Readd firefox tls13 support

perkfly · perkfly · commit 426fedace9e8 · 2025-04-17T22:02:04.000+08:00
diff --git a/README.md b/README.md
@@ -14,7 +14,7 @@
 > 5. Upgrade to more recent version of curl, 8.13.0 as of April, 2025.
 > 6. Ability to change extension orders and enable/disable TLS grease.
 > 7. Single binary to support Chrome, Safari and Firefox.
-> 8. (In progress) Built with http/3 enabled.
+> 8. Built with http/3 enabled.
 > 9. A user-friendly Python binding: [curl_cffi](https://github.com/lexiforest/curl_cffi).
 > 10. More prebuilt binaries, including Windows, Arm, and even RISC-V!
 > 11. Commercial support at [impersonate.pro](https://impersonate.pro).
diff --git a/patches/boringssl.patch b/patches/boringssl.patch
@@ -151,13 +151,13 @@ index 884d7891e..92cd3a025 100644
  
 diff --git a/export.sh b/export.sh
 new file mode 100755
-index 000000000..d044063cc
+index 000000000..892803529
 --- /dev/null
 +++ b/export.sh
 @@ -0,0 +1,8 @@
 +#!/bin/bash
 +
-+# From here: https://chromium.googlesource.com/chromium/src.git/+/refs/tags/134.0.6970.1/DEPS
++# From here: https://chromium.googlesource.com/chromium/src.git/+/refs/tags/135.0.7049.41/DEPS
 +
 +BASE_COMMIT=673e61fc215b178a90c0e67858bbf162c8158993
 +
@@ -193,7 +193,7 @@ index bf5536dc4..990a20a80 100644
  #if defined(__cplusplus)
  } /* extern C */
 diff --git a/include/openssl/ssl.h b/include/openssl/ssl.h
-index 7c6804d65..a1fd43fcc 100644
+index 7c6804d65..1790167e1 100644
 --- a/include/openssl/ssl.h
 +++ b/include/openssl/ssl.h
 @@ -1653,6 +1653,12 @@ OPENSSL_EXPORT size_t SSL_get_all_standard_cipher_names(const char **out,
@@ -218,7 +218,7 @@ index 7c6804d65..a1fd43fcc 100644
  
  // SSL_CTX_set1_group_ids sets the preferred groups for |ctx| to |group_ids|.
  // Each element of |group_ids| should be one of the |SSL_GROUP_*| constants. It
-@@ -4898,6 +4906,12 @@ OPENSSL_EXPORT void SSL_CTX_set_permute_extensions(SSL_CTX *ctx, int enabled);
+@@ -4898,6 +4906,15 @@ OPENSSL_EXPORT void SSL_CTX_set_permute_extensions(SSL_CTX *ctx, int enabled);
  // permute extensions. For now, this is only implemented for the ClientHello.
  OPENSSL_EXPORT void SSL_set_permute_extensions(SSL *ssl, int enabled);
  
@@ -227,11 +227,14 @@ index 7c6804d65..a1fd43fcc 100644
 +
 +// curl-impersonate
 +OPENSSL_EXPORT int SSL_CTX_set_key_usage_check_enabled(SSL_CTX *ctx, int enabled);
++
++// curl-impersonate
++OPENSSL_EXPORT int SSL_CTX_set_use_firefox_tls13_ciphers(SSL_CTX *ctx, int enabled);
 +
  // SSL_max_seal_overhead returns the maximum overhead, in bytes, of sealing a
  // record with |ssl|.
  OPENSSL_EXPORT size_t SSL_max_seal_overhead(const SSL *ssl);
-@@ -5215,6 +5229,33 @@ OPENSSL_EXPORT int SSL_CTX_set1_sigalgs_list(SSL_CTX *ctx, const char *str);
+@@ -5215,6 +5232,33 @@ OPENSSL_EXPORT int SSL_CTX_set1_sigalgs_list(SSL_CTX *ctx, const char *str);
  // more convenient to codesearch for specific algorithm values.
  OPENSSL_EXPORT int SSL_set1_sigalgs_list(SSL *ssl, const char *str);
  
@@ -265,7 +268,7 @@ index 7c6804d65..a1fd43fcc 100644
  #define SSL_set_app_data(s, arg) (SSL_set_ex_data(s, 0, (char *)(arg)))
  #define SSL_get_app_data(s) (SSL_get_ex_data(s, 0))
  #define SSL_SESSION_set_app_data(s, a) \
-@@ -5593,6 +5634,8 @@ OPENSSL_EXPORT int SSL_CTX_set_tlsext_status_arg(SSL_CTX *ctx, void *arg);
+@@ -5593,6 +5637,8 @@ OPENSSL_EXPORT int SSL_CTX_set_tlsext_status_arg(SSL_CTX *ctx, void *arg);
  #define SSL_CURVE_SECP384R1 SSL_GROUP_SECP384R1
  #define SSL_CURVE_SECP521R1 SSL_GROUP_SECP521R1
  #define SSL_CURVE_X25519 SSL_GROUP_X25519
@@ -551,7 +554,7 @@ index 4bd5c5d69..1adae1322 100644
      if (!kExtensions[i].add_clienthello(hs, &extensions, &extensions, type)) {
        OPENSSL_PUT_ERROR(SSL, SSL_R_ERROR_ADDING_EXTENSION);
 diff --git a/ssl/handshake_client.cc b/ssl/handshake_client.cc
-index 4ce8d1802..e0d6afbde 100644
+index 4ce8d1802..53a863d20 100644
 --- a/ssl/handshake_client.cc
 +++ b/ssl/handshake_client.cc
 @@ -26,6 +26,8 @@
@@ -563,7 +566,27 @@ index 4ce8d1802..e0d6afbde 100644
  #include <openssl/ec_key.h>
  #include <openssl/ecdsa.h>
  #include <openssl/err.h>
-@@ -431,8 +433,10 @@ static enum ssl_hs_wait_t do_start_connect(SSL_HANDSHAKE *hs) {
+@@ -125,11 +127,19 @@ static bool ssl_write_client_cipher_list(const SSL_HANDSHAKE *hs, CBB *out,
+         TLS1_3_CK_AES_128_GCM_SHA256 & 0xffff,
+         TLS1_3_CK_CHACHA20_POLY1305_SHA256 & 0xffff,
+     };
++    // curl-impersonate: Firefox uses a different order
++    static const uint16_t kCiphersFirefox[] = {
++        TLS1_3_CK_AES_128_GCM_SHA256 & 0xffff,
++        TLS1_3_CK_CHACHA20_POLY1305_SHA256 & 0xffff,
++        TLS1_3_CK_AES_256_GCM_SHA384 & 0xffff,
++    };
+ 
+     const bool has_aes_hw = ssl->config->aes_hw_override
+                                 ? ssl->config->aes_hw_override_value
+                                 : EVP_has_aes_hardware();
++
+     const bssl::Span<const uint16_t> ciphers =
++        ssl->config->use_firefox_tls13_ciphers ? kCiphersFirefox :
+         ssl->config->compliance_policy == ssl_compliance_policy_cnsa_202407
+             ? bssl::Span<const uint16_t>(kCiphersCNSA)
+             : (has_aes_hw ? bssl::Span<const uint16_t>(kCiphersAESHardware)
+@@ -431,8 +441,10 @@ static enum ssl_hs_wait_t do_start_connect(SSL_HANDSHAKE *hs) {
      hs->early_data_offered = true;
    }
  
@@ -574,7 +597,7 @@ index 4ce8d1802..e0d6afbde 100644
        !ssl_encrypt_client_hello(hs, Span(ech_enc, ech_enc_len)) ||
        !ssl_add_client_hello(hs)) {
      return ssl_hs_error;
-@@ -1026,7 +1030,28 @@ static enum ssl_hs_wait_t do_read_server_key_exchange(SSL_HANDSHAKE *hs) {
+@@ -1026,7 +1038,28 @@ static enum ssl_hs_wait_t do_read_server_key_exchange(SSL_HANDSHAKE *hs) {
      hs->peer_psk_identity_hint.reset(raw);
    }
  
@@ -604,7 +627,7 @@ index 4ce8d1802..e0d6afbde 100644
      // Parse the server parameters.
      uint8_t group_type;
      uint16_t group_id;
-@@ -1366,7 +1391,9 @@ static enum ssl_hs_wait_t do_send_client_key_exchange(SSL_HANDSHAKE *hs) {
+@@ -1366,7 +1399,9 @@ static enum ssl_hs_wait_t do_send_client_key_exchange(SSL_HANDSHAKE *hs) {
      ssl_key_usage_t intended_use = (alg_k & SSL_kRSA)
                                         ? key_usage_encipherment
                                         : key_usage_digital_signature;
@@ -615,7 +638,7 @@ index 4ce8d1802..e0d6afbde 100644
        if (hs->config->enforce_rsa_key_usage ||
            EVP_PKEY_id(hs->peer_pubkey.get()) != EVP_PKEY_RSA) {
          return ssl_hs_error;
-@@ -1440,6 +1467,64 @@ static enum ssl_hs_wait_t do_send_client_key_exchange(SSL_HANDSHAKE *hs) {
+@@ -1440,6 +1475,64 @@ static enum ssl_hs_wait_t do_send_client_key_exchange(SSL_HANDSHAKE *hs) {
          !CBB_flush(&body)) {
        return ssl_hs_error;
      }
@@ -681,7 +704,7 @@ index 4ce8d1802..e0d6afbde 100644
      CBB child;
      if (!CBB_add_u8_length_prefixed(&body, &child)) {
 diff --git a/ssl/internal.h b/ssl/internal.h
-index 05af44f7b..f5bdd2441 100644
+index 05af44f7b..9f26466e9 100644
 --- a/ssl/internal.h
 +++ b/ssl/internal.h
 @@ -697,10 +697,11 @@ BSSL_NAMESPACE_BEGIN
@@ -729,7 +752,7 @@ index 05af44f7b..f5bdd2441 100644
    // peer_key is the peer's ECDH key for a TLS 1.2 client.
    Array<uint8_t> peer_key;
  
-@@ -2515,6 +2520,12 @@ bssl::UniquePtr<SSL_SESSION> tls13_create_session_with_ticket(SSL *ssl,
+@@ -2515,6 +2520,15 @@ bssl::UniquePtr<SSL_SESSION> tls13_create_session_with_ticket(SSL *ssl,
  // for |hs|, if applicable. It returns true on success and false on error.
  bool ssl_setup_extension_permutation(SSL_HANDSHAKE *hs);
  
@@ -738,11 +761,14 @@ index 05af44f7b..f5bdd2441 100644
 +
 +// curl-impersonate
 +bool ssl_set_key_usage_check_enabled(SSL_HANDSHAKE *hs);
++
++// curl-impersonate
++bool ssl_set_use_firefox_tls13_ciphers(SSL_HANDSHAKE *hs);
 +
  // ssl_setup_key_shares computes client key shares and saves them in |hs|. It
  // returns true on success and false on failure. If |override_group_id| is zero,
  // it offers the default groups, including GREASE. If it is non-zero, it offers
-@@ -3581,6 +3592,12 @@ struct SSL_CONFIG {
+@@ -3581,6 +3595,15 @@ struct SSL_CONFIG {
    // crypto
    UniquePtr<SSLCipherPreferenceList> cipher_list;
  
@@ -751,11 +777,14 @@ index 05af44f7b..f5bdd2441 100644
 +
 +  // curl-impersonate
 +  int key_usage_check_enabled = 1;
++
++  // curl-impersonate
++  int use_firefox_tls13_ciphers = 0;
 +
    // This is used to hold the local certificate used (i.e. the server
    // certificate for a server or the client certificate for a client).
    UniquePtr<CERT> cert;
-@@ -3639,6 +3656,10 @@ struct SSL_CONFIG {
+@@ -3639,6 +3662,10 @@ struct SSL_CONFIG {
    // accepted from the peer in decreasing order of preference.
    Array<uint16_t> verify_sigalgs;
  
@@ -766,7 +795,7 @@ index 05af44f7b..f5bdd2441 100644
    // srtp_profiles is the list of configured SRTP protection profiles for
    // DTLS-SRTP.
    UniquePtr<STACK_OF(SRTP_PROTECTION_PROFILE)> srtp_profiles;
-@@ -3704,6 +3725,14 @@ struct SSL_CONFIG {
+@@ -3704,6 +3731,14 @@ struct SSL_CONFIG {
    // hardware support, and use the value in aes_hw_override_value instead.
    bool aes_hw_override : 1;
  
@@ -781,7 +810,7 @@ index 05af44f7b..f5bdd2441 100644
    // aes_hw_override_value is used for testing to indicate the support or lack
    // of support for AES hw. The value is only considered if |aes_hw_override| is
    // true.
-@@ -4076,6 +4105,12 @@ struct ssl_ctx_st : public bssl::RefCounted<ssl_ctx_st> {
+@@ -4076,6 +4111,15 @@ struct ssl_ctx_st : public bssl::RefCounted<ssl_ctx_st> {
  
    bssl::UniquePtr<bssl::SSLCipherPreferenceList> cipher_list;
  
@@ -790,11 +819,14 @@ index 05af44f7b..f5bdd2441 100644
 +
 +  // curl-impersonate
 +  int key_usage_check_enabled = 1;
++
++  // curl-impersonate
++  int use_firefox_tls13_ciphers = 0;
 +
    X509_STORE *cert_store = nullptr;
    LHASH_OF(SSL_SESSION) *sessions = nullptr;
    // Most session-ids that will be cached, default is
-@@ -4300,6 +4335,10 @@ struct ssl_ctx_st : public bssl::RefCounted<ssl_ctx_st> {
+@@ -4300,6 +4344,10 @@ struct ssl_ctx_st : public bssl::RefCounted<ssl_ctx_st> {
    // accepted from the peer in decreasing order of preference.
    bssl::Array<uint16_t> verify_sigalgs;
  
@@ -805,7 +837,7 @@ index 05af44f7b..f5bdd2441 100644
    // retain_only_sha256_of_client_certs is true if we should compute the SHA256
    // hash of the peer's certificate and then discard it to save memory and
    // session space. Only effective on the server side.
-@@ -4352,6 +4391,14 @@ struct ssl_ctx_st : public bssl::RefCounted<ssl_ctx_st> {
+@@ -4352,6 +4400,14 @@ struct ssl_ctx_st : public bssl::RefCounted<ssl_ctx_st> {
    // |aes_hw_override| is true.
    bool aes_hw_override_value : 1;
  
@@ -1138,7 +1170,7 @@ index e60016c82..476dc3915 100644
  
  }  // namespace
 diff --git a/ssl/ssl_lib.cc b/ssl/ssl_lib.cc
-index c859ea612..a2034bf0c 100644
+index c859ea612..4bc42faf4 100644
 --- a/ssl/ssl_lib.cc
 +++ b/ssl/ssl_lib.cc
 @@ -401,7 +401,8 @@ ssl_ctx_st::ssl_ctx_st(const SSL_METHOD *ssl_method)
@@ -1151,12 +1183,13 @@ index c859ea612..a2034bf0c 100644
    CRYPTO_MUTEX_init(&lock);
    CRYPTO_new_ex_data(&ex_data);
  }
-@@ -520,14 +521,18 @@ SSL *SSL_new(SSL_CTX *ctx) {
+@@ -520,14 +521,19 @@ SSL *SSL_new(SSL_CTX *ctx) {
    ssl->config->retain_only_sha256_of_client_certs =
        ctx->retain_only_sha256_of_client_certs;
    ssl->config->permute_extensions = ctx->permute_extensions;
 +  ssl->config->extension_order = ctx->extension_order;  // curl-impersonate
 +  ssl->config->key_usage_check_enabled = ctx->key_usage_check_enabled;  // curl-impersonate
++  ssl->config->use_firefox_tls13_ciphers = ctx->use_firefox_tls13_ciphers;  // curl-impersonate
    ssl->config->aes_hw_override = ctx->aes_hw_override;
    ssl->config->aes_hw_override_value = ctx->aes_hw_override_value;
    ssl->config->compliance_policy = ctx->compliance_policy;
@@ -1171,23 +1204,23 @@ index c859ea612..a2034bf0c 100644
      return nullptr;
    }
  
-@@ -547,6 +552,7 @@ SSL *SSL_new(SSL_CTX *ctx) {
+@@ -547,6 +553,7 @@ SSL *SSL_new(SSL_CTX *ctx) {
    ssl->config->signed_cert_timestamps_enabled =
        ctx->signed_cert_timestamps_enabled;
    ssl->config->ocsp_stapling_enabled = ctx->ocsp_stapling_enabled;
 +  ssl->config->record_size_limit = ctx->record_size_limit;
    ssl->config->handoff = ctx->handoff;
    ssl->quic_method = ctx->quic_method;
  
-@@ -571,6 +577,7 @@ SSL_CONFIG::SSL_CONFIG(SSL *ssl_arg)
+@@ -571,6 +578,7 @@ SSL_CONFIG::SSL_CONFIG(SSL *ssl_arg)
        jdk11_workaround(false),
        quic_use_legacy_codepoint(false),
        permute_extensions(false),
 +      key_shares_limit(0),
        alps_use_new_codepoint(false) {
    assert(ssl);
  }
-@@ -2068,6 +2075,28 @@ void SSL_enable_ocsp_stapling(SSL *ssl) {
+@@ -2068,6 +2076,28 @@ void SSL_enable_ocsp_stapling(SSL *ssl) {
    ssl->config->ocsp_stapling_enabled = true;
  }
  
@@ -1216,7 +1249,7 @@ index c859ea612..a2034bf0c 100644
  void SSL_get0_signed_cert_timestamp_list(const SSL *ssl, const uint8_t **out,
                                           size_t *out_len) {
    SSL_SESSION *session = SSL_get_session(ssl);
-@@ -2889,6 +2918,17 @@ void SSL_CTX_set_permute_extensions(SSL_CTX *ctx, int enabled) {
+@@ -2889,6 +2919,22 @@ void SSL_CTX_set_permute_extensions(SSL_CTX *ctx, int enabled) {
    ctx->permute_extensions = !!enabled;
  }
  
@@ -1230,6 +1263,11 @@ index c859ea612..a2034bf0c 100644
 +  ctx->key_usage_check_enabled = enabled;
 +  return 0;
 +}
++
++int SSL_CTX_set_use_firefox_tls13_ciphers(SSL_CTX *ctx, int enabled) {
++  ctx->use_firefox_tls13_ciphers = enabled;
++  return 0;
++}
 +
  void SSL_set_permute_extensions(SSL *ssl, int enabled) {
    if (!ssl->config) {
diff --git a/patches/curl.patch b/patches/curl.patch
