Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

fix: update ja4 compliance #4773

Merged
merged 6 commits into from
Sep 20, 2024
Merged

fix: update ja4 compliance #4773

merged 6 commits into from
Sep 20, 2024

Conversation

lrstewart
Copy link
Contributor

@lrstewart lrstewart commented Sep 16, 2024

Description of changes:

Pull in the latest version of the JA4 spec for compliance comments.

This PR primarily just updates compliance comments, but the new spec does come with two behavior changes:

  1. Empty strings are set to a string of zeroes rather than hashed
  2. The version "s1" (SSLv1) is removed, meaning that SSLv1 would now be considered unknown / "00". That shouldn't really matter since s2n-tls doesn't support sslv1.

Call-outs:

Let me know if the diff is too confusing. I can always update the spec first, then make us compliant with the updated spec in a separate PR. But manual review of the spec changes isn't really important, since duvet will fail to generate the compliance report if the spec files don't match what it pulls down from the url.

You can see a diff of the spec in the original repo here.

Testing:

  • Duvet checks that the specs and compliance comments match the remote. I have almost full coverage (I'm just missing a test for grease values being ignored everywhere, and I'm not sure that's reasonably testable).
  • Existing tests pass. I added tests for the new empty list cases, and updated the version test to reflect the sslv1 change.
  • I added a new pcap, but it can't really be used until tshark updates.

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.

@github-actions github-actions bot added the s2n-core team label Sep 16, 2024
@lrstewart lrstewart marked this pull request as ready for review September 16, 2024 00:42
tls/s2n_fingerprint_ja4.c Outdated Show resolved Hide resolved
@lrstewart lrstewart requested a review from goatgoose September 19, 2024 07:28
@lrstewart lrstewart enabled auto-merge (squash) September 19, 2024 16:28
@lrstewart lrstewart disabled auto-merge September 19, 2024 17:15
@lrstewart lrstewart enabled auto-merge (squash) September 19, 2024 19:13
@lrstewart lrstewart merged commit a841fca into aws:main Sep 20, 2024
37 checks passed
@lrstewart lrstewart deleted the ja4_update branch September 20, 2024 04:28
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants