mirror of
https://github.com/sonertari/SSLproxy
synced 2024-11-06 09:20:26 +00:00
69753b250c
The -n command line option enables split mode for all proxyspecs, effectively making sslproxy behave like sslsplit. Divert option can be set/unset globally and per-proxyspec. Add e2e tests for split mode, and update make file for tests accordingly. Update documentation accordingly. Improve code reuse, remove duplicate functions. This change deserves a release of its own, hence v0.8.4.
171 lines
4.8 KiB
JSON
171 lines
4.8 KiB
JSON
{
|
|
"comment": "SSLsplit mode tests for HTTP request headers: SSLproxy, Connection, Upgrade, Keep-Alive, Accept-Encoding, Via, X-Forwarded-For, and Referer",
|
|
"configs": {
|
|
"1": {
|
|
"proto": {
|
|
"proto": "tcp"
|
|
},
|
|
"client": {
|
|
"ip": "127.0.0.1",
|
|
"port": "8190"
|
|
},
|
|
"server": {
|
|
"ip": "127.0.0.1",
|
|
"port": "9190"
|
|
}
|
|
},
|
|
"2": {
|
|
"proto": {
|
|
"proto": "ssl",
|
|
"crt": "server.crt",
|
|
"key": "server.key"
|
|
},
|
|
"client": {
|
|
"ip": "127.0.0.1",
|
|
"port": "8463"
|
|
},
|
|
"server": {
|
|
"ip": "127.0.0.1",
|
|
"port": "9463"
|
|
}
|
|
}
|
|
},
|
|
"tests": {
|
|
"1": {
|
|
"comment": "Removes any extra SSLproxy line, and appends Connection: close",
|
|
"states": {
|
|
"1": {
|
|
"testend": "client",
|
|
"cmd": "send",
|
|
"payload": "GET / HTTP/1.1\r\nHost: example.com\r\nSSLproxy: sslproxy\r\n\r\n"
|
|
},
|
|
"2": {
|
|
"testend": "server",
|
|
"cmd": "recv",
|
|
"payload": "GET / HTTP/1.1\r\nHost: example.com\r\nConnection: close\r\n\r\n"
|
|
}
|
|
}
|
|
},
|
|
"2": {
|
|
"comment": "Removes all extra SSLproxy lines",
|
|
"states": {
|
|
"1": {
|
|
"testend": "client",
|
|
"cmd": "send",
|
|
"payload": "GET / HTTP/1.1\r\nHost: example.com\r\nSSLproxy: sslproxy\r\nSSLproxy: sslproxy\r\n\r\n"
|
|
},
|
|
"2": {
|
|
"testend": "server",
|
|
"cmd": "recv",
|
|
"payload": "GET / HTTP/1.1\r\nHost: example.com\r\nConnection: close\r\n\r\n"
|
|
}
|
|
}
|
|
},
|
|
"3": {
|
|
"comment": "Changes Connection header to close",
|
|
"states": {
|
|
"1": {
|
|
"testend": "client",
|
|
"cmd": "send",
|
|
"payload": "GET / HTTP/1.1\r\nHost: example.com\r\nConnection: Keep-Alive\r\n\r\n"
|
|
},
|
|
"2": {
|
|
"testend": "server",
|
|
"cmd": "recv",
|
|
"payload": "GET / HTTP/1.1\r\nHost: example.com\r\nConnection: close\r\n\r\n"
|
|
}
|
|
}
|
|
},
|
|
"4": {
|
|
"comment": "Suppresses upgrading to SSL/TLS, WebSockets or HTTP/2",
|
|
"states": {
|
|
"1": {
|
|
"testend": "client",
|
|
"cmd": "send",
|
|
"payload": "GET / HTTP/1.1\r\nHost: example.com\r\nUpgrade: websocket\r\n\r\n"
|
|
},
|
|
"2": {
|
|
"testend": "server",
|
|
"cmd": "recv",
|
|
"payload": "GET / HTTP/1.1\r\nHost: example.com\r\nConnection: close\r\n\r\n"
|
|
}
|
|
}
|
|
},
|
|
"5": {
|
|
"comment": "Removes Keep-Alive",
|
|
"states": {
|
|
"1": {
|
|
"testend": "client",
|
|
"cmd": "send",
|
|
"payload": "GET / HTTP/1.1\r\nHost: example.com\r\nKeep-Alive: keep-alive\r\n\r\n"
|
|
},
|
|
"2": {
|
|
"testend": "server",
|
|
"cmd": "recv",
|
|
"payload": "GET / HTTP/1.1\r\nHost: example.com\r\nConnection: close\r\n\r\n"
|
|
}
|
|
}
|
|
},
|
|
"6": {
|
|
"comment": "Does not remove Accept-Encoding by default (it's a config option)",
|
|
"states": {
|
|
"1": {
|
|
"testend": "client",
|
|
"cmd": "send",
|
|
"payload": "GET / HTTP/1.1\r\nHost: example.com\r\nAccept-Encoding: encoding\r\n\r\n"
|
|
},
|
|
"2": {
|
|
"testend": "server",
|
|
"cmd": "recv",
|
|
"payload": "GET / HTTP/1.1\r\nHost: example.com\r\nAccept-Encoding: encoding\r\nConnection: close\r\n\r\n"
|
|
}
|
|
}
|
|
},
|
|
"7": {
|
|
"comment": "SSLsplit mode does not remove Via (it is removed by child conns)",
|
|
"states": {
|
|
"1": {
|
|
"testend": "client",
|
|
"cmd": "send",
|
|
"payload": "GET / HTTP/1.1\r\nHost: example.com\r\nVia: via\r\n\r\n"
|
|
},
|
|
"2": {
|
|
"testend": "server",
|
|
"cmd": "recv",
|
|
"payload": "GET / HTTP/1.1\r\nHost: example.com\r\nVia: via\r\nConnection: close\r\n\r\n"
|
|
}
|
|
}
|
|
},
|
|
"8": {
|
|
"comment": "SSLsplit mode does not removes X-Forwarded-For (it is removed by child conns)",
|
|
"states": {
|
|
"1": {
|
|
"testend": "client",
|
|
"cmd": "send",
|
|
"payload": "GET / HTTP/1.1\r\nHost: example.com\r\nX-Forwarded-For: x-forwarded-for\r\n\r\n"
|
|
},
|
|
"2": {
|
|
"testend": "server",
|
|
"cmd": "recv",
|
|
"payload": "GET / HTTP/1.1\r\nHost: example.com\r\nX-Forwarded-For: x-forwarded-for\r\nConnection: close\r\n\r\n"
|
|
}
|
|
}
|
|
},
|
|
"9": {
|
|
"comment": "Removes Referer",
|
|
"states": {
|
|
"1": {
|
|
"testend": "client",
|
|
"cmd": "send",
|
|
"payload": "GET / HTTP/1.1\r\nHost: example.com\r\nReferer: referer\r\n\r\n"
|
|
},
|
|
"2": {
|
|
"testend": "server",
|
|
"cmd": "recv",
|
|
"payload": "GET / HTTP/1.1\r\nHost: example.com\r\nConnection: close\r\n\r\n"
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|