The proxy can now sit between a client and a https web server. It does
this by looking for a CONNECT request that conventional proxies use to
open a tunnel between a client and an https server. Instead of opening
an opaque tunnel, yaip immediately sends bacck a "connection
established" response. This tells the client (browser normally) to
proceed and initiate an HTTPS connection.
I use the host that was send in the connect request to set up a fake SSL
server. If we have seen the domain before, we re-use the certificate,
otherwise we generate a new one and sign it using YAIP's built in
certificate authority.
I still need to do work on forwarding the request upstream. This is my
next job. Currently, yaip responds with a valid response of "it worked".
```
$ curl https://example.com --cacert ~/.config/yaip/cert.pem
It worked
```
Notice, we don't get any certificate errors because we are telling curl
to trust the authority that yaip uses
Yaip is now able to generate simple SSL certificates for a given host.
I don't currently add any extensions to the certificates (such as
alternative names). When I get to testing it with a browser I'll see
what browsers require. However, I think I'll probably generate
certificates for each host, including sub domains, to make life easier
searching.
I've also added a util function to count lines in a file that was used
for testing some of the ssl functions.
making requests to something like example.com over a non-encrypted
connection now works. Binary files are unlikely to work at the moment
although I haven't tried. Also, non-encrypted doesn't work.
I have also changed a little about how tests work. Requests tests now
display much better.
Jonathan Hodgson