Permalink
Browse files

Refactoring the HttpsChannelInitialzier to use CertificateSniffingMit…

…mManager.
  • Loading branch information...
cowboygneox committed Jan 21, 2017
1 parent 4cad2f6 commit aa0c656431970eb9d9cc4d070bd247a189b5c37e
@@ -16,10 +16,16 @@
package software.betamax.util.server.internal
+import com.google.common.io.Files
import io.netty.channel.ChannelHandler
import io.netty.channel.socket.SocketChannel
import io.netty.handler.ssl.SslHandler
-import software.betamax.util.DynamicSelfSignedSslEngineSource
+import org.apache.commons.io.FileUtils
+import org.littleshoot.proxy.MitmManager
+import org.littleshoot.proxy.mitm.Authority
+import org.littleshoot.proxy.mitm.CertificateSniffingMitmManager
+
+import java.nio.file.Path
class HttpsChannelInitializer extends HttpChannelInitializer {
@@ -33,10 +39,35 @@ class HttpsChannelInitializer extends HttpChannelInitializer {
def pipeline = channel.pipeline()
- def engine = new DynamicSelfSignedSslEngineSource(channel.localAddress().getHostName(), channel.localAddress().port).newSslEngine()
+ // Use the same betamax private key & cert for backwards compatibility with 2.0.1
+ // We use temporary files here so we don't pollute people's projects with temporary (and fake) keys and certs
+ File tempSSLDir = Files.createTempDir();
+
+ Path storePath = tempSSLDir.toPath().resolve("betamax.p12");
+ InputStream betamaxKeystoreStream = getClass().getClassLoader().getResourceAsStream("betamax.p12");
+ FileUtils.copyInputStreamToFile(betamaxKeystoreStream, storePath.toFile());
+
+ Path keyPath = tempSSLDir.toPath().resolve("betamax.pem");
+ InputStream betamaxKeyStream = getClass().getClassLoader().getResourceAsStream("betamax.pem");
+ FileUtils.copyInputStreamToFile(betamaxKeyStream, keyPath.toFile());
+
+ def hostName = channel.localAddress().getHostName()
+ Authority authority = new Authority(
+ tempSSLDir,
+ hostName,
+ "changeit".toCharArray(),
+ hostName,
+ "Betamax",
+ "Certificate Authority",
+ "Betamax",
+ "betamax.software"
+ );
+
+ MitmManager manager = new CertificateSniffingMitmManager(authority);
+
+ def engine = manager.serverSslEngine()
engine.useClientMode = false
pipeline.addFirst("ssl", new SslHandler(engine))
-
}
}

0 comments on commit aa0c656

Please sign in to comment.