fix(relayd): disable TCP fingerprinting on Linux for now

Signed-off-by: Xe Iaso <me@xeiaso.net>

3 files changed, 13 insertions, 12 deletions

diff --git a/cmd/relayd/tcpfingerprint.go b/cmd/relayd/_tcpfingerprint.go
index e420354..201a9b6 100644
--- a/cmd/relayd/tcpfingerprint.go
+++ b/cmd/relayd/_tcpfingerprint.go
@@ -1,3 +1,5 @@
+//go:build ignore
+
 package main
 
 import (
diff --git a/cmd/relayd/fingerprint.go b/cmd/relayd/fingerprint.go
index 1a30a57..67d55de 100644
--- a/cmd/relayd/fingerprint.go
+++ b/cmd/relayd/fingerprint.go
@@ -7,7 +7,6 @@ import (
 	"crypto/tls"
 	"encoding/hex"
 	"fmt"
-	"log/slog"
 	"net"
 	"net/http"
 	"slices"
@@ -42,14 +41,14 @@ func applyTLSFingerprinter(server *http.Server) {
 	server.ConnContext = func(ctx context.Context, c net.Conn) context.Context {
 		ctx = context.WithValue(ctx, tlsFingerprintKey{}, &TLSFingerprint{})
 
-		if tc, ok := c.(*tls.Conn); ok {
-			tcpFP, err := assignTCPFingerprint(tc.NetConn())
-			if err == nil {
-				ctx = context.WithValue(ctx, tcpFingerprintKey{}, tcpFP)
-			} else {
-				slog.Debug("ja4t error", "err", err)
-			}
-		}
+		// if tc, ok := c.(*tls.Conn); ok {
+		// 	tcpFP, err := assignTCPFingerprint(tc.NetConn())
+		// 	if err == nil {
+		// 		ctx = context.WithValue(ctx, tcpFingerprintKey{}, tcpFP)
+		// 	} else {
+		// 		slog.Debug("ja4t error", "err", err)
+		// 	}
+		// }
 
 		return ctx
 	}
diff --git a/cmd/relayd/main.go b/cmd/relayd/main.go
index 9580fb2..3185b37 100644
--- a/cmd/relayd/main.go
+++ b/cmd/relayd/main.go
@@ -113,9 +113,9 @@ func main() {
 			}
 		}
 
-		if tcpFP := GetTCPFingerprint(req); tcpFP != nil {
-			req.Header.Set("X-TCP-Fingerprint-JA4T", tcpFP.String())
-		}
+		// if tcpFP := GetTCPFingerprint(req); tcpFP != nil {
+		// 	req.Header.Set("X-TCP-Fingerprint-JA4T", tcpFP.String())
+		// }
 
 		req.Header.Set("X-Forwarded-Host", req.URL.Host)
 		req.Header.Set("X-Forwarded-Proto", "https")