• Matt Holt's avatar
    Detect HTTPS interception (#1430) · 82cbd7a9
    Matt Holt authored
    * WIP: Implement HTTPS interception detection by Durumeric, et. al.
    
    Special thanks to @FiloSottile for guidance with the custom listener.
    
    * Add {{.IsMITM}} context action and {mitm} placeholder
    
    * Improve MITM detection heuristics for Firefox and Edge
    
    * Add tests for MITM detection heuristics
    
    * Improve Safari heuristics for interception detection
    
    * Read ClientHello during first Read() instead of during Accept()
    
    As far as I can tell, reading the ClientHello during Accept() prevents
    new connections from being accepted during the read. Since Read() should
    be called in its own goroutine, this keeps Accept() non-blocking.
    
    * Clean up MITM detection handler; make possible to close connection
    
    * Use standard lib cipher suite values when possible
    
    * Improve Edge heuristics and test cases
    
    * Refactor MITM checking logic; add some debug statements for now
    
    * Fix bug in MITM heuristic tests and actual heuristic code
    
    * Fix gofmt
    
    * Remove debug statements; preparing for merge
    82cbd7a9
context.go 8.68 KB