add option to skip TLS verification

2023-08-03 15:42:22 +02:00 · 2023-08-03 15:42:22 +02:00 · 9993d9a8ef
parent d6e0b063e0
commit 9993d9a8ef
5 changed files with 29 additions and 14 deletions
--- a/.gitignore
+++ b/.gitignore
@ -1,5 +1 @@
-.idea
-debug
-debug.test
-*.exe
-capture
+/build
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@ -1,5 +1,11 @@
 ## [Unreleased]

+## v1.4.0
+### Added
+- add option to skil TLS verification
+### Changed
+- build binaries are nenamed
+
 ## v1.3.1
 ### Added
 - add makefile to manage build
--- a/README.md
+++ b/README.md
@ -19,13 +19,14 @@ docker run -p 9000:9000 -p 9001:9001 deblan/capture -url=https://example.com/ -p

 #### Settings

-| param          | description                                                   |
-| -------------- | -------------                                                 |
-| `-url`         | **Required.** Set the url you want to proxy                   |
-| `-port`        | Set the proxy port. Default: *9000*                           |
-| `-dashboard`   | Set the dashboard port. Default: *9001*                       |
-| `-captures`    | Set how many captures to show in the dashboard. Default: *16* |
-| `-config`      | Set the configuration file. Default: *.capture.ini*           |
+| param              | description                                                   |
+| --------------     | -------------                                                 |
+| `-url`             | **Required.** Set the url you want to proxy                   |
+| `-port`            | Set the proxy port. Default: *9000*                           |
+| `-dashboard`       | Set the dashboard port. Default: *9001*                       |
+| `-captures`        | Set how many captures to show in the dashboard. Default: *16* |
+| `-tls-skip-verify` | Skip TLS vertificaton. Default: *false*                       |
+| `-config`          | Set the configuration file. Default: *.capture.ini*           |

 You can create a file named `.capture.ini` and set the configuration inside:

@ -34,6 +35,7 @@ url = https://example.com/
 port = 9000
 dashboard = 9001
 captures = 16
+tls_skip_verify = false
 ```

 ## Using
--- a/config.go
+++ b/config.go
@ -12,6 +12,7 @@ type Config struct {
 	TargetURL     string
 	ProxyPort     string
 	DashboardPort string
+	TLSSkipVerify bool
 	MaxCaptures   int
 }

@ -22,12 +23,14 @@ func ReadConfig() Config {
 	defaultDashboardPort := "9001"
 	defaultMaxCaptures := 16
 	defaultConfigFile := ".capture.ini"
+	defaultTLSSkipVerify := false

 	targetURL := flag.String("url", defaultTargetURL, "Required. Set the url you want to proxy")
 	configFile := flag.String("config", defaultConfigFile, "Set the configuration file")
 	proxyPort := flag.String("port", defaultProxyPort, "Set the proxy port")
 	dashboardPort := flag.String("dashboard", defaultDashboardPort, "Set the dashboard port")
 	maxCaptures := flag.Int("captures", defaultMaxCaptures, "Set how many captures to show in the dashboard")
+	TLSSkipVerify := flag.Bool("tls-skip-verify", defaultTLSSkipVerify, "Skip TLS vertification")

 	flag.Parse()

@ -46,6 +49,7 @@ func ReadConfig() Config {
 			ProxyPort:     section.Key("port").MustString(*proxyPort),
 			MaxCaptures:   section.Key("captures").MustInt(*maxCaptures),
 			DashboardPort: section.Key("dashboard").MustString(*dashboardPort),
+			TLSSkipVerify: section.Key("tls_skip_verify").MustBool(*TLSSkipVerify),
 		}
 	}

@ -54,5 +58,6 @@ func ReadConfig() Config {
 		ProxyPort:     *proxyPort,
 		MaxCaptures:   *maxCaptures,
 		DashboardPort: *dashboardPort,
+		TLSSkipVerify: *TLSSkipVerify,
 	}
 }
--- a/main.go
+++ b/main.go
@ -3,6 +3,7 @@ package main
 import (
 	"bytes"
 	"compress/gzip"
+	"crypto/tls"
 	_ "embed"
 	"encoding/json"
 	"fmt"
@ -36,7 +37,7 @@ func main() {
 	fmt.Println()

 	srv := NewCaptureService(cfg.MaxCaptures)
-	hdr := NewRecorderHandler(srv, NewPluginHandler(NewProxyHandler(cfg.TargetURL)))
+	hdr := NewRecorderHandler(srv, NewPluginHandler(NewProxyHandler(cfg.TargetURL, cfg.TLSSkipVerify)))

 	go func() {
 		fmt.Println(http.ListenAndServe(":"+cfg.DashboardPort, NewDashboardHandler(hdr, srv, cfg)))
@ -230,9 +231,14 @@ func NewRecorderHandler(srv *CaptureService, next http.HandlerFunc) http.Handler
 }

 // NewProxyHandler is the reverse proxy handler.
-func NewProxyHandler(URL string) http.HandlerFunc {
+func NewProxyHandler(URL string, TLSSkipVerify bool) http.HandlerFunc {
 	url, _ := url.Parse(URL)
 	proxy := httputil.NewSingleHostReverseProxy(url)
+	insecureTransport := &http.Transport{
+		TLSClientConfig: &tls.Config{InsecureSkipVerify: TLSSkipVerify},
+	}
+	proxy.Transport = insecureTransport
+
 	proxy.ErrorHandler = func(rw http.ResponseWriter, req *http.Request, err error) {
 		fmt.Printf("Uh oh | %v | %s %s\n", err, req.Method, req.URL)
 		rw.WriteHeader(StatusInternalProxyError)