
Show HN: Using CNAMEs as SNI Hostnames - 3xblah
#A shell script that &quot;learns&quot; and updates itself with new information.<p>#Usage: echo https:&#x2F;&#x2F;example.com&#x2F;index.html|cname-sni &gt; 1.html; firefox 1.html  [1]<p>#where example.com is a site hosted on AWS Cloudfront and the script is called &quot;cname-sni&quot;.<p>#Purpose: send CNAME as SNI hostname, e.g., send dnere6g15e5vs.cloudfront.net instead of www.reuters.com<p>#Uses DNS-over-HTTPS from Cloudflare but can easily substitute other sources<p>#    echo 104.16.248.249 cloudflare-dns.com &gt;&gt; &#x2F;etc&#x2F;hosts<p>#1. The file 1.html will contain TLS headers, HTTP headers and possibly chunk sizes.  Removing those is left as an exercise for the reader.  I wrote some crude filters in flex to do it.  Adding &quot;&lt;base href=https:&#x2F;&#x2F;example.com &#x2F;&gt;&quot; to the top of 1.html will fix relative links when viewed in the browser.<p><pre><code>    # requirements:  ed, grep, sed, openssl ; 
    get(){ printf &quot;GET $1 HTTP&#x2F;1.1\r\nHost: $2\r\nConnection: close\r\n\r\n&quot;|exec openssl s_client -ign_eof -no_ticket -connect $2:443 -verify 9 $3 $4 $5;}
    doh(){ u=cloudflare-dns.com;get &quot;&#x2F;dns-query?name=$1&amp;type=A&amp;ct=application&#x2F;dns-json&quot; $u |grep  -o &quot;d[^\&quot;]*.cloudfront.net&quot;;};
    read x q; unset q;case $x in https:&#x2F;&#x2F;*)x=${x#*https:&#x2F;&#x2F;};esac;host=${x%%&#x2F;*};path=&#x2F;${x#*&#x2F;};
    case $host in &quot;&quot;) # the &quot;;;&quot; lines are eight spaces from the left margin and there are eight spaces following grep and echo
        ;;www.reuters.com) y=dnere6g15e5vs.cloudfront.net
        ;;www.wsj.com) y=dlp0y1mxy0v3u.cloudfront.net
        ;;*) a=$(doh $x|sed 1q);
    echo $a|grep -q &quot;^d[^\&quot;]*.cloudfront.net$&quot; ||exit;
    z=$a;if ! grep -q &#x27;        ;;$host) &#x27;y=$z $0;then echo &#x27;        ;;&#x27;$host&#x27;)&#x27; y=$z &gt;&gt; $0;
    printf &quot;&#x2F;doh .x\n-1\n\$m.\nwq\n&quot;|ed $0 &gt;&#x2F;dev&#x2F;null;fi;esac;get $path $x -tls1_2 -servername ${z-$y};exit</code></pre>
======
3xblah

       sed -i '/read x/s,$,test \$path != \$x||path=/\;,' cname-sni

