome_108 = ClientProfile{
	// contains filtered or unexported fields
}
View Source 
var Chrome_109 = ClientProfile{
	// contains filtered or unexported fields
}
View Source 
var Chrome_110 = ClientProfile{
	// contains filtered or unexported fields
}
View Source 
var Chrome_111 = ClientProfile{
	// contains filtered or unexported fields
}
View Source 
var Chrome_112 = ClientProfile{
	// contains filtered or unexported fields
}
View Source 
var CloudflareCustom = ClientProfile{
	// contains filtered or unexported fields
}
View Source 
var ConfirmedAndroid = ClientProfile{
	// contains filtered or unexported fields
}
View Source 
var ConfirmedAndroid2 = ClientProfile{
	// contains filtered or unexported fields
}
View Source 
var ConfirmedIos = ClientProfile{
	// contains filtered or unexported fields
}
View Source 
var DefaultBadPinHandler = func(req *http.Request) {
	fmt.Println("this is the default bad pin handler")
}
View Source 
var DefaultClientProfile = Chrome_112
View Source 
var DefaultOptions = []HttpClientOption{
	WithTimeoutSeconds(DefaultTimeoutSeconds),
	WithClientProfile(DefaultClientProfile),
	WithRandomTLSExtensionOrder(),
	WithNotFollowRedirects(),
}
View Source 
var DefaultTimeoutSeconds = 30
View Source 
var ErrBadPinDetected = errors.New("bad ssl pin detected")
View Source 
var Firefox_102 = ClientProfile{
	// contains filtered or unexported fields
}
View Source 
var Firefox_104 = ClientProfile{
	// contains filtered or unexported fields
}
View Source 
var Firefox_105 = ClientProfile{
	// contains filtered or unexported fields
}
View Source 
var Firefox_106 = ClientProfile{
	// contains filtered or unexported fields
}
View Source 
var Firefox_108 = ClientProfile{
	// contains filtered or unexported fields
}
View Source 
var Firefox_110 = ClientProfile{
	// contains filtered or unexported fields
}
View Source 
var H2SettingsMap = map[string]http2.SettingID{
	"HEADER_TABLE_SIZE":      http2.SettingHeaderTableSize,
	"ENABLE_PUSH":            http2.SettingEnablePush,
	"MAX_CONCURRENT_STREAMS": http2.SettingMaxConcurrentStreams,
	"INITIAL_WINDOW_SIZE":    http2.SettingInitialWindowSize,
	"MAX_FRAME_SIZE":         http2.SettingMaxFrameSize,
	"MAX_HEADER_LIST_SIZE":   http2.SettingMaxHeaderListSize,
}
View Source 
var MMSIos = ClientProfile{
	// contains filtered or unexported fields
}
View Source 
var MappedTLSClients = map[string]ClientProfile{
	"chrome_103":             Chrome_103,
	"chrome_104":             Chrome_104,
	"chrome_105":             Chrome_105,
	"chrome_106":             Chrome_106,
	"chrome_107":             Chrome_107,
	"chrome_108":             Chrome_108,
	"chrome_109":             Chrome_109,
	"chrome_110":             Chrome_110,
	"chrome_111":             Chrome_111,
	"chrome_112":             Chrome_112,
	"safari_15_6_1":          Safari_15_6_1,
	"safari_16_0":            Safari_16_0,
	"safari_ipad_15_6":       Safari_Ipad_15_6,
	"safari_ios_15_5":        Safari_IOS_15_5,
	"safari_ios_15_6":        Safari_IOS_15_6,
	"safari_ios_16_0":        Safari_IOS_16_0,
	"firefox_102":            Firefox_102,
	"firefox_104":            Firefox_104,
	"firefox_105":            Firefox_105,
	"firefox_106":            Firefox_106,
	"firefox_108":            Firefox_108,
	"firefox_110":            Firefox_110,
	"opera_89":               Opera_89,
	"opera_90":               Opera_90,
	"opera_91":               Opera_91,
	"zalando_android_mobile": ZalandoAndroidMobile,
	"zalando_ios_mobile":     ZalandoIosMobile,
	"nike_ios_mobile":        NikeIosMobile,
	"nike_android_mobile":    NikeAndroidMobile,
	"cloudscraper":           CloudflareCustom,
	"mms_ios":                MMSIos,
	"mesh_ios":               MeshIos,
	"mesh_ios_1":             MeshIos,
	"mesh_ios_2":             MeshIos2,
	"mesh_android":           MeshAndroid,
	"mesh_android_1":         MeshAndroid,
	"mesh_android_2":         MeshAndroid2,
	"confirmed_ios":          ConfirmedIos,
	"confirmed_android":      ConfirmedAndroid,
	"okhttp4_android_7":      Okhttp4Android7,
	"okhttp4_android_8":      Okhttp4Android8,
	"okhttp4_android_9":      Okhttp4Android9,
	"okhttp4_android_10":     Okhttp4Android10,
	"okhttp4_android_11":     Okhttp4Android11,
	"okhttp4_android_12":     Okhttp4Android12,
	"okhttp4_android_13":     Okhttp4Android13,
}
View Source 
var MeshAndroid = ClientProfile{
	// contains filtered or unexported fields
}
View Source 
var MeshAndroid2 = ClientProfile{
	// contains filtered or unexported fields
}
View Source 
var MeshIos = ClientProfile{
	// contains filtered or unexported fields
}
View Source 
var MeshIos2 = ClientProfile{
	// contains filtered or unexported fields
}
View Source 
var NikeAndroidMobile = ClientProfile{
	// contains filtered or unexported fields
}
View Source 
var NikeIosMobile = ClientProfile{
	// contains filtered or unexported fields
}
View Source 
var Okhttp4Android10 = ClientProfile{
	// contains filtered or unexported fields
}
View Source 
var Okhttp4Android11 = ClientProfile{
	// contains filtered or unexported fields
}
View Source 
var Okhttp4Android12 = ClientProfile{
	// contains filtered or unexported fields
}
View Source 
var Okhttp4Android13 = ClientProfile{
	// contains filtered or unexported fields
}
View Source 
var Okhttp4Android7 = ClientProfile{
	// contains filtered or unexported fields
}
View Source 
var Okhttp4Android8 = ClientProfile{
	// contains filtered or unexported fields
}
View Source 
var Okhttp4Android9 = ClientProfile{
	// contains filtered or unexported fields
}
View Source 
var Opera_89 = ClientProfile{
	// contains filtered or unexported fields
}
View Source 
var Opera_90 = ClientProfile{
	// contains filtered or unexported fields
}
View Source 
var Opera_91 = ClientProfile{
	// contains filtered or unexported fields
}
View Source 
var Safari_15_6_1 = ClientProfile{
	// contains filtered or unexported fields
}
View Source 
var Safari_16_0 = ClientProfile{
	// contains filtered or unexported fields
}
View Source 
var Safari_IOS_15_5 = ClientProfile{
	// contains filtered or unexported fields
}
View Source 
var Safari_IOS_15_6 = ClientProfile{
	// contains filtered or unexported fields
}
View Source 
var Safari_IOS_16_0 = ClientProfile{
	// contains filtered or unexported fields
}
View Source 
var Safari_Ipad_15_6 = ClientProfile{
	// contains filtered or unexported fields
}
View Source 
var ZalandoAndroidMobile = ClientProfile{
	// contains filtered or unexported fields
}
View Source 
var ZalandoIosMobile = ClientProfile{
	// contains filtered or unexported fields
}

Functions

func GetSpecFactoryFromJa3String 

func GetSpecFactoryFromJa3String(ja3String string, supportedSignatureAlgorithms, supportedDelegatedCredentialsAlgorithms, supportedVersions, keyShareCurves []string, certCompressionAlgo string) (func() (tls.ClientHelloSpec, error), error)

Types

type BadPinHandlerFunc 

type BadPinHandlerFunc func(req *http.Request)

type CertificatePinner 

type CertificatePinner interface {
	Pin(conn *tls.UConn, host string) error
}

func NewCertificatePinner 

func NewCertificatePinner(certificatePins map[string][]string) (CertificatePinner, error)

type ClientProfile 

type ClientProfile struct {
	// contains filtered or unexported fields
}

func NewClientProfile 

func NewClientProfile(clientHelloId tls.ClientHelloID, settings map[http2.SettingID]uint32, settingsOrder []http2.SettingID, pseudoHeaderOrder []string, connectionFlow uint32, priorities []http2.Priority, headerPriority *http2.PriorityParam) ClientProfile

func (ClientProfile) GetClientHelloSpec 

func (c ClientProfile) GetClientHelloSpec() (tls.ClientHelloSpec, error)

func (ClientProfile) GetClientHelloStr 

func (c ClientProfile) GetClientHelloStr() string

type ContextKeyHeader 

type ContextKeyHeader struct{}

Users of context.WithValue should define their own types for keys

type CookieJar 

type CookieJar interface {
	http.CookieJar
	GetAllCookies() map[string][]*http.Cookie
}

func NewCookieJar 

func NewCookieJar(options ...CookieJarOption) CookieJar

type CookieJarOption 

type CookieJarOption func(config *cookieJarConfig)

func WithAllowEmptyCookies 

func WithAllowEmptyCookies() CookieJarOption

func WithDebugLogger 

func WithDebugLogger() CookieJarOption

func WithLogger 

func WithLogger(logger Logger) CookieJarOption

func WithSkipExisting 

func WithSkipExisting() CookieJarOption

type HttpClient 

type HttpClient interface {
	GetCookies(u *url.URL) []*http.Cookie
	SetCookies(u *url.URL, cookies []*http.Cookie)
	SetCookieJar(jar http.CookieJar)
	SetProxy(proxyUrl string) error
	GetProxy() string
	SetFollowRedirect(followRedirect bool)
	GetFollowRedirect() bool
	Do(req *http.Request) (*http.Response, error)
	Get(url string) (resp *http.Response, err error)
	Head(url string) (resp *http.Response, err error)
	Post(url, contentType string, body io.Reader) (resp *http.Response, err error)
}

func NewHttpClient 

func NewHttpClient(logger Logger, options ...HttpClientOption) (HttpClient, error)

NewHttpClient constructs a new HTTP client with the given logger and client options.

func ProvideDefaultClient 

func ProvideDefaultClient(logger Logger) (HttpClient, error)

type HttpClientOption 

type HttpClientOption func(config *httpClientConfig)

func WithCatchPanics 

func WithCatchPanics() HttpClientOption

WithCatchPanics configures a client to catch all go panics happening during a request and not print the stacktrace.

func WithCertificatePinning 

func WithCertificatePinning(certificatePins map[string][]string, handlerFunc BadPinHandlerFunc) HttpClientOption

WithCertificatePinning enables SSL Pinning for the client and will throw an error if the SSL Pin is not matched. Please refer to https://github.com/tam7t/hpkp/#examples in order to see how to generate pins. The certificatePins are a map with the host as key. You can provide a BadPinHandlerFunc or nil as second argument. This function will be executed once a bad ssl pin is detected. BadPinHandlerFunc has to be defined like this: func(req *http.Request){}

func WithCharlesProxy 

func WithCharlesProxy(host string, port string) HttpClientOption

WithCharlesProxy configures the HTTP client to use a local running charles as proxy.

host and port can be empty, then default 127.0.0.1 and port 8888 will be used

func WithClientProfile 

func WithClientProfile(clientProfile ClientProfile) HttpClientOption

WithClientProfile configures a TLS client to use the specified client profile.

func WithCookieJar 

func WithCookieJar(jar http.CookieJar) HttpClientOption

WithCookieJar configures a HTTP client to use the specified cookie jar.

func WithCustomRedirectFunc 

func WithCustomRedirectFunc(redirectFunc func(req *http.Request, via []*http.Request) error) HttpClientOption

WithCustomRedirectFunc configures an HTTP client to use a custom redirect func. The redirect func have to look like that: func(req *http.Request, via []*http.Request) error Please only provide a custom redirect function if you know what you are doing. Check docs on net/http.Client CheckRedirect

func WithDebug 

func WithDebug() HttpClientOption

WithDebug configures a client to log debugging information.

func WithForceHttp1 

func WithForceHttp1() HttpClientOption

WithForceHttp1 configures a client to force HTTP/1.1 as the used protocol.

func WithInsecureSkipVerify 

func WithInsecureSkipVerify() HttpClientOption

WithInsecureSkipVerify configures a client to skip SSL certificate verification.

func WithNotFollowRedirects 

func WithNotFollowRedirects() HttpClientOption

WithNotFollowRedirects configures an HTTP client to not follow HTTP redirects.

func WithProxyUrl 

func WithProxyUrl(proxyUrl string) HttpClientOption

WithProxyUrl configures a HTTP client to use the specified proxy URL.

proxyUrl should be formatted as: 

"http://user:pass@host:port"

func WithRandomTLSExtensionOrder 

func WithRandomTLSExtensionOrder() HttpClientOption

WithRandomTLSExtensionOrder configures a TLS client to randomize the order of TLS extensions being sent in the ClientHello.

Placement of GREASE and padding is fixed and will not be affected by this.

func WithServerNameOverwrite 

func WithServerNameOverwrite(serverName string) HttpClientOption

WithServerNameOverwrite configures a TLS client to overwrite the server name being used for certificate verification and in the client hello. This option does only work properly if WithInsecureSkipVerify is set to true in addition

func WithTimeout 

func WithTimeout(timeout int) HttpClientOption

WithTimeout configures an HTTP client to use the specified request timeout.

timeout is the request timeout in seconds. Deprecated: use either WithTimeoutSeconds or WithTimeoutMilliseconds

func WithTimeoutMilliseconds 

func WithTimeoutMilliseconds(timeout int) HttpClientOption

WithTimeoutMilliseconds configures an HTTP client to use the specified request timeout.

timeout is the request timeout in milliseconds.

func WithTimeoutSeconds 

func WithTimeoutSeconds(timeout int) HttpClientOption

WithTimeoutSeconds configures an HTTP client to use the specified request timeout.

timeout is the request timeout in seconds.

func WithTransportOptions 

func WithTransportOptions(transportOptions *TransportOptions) HttpClientOption

WithTransportOptions configures a client to use the specified transport options.

type Logger 

type Logger interface {
	Debug(format string, args ...interface{})
	Info(format string, args ...interface{})
	Warn(format string, args ...interface{})
	Error(format string, args ...interface{})
}

func NewDebugLogger 

func NewDebugLogger(logger Logger) Logger

func NewLogger 

func NewLogger() Logger

func NewNoopLogger 

func NewNoopLogger() Logger

type TransportOptions 

type TransportOptions struct {
	DisableKeepAlives      bool
	DisableCompression     bool
	MaxIdleConns           int
	MaxIdleConnsPerHost    int
	MaxConnsPerHost        int
	MaxResponseHeaderBytes int64 // Zero means to use a default limit.
	WriteBufferSize        int   // If zero, a default (currently 4KB) is used.
	ReadBufferSize         int   // If zero, a default (currently 4KB) is used.
	// IdleConnTimeout is the maximum amount of time an idle (keep-alive)
	// connection will remain idle before closing itself. Zero means no limit.
	IdleConnTimeout time.Duration
	// RootCAs is the set of root certificate authorities used to verify
	// the remote server's certificate.
	RootCAs *x509.CertPool
}

Source Files

View all Source files

Directories

Path Synopsis
tls_client_cffi_src provides and manages a CFFI (C Foreign Function Interface) which allows code in other languages to interact with the module.
 tls_client_cffi_src provides and manages a CFFI (C Foreign Function Interface) which allows code in other languages to interact with the module.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.