-
Notifications
You must be signed in to change notification settings - Fork 6
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
feature: add support raw ja3 data #3
Comments
Openning connection with upstream proxy per request may be time consuming. |
This project is currently using snowflake's NewUTLSHTTPRoundTripperWithProxy function to implement a custom RoundTripper function. In order to support uTLS client composition based on a given ja3 fingerprint, it would be necessary to reimplement the function. This should be doable, but I currently don't have much time to work on that.
Setting the upstream proxy and TLS fingerprint per request is the main objective of this project. In order to open a connection to the desired upstream proxy based on request headers, the request needs to be intercepted and parsed first. If you do not need to change options on each request, you'd be better off using LyleMi/ja3proxy. |
I want to change the fingerprint for each connection (socket) with tlsproxy, and all requests in this connection will be with the same fingerprint and one ip. |
Such functionality, while certainly useful in some cases, would require a lot of effort to implement. It would require rewriting tlsproxy from scratch, without relying on goproxy or snowflake, in order to handle CONNECT requests directly. That's beyond the scope of tlsproxy and not a priority for me. It might be easier to implement this in ja3proxy, but this would also require significant changes to that project. Furthermore, a CONNECT request only establishes a tunnel to one IP address and port. Significant performance enhancements could only be expected in cases where a large number of requests is sent to the same host, which further limits the use case for such a feature. |
I want you to add support for specifying raw data ja3 in header per request and global config
I know that utls supports generating hello client from raw ja3.
What do you think about this?
May be and add return socket with upstream proxy onConnect so that you can write in one open connection with proxy and one tls session?
The text was updated successfully, but these errors were encountered: