New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Support modifying ClientHello
to match JA3 fingerprinting
#1421
Comments
Why do you want to use it? It's only intended for QUIC. |
Because I may need to change JA3. Default tls fingerprint may be blocked by websites, such as Cloudflare. To change JA3 fingerprint will need to change CipherSuites, order of extra_exts and etc. |
Do you have a concrete requirement/website that you need to pass JA3 for? See some earlier discussion in #1125 and linked issues/PRs. |
ClientHello
to match JA3 fingerprinting
Potentially also relevant; #1313 |
I think we should focus on #1313 and not support open ended modification to the I'm going to close this issue, but if there's a strong case to be made for why Rustls should prioritize this general request for more control over the |
@cpu Hi, I'm curious if Rustls would be open to contributions on this feature but might not give priority to it, or there is no intention to integrate it even with some contributions? If it's the former scenario, I'd like to offer some help. The most important reason I want to integrate this feature into rustls is the ecosystem: there are so many downstream dependencies on rustls, and most of them don't provide a way to use some specialized TLS libraries (even if forked rustls). So it's way complicated for an end-user to have this feature if they have only a specialized TLS library, since they also need some higher-level libraries e.g. tokio-rustls, reqwest, trust-dns, etc. What's more, from the prototype I'm implementing, adding this feature doesn't need too many modifications, and won't affect users if they don't use this feature at all. |
👋 @XOR-op
I can't speak for the other maintainers but to me I think it depends on the scale of the changes required and how much they'll affect the rest of the codebase. If a contributor was able to propose a change that was easy to review and not especially invasive I think it would be something we'd be open to. If a large number of changes are required, or the contribution isn't well tested or easy to review it would be harder to prioritize working towards getting it merged vs supporting other efforts.
Isn't it possible (if cumbersome) to use a patch section to override the dependency? |
Thank you for pointing out the dependency override. I have opened a pull request in #1564, which should not be very invasive and be easy to review. |
It prevents the crate from being published to crates.io. For a published crate to integrate a rustls fork, all dependencies along the way (say, rustls -> tokio-rustls -> hyper) have to be forked and published separately. |
I find
extra_exts
is set to be empty by default. So I will have to modify the rustls if I want to set differentextra_exts
? Is it reasonable to addextra_exts
inClientConfig
?The text was updated successfully, but these errors were encountered: