-
Notifications
You must be signed in to change notification settings - Fork 0
132 lines (108 loc) · 4.46 KB
/
fingerprint.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
name: Fingerprinting
on:
push:
branches:
- main
schedule:
- cron: "0 1 * * *"
jobs:
handshake-capture:
runs-on: ubuntu-latest
timeout-minutes: 5
strategy:
fail-fast: false
matrix:
browser: [firefox, chrome]
bver: [stable]
steps:
- uses: actions/checkout@v3
- name: Install tshark
run: sudo apt install -y tshark
- uses: actions/setup-node@v4
- run: npm install
working-directory: .github/workflows/browser-test/
- name: Remove preinstalled github chromedriver/geckodriver from $PATH
run: sudo rm /usr/bin/chromedriver /usr/bin/geckodriver
- run: Xvfb :99 &
- name: Install browser version
run: BROWSER_A=${{matrix.browser}} BROWSER_B=${{matrix.browser}} BVER=${{matrix.bver}} DISPLAY=:99.0 node download-browsers.js
working-directory: .github/workflows/browser-test/
- name: Get browser version
id: "browser"
run: echo "version=$(ls ./browsers/${{matrix.browser}} | sed -e 's/ /_/g' -e 's/\./_/g' -e 's/\-/_/g')" >> $GITHUB_OUTPUT
working-directory: .github/workflows/browser-test/
- name: Create directory for pcaps
run: |
mkdir ./captures/
touch ./captures/full-capture-${{matrix.browser}}_${{steps.browser.outputs.version}}.pcap
sudo chown -R root:root ./captures
ls -lga ./captures
- name: Start tshark capture
run: sudo tshark -i any -w ./captures/full-capture-${{matrix.browser}}_${{steps.browser.outputs.version}}.pcap -f "udp" &
- name: Run webrtc applications with jest/selenium
run: BROWSER_A=${{matrix.browser}} BROWSER_B=${{matrix.browser}} BVER=${{matrix.bver}} DISPLAY=:99.0 node_modules/.bin/jest --retries=3 interop
working-directory: .github/workflows/browser-test/
- name: Kill tshark capture
run: sudo killall tshark 1> /dev/null 2> /dev/null
continue-on-error: true
- name: Filter DTLS handshake in pcap
run: sudo tshark -r ./captures/full-capture-${{matrix.browser}}_${{steps.browser.outputs.version}}.pcap -Y "dtls.handshake" -w ./captures/capture-${{matrix.browser}}_${{steps.browser.outputs.version}}.pcap
- name: Archive pcap
uses: actions/upload-artifact@v4
with:
name: fingerprint-pcap-${{matrix.browser}}_${{steps.browser.outputs.version}}.pcap
path: ./captures/capture-${{matrix.browser}}_${{steps.browser.outputs.version}}.pcap
commit-fingerprints:
needs: handshake-capture
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
with:
ref: ${{ github.event.pull_request.head.ref }}
- name: Create fingerprint directory
run: |
mkdir -p ./fingerprints-captures
mkdir -p ${{ runner.temp }}/fingerprints-captures
- name: Download all artifacts
uses: actions/download-artifact@v4
with:
path: ${{ runner.temp }}/fingerprints-captures
pattern: fingerprint-pcap-*
merge-multiple: true
- name: Install libpcap
run: sudo apt install libpcap-dev
- name: Setup go
uses: actions/setup-go@v5
with:
go-version: '1.23'
- name: Run pcap fingerprint parser
run: |
go get .
go run main.go ${{ runner.temp }}/fingerprints-captures
- name: Run gofmt on fingerprints.go
run: gofmt -s -w ./pkg/fingerprints/fingerprints.go
- name: golangci-lint
uses: golangci/golangci-lint-action@v6
with:
version: v1.60.1
skip-pkg-cache: true
skip-build-cache: true
args: $GOLANGCI_LINT_EXRA_ARGS
- name: Commit fingerprints
run: |
git config user.name github-actions
git config user.email github-actions@github.com
git add ./pkg/fingerprints/fingerprints.go
ls -R ${{ runner.temp }}/fingerprints-captures
ls -R ./fingerprints-captures
fingerprints=""
for file in ${{ runner.temp }}/fingerprints-captures/*; do
if ! [[ -f ./fingerprints-captures/"${file##*/}" ]]; then
mv ${{ runner.temp }}/fingerprints-captures/"${file##*/}" ./fingerprints-captures/
git add ./fingerprints-captures/"${file##*/}"
fingerprint=$(echo "${file##*/}" | sed -e 's/.pcap//g' -e 's/capture-//g' -e 's/./\u&/')
fingerprints="${fingerprints} ${fingerprint}"
fi
done
git commit -m "Add fresh fingerprints" -m "$fingerprints"
git push