Initial https proxy work
The proxy can now sit between a client and a https web server. It does this by looking for a CONNECT request that conventional proxies use to open a tunnel between a client and an https server. Instead of opening an opaque tunnel, yaip immediately sends bacck a "connection established" response. This tells the client (browser normally) to proceed and initiate an HTTPS connection. I use the host that was send in the connect request to set up a fake SSL server. If we have seen the domain before, we re-use the certificate, otherwise we generate a new one and sign it using YAIP's built in certificate authority. I still need to do work on forwarding the request upstream. This is my next job. Currently, yaip responds with a valid response of "it worked". ``` $ curl https://example.com --cacert ~/.config/yaip/cert.pem It worked ``` Notice, we don't get any certificate errors because we are telling curl to trust the authority that yaip uses
This commit is contained in:
Jonathan Hodgson
parent
1beca38af6
commit
dd71d26245
15 changed files with 330 additions and 109 deletions
|
|
@ -83,6 +83,7 @@ void requestFirstLine( Request *req, char line[] ){
|
|||
}
|
||||
|
||||
if ( strlen(req->protocol) == 0 ){
|
||||
free(req->protocol);
|
||||
if ( req->port == 443 )
|
||||
req->protocol = strdup("https");
|
||||
else
|
||||
|
|
@ -122,6 +123,39 @@ Request* newRequestFromSocket(int socket){
|
|||
return req;
|
||||
}
|
||||
|
||||
Request* newRequestFromString(char *string){
|
||||
// We don't want to modify the original string
|
||||
char *str = strdup(string);
|
||||
Request *req = newRequest();
|
||||
int valread;
|
||||
|
||||
//Find the new line
|
||||
char *occurance = strchr( str, '\n' );
|
||||
occurance[0] = '\0';
|
||||
requestFirstLine(req, str);
|
||||
str = occurance + 1;
|
||||
|
||||
occurance = strchr( str, '\n' );
|
||||
occurance[0] = '\0';
|
||||
|
||||
while ( strlen(str) > 1 ){
|
||||
requestAddHeader( req, str );
|
||||
str = occurance + 1;
|
||||
occurance = strchr( str, '\n' );
|
||||
occurance[0] = '\0';
|
||||
}
|
||||
|
||||
//TODO: make requests work with a body
|
||||
//contentLength = getHeader( req->headers, "content-length" );
|
||||
|
||||
//if ( contentLength != NULL ){
|
||||
// printf( "Content length is %i\n", atoi(contentLength->value) );
|
||||
//}
|
||||
|
||||
return req;
|
||||
|
||||
}
|
||||
|
||||
char* requestToString( Request *req){
|
||||
unsigned int fullLength = strlen(req->method) + 1 + sizeof( req->path ) +
|
||||
//11 = [space]http/1.1\r\n
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue