use fastdialer for callback

projectdiscovery · Jul 6, 2023 · aeaed82 · aeaed82
1 parent 4283c09
commit aeaed82
Show file tree

Hide file tree

Showing 6 changed files with 44 additions and 60 deletions.
diff --git a/README.md b/README.md
@@ -7,14 +7,6 @@ rawhttp is a Go package for making HTTP requests in a raw way.
 - The original idea is inspired by [@tomnomnom/rawhttp](https://github.com/tomnomnom/rawhttp) work
 
 
-### ZTLS fallback support
-
-### ZTLS Fallback
-
-`rawhttp` by default fallbacks to using zcrypto when there is an error in TLS handshake (ex: ` insufficient security level` etc ). This is done to support older TLS versions and ciphers. This can be disabled by setting `rawhttp.DisableZtlsFallback` to `true` or by using `DISABLE_ZTLS_FALLBACK` environment variable. when falling back to ztls, `ChromeCiphers` are used
-
-
-
 # Example
 
 First you need to declare a `server`

diff --git a/conn.go b/conn.go
@@ -3,25 +3,19 @@ package rawhttp
 import (
 	"context"
 	"crypto/tls"
-	"errors"
 	"fmt"
 	"io"
 	"net"
 	"net/url"
-	"os"
 	"strings"
 	"sync"
 	"time"
 
+	"github.com/projectdiscovery/fastdialer/fastdialer"
 	"github.com/projectdiscovery/rawhttp/client"
 	"github.com/projectdiscovery/rawhttp/proxy"
-	ztls "github.com/zmap/zcrypto/tls"
 )
 
-// DisableZtlsFallback disables ztls fallback when tls handshake fails
-// can also be set using the environment variable DISABLE_ZTLS_FALLBACK
-var DisableZtlsFallback = false
-
 // Dialer can dial a remote HTTP server.
 type Dialer interface {
 	// Dial dials a remote http server returning a Conn.
@@ -123,28 +117,27 @@ func clientDial(protocol, addr string, timeout time.Duration, options *Options)
 		tlsConfig.ServerName = options.SNI
 	}
 
-	// currently fastdialer tls dial and ztls fallback are mutually exclusive
-	// TODO: add support for fallback in fastDialer.DialZTLS()
-	if options.FastDialer != nil {
-		return options.FastDialer.DialTLSWithConfig(ctx, "tcp", addr, tlsConfig)
-
+	if options.FastDialer == nil {
+		// always use fastdialer tls dial if available
+		opts := fastdialer.DefaultOptions
+		if timeout > 0 {
+			opts.DialerTimeout = timeout
+		}
+		var err error
+		options.FastDialer, err = fastdialer.NewDialer(opts)
+		// use net.Dialer if fastdialer tls dial is not available
+		if err != nil {
+			var dialer *net.Dialer
+			if timeout > 0 {
+				dialer = &net.Dialer{Timeout: timeout}
+			} else {
+				dialer = &net.Dialer{Timeout: 8 * time.Second} // should be more than enough
+			}
+			return tls.DialWithDialer(dialer, "tcp", addr, tlsConfig)
+		}
 	}
 
-	var dialer *net.Dialer
-	if timeout > 0 {
-		dialer = &net.Dialer{Timeout: timeout}
-	} else {
-		dialer = &net.Dialer{Timeout: 8 * time.Second} // should be more than enough
-	}
-	tlsConn, err := tls.DialWithDialer(dialer, "tcp", addr, tlsConfig)
-	if err != nil && !DisableZtlsFallback && !errors.Is(err, os.ErrDeadlineExceeded) {
-		return ztls.DialWithDialer(dialer, "tcp", addr, &ztls.Config{
-			CipherSuites:       ztls.ChromeCiphers,
-			ServerName:         tlsConfig.ServerName,
-			InsecureSkipVerify: true,
-		})
-	}
-	return tlsConn, err
+	return options.FastDialer.DialTLS(ctx, "tcp", addr)
 }
 
 // TlsHandshake tls handshake on a plain connection
@@ -171,18 +164,6 @@ func TlsHandshake(conn net.Conn, addr string, timeout time.Duration) (net.Conn,
 		ServerName:         hostname,
 	})
 	if err := tlsConn.HandshakeContext(ctx); err != nil {
-		if !errors.Is(err, os.ErrDeadlineExceeded) && !DisableZtlsFallback {
-			// fallback to ztls
-			ztlsConn := ztls.Client(conn, &ztls.Config{
-				InsecureSkipVerify: true,
-				ServerName:         hostname,
-				CipherSuites:       ztls.ChromeCiphers,
-			})
-			if err := ztlsConn.Handshake(); err != nil {
-				return nil, err
-			}
-			return ztlsConn, nil
-		}
 		return nil, err
 	}
 	return tlsConn, nil
@@ -211,10 +192,3 @@ func (c *conn) Release() {
 	addr := c.Conn.RemoteAddr().String()
 	c.dialer.conns[addr] = append(c.dialer.conns[addr], c)
 }
-
-func init() {
-	value := os.Getenv("DISABLE_ZTLS_FALLBACK")
-	if strings.EqualFold(value, "true") {
-		DisableZtlsFallback = true
-	}
-}
diff --git a/go.mod b/go.mod
@@ -4,7 +4,7 @@ go 1.18
 
 require (
 	github.com/julienschmidt/httprouter v1.3.0
-	github.com/projectdiscovery/fastdialer v0.0.32
+	github.com/projectdiscovery/fastdialer v0.0.33-0.20230706142522-a9b219557a9a
 	github.com/projectdiscovery/gologger v1.1.10
 	github.com/projectdiscovery/retryablehttp-go v1.0.18
 	github.com/projectdiscovery/stringsutil v0.0.2

diff --git a/go.sum b/go.sum
@@ -82,8 +82,8 @@ github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZb
 github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
 github.com/projectdiscovery/blackrock v0.0.1 h1:lHQqhaaEFjgf5WkuItbpeCZv2DUIE45k0VbGJyft6LQ=
 github.com/projectdiscovery/blackrock v0.0.1/go.mod h1:ANUtjDfaVrqB453bzToU+YB4cUbvBRpLvEwoWIwlTss=
-github.com/projectdiscovery/fastdialer v0.0.32 h1:2sMAXLUcdyHMmXh46PkoRRewBBjZBMiraawSHDT/fjs=
-github.com/projectdiscovery/fastdialer v0.0.32/go.mod h1:ttLvt0xnpNQAStYYQ6ElIBHfSXHuPEiXBkLH/OLbYlc=
+github.com/projectdiscovery/fastdialer v0.0.33-0.20230706142522-a9b219557a9a h1:Q5geAjB/HND2jEPXK8f/FdP6Gjz0kbRNPWZbPSEv4jU=
+github.com/projectdiscovery/fastdialer v0.0.33-0.20230706142522-a9b219557a9a/go.mod h1:ttLvt0xnpNQAStYYQ6ElIBHfSXHuPEiXBkLH/OLbYlc=
 github.com/projectdiscovery/gologger v1.1.10 h1:XNRdtzLTdxiFGuK9gutoL752mykzXDoii4P2yDovqck=
 github.com/projectdiscovery/gologger v1.1.10/go.mod h1:VqANHK7qcEq3i6/vV5HNWwdyv2aFPSrlaVDU4Ogrc6U=
 github.com/projectdiscovery/hmap v0.0.13 h1:8v5j99Pz0S7V1YrTeWp7xtr1yNOffKQ/KusHZfB+mrI=

diff --git a/options.go b/options.go
@@ -4,6 +4,7 @@ import (
 	"time"
 
 	"github.com/projectdiscovery/fastdialer/fastdialer"
+	"github.com/projectdiscovery/gologger"
 	"github.com/projectdiscovery/rawhttp/client"
 )
 
@@ -31,3 +32,12 @@ var DefaultOptions = &Options{
 	AutomaticHostHeader:    true,
 	AutomaticContentLength: true,
 }
+
+func init() {
+	fd, err := fastdialer.NewDialer(fastdialer.DefaultOptions)
+	if err == nil {
+		DefaultOptions.FastDialer = fd
+		return
+	}
+	gologger.Error().Msgf("Could not initialize fastdialer: %s\n", err)
+}
diff --git a/proxy/http.go b/proxy/http.go
@@ -1,13 +1,15 @@
 package proxy
 
 import (
+	"context"
 	"encoding/base64"
 	"fmt"
 	"net"
 	"net/url"
 	"strings"
 	"time"
 
+	"github.com/projectdiscovery/fastdialer/fastdialer"
 	"github.com/projectdiscovery/rawhttp/client"
 )
 
@@ -31,11 +33,17 @@ func HTTPDialer(proxyAddr string, timeout time.Duration) DialFunc {
 			auth = base64.StdEncoding.EncodeToString([]byte(split[0]))
 			proxyAddr = split[1]
 		}
-		if timeout == 0 {
-			netConn, err = net.Dial("tcp", u.Host)
+		fd, err := fastdialer.NewDialer(fastdialer.DefaultOptions)
+		if err != nil {
+			if timeout == 0 {
+				netConn, err = net.Dial("tcp", u.Host)
+			} else {
+				netConn, err = net.DialTimeout("tcp", u.Host, timeout)
+			}
 		} else {
-			netConn, err = net.DialTimeout("tcp", u.Host, timeout)
+			netConn, err = fd.Dial(context.TODO(), "tcp", u.Host)
 		}
+
 		if err != nil {
 			return nil, err
 		}