documentation: hijack https connection

nilleb · Jun 2, 2016 · ba35961 · ba35961
1 parent b485c0b
commit ba35961
Showing 1 changed file with 27 additions and 1 deletion.
diff --git a/gssapi-proxy.go b/gssapi-proxy.go
@@ -115,10 +115,36 @@ func main() {
         }
         os.Exit(0)
     }
-
 
     proxy := goproxy.NewProxyHttpServer()
 
+    /*
+    hijack connect: intercept the request, add the Proxy-Authorization header then send it to the remote host
+    proxy.OnRequest().HijackConnect(func(req *http.Request, client net.Conn, ctx *goproxy.ProxyCtx) {
+		defer func() {
+			if e := recover(); e != nil {
+				ctx.Logf("error connecting to remote: %v", e)
+				client.Write([]byte("HTTP/1.1 500 Cannot reach destination\r\n\r\n"))
+			}
+			client.Close()
+		}()
+		clientBuf := bufio.NewReadWriter(bufio.NewReader(client), bufio.NewWriter(client))
+		remote, err := net.Dial("tcp", req.URL.Host)
+		orPanic(err)
+		remoteBuf := bufio.NewReadWriter(bufio.NewReader(remote), bufio.NewWriter(remote))
+		for {
+			req, err := http.ReadRequest(clientBuf.Reader)
+			orPanic(err)
+			orPanic(req.Write(remoteBuf))
+			orPanic(remoteBuf.Flush())
+			resp, err := http.ReadResponse(remoteBuf.Reader, req)
+			orPanic(err)
+			orPanic(resp.Write(clientBuf.Writer))
+			orPanic(clientBuf.Flush())
+		}
+	})
+    */
+
     // behave as a MITM
     // the client fails with a TrustFailure (Le certificat distant n'est pas valide selon la procédure de validation.)
     // probably because the client expects an SSL Hello, but it receives a plain HTTP response