Skip to content

Tls downgrade attack? #181

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
hiddify-com opened this issue Apr 8, 2023 · 2 comments · Fixed by #337
Closed

Tls downgrade attack? #181

hiddify-com opened this issue Apr 8, 2023 · 2 comments · Fixed by #337

Comments

@hiddify-com
Copy link

I could not find how you prevent downgrade attack would you please help me?

There is an issue with utls in Iran and we are trying to investigate that (see XTLS/Xray-core#1919 )

I can not see it in your code
https://github.com/refraction-networking/utls/blob/master/handshake_client_tls13.go

However it is clearly visible in https://github.com/golang/go/blob/ee522e2cdad04a43bc9374776483b6249eb97ec9/src/crypto/tls/handshake_client.go#L203
@RPRX
Copy link
Contributor

RPRX commented Apr 8, 2023

utls/handshake_client.go

Lines 208 to 218 in c785bd3

// If we are negotiating a protocol version that's lower than what we
// support, check for the server downgrade canaries.
// See RFC 8446, Section 4.1.3.
maxVers := c.config.maxSupportedVersion(roleClient)
tls12Downgrade := string(serverHello.random[24:]) == downgradeCanaryTLS12
tls11Downgrade := string(serverHello.random[24:]) == downgradeCanaryTLS11
if maxVers == VersionTLS13 && c.vers <= VersionTLS12 && (tls12Downgrade || tls11Downgrade) ||
maxVers == VersionTLS12 && c.vers <= VersionTLS11 && tls11Downgrade {
c.sendAlert(alertIllegalParameter)
return errors.New("tls: downgrade attempt detected, possibly due to a MitM attack or a broken middlebox")
}

@gaukas gaukas closed this as completed Apr 10, 2023
@mingyech
Copy link
Member

Reopening, it looks like the above lines are missing for the equivalent utls function in u_handshake_client.go (moved from previously in u_conn.go). So it won't work when using custom ClientHello specs/fingerprints.

@mingyech mingyech reopened this Apr 20, 2025
@mingyech mingyech mentioned this issue Apr 20, 2025
Merged
@mingyech mingyech mentioned this issue Apr 22, 2025
Closed
1 task
@GoVulnBot GoVulnBot mentioned this issue Apr 23, 2025
Closed
This was referenced Apr 24, 2025
Merged
Merged
@github-actions github-actions bot mentioned this issue May 8, 2025
Merged
1 task
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Fix check for TLS downgrade canary refraction-networking/utls
4 participants
@gaukas @mingyech @RPRX @hiddify-com