Skip to content

A SNI proxy library for Golang that allows for conditional routing.

License

Notifications You must be signed in to change notification settings

sausagenoods/snitch

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

2 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Snitch

GoDoc

Snitch is a SNI proxy library for Golang that allows for conditional routing through user supplied allow function.

Examples

HTTPS Proxy Authentication

Proxies request to the HTTPS proxy server only if the server name contains the correct credentials. In this example only the requests to s3cret.proxy.digilol.net are proxied. The HTTPS proxy server is given the wildcard certificate for *.proxy.digilol.net, and is bound to 127.0.0.1:4443.

This is useful when your browser/client does not support HTTP(S) proxy authentication.

package main

import (
	"log"
	"strings"

	"gitlab.com/sausagenoods/snitch"
)

var proxyDomain = ".proxy.digilol.net"

func main() {
	s := &snitch.SniProxy{
		BindAddr: "0.0.0.0:443",
		DestAddr: "127.0.0.1:4443",
		AllowFunc: customAuth,
	}
	log.Fatal(s.Serve())
}

func customAuth(serverName string) bool {
	if !strings.HasSuffix(serverName, proxyDomain) {
		log.Println("Blocking connection to unauthorized backend")
		return false
	}
	creds := strings.ReplaceAll(serverName, proxyDomain, "")
	if creds == "s3cret" {
		return true
	}
	log.Println("Wrong credentials supplied:", creds)
	return false
}

About

A SNI proxy library for Golang that allows for conditional routing.

Topics

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages