diff --git a/CLAUDE.md b/CLAUDE.md deleted file mode 100644 index dc9b56f..0000000 --- a/CLAUDE.md +++ /dev/null @@ -1,110 +0,0 @@ -# CLAUDE.md - -This file provides guidance to Claude Code (claude.ai/code) when working with code in this repository. - -## Project Overview - -This is a Rust HTTP MITM (Man-in-the-Middle) proxy library designed to be a backend for applications like Burp Proxy. It enables inspection of HTTP/HTTPS traffic by dynamically generating TLS certificates. - -### Key Features -- HTTP/HTTPS traffic interception via on-the-fly certificate signing -- WebSocket support (raw traffic only) -- Server-Sent Events support -- Certificate caching with moka -- Support for both native-tls and rustls TLS backends - -## Development Commands - -### Building and Testing -```bash -# Build the project -cargo build - -# Run tests -cargo test - -# Build documentation -cargo doc --open - -# Run clippy for linting -cargo clippy - -# Format code -cargo fmt - -# Build examples -cargo build --examples - -# Run a specific example (proxy server) -cargo run --example proxy - -# Run with specific features -cargo build --no-default-features --features rustls-client -``` - -### Testing with Different TLS Backends -The crate supports two TLS client backends: -- `native-tls-client` (default) -- `rustls-client` - -Only one can be enabled at a time due to compile-time checks. - -## Architecture - -### Core Components - -**MitmProxy** (`src/lib.rs`): The main proxy server struct that handles: -- HTTP CONNECT method tunneling for HTTPS -- Certificate generation and caching -- Service wrapping for request/response interception -- Both HTTP/1.1 and HTTP/2 support with ALPN negotiation - -**DefaultClient** (`src/default_client.rs`): HTTP client implementation with: -- Automatic TLS connection handling -- HTTP version negotiation (HTTP/1.1 vs HTTP/2) -- WebSocket upgrade support -- Connection pooling preparation (TODO) - -**TLS Certificate Generation** (`src/tls.rs`): -- Dynamic certificate creation signed by a root CA -- Certificate serialization to DER format -- Integration with rcgen for certificate generation - -### Request Flow - -1. **HTTP Requests**: Passed directly to the user-provided service -2. **HTTPS Requests** (CONNECT method): - - Proxy establishes TLS connection with dynamically generated certificate - - Decrypts HTTPS traffic for inspection - - Re-encrypts and forwards to destination - - Falls back to TCP tunneling if no root certificate provided - -### Certificate Management - -The proxy can operate in two modes: -- **With Root Certificate**: Full HTTPS inspection by generating fake certificates -- **Without Root Certificate**: Simple TCP tunneling for HTTPS (no inspection) - -Certificate caching is handled via moka::sync::Cache with hostname as the key. - -## Development Notes - -### Feature Flags -- `native-tls-client`: Uses native-tls for TLS connections (default) -- `rustls-client`: Uses rustls for TLS connections -- Cannot enable both simultaneously (compile error) - -### Testing Setup -Tests use incremental port allocation starting from 3666 to avoid conflicts. The test suite includes: -- HTTP/HTTPS proxy functionality -- WebSocket proxying -- Server-Sent Events -- Certificate generation and validation - -### Examples -The `examples/` directory contains practical usage patterns: -- `proxy.rs`: Basic HTTP/HTTPS proxy with certificate generation -- `https.rs`: HTTPS-specific proxy setup -- `websocket.rs`: WebSocket proxying demonstration -- `reqwest_proxy.rs`: Integration with reqwest HTTP client -- `dev_proxy.rs`: Development/debugging proxy setup \ No newline at end of file diff --git a/Cargo.lock b/Cargo.lock index e5ec732..6d3578a 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -73,7 +73,7 @@ dependencies = [ "nom", "num-traits", "rusticata-macros", - "thiserror 2.0.17", + "thiserror 2.0.18", "time", ] @@ -114,9 +114,9 @@ checksum = "c08606f8c3cbf4ce6ec8e28fb0014a2c086708fe954eaa885384a6165172e7e8" [[package]] name = "aws-lc-rs" -version = "1.15.3" +version = "1.15.4" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "e84ce723ab67259cfeb9877c6a639ee9eb7a27b28123abd71db7f0d5d0cc9d86" +checksum = "7b7b6141e96a8c160799cc2d5adecd5cbbe5054cb8c7c4af53da0f83bb7ad256" dependencies = [ "aws-lc-sys", "zeroize", @@ -124,9 +124,9 @@ dependencies = [ [[package]] name = "aws-lc-sys" -version = "0.36.0" +version = "0.37.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "43a442ece363113bd4bd4c8b18977a7798dd4d3c3383f34fb61936960e8f4ad8" +checksum = "5c34dda4df7017c8db52132f0f8a2e0f8161649d15723ed63fc00c82d0f2081a" dependencies = [ "cc", "cmake", @@ -212,9 +212,9 @@ checksum = "b35204fbdc0b3f4446b89fc1ac2cf84a8a68971995d0bf2e925ec7cd960f9cb3" [[package]] name = "cc" -version = "1.2.53" +version = "1.2.54" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "755d2fce177175ffca841e9a06afdb2c4ab0f593d53b4dee48147dfaade85932" +checksum = "6354c81bbfd62d9cfa9cb3c773c2b7b2a3a482d569de977fd0e961f6e7c00583" dependencies = [ "find-msvc-tools", "jobserver", @@ -687,7 +687,7 @@ dependencies = [ [[package]] name = "http-mitm-proxy" -version = "0.17.0" +version = "0.18.0" dependencies = [ "axum", "bytes", @@ -702,7 +702,7 @@ dependencies = [ "rcgen", "reqwest", "rustls-pki-types", - "thiserror 2.0.17", + "thiserror 2.0.18", "tokio", "tokio-native-tls", "tokio-rustls", @@ -1125,9 +1125,9 @@ dependencies = [ [[package]] name = "num-conv" -version = "0.1.0" +version = "0.2.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "51d515d32fb182ee37cda2ccdcb92950d6a3c2893aa280e540671c2cd0f3b1d9" +checksum = "cf97ec579c3c42f953ef76dbf8d55ac91fb219dde70e49aa4a6b7d74e9919050" [[package]] name = "num-integer" @@ -1202,9 +1202,9 @@ checksum = "d05e27ee213611ffe7d6348b942e8f942b37114c00cc03cec254295a4a17852e" [[package]] name = "openssl-probe" -version = "0.2.0" +version = "0.2.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "9f50d9b3dabb09ecd771ad0aa242ca6894994c130308ca3d7684634df8037391" +checksum = "7c87def4c32ab89d880effc9e097653c8da5d6ef28e6b539d313baaacfbafcbe" [[package]] name = "openssl-sys" @@ -1307,9 +1307,9 @@ dependencies = [ [[package]] name = "proc-macro2" -version = "1.0.105" +version = "1.0.106" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "535d180e0ecab6268a3e718bb9fd44db66bbbc256257165fc699dadf70d16fe7" +checksum = "8fd00f0bb2e90d81d1044c2b32617f68fcb9fa3bb7640c23e9c748e53fb30934" dependencies = [ "unicode-ident", ] @@ -1328,7 +1328,7 @@ dependencies = [ "rustc-hash", "rustls", "socket2", - "thiserror 2.0.17", + "thiserror 2.0.18", "tokio", "tracing", "web-time", @@ -1350,7 +1350,7 @@ dependencies = [ "rustls", "rustls-pki-types", "slab", - "thiserror 2.0.17", + "thiserror 2.0.18", "tinyvec", "tracing", "web-time", @@ -1372,9 +1372,9 @@ dependencies = [ [[package]] name = "quote" -version = "1.0.43" +version = "1.0.44" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "dc74d9a594b72ae6656596548f56f667211f8a97b3d4c3d467150794690dc40a" +checksum = "21b2ebcf727b7760c461f091f9f0f539b77b8e87f2fd88131e7f1b433b3cece4" dependencies = [ "proc-macro2", ] @@ -1416,9 +1416,9 @@ dependencies = [ [[package]] name = "rcgen" -version = "0.14.6" +version = "0.14.7" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "3ec0a99f2de91c3cddc84b37e7db80e4d96b743e05607f647eb236fc0455907f" +checksum = "10b99e0098aa4082912d4c649628623db6aba77335e4f4569ff5083a6448b32e" dependencies = [ "pem", "ring", @@ -1555,7 +1555,7 @@ version = "0.8.3" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "612460d5f7bea540c490b2b6395d8e34a953e52b491accd6c86c8164c5932a63" dependencies = [ - "openssl-probe 0.2.0", + "openssl-probe 0.2.1", "rustls-pki-types", "schannel", "security-framework 3.5.1", @@ -1777,9 +1777,9 @@ checksum = "67b1b7a3b5fe4f1376887184045fcf45c69e92af734b7aaddc05fb777b6fbd03" [[package]] name = "socket2" -version = "0.6.1" +version = "0.6.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "17129e116933cf371d018bb80ae557e889637989d8638274fb25622827b03881" +checksum = "86f4aa3ad99f2088c990dfa82d367e19cb29268ed67c574d10d0a4bfe71f07e0" dependencies = [ "libc", "windows-sys 0.60.2", @@ -1885,11 +1885,11 @@ dependencies = [ [[package]] name = "thiserror" -version = "2.0.17" +version = "2.0.18" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f63587ca0f12b72a0600bcba1d40081f830876000bb46dd2337a3051618f4fc8" +checksum = "4288b5bcbc7920c07a1149a35cf9590a2aa808e0bc1eafaade0b80947865fbc4" dependencies = [ - "thiserror-impl 2.0.17", + "thiserror-impl 2.0.18", ] [[package]] @@ -1905,9 +1905,9 @@ dependencies = [ [[package]] name = "thiserror-impl" -version = "2.0.17" +version = "2.0.18" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "3ff15c8ecd7de3849db632e14d18d2571fa09dfc5ed93479bc4485c7a517c913" +checksum = "ebc4ee7f67670e9b64d05fa4253e753e016c6c95ff35b89b7941d6b856dec1d5" dependencies = [ "proc-macro2", "quote", @@ -1925,9 +1925,9 @@ dependencies = [ [[package]] name = "time" -version = "0.3.45" +version = "0.3.46" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f9e442fc33d7fdb45aa9bfeb312c095964abdf596f7567261062b2a7107aaabd" +checksum = "9da98b7d9b7dad93488a84b8248efc35352b0b2657397d4167e7ad67e5d535e5" dependencies = [ "deranged", "itoa", @@ -1940,15 +1940,15 @@ dependencies = [ [[package]] name = "time-core" -version = "0.1.7" +version = "0.1.8" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "8b36ee98fd31ec7426d599183e8fe26932a8dc1fb76ddb6214d05493377d34ca" +checksum = "7694e1cfe791f8d31026952abf09c69ca6f6fa4e1a1229e18988f06a04a12dca" [[package]] name = "time-macros" -version = "0.2.25" +version = "0.2.26" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "71e552d1249bf61ac2a52db88179fd0673def1e1ad8243a00d9ec9ed71fee3dd" +checksum = "78cc610bac2dcee56805c99642447d4c5dbde4d01f752ffea0199aee1f601dc4" dependencies = [ "num-conv", "time-core", @@ -2644,7 +2644,7 @@ dependencies = [ "oid-registry", "ring", "rusticata-macros", - "thiserror 2.0.17", + "thiserror 2.0.18", "time", ] @@ -2762,6 +2762,6 @@ dependencies = [ [[package]] name = "zmij" -version = "1.0.14" +version = "1.0.16" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "bd8f3f50b848df28f887acb68e41201b5aea6bc8a8dacc00fb40635ff9a72fea" +checksum = "dfcd145825aace48cff44a8844de64bf75feec3080e0aa5cdbde72961ae51a65" diff --git a/Cargo.toml b/Cargo.toml index 04a038d..b9c3d8b 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "http-mitm-proxy" -version = "0.17.0" +version = "0.18.0" description = "A HTTP proxy server library intended to be a backend of application like Burp proxy." readme = "README.md" repository = "https://github.com/hatoo/http-mitm-proxy"