iartamonov/mautrix-telegram
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

faketls: include real record type and peek bytes on handshake errors
Go / Lint (old) (push) Failing after 4m43s
Details
Go / Lint (latest) (push) Failing after 4m40s
Details
Go / Lint (old) (pull_request) Failing after 4m40s
Details
Go / Lint (latest) (pull_request) Failing after 4m43s
Details

Browse Source 
The previous error path used errors.Wrap(err, "unexpected record type")
inside type-mismatch branches where err was already nil. With
go-faster/errors that produced a wrapError with no cause and no detail,
making the user-visible message "unexpected record type" useless for
diagnostics — there was no way to tell what mtg actually sent.

Switch to errors.Errorf with the actual received byte and a 32-byte
hex peek of the read buffer. Also wrap the read-error path with the
same peek so a partial response is visible.

This is a diagnostic-only change; the parser semantics are unchanged.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
This commit is contained in:
Igor Artamonov
2026-05-01 10:51:50 +03:00
parent b00e2d8955
commit aab48f0dbe
1 changed files with 16 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files
pkg/gotd/mtproxy/faketls/server_hello.go
+16 -4
View File
@@ -4,11 +4,20 @@ import (
"bytes" "bytes"
"crypto/hmac" "crypto/hmac"
"crypto/sha256" "crypto/sha256"
"encoding/hex"
"io" "io"
"github.com/go-faster/errors" "github.com/go-faster/errors"
) )
// peekDump returns up to n bytes from the start of buf as a hex string for diagnostics.
func peekDump(buf []byte, n int) string {
if len(buf) < n {
n = len(buf)
}
return hex.EncodeToString(buf[:n])
}
// readServerHello reads faketls ServerHello. // readServerHello reads faketls ServerHello.
func readServerHello(r io.Reader, clientRandom [32]byte, secret []byte) error { func readServerHello(r io.Reader, clientRandom [32]byte, secret []byte) error {
packetBuf := bytes.NewBuffer(nil) packetBuf := bytes.NewBuffer(nil)
@@ -16,10 +25,11 @@ func readServerHello(r io.Reader, clientRandom [32]byte, secret []byte) error {
handshake, err := readRecord(r) handshake, err := readRecord(r)
if err != nil { if err != nil {
return errors.Wrap(err, "handshake record") return errors.Wrapf(err, "handshake record (peek=%s)", peekDump(packetBuf.Bytes(), 32))
} }
if handshake.Type != RecordTypeHandshake { if handshake.Type != RecordTypeHandshake {
return errors.Wrap(err, "unexpected record type") return errors.Errorf("unexpected handshake record type: got 0x%02x, want 0x%02x (peek=%s)",
byte(handshake.Type), byte(RecordTypeHandshake), peekDump(packetBuf.Bytes(), 32))
} }
changeCipher, err := readRecord(r) changeCipher, err := readRecord(r)
@@ -27,7 +37,8 @@ func readServerHello(r io.Reader, clientRandom [32]byte, secret []byte) error {
return errors.Wrap(err, "change cipher record") return errors.Wrap(err, "change cipher record")
} }
if changeCipher.Type != RecordTypeChangeCipherSpec { if changeCipher.Type != RecordTypeChangeCipherSpec {
return errors.Wrap(err, "unexpected record type") return errors.Errorf("unexpected change cipher record type: got 0x%02x, want 0x%02x",
byte(changeCipher.Type), byte(RecordTypeChangeCipherSpec))
} }
cert, err := readRecord(r) cert, err := readRecord(r)
@@ -35,7 +46,8 @@ func readServerHello(r io.Reader, clientRandom [32]byte, secret []byte) error {
return errors.Wrap(err, "cert record") return errors.Wrap(err, "cert record")
} }
if cert.Type != RecordTypeApplication { if cert.Type != RecordTypeApplication {
return errors.Wrap(err, "unexpected record type") return errors.Errorf("unexpected application record type: got 0x%02x, want 0x%02x",
byte(cert.Type), byte(RecordTypeApplication))
} }
// `$record_header = type 1 byte + version 2 bytes + payload_length 2 bytes = 5 bytes` // `$record_header = type 1 byte + version 2 bytes + payload_length 2 bytes = 5 bytes`