hoelee/curl-impersonate
1
0
Fork 0
mirror of https://github.com/lwthiker/curl-impersonate.git synced 2025-08-09 13:19:37 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Update BoringSSL patch to handle Safari quirks

Browse Source
This commit is contained in:
lwthiker
2024-02-29 19:58:00 +02:00
parent c1b278e671
commit 79942b00ea
1 changed files with 87 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

89
chrome/patches/boringssl-old-ciphers.patch
View File

@@ -1,6 +1,6 @@
diff -u1 -Nar --exclude build --exclude tags boringssl-d24a38200fef19150eef00cad35b138936c08767/ssl/internal.h boringssl/ssl/internal.h
--- boringssl-d24a38200fef19150eef00cad35b138936c08767/ssl/internal.h 2023-09-27 05:13:00.000000000 +0300
+++ boringssl/ssl/internal.h 2024-02-10 19:41:05.916013082 +0200
+++ boringssl/ssl/internal.h 2024-02-29 20:02:32.711209565 +0200
@@ -577,4 +577,9 @@
#define SSL_SHA256 0x00000002u
+// curl-impersonate:
@@ -14,7 +14,7 @@ diff -u1 -Nar --exclude build --exclude tags boringssl-d24a38200fef19150eef00cad
diff -u1 -Nar --exclude build --exclude tags boringssl-d24a38200fef19150eef00cad35b138936c08767/ssl/ssl_cipher.cc boringssl/ssl/ssl_cipher.cc
--- boringssl-d24a38200fef19150eef00cad35b138936c08767/ssl/ssl_cipher.cc 2023-09-27 05:13:00.000000000 +0300
+++ boringssl/ssl/ssl_cipher.cc 2024-02-10 19:52:54.366879729 +0200
+++ boringssl/ssl/ssl_cipher.cc 2024-02-29 20:02:32.711209565 +0200
@@ -199,2 +199,33 @@
+ // curl-impersonate: Ciphers 3C, 3D were removed in
@@ -155,3 +155,88 @@ diff -u1 -Nar --exclude build --exclude tags boringssl-d24a38200fef19150eef00cad
+ TLS1_CK_ECDHE_ECDSA_WITH_AES_256_SHA384 & 0xffff,
+ TLS1_CK_ECDHE_RSA_WITH_AES_256_SHA384 & 0xffff,
};
diff -u1 -Nar --exclude build --exclude tags boringssl-d24a38200fef19150eef00cad35b138936c08767/ssl/ssl_privkey.cc boringssl/ssl/ssl_privkey.cc
--- boringssl-d24a38200fef19150eef00cad35b138936c08767/ssl/ssl_privkey.cc 2023-09-27 05:13:00.000000000 +0300
+++ boringssl/ssl/ssl_privkey.cc 2024-02-29 21:26:15.518023534 +0200
@@ -560,40 +560,45 @@
-static int compare_uint16_t(const void *p1, const void *p2) {
- uint16_t u1 = *((const uint16_t *)p1);
- uint16_t u2 = *((const uint16_t *)p2);
- if (u1 < u2) {
- return -1;
- } else if (u1 > u2) {
- return 1;
- } else {
- return 0;
- }
-}
-
-static bool sigalgs_unique(Span<const uint16_t> in_sigalgs) {
- if (in_sigalgs.size() < 2) {
- return true;
- }
-
- Array<uint16_t> sigalgs;
- if (!sigalgs.CopyFrom(in_sigalgs)) {
- return false;
- }
-
- qsort(sigalgs.data(), sigalgs.size(), sizeof(uint16_t), compare_uint16_t);
-
- for (size_t i = 1; i < sigalgs.size(); i++) {
- if (sigalgs[i - 1] == sigalgs[i]) {
- OPENSSL_PUT_ERROR(SSL, SSL_R_DUPLICATE_SIGNATURE_ALGORITHM);
- return false;
- }
- }
-
- return true;
-}
+// curl-impersonate: Remove the uniqueness check. Older Safari versions (15)
+// send out duplicated algorithm prefs.
+// static int compare_uint16_t(const void *p1, const void *p2) {
+// uint16_t u1 = *((const uint16_t *)p1);
+// uint16_t u2 = *((const uint16_t *)p2);
+// if (u1 < u2) {
+// return -1;
+// } else if (u1 > u2) {
+// return 1;
+// } else {
+// return 0;
+// }
+// }
+
+// static bool sigalgs_unique(Span<const uint16_t> in_sigalgs) {
+// if (in_sigalgs.size() < 2) {
+// return true;
+// }
+//
+// Array<uint16_t> sigalgs;
+// if (!sigalgs.CopyFrom(in_sigalgs)) {
+// return false;
+// }
+//
+// qsort(sigalgs.data(), sigalgs.size(), sizeof(uint16_t), compare_uint16_t);
+//
+// for (size_t i = 1; i < sigalgs.size(); i++) {
+// if (sigalgs[i - 1] == sigalgs[i]) {
+// OPENSSL_PUT_ERROR(SSL, SSL_R_DUPLICATE_SIGNATURE_ALGORITHM);
+// return false;
+// }
+// }
+//
+// return true;
+// }
static bool set_sigalg_prefs(Array<uint16_t> *out, Span<const uint16_t> prefs) {
- if (!sigalgs_unique(prefs)) {
- return false;
- }
+ // curl-impersonate: Remove the uniqueness check. Older Safari versions (15)
+ // send out duplicated algorithm prefs.
+
+ // if (!sigalgs_unique(prefs)) {
+ // return false;
+ // }