caj
/
go-mitmproxy
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

解析https初步调试成功

Browse Source
addon-dailer
lqqyt2423 4 years ago
parent 4a0fe92889
commit 555cd4c1c6
2 changed files with 45 additions and 2 deletions
Show Stats Download Patch File Download Diff File

2
cert/cert.go
Unescape Escape View File

@ -253,7 +253,7 @@ func (ca *CA) DummyCert(commonName string) (*tls.Certificate, error) {
cert := &tls.Certificate{ cert := &tls.Certificate{
Certificate: [][]byte{certBytes}, Certificate: [][]byte{certBytes},
PrivateKey: ca.PrivateKey, PrivateKey: &ca.PrivateKey,
} }
return cert, nil return cert, nil

45
proxy/proxy.go
Unescape Escape View File

@ -1,11 +1,14 @@
package proxy package proxy
import ( import (
"crypto/tls"
"io" "io"
"log" "log"
"net" "net"
"net/http" "net/http"
"time" "time"
"github.com/lqqyt2423/go-mitmproxy/cert"
) )
type Options struct { type Options struct {
@ -14,9 +17,25 @@ type Options struct {
type Proxy struct { type Proxy struct {
Server *http.Server Server *http.Server
ca *cert.CA
extraNetListener net.Listener
extraServer *http.Server
} }
func (proxy *Proxy) Start() error { func (proxy *Proxy) Start() error {
ln, err := net.Listen("tcp", "127.0.0.1:") // port number is automatically chosen
if err != nil {
return err
}
proxy.extraNetListener = ln
proxy.extraServer.Addr = ln.Addr().String()
log.Printf("Proxy extraServer Addr is %v\n", proxy.extraServer.Addr)
go func() {
defer ln.Close()
log.Fatal(proxy.extraServer.ServeTLS(ln, "", ""))
}()
log.Printf("Proxy start listen at %v\n", proxy.Server.Addr) log.Printf("Proxy start listen at %v\n", proxy.Server.Addr)
return proxy.Server.ListenAndServe() return proxy.Server.ListenAndServe()
} }
@ -27,6 +46,8 @@ func (proxy *Proxy) ServeHTTP(res http.ResponseWriter, req *http.Request) {
return return
} }
log.Printf("url: %v\n", req.URL.String())
if !req.URL.IsAbs() || req.URL.Host == "" { if !req.URL.IsAbs() || req.URL.Host == "" {
res.WriteHeader(400) res.WriteHeader(400)
_, err := io.WriteString(res, "此为代理服务器,不能直接发起请求") _, err := io.WriteString(res, "此为代理服务器,不能直接发起请求")
@ -73,7 +94,12 @@ func (proxy *Proxy) ServeHTTP(res http.ResponseWriter, req *http.Request) {
func (proxy *Proxy) handleConnect(res http.ResponseWriter, req *http.Request) { func (proxy *Proxy) handleConnect(res http.ResponseWriter, req *http.Request) {
log.Printf("CONNECT: %v\n", req.Host) log.Printf("CONNECT: %v\n", req.Host)
conn, err := net.Dial("tcp", req.Host) // 直接转发
// conn, err := net.Dial("tcp", req.Host)
// 内部解析 HTTPS
conn, err := net.Dial("tcp", proxy.extraServer.Addr)
if err != nil { if err != nil {
log.Printf("error: %v, host: %v\n", err, req.Host) log.Printf("error: %v, host: %v\n", err, req.Host)
res.WriteHeader(502) res.WriteHeader(502)
@ -118,5 +144,22 @@ func NewProxy(opts *Options) *Proxy {
Addr: opts.Addr, Addr: opts.Addr,
Handler: proxy, Handler: proxy,
} }
ca, err := cert.NewCA("")
if err != nil {
panic(err)
}
proxy.ca = ca
proxy.extraServer = &http.Server{
Handler: proxy,
TLSConfig: &tls.Config{
PreferServerCipherSuites: true,
GetCertificate: func(chi *tls.ClientHelloInfo) (*tls.Certificate, error) {
log.Printf("GetCertificate ServerName: %v\n", chi.ServerName)
return proxy.ca.DummyCert(chi.ServerName)
},
},
}
return proxy return proxy
} }

Write Preview
Loading…
Cancel
Save