hello_ext: add ClientHello extension permutation

This adds a mechanism to randomize the order of TLS extensions in the ClientHello to make fingerprinting harder. The mechanism is enabled by default and a new priority keyword %NO_EXTS_SHUFFLE has been added to turn it off. Signed-off-by: peonix <ajeetsinghchahar2@gmail.com>
author: @Ajit <ajeetsinghchahar2@gmail.com> 2023-04-01 23:05:00 +0000
committer: Daiki Ueno <ueno@gnu.org> 2023-04-01 23:05:00 +0000
commit: b6b71c8b70061eb5a489443ba82c90df948da95b (patch)
tree: f7f2681f3ef0a6af8ec6148ef260ef151775d0d8 /lib/priority_options.gperf
parent: b3fe5c229474a4dd0e74e955afb6bdc5d54c462d (diff)
download: gnutls-b6b71c8b70061eb5a489443ba82c90df948da95b.tar.gz
1 files changed, 1 insertions, 0 deletions
diff --git a/lib/priority_options.gperf b/lib/priority_options.gperf
index 11bcc6e88e..d69c3b4b11 100644
--- a/lib/priority_options.gperf
+++ b/lib/priority_options.gperf
@@ -43,3 +43,4 @@ NEW_PADDING, dummy_func
 DEBUG_ALLOW_KEY_USAGE_VIOLATIONS, enable_server_key_usage_violations
 ALLOW_SMALL_RECORDS, enable_allow_small_records
 DISABLE_TLS13_COMPAT_MODE, disable_tls13_compat_mode
+NO_EXTS_SHUFFLE, enable_no_exts_shuffle
author	@Ajit <ajeetsinghchahar2@gmail.com>	2023-04-01 23:05:00 +0000
committer	Daiki Ueno <ueno@gnu.org>	2023-04-01 23:05:00 +0000
commit	b6b71c8b70061eb5a489443ba82c90df948da95b (patch)
tree	f7f2681f3ef0a6af8ec6148ef260ef151775d0d8 /lib/priority_options.gperf
parent	b3fe5c229474a4dd0e74e955afb6bdc5d54c462d (diff)
download	gnutls-b6b71c8b70061eb5a489443ba82c90df948da95b.tar.gz