SetCBShim wires the eBPF channel-binding shim handle into the proxy. Typically called by the agent that owns the cbshim lifecycle, once per proxy instance, before StartProxy. Pass nil to disable. Also installs the tls.MITMPublishHook so CertForClient publishes the MITM half of every connection's cb
(c cbshim.CBShim)
| 291 | // MITM half of every connection's cbshim rendezvous. Cleared (back to |
| 292 | // nil) when called with a nil cbshim. |
| 293 | func (p *Proxy) SetCBShim(c cbshim.CBShim) { |
| 294 | p.cbshim = c |
| 295 | if c == nil { |
| 296 | pTls.SetMITMPublishHook(nil) |
| 297 | return |
| 298 | } |
| 299 | pTls.SetMITMPublishHook(func(connID string, mitmDER []byte) { |
| 300 | c.RegisterMITM(connID, mitmDER) |
| 301 | }) |
| 302 | } |
| 303 | |
| 304 | // SetSkipListener disables the TCP accept loop. |
| 305 | func (p *Proxy) SetSkipListener(skip bool) { |
no test coverage detected