neru/UnlockedByDaylight
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 22 Wiki Activity

fix: SSL / TLS handshake trap

Browse Source
This commit is contained in:
neru
2026-04-11 12:21:15 -03:00
parent fe71decd38
commit 75171b4557
1 changed files with 24 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files
src/unlocker/proxy.cpp
+24 -2
View File
@@ -267,14 +267,36 @@ void Proxy::handleClient(SOCKET clientSocket)
SSL_CTX* hostCtx = _certManager.createHostContext(host); SSL_CTX* hostCtx = _certManager.createHostContext(host);
if (!hostCtx) return; if (!hostCtx) return;
auto sslHandshake = [](SSL* ssl, bool isAccept, SOCKET s) -> bool {
while (true)
{
int ret = isAccept ? SSL_accept(ssl) : SSL_connect(ssl);
if (ret > 0) return true;
int err = SSL_get_error(ssl, ret);
if (err == SSL_ERROR_WANT_READ || err == SSL_ERROR_WANT_WRITE)
{
fd_set fds;
FD_ZERO(&fds);
FD_SET(s, &fds);
struct timeval tv = {1, 0};
if (err == SSL_ERROR_WANT_READ)
select(0, &fds, NULL, NULL, &tv);
else
select(0, NULL, &fds, NULL, &tv);
continue;
}
return false;
}
};
SSL_ptr clientSSL(SSL_new(hostCtx)); SSL_ptr clientSSL(SSL_new(hostCtx));
SSL_set_fd(clientSSL.get(), (int)clientGuard); SSL_set_fd(clientSSL.get(), (int)clientGuard);
if (SSL_accept(clientSSL.get()) <= 0) return; if (!sslHandshake(clientSSL.get(), true, clientGuard)) return;
SSL_ptr remoteSSL(SSL_new(_clientCtx)); SSL_ptr remoteSSL(SSL_new(_clientCtx));
SSL_set_fd(remoteSSL.get(), (int)remoteGuard); SSL_set_fd(remoteSSL.get(), (int)remoteGuard);
SSL_set_tlsext_host_name(remoteSSL.get(), host.c_str()); SSL_set_tlsext_host_name(remoteSSL.get(), host.c_str());
if (SSL_connect(remoteSSL.get()) <= 0) return; if (!sslHandshake(remoteSSL.get(), false, remoteGuard)) return;
/* /*
traffic handler traffic handler