search

pion / dtls

DTLS 1.2 Server/Client implementation for Go
https://pion.ly/
MIT License
604 stars 158 forks source link

Add ability to select certificate based on ClientHello random bytes #583

Closed mingyech closed 5 months ago

mingyech commented 1 year ago

Description

This PR lets clients to modify the client hello random bytes and lets servers to choose certificates based on the ClientHello random bytes using the GetCertificate function.

This serves a similar purpose to ServerName in the ClientHello, where the server can use different certificate based on the ServerName in the ClientHello. This change would be useful for censorship resistance settings where the client does not want to add extra extension like ServerName in the ClientHello to prevent censors from fingerprinting the connection.

codecov[bot] commented 5 months ago

Codecov Report

Attention: Patch coverage is 66.66667% with 2 lines in your changes missing coverage. Please review.

Project coverage is 80.09%. Comparing base (eddca22) to head (0a2438a).

Files Patch % Lines
state.go 0.00% 2 Missing :warning:
Additional details and impacted files ```diff @@ Coverage Diff @@ ## master #583 +/- ## ========================================== + Coverage 80.07% 80.09% +0.02% ========================================== Files 101 101 Lines 5324 5330 +6 ========================================== + Hits 4263 4269 +6 Misses 686 686 Partials 375 375 ``` | [Flag](https://app.codecov.io/gh/pion/dtls/pull/583/flags?src=pr&el=flags&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=pion) | Coverage Δ | | |---|---|---| | [go](https://app.codecov.io/gh/pion/dtls/pull/583/flags?src=pr&el=flag&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=pion) | `80.12% <66.66%> (+0.02%)` | :arrow_up: | | [wasm](https://app.codecov.io/gh/pion/dtls/pull/583/flags?src=pr&el=flag&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=pion) | `63.90% <66.66%> (+<0.01%)` | :arrow_up: | Flags with carried forward coverage won't be shown. [Click here](https://docs.codecov.io/docs/carryforward-flags?utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=pion#carryforward-flags-in-the-pull-request-comment) to find out more.

:umbrella: View full report in Codecov by Sentry.
:loudspeaker: Have feedback on the report? Share it here.