Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/chayleaf/mitm-cache
MITM caching proxy
https://github.com/chayleaf/mitm-cache
Last synced: 5 days ago
JSON representation
MITM caching proxy
- Host: GitHub
- URL: https://github.com/chayleaf/mitm-cache
- Owner: chayleaf
- License: mit
- Created: 2023-12-15T13:14:55.000Z (11 months ago)
- Default Branch: master
- Last Pushed: 2024-07-07T19:21:30.000Z (4 months ago)
- Last Synced: 2024-07-07T20:35:13.221Z (4 months ago)
- Language: Rust
- Size: 47.9 KB
- Stars: 1
- Watchers: 2
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- License: COPYING
Awesome Lists containing this project
README
# MITM cache
This is a caching MITM proxy for fetching the dependencies of poorly
designed build systems. To use it, first create a root CA cert using
`./generate.sh`, and then run the proxy:
```
Usage: mitm-cache [OPTIONS]
Commands:
record
replay
help Print this message or the help of the given subcommand(s)
Options:
-l, --listen Proxy listen address
-k, --ca-key Path to the ca.key file
-c, --ca-cert Path to the ca.cer file
-o, --out Write MITM cache description to this file
-h, --help Print help
```
```
Usage: mitm-cache record [OPTIONS]
Options:
-r, --record-text
Record text from URLs matching this regex
-x, --reject
Reject requests to URLs matching this regex
-f, --forget-redirects-from
Forget redirects from URLs matching this regex
-t, --forget-redirects-to
Forget redirects to URLs matching this regex
-h, --help
Print help
```
While the cache is running, you can send `SIGUSR1` to write the current
cache into `tmp.json`. At the end, you should send `SIGINT` to make the
proxy write the final cache into `out.json`, and then
use [fetch.nix](./fetch.nix) for fetching the dependencies
([default.nix](./default.nix) provides it at `mitm-cache.fetch`), and
finally pass the resulting derivation output to `mitm-cache replay`:
```
Usage: mitm-cache replay
Arguments:
Path to the cache fetched using fetch.nix
Options:
-h, --help Print help
```
## Lockfile Format
```json
{
"!version": 1,
"https://example.org/a": {
"hash": "sha256-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA="
},
"https://example.org/b": {
"text": "example"
},
"https://example.org/c": {
"redirect": "https://example.org/d"
}
}
```
`!version` specifies the lockfile version. `fetch.nix` is maintained to support
all lockfile versions, but mitm-cache only supports creating the
latest lockfile version.
Per-URL value is a JSON object containing one of the following keys:
- `hash` - specifies the response body's [SRI hash](https://developer.mozilla.org/en-US/docs/Web/Security/Subresource_Integrity#using_subresource_integrity)
- `text` - specifies the response body as text. Only written if the
`--record-text` regex matches this URL.
- `redirect` - specifies the URL this page redirects to. If
any of the `--forget-redirects-*` rules apply, the target page's
value will be written as the page's value instead.