proxy

Documentation

Overview

Package proxy defines server instance provides HTTP and HTTPS man-in-the-middle proxy functionality.

Index

• func NOP(s Stage, f *Flow)
• type Flow
• type Pipe
  • func NewBlocker(pattern *regexp.Regexp) Pipe
  • func NewLogger(when Stage) Pipe
  • func NewRedirector(pattern *regexp.Regexp, redirector func(string) string) Pipe
• type Proxy
  • func New(ca *tls.Certificate, crts []tls.Certificate, httpOnly bool, handlers []Pipe) (*Proxy, error)
  • func (p *Proxy) ServeHTTP(w http.ResponseWriter, req *http.Request)
• type Stage

Functions

func NOP

func NOP(s Stage, f *Flow)

NOP does nothing; it is just a sample.

Types

type Flow

type Flow struct {
	// Session identifier
	Session int64

	// Proxy instance handling this flow.
	// Basically it is not recommended to make any changes on proxy instance. Changes in proxy
	// could affect or not affect to running server instance; it relies on implementation of http and tls package.
	Proxy *Proxy

	// Upstream request proxy catched
	Request *http.Request

	// Response for request proxy made to server instead of client.
	// If response is set before request actually made, the remaining operations will be skipped
	// and response set by pipe will be sent to client.
	Response *http.Response
}

Flow is single session of pair of request and response.

type Pipe

type Pipe func(Stage, *Flow)

Pipe is a handler for flow called by proxy. Handle behaviors with given Stage variable. See examples how to use it.

func NewBlocker

func NewBlocker(pattern *regexp.Regexp) Pipe

NewBlocker is a sample pipe generator that blocks all requests with destination matches the pattern.

func NewLogger

func NewLogger(when Stage) Pipe

NewLogger returns pipe that make logs when called on specific stage.

func NewRedirector

func NewRedirector(pattern *regexp.Regexp, redirector func(string) string) Pipe

NewRedirector is a sample pipe generator that all requests with destination matches with given pattern to a new URL returned from redirector function.

The returned pipe will set "HTTP 301 Moved Permanently" response to flow to gently persuade the client to make request to moved URL.

type Proxy

type Proxy struct {
	// Proxy extends http.Server
	*http.Server

	// Root CA certificate to be used during TLS handshaking with client
	// for TLS interception. New certificate with server's name signed by this CA
	// is sent to client.
	CA *tls.Certificate

	// Tr is used as upstream (proxy - server) network configuration.
	// When proxy make requests to server as a client, Tr is used.
	Tr *http.Transport
	// contains filtered or unexported fields
}

Proxy type for tls-interception capable https proxy service.

func New

func New(
	ca *tls.Certificate,
	crts []tls.Certificate,
	httpOnly bool,
	handlers []Pipe,
) (*Proxy, error)

New returns a Proxy instance.

func (*Proxy) ServeHTTP

func (p *Proxy) ServeHTTP(w http.ResponseWriter, req *http.Request)

ServeHTTP implements http.Handler interface to work as server

type Stage

type Stage int

Stage indicates the current stage in proxying.

const (
	// Sending is before sending request to upstream (destination server).
	// If response is set (not nil) in this stage, the proxy won't send any request to
	// the server. Instead it will reply to client with response set.
	Sending Stage = iota

	// Replying is before replying response to downstream (client). This stage is
	// after received response from server so modifying request won't have any effect.
	Replying

	// Closed is stage all tasks are done. Modifications won't have any changes.
	Closed
)