search

uklans / cache-domains

Domain Names required for LAN Content Cache DNS spoofing
MIT License
566 stars 526 forks source link

[Tracking] Caching GOG not possible due to ssl #31

Open VibroAxe opened 6 years ago

VibroAxe commented 6 years ago

Tracking issue pending results of testing from https://github.com/uklans/cache-domains/pull/29

JasonRivers commented 6 years ago

Seems that they have indeed moved to HTTPS, Output of SNI-Proxy:

2018-09-10 16:30:22 [::ffff:X.X.X.X]:51136 -> [::]:443 -> 217.182.48.174:443 [cdn-edge-1o-gra-fr-ovh.gogcdn.net] 1648160/1648160 bytes tx 2649/2649 bytes rx 12.621 seconds
2018-09-10 16:30:22 [::ffff:X.X.X.X]:51095 -> [::]:443 -> 87.98.235.35:443 [cdn-edge-1k-rbx-fr-ovh.gogcdn.net] 10110555/10110555 bytes tx 2650/2650 bytes rx 30.921 seconds
2018-09-10 16:30:23 [::ffff:X.X.X.X]:51143 -> [::]:443 -> 91.134.247.0:443 [cdn-edge-1d-sbg-fr-ovh.gogcdn.net] 10457625/10457625 bytes tx 2650/2650 bytes rx 13.084 seconds
2018-09-10 16:30:24 [::ffff:X.X.X.X]:51124 -> [::]:443 -> 87.98.235.35:443 [cdn-edge-1k-rbx-fr-ovh.gogcdn.net] 15883268/15883268 bytes tx 4638/4638 bytes rx 20.078 seconds
2018-09-10 16:30:24 [::ffff:X.X.X.X]:51144 -> [::]:443 -> 145.239.19.240:443 [cdn-edge-3h-waw-pl-ovh.gogcdn.net] 7221384/7221384 bytes tx 2619/2619 bytes rx 13.853 seconds
2018-09-10 16:30:24 [::ffff:X.X.X.X]:51168 -> [::]:443 -> 91.134.247.0:443 [cdn-edge-1d-sbg-fr-ovh.gogcdn.net] 1119658/1119658 bytes tx 2618/2618 bytes rx 0.785 seconds
2018-09-10 16:30:24 [::ffff:X.X.X.X]:51157 -> [::]:443 -> 145.239.19.239:443 [cdn-edge-3i-waw-pl-ovh.gogcdn.net] 2833037/2833037 bytes tx 3629/3629 bytes rx 5.911 seconds
2018-09-10 16:30:24 [::ffff:X.X.X.X]:51166 -> [::]:443 -> 217.182.48.174:443 [cdn-edge-1o-gra-fr-ovh.gogcdn.net] 3072724/3072724 bytes tx 2619/2619 bytes rx 1.950 seconds
2018-09-10 16:30:24 [::ffff:X.X.X.X]:51164 -> [::]:443 -> 87.98.235.35:443 [cdn-edge-1k-rbx-fr-ovh.gogcdn.net] 3653650/3653650 bytes tx 2619/2619 bytes rx 2.302 seconds
2018-09-10 16:30:24 [::ffff:X.X.X.X]:51162 -> [::]:443 -> 217.182.48.174:443 [cdn-edge-1o-gra-fr-ovh.gogcdn.net] 2095924/2095924 bytes tx 2619/2619 bytes rx 2.606 seconds
2018-09-10 16:30:24 [::ffff:X.X.X.X]:51161 -> [::]:443 -> 145.239.19.238:443 [cdn-edge-3c-waw-pl-ovh.gogcdn.net] 1685072/1685072 bytes tx 2618/2618 bytes rx 2.870 seconds
2018-09-10 16:30:24 [::ffff:X.X.X.X]:51156 -> [::]:443 -> 145.239.19.239:443 [cdn-edge-3i-waw-pl-ovh.gogcdn.net] 4652808/4652808 bytes tx 2626/2626 bytes rx 5.949 seconds
2018-09-10 16:30:24 [::ffff:X.X.X.X]:51127 -> [::]:443 -> 217.182.48.170:443 [cdn-edge-1i-rbx-fr-ovh.gogcdn.net] 14089884/14092584 bytes tx 3629/3629 bytes rx 18.234 seconds

No traffic hit the GOG container.

We can no longer cache GOG - Perhaps we can reach out to them.

nutterthanos commented 2 years ago

um it seems cdn.gog.com or galaxy-client-update.gog.com can still be accessed without https but does the gog galaxy client force https?

nutterthanos commented 2 years ago

i mean there are proxy server applications that can decrypt https but it messed with certs tho

MathewBurnett commented 2 years ago

while it is possible and many corp environments do deliberately man in the middle ssl. We will not be supporting that in lancache.

nutterthanos commented 2 years ago

Well maybe close this issue then since this will never be supported again

VibroAxe commented 2 years ago

@nutterthanos we leave a few of these open otherwise we get inundanted with new issues about "gog doesn't work" (and similar). Thats why this is tagged with [Tracking]. If it ever resolves we can then close this issue

nutterthanos commented 2 years ago

Ah I get you now 😂