Documentation ¶
Overview ¶
Package httpproxy provides a customizable HTTP proxy; supports HTTP, HTTPS through CONNECT. And also provides HTTPS connection using "Man in the Middle" style attack.
It's easy to use. `httpproxy.Proxy` implements `Handler` interface of `net/http` package to offer `http.ListenAndServe` function.
Index ¶
- Constants
- Variables
- func InMemoryResponse(code int, header http.Header, body []byte) *http.Response
- func ServeInMemory(w http.ResponseWriter, code int, header http.Header, body []byte) error
- func ServeResponse(w http.ResponseWriter, resp *http.Response) error
- func SignHosts(ca tls.Certificate, hosts []string) (*tls.Certificate, error)
- type CaSigner
- type ConnResponseWriter
- type ConnectAction
- type Context
- type Error
- type Proxy
Constants ¶
const ( // ConnectNone specifies that proxy request is not CONNECT. // If it returned in OnConnect, proxy connection closes immediately. ConnectNone = ConnectAction(iota) // ConnectProxy specifies directly socket proxy after the CONNECT. ConnectProxy // ConnectMitm specifies proxy "Man in the Middle" style attack // after the CONNECT. ConnectMitm )
Constants of ConnectAction type.
Variables ¶
var ( ErrPanic = NewError("panic") ErrResponseWrite = NewError("response write") ErrRequestRead = NewError("request read") ErrRemoteConnect = NewError("remote connect") ErrNotSupportHijacking = NewError("hijacking not supported") ErrTLSSignHost = NewError("TLS sign host") ErrTLSHandshake = NewError("TLS handshake") ErrAbsURLAfterCONNECT = NewError("absolute URL after CONNECT") ErrRoundTrip = NewError("round trip") ErrUnsupportedTransferEncoding = NewError("unsupported transfer encoding") ErrNotSupportHTTPVer = NewError("http version not supported") )
Library specific errors.
var DefaultCaCert = []byte(`-----BEGIN CERTIFICATE-----
MIIFkzCCA3ugAwIBAgIJAKEbW2ujNjX9MA0GCSqGSIb3DQEBCwUAMGAxCzAJBgNV
BAYTAlRSMREwDwYDVQQIDAhJc3RhbmJ1bDEVMBMGA1UECgwMZ28taHR0cHByb3h5
MRIwEAYDVQQLDAlodHRwcHJveHkxEzARBgNVBAMMCmdpdGh1Yi5jb20wHhcNMTgw
MjAyMTMwNTE3WhcNMzgwMTI4MTMwNTE3WjBgMQswCQYDVQQGEwJUUjERMA8GA1UE
CAwISXN0YW5idWwxFTATBgNVBAoMDGdvLWh0dHBwcm94eTESMBAGA1UECwwJaHR0
cHByb3h5MRMwEQYDVQQDDApnaXRodWIuY29tMIICIjANBgkqhkiG9w0BAQEFAAOC
Ag8AMIICCgKCAgEA18cwaaZzhdDEpUXpR9pkYRqsSdT30WhynFhFtcaBOf4eYdpt
AJWL2ipo3Ac6bh+YgWfywG4prrSfWOJl+dQ59w439vLek/waBcEeFx+wJ6PFu0ur
84T0vrCaiXaHfUA6c9hiuoHCNFkGgO/q1gdmGXD27Sn9MKyqVprXhqO29Kz9lu4p
T6FpEarEevfq8MvYtg+73ESwCwv10yITFVWpqvO2LkShJ39uvJ3EN4Y44SXQOT0m
za71dL9OcWeTzx0mJKmsIZzzSfNKPgqn8TJzHa1u3DhO9L+GN9VNz5bCPjOmjM2z
dS5ditgyxTY3YaTsR/G8SW9drEeD3hbjx+1/9W/XURacfnBdNUcIUyvUPwV3V5Ht
IIJR4bz/vIQ/8QFbTi5ddS69bmvJ6PhI2pSc/RxWQVMLjc+cmsUMHiKtoM9QAn7C
6/As+YLBQYZ0+sJUcFFcIayVzi8bwQ09yY8R0U5xXGvDYapVJUMZufy8UKOQxAP2
Y2wEJAEFxUPoMozTlkxwZdvhDq/JwdCuc94cXLQ8oCu8zVgajb8WfYPKgwviHyZ+
2rH7JDuumzigo1dqMSNHUPPohnsjAeNpXFu5bvTRAVLEO4aggPHtlyBDilxT1Bar
oyC3UQzcjvD8/yYnO9BTJXNNBfNbTVxi6UqMUMDnJccuZOXO02DbW8uI/hECAwEA
AaNQME4wHQYDVR0OBBYEFIGx22SSLgTh1NCzKxg4uTUfahqiMB8GA1UdIwQYMBaA
FIGx22SSLgTh1NCzKxg4uTUfahqiMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEL
BQADggIBAIMxUgLHrc1e4JDsttJfU9BlWI3y2kX90ss1r84pUq+Cg9pneRl5iq6K
xFVg1dP5lSQAhn0EQvGLfcoCRO98u+HoWCIkJTFNZppVQY+LXNXf1kfVkFNQzonU
8i5FKzo3HDXsSPTCLN7TctnMg31OsaIO75ryIPjmkUZe9xn9g0qvDa8kMrNwRCKX
N9Xk9uXUHhM/Mf+3gknAiEBfjFnWIfw87y63jI4c98XBhxbGzcoonxNNa0ql7yrx
knQ7ST2huX4HTvN//lzmgcNWzvPg/sdbr9JTFZyPKCcWGrLsG2uN2g1/P6Mi1T/M
ToXw/R9Lu0AK2h1o7FJjoJndokH7Ha0fShpCbfEYieTNvZbwkpzMYR8+IEFPkvKm
Dox1P6CqdLNyHBikLCxcQM7AQmuijdciXyYwHOVr/1r0jZqM0zI51t9Kyuw5kn0K
b2Ir0ERgrXx8eMQBrW6eseIAtqSHXDK+RKkU38xnYTBe6Jbg6r1F8zk/mzUye4IO
34LC38AY9if1kCwegkEFMmaTY8Z4YD3sxmezvEbxeWaHk4TfMGISmKQ3U41T2yEJ
Ii9Vb07WDMQXou0ZZs7rnjAKo+sfFElTFewtS1wif4ZYBUJN1ln9G8qKaxbAiElm
MgzNfZ7WlnaJf2rfHJbvK9VqJ9z6dLRYPjCHhakJBtzsMdxysEGJ
-----END CERTIFICATE-----`)
DefaultCaCert provides default CA certificate.
var DefaultCaKey = []byte(`-----BEGIN RSA PRIVATE KEY-----
MIIJKQIBAAKCAgEA18cwaaZzhdDEpUXpR9pkYRqsSdT30WhynFhFtcaBOf4eYdpt
AJWL2ipo3Ac6bh+YgWfywG4prrSfWOJl+dQ59w439vLek/waBcEeFx+wJ6PFu0ur
84T0vrCaiXaHfUA6c9hiuoHCNFkGgO/q1gdmGXD27Sn9MKyqVprXhqO29Kz9lu4p
T6FpEarEevfq8MvYtg+73ESwCwv10yITFVWpqvO2LkShJ39uvJ3EN4Y44SXQOT0m
za71dL9OcWeTzx0mJKmsIZzzSfNKPgqn8TJzHa1u3DhO9L+GN9VNz5bCPjOmjM2z
dS5ditgyxTY3YaTsR/G8SW9drEeD3hbjx+1/9W/XURacfnBdNUcIUyvUPwV3V5Ht
IIJR4bz/vIQ/8QFbTi5ddS69bmvJ6PhI2pSc/RxWQVMLjc+cmsUMHiKtoM9QAn7C
6/As+YLBQYZ0+sJUcFFcIayVzi8bwQ09yY8R0U5xXGvDYapVJUMZufy8UKOQxAP2
Y2wEJAEFxUPoMozTlkxwZdvhDq/JwdCuc94cXLQ8oCu8zVgajb8WfYPKgwviHyZ+
2rH7JDuumzigo1dqMSNHUPPohnsjAeNpXFu5bvTRAVLEO4aggPHtlyBDilxT1Bar
oyC3UQzcjvD8/yYnO9BTJXNNBfNbTVxi6UqMUMDnJccuZOXO02DbW8uI/hECAwEA
AQKCAgAGxPD334jwQcRpiu/umSNdCIEvL8c2gphV308QjNGxCA/b8gZJZmekyH/R
p0hl/AfEx4YOE2arXG9DUpbwZ4AKCCApVyU0b0xBsfVHtG7KT5D8dztFwH4NHW07
ssQ9Ya5zw+4U+80j50cU9HHhlQnW8nxMpGyVAlW1sdXhG3G561NpUL9rCB1LuJfB
Y9WzCDIcRBIYru726cEkhoUivjU8b7jfarfDjXPj5u8o7sUKCy2lHg4BleONbhL/
68fvT3LK46fKxim7wC4sFBmAr5x86dv4fKu9ceS8C60NPiWJ3gTzleBzZKj6mh29
oh3KqmnfN+44P44owXWZmg47T3AcLEK8DNZvQe9pRWqLf3k9bTHjmYrQjhcEhZSB
3uacN6vXA64nEGZQVBHYvl3GRJTvV0eGoJrHbr1EGlT/bo/vpSbwCB5BNvHbmET1
/7mUqP9zDA2o+/mZZ9QvKg0nRuksmw8NdCtATAQbZKiKOgocKWFeJt3VruL9Xhc4
ACCjF1kRbIIcpexuXMhLeu+57kM/IuJ7HV+ppWDljQ60soT/FFG+Rc/XMrYQVSpt
NtcAd9bChlQAS1N/MD+rBA5BN28RvxKdPvQ5v3GiPTebPYsrQfQjYYNFJ/K1Nr+J
LbYafURRw2hr7mrLCuNcjYlXCbiT4kLukpyDlB67/EUqetl3IQKCAQEA/qcpI3Sb
P6X++XJfrTw9jzFMQAPxzjH2TI2T2GJm6cbeZ53sp17wyRTIlz1xsOB63VDbsdrz
VZwDPEBf1ggn5xpM7rF6Rk6JuvG6Dz3Mb2Wz1ApTgyMQgmG1gWtdWvX6RuDOC7H4
U4IoRJXkoe5dbku7bKSXFnqkQMZs9XnmWRp0D53oDuC/7gU/V6vTODS9ATcikCRF
ohQHdgVqMJUJJsUQMSjKcrEH6IrUi5ukaO6QzPC1JAzTcjVvtT3seqjadYQ54hNP
Wgdsa9m43g7i/sAqwxIzimsfweUZpZRBOLP7ji7alvVZUkUUyXn89fwIArZIXMhW
COELOXW2rgc6RwKCAQEA2OtixgWChYz573nyPz+87OVSnNEDwh+YMJEbTC3WAqeG
vyHOb8n62TkCeCO8RPTMbfqzT1V0b3TIZMyFE/JlWPJTEMeQ5EG7OE1BJ5RE6dRV
dEQ6iMDDeTqrJK9kuYf6XMZIPxvQB5VNlW8Nz84sjD0fePCb7tqmdvXe3MuH+G9T
WUTmY0d+a0X4m3mN+O7rouHhPJ6g+2+/UYBr0379N7Ao6Z4n1gr6DhCNvW2sZhyz
oDvinpOqmYGVs311JcK8kq3cKci95XQDu6NAO25UDPearWrI1hDHhiRKzf0jHGpo
Iv2GxZc+WZDP3uBifHSw+xnZvLD92acLg+ROc61Y5wKCAQEA1fln297zRHwaz0eH
lWz03QkzZObrm7LnnlOoUz3785ui7bYJUGm6MXxBQLPkgBdfpe93au7rYJgDL/F3
lcSsose6tSZz8/eyS18qU/w9d60heZ5jpeEk0il/9gtdGj1t23iyKamVW7YWV+sL
ffVolHEWP6fdPIo40iTpESsont5Xf3fTsgyvuTS3kNdUV/oYhpjpdezEhfgGfOj3
3XKdifI0NNptogmW95MQHW7eqz0qdsobqvsMAP9dqhEqT7bqOaytZoWLO77ZH5aG
fDBOFHksdVUp8bkpqibzceotE5RIX6SHECmAsFxTpyfVomvv3zeDflLn1/YhFFsQ
8RIpqQKCAQAx2ndK93014F6Y0TgBnU54S4QfElKAzO4XS2IwseAboBDx4H0naA5E
2jtdDSl516EcLaAEPamS7A4aTH7RRMZSGO9KTfNY4lp66BZvWD42V1yEaiHhyBuk
wv0OY1kM4tmBdPipuGSpOYEpNOrBtaq7WFjhXLsZvBrCAGQF7qkDSeKoA5PHgWjm
kqA+a0Nb0N1LBArV+ccZwmb//jnJ08eygsQEXRresIsjrF5HCOu0VChcTScaNung
ec3EALNpyEW6mEafO8mY8H7jIvPiNMsQZ9+et4oM2LJie/jNOr5VC4d/czEEPGxR
/Vwo5vz7iX4bV6eZHDxbR274EwKMx2xFAoIBAQDlHsidPhfVElXBV1uAfUdQ92LA
b5gmAorx104YYauJ8A8cB3hJ7+pItgxsiUF+SAtlpt/rL3H9MD5m5eLZudFv7NsF
E+4WIvzSesF/LS+zVQ7UuFkiXPnUvdlXmnZRR8RdtM6n/xnBU2r3ta7Yq6EV/6nE
GK7KSSnouV5LAtvyDVTu+b6IAguOiIW6d+9T4H3QwnnQeyKE+5NWc3fB4dPqc5AS
s39uFDUnxsMb2Nl3JcNJHYBTm9ubjAZSo/3NuB0z/Gm+ssOcExTD//vW7BxxSAcs
/xlPPTPbY5qoMAT7kK71kd4Ypnqbcs3UPpAHtcPkjWpuWOlebK0J7UYToj4f
-----END RSA PRIVATE KEY-----`)
DefaultCaKey provides default CA key.
Functions ¶
func InMemoryResponse ¶
InMemoryResponse creates new HTTP response given arguments.
func ServeInMemory ¶
ServeInMemory serves HTTP response given arguments to http.ResponseWriter.
func ServeResponse ¶
func ServeResponse(w http.ResponseWriter, resp *http.Response) error
ServeResponse serves HTTP response to http.ResponseWriter.
func SignHosts ¶
func SignHosts(ca tls.Certificate, hosts []string) (*tls.Certificate, error)
SignHosts generates TLS certificate given hosts, signed by CA certificate.
Types ¶
type CaSigner ¶
type CaSigner struct { // Ca specifies CA certificate. You must set before using. Ca *tls.Certificate // contains filtered or unexported fields }
CaSigner is a certificate signer by CA certificate. It supports caching.
func NewCaSignerCache ¶
NewCaSignerCache returns a new CaSigner with caching given max.
type ConnResponseWriter ¶
ConnResponseWriter implements http.ResponseWriter interface to use hijacked HTTP connection.
func NewConnResponseWriter ¶
func NewConnResponseWriter(conn net.Conn) *ConnResponseWriter
NewConnResponseWriter returns a new ConnResponseWriter.
func (*ConnResponseWriter) Close ¶
func (c *ConnResponseWriter) Close() error
Close closes network connection.
func (*ConnResponseWriter) Header ¶
func (c *ConnResponseWriter) Header() http.Header
Header returns the header map that will be sent by WriteHeader.
func (*ConnResponseWriter) Write ¶
func (c *ConnResponseWriter) Write(body []byte) (int, error)
Write writes the data to the connection as part of an HTTP reply.
func (*ConnResponseWriter) WriteHeader ¶
func (c *ConnResponseWriter) WriteHeader(statusCode int)
WriteHeader sends an HTTP response header with status code.
type Context ¶
type Context struct { // Pointer of Proxy struct handled this context. // It's using internally. Don't change in Context struct! Prx *Proxy // Session number of this context obtained from Proxy struct. SessionNo int64 // Sub session number of processing remote connection. SubSessionNo int64 // Original Proxy request. // It's using internally. Don't change in Context struct! Req *http.Request // Original Proxy request, if proxy request method is CONNECT. // It's using internally. Don't change in Context struct! ConnectReq *http.Request // Action of after the CONNECT, if proxy request method is CONNECT. // It's using internally. Don't change in Context struct! ConnectAction ConnectAction // Remote host, if proxy request method is CONNECT. // It's using internally. Don't change in Context struct! ConnectHost string // User data to use free. UserData interface{} // contains filtered or unexported fields }
Context keeps context of each proxy request.
type Error ¶
type Error struct {
ErrString string
}
Error struct is base of library specific errors.
type Proxy ¶
type Proxy struct { // Session number of last proxy request. SessionNo int64 // RoundTripper interface to obtain remote response. // By default, it uses &http.Transport{}. Rt http.RoundTripper // Certificate key pair. Ca tls.Certificate // User data to use free. UserData interface{} // Error callback. OnError func(ctx *Context, where string, err *Error, opErr error) // Accept callback. It greets proxy request like ServeHTTP function of // http.Handler. // If it returns true, stops processing proxy request. OnAccept func(ctx *Context, w http.ResponseWriter, r *http.Request) bool // Auth callback. If you need authentication, set this callback. // If it returns true, authentication succeeded. OnAuth func(ctx *Context, authType string, user string, pass string) bool // Connect callback. It sets connect action and new host. // If len(newhost) > 0, host changes. OnConnect func(ctx *Context, host string) (ConnectAction ConnectAction, newHost string) // Request callback. It greets remote request. // If it returns non-nil response, stops processing remote request. OnRequest func(ctx *Context, req *http.Request) (resp *http.Response) // Response callback. It greets remote response. // Remote response sends after this callback. OnResponse func(ctx *Context, req *http.Request, resp *http.Response) // If ConnectAction is ConnectMitm, it sets chunked to Transfer-Encoding. // By default, true. MitmChunked bool // HTTP Authentication type. If it's not specified (""), uses "Basic". // By default, "". AuthType string // contains filtered or unexported fields }
Proxy defines parameters for running an HTTP Proxy. It implements http.Handler interface for ListenAndServe function. If you need, you must set Proxy struct before handling requests.
func NewProxyCert ¶
NewProxyCert returns a new Proxy given CA certificate and key.
Source Files ¶
Directories ¶
Path | Synopsis |
---|---|
examples
|
|
go-httpproxy-demo
go-httpproxy-demo is an example for HTTP and HTTPS web proxy.
|
go-httpproxy-demo is an example for HTTP and HTTPS web proxy. |