README
¶
mitmproxy
Golang mitm proxy implementation
⚠ This is experimental and subject to breaking changes.
Usage
import (
"log"
"net/http"
"github.com/hupe1980/golog"
"github.com/hupe1980/mitmproxy"
)
func main() {
proxy, err := mitmproxy.New(func(o *mitmproxy.Options) {
o.Logger = golog.NewGoLogger(golog.DEBUG, log.Default())
})
if err != nil {
panic(err)
}
log.Fatal(http.ListenAndServe(":8000", proxy))
}
Documentation
See godoc.
Examples
See more complete examples.
License
Documentation
¶
Index ¶
- Variables
- func LoadCA(certFile, keyFile string) (*x509.Certificate, crypto.PrivateKey, error)
- func LoadOrCreateCA(certFile, keyFile string, optFns ...func(*CAOptions)) (*x509.Certificate, crypto.PrivateKey, error)
- func NewCA(optFns ...func(*CAOptions)) (*x509.Certificate, *rsa.PrivateKey, error)
- func NewCertHandler(ca *x509.Certificate) http.Handler
- type BufferPool
- type CAOptions
- type CertStorage
- type CertTemplateGenFunc
- type ConnNotify
- type Direction
- type ErrorHandlerFunc
- type LRUCertStorage
- type MITMConfig
- type MITMOptions
- type MapCertStorage
- type Options
- type Proxy
- type RequestModifierFunc
- type ResponseModifierFunc
- type WSMessage
- type WSMessageModifierFunc
Constants ¶
This section is empty.
Variables ¶
View Source
var ( DefaultWSUpgrader = &websocket.Upgrader{ ReadBufferSize: 1024, WriteBufferSize: 1024, CheckOrigin: func(r *http.Request) bool { return true }, } DefaultWSDialer = &websocket.Dialer{ Proxy: http.ProxyFromEnvironment, HandshakeTimeout: 45 * time.Second, TLSClientConfig: &tls.Config{InsecureSkipVerify: true, NextProtos: []string{"http/1.1"}}, } )
View Source
var ( DefaultTLSServerConfig = &tls.Config{ MinVersion: tls.VersionTLS12, NextProtos: []string{"http/1.1"}, InsecureSkipVerify: true, } )
View Source
var (
DefaultTransport = newDefaultTransport()
)
MaxSerialNumber is the upper boundary that is used to create unique serial numbers for the certificate. This can be any unsigned integer up to 20 bytes (2^(8*20)-1).
Functions ¶
func LoadCA ¶
func LoadCA(certFile, keyFile string) (*x509.Certificate, crypto.PrivateKey, error)
func LoadOrCreateCA ¶
func LoadOrCreateCA(certFile, keyFile string, optFns ...func(*CAOptions)) (*x509.Certificate, crypto.PrivateKey, error)
func NewCA ¶
func NewCA(optFns ...func(*CAOptions)) (*x509.Certificate, *rsa.PrivateKey, error)
NewCA creates a new CA certificate and associated private key.
func NewCertHandler ¶
func NewCertHandler(ca *x509.Certificate) http.Handler
NewCertHandler returns an http.Handler that will present the client with the CA certificate to use in browser.
Types ¶
type BufferPool ¶
BufferPool is an interface for getting and returning temporary byte slices for use by io.CopyBuffer.
type CertStorage ¶
type CertStorage interface {
// Get gets the certificate from the storage
Get(hostname string) (*tls.Certificate, bool)
// Add adds the certificate to the storage
Add(hostname string, cert *tls.Certificate)
}
type CertTemplateGenFunc ¶
type ConnNotify ¶
ConnNotify embeds net.Conn and adds a channel field for notifying that the connection was closed.
func (*ConnNotify) Close ¶
func (c *ConnNotify) Close()
type ErrorHandlerFunc ¶
type ErrorHandlerFunc func(http.ResponseWriter, *http.Request, error)
type LRUCertStorage ¶
type LRUCertStorage struct {
// contains filtered or unexported fields
}
LRUCertStorage is lru-based CertStorage implementation
func NewLRUStorage ¶
func NewLRUStorage(cacheSize int) (*LRUCertStorage, error)
func (*LRUCertStorage) Add ¶
func (s *LRUCertStorage) Add(hostname string, cert *tls.Certificate)
Add adds the certificate to the storage
func (*LRUCertStorage) Get ¶
func (s *LRUCertStorage) Get(hostname string) (*tls.Certificate, bool)
Get gets the certificate from the storage
type MITMConfig ¶
type MITMConfig struct {
// contains filtered or unexported fields
}
MITMConfig is a set of configuration values that are used to build TLS configs capable of MITM.
func NewMITMConfig ¶
func NewMITMConfig(optFns ...func(*MITMOptions)) (*MITMConfig, error)
NewMITMConfig creates a new MITM configuration
func (*MITMConfig) GetOrCreateCert ¶
func (c *MITMConfig) GetOrCreateCert(hostname string) (*tls.Certificate, error)
GetOrCreateCert gets or creates a certificate for the specified hostname
func (*MITMConfig) NewTLSConfigForHost ¶
func (c *MITMConfig) NewTLSConfigForHost(hostname string) *tls.Config
NewTLSConfigForHost creates a *tls.Config that will generate domain certificates on-the-fly using the SNI extension (if specified) or the hostname
type MITMOptions ¶
type MITMOptions struct {
CA *x509.Certificate
PrivateKey crypto.PrivateKey
// Organization (will be used for generated certificates)
Organization string
// Validity of the generated certificates
Validity time.Duration
// Config structure is used to configure the TLS server.
TLSServerConfig *tls.Config
// Storage for generated certificates
CertStorage CertStorage
CertTemplateGen CertTemplateGenFunc
// Logger specifies an optional logger.
// If nil, logging is done via the log package's standard logger.
Logger golog.Logger
}
type MapCertStorage ¶
type MapCertStorage struct {
// contains filtered or unexported fields
}
MapCertStorage is a simple map-based CertStorage implementation
func NewMapCertStorage ¶
func NewMapCertStorage() *MapCertStorage
func (*MapCertStorage) Add ¶
func (s *MapCertStorage) Add(hostname string, cert *tls.Certificate)
Add adds the certificate to the storage
func (*MapCertStorage) Get ¶
func (s *MapCertStorage) Get(hostname string) (*tls.Certificate, bool)
Get gets the certificate from the storage
type Options ¶
type Options struct {
// MITM Config
MITMConfig *MITMConfig
// The transport used to perform proxy requests.
// If nil, DefaultTransport is used.
Transport http.RoundTripper
// The upgrader used to upgrade a HTTP connection
// to a WebSocket connection.
// If nil, DefaultWSUpgrader is used.
WSUpgrader *websocket.Upgrader
// The dialer used to connect to a WebSocket server.
// If nil, DefaultWSDialer is used.
WSDialer *websocket.Dialer
// FlushInterval specifies the flush interval
// to flush to the client while copying the
// response body.
// If zero, no periodic flushing is done.
// A negative value means to flush immediately
// after each write to the client.
// The FlushInterval is ignored when Proxy
// recognizes a response as a streaming response, or
// if its ContentLength is -1; for such responses, writes
// are flushed to the client immediately.
FlushInterval time.Duration
// Logger specifies an optional logger.
// If nil, logging is done via the log package's standard logger.
Logger golog.Logger
// BufferPool optionally specifies a buffer pool to
// get byte slices for use by io.CopyBuffer when
// copying HTTP response bodies.
BufferPool BufferPool
// ErrorHandler is an optional function that handles errors
// reaching the backend or errors from responseModifier specified in
// OnResponse.
//
// If nil, the default is to log the provided error and return
// a 502 Status Bad Gateway response.
ErrorHandler ErrorHandlerFunc
}
type Proxy ¶
type Proxy struct {
// contains filtered or unexported fields
}
func (*Proxy) OnRequest ¶
func (p *Proxy) OnRequest(fn RequestModifierFunc)
func (*Proxy) OnResponse ¶
func (p *Proxy) OnResponse(fn ResponseModifierFunc)
func (*Proxy) OnWSMessage ¶
func (p *Proxy) OnWSMessage(fn WSMessageModifierFunc)
type RequestModifierFunc ¶ added in v0.0.2
type ResponseModifierFunc ¶ added in v0.0.2
type WSMessageModifierFunc ¶
type WSMessageModifierFunc func(msg *WSMessage)
Source Files
¶
Directories
Click to show internal directories.
Click to hide internal directories.