![]() After that the caller is responsible to manage such connection (HTTP library won’t do it anymore). Hijacker interface allows to take over the connection. Implementation package main import ( "crypto/tls" "flag" "io" "log" "net" "net/http" "time" ) func handleTunneling(w http.ResponseWriter, r *http.Request) The role of proxy is to handle HTTP request, pass such request to destination server and send response back to the client. To support HTTP we’ll use built-in HTTP server and client. In OS X it can be done with Keychain Access. It’s required to convince your OS to trust such certificate. To generate one use such script: #!/usr/bin/env bash case `uname -s` in Linux*) sslConfig=/etc/ssl/openssl.cnf Darwin*) sslConfig=/System/Library/OpenSSL/openssl.cnf esac openssl req \ -newkey rsa:2048 \ -x509 \ -nodes \ -keyout server.key \ -new \ -out server.pem \ -subj /CN=localhost \ -reqexts SAN \ -extensions SAN \ -config <(cat $sslConfig \ <(printf '\nsubjectAltName=DNS:localhost')) \ -sha256 \ -days 3650 For the purpose of this post let’s use self-signed certificate. Our proxy will be an HTTPS server (when -proto https will be used) so we need certificate and private key. ![]() When such tunnel consisting of two TCP connections is ready, client starts regular TLS handshake with destination server to establish secure connection and later send requests and receive responses. ![]() First client sends request using HTTP CONNECT method to set up the tunnel between the client and destination server. HTTPS is different as it’ll use technique called HTTP CONNECT tunneling. All we need for that is built-in HTTP server and client ( net/http). Handling of HTTP is a matter of parsing request, passing such request to destination server, reading response and passing it back to the client. The goal is to implement a proxy server for HTTP and HTTPS. HTTP(S) Proxy in Golang in less than 100 lines of code
0 Comments
Leave a Reply. |