Documentation
¶
Overview ¶
Package mitm provides a facility for man-in-the-middling pairs of connections.
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Interceptor ¶
type Interceptor struct {
// contains filtered or unexported fields
}
Interceptor provides a facility for MITM'ing pairs of connections.
func Configure ¶
func Configure(opts *Opts) (*Interceptor, error)
Configure creates an MITM that can man-in-the-middle a pair of connections. The hostname is determined using SNI. If no SNI header is present, then the connection is not MITM'ed. The primary key and certificate used to generate and sign MITM certificates are auto-created if not already present.
func (*Interceptor) MITM ¶
func (ic *Interceptor) MITM(downstream net.Conn, upstream net.Conn) (newDown net.Conn, newUp net.Conn, success bool, err error)
MITM man-in-the-middles a pair of connections, returning the connections that should be used in place of the originals. If the original connections can't be MITM'ed but can continue to be used as-is, those will be returned.
type Opts ¶
type Opts struct { // PKFile: the PEM-encoded file to use as the primary key for this server PKFile string // CertFile: the PEM-encoded X509 certificate to use for this server (must match PKFile) CertFile string // Organization: Name of the organization to use on the generated CA cert for this (defaults to "Lantern") Organization string // Domains: list of domain names to use as Subject Alternate Names Domains []string // InstallCert: If true, the cert will be installed to the system's keystore InstallCert bool // InstallPrompt: the text to use when prompting the user to install the MITM // cert to the system's keystore. InstallPrompt string // WindowsPromptTitle: on windows, the certificate installation will actually // use a system-standard escalation prompt, but we can first prompt with a // dialog box using this title in order to prepare the user for what's coming. WindowsPromptTitle string // WindowsPromptBody: dialog body to go with WindowsPromptTitle WindowsPromptBody string // InstallCertResult: optional callback that gets invoked whenever the user is prompted to install a cert. // If err is nil, the cert was installed successfully InstallCertResult func(err error) // ServerTLSConfig: optional configuration for TLS server when MITMing (if nil, a sensible default is used) ServerTLSConfig *tls.Config // ClientTLSConfig: optional configuration for TLS client when MITMing (if nil, a sensible default is used) ClientTLSConfig *tls.Config }
Opts provides options to configure mitm