move HTML and gemtext to separate files
This commit is contained in:
parent
c611d46b4f
commit
72b3259428
|
|
@ -0,0 +1,22 @@
|
|||
# TLS Client Hello Mirror
|
||||
|
||||
=> /json/v1 Your browser's TLS Client Hello, reflected as JSON
|
||||
|
||||
This test:
|
||||
|
||||
* reflects the complete Client Hello message, preserving the order in which TLS parameters and extensions are sent;
|
||||
* can be used to check for TLS privacy pitfalls (session resumption, TLS fingerprinting, system time exposure);
|
||||
* supports multiple protocols (currently HTTP and Gemini);
|
||||
* is free as in freedom and trivial to self-host.
|
||||
|
||||
JSON only, for now. The API is largely stable - fields may be added, but existing fields will not be modified or removed. IANA-assigned codes for TLS parameters and extensions are available at:
|
||||
|
||||
=> https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml TLS parameters
|
||||
=> https://www.iana.org/assignments/tls-extensiontype-values/tls-extensiontype-values.xhtml TLS extensions
|
||||
|
||||
Note that these lists do not include draft extensions and GREASE values. Missing values will be documented here as the project evolves.
|
||||
|
||||
_____________________
|
||||
=> https://nervuri.net/ Author: nervuri
|
||||
=> https://tildegit.org/nervuri/client-hello-mirror Source (contributions welcome)
|
||||
=> https://www.gnu.org/licenses/agpl-3.0.en.html License: AGPL-3.0-or-later
|
||||
|
|
@ -0,0 +1,62 @@
|
|||
<!DOCTYPE html>
|
||||
<html lang="en">
|
||||
<meta charset="utf-8">
|
||||
<meta name="viewport" content="width=device-width, initial-scale=1">
|
||||
<meta name="theme-color" content="#000">
|
||||
<meta name="referrer" content="no-referrer">
|
||||
<title>TLS Client Hello Mirror</title>
|
||||
<style>
|
||||
:root {
|
||||
color-scheme: dark;
|
||||
}
|
||||
::selection {
|
||||
color: #FFF;
|
||||
background-color: #070;
|
||||
}
|
||||
body {
|
||||
color: #DDD;
|
||||
background-color: #000;
|
||||
margin: 1em auto;
|
||||
max-width: 38em;
|
||||
padding: 0 .62em;
|
||||
font: 1.1em/1.62 sans-serif;
|
||||
}
|
||||
@media print{
|
||||
body{
|
||||
max-width: none;
|
||||
}
|
||||
}
|
||||
a:link {color:#EEE;}
|
||||
a:visited {color:#EEE;}
|
||||
a:hover {color:#FFF;}
|
||||
a:active {color:#FFF;}
|
||||
</style>
|
||||
<main>
|
||||
<center>
|
||||
<h1>TLS Client Hello Mirror</h1>
|
||||
</center>
|
||||
<h3><a href="/json/v1">Your browser's TLS Client Hello, reflected as JSON</a></h3>
|
||||
<p>This test:
|
||||
<ul>
|
||||
<li>reflects the complete Client Hello message, preserving the order in which TLS parameters and extensions are sent;</li>
|
||||
<li>can be used to check for TLS privacy pitfalls (<a href="https://svs.informatik.uni-hamburg.de/publications/2018/2018-12-06-Sy-ACSAC-Tracking_Users_across_the_Web_via_TLS_Session_Resumption.pdf">session resumption</a>, <a href="https://tlsfingerprint.io/">TLS fingerprinting</a>, <a href="https://datatracker.ietf.org/doc/html/draft-mathewson-no-gmtunixtime">system time exposure</a>);</li>
|
||||
<li>supports both HTTP and <a href="https://gemini.circumlunar.space/">Gemini</a>;</li>
|
||||
<li>is <a href="https://www.gnu.org/philosophy/free-sw.en.html">free as in freedom</a> and trivial to self-host.</li>
|
||||
</ul>
|
||||
</p>
|
||||
<p>JSON only, for now, but a UI is on <a href="https://tildegit.org/nervuri/client-hello-mirror#roadmap">the roadmap</a>.</p>
|
||||
<p>The API is largely stable - fields may be added, but existing fields will not be modified or removed. IANA-assigned codes for TLS parameters and extensions are documented at:
|
||||
<ul>
|
||||
<li><a href="https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml">TLS parameters</a></li>
|
||||
<li><a href="https://www.iana.org/assignments/tls-extensiontype-values/tls-extensiontype-values.xhtml">TLS extensions</a></li>
|
||||
</ul>
|
||||
Note that these lists do not include draft extensions and <a href="https://datatracker.ietf.org/doc/html/rfc8701">GREASE</a> values. Missing values will be documented here as the project evolves.
|
||||
</p>
|
||||
</main>
|
||||
<hr>
|
||||
<footer>
|
||||
Author: <a href="https://nervuri.net/">nervuri</a><br>
|
||||
<a href="https://tildegit.org/nervuri/client-hello-mirror">Source</a> (contributions welcome)<br>
|
||||
License: <a href="https://www.gnu.org/licenses/agpl-3.0.en.html">AGPL-3.0-or-later</a>
|
||||
</footer>
|
||||
</html>
|
||||
89
server.go
89
server.go
|
|
@ -6,6 +6,7 @@ import (
|
|||
"bufio"
|
||||
"bytes"
|
||||
"crypto/tls"
|
||||
_ "embed"
|
||||
"encoding/binary"
|
||||
"encoding/json"
|
||||
"flag"
|
||||
|
|
@ -42,91 +43,11 @@ func fatalError(err ...any) {
|
|||
logger.Fatal(err...)
|
||||
}
|
||||
|
||||
const html = `<!DOCTYPE html>
|
||||
<html lang="en">
|
||||
<meta charset="utf-8">
|
||||
<meta name="viewport" content="width=device-width, initial-scale=1">
|
||||
<meta name="theme-color" content="#000">
|
||||
<meta name="referrer" content="no-referrer">
|
||||
<title>TLS Client Hello Mirror</title>
|
||||
<style>
|
||||
:root {
|
||||
color-scheme: dark;
|
||||
}
|
||||
::selection {
|
||||
color: #FFF;
|
||||
background-color: #070;
|
||||
}
|
||||
body {
|
||||
color: #DDD;
|
||||
background-color: #000;
|
||||
margin: 1em auto;
|
||||
max-width: 38em;
|
||||
padding: 0 .62em;
|
||||
font: 1.1em/1.62 sans-serif;
|
||||
}
|
||||
@media print{
|
||||
body{
|
||||
max-width: none;
|
||||
}
|
||||
}
|
||||
a:link {color:#EEE;}
|
||||
a:visited {color:#EEE;}
|
||||
a:hover {color:#FFF;}
|
||||
a:active {color:#FFF;}
|
||||
</style>
|
||||
<main>
|
||||
<center>
|
||||
<h1>TLS Client Hello Mirror</h1>
|
||||
</center>
|
||||
<h3><a href="/json/v1">Your browser's TLS Client Hello, reflected as JSON</a></h3>
|
||||
<p>This test:
|
||||
<ul>
|
||||
<li>reflects the complete Client Hello message, preserving the order in which TLS parameters and extensions are sent;</li>
|
||||
<li>can be used to check for TLS privacy pitfalls (<a href="https://svs.informatik.uni-hamburg.de/publications/2018/2018-12-06-Sy-ACSAC-Tracking_Users_across_the_Web_via_TLS_Session_Resumption.pdf">session resumption</a>, <a href="https://tlsfingerprint.io/">TLS fingerprinting</a>, <a href="https://datatracker.ietf.org/doc/html/draft-mathewson-no-gmtunixtime">system time exposure</a>);</li>
|
||||
<li>supports both HTTP and <a href="https://gemini.circumlunar.space/">Gemini</a>;</li>
|
||||
<li>is <a href="https://www.gnu.org/philosophy/free-sw.en.html">free as in freedom</a> and trivial to self-host.</li>
|
||||
</ul>
|
||||
</p>
|
||||
<p>JSON only, for now, but a UI is on <a href="https://tildegit.org/nervuri/client-hello-mirror#roadmap">the roadmap</a>.</p>
|
||||
<p>The API is largely stable - fields may be added, but existing fields will not be modified or removed. IANA-assigned codes for TLS parameters and extensions are documented at:
|
||||
<ul>
|
||||
<li><a href="https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml">TLS parameters</a></li>
|
||||
<li><a href="https://www.iana.org/assignments/tls-extensiontype-values/tls-extensiontype-values.xhtml">TLS extensions</a></li>
|
||||
</ul>
|
||||
Note that these lists do not include draft extensions and <a href="https://datatracker.ietf.org/doc/html/rfc8701">GREASE</a> values. Missing values will be documented here as the project evolves.
|
||||
</p>
|
||||
</main>
|
||||
<hr>
|
||||
<footer>
|
||||
Author: <a href="https://nervuri.net/">nervuri</a><br>
|
||||
<a href="https://tildegit.org/nervuri/client-hello-mirror">Source</a> (contributions welcome)<br>
|
||||
License: <a href="https://www.gnu.org/licenses/agpl-3.0.en.html">AGPL-3.0-or-later</a>
|
||||
</footer>
|
||||
</html>`
|
||||
//go:embed index.html
|
||||
var html string
|
||||
|
||||
const gemtext = `# TLS Client Hello Mirror
|
||||
|
||||
=> /json/v1 Your browser's TLS Client Hello, reflected as JSON
|
||||
|
||||
This test:
|
||||
|
||||
* reflects the complete Client Hello message, preserving the order in which TLS parameters and extensions are sent;
|
||||
* can be used to check for TLS privacy pitfalls (session resumption, TLS fingerprinting, system time exposure);
|
||||
* supports multiple protocols (currently HTTP and Gemini);
|
||||
* is free as in freedom and trivial to self-host.
|
||||
|
||||
JSON only, for now. The API is largely stable - fields may be added, but existing fields will not be modified or removed. IANA-assigned codes for TLS parameters and extensions are available at:
|
||||
|
||||
=> https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml TLS parameters
|
||||
=> https://www.iana.org/assignments/tls-extensiontype-values/tls-extensiontype-values.xhtml TLS extensions
|
||||
|
||||
Note that these lists do not include draft extensions and GREASE values. Missing values will be documented here as the project evolves.
|
||||
|
||||
_____________________
|
||||
=> https://nervuri.net/ Author: nervuri
|
||||
=> https://tildegit.org/nervuri/client-hello-mirror Source (contributions welcome)
|
||||
=> https://www.gnu.org/licenses/agpl-3.0.en.html License: AGPL-3.0-or-later`
|
||||
//go:embed index.gmi
|
||||
var gemtext string
|
||||
|
||||
// Copy the Client Hello message before starting the TLS handshake.
|
||||
func peek(conn net.Conn, tlsConfig *tls.Config) {
|
||||
|
|
|
|||
Loading…
Reference in New Issue