Class: BetterCap::Proxy::HTTP::SSL::Server

Inherits:

Object

Object
BetterCap::Proxy::HTTP::SSL::Server

show all

Defined in:: lib/bettercap/proxy/http/ssl/server.rb

Overview

Little utility class to handle SSLServer creation.

Instance Attribute Summary collapse

#authority ⇒ Object readonly

The SSL certification authority.
#context ⇒ Object readonly

Main SSLContext instance.
#io ⇒ Object readonly

Socket I/O object.

Instance Method Summary collapse

#initialize(socket) ⇒ Server constructor

Create an instance from the TCPSocket socket.

Constructor Details

#initialize(socket) ⇒ `Server`

Create an instance from the TCPSocket socket.

# File 'lib/bettercap/proxy/http/ssl/server.rb', line 29

def initialize( socket )
  @authority    = Authority.new( Context.get.options.proxies.proxy_pem_file )
  @context      = OpenSSL::SSL::SSLContext.new
  @context.cert = @authority.certificate
  @context.key  = @authority.key

  # If the client supports SNI ( https://en.wikipedia.org/wiki/Server_Name_Indication )
  # we'll receive the hostname it wants to connect to in this callback.
  # Use the CA we already have loaded ( or generated ) to sign a new
  # certificate at runtime with the correct 'Common Name' and create a new SSL
  # context with it, these are the steps:
  #
  # 1. Get hostname from SNI.
  # 2. Fetch upstream certificate from the real server.
  # 3. Resign it with our own CA.
  # 4. Create a new context with the new spoofed certificate.
  # 5. Profit ^_^
  @context.servername_cb = proc { |sslsocket, hostname|
    Logger.debug "[#{'SSL'.green}] Server-Name-Indication for '#{hostname}'"

    ctx      = OpenSSL::SSL::SSLContext.new
    ctx.cert = @authority.spoof( hostname )
    ctx.key  = @authority.key

    ctx
  }

  @io = OpenSSL::SSL::SSLServer.new( socket, @context )
end

Instance Attribute Details

#authority ⇒ `Object` (readonly)

The SSL certification authority.



22
23
24

# File 'lib/bettercap/proxy/http/ssl/server.rb', line 22

def authority
  @authority
end

#context ⇒ `Object` (readonly)

Main SSLContext instance.



24
25
26

# File 'lib/bettercap/proxy/http/ssl/server.rb', line 24

def context
  @context
end

#io ⇒ `Object` (readonly)

Socket I/O object.



26
27
28

# File 'lib/bettercap/proxy/http/ssl/server.rb', line 26

def io
  @io
end

Class: BetterCap::Proxy::HTTP::SSL::Server

Overview

Instance Attribute Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(socket) ⇒ Server

Instance Attribute Details

#authority ⇒ Object (readonly)

#context ⇒ Object (readonly)

#io ⇒ Object (readonly)

#initialize(socket) ⇒ `Server`

#authority ⇒ `Object` (readonly)

#context ⇒ `Object` (readonly)

#io ⇒ `Object` (readonly)