/// <summary> /// Creates a new proxy server instance. Really there should only ever be a single instance /// created at a time. /// </summary> /// <param name="authorityCommonName"> /// The common name to use when generating the certificate authority. Basically, all SSL /// sites will show that they are secured by a certificate authority with this name that is /// supplied here. /// </param> /// <param name="firewallCallback"> /// The firewall check callback. Used to allow the user to determine if a binary should have /// its associated traffic pushed through the filter or not. /// </param> /// <param name="messageBeginCallback"> /// Message begin callback enables users to inspect and filter messages immediately after /// they begin. Users also have the power to direct how the proxy will continue to handle the /// overall transaction that this message belongs to. /// </param> /// <param name="messageEndCallback"> /// Message end callback enables users to inspect and filter messages once they have completed. /// </param> /// <exception cref="ArgumentException"> /// Will throw if any one of the callbacks are not defined. /// </exception> public ProxyServer(string authorityCommonName, FirewallCheckCallback firewallCallback, MessageBeginCallback messageBeginCallback, MessageEndCallback messageEndCallback) { m_tlsConnAdapter = new TlsSniConnectionAdapter(authorityCommonName); m_fwCallback = firewallCallback ?? throw new ArgumentException("The firewall callback MUST be defined."); FilterResponseHandlerFactory.Default.MessageBeginCallback = messageBeginCallback ?? throw new ArgumentException("The message begin callback MUST be defined."); FilterResponseHandlerFactory.Default.MessageEndCallback = messageEndCallback ?? throw new ArgumentException("The message end callback MUST be defined."); // Hook the cert verification callback. ServicePointManager.ServerCertificateValidationCallback += CertificateVerificationHandler; }
/// <summary> /// Creates a new proxy server instance. Really there should only ever be a single instance /// created at a time. /// </summary> /// <param name="configuration"> /// The proxy server configuration to use. /// </param> /// <exception cref="ArgumentException"> /// Will throw if any one of the callbacks in the supplied configuration are not defined. /// </exception> public ProxyServer(ProxyServerConfiguration configuration) { _tlsConnAdapter = new TlsSniConnectionAdapter(CreateCertificateStore(configuration.AuthorityName ?? "CitadelCore")); _fwCallback = configuration.FirewallCheckCallback ?? throw new ArgumentException("The firewall callback MUST be defined.", nameof(configuration)); FilterResponseHandlerFactory.Default.NewMessageCallback = configuration.NewHttpMessageHandler ?? throw new ArgumentException("The new message callback MUST be defined.", nameof(configuration)); FilterResponseHandlerFactory.Default.WholeBodyInspectionCallback = configuration.HttpMessageWholeBodyInspectionHandler ?? throw new ArgumentException("The whole-body content inspection callback MUST be defined.", nameof(configuration)); FilterResponseHandlerFactory.Default.StreamedInspectionCallback = configuration.HttpMessageStreamedInspectionHandler ?? throw new ArgumentException("The streaming content inspection callback MUST be defined.", nameof(configuration)); FilterResponseHandlerFactory.Default.BadCertificateCallback = configuration.BadCertificateHandler ?? throw new ArgumentException("The bad certificate callback MUST be defined.", nameof(configuration)); // Hook the cert verification callback. ServicePointManager.ServerCertificateValidationCallback += CertificateVerificationHandler; }
/// <summary> /// Initialize the proxy server. See <see cref="ProxyOptions"/> for more information on parameters. /// </summary> /// <param name="options">See <see cref="ProxyOptions"/></param> public ProxyServer(ProxyOptions options) { m_fwCallback = options.FirewallCheckCallback ?? throw new ArgumentException("The firewall callback MUST be defined."); FilterResponseHandlerFactory.Default.MessageBeginCallback = options.MessageBeginCallback ?? throw new ArgumentException("The message begin callback MUST be defined."); FilterResponseHandlerFactory.Default.MessageEndCallback = options.MessageEndCallback ?? throw new ArgumentException("The message end callback MUST be defined."); FilterResponseHandlerFactory.Default.BadCertificateCallback = options.BadCertificateCallback; FilterResponseHandlerFactory.Default.CertificateExemptions = options.CertificateExemptions ?? throw new ArgumentException("The certificate exemptions MUST be defined."); }
/// <summary> /// Creates a new proxy server instance. Really there should only ever be a single instance /// created at a time. /// </summary> /// <param name="configuration"> /// The proxy server configuration to use. /// </param> /// <exception cref="ArgumentException"> /// Will throw if any one of the callbacks in the supplied configuration are not defined. /// </exception> public ProxyServer(ProxyServerConfiguration configuration) { _configuration = configuration; if (_configuration == null || !_configuration.IsValid) { throw new ArgumentException("Configuration is null or invalid. Ensure that all callbacks are defined."); } _tlsConnAdapter = new TlsSniConnectionAdapter(CreateCertificateStore(configuration.AuthorityName ?? "CitadelCore")); _fwCallback = configuration.FirewallCheckCallback ?? throw new ArgumentException("The firewall callback MUST be defined.", nameof(configuration)); _replayResponseFactory = new ReplayResponseHandlerFactory(); _httpResponseFactory = new FilterResponseHandlerFactory(_configuration, _replayResponseFactory); // Hook the cert verification callback. ServicePointManager.ServerCertificateValidationCallback += CertificateVerificationHandler; }
public ProxyServer(FirewallCheckCallback firewallCallback, MessageBeginCallback messageBeginCallback, MessageEndCallback messageEndCallback, BadCertificateCallback badCertificateCallback = null) { if (firewallCallback == null) { throw new ArgumentException("The firewall callback MUST be defined."); } if (messageBeginCallback == null) { throw new ArgumentException("The message begin callback MUST be defined."); } if (messageEndCallback == null) { throw new ArgumentException("The message end callback MUST be defined."); } m_fwCallback = firewallCallback; FilterResponseHandlerFactory.Default.MessageBeginCallback = messageBeginCallback; FilterResponseHandlerFactory.Default.MessageEndCallback = messageEndCallback; FilterResponseHandlerFactory.Default.BadCertificateCallback = badCertificateCallback; }
/// <summary> /// Creates a new WindowsProxyServer instance. Really there should only ever be a single instance /// created at a time. /// </summary> /// <param name="authorityCommonName"> /// The common name to use when generating the certificate authority. Basically, all SSL /// sites will show that they are secured by a certificate authority with this name that is /// supplied here. /// </param> /// <param name="firewallCallback"> /// The firewall check callback. Used to allow the user to determine if a binary should have /// its associated traffic pushed through the filter or not. /// </param> /// <param name="messageBeginCallback"> /// Message begin callback enables users to inspect and filter messages immediately after /// they begin. Users also have the power to direct how the proxy will continue to handle the /// overall transaction that this message belongs to. /// </param> /// <param name="messageEndCallback"> /// Message end callback enables users to inspect and filter messages once they have completed. /// </param> /// <exception cref="ArgumentException"> /// Will throw if any one of the callbacks are not defined. /// </exception> public WindowsProxyServer(string authorityCommonName, FirewallCheckCallback firewallCallback, MessageBeginCallback messageBeginCallback, MessageEndCallback messageEndCallback) : base(authorityCommonName, firewallCallback, messageBeginCallback, messageEndCallback) { }
/// <summary> /// Configures the proxy server to use the supplied firewall check callback. /// </summary> /// <param name="callback"> /// The callback to use. /// </param> /// <returns> /// The chained configuration instance. /// </returns> public ProxyServerConfiguration WithFirewallCallback(FirewallCheckCallback callback) { this.FirewallCheckCallback = callback; return(this); }
public WindowsProxyServer(FirewallCheckCallback firewallCallback, MessageBeginCallback messageBeginCallback, MessageEndCallback messageEndCallback, BadCertificateCallback badCertificateCallback) : base(firewallCallback, messageBeginCallback, messageEndCallback, badCertificateCallback) { }
public WindowsProxyServer(FirewallCheckCallback firewallCallback, MessageBeginCallback messageBeginCallback, MessageEndCallback messageEndCallback) : base(firewallCallback, messageBeginCallback, messageEndCallback) { }
private bool OnFirewallCheckCallback([In][MarshalAs(UnmanagedType.LPStr)] string binaryAbsolutePath, IntPtr binaryAbsolutePathLength) { var result = FirewallCheckCallback?.Invoke(binaryAbsolutePath); return(result.HasValue ? result.Value : false); }