From f61c4245c18724dcac88f0ad9f347e82bbb57cd7 Mon Sep 17 00:00:00 2001 From: Mike Danese Date: Fri, 4 Nov 2022 22:14:46 +0000 Subject: [PATCH] vendor: removed unused dep github.com/elazarl/goproxy --- .../vendor/github.com/elazarl/goproxy/LICENSE | 31 -- go.mod | 1 - go.sum | 2 - staging/src/k8s.io/apimachinery/go.mod | 1 - staging/src/k8s.io/apimachinery/go.sum | 2 - staging/src/k8s.io/client-go/go.sum | 1 - .../src/k8s.io/code-generator/examples/go.sum | 1 - staging/src/k8s.io/kubectl/go.sum | 1 - vendor/github.com/elazarl/goproxy/.gitignore | 2 - vendor/github.com/elazarl/goproxy/LICENSE | 27 -- vendor/github.com/elazarl/goproxy/README.md | 122 ----- vendor/github.com/elazarl/goproxy/actions.go | 57 --- vendor/github.com/elazarl/goproxy/all.bash | 15 - vendor/github.com/elazarl/goproxy/ca.pem | 34 -- vendor/github.com/elazarl/goproxy/certs.go | 111 ----- vendor/github.com/elazarl/goproxy/chunked.go | 59 --- .../elazarl/goproxy/counterecryptor.go | 68 --- vendor/github.com/elazarl/goproxy/ctx.go | 87 ---- .../github.com/elazarl/goproxy/dispatcher.go | 325 -------------- vendor/github.com/elazarl/goproxy/doc.go | 100 ----- vendor/github.com/elazarl/goproxy/https.go | 421 ------------------ vendor/github.com/elazarl/goproxy/key.pem | 51 --- vendor/github.com/elazarl/goproxy/proxy.go | 166 ------- .../github.com/elazarl/goproxy/responses.go | 38 -- vendor/github.com/elazarl/goproxy/signer.go | 88 ---- vendor/modules.txt | 3 - 26 files changed, 1814 deletions(-) delete mode 100644 LICENSES/vendor/github.com/elazarl/goproxy/LICENSE delete mode 100644 vendor/github.com/elazarl/goproxy/.gitignore delete mode 100644 vendor/github.com/elazarl/goproxy/LICENSE delete mode 100644 vendor/github.com/elazarl/goproxy/README.md delete mode 100644 vendor/github.com/elazarl/goproxy/actions.go delete mode 100644 vendor/github.com/elazarl/goproxy/all.bash delete mode 100644 vendor/github.com/elazarl/goproxy/ca.pem delete mode 100644 vendor/github.com/elazarl/goproxy/certs.go delete mode 100644 vendor/github.com/elazarl/goproxy/chunked.go delete mode 100644 vendor/github.com/elazarl/goproxy/counterecryptor.go delete mode 100644 vendor/github.com/elazarl/goproxy/ctx.go delete mode 100644 vendor/github.com/elazarl/goproxy/dispatcher.go delete mode 100644 vendor/github.com/elazarl/goproxy/doc.go delete mode 100644 vendor/github.com/elazarl/goproxy/https.go delete mode 100644 vendor/github.com/elazarl/goproxy/key.pem delete mode 100644 vendor/github.com/elazarl/goproxy/proxy.go delete mode 100644 vendor/github.com/elazarl/goproxy/responses.go delete mode 100644 vendor/github.com/elazarl/goproxy/signer.go diff --git a/LICENSES/vendor/github.com/elazarl/goproxy/LICENSE b/LICENSES/vendor/github.com/elazarl/goproxy/LICENSE deleted file mode 100644 index 427bf4d71b4..00000000000 --- a/LICENSES/vendor/github.com/elazarl/goproxy/LICENSE +++ /dev/null @@ -1,31 +0,0 @@ -= vendor/github.com/elazarl/goproxy licensed under: = - -Copyright (c) 2012 Elazar Leibovich. All rights reserved. - -Redistribution and use in source and binary forms, with or without -modification, are permitted provided that the following conditions are -met: - - * Redistributions of source code must retain the above copyright -notice, this list of conditions and the following disclaimer. - * Redistributions in binary form must reproduce the above -copyright notice, this list of conditions and the following disclaimer -in the documentation and/or other materials provided with the -distribution. - * Neither the name of Elazar Leibovich. nor the names of its -contributors may be used to endorse or promote products derived from -this software without specific prior written permission. - -THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS -"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT -LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR -A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT -OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT -LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, -DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY -THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT -(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE -OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - -= vendor/github.com/elazarl/goproxy/LICENSE e2e14e5f5bd856768da39707ed93cd41 diff --git a/go.mod b/go.mod index 2181b14547d..7abf0543514 100644 --- a/go.mod +++ b/go.mod @@ -29,7 +29,6 @@ require ( github.com/davecgh/go-spew v1.1.1 github.com/docker/distribution v2.8.1+incompatible github.com/docker/go-units v0.5.0 - github.com/elazarl/goproxy v0.0.0-20180725130230-947c36da3153 github.com/emicklei/go-restful/v3 v3.9.0 github.com/evanphx/json-patch v4.12.0+incompatible github.com/fsnotify/fsnotify v1.6.0 diff --git a/go.sum b/go.sum index 139095825ef..55a48c212a7 100644 --- a/go.sum +++ b/go.sum @@ -221,8 +221,6 @@ github.com/docker/go-units v0.5.0/go.mod h1:fgPhTUdO+D/Jk86RDLlptpiXQzgHJF7gydDD github.com/docopt/docopt-go v0.0.0-20180111231733-ee0de3bc6815/go.mod h1:WwZ+bS3ebgob9U8Nd0kOddGdZWjyMGR8Wziv+TBNwSE= github.com/dustin/go-humanize v1.0.0 h1:VSnTsYCnlFHaM2/igO1h6X3HA71jcobQuxemgkq4zYo= github.com/dustin/go-humanize v1.0.0/go.mod h1:HtrtbFcZ19U5GC7JDqmcUSB87Iq5E25KnS6fMYU6eOk= -github.com/elazarl/goproxy v0.0.0-20180725130230-947c36da3153 h1:yUdfgN0XgIJw7foRItutHYUIhlcKzcSf5vDpdhQAKTc= -github.com/elazarl/goproxy v0.0.0-20180725130230-947c36da3153/go.mod h1:/Zj4wYkgs4iZTTu3o/KG3Itv/qCCa8VVMlb3i9OVuzc= github.com/emicklei/go-restful/v3 v3.9.0 h1:XwGDlfxEnQZzuopoqxwSEllNcCOM9DhhFyhFIIGKwxE= github.com/emicklei/go-restful/v3 v3.9.0/go.mod h1:6n3XBCmQQb25CM2LCACGz8ukIrRry+4bhvbpWn3mrbc= github.com/envoyproxy/go-control-plane v0.9.0/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4= diff --git a/staging/src/k8s.io/apimachinery/go.mod b/staging/src/k8s.io/apimachinery/go.mod index 5a2e71e5849..aade9d18c66 100644 --- a/staging/src/k8s.io/apimachinery/go.mod +++ b/staging/src/k8s.io/apimachinery/go.mod @@ -7,7 +7,6 @@ go 1.19 require ( github.com/armon/go-socks5 v0.0.0-20160902184237-e75332964ef5 github.com/davecgh/go-spew v1.1.1 - github.com/elazarl/goproxy v0.0.0-20180725130230-947c36da3153 github.com/evanphx/json-patch v4.12.0+incompatible github.com/gogo/protobuf v1.3.2 github.com/golang/protobuf v1.5.2 diff --git a/staging/src/k8s.io/apimachinery/go.sum b/staging/src/k8s.io/apimachinery/go.sum index 4a2aea98f71..1e1c754be66 100644 --- a/staging/src/k8s.io/apimachinery/go.sum +++ b/staging/src/k8s.io/apimachinery/go.sum @@ -9,8 +9,6 @@ github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSs github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/docopt/docopt-go v0.0.0-20180111231733-ee0de3bc6815/go.mod h1:WwZ+bS3ebgob9U8Nd0kOddGdZWjyMGR8Wziv+TBNwSE= -github.com/elazarl/goproxy v0.0.0-20180725130230-947c36da3153 h1:yUdfgN0XgIJw7foRItutHYUIhlcKzcSf5vDpdhQAKTc= -github.com/elazarl/goproxy v0.0.0-20180725130230-947c36da3153/go.mod h1:/Zj4wYkgs4iZTTu3o/KG3Itv/qCCa8VVMlb3i9OVuzc= github.com/envoyproxy/go-control-plane v0.9.1-0.20191026205805-5f8ba28d4473/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4= github.com/envoyproxy/protoc-gen-validate v0.1.0/go.mod h1:iSmxcyjqTsJpI2R4NaDN7+kN2VEUnK/pcBlmesArF7c= github.com/evanphx/json-patch v4.12.0+incompatible h1:4onqiflcdA9EOZ4RxV643DvftH5pOlLGNtQ5lPWQu84= diff --git a/staging/src/k8s.io/client-go/go.sum b/staging/src/k8s.io/client-go/go.sum index d8d2081b634..7a416342a91 100644 --- a/staging/src/k8s.io/client-go/go.sum +++ b/staging/src/k8s.io/client-go/go.sum @@ -45,7 +45,6 @@ github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSs github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/docopt/docopt-go v0.0.0-20180111231733-ee0de3bc6815/go.mod h1:WwZ+bS3ebgob9U8Nd0kOddGdZWjyMGR8Wziv+TBNwSE= -github.com/elazarl/goproxy v0.0.0-20180725130230-947c36da3153 h1:yUdfgN0XgIJw7foRItutHYUIhlcKzcSf5vDpdhQAKTc= github.com/emicklei/go-restful/v3 v3.9.0 h1:XwGDlfxEnQZzuopoqxwSEllNcCOM9DhhFyhFIIGKwxE= github.com/emicklei/go-restful/v3 v3.9.0/go.mod h1:6n3XBCmQQb25CM2LCACGz8ukIrRry+4bhvbpWn3mrbc= github.com/envoyproxy/go-control-plane v0.9.0/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4= diff --git a/staging/src/k8s.io/code-generator/examples/go.sum b/staging/src/k8s.io/code-generator/examples/go.sum index 15cce54701d..e0f1ce93117 100644 --- a/staging/src/k8s.io/code-generator/examples/go.sum +++ b/staging/src/k8s.io/code-generator/examples/go.sum @@ -47,7 +47,6 @@ github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSs github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/docopt/docopt-go v0.0.0-20180111231733-ee0de3bc6815/go.mod h1:WwZ+bS3ebgob9U8Nd0kOddGdZWjyMGR8Wziv+TBNwSE= -github.com/elazarl/goproxy v0.0.0-20180725130230-947c36da3153/go.mod h1:/Zj4wYkgs4iZTTu3o/KG3Itv/qCCa8VVMlb3i9OVuzc= github.com/emicklei/go-restful/v3 v3.8.0/go.mod h1:6n3XBCmQQb25CM2LCACGz8ukIrRry+4bhvbpWn3mrbc= github.com/emicklei/go-restful/v3 v3.9.0 h1:XwGDlfxEnQZzuopoqxwSEllNcCOM9DhhFyhFIIGKwxE= github.com/emicklei/go-restful/v3 v3.9.0/go.mod h1:6n3XBCmQQb25CM2LCACGz8ukIrRry+4bhvbpWn3mrbc= diff --git a/staging/src/k8s.io/kubectl/go.sum b/staging/src/k8s.io/kubectl/go.sum index a13bcaeca57..48f4acfd67d 100644 --- a/staging/src/k8s.io/kubectl/go.sum +++ b/staging/src/k8s.io/kubectl/go.sum @@ -57,7 +57,6 @@ github.com/daviddengcn/go-colortext v1.0.0/go.mod h1:zDqEI5NVUop5QPpVJUxE9UO10hR github.com/docker/distribution v2.8.1+incompatible h1:Q50tZOPR6T/hjNsyc9g8/syEs6bk8XXApsHjKukMl68= github.com/docker/distribution v2.8.1+incompatible/go.mod h1:J2gT2udsDAN96Uj4KfcMRqY0/ypR+oyYUYmja8H+y+w= github.com/docopt/docopt-go v0.0.0-20180111231733-ee0de3bc6815/go.mod h1:WwZ+bS3ebgob9U8Nd0kOddGdZWjyMGR8Wziv+TBNwSE= -github.com/elazarl/goproxy v0.0.0-20180725130230-947c36da3153 h1:yUdfgN0XgIJw7foRItutHYUIhlcKzcSf5vDpdhQAKTc= github.com/emicklei/go-restful/v3 v3.9.0 h1:XwGDlfxEnQZzuopoqxwSEllNcCOM9DhhFyhFIIGKwxE= github.com/emicklei/go-restful/v3 v3.9.0/go.mod h1:6n3XBCmQQb25CM2LCACGz8ukIrRry+4bhvbpWn3mrbc= github.com/envoyproxy/go-control-plane v0.9.0/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4= diff --git a/vendor/github.com/elazarl/goproxy/.gitignore b/vendor/github.com/elazarl/goproxy/.gitignore deleted file mode 100644 index 1005f6f1ecd..00000000000 --- a/vendor/github.com/elazarl/goproxy/.gitignore +++ /dev/null @@ -1,2 +0,0 @@ -bin -*.swp diff --git a/vendor/github.com/elazarl/goproxy/LICENSE b/vendor/github.com/elazarl/goproxy/LICENSE deleted file mode 100644 index 2067e567c9f..00000000000 --- a/vendor/github.com/elazarl/goproxy/LICENSE +++ /dev/null @@ -1,27 +0,0 @@ -Copyright (c) 2012 Elazar Leibovich. All rights reserved. - -Redistribution and use in source and binary forms, with or without -modification, are permitted provided that the following conditions are -met: - - * Redistributions of source code must retain the above copyright -notice, this list of conditions and the following disclaimer. - * Redistributions in binary form must reproduce the above -copyright notice, this list of conditions and the following disclaimer -in the documentation and/or other materials provided with the -distribution. - * Neither the name of Elazar Leibovich. nor the names of its -contributors may be used to endorse or promote products derived from -this software without specific prior written permission. - -THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS -"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT -LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR -A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT -OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT -LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, -DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY -THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT -(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE -OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. diff --git a/vendor/github.com/elazarl/goproxy/README.md b/vendor/github.com/elazarl/goproxy/README.md deleted file mode 100644 index 50d91efe3f0..00000000000 --- a/vendor/github.com/elazarl/goproxy/README.md +++ /dev/null @@ -1,122 +0,0 @@ -# Introduction - -[![GoDoc](https://godoc.org/github.com/elazarl/goproxy?status.svg)](https://godoc.org/github.com/elazarl/goproxy) -[![Join the chat at https://gitter.im/elazarl/goproxy](https://badges.gitter.im/Join%20Chat.svg)](https://gitter.im/elazarl/goproxy?utm_source=badge&utm_medium=badge&utm_campaign=pr-badge&utm_content=badge) - -Package goproxy provides a customizable HTTP proxy library for Go (golang), - -It supports regular HTTP proxy, HTTPS through CONNECT, and "hijacking" HTTPS -connection using "Man in the Middle" style attack. - -The intent of the proxy, is to be usable with reasonable amount of traffic -yet, customizable and programmable. - -The proxy itself is simply a `net/http` handler. - -In order to use goproxy, one should set their browser to use goproxy as an HTTP -proxy. Here is how you do that [in Chrome](https://support.google.com/chrome/answer/96815?hl=en) -and [in Firefox](http://www.wikihow.com/Enter-Proxy-Settings-in-Firefox). - -For example, the URL you should use as proxy when running `./bin/basic` is -`localhost:8080`, as this is the default binding for the basic proxy. - -## Mailing List - -New features would be discussed on the [mailing list](https://groups.google.com/forum/#!forum/goproxy-dev) -before their development. - -## Latest Stable Release - -Get the latest goproxy from `gopkg.in/elazarl/goproxy.v1`. - -# Why not Fiddler2? - -Fiddler is an excellent software with similar intent. However, Fiddler is not -as customizable as goproxy intend to be. The main difference is, Fiddler is not -intended to be used as a real proxy. - -A possible use case that suits goproxy but -not Fiddler, is, gathering statistics on page load times for a certain website over a week. -With goproxy you could ask all your users to set their proxy to a dedicated machine running a -goproxy server. Fiddler is a GUI app not designed to be ran like a server for multiple users. - -# A taste of goproxy - -To get a taste of `goproxy`, a basic HTTP/HTTPS transparent proxy - -```go -package main - -import ( - "github.com/elazarl/goproxy" - "log" - "net/http" -) - -func main() { - proxy := goproxy.NewProxyHttpServer() - proxy.Verbose = true - log.Fatal(http.ListenAndServe(":8080", proxy)) -} -``` - -This line will add `X-GoProxy: yxorPoG-X` header to all requests sent through the proxy - -```go -proxy.OnRequest().DoFunc( - func(r *http.Request,ctx *goproxy.ProxyCtx)(*http.Request,*http.Response) { - r.Header.Set("X-GoProxy","yxorPoG-X") - return r,nil - }) -``` - -`DoFunc` will process all incoming requests to the proxy. It will add a header to the request -and return it. The proxy will send the modified request. - -Note that we returned nil value as the response. Had we returned a response, goproxy would -have discarded the request and sent the new response to the client. - -In order to refuse connections to reddit at work time - -```go -proxy.OnRequest(goproxy.DstHostIs("www.reddit.com")).DoFunc( - func(r *http.Request,ctx *goproxy.ProxyCtx)(*http.Request,*http.Response) { - if h,_,_ := time.Now().Clock(); h >= 8 && h <= 17 { - return r,goproxy.NewResponse(r, - goproxy.ContentTypeText,http.StatusForbidden, - "Don't waste your time!") - } - return r,nil -}) -``` - -`DstHostIs` returns a `ReqCondition`, that is a function receiving a `Request` and returning a boolean -we will only process requests that matches the condition. `DstHostIs("www.reddit.com")` will return -a `ReqCondition` accepting only requests directed to "www.reddit.com". - -`DoFunc` will receive a function that will preprocess the request. We can change the request, or -return a response. If the time is between 8:00am and 17:00pm, we will neglect the request, and -return a precanned text response saying "do not waste your time". - -See additional examples in the examples directory. - -# What's New - -1. Ability to `Hijack` CONNECT requests. See -[the eavesdropper example](https://github.com/elazarl/goproxy/blob/master/examples/goproxy-eavesdropper/main.go#L27) -2. Transparent proxy support for http/https including MITM certificate generation for TLS. See the [transparent example.](https://github.com/elazarl/goproxy/tree/master/examples/goproxy-transparent) - -# License - -I put the software temporarily under the Go-compatible BSD license, -if this prevents someone from using the software, do let me know and I'll consider changing it. - -At any rate, user feedback is very important for me, so I'll be delighted to know if you're using this package. - -# Beta Software - -I've received a positive feedback from a few people who use goproxy in production settings. -I believe it is good enough for usage. - -I'll try to keep reasonable backwards compatibility. In case of a major API change, -I'll change the import path. diff --git a/vendor/github.com/elazarl/goproxy/actions.go b/vendor/github.com/elazarl/goproxy/actions.go deleted file mode 100644 index e1a3e7ff17e..00000000000 --- a/vendor/github.com/elazarl/goproxy/actions.go +++ /dev/null @@ -1,57 +0,0 @@ -package goproxy - -import "net/http" - -// ReqHandler will "tamper" with the request coming to the proxy server -// If Handle returns req,nil the proxy will send the returned request -// to the destination server. If it returns nil,resp the proxy will -// skip sending any requests, and will simply return the response `resp` -// to the client. -type ReqHandler interface { - Handle(req *http.Request, ctx *ProxyCtx) (*http.Request, *http.Response) -} - -// A wrapper that would convert a function to a ReqHandler interface type -type FuncReqHandler func(req *http.Request, ctx *ProxyCtx) (*http.Request, *http.Response) - -// FuncReqHandler.Handle(req,ctx) <=> FuncReqHandler(req,ctx) -func (f FuncReqHandler) Handle(req *http.Request, ctx *ProxyCtx) (*http.Request, *http.Response) { - return f(req, ctx) -} - -// after the proxy have sent the request to the destination server, it will -// "filter" the response through the RespHandlers it has. -// The proxy server will send to the client the response returned by the RespHandler. -// In case of error, resp will be nil, and ctx.RoundTrip.Error will contain the error -type RespHandler interface { - Handle(resp *http.Response, ctx *ProxyCtx) *http.Response -} - -// A wrapper that would convert a function to a RespHandler interface type -type FuncRespHandler func(resp *http.Response, ctx *ProxyCtx) *http.Response - -// FuncRespHandler.Handle(req,ctx) <=> FuncRespHandler(req,ctx) -func (f FuncRespHandler) Handle(resp *http.Response, ctx *ProxyCtx) *http.Response { - return f(resp, ctx) -} - -// When a client send a CONNECT request to a host, the request is filtered through -// all the HttpsHandlers the proxy has, and if one returns true, the connection is -// sniffed using Man in the Middle attack. -// That is, the proxy will create a TLS connection with the client, another TLS -// connection with the destination the client wished to connect to, and would -// send back and forth all messages from the server to the client and vice versa. -// The request and responses sent in this Man In the Middle channel are filtered -// through the usual flow (request and response filtered through the ReqHandlers -// and RespHandlers) -type HttpsHandler interface { - HandleConnect(req string, ctx *ProxyCtx) (*ConnectAction, string) -} - -// A wrapper that would convert a function to a HttpsHandler interface type -type FuncHttpsHandler func(host string, ctx *ProxyCtx) (*ConnectAction, string) - -// FuncHttpsHandler should implement the RespHandler interface -func (f FuncHttpsHandler) HandleConnect(host string, ctx *ProxyCtx) (*ConnectAction, string) { - return f(host, ctx) -} diff --git a/vendor/github.com/elazarl/goproxy/all.bash b/vendor/github.com/elazarl/goproxy/all.bash deleted file mode 100644 index 6503e73dc92..00000000000 --- a/vendor/github.com/elazarl/goproxy/all.bash +++ /dev/null @@ -1,15 +0,0 @@ -#!/bin/bash - -go test || exit -for action in $@; do go $action; done - -mkdir -p bin -find regretable examples/* ext/* -maxdepth 0 -type d | while read d; do - (cd $d - go build -o ../../bin/$(basename $d) - find *_test.go -maxdepth 0 2>/dev/null|while read f;do - for action in $@; do go $action; done - go test - break - done) -done diff --git a/vendor/github.com/elazarl/goproxy/ca.pem b/vendor/github.com/elazarl/goproxy/ca.pem deleted file mode 100644 index 62653dae878..00000000000 --- a/vendor/github.com/elazarl/goproxy/ca.pem +++ /dev/null @@ -1,34 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIF9DCCA9ygAwIBAgIJAODqYUwoVjJkMA0GCSqGSIb3DQEBCwUAMIGOMQswCQYD -VQQGEwJJTDEPMA0GA1UECAwGQ2VudGVyMQwwCgYDVQQHDANMb2QxEDAOBgNVBAoM -B0dvUHJveHkxEDAOBgNVBAsMB0dvUHJveHkxGjAYBgNVBAMMEWdvcHJveHkuZ2l0 -aHViLmlvMSAwHgYJKoZIhvcNAQkBFhFlbGF6YXJsQGdtYWlsLmNvbTAeFw0xNzA0 -MDUyMDAwMTBaFw0zNzAzMzEyMDAwMTBaMIGOMQswCQYDVQQGEwJJTDEPMA0GA1UE -CAwGQ2VudGVyMQwwCgYDVQQHDANMb2QxEDAOBgNVBAoMB0dvUHJveHkxEDAOBgNV -BAsMB0dvUHJveHkxGjAYBgNVBAMMEWdvcHJveHkuZ2l0aHViLmlvMSAwHgYJKoZI -hvcNAQkBFhFlbGF6YXJsQGdtYWlsLmNvbTCCAiIwDQYJKoZIhvcNAQEBBQADggIP -ADCCAgoCggIBAJ4Qy+H6hhoY1s0QRcvIhxrjSHaO/RbaFj3rwqcnpOgFq07gRdI9 -3c0TFKQJHpgv6feLRhEvX/YllFYu4J35lM9ZcYY4qlKFuStcX8Jm8fqpgtmAMBzP -sqtqDi8M9RQGKENzU9IFOnCV7SAeh45scMuI3wz8wrjBcH7zquHkvqUSYZz035t9 -V6WTrHyTEvT4w+lFOVN2bA/6DAIxrjBiF6DhoJqnha0SZtDfv77XpwGG3EhA/qoh -hiYrDruYK7zJdESQL44LwzMPupVigqalfv+YHfQjbhT951IVurW2NJgRyBE62dLr -lHYdtT9tCTCrd+KJNMJ+jp9hAjdIu1Br/kifU4F4+4ZLMR9Ueji0GkkPKsYdyMnq -j0p0PogyvP1l4qmboPImMYtaoFuYmMYlebgC9LN10bL91K4+jLt0I1YntEzrqgJo -WsJztYDw543NzSy5W+/cq4XRYgtq1b0RWwuUiswezmMoeyHZ8BQJe2xMjAOllASD -fqa8OK3WABHJpy4zUrnUBiMuPITzD/FuDx4C5IwwlC68gHAZblNqpBZCX0nFCtKj -YOcI2So5HbQ2OC8QF+zGVuduHUSok4hSy2BBfZ1pfvziqBeetWJwFvapGB44nIHh -WKNKvqOxLNIy7e+TGRiWOomrAWM18VSR9LZbBxpJK7PLSzWqYJYTRCZHAgMBAAGj -UzBRMB0GA1UdDgQWBBR4uDD9Y6x7iUoHO+32ioOcw1ICZTAfBgNVHSMEGDAWgBR4 -uDD9Y6x7iUoHO+32ioOcw1ICZTAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEB -CwUAA4ICAQAaCEupzGGqcdh+L7BzhX7zyd7yzAKUoLxFrxaZY34Xyj3lcx1XoK6F -AqsH2JM25GixgadzhNt92JP7vzoWeHZtLfstrPS638Y1zZi6toy4E49viYjFk5J0 -C6ZcFC04VYWWx6z0HwJuAS08tZ37JuFXpJGfXJOjZCQyxse0Lg0tuKLMeXDCk2Y3 -Ba0noeuNyHRoWXXPyiUoeApkVCU5gIsyiJSWOjhJ5hpJG06rQNfNYexgKrrraEin -o0jmEMtJMx5TtD83hSnLCnFGBBq5lkE7jgXME1KsbIE3lJZzRX1mQwUK8CJDYxye -i6M/dzSvy0SsPvz8fTAlprXRtWWtJQmxgWENp3Dv+0Pmux/l+ilk7KA4sMXGhsfr -bvTOeWl1/uoFTPYiWR/ww7QEPLq23yDFY04Q7Un0qjIk8ExvaY8lCkXMgc8i7sGY -VfvOYb0zm67EfAQl3TW8Ky5fl5CcxpVCD360Bzi6hwjYixa3qEeBggOixFQBFWft -8wrkKTHpOQXjn4sDPtet8imm9UYEtzWrFX6T9MFYkBR0/yye0FIh9+YPiTA6WB86 -NCNwK5Yl6HuvF97CIH5CdgO+5C7KifUtqTOL8pQKbNwy0S3sNYvB+njGvRpR7pKV -BUnFpB/Atptqr4CUlTXrc5IPLAqAfmwk5IKcwy3EXUbruf9Dwz69YA== ------END CERTIFICATE----- diff --git a/vendor/github.com/elazarl/goproxy/certs.go b/vendor/github.com/elazarl/goproxy/certs.go deleted file mode 100644 index 4731971e70b..00000000000 --- a/vendor/github.com/elazarl/goproxy/certs.go +++ /dev/null @@ -1,111 +0,0 @@ -package goproxy - -import ( - "crypto/tls" - "crypto/x509" -) - -func init() { - if goproxyCaErr != nil { - panic("Error parsing builtin CA " + goproxyCaErr.Error()) - } - var err error - if GoproxyCa.Leaf, err = x509.ParseCertificate(GoproxyCa.Certificate[0]); err != nil { - panic("Error parsing builtin CA " + err.Error()) - } -} - -var tlsClientSkipVerify = &tls.Config{InsecureSkipVerify: true} - -var defaultTLSConfig = &tls.Config{ - InsecureSkipVerify: true, -} - -var CA_CERT = []byte(`-----BEGIN CERTIFICATE----- -MIIF9DCCA9ygAwIBAgIJAODqYUwoVjJkMA0GCSqGSIb3DQEBCwUAMIGOMQswCQYD -VQQGEwJJTDEPMA0GA1UECAwGQ2VudGVyMQwwCgYDVQQHDANMb2QxEDAOBgNVBAoM -B0dvUHJveHkxEDAOBgNVBAsMB0dvUHJveHkxGjAYBgNVBAMMEWdvcHJveHkuZ2l0 -aHViLmlvMSAwHgYJKoZIhvcNAQkBFhFlbGF6YXJsQGdtYWlsLmNvbTAeFw0xNzA0 -MDUyMDAwMTBaFw0zNzAzMzEyMDAwMTBaMIGOMQswCQYDVQQGEwJJTDEPMA0GA1UE -CAwGQ2VudGVyMQwwCgYDVQQHDANMb2QxEDAOBgNVBAoMB0dvUHJveHkxEDAOBgNV -BAsMB0dvUHJveHkxGjAYBgNVBAMMEWdvcHJveHkuZ2l0aHViLmlvMSAwHgYJKoZI -hvcNAQkBFhFlbGF6YXJsQGdtYWlsLmNvbTCCAiIwDQYJKoZIhvcNAQEBBQADggIP -ADCCAgoCggIBAJ4Qy+H6hhoY1s0QRcvIhxrjSHaO/RbaFj3rwqcnpOgFq07gRdI9 -3c0TFKQJHpgv6feLRhEvX/YllFYu4J35lM9ZcYY4qlKFuStcX8Jm8fqpgtmAMBzP -sqtqDi8M9RQGKENzU9IFOnCV7SAeh45scMuI3wz8wrjBcH7zquHkvqUSYZz035t9 -V6WTrHyTEvT4w+lFOVN2bA/6DAIxrjBiF6DhoJqnha0SZtDfv77XpwGG3EhA/qoh -hiYrDruYK7zJdESQL44LwzMPupVigqalfv+YHfQjbhT951IVurW2NJgRyBE62dLr -lHYdtT9tCTCrd+KJNMJ+jp9hAjdIu1Br/kifU4F4+4ZLMR9Ueji0GkkPKsYdyMnq -j0p0PogyvP1l4qmboPImMYtaoFuYmMYlebgC9LN10bL91K4+jLt0I1YntEzrqgJo -WsJztYDw543NzSy5W+/cq4XRYgtq1b0RWwuUiswezmMoeyHZ8BQJe2xMjAOllASD -fqa8OK3WABHJpy4zUrnUBiMuPITzD/FuDx4C5IwwlC68gHAZblNqpBZCX0nFCtKj -YOcI2So5HbQ2OC8QF+zGVuduHUSok4hSy2BBfZ1pfvziqBeetWJwFvapGB44nIHh -WKNKvqOxLNIy7e+TGRiWOomrAWM18VSR9LZbBxpJK7PLSzWqYJYTRCZHAgMBAAGj -UzBRMB0GA1UdDgQWBBR4uDD9Y6x7iUoHO+32ioOcw1ICZTAfBgNVHSMEGDAWgBR4 -uDD9Y6x7iUoHO+32ioOcw1ICZTAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEB -CwUAA4ICAQAaCEupzGGqcdh+L7BzhX7zyd7yzAKUoLxFrxaZY34Xyj3lcx1XoK6F -AqsH2JM25GixgadzhNt92JP7vzoWeHZtLfstrPS638Y1zZi6toy4E49viYjFk5J0 -C6ZcFC04VYWWx6z0HwJuAS08tZ37JuFXpJGfXJOjZCQyxse0Lg0tuKLMeXDCk2Y3 -Ba0noeuNyHRoWXXPyiUoeApkVCU5gIsyiJSWOjhJ5hpJG06rQNfNYexgKrrraEin -o0jmEMtJMx5TtD83hSnLCnFGBBq5lkE7jgXME1KsbIE3lJZzRX1mQwUK8CJDYxye -i6M/dzSvy0SsPvz8fTAlprXRtWWtJQmxgWENp3Dv+0Pmux/l+ilk7KA4sMXGhsfr -bvTOeWl1/uoFTPYiWR/ww7QEPLq23yDFY04Q7Un0qjIk8ExvaY8lCkXMgc8i7sGY -VfvOYb0zm67EfAQl3TW8Ky5fl5CcxpVCD360Bzi6hwjYixa3qEeBggOixFQBFWft -8wrkKTHpOQXjn4sDPtet8imm9UYEtzWrFX6T9MFYkBR0/yye0FIh9+YPiTA6WB86 -NCNwK5Yl6HuvF97CIH5CdgO+5C7KifUtqTOL8pQKbNwy0S3sNYvB+njGvRpR7pKV -BUnFpB/Atptqr4CUlTXrc5IPLAqAfmwk5IKcwy3EXUbruf9Dwz69YA== ------END CERTIFICATE-----`) - -var CA_KEY = []byte(`-----BEGIN RSA PRIVATE KEY----- -MIIJKAIBAAKCAgEAnhDL4fqGGhjWzRBFy8iHGuNIdo79FtoWPevCpyek6AWrTuBF -0j3dzRMUpAkemC/p94tGES9f9iWUVi7gnfmUz1lxhjiqUoW5K1xfwmbx+qmC2YAw -HM+yq2oOLwz1FAYoQ3NT0gU6cJXtIB6Hjmxwy4jfDPzCuMFwfvOq4eS+pRJhnPTf -m31XpZOsfJMS9PjD6UU5U3ZsD/oMAjGuMGIXoOGgmqeFrRJm0N+/vtenAYbcSED+ -qiGGJisOu5grvMl0RJAvjgvDMw+6lWKCpqV+/5gd9CNuFP3nUhW6tbY0mBHIETrZ -0uuUdh21P20JMKt34ok0wn6On2ECN0i7UGv+SJ9TgXj7hksxH1R6OLQaSQ8qxh3I -yeqPSnQ+iDK8/WXiqZug8iYxi1qgW5iYxiV5uAL0s3XRsv3Urj6Mu3QjVie0TOuq -AmhawnO1gPDnjc3NLLlb79yrhdFiC2rVvRFbC5SKzB7OYyh7IdnwFAl7bEyMA6WU -BIN+prw4rdYAEcmnLjNSudQGIy48hPMP8W4PHgLkjDCULryAcBluU2qkFkJfScUK -0qNg5wjZKjkdtDY4LxAX7MZW524dRKiTiFLLYEF9nWl+/OKoF561YnAW9qkYHjic -geFYo0q+o7Es0jLt75MZGJY6iasBYzXxVJH0tlsHGkkrs8tLNapglhNEJkcCAwEA -AQKCAgAwSuNvxHHqUUJ3XoxkiXy1u1EtX9x1eeYnvvs2xMb+WJURQTYz2NEGUdkR -kPO2/ZSXHAcpQvcnpi2e8y2PNmy/uQ0VPATVt6NuWweqxncR5W5j82U/uDlXY8y3 -lVbfak4s5XRri0tikHvlP06dNgZ0OPok5qi7d+Zd8yZ3Y8LXfjkykiIrSG1Z2jdt -zCWTkNmSUKMGG/1CGFxI41Lb12xuq+C8v4f469Fb6bCUpyCQN9rffHQSGLH6wVb7 -+68JO+d49zCATpmx5RFViMZwEcouXxRvvc9pPHXLP3ZPBD8nYu9kTD220mEGgWcZ -3L9dDlZPcSocbjw295WMvHz2QjhrDrb8gXwdpoRyuyofqgCyNxSnEC5M13SjOxtf -pjGzjTqh0kDlKXg2/eTkd9xIHjVhFYiHIEeITM/lHCfWwBCYxViuuF7pSRPzTe8U -C440b62qZSPMjVoquaMg+qx0n9fKSo6n1FIKHypv3Kue2G0WhDeK6u0U288vQ1t4 -Ood3Qa13gZ+9hwDLbM/AoBfVBDlP/tpAwa7AIIU1ZRDNbZr7emFdctx9B6kLINv3 -4PDOGM2xrjOuACSGMq8Zcu7LBz35PpIZtviJOeKNwUd8/xHjWC6W0itgfJb5I1Nm -V6Vj368pGlJx6Se26lvXwyyrc9pSw6jSAwARBeU4YkNWpi4i6QKCAQEA0T7u3P/9 -jZJSnDN1o2PXymDrJulE61yguhc/QSmLccEPZe7or06/DmEhhKuCbv+1MswKDeag -/1JdFPGhL2+4G/f/9BK3BJPdcOZSz7K6Ty8AMMBf8AehKTcSBqwkJWcbEvpHpKJ6 -eDqn1B6brXTNKMT6fEEXCuZJGPBpNidyLv/xXDcN7kCOo3nGYKfB5OhFpNiL63tw -+LntU56WESZwEqr8Pf80uFvsyXQK3a5q5HhIQtxl6tqQuPlNjsDBvCqj0x72mmaJ -ZVsVWlv7khUrCwAXz7Y8K7mKKBd2ekF5hSbryfJsxFyvEaWUPhnJpTKV85lAS+tt -FQuIp9TvKYlRQwKCAQEAwWJN8jysapdhi67jO0HtYOEl9wwnF4w6XtiOYtllkMmC -06/e9h7RsRyWPMdu3qRDPUYFaVDy6+dpUDSQ0+E2Ot6AHtVyvjeUTIL651mFIo/7 -OSUCEc+HRo3SfPXdPhSQ2thNTxl6y9XcFacuvbthgr70KXbvC4k6IEmdpf/0Kgs9 -7QTZCG26HDrEZ2q9yMRlRaL2SRD+7Y2xra7gB+cQGFj6yn0Wd/07er49RqMXidQf -KR2oYfev2BDtHXoSZFfhFGHlOdLvWRh90D4qZf4vQ+g/EIMgcNSoxjvph1EShmKt -sjhTHtoHuu+XmEQvIewk2oCI+JvofBkcnpFrVvUUrQKCAQAaTIufETmgCo0BfuJB -N/JOSGIl0NnNryWwXe2gVgVltbsmt6FdL0uKFiEtWJUbOF5g1Q5Kcvs3O/XhBQGa -QbNlKIVt+tAv7hm97+Tmn/MUsraWagdk1sCluns0hXxBizT27KgGhDlaVRz05yfv -5CdJAYDuDwxDXXBAhy7iFJEgYSDH00+X61tCJrMNQOh4ycy/DEyBu1EWod+3S85W -t3sMjZsIe8P3i+4137Th6eMbdha2+JaCrxfTd9oMoCN5b+6JQXIDM/H+4DTN15PF -540yY7+aZrAnWrmHknNcqFAKsTqfdi2/fFqwoBwCtiEG91WreU6AfEWIiJuTZIru -sIibAoIBAAqIwlo5t+KukF+9jR9DPh0S5rCIdvCvcNaN0WPNF91FPN0vLWQW1bFi -L0TsUDvMkuUZlV3hTPpQxsnZszH3iK64RB5p3jBCcs+gKu7DT59MXJEGVRCHT4Um -YJryAbVKBYIGWl++sZO8+JotWzx2op8uq7o+glMMjKAJoo7SXIiVyC/LHc95urOi -9+PySphPKn0anXPpexmRqGYfqpCDo7rPzgmNutWac80B4/CfHb8iUPg6Z1u+1FNe -yKvcZHgW2Wn00znNJcCitufLGyAnMofudND/c5rx2qfBx7zZS7sKUQ/uRYjes6EZ -QBbJUA/2/yLv8YYpaAaqj4aLwV8hRpkCggEBAIh3e25tr3avCdGgtCxS7Y1blQ2c -ue4erZKmFP1u8wTNHQ03T6sECZbnIfEywRD/esHpclfF3kYAKDRqIP4K905Rb0iH -759ZWt2iCbqZznf50XTvptdmjm5KxvouJzScnQ52gIV6L+QrCKIPelLBEIqCJREh -pmcjjocD/UCCSuHgbAYNNnO/JdhnSylz1tIg26I+2iLNyeTKIepSNlsBxnkLmqM1 -cj/azKBaT04IOMLaN8xfSqitJYSraWMVNgGJM5vfcVaivZnNh0lZBv+qu6YkdM88 -4/avCJ8IutT+FcMM+GbGazOm5ALWqUyhrnbLGc4CQMPfe7Il6NxwcrOxT8w= ------END RSA PRIVATE KEY-----`) - -var GoproxyCa, goproxyCaErr = tls.X509KeyPair(CA_CERT, CA_KEY) diff --git a/vendor/github.com/elazarl/goproxy/chunked.go b/vendor/github.com/elazarl/goproxy/chunked.go deleted file mode 100644 index 83654f65863..00000000000 --- a/vendor/github.com/elazarl/goproxy/chunked.go +++ /dev/null @@ -1,59 +0,0 @@ -// Taken from $GOROOT/src/pkg/net/http/chunked -// needed to write https responses to client. -package goproxy - -import ( - "io" - "strconv" -) - -// newChunkedWriter returns a new chunkedWriter that translates writes into HTTP -// "chunked" format before writing them to w. Closing the returned chunkedWriter -// sends the final 0-length chunk that marks the end of the stream. -// -// newChunkedWriter is not needed by normal applications. The http -// package adds chunking automatically if handlers don't set a -// Content-Length header. Using newChunkedWriter inside a handler -// would result in double chunking or chunking with a Content-Length -// length, both of which are wrong. -func newChunkedWriter(w io.Writer) io.WriteCloser { - return &chunkedWriter{w} -} - -// Writing to chunkedWriter translates to writing in HTTP chunked Transfer -// Encoding wire format to the underlying Wire chunkedWriter. -type chunkedWriter struct { - Wire io.Writer -} - -// Write the contents of data as one chunk to Wire. -// NOTE: Note that the corresponding chunk-writing procedure in Conn.Write has -// a bug since it does not check for success of io.WriteString -func (cw *chunkedWriter) Write(data []byte) (n int, err error) { - - // Don't send 0-length data. It looks like EOF for chunked encoding. - if len(data) == 0 { - return 0, nil - } - - head := strconv.FormatInt(int64(len(data)), 16) + "\r\n" - - if _, err = io.WriteString(cw.Wire, head); err != nil { - return 0, err - } - if n, err = cw.Wire.Write(data); err != nil { - return - } - if n != len(data) { - err = io.ErrShortWrite - return - } - _, err = io.WriteString(cw.Wire, "\r\n") - - return -} - -func (cw *chunkedWriter) Close() error { - _, err := io.WriteString(cw.Wire, "0\r\n") - return err -} diff --git a/vendor/github.com/elazarl/goproxy/counterecryptor.go b/vendor/github.com/elazarl/goproxy/counterecryptor.go deleted file mode 100644 index 494e7a4fedf..00000000000 --- a/vendor/github.com/elazarl/goproxy/counterecryptor.go +++ /dev/null @@ -1,68 +0,0 @@ -package goproxy - -import ( - "crypto/aes" - "crypto/cipher" - "crypto/rsa" - "crypto/sha256" - "crypto/x509" - "errors" -) - -type CounterEncryptorRand struct { - cipher cipher.Block - counter []byte - rand []byte - ix int -} - -func NewCounterEncryptorRandFromKey(key interface{}, seed []byte) (r CounterEncryptorRand, err error) { - var keyBytes []byte - switch key := key.(type) { - case *rsa.PrivateKey: - keyBytes = x509.MarshalPKCS1PrivateKey(key) - default: - err = errors.New("only RSA keys supported") - return - } - h := sha256.New() - if r.cipher, err = aes.NewCipher(h.Sum(keyBytes)[:aes.BlockSize]); err != nil { - return - } - r.counter = make([]byte, r.cipher.BlockSize()) - if seed != nil { - copy(r.counter, h.Sum(seed)[:r.cipher.BlockSize()]) - } - r.rand = make([]byte, r.cipher.BlockSize()) - r.ix = len(r.rand) - return -} - -func (c *CounterEncryptorRand) Seed(b []byte) { - if len(b) != len(c.counter) { - panic("SetCounter: wrong counter size") - } - copy(c.counter, b) -} - -func (c *CounterEncryptorRand) refill() { - c.cipher.Encrypt(c.rand, c.counter) - for i := 0; i < len(c.counter); i++ { - if c.counter[i]++; c.counter[i] != 0 { - break - } - } - c.ix = 0 -} - -func (c *CounterEncryptorRand) Read(b []byte) (n int, err error) { - if c.ix == len(c.rand) { - c.refill() - } - if n = len(c.rand) - c.ix; n > len(b) { - n = len(b) - } - copy(b, c.rand[c.ix:c.ix+n]) - c.ix += n - return -} diff --git a/vendor/github.com/elazarl/goproxy/ctx.go b/vendor/github.com/elazarl/goproxy/ctx.go deleted file mode 100644 index 70b4cf0fc50..00000000000 --- a/vendor/github.com/elazarl/goproxy/ctx.go +++ /dev/null @@ -1,87 +0,0 @@ -package goproxy - -import ( - "net/http" - "regexp" -) - -// ProxyCtx is the Proxy context, contains useful information about every request. It is passed to -// every user function. Also used as a logger. -type ProxyCtx struct { - // Will contain the client request from the proxy - Req *http.Request - // Will contain the remote server's response (if available. nil if the request wasn't send yet) - Resp *http.Response - RoundTripper RoundTripper - // will contain the recent error that occurred while trying to send receive or parse traffic - Error error - // A handle for the user to keep data in the context, from the call of ReqHandler to the - // call of RespHandler - UserData interface{} - // Will connect a request to a response - Session int64 - proxy *ProxyHttpServer -} - -type RoundTripper interface { - RoundTrip(req *http.Request, ctx *ProxyCtx) (*http.Response, error) -} - -type RoundTripperFunc func(req *http.Request, ctx *ProxyCtx) (*http.Response, error) - -func (f RoundTripperFunc) RoundTrip(req *http.Request, ctx *ProxyCtx) (*http.Response, error) { - return f(req, ctx) -} - -func (ctx *ProxyCtx) RoundTrip(req *http.Request) (*http.Response, error) { - if ctx.RoundTripper != nil { - return ctx.RoundTripper.RoundTrip(req, ctx) - } - return ctx.proxy.Tr.RoundTrip(req) -} - -func (ctx *ProxyCtx) printf(msg string, argv ...interface{}) { - ctx.proxy.Logger.Printf("[%03d] "+msg+"\n", append([]interface{}{ctx.Session & 0xFF}, argv...)...) -} - -// Logf prints a message to the proxy's log. Should be used in a ProxyHttpServer's filter -// This message will be printed only if the Verbose field of the ProxyHttpServer is set to true -// -// proxy.OnRequest().DoFunc(func(r *http.Request,ctx *goproxy.ProxyCtx) (*http.Request, *http.Response){ -// nr := atomic.AddInt32(&counter,1) -// ctx.Printf("So far %d requests",nr) -// return r, nil -// }) -func (ctx *ProxyCtx) Logf(msg string, argv ...interface{}) { - if ctx.proxy.Verbose { - ctx.printf("INFO: "+msg, argv...) - } -} - -// Warnf prints a message to the proxy's log. Should be used in a ProxyHttpServer's filter -// This message will always be printed. -// -// proxy.OnRequest().DoFunc(func(r *http.Request,ctx *goproxy.ProxyCtx) (*http.Request, *http.Response){ -// f,err := os.OpenFile(cachedContent) -// if err != nil { -// ctx.Warnf("error open file %v: %v",cachedContent,err) -// return r, nil -// } -// return r, nil -// }) -func (ctx *ProxyCtx) Warnf(msg string, argv ...interface{}) { - ctx.printf("WARN: "+msg, argv...) -} - -var charsetFinder = regexp.MustCompile("charset=([^ ;]*)") - -// Will try to infer the character set of the request from the headers. -// Returns the empty string if we don't know which character set it used. -// Currently it will look for charset= in the Content-Type header of the request. -func (ctx *ProxyCtx) Charset() string { - charsets := charsetFinder.FindStringSubmatch(ctx.Resp.Header.Get("Content-Type")) - if charsets == nil { - return "" - } - return charsets[1] -} diff --git a/vendor/github.com/elazarl/goproxy/dispatcher.go b/vendor/github.com/elazarl/goproxy/dispatcher.go deleted file mode 100644 index 4e7c9cb9db6..00000000000 --- a/vendor/github.com/elazarl/goproxy/dispatcher.go +++ /dev/null @@ -1,325 +0,0 @@ -package goproxy - -import ( - "bytes" - "io/ioutil" - "net" - "net/http" - "regexp" - "strings" -) - -// ReqCondition.HandleReq will decide whether or not to use the ReqHandler on an HTTP request -// before sending it to the remote server -type ReqCondition interface { - RespCondition - HandleReq(req *http.Request, ctx *ProxyCtx) bool -} - -// RespCondition.HandleReq will decide whether or not to use the RespHandler on an HTTP response -// before sending it to the proxy client. Note that resp might be nil, in case there was an -// error sending the request. -type RespCondition interface { - HandleResp(resp *http.Response, ctx *ProxyCtx) bool -} - -// ReqConditionFunc.HandleReq(req,ctx) <=> ReqConditionFunc(req,ctx) -type ReqConditionFunc func(req *http.Request, ctx *ProxyCtx) bool - -// RespConditionFunc.HandleResp(resp,ctx) <=> RespConditionFunc(resp,ctx) -type RespConditionFunc func(resp *http.Response, ctx *ProxyCtx) bool - -func (c ReqConditionFunc) HandleReq(req *http.Request, ctx *ProxyCtx) bool { - return c(req, ctx) -} - -// ReqConditionFunc cannot test responses. It only satisfies RespCondition interface so that -// to be usable as RespCondition. -func (c ReqConditionFunc) HandleResp(resp *http.Response, ctx *ProxyCtx) bool { - return c(ctx.Req, ctx) -} - -func (c RespConditionFunc) HandleResp(resp *http.Response, ctx *ProxyCtx) bool { - return c(resp, ctx) -} - -// UrlHasPrefix returns a ReqCondition checking wether the destination URL the proxy client has requested -// has the given prefix, with or without the host. -// For example UrlHasPrefix("host/x") will match requests of the form 'GET host/x', and will match -// requests to url 'http://host/x' -func UrlHasPrefix(prefix string) ReqConditionFunc { - return func(req *http.Request, ctx *ProxyCtx) bool { - return strings.HasPrefix(req.URL.Path, prefix) || - strings.HasPrefix(req.URL.Host+req.URL.Path, prefix) || - strings.HasPrefix(req.URL.Scheme+req.URL.Host+req.URL.Path, prefix) - } -} - -// UrlIs returns a ReqCondition, testing whether or not the request URL is one of the given strings -// with or without the host prefix. -// UrlIs("google.com/","foo") will match requests 'GET /' to 'google.com', requests `'GET google.com/' to -// any host, and requests of the form 'GET foo'. -func UrlIs(urls ...string) ReqConditionFunc { - urlSet := make(map[string]bool) - for _, u := range urls { - urlSet[u] = true - } - return func(req *http.Request, ctx *ProxyCtx) bool { - _, pathOk := urlSet[req.URL.Path] - _, hostAndOk := urlSet[req.URL.Host+req.URL.Path] - return pathOk || hostAndOk - } -} - -// ReqHostMatches returns a ReqCondition, testing whether the host to which the request was directed to matches -// any of the given regular expressions. -func ReqHostMatches(regexps ...*regexp.Regexp) ReqConditionFunc { - return func(req *http.Request, ctx *ProxyCtx) bool { - for _, re := range regexps { - if re.MatchString(req.Host) { - return true - } - } - return false - } -} - -// ReqHostIs returns a ReqCondition, testing whether the host to which the request is directed to equal -// to one of the given strings -func ReqHostIs(hosts ...string) ReqConditionFunc { - hostSet := make(map[string]bool) - for _, h := range hosts { - hostSet[h] = true - } - return func(req *http.Request, ctx *ProxyCtx) bool { - _, ok := hostSet[req.URL.Host] - return ok - } -} - -var localHostIpv4 = regexp.MustCompile(`127\.0\.0\.\d+`) - -// IsLocalHost checks whether the destination host is explicitly local host -// (buggy, there can be IPv6 addresses it doesn't catch) -var IsLocalHost ReqConditionFunc = func(req *http.Request, ctx *ProxyCtx) bool { - return req.URL.Host == "::1" || - req.URL.Host == "0:0:0:0:0:0:0:1" || - localHostIpv4.MatchString(req.URL.Host) || - req.URL.Host == "localhost" -} - -// UrlMatches returns a ReqCondition testing whether the destination URL -// of the request matches the given regexp, with or without prefix -func UrlMatches(re *regexp.Regexp) ReqConditionFunc { - return func(req *http.Request, ctx *ProxyCtx) bool { - return re.MatchString(req.URL.Path) || - re.MatchString(req.URL.Host+req.URL.Path) - } -} - -// DstHostIs returns a ReqCondition testing wether the host in the request url is the given string -func DstHostIs(host string) ReqConditionFunc { - return func(req *http.Request, ctx *ProxyCtx) bool { - return req.URL.Host == host - } -} - -// SrcIpIs returns a ReqCondition testing whether the source IP of the request is one of the given strings -func SrcIpIs(ips ...string) ReqCondition { - return ReqConditionFunc(func(req *http.Request, ctx *ProxyCtx) bool { - for _, ip := range ips { - if strings.HasPrefix(req.RemoteAddr, ip+":") { - return true - } - } - return false - }) -} - -// Not returns a ReqCondition negating the given ReqCondition -func Not(r ReqCondition) ReqConditionFunc { - return func(req *http.Request, ctx *ProxyCtx) bool { - return !r.HandleReq(req, ctx) - } -} - -// ContentTypeIs returns a RespCondition testing whether the HTTP response has Content-Type header equal -// to one of the given strings. -func ContentTypeIs(typ string, types ...string) RespCondition { - types = append(types, typ) - return RespConditionFunc(func(resp *http.Response, ctx *ProxyCtx) bool { - if resp == nil { - return false - } - contentType := resp.Header.Get("Content-Type") - for _, typ := range types { - if contentType == typ || strings.HasPrefix(contentType, typ+";") { - return true - } - } - return false - }) -} - -// ProxyHttpServer.OnRequest Will return a temporary ReqProxyConds struct, aggregating the given condtions. -// You will use the ReqProxyConds struct to register a ReqHandler, that would filter -// the request, only if all the given ReqCondition matched. -// Typical usage: -// proxy.OnRequest(UrlIs("example.com/foo"),UrlMatches(regexp.MustParse(`.*\.exampl.\com\./.*`)).Do(...) -func (proxy *ProxyHttpServer) OnRequest(conds ...ReqCondition) *ReqProxyConds { - return &ReqProxyConds{proxy, conds} -} - -// ReqProxyConds aggregate ReqConditions for a ProxyHttpServer. Upon calling Do, it will register a ReqHandler that would -// handle the request if all conditions on the HTTP request are met. -type ReqProxyConds struct { - proxy *ProxyHttpServer - reqConds []ReqCondition -} - -// DoFunc is equivalent to proxy.OnRequest().Do(FuncReqHandler(f)) -func (pcond *ReqProxyConds) DoFunc(f func(req *http.Request, ctx *ProxyCtx) (*http.Request, *http.Response)) { - pcond.Do(FuncReqHandler(f)) -} - -// ReqProxyConds.Do will register the ReqHandler on the proxy, -// the ReqHandler will handle the HTTP request if all the conditions -// aggregated in the ReqProxyConds are met. Typical usage: -// proxy.OnRequest().Do(handler) // will call handler.Handle(req,ctx) on every request to the proxy -// proxy.OnRequest(cond1,cond2).Do(handler) -// // given request to the proxy, will test if cond1.HandleReq(req,ctx) && cond2.HandleReq(req,ctx) are true -// // if they are, will call handler.Handle(req,ctx) -func (pcond *ReqProxyConds) Do(h ReqHandler) { - pcond.proxy.reqHandlers = append(pcond.proxy.reqHandlers, - FuncReqHandler(func(r *http.Request, ctx *ProxyCtx) (*http.Request, *http.Response) { - for _, cond := range pcond.reqConds { - if !cond.HandleReq(r, ctx) { - return r, nil - } - } - return h.Handle(r, ctx) - })) -} - -// HandleConnect is used when proxy receives an HTTP CONNECT request, -// it'll then use the HttpsHandler to determine what should it -// do with this request. The handler returns a ConnectAction struct, the Action field in the ConnectAction -// struct returned will determine what to do with this request. ConnectAccept will simply accept the request -// forwarding all bytes from the client to the remote host, ConnectReject will close the connection with the -// client, and ConnectMitm, will assume the underlying connection is an HTTPS connection, and will use Man -// in the Middle attack to eavesdrop the connection. All regular handler will be active on this eavesdropped -// connection. -// The ConnectAction struct contains possible tlsConfig that will be used for eavesdropping. If nil, the proxy -// will use the default tls configuration. -// proxy.OnRequest().HandleConnect(goproxy.AlwaysReject) // rejects all CONNECT requests -func (pcond *ReqProxyConds) HandleConnect(h HttpsHandler) { - pcond.proxy.httpsHandlers = append(pcond.proxy.httpsHandlers, - FuncHttpsHandler(func(host string, ctx *ProxyCtx) (*ConnectAction, string) { - for _, cond := range pcond.reqConds { - if !cond.HandleReq(ctx.Req, ctx) { - return nil, "" - } - } - return h.HandleConnect(host, ctx) - })) -} - -// HandleConnectFunc is equivalent to HandleConnect, -// for example, accepting CONNECT request if they contain a password in header -// io.WriteString(h,password) -// passHash := h.Sum(nil) -// proxy.OnRequest().HandleConnectFunc(func(host string, ctx *ProxyCtx) (*ConnectAction, string) { -// c := sha1.New() -// io.WriteString(c,ctx.Req.Header.Get("X-GoProxy-Auth")) -// if c.Sum(nil) == passHash { -// return OkConnect, host -// } -// return RejectConnect, host -// }) -func (pcond *ReqProxyConds) HandleConnectFunc(f func(host string, ctx *ProxyCtx) (*ConnectAction, string)) { - pcond.HandleConnect(FuncHttpsHandler(f)) -} - -func (pcond *ReqProxyConds) HijackConnect(f func(req *http.Request, client net.Conn, ctx *ProxyCtx)) { - pcond.proxy.httpsHandlers = append(pcond.proxy.httpsHandlers, - FuncHttpsHandler(func(host string, ctx *ProxyCtx) (*ConnectAction, string) { - for _, cond := range pcond.reqConds { - if !cond.HandleReq(ctx.Req, ctx) { - return nil, "" - } - } - return &ConnectAction{Action: ConnectHijack, Hijack: f}, host - })) -} - -// ProxyConds is used to aggregate RespConditions for a ProxyHttpServer. -// Upon calling ProxyConds.Do, it will register a RespHandler that would -// handle the HTTP response from remote server if all conditions on the HTTP response are met. -type ProxyConds struct { - proxy *ProxyHttpServer - reqConds []ReqCondition - respCond []RespCondition -} - -// ProxyConds.DoFunc is equivalent to proxy.OnResponse().Do(FuncRespHandler(f)) -func (pcond *ProxyConds) DoFunc(f func(resp *http.Response, ctx *ProxyCtx) *http.Response) { - pcond.Do(FuncRespHandler(f)) -} - -// ProxyConds.Do will register the RespHandler on the proxy, h.Handle(resp,ctx) will be called on every -// request that matches the conditions aggregated in pcond. -func (pcond *ProxyConds) Do(h RespHandler) { - pcond.proxy.respHandlers = append(pcond.proxy.respHandlers, - FuncRespHandler(func(resp *http.Response, ctx *ProxyCtx) *http.Response { - for _, cond := range pcond.reqConds { - if !cond.HandleReq(ctx.Req, ctx) { - return resp - } - } - for _, cond := range pcond.respCond { - if !cond.HandleResp(resp, ctx) { - return resp - } - } - return h.Handle(resp, ctx) - })) -} - -// OnResponse is used when adding a response-filter to the HTTP proxy, usual pattern is -// proxy.OnResponse(cond1,cond2).Do(handler) // handler.Handle(resp,ctx) will be used -// // if cond1.HandleResp(resp) && cond2.HandleResp(resp) -func (proxy *ProxyHttpServer) OnResponse(conds ...RespCondition) *ProxyConds { - return &ProxyConds{proxy, make([]ReqCondition, 0), conds} -} - -// AlwaysMitm is a HttpsHandler that always eavesdrop https connections, for example to -// eavesdrop all https connections to www.google.com, we can use -// proxy.OnRequest(goproxy.ReqHostIs("www.google.com")).HandleConnect(goproxy.AlwaysMitm) -var AlwaysMitm FuncHttpsHandler = func(host string, ctx *ProxyCtx) (*ConnectAction, string) { - return MitmConnect, host -} - -// AlwaysReject is a HttpsHandler that drops any CONNECT request, for example, this code will disallow -// connections to hosts on any other port than 443 -// proxy.OnRequest(goproxy.Not(goproxy.ReqHostMatches(regexp.MustCompile(":443$"))). -// HandleConnect(goproxy.AlwaysReject) -var AlwaysReject FuncHttpsHandler = func(host string, ctx *ProxyCtx) (*ConnectAction, string) { - return RejectConnect, host -} - -// HandleBytes will return a RespHandler that read the entire body of the request -// to a byte array in memory, would run the user supplied f function on the byte arra, -// and will replace the body of the original response with the resulting byte array. -func HandleBytes(f func(b []byte, ctx *ProxyCtx) []byte) RespHandler { - return FuncRespHandler(func(resp *http.Response, ctx *ProxyCtx) *http.Response { - b, err := ioutil.ReadAll(resp.Body) - if err != nil { - ctx.Warnf("Cannot read response %s", err) - return resp - } - resp.Body.Close() - - resp.Body = ioutil.NopCloser(bytes.NewBuffer(f(b, ctx))) - return resp - }) -} diff --git a/vendor/github.com/elazarl/goproxy/doc.go b/vendor/github.com/elazarl/goproxy/doc.go deleted file mode 100644 index 50aaa71f80c..00000000000 --- a/vendor/github.com/elazarl/goproxy/doc.go +++ /dev/null @@ -1,100 +0,0 @@ -/* -Package goproxy provides a customizable HTTP proxy, -supporting hijacking HTTPS connection. - -The intent of the proxy, is to be usable with reasonable amount of traffic -yet, customizable and programable. - -The proxy itself is simply an `net/http` handler. - -Typical usage is - - proxy := goproxy.NewProxyHttpServer() - proxy.OnRequest(..conditions..).Do(..requesthandler..) - proxy.OnRequest(..conditions..).DoFunc(..requesthandlerFunction..) - proxy.OnResponse(..conditions..).Do(..responesHandler..) - proxy.OnResponse(..conditions..).DoFunc(..responesHandlerFunction..) - http.ListenAndServe(":8080", proxy) - -Adding a header to each request - - proxy.OnRequest().DoFunc(func(r *http.Request,ctx *goproxy.ProxyCtx) (*http.Request, *http.Response){ - r.Header.Set("X-GoProxy","1") - return r, nil - }) - -Note that the function is called before the proxy sends the request to the server - -For printing the content type of all incoming responses - - proxy.OnResponse().DoFunc(func(r *http.Response, ctx *goproxy.ProxyCtx)*http.Response{ - println(ctx.Req.Host,"->",r.Header.Get("Content-Type")) - return r - }) - -note that we used the ProxyCtx context variable here. It contains the request -and the response (Req and Resp, Resp is nil if unavailable) of this specific client -interaction with the proxy. - -To print the content type of all responses from a certain url, we'll add a -ReqCondition to the OnResponse function: - - proxy.OnResponse(goproxy.UrlIs("golang.org/pkg")).DoFunc(func(r *http.Response, ctx *goproxy.ProxyCtx)*http.Response{ - println(ctx.Req.Host,"->",r.Header.Get("Content-Type")) - return r - }) - -We can write the condition ourselves, conditions can be set on request and on response - - var random = ReqConditionFunc(func(r *http.Request) bool { - return rand.Intn(1) == 0 - }) - var hasGoProxyHeader = RespConditionFunc(func(resp *http.Response,req *http.Request)bool { - return resp.Header.Get("X-GoProxy") != "" - }) - -Caution! If you give a RespCondition to the OnRequest function, you'll get a run time panic! It doesn't -make sense to read the response, if you still haven't got it! - -Finally, we have convenience function to throw a quick response - - proxy.OnResponse(hasGoProxyHeader).DoFunc(func(r*http.Response,ctx *goproxy.ProxyCtx)*http.Response { - r.Body.Close() - return goproxy.ForbiddenTextResponse(ctx.Req,"Can't see response with X-GoProxy header!") - }) - -we close the body of the original repsonse, and return a new 403 response with a short message. - -Example use cases: - -1. https://github.com/elazarl/goproxy/tree/master/examples/goproxy-avgsize - -To measure the average size of an Html served in your site. One can ask -all the QA team to access the website by a proxy, and the proxy will -measure the average size of all text/html responses from your host. - -2. [not yet implemented] - -All requests to your web servers should be directed through the proxy, -when the proxy will detect html pieces sent as a response to AJAX -request, it'll send a warning email. - -3. https://github.com/elazarl/goproxy/blob/master/examples/goproxy-httpdump/ - -Generate a real traffic to your website by real users using through -proxy. Record the traffic, and try it again for more real load testing. - -4. https://github.com/elazarl/goproxy/tree/master/examples/goproxy-no-reddit-at-worktime - -Will allow browsing to reddit.com between 8:00am and 17:00pm - -5. https://github.com/elazarl/goproxy/tree/master/examples/goproxy-jquery-version - -Will warn if multiple versions of jquery are used in the same domain. - -6. https://github.com/elazarl/goproxy/blob/master/examples/goproxy-upside-down-ternet/ - -Modifies image files in an HTTP response via goproxy's image extension found in ext/. - -*/ -package goproxy diff --git a/vendor/github.com/elazarl/goproxy/https.go b/vendor/github.com/elazarl/goproxy/https.go deleted file mode 100644 index 5498f8b7676..00000000000 --- a/vendor/github.com/elazarl/goproxy/https.go +++ /dev/null @@ -1,421 +0,0 @@ -package goproxy - -import ( - "bufio" - "crypto/tls" - "errors" - "io" - "io/ioutil" - "net" - "net/http" - "net/url" - "os" - "regexp" - "strconv" - "strings" - "sync" - "sync/atomic" -) - -type ConnectActionLiteral int - -const ( - ConnectAccept = iota - ConnectReject - ConnectMitm - ConnectHijack - ConnectHTTPMitm - ConnectProxyAuthHijack -) - -var ( - OkConnect = &ConnectAction{Action: ConnectAccept, TLSConfig: TLSConfigFromCA(&GoproxyCa)} - MitmConnect = &ConnectAction{Action: ConnectMitm, TLSConfig: TLSConfigFromCA(&GoproxyCa)} - HTTPMitmConnect = &ConnectAction{Action: ConnectHTTPMitm, TLSConfig: TLSConfigFromCA(&GoproxyCa)} - RejectConnect = &ConnectAction{Action: ConnectReject, TLSConfig: TLSConfigFromCA(&GoproxyCa)} - httpsRegexp = regexp.MustCompile(`^https:\/\/`) -) - -type ConnectAction struct { - Action ConnectActionLiteral - Hijack func(req *http.Request, client net.Conn, ctx *ProxyCtx) - TLSConfig func(host string, ctx *ProxyCtx) (*tls.Config, error) -} - -func stripPort(s string) string { - ix := strings.IndexRune(s, ':') - if ix == -1 { - return s - } - return s[:ix] -} - -func (proxy *ProxyHttpServer) dial(network, addr string) (c net.Conn, err error) { - if proxy.Tr.Dial != nil { - return proxy.Tr.Dial(network, addr) - } - return net.Dial(network, addr) -} - -func (proxy *ProxyHttpServer) connectDial(network, addr string) (c net.Conn, err error) { - if proxy.ConnectDial == nil { - return proxy.dial(network, addr) - } - return proxy.ConnectDial(network, addr) -} - -func (proxy *ProxyHttpServer) handleHttps(w http.ResponseWriter, r *http.Request) { - ctx := &ProxyCtx{Req: r, Session: atomic.AddInt64(&proxy.sess, 1), proxy: proxy} - - hij, ok := w.(http.Hijacker) - if !ok { - panic("httpserver does not support hijacking") - } - - proxyClient, _, e := hij.Hijack() - if e != nil { - panic("Cannot hijack connection " + e.Error()) - } - - ctx.Logf("Running %d CONNECT handlers", len(proxy.httpsHandlers)) - todo, host := OkConnect, r.URL.Host - for i, h := range proxy.httpsHandlers { - newtodo, newhost := h.HandleConnect(host, ctx) - - // If found a result, break the loop immediately - if newtodo != nil { - todo, host = newtodo, newhost - ctx.Logf("on %dth handler: %v %s", i, todo, host) - break - } - } - switch todo.Action { - case ConnectAccept: - if !hasPort.MatchString(host) { - host += ":80" - } - targetSiteCon, err := proxy.connectDial("tcp", host) - if err != nil { - httpError(proxyClient, ctx, err) - return - } - ctx.Logf("Accepting CONNECT to %s", host) - proxyClient.Write([]byte("HTTP/1.0 200 OK\r\n\r\n")) - - targetTCP, targetOK := targetSiteCon.(*net.TCPConn) - proxyClientTCP, clientOK := proxyClient.(*net.TCPConn) - if targetOK && clientOK { - go copyAndClose(ctx, targetTCP, proxyClientTCP) - go copyAndClose(ctx, proxyClientTCP, targetTCP) - } else { - go func() { - var wg sync.WaitGroup - wg.Add(2) - go copyOrWarn(ctx, targetSiteCon, proxyClient, &wg) - go copyOrWarn(ctx, proxyClient, targetSiteCon, &wg) - wg.Wait() - proxyClient.Close() - targetSiteCon.Close() - - }() - } - - case ConnectHijack: - ctx.Logf("Hijacking CONNECT to %s", host) - proxyClient.Write([]byte("HTTP/1.0 200 OK\r\n\r\n")) - todo.Hijack(r, proxyClient, ctx) - case ConnectHTTPMitm: - proxyClient.Write([]byte("HTTP/1.0 200 OK\r\n\r\n")) - ctx.Logf("Assuming CONNECT is plain HTTP tunneling, mitm proxying it") - targetSiteCon, err := proxy.connectDial("tcp", host) - if err != nil { - ctx.Warnf("Error dialing to %s: %s", host, err.Error()) - return - } - for { - client := bufio.NewReader(proxyClient) - remote := bufio.NewReader(targetSiteCon) - req, err := http.ReadRequest(client) - if err != nil && err != io.EOF { - ctx.Warnf("cannot read request of MITM HTTP client: %+#v", err) - } - if err != nil { - return - } - req, resp := proxy.filterRequest(req, ctx) - if resp == nil { - if err := req.Write(targetSiteCon); err != nil { - httpError(proxyClient, ctx, err) - return - } - resp, err = http.ReadResponse(remote, req) - if err != nil { - httpError(proxyClient, ctx, err) - return - } - defer resp.Body.Close() - } - resp = proxy.filterResponse(resp, ctx) - if err := resp.Write(proxyClient); err != nil { - httpError(proxyClient, ctx, err) - return - } - } - case ConnectMitm: - proxyClient.Write([]byte("HTTP/1.0 200 OK\r\n\r\n")) - ctx.Logf("Assuming CONNECT is TLS, mitm proxying it") - // this goes in a separate goroutine, so that the net/http server won't think we're - // still handling the request even after hijacking the connection. Those HTTP CONNECT - // request can take forever, and the server will be stuck when "closed". - // TODO: Allow Server.Close() mechanism to shut down this connection as nicely as possible - tlsConfig := defaultTLSConfig - if todo.TLSConfig != nil { - var err error - tlsConfig, err = todo.TLSConfig(host, ctx) - if err != nil { - httpError(proxyClient, ctx, err) - return - } - } - go func() { - //TODO: cache connections to the remote website - rawClientTls := tls.Server(proxyClient, tlsConfig) - if err := rawClientTls.Handshake(); err != nil { - ctx.Warnf("Cannot handshake client %v %v", r.Host, err) - return - } - defer rawClientTls.Close() - clientTlsReader := bufio.NewReader(rawClientTls) - for !isEof(clientTlsReader) { - req, err := http.ReadRequest(clientTlsReader) - var ctx = &ProxyCtx{Req: req, Session: atomic.AddInt64(&proxy.sess, 1), proxy: proxy, UserData: ctx.UserData} - if err != nil && err != io.EOF { - return - } - if err != nil { - ctx.Warnf("Cannot read TLS request from mitm'd client %v %v", r.Host, err) - return - } - req.RemoteAddr = r.RemoteAddr // since we're converting the request, need to carry over the original connecting IP as well - ctx.Logf("req %v", r.Host) - - if !httpsRegexp.MatchString(req.URL.String()) { - req.URL, err = url.Parse("https://" + r.Host + req.URL.String()) - } - - // Bug fix which goproxy fails to provide request - // information URL in the context when does HTTPS MITM - ctx.Req = req - - req, resp := proxy.filterRequest(req, ctx) - if resp == nil { - if err != nil { - ctx.Warnf("Illegal URL %s", "https://"+r.Host+req.URL.Path) - return - } - removeProxyHeaders(ctx, req) - resp, err = ctx.RoundTrip(req) - if err != nil { - ctx.Warnf("Cannot read TLS response from mitm'd server %v", err) - return - } - ctx.Logf("resp %v", resp.Status) - } - resp = proxy.filterResponse(resp, ctx) - defer resp.Body.Close() - - text := resp.Status - statusCode := strconv.Itoa(resp.StatusCode) + " " - if strings.HasPrefix(text, statusCode) { - text = text[len(statusCode):] - } - // always use 1.1 to support chunked encoding - if _, err := io.WriteString(rawClientTls, "HTTP/1.1"+" "+statusCode+text+"\r\n"); err != nil { - ctx.Warnf("Cannot write TLS response HTTP status from mitm'd client: %v", err) - return - } - // Since we don't know the length of resp, return chunked encoded response - // TODO: use a more reasonable scheme - resp.Header.Del("Content-Length") - resp.Header.Set("Transfer-Encoding", "chunked") - // Force connection close otherwise chrome will keep CONNECT tunnel open forever - resp.Header.Set("Connection", "close") - if err := resp.Header.Write(rawClientTls); err != nil { - ctx.Warnf("Cannot write TLS response header from mitm'd client: %v", err) - return - } - if _, err = io.WriteString(rawClientTls, "\r\n"); err != nil { - ctx.Warnf("Cannot write TLS response header end from mitm'd client: %v", err) - return - } - chunked := newChunkedWriter(rawClientTls) - if _, err := io.Copy(chunked, resp.Body); err != nil { - ctx.Warnf("Cannot write TLS response body from mitm'd client: %v", err) - return - } - if err := chunked.Close(); err != nil { - ctx.Warnf("Cannot write TLS chunked EOF from mitm'd client: %v", err) - return - } - if _, err = io.WriteString(rawClientTls, "\r\n"); err != nil { - ctx.Warnf("Cannot write TLS response chunked trailer from mitm'd client: %v", err) - return - } - } - ctx.Logf("Exiting on EOF") - }() - case ConnectProxyAuthHijack: - proxyClient.Write([]byte("HTTP/1.1 407 Proxy Authentication Required\r\n")) - todo.Hijack(r, proxyClient, ctx) - case ConnectReject: - if ctx.Resp != nil { - if err := ctx.Resp.Write(proxyClient); err != nil { - ctx.Warnf("Cannot write response that reject http CONNECT: %v", err) - } - } - proxyClient.Close() - } -} - -func httpError(w io.WriteCloser, ctx *ProxyCtx, err error) { - if _, err := io.WriteString(w, "HTTP/1.1 502 Bad Gateway\r\n\r\n"); err != nil { - ctx.Warnf("Error responding to client: %s", err) - } - if err := w.Close(); err != nil { - ctx.Warnf("Error closing client connection: %s", err) - } -} - -func copyOrWarn(ctx *ProxyCtx, dst io.Writer, src io.Reader, wg *sync.WaitGroup) { - if _, err := io.Copy(dst, src); err != nil { - ctx.Warnf("Error copying to client: %s", err) - } - wg.Done() -} - -func copyAndClose(ctx *ProxyCtx, dst, src *net.TCPConn) { - if _, err := io.Copy(dst, src); err != nil { - ctx.Warnf("Error copying to client: %s", err) - } - - dst.CloseWrite() - src.CloseRead() -} - -func dialerFromEnv(proxy *ProxyHttpServer) func(network, addr string) (net.Conn, error) { - https_proxy := os.Getenv("HTTPS_PROXY") - if https_proxy == "" { - https_proxy = os.Getenv("https_proxy") - } - if https_proxy == "" { - return nil - } - return proxy.NewConnectDialToProxy(https_proxy) -} - -func (proxy *ProxyHttpServer) NewConnectDialToProxy(https_proxy string) func(network, addr string) (net.Conn, error) { - return proxy.NewConnectDialToProxyWithHandler(https_proxy, nil) -} - -func (proxy *ProxyHttpServer) NewConnectDialToProxyWithHandler(https_proxy string, connectReqHandler func(req *http.Request)) func(network, addr string) (net.Conn, error) { - u, err := url.Parse(https_proxy) - if err != nil { - return nil - } - if u.Scheme == "" || u.Scheme == "http" { - if strings.IndexRune(u.Host, ':') == -1 { - u.Host += ":80" - } - return func(network, addr string) (net.Conn, error) { - connectReq := &http.Request{ - Method: "CONNECT", - URL: &url.URL{Opaque: addr}, - Host: addr, - Header: make(http.Header), - } - if connectReqHandler != nil { - connectReqHandler(connectReq) - } - c, err := proxy.dial(network, u.Host) - if err != nil { - return nil, err - } - connectReq.Write(c) - // Read response. - // Okay to use and discard buffered reader here, because - // TLS server will not speak until spoken to. - br := bufio.NewReader(c) - resp, err := http.ReadResponse(br, connectReq) - if err != nil { - c.Close() - return nil, err - } - defer resp.Body.Close() - if resp.StatusCode != 200 { - resp, err := ioutil.ReadAll(resp.Body) - if err != nil { - return nil, err - } - c.Close() - return nil, errors.New("proxy refused connection" + string(resp)) - } - return c, nil - } - } - if u.Scheme == "https" { - if strings.IndexRune(u.Host, ':') == -1 { - u.Host += ":443" - } - return func(network, addr string) (net.Conn, error) { - c, err := proxy.dial(network, u.Host) - if err != nil { - return nil, err - } - c = tls.Client(c, proxy.Tr.TLSClientConfig) - connectReq := &http.Request{ - Method: "CONNECT", - URL: &url.URL{Opaque: addr}, - Host: addr, - Header: make(http.Header), - } - if connectReqHandler != nil { - connectReqHandler(connectReq) - } - connectReq.Write(c) - // Read response. - // Okay to use and discard buffered reader here, because - // TLS server will not speak until spoken to. - br := bufio.NewReader(c) - resp, err := http.ReadResponse(br, connectReq) - if err != nil { - c.Close() - return nil, err - } - defer resp.Body.Close() - if resp.StatusCode != 200 { - body, err := ioutil.ReadAll(io.LimitReader(resp.Body, 500)) - if err != nil { - return nil, err - } - c.Close() - return nil, errors.New("proxy refused connection" + string(body)) - } - return c, nil - } - } - return nil -} - -func TLSConfigFromCA(ca *tls.Certificate) func(host string, ctx *ProxyCtx) (*tls.Config, error) { - return func(host string, ctx *ProxyCtx) (*tls.Config, error) { - config := *defaultTLSConfig - ctx.Logf("signing for %s", stripPort(host)) - cert, err := signHost(*ca, []string{stripPort(host)}) - if err != nil { - ctx.Warnf("Cannot sign host certificate with provided CA: %s", err) - return nil, err - } - config.Certificates = append(config.Certificates, cert) - return &config, nil - } -} diff --git a/vendor/github.com/elazarl/goproxy/key.pem b/vendor/github.com/elazarl/goproxy/key.pem deleted file mode 100644 index 2ea1dca4e04..00000000000 --- a/vendor/github.com/elazarl/goproxy/key.pem +++ /dev/null @@ -1,51 +0,0 @@ ------BEGIN RSA PRIVATE KEY----- -MIIJKAIBAAKCAgEAnhDL4fqGGhjWzRBFy8iHGuNIdo79FtoWPevCpyek6AWrTuBF -0j3dzRMUpAkemC/p94tGES9f9iWUVi7gnfmUz1lxhjiqUoW5K1xfwmbx+qmC2YAw -HM+yq2oOLwz1FAYoQ3NT0gU6cJXtIB6Hjmxwy4jfDPzCuMFwfvOq4eS+pRJhnPTf -m31XpZOsfJMS9PjD6UU5U3ZsD/oMAjGuMGIXoOGgmqeFrRJm0N+/vtenAYbcSED+ -qiGGJisOu5grvMl0RJAvjgvDMw+6lWKCpqV+/5gd9CNuFP3nUhW6tbY0mBHIETrZ -0uuUdh21P20JMKt34ok0wn6On2ECN0i7UGv+SJ9TgXj7hksxH1R6OLQaSQ8qxh3I -yeqPSnQ+iDK8/WXiqZug8iYxi1qgW5iYxiV5uAL0s3XRsv3Urj6Mu3QjVie0TOuq -AmhawnO1gPDnjc3NLLlb79yrhdFiC2rVvRFbC5SKzB7OYyh7IdnwFAl7bEyMA6WU -BIN+prw4rdYAEcmnLjNSudQGIy48hPMP8W4PHgLkjDCULryAcBluU2qkFkJfScUK -0qNg5wjZKjkdtDY4LxAX7MZW524dRKiTiFLLYEF9nWl+/OKoF561YnAW9qkYHjic -geFYo0q+o7Es0jLt75MZGJY6iasBYzXxVJH0tlsHGkkrs8tLNapglhNEJkcCAwEA -AQKCAgAwSuNvxHHqUUJ3XoxkiXy1u1EtX9x1eeYnvvs2xMb+WJURQTYz2NEGUdkR -kPO2/ZSXHAcpQvcnpi2e8y2PNmy/uQ0VPATVt6NuWweqxncR5W5j82U/uDlXY8y3 -lVbfak4s5XRri0tikHvlP06dNgZ0OPok5qi7d+Zd8yZ3Y8LXfjkykiIrSG1Z2jdt -zCWTkNmSUKMGG/1CGFxI41Lb12xuq+C8v4f469Fb6bCUpyCQN9rffHQSGLH6wVb7 -+68JO+d49zCATpmx5RFViMZwEcouXxRvvc9pPHXLP3ZPBD8nYu9kTD220mEGgWcZ -3L9dDlZPcSocbjw295WMvHz2QjhrDrb8gXwdpoRyuyofqgCyNxSnEC5M13SjOxtf -pjGzjTqh0kDlKXg2/eTkd9xIHjVhFYiHIEeITM/lHCfWwBCYxViuuF7pSRPzTe8U -C440b62qZSPMjVoquaMg+qx0n9fKSo6n1FIKHypv3Kue2G0WhDeK6u0U288vQ1t4 -Ood3Qa13gZ+9hwDLbM/AoBfVBDlP/tpAwa7AIIU1ZRDNbZr7emFdctx9B6kLINv3 -4PDOGM2xrjOuACSGMq8Zcu7LBz35PpIZtviJOeKNwUd8/xHjWC6W0itgfJb5I1Nm -V6Vj368pGlJx6Se26lvXwyyrc9pSw6jSAwARBeU4YkNWpi4i6QKCAQEA0T7u3P/9 -jZJSnDN1o2PXymDrJulE61yguhc/QSmLccEPZe7or06/DmEhhKuCbv+1MswKDeag -/1JdFPGhL2+4G/f/9BK3BJPdcOZSz7K6Ty8AMMBf8AehKTcSBqwkJWcbEvpHpKJ6 -eDqn1B6brXTNKMT6fEEXCuZJGPBpNidyLv/xXDcN7kCOo3nGYKfB5OhFpNiL63tw -+LntU56WESZwEqr8Pf80uFvsyXQK3a5q5HhIQtxl6tqQuPlNjsDBvCqj0x72mmaJ -ZVsVWlv7khUrCwAXz7Y8K7mKKBd2ekF5hSbryfJsxFyvEaWUPhnJpTKV85lAS+tt -FQuIp9TvKYlRQwKCAQEAwWJN8jysapdhi67jO0HtYOEl9wwnF4w6XtiOYtllkMmC -06/e9h7RsRyWPMdu3qRDPUYFaVDy6+dpUDSQ0+E2Ot6AHtVyvjeUTIL651mFIo/7 -OSUCEc+HRo3SfPXdPhSQ2thNTxl6y9XcFacuvbthgr70KXbvC4k6IEmdpf/0Kgs9 -7QTZCG26HDrEZ2q9yMRlRaL2SRD+7Y2xra7gB+cQGFj6yn0Wd/07er49RqMXidQf -KR2oYfev2BDtHXoSZFfhFGHlOdLvWRh90D4qZf4vQ+g/EIMgcNSoxjvph1EShmKt -sjhTHtoHuu+XmEQvIewk2oCI+JvofBkcnpFrVvUUrQKCAQAaTIufETmgCo0BfuJB -N/JOSGIl0NnNryWwXe2gVgVltbsmt6FdL0uKFiEtWJUbOF5g1Q5Kcvs3O/XhBQGa -QbNlKIVt+tAv7hm97+Tmn/MUsraWagdk1sCluns0hXxBizT27KgGhDlaVRz05yfv -5CdJAYDuDwxDXXBAhy7iFJEgYSDH00+X61tCJrMNQOh4ycy/DEyBu1EWod+3S85W -t3sMjZsIe8P3i+4137Th6eMbdha2+JaCrxfTd9oMoCN5b+6JQXIDM/H+4DTN15PF -540yY7+aZrAnWrmHknNcqFAKsTqfdi2/fFqwoBwCtiEG91WreU6AfEWIiJuTZIru -sIibAoIBAAqIwlo5t+KukF+9jR9DPh0S5rCIdvCvcNaN0WPNF91FPN0vLWQW1bFi -L0TsUDvMkuUZlV3hTPpQxsnZszH3iK64RB5p3jBCcs+gKu7DT59MXJEGVRCHT4Um -YJryAbVKBYIGWl++sZO8+JotWzx2op8uq7o+glMMjKAJoo7SXIiVyC/LHc95urOi -9+PySphPKn0anXPpexmRqGYfqpCDo7rPzgmNutWac80B4/CfHb8iUPg6Z1u+1FNe -yKvcZHgW2Wn00znNJcCitufLGyAnMofudND/c5rx2qfBx7zZS7sKUQ/uRYjes6EZ -QBbJUA/2/yLv8YYpaAaqj4aLwV8hRpkCggEBAIh3e25tr3avCdGgtCxS7Y1blQ2c -ue4erZKmFP1u8wTNHQ03T6sECZbnIfEywRD/esHpclfF3kYAKDRqIP4K905Rb0iH -759ZWt2iCbqZznf50XTvptdmjm5KxvouJzScnQ52gIV6L+QrCKIPelLBEIqCJREh -pmcjjocD/UCCSuHgbAYNNnO/JdhnSylz1tIg26I+2iLNyeTKIepSNlsBxnkLmqM1 -cj/azKBaT04IOMLaN8xfSqitJYSraWMVNgGJM5vfcVaivZnNh0lZBv+qu6YkdM88 -4/avCJ8IutT+FcMM+GbGazOm5ALWqUyhrnbLGc4CQMPfe7Il6NxwcrOxT8w= ------END RSA PRIVATE KEY----- diff --git a/vendor/github.com/elazarl/goproxy/proxy.go b/vendor/github.com/elazarl/goproxy/proxy.go deleted file mode 100644 index 9335900078b..00000000000 --- a/vendor/github.com/elazarl/goproxy/proxy.go +++ /dev/null @@ -1,166 +0,0 @@ -package goproxy - -import ( - "bufio" - "io" - "log" - "net" - "net/http" - "os" - "regexp" - "sync/atomic" -) - -// The basic proxy type. Implements http.Handler. -type ProxyHttpServer struct { - // session variable must be aligned in i386 - // see http://golang.org/src/pkg/sync/atomic/doc.go#L41 - sess int64 - // KeepDestinationHeaders indicates the proxy should retain any headers present in the http.Response before proxying - KeepDestinationHeaders bool - // setting Verbose to true will log information on each request sent to the proxy - Verbose bool - Logger *log.Logger - NonproxyHandler http.Handler - reqHandlers []ReqHandler - respHandlers []RespHandler - httpsHandlers []HttpsHandler - Tr *http.Transport - // ConnectDial will be used to create TCP connections for CONNECT requests - // if nil Tr.Dial will be used - ConnectDial func(network string, addr string) (net.Conn, error) -} - -var hasPort = regexp.MustCompile(`:\d+$`) - -func copyHeaders(dst, src http.Header, keepDestHeaders bool) { - if !keepDestHeaders { - for k := range dst { - dst.Del(k) - } - } - for k, vs := range src { - for _, v := range vs { - dst.Add(k, v) - } - } -} - -func isEof(r *bufio.Reader) bool { - _, err := r.Peek(1) - if err == io.EOF { - return true - } - return false -} - -func (proxy *ProxyHttpServer) filterRequest(r *http.Request, ctx *ProxyCtx) (req *http.Request, resp *http.Response) { - req = r - for _, h := range proxy.reqHandlers { - req, resp = h.Handle(r, ctx) - // non-nil resp means the handler decided to skip sending the request - // and return canned response instead. - if resp != nil { - break - } - } - return -} -func (proxy *ProxyHttpServer) filterResponse(respOrig *http.Response, ctx *ProxyCtx) (resp *http.Response) { - resp = respOrig - for _, h := range proxy.respHandlers { - ctx.Resp = resp - resp = h.Handle(resp, ctx) - } - return -} - -func removeProxyHeaders(ctx *ProxyCtx, r *http.Request) { - r.RequestURI = "" // this must be reset when serving a request with the client - ctx.Logf("Sending request %v %v", r.Method, r.URL.String()) - // If no Accept-Encoding header exists, Transport will add the headers it can accept - // and would wrap the response body with the relevant reader. - r.Header.Del("Accept-Encoding") - // curl can add that, see - // https://jdebp.eu./FGA/web-proxy-connection-header.html - r.Header.Del("Proxy-Connection") - r.Header.Del("Proxy-Authenticate") - r.Header.Del("Proxy-Authorization") - // Connection, Authenticate and Authorization are single hop Header: - // http://www.w3.org/Protocols/rfc2616/rfc2616.txt - // 14.10 Connection - // The Connection general-header field allows the sender to specify - // options that are desired for that particular connection and MUST NOT - // be communicated by proxies over further connections. - r.Header.Del("Connection") -} - -// Standard net/http function. Shouldn't be used directly, http.Serve will use it. -func (proxy *ProxyHttpServer) ServeHTTP(w http.ResponseWriter, r *http.Request) { - //r.Header["X-Forwarded-For"] = w.RemoteAddr() - if r.Method == "CONNECT" { - proxy.handleHttps(w, r) - } else { - ctx := &ProxyCtx{Req: r, Session: atomic.AddInt64(&proxy.sess, 1), proxy: proxy} - - var err error - ctx.Logf("Got request %v %v %v %v", r.URL.Path, r.Host, r.Method, r.URL.String()) - if !r.URL.IsAbs() { - proxy.NonproxyHandler.ServeHTTP(w, r) - return - } - r, resp := proxy.filterRequest(r, ctx) - - if resp == nil { - removeProxyHeaders(ctx, r) - resp, err = ctx.RoundTrip(r) - if err != nil { - ctx.Error = err - resp = proxy.filterResponse(nil, ctx) - if resp == nil { - ctx.Logf("error read response %v %v:", r.URL.Host, err.Error()) - http.Error(w, err.Error(), 500) - return - } - } - ctx.Logf("Received response %v", resp.Status) - } - origBody := resp.Body - resp = proxy.filterResponse(resp, ctx) - defer origBody.Close() - ctx.Logf("Copying response to client %v [%d]", resp.Status, resp.StatusCode) - // http.ResponseWriter will take care of filling the correct response length - // Setting it now, might impose wrong value, contradicting the actual new - // body the user returned. - // We keep the original body to remove the header only if things changed. - // This will prevent problems with HEAD requests where there's no body, yet, - // the Content-Length header should be set. - if origBody != resp.Body { - resp.Header.Del("Content-Length") - } - copyHeaders(w.Header(), resp.Header, proxy.KeepDestinationHeaders) - w.WriteHeader(resp.StatusCode) - nr, err := io.Copy(w, resp.Body) - if err := resp.Body.Close(); err != nil { - ctx.Warnf("Can't close response body %v", err) - } - ctx.Logf("Copied %v bytes to client error=%v", nr, err) - } -} - -// NewProxyHttpServer creates and returns a proxy server, logging to stderr by default -func NewProxyHttpServer() *ProxyHttpServer { - proxy := ProxyHttpServer{ - Logger: log.New(os.Stderr, "", log.LstdFlags), - reqHandlers: []ReqHandler{}, - respHandlers: []RespHandler{}, - httpsHandlers: []HttpsHandler{}, - NonproxyHandler: http.HandlerFunc(func(w http.ResponseWriter, req *http.Request) { - http.Error(w, "This is a proxy server. Does not respond to non-proxy requests.", 500) - }), - Tr: &http.Transport{TLSClientConfig: tlsClientSkipVerify, Proxy: http.ProxyFromEnvironment}, - } - proxy.ConnectDial = dialerFromEnv(&proxy) - - return &proxy -} diff --git a/vendor/github.com/elazarl/goproxy/responses.go b/vendor/github.com/elazarl/goproxy/responses.go deleted file mode 100644 index b304b8829be..00000000000 --- a/vendor/github.com/elazarl/goproxy/responses.go +++ /dev/null @@ -1,38 +0,0 @@ -package goproxy - -import ( - "bytes" - "io/ioutil" - "net/http" -) - -// Will generate a valid http response to the given request the response will have -// the given contentType, and http status. -// Typical usage, refuse to process requests to local addresses: -// -// proxy.OnRequest(IsLocalHost()).DoFunc(func(r *http.Request, ctx *goproxy.ProxyCtx) (*http.Request,*http.Response) { -// return nil,NewResponse(r,goproxy.ContentTypeHtml,http.StatusUnauthorized, -// `Can't use proxy for local addresses`) -// }) -func NewResponse(r *http.Request, contentType string, status int, body string) *http.Response { - resp := &http.Response{} - resp.Request = r - resp.TransferEncoding = r.TransferEncoding - resp.Header = make(http.Header) - resp.Header.Add("Content-Type", contentType) - resp.StatusCode = status - buf := bytes.NewBufferString(body) - resp.ContentLength = int64(buf.Len()) - resp.Body = ioutil.NopCloser(buf) - return resp -} - -const ( - ContentTypeText = "text/plain" - ContentTypeHtml = "text/html" -) - -// Alias for NewResponse(r,ContentTypeText,http.StatusAccepted,text) -func TextResponse(r *http.Request, text string) *http.Response { - return NewResponse(r, ContentTypeText, http.StatusAccepted, text) -} diff --git a/vendor/github.com/elazarl/goproxy/signer.go b/vendor/github.com/elazarl/goproxy/signer.go deleted file mode 100644 index c01ec76d951..00000000000 --- a/vendor/github.com/elazarl/goproxy/signer.go +++ /dev/null @@ -1,88 +0,0 @@ -package goproxy - -import ( - "crypto/rsa" - "crypto/sha1" - "crypto/tls" - "crypto/x509" - "crypto/x509/pkix" - "math/big" - "net" - "runtime" - "sort" - "time" -) - -func hashSorted(lst []string) []byte { - c := make([]string, len(lst)) - copy(c, lst) - sort.Strings(c) - h := sha1.New() - for _, s := range c { - h.Write([]byte(s + ",")) - } - return h.Sum(nil) -} - -func hashSortedBigInt(lst []string) *big.Int { - rv := new(big.Int) - rv.SetBytes(hashSorted(lst)) - return rv -} - -var goproxySignerVersion = ":goroxy1" - -func signHost(ca tls.Certificate, hosts []string) (cert tls.Certificate, err error) { - var x509ca *x509.Certificate - - // Use the provided ca and not the global GoproxyCa for certificate generation. - if x509ca, err = x509.ParseCertificate(ca.Certificate[0]); err != nil { - return - } - start := time.Unix(0, 0) - end, err := time.Parse("2006-01-02", "2049-12-31") - if err != nil { - panic(err) - } - hash := hashSorted(append(hosts, goproxySignerVersion, ":"+runtime.Version())) - serial := new(big.Int) - serial.SetBytes(hash) - template := x509.Certificate{ - // TODO(elazar): instead of this ugly hack, just encode the certificate and hash the binary form. - SerialNumber: serial, - Issuer: x509ca.Subject, - Subject: pkix.Name{ - Organization: []string{"GoProxy untrusted MITM proxy Inc"}, - }, - NotBefore: start, - NotAfter: end, - - KeyUsage: x509.KeyUsageKeyEncipherment | x509.KeyUsageDigitalSignature, - ExtKeyUsage: []x509.ExtKeyUsage{x509.ExtKeyUsageServerAuth}, - BasicConstraintsValid: true, - } - for _, h := range hosts { - if ip := net.ParseIP(h); ip != nil { - template.IPAddresses = append(template.IPAddresses, ip) - } else { - template.DNSNames = append(template.DNSNames, h) - template.Subject.CommonName = h - } - } - var csprng CounterEncryptorRand - if csprng, err = NewCounterEncryptorRandFromKey(ca.PrivateKey, hash); err != nil { - return - } - var certpriv *rsa.PrivateKey - if certpriv, err = rsa.GenerateKey(&csprng, 2048); err != nil { - return - } - var derBytes []byte - if derBytes, err = x509.CreateCertificate(&csprng, &template, x509ca, &certpriv.PublicKey, ca.PrivateKey); err != nil { - return - } - return tls.Certificate{ - Certificate: [][]byte{derBytes, ca.Certificate[0]}, - PrivateKey: certpriv, - }, nil -} diff --git a/vendor/modules.txt b/vendor/modules.txt index 6e79e3b354a..ebd6fd301ab 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -238,9 +238,6 @@ github.com/docker/go-units # github.com/dustin/go-humanize v1.0.0 ## explicit github.com/dustin/go-humanize -# github.com/elazarl/goproxy v0.0.0-20180725130230-947c36da3153 -## explicit -github.com/elazarl/goproxy # github.com/emicklei/go-restful/v3 v3.9.0 ## explicit; go 1.13 github.com/emicklei/go-restful/v3