func TestGoproxyHijackConnect(t *testing.T) {
proxy := goproxy.NewProxyHttpServer()
proxy.OnRequest(goproxy.ReqHostIs(srv.Listener.Addr().String())).
HijackConnect(func(req *http.Request, client net.Conn, ctx *goproxy.ProxyCtx) {
t.Logf("URL %+#v\nSTR %s", req.URL, req.URL.String())
resp, err := http.Get("http:" + req.URL.String() + "/bobo")
panicOnErr(err, "http.Get(CONNECT url)")
panicOnErr(resp.Write(client), "resp.Write(client)")
resp.Body.Close()
client.Close()
})
client, l := oneShotProxy(proxy, t)
defer l.Close()
proxyAddr := l.Listener.Addr().String()
conn, err := net.Dial("tcp", proxyAddr)
panicOnErr(err, "conn "+proxyAddr)
buf := bufio.NewReader(conn)
writeConnect(conn)
readConnectResponse(buf)
if txt := readResponse(buf); txt != "bobo" {
t.Error("Expected bobo for CONNECT /foo, got", txt)
}
if r := string(getOrFail(https.URL+"/bobo", client, t)); r != "bobo" {
t.Error("Expected bobo would keep working with CONNECT", r)
}
}
func TestSimpleMitm(t *testing.T) {
proxy := goproxy.NewProxyHttpServer()
proxy.OnRequest(goproxy.ReqHostIs(https.Listener.Addr().String())).HandleConnect(goproxy.AlwaysMitm)
proxy.OnRequest(goproxy.ReqHostIs("no such host exists")).HandleConnect(goproxy.AlwaysMitm)
client, l := oneShotProxy(proxy, t)
defer l.Close()
c, err := tls.Dial("tcp", https.Listener.Addr().String(), &tls.Config{InsecureSkipVerify: true})
if err != nil {
t.Fatal("cannot dial to tcp server", err)
}
origCert := getCert(c, t)
c.Close()
c2, err := net.Dial("tcp", l.Listener.Addr().String())
if err != nil {
t.Fatal("dialing to proxy", err)
}
creq, err := http.NewRequest("CONNECT", https.URL, nil)
//creq,err := http.NewRequest("CONNECT","https://google.com:443",nil)
if err != nil {
t.Fatal("create new request", creq)
}
creq.Write(c2)
c2buf := bufio.NewReader(c2)
resp, err := http.ReadResponse(c2buf, creq)
if err != nil || resp.StatusCode != 200 {
t.Fatal("Cannot CONNECT through proxy", err)
}
c2tls := tls.Client(c2, &tls.Config{InsecureSkipVerify: true})
proxyCert := getCert(c2tls, t)
if bytes.Equal(proxyCert, origCert) {
t.Errorf("Certificate after mitm is not different\n%v\n%v",
base64.StdEncoding.EncodeToString(origCert),
base64.StdEncoding.EncodeToString(proxyCert))
}
if resp := string(getOrFail(https.URL+"/bobo", client, t)); resp != "bobo" {
t.Error("Wrong response when mitm", resp, "expected bobo")
}
if resp := string(getOrFail(https.URL+"/query?result=bar", client, t)); resp != "bar" {
t.Error("Wrong response when mitm", resp, "expected bar")
}
}
func TestMitmIsFiltered(t *testing.T) {
client, proxy, l := oneShotProxy(t)
defer l.Close()
//proxy.Verbose = true
proxy.OnRequest(goproxy.ReqHostIs(https.Listener.Addr().String())).HandleConnect(goproxy.AlwaysMitm)
proxy.OnRequest(goproxy.UrlIs("/momo")).DoFunc(func(req *http.Request, ctx *goproxy.ProxyCtx) (*http.Request, *http.Response) {
return nil, goproxy.TextResponse(req, "koko")
})
if resp := string(getOrFail(https.URL+"/momo", client, t)); resp != "koko" {
t.Error("Proxy should capture /momo to be koko and not", resp)
}
if resp := string(getOrFail(https.URL+"/bobo", client, t)); resp != "bobo" {
t.Error("But still /bobo should be bobo and not", resp)
}
}