optimize self-signed certs

2025-04-24 08:41:31 +00:00 · 2014-08-22 17:00:20 +08:00 · 2014-08-22 17:00:20 +08:00 · f438bed1e6
commit f438bed1e6
parent baf7f0e289
3 changed files with 10 additions and 7 deletions
--- a/cert/gen-rootCA
+++ b/cert/gen-rootCA
@ -3,7 +3,8 @@
 outputPath=$1
 cd $outputPath
 openssl genrsa -out rootCA.key 2048
-openssl req -x509 -new -nodes -key rootCA.key -days 36500 -out rootCA.crt
+openssl req -x509 -new -nodes -key rootCA.key -days 36500 -out rootCA.crt \
+     -subj "/C=CN/ST=SH/L=SH/O=AnyProxy/OU=Section/CN=AnyProxy/emailAddress=AnyProxy@AnyProxy"
 echo "============="
 echo "rootCA generated at :"
 pwd
--- a/lib/requestHandler.js
+++ b/lib/requestHandler.js
@ -20,7 +20,7 @@ var handleRule = {
        // }
    ]
    ,httpsConfig:{
-        bypassAll : false,
+        bypassAll : true,
        interceptDomains:["^.*alibaba-inc\.com$"]
    }
 };
@ -51,6 +51,7 @@ function userRequestHandler(req,userRes){
        var hostTest = new RegExp(rule.host).test(host),
            pathTest = new RegExp(rule.path).test(path);

+        //TODO : CORS for local file
        if(hostTest && pathTest && (rule.localFile || rule.localDir) ){
            console.log("==>meet the rules, will map to local file");

@ -112,12 +113,13 @@ function connectReqHandler(req, socket, head){
        targetPort= req.url.split(":")[1],
        httpsRule = handleRule.httpsConfig;

-    var shouldBypass = httpsRule.bypassAll;
+    var shouldBypass = !!httpsRule.bypassAll;
    if(!shouldBypass){ //read rules
+        shouldBypass = true;
        for(var index in httpsRule.interceptDomains){
            var reg = new RegExp(httpsRule.interceptDomains[index]);
            if( reg.test(hostname) ){
-                shouldBypass = true;
+                shouldBypass = false;
                break;
            }
        }
@ -126,7 +128,7 @@ function connectReqHandler(req, socket, head){
    console.log(color.green("\nreceived https CONNECT request " + hostname));

    if(shouldBypass){
-        console.log("==>meet the rules, will bypass the man-in-the-middle proxy");
+        console.log("==>will bypass the man-in-the-middle proxy");
        try{
            var conn = net.connect(targetPort, hostname, function(){
                socket.write('HTTP/' + req.httpVersion + ' 200 OK\r\n\r\n', 'UTF-8', function() {
@ -144,7 +146,7 @@ function connectReqHandler(req, socket, head){

    }else{
        //TODO : remote port other than 433
-        console.log("==>will forward to local https server");
+        console.log("==>meet the rules, will forward to local https server");

        //forward the https-request to local https server
        httpsServerMgrInstance.fetchPort(hostname,userRequestHandler,function(err,port){
--- a/package.json
+++ b/package.json
@ -1,6 +1,6 @@
 {
  "name": "anyproxy",
-  "version": "1.2.5",
+  "version": "1.2.6",
  "description": "another proxy written in NODEJS, which can handle HTTPS requests and CROS perfectly",
  "main": "proxy.js",
  "bin": {