Starts work on https as well as some moving about
I now start the listener in the main.c file rather than proxy given that
I didn't feel proxy was the right place if a normal (non-proxied)
request came in. webserver.{c,h} and proxy.{c,h} had some changes
relating to this.
The config changed slightly - we now create a folder in ~/.config/
called yaip. This is where certificates and so on will be stored along
with the user configuration
I created a helper function to get files inside this directory (it
changes based on xdg_config_home) and updated relevant tests.
In ssl.{c,h} I have started work. If they don't exist, the tool now
creates and stores a key and certificate for the CA that this tool will
need to pretend to be. I still need to write tests for this.
This commit is contained in:
Jonathan Hodgson
parent
6eaad263be
commit
bb62ed3b1f
14 changed files with 366 additions and 100 deletions
69
src/proxy.c
69
src/proxy.c
|
|
@ -38,37 +38,50 @@ Response *upstreamGetResponse(Request *request){
|
|||
|
||||
}
|
||||
|
||||
int proxy_startListener(unsigned int port){
|
||||
//we need to act as an http server
|
||||
int server_fd;
|
||||
struct sockaddr_in address;
|
||||
memset( &address, 0, sizeof(address) );
|
||||
int addrlen = sizeof(address);
|
||||
Response *response;
|
||||
char *responseStr;
|
||||
void proxyRequest(Request *request, int client){
|
||||
|
||||
// Creating socket file descriptor
|
||||
if ((server_fd = socket(AF_INET, SOCK_STREAM, 0)) == 0) {
|
||||
perror("socket failed");
|
||||
return -1;
|
||||
}
|
||||
if ( strcmp( request->method, "CONNECT" ) == 0 ){
|
||||
// If it is a connect request, we are dealing with https
|
||||
|
||||
address.sin_family = AF_INET;
|
||||
address.sin_addr.s_addr = INADDR_ANY;
|
||||
address.sin_port = htons( port );
|
||||
// I am basically doing the same thing that mitmproxy does here
|
||||
// We start by responding with 200 Connection Established which
|
||||
// in a normal proxy would mean that we have established a
|
||||
// connection with the remote host. However, we haven't because we
|
||||
// are going to pretend to be the host to the client and pretend to
|
||||
// be the client to the host
|
||||
|
||||
// Forcefully attaching socket to the port 8080
|
||||
if (bind(server_fd, (struct sockaddr *)&address, sizeof(address)) != 0) {
|
||||
perror("bind failed");
|
||||
return -1;
|
||||
}
|
||||
|
||||
if (listen(server_fd, 3) != 0) {
|
||||
perror("listen");
|
||||
return -1;
|
||||
}
|
||||
|
||||
return server_fd;
|
||||
Response *response = newResponse();
|
||||
connectionEstablished(response);
|
||||
char *responseStr = responseToString(response);
|
||||
send(client , responseStr, strlen(responseStr) , 0 );
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
//SSL_CTX *ctx;
|
||||
//SSL *ssl;
|
||||
//char buf[1024] = {0};
|
||||
//int bytes;
|
||||
|
||||
//SSL_library_init();
|
||||
//ctx = InitServerCTX(config);
|
||||
//ssl = SSL_new(ctx);
|
||||
//SSL_set_fd( ssl, client );
|
||||
|
||||
//if ( SSL_accept(ssl) == -1 ){
|
||||
// ERR_print_errors_fp(stderr);
|
||||
//} else {
|
||||
// bytes = SSL_read(ssl, buf, sizeof(buf));
|
||||
// buf[bytes] = '\0';
|
||||
// printf("%s", buf);
|
||||
//}
|
||||
|
||||
} else {
|
||||
Response *response = upstreamGetResponse(request);
|
||||
char *responseStr = responseToString( response );
|
||||
send(client , responseStr, strlen(responseStr) , 0 );
|
||||
free( responseStr );
|
||||
freeResponse( response );
|
||||
}
|
||||
}
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue