MCPcopy
hub / github.com/bettercap/bettercap / TLSConfigFromCA

Method TLSConfigFromCA

modules/http_proxy/http_proxy_base.go:265–298  ·  view source on GitHub ↗
(ca *tls.Certificate)

Source from the content-addressed store, hash-verified

263}
264
265func (p *HTTPProxy) TLSConfigFromCA(ca *tls.Certificate) func(host string, ctx *goproxy.ProxyCtx) (*tls.Config, error) {
266 return func(host string, ctx *goproxy.ProxyCtx) (c *tls.Config, err error) {
267 parts := strings.SplitN(host, ":", 2)
268 hostname := parts[0]
269 port := 443
270 if len(parts) > 1 {
271 port, err = strconv.Atoi(parts[1])
272 if err != nil {
273 port = 443
274 }
275 }
276
277 cert := getCachedCert(hostname, port)
278 if cert == nil {
279 p.Info("creating spoofed certificate for %s:%d", tui.Yellow(hostname), port)
280 cert, err = btls.SignCertificateForHost(ca, hostname, port)
281 if err != nil {
282 p.Warning("cannot sign host certificate with provided CA: %s", err)
283 return nil, err
284 }
285
286 setCachedCert(hostname, port, cert)
287 } else {
288 p.Debug("serving spoofed certificate for %s:%d", tui.Yellow(hostname), port)
289 }
290
291 config := tls.Config{
292 InsecureSkipVerify: true,
293 Certificates: []tls.Certificate{*cert},
294 }
295
296 return &config, nil
297 }
298}
299
300func (p *HTTPProxy) ConfigureTLS(address string, proxyPort int, httpPort int, doRedirect bool, scriptPath string,
301 certFile string,

Callers 1

ConfigureTLSMethod · 0.95

Calls 5

InfoMethod · 0.95
WarningMethod · 0.95
DebugMethod · 0.95
getCachedCertFunction · 0.85
setCachedCertFunction · 0.85

Tested by

no test coverage detected