Merge pull request #12 from kyochikuto/tls-fragment

Improve TLS Fragmentation

Author: hiddify-com

common/dialer/extended_tcp.go

@@ -30,7 +30,7 @@ func (d *ExtendedTCPDialer) DialContext(ctx context.Context, network string, des
 	// Create a TLS-Fragmented dialer
 	if d.TLSFragment.Enabled {
 		fragmentConn := &fragmentConn{
-			dialer:      &d.Dialer,
+			dialer:      d.Dialer,
 			fragment:    d.TLSFragment,
 			network:     network,
 			destination: destination,

common/dialer/extended_tcp_stub.go

@@ -21,7 +21,7 @@ func (d *ExtendedTCPDialer) DialContext(ctx context.Context, network string, des
 	}
 	// Create a TLS-Fragmented dialer
 	fragmentConn := &fragmentConn{
-		dialer:      &d.Dialer,
+		dialer:      d.Dialer,
 		fragment:    d.TLSFragment,
 		network:     network,
 		destination: destination,

common/dialer/fragment.go

@@ -23,7 +23,7 @@ type TLSFragment struct {
 }
 
 type fragmentConn struct {
-	dialer      *net.Dialer
+	dialer      net.Dialer
 	fragment    TLSFragment
 	network     string
 	destination M.Socksaddr
@@ -50,41 +50,40 @@ func (c *fragmentConn) Write(b []byte) (n int, err error) {
 	if c.conn == nil {
 		return 0, c.err
 	}
-	// Check if payload is a valid TLS clientHello packet
-	if len(b) >= 5 && b[0] == 22 {
-		clientHelloLen := int(binary.BigEndian.Uint16(b[3:5]))
-		clientHelloData := b[5:]
-
-		for i := 0; i < clientHelloLen; {
-			fragmentEnd := i + int(randBetween(int64(c.fragment.SizeMin), int64(c.fragment.SizeMax)))
-			if fragmentEnd > clientHelloLen {
-				fragmentEnd = clientHelloLen
-			}
-
-			fragment := clientHelloData[i:fragmentEnd]
-			i = fragmentEnd
-
-			header := make([]byte, 5)
-			header[0] = b[0]
-			binary.BigEndian.PutUint16(header[1:], binary.BigEndian.Uint16(b[1:3]))
-			binary.BigEndian.PutUint16(header[3:], uint16(len(fragment)))
-			payload := append(header, fragment...)
-
-			_, err := c.conn.Write(payload)
-			if err != nil {
-				c.err = err
-				return 0, c.err
-			}
-
-			randomInterval := randBetween(int64(c.fragment.SleepMin), int64(c.fragment.SleepMax))
-			time.Sleep(time.Duration(randomInterval))
+	// Do not fragment if it's not a TLS clientHello packet
+	if len(b) < 5 || b[0] != 22 {
+		return c.conn.Write(b)
+	}
+
+	clientHelloLen := int(binary.BigEndian.Uint16(b[3:5]))
+	clientHelloData := b[5:]
+
+	for fragmentStart := 0; fragmentStart < clientHelloLen; {
+		fragmentEnd := fragmentStart + int(randBetween(int64(c.fragment.SizeMin), int64(c.fragment.SizeMax)))
+		if fragmentEnd > clientHelloLen {
+			fragmentEnd = clientHelloLen
+		}
+
+		header := make([]byte, 5)
+		header[0] = b[0]
+		binary.BigEndian.PutUint16(header[1:], binary.BigEndian.Uint16(b[1:3]))
+		binary.BigEndian.PutUint16(header[3:], uint16(fragmentEnd-fragmentStart))
+		payload := append(header, clientHelloData[fragmentStart:fragmentEnd]...)
+
+		_, err := c.conn.Write(payload)
+		if err != nil {
+			c.err = err
+			return 0, c.err
+		}
+
+		if c.fragment.SleepMax != 0 {
+			time.Sleep(time.Duration(randBetween(int64(c.fragment.SleepMin), int64(c.fragment.SleepMax))) * time.Millisecond)
 		}
 
-		return len(b), nil
+		fragmentStart = fragmentEnd
 	}
 
-	// Write directly if not a clientHello packet
-	return c.conn.Write(b)
+	return len(b), nil
 }
 
 func (c *fragmentConn) Close() error {

option/fragment.go

@@ -1,6 +1,7 @@
 package option
 
 import (
+	"fmt"
 	"strconv"
 	"strings"
 
@@ -21,16 +22,20 @@ func ParseIntRange(str string) ([]uint64, error) {
 	if len(splitString) == 2 {
 		result[0], err = strconv.ParseUint(splitString[0], 10, 64)
 		if err != nil {
-			return nil, E.Cause(err, "Error parsing string to integer")
+			return nil, E.Cause(err, "error parsing string to integer")
 		}
 		result[1], err = strconv.ParseUint(splitString[1], 10, 64)
 		if err != nil {
-			return nil, E.Cause(err, "Error parsing string to integer")
+			return nil, E.Cause(err, "error parsing string to integer")
+		}
+
+		if result[1] < result[0] {
+			return nil, E.Cause(E.New(fmt.Sprintf("upper bound value (%d) must be greater than or equal to lower bound value (%d)", result[1], result[0])), "invalid range")
 		}
 	} else {
 		result[0], err = strconv.ParseUint(splitString[0], 10, 64)
 		if err != nil {
-			return nil, E.Cause(err, "Error parsing string to integer")
+			return nil, E.Cause(err, "error parsing string to integer")
 		}
 		result[1] = result[0]
 	}