Skip to content
This repository has been archived by the owner on Jan 21, 2023. It is now read-only.

Commit

Permalink
Imperfectly bypass the GFW
Browse files Browse the repository at this point in the history 
The M3U request is definitely being detected but it isn't always being blocked.
  • Loading branch information
@AlyoshaVasilieva
AlyoshaVasilieva committed Jul 10, 2021
1 parent b74cb1e commit 58dd53e
Show file tree
Hide file tree
Showing 3 changed files with 11 additions and 10 deletions.
2 changes: 1 addition & 1 deletion Cargo.lock
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 1 addition & 1 deletion Cargo.toml
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
[package]
name = "city17"
version = "0.5.2"
version = "0.5.3"
authors = ["Malloc Voidstar <[email protected]>"]
edition = "2018"
resolver = "2"
Expand Down
17 changes: 9 additions & 8 deletions src/main.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -41,12 +41,11 @@ impl ClientBuilderExt for ClientBuilder {
///
/// Doing this appears to reduce latency variation even when the DNS is working.
fn insert_resolve_overrides(self) -> Self {
self.resolve("twitch.map.fastly.net", socket_addr_v4([151, 101, 110, 167], 443))
.resolve("usher.ttvnw.net", socket_addr_v4([23, 160, 0, 254], 443))
// the fastly IP hasn't changed in the last three years
// the ttvnw IP is also at least two years old
// if they start changing, make it part of the build process
// note alternative usher IP: [192, 108, 239, 254], 443
self.resolve("fastly.net", socket_addr_v4([151, 101, 110, 167], 443))
.resolve("usher.ttvnw.net", socket_addr_v4([192, 108, 239, 254], 443))
// Usher override is unused due to bypass.
// if these IPs start changing, make it part of the build process
// note alternative usher IP: [23, 160, 0, 254], 443
}
}

Expand Down Expand Up @@ -142,9 +141,11 @@ async fn process(var: Variables) -> Result<M3U8Responder, ErrorResponder> {
async fn get_m3u8(url: &str, token: PlaybackAccessToken) -> Result<String, Error> {
let mut pcg = get_rng();
let p = pcg.gen_range(0..=9_999_999).to_string();
// Pretty sure the GFW thinks this is suspicious, but it's not 100% blocked.
CLIENT
.get(url)
.get(url.replace("usher.ttvnw.net", "192.108.239.254"))
.query(&token.gen_query(&p, &generate_id().to_lowercase()))
.header("Host", "usher.ttvnw.net")
.send()
.await?
.error_for_status()?
Expand Down Expand Up @@ -211,7 +212,7 @@ async fn get_access_token(var: &Variables) -> Result<AccessTokenResponse, Error>
// This workaround is necessary even with the hard-coded resolver due to TLS SNI
// sending the hostname in the clear.
CLIENT
.post("https://twitch.map.fastly.net/gql")
.post("https://fastly.net/gql")
.header("Host", "gql.twitch.tv")
.header("Client-ID", TWITCH_CLIENT)
.header("Device-ID", &id)
Expand Down

0 comments on commit 58dd53e

Please sign in to comment.