Add --exclude-domains flag. Fix #100

2025-12-30 11:18:06 +03:00 · 2024-09-03 21:22:17 +03:00
parent 3d50c00e4f
commit 5f2e423dfa
4 changed files with 57 additions and 3 deletions
--- a/mangle.c
+++ b/mangle.c
@@ -704,7 +704,7 @@ struct tls_verdict analyze_tls_data(

 			if (config.all_domains) {
 				vrd.target_sni = 1;
-				goto out;
+				goto check_domain;
 			}


@@ -726,12 +726,48 @@ struct tls_verdict analyze_tls_data(
 						domain_startp, 
 						domain_len)) {
 							vrd.target_sni = 1;
+							goto check_domain;
 					}

 					j = i + 1;
 				}
 			}

+			continue;
+
+check_domain:
+			if (vrd.target_sni == 1 && config.exclude_domains_strlen != 0) {
+				unsigned int j = 0;
+				for (unsigned int i = 0; i <= config.exclude_domains_strlen; i++) {
+					if (	i > j &&
+						(i == config.exclude_domains_strlen	||	
+						config.exclude_domains_str[i] == '\0'	||
+						config.exclude_domains_str[i] == ','	|| 
+						config.exclude_domains_str[i] == '\n'	)) {
+
+						unsigned int domain_len = (i - j);
+						const char *sni_startp = sni_name + sni_len - domain_len;
+						const char *domain_startp = config.exclude_domains_str + j;
+
+						if (sni_len >= domain_len &&
+							sni_len < 128 && 
+							!strncmp(sni_startp, 
+							domain_startp, 
+							domain_len)) {
+
+							vrd.target_sni = 0;
+							lgdebugmsg("Excluded SNI: %.*s", 
+								vrd.sni_len, data + vrd.sni_offset);
+							goto out;
+						}
+
+						j = i + 1;
+					}
+				}
+			}
+
+			goto out;
+
 nextExtension:
 			extensionsPtr += 2 + 2 + extensionLen;
 		}
@@ -739,9 +775,13 @@ nextMessage:
 		i += 5 + message_length;
 	}

+
+
+	goto out;
 out:
 	return vrd;

+
 brute:
 	if (config.all_domains) {
 		vrd.target_sni = 1;