omjadas
commented
1 year ago When you say without TLS, do you mean block any attempts to establish a TLS connection, or do you mean tunnel TLS connections without intercepting?
Closed doccccccccc closed 1 year ago
omjadas
commented
1 year ago When you say without TLS, do you mean block any attempts to establish a TLS connection, or do you mean tunnel TLS connections without intercepting?
doccccccccc
commented
1 year ago Running it without a root certificate
omjadas
commented
1 year ago I have published v0.19.1, which allows the HttpHandler to control whether a CONNECT request should be intercepted. If you do something like the following (where you always return false from should_intercept) then the CA will never be used and thus doesn't need to do anything. Of course, this means that you won't be able to intercept HTTPS requests.
use http::uri::Authority;
use hudsucker::{
async_trait::async_trait,
certificate_authority::CertificateAuthority,
hyper::{Body, Client, Request},
rustls::ServerConfig,
*,
};
use std::{net::SocketAddr, sync::Arc};
async fn shutdown_signal() {
tokio::signal::ctrl_c()
.await
.expect("Failed to install CTRL+C signal handler");
}
struct NoCa;
#[async_trait]
impl CertificateAuthority for NoCa {
async fn gen_server_config(&self, _authority: &Authority) -> Arc<ServerConfig> {
unreachable!();
}
}
#[derive(Clone)]
struct MyHandler;
#[async_trait]
impl HttpHandler for MyHandler {
async fn should_intercept(&mut self, _ctx: &HttpContext, _req: &Request<Body>) -> bool {
false
}
}
#[tokio::main]
async fn main() {
let proxy = Proxy::builder()
.with_addr(SocketAddr::from(([127, 0, 0, 1], 3000)))
.with_client(Client::new())
.with_ca(NoCa)
.with_http_handler(MyHandler)
.build();
proxy.start(shutdown_signal()).await.unwrap()
}
I want to proxy http only requests. Is this possible?