Refactor + Caching #404
Open
Refactor + Caching #404
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Important changes: Fixes elazarl#256: connections are closed after usage, so FD-count remains congruent with the actual amount of open connections. Added ProxyHttpServer.Signer of type type Signer func(ca *tls.Certificate, hostname []string) (*tls.Certificate, error) If ProxyHttpServer.Signer is set, the goproxy uses that function to retrieve Certificates for TLS-interception. This allows consumers of goproxy to implement f.e. caching of certificates. Minor changes: - adjusted import-path to github.com/oec/goproxy - go fmt on all files
UrlHasPrefix did not add "://" between the url.Scheme and the url.Host so that the comparison against the given prefix would fail, if that starts with the usual URL syntax "scheme://host..."
Was commit ecfe977 from dmjones
After successful handshake in a HTTPS MITM scenario, it is not sufficient call http.ReadRequest(clientTLS). The body -or parts of it- might still be in the bufio.Buffer and not processed yet. The subsequent call to http.ReadRequest will than fail because it doesn't find a proper request-line in the buffer. This patch reads the complete body from the request and resets the bufio.Buffer so that the next call to http.ReadRequest() can work with a clean plate. [Unfortunately I haven't managed to create an test case for it as the http.Client seems to open new CONNECTs to access the test-TLS-server. Still working on it.]
When intercepting a CONNECT, we read the request from the client in a loop and create another request object. Before this commit, we had set the .Host of this new request with the .Host from the original CONNECT-request, which might contain a port number. Such a request to the outgoing server failed with 500. With this commit, the proxy does not set .Host anymore on the outgoing request (but still sets .URL.Host).
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Up for discussion, it's a collection of refactors/prs & bugfixes.
Some tests are broken.