// session variable must be aligned in i386

// see http://golang.org/src/pkg/sync/atomic/doc.go#L41

sess int64

// setting Verbose to true will log information on each request sent to the proxy

Verbose bool

// SniffSNI enables sniffing Server Name Indicator when doing CONNECT calls. It will thus answer to CONNECT calls with a "200 OK" even if the remote server might not answer. The result would be the shutdown of the connection instead of an appropriate HTTP error code if the remote node doesn't answer.

SniffSNI bool

Logger *log.Logger

// Registered handlers

connectHandlers []Handler

requestHandlers []Handler

responseHandlers []Handler

doneHandlers []Handler

// NonProxyHandler will be used to handle direct connections to the proxy. You can assign an `http.ServeMux` or some other routing libs here. The default will return a 500 error saying this is a proxy and has nothing to serve by itself.

NonProxyHandler http.Handler

// Logging and round-tripping

harLog *har.Har

harLogEntryCh chan harReqAndResp

harFlushRequest chan string

harFlusherRunOnce sync.Once

// Custom transport to be used

Transport *http.Transport

// Setting MITMCertConfig allows you to override the default CA cert/key used to sign MITM'd requests.

MITMCertConfig *GoproxyConfig

// ConnectDial will be used to create TCP connections for CONNECT requests

// if nil, .Transport.Dial will be used

ConnectDial func(network string, addr string) (net.Conn, error)

proxy := ProxyHttpServer{

Logger: log.New(os.Stderr, "", log.LstdFlags),

requestHandlers: []Handler{},

responseHandlers: []Handler{},

connectHandlers: []Handler{},

NonProxyHandler: http.HandlerFunc(func(w http.ResponseWriter, req *http.Request) {

http.Error(w, "This is a proxy server. Does not respond to non-proxy requests.", 500)

}),

Transport: &http.Transport{

TLSClientConfig: tlsClientSkipVerify,

Proxy: http.ProxyFromEnvironment,

},

MITMCertConfig: GoproxyCaConfig,

harLog: har.New(),

harLogEntryCh: make(chan harReqAndResp, 10),

harFlushRequest: make(chan string, 10),

}

proxy.ConnectDial = dialerFromEnv(&proxy)

return &proxy

//r.Header["X-Forwarded-For"] = w.RemoteAddr()

ctx := &ProxyCtx{

Method: r.Method,

SourceIP: r.RemoteAddr, // pick it from somewhere else ? have a plugin to override this ?

Req: r,

ResponseWriter: w,

UserData: make(map[string]string),

UserObjects: make(map[string]interface{}),

Session: atomic.AddInt64(&proxy.sess, 1),

proxy: proxy,

MITMCertConfig: proxy.MITMCertConfig,

}

ctx.host = r.URL.Host

if strings.IndexRune(ctx.host, ':') == -1 {

if r.URL.Scheme == "http" {

ctx.host += ":80"

} else if r.URL.Scheme == "https" {

ctx.host += ":443"

}

}

if r.Method == "CONNECT" {

proxy.dispatchConnectHandlers(ctx)

} else {

ctx.Logf("Got request %v %v %v %v", r.URL.Path, r.Host, r.Method, r.URL.String())

if !r.URL.IsAbs() {

proxy.NonProxyHandler.ServeHTTP(w, r)

return

}

proxy.dispatchRequestHandlers(ctx)

}

// TODO: implement listening on a port for HTTP transparent proxying

// TODO: implement listening on a port for HTTPS transparent proxying

return http.ListenAndServe(addr, proxy)

if proxy.Verbose {

proxy.Logger.Printf("INFO: "+msg+"\n", v...)

}