search

getlantern / tlsmasq

A library for servers which masquerade as other TLS servers
Apache License 2.0
2 stars 1 forks source link

Lots of TLS decode errors (alert records) on tlsmasq proxy #37

Open hwh33 opened 2 years ago

hwh33 commented 2 years ago

We just encountered a tlsmasq proxy deployed in ru, with a large number of TLS decode errors (alert records). The proxy was serving basically no traffic, despite having a large number of active users (thousands). Curiously, I was able to use the proxy myself, even disconnecting and reconnecting the client several times.

tlsmasq settings:

        "pluggabletransportsettings": {
            "tlsmasq_secret": "38368df7dd629f7a94d01bf809218f85ae97843c7b5ac5f2efd57c99a32d01fb3325952eacec961c7a15f8dcddf03dc653599077",
            "tlsmasq_sni": "mdusd.org",
            "tlsmasq_tlsminversion": "0x0303",
            "tlsmasq_suites": "0xc02c,0xc030,0xcca9,0xcca8,0xc02b,0xc02f,0xc024,0xc028,0xc023,0xc027,0xc00a,0xc014,0xc009,0xc013,0x009d,0x009c,0x003d,0x003c,0x0035,0x002f"
        }

I've got some packet captures I'm going to analyze.