feat(relayd): ja4t fingerprinting

Signed-off-by: Xe Iaso <me@xeiaso.net>
author: Xe Iaso <me@xeiaso.net> 2025-04-21 16:36:13 -0400
committer: Xe Iaso <me@xeiaso.net> 2025-04-21 16:36:13 -0400
commit: 8ecbe6f42e0eed79e899178570690aab1ce67c3f (patch)
tree: 1df34b6f2f656065fa63718127d27a87e4566adb /cmd/relayd/fingerprint.go
parent: c56a114a91656d7a8a644f3e606b422d28ab10bb (diff)
download: x-8ecbe6f42e0eed79e899178570690aab1ce67c3f.tar.xz
x-8ecbe6f42e0eed79e899178570690aab1ce67c3f.zip
1 files changed, 9 insertions, 5 deletions
diff --git a/cmd/relayd/fingerprint.go b/cmd/relayd/fingerprint.go
index 7ef2d13..1a30a57 100644
--- a/cmd/relayd/fingerprint.go
+++ b/cmd/relayd/fingerprint.go
@@ -41,12 +41,16 @@ func applyTLSFingerprinter(server *http.Server) {
 	}
 	server.ConnContext = func(ctx context.Context, c net.Conn) context.Context {
 		ctx = context.WithValue(ctx, tlsFingerprintKey{}, &TLSFingerprint{})
-		tcpFP, err := assignTCPFingerprint(c)
-		if err == nil {
-			ctx = context.WithValue(ctx, tcpFingerprintKey{}, tcpFP)
-		} else {
-			slog.Debug("ja4t error", "err", err)
+
+		if tc, ok := c.(*tls.Conn); ok {
+			tcpFP, err := assignTCPFingerprint(tc.NetConn())
+			if err == nil {
+				ctx = context.WithValue(ctx, tcpFingerprintKey{}, tcpFP)
+			} else {
+				slog.Debug("ja4t error", "err", err)
+			}
 		}
+
 		return ctx
 	}
 }
author	Xe Iaso <me@xeiaso.net>	2025-04-21 16:36:13 -0400
committer	Xe Iaso <me@xeiaso.net>	2025-04-21 16:36:13 -0400
commit	8ecbe6f42e0eed79e899178570690aab1ce67c3f (patch)
tree	1df34b6f2f656065fa63718127d27a87e4566adb /cmd/relayd/fingerprint.go
parent	c56a114a91656d7a8a644f3e606b422d28ab10bb (diff)
download	x-8ecbe6f42e0eed79e899178570690aab1ce67c3f.tar.xz x-8ecbe6f42e0eed79e899178570690aab1ce67c3f.zip