Merge branch 'develop' into beta

Author: justcoding121

Examples/Titanium.Web.Proxy.Examples.Basic/ProxyTestController.cs

@@ -32,20 +32,18 @@ public ProxyTestController()
             proxyServer = new ProxyServer();
 
             //generate root certificate without storing it in file system
-            //proxyServer.CertificateEngine = Network.CertificateEngine.BouncyCastle;
             //proxyServer.CertificateManager.CreateTrustedRootCertificate(false);
             //proxyServer.CertificateManager.TrustRootCertificate();
 
             proxyServer.ExceptionFunc = exception => Console.WriteLine(exception.Message);
-            proxyServer.TrustRootCertificate = true;
             proxyServer.ForwardToUpstreamGateway = true;
 
             //optionally set the Certificate Engine
             //Under Mono or Non-Windows runtimes only BouncyCastle will be supported
-            //proxyServer.CertificateEngine = Network.CertificateEngine.DefaultWindows;
+            //proxyServer.CertificateManager.CertificateEngine = Network.CertificateEngine.BouncyCastle;
 
             //optionally set the Root Certificate
-            //proxyServer.RootCertificate = new X509Certificate2("myCert.pfx", string.Empty, X509KeyStorageFlags.Exportable);
+            //proxyServer.CertificateManager.RootCertificate = new X509Certificate2("myCert.pfx", string.Empty, X509KeyStorageFlags.Exportable);
         }
 
         public void StartProxy()
@@ -68,9 +66,7 @@ public void StartProxy()
             //GenericCertificate = new X509Certificate2(Path.Combine(System.IO.Path.GetDirectoryName(System.Reflection.Assembly.GetExecutingAssembly().Location), "genericcert.pfx"), "password")
             };
 
-            //Exclude Https addresses you don't want to proxy
-            //Useful for clients that use certificate pinning
-            //for example google.com and dropbox.com
+            //Fired when a CONNECT request is received
             explicitEndPoint.BeforeTunnelConnect += OnBeforeTunnelConnect;
 
 
@@ -130,10 +126,11 @@ public void Stop()
 
         private async Task<bool> OnBeforeTunnelConnect(string hostname)
         {
-            if (hostname.Contains("amazon.com") || hostname.Contains("paypal.com"))
+            if (hostname.Contains("dropbox.com"))
             {
-                //exclude bing.com and google.com from being decrypted
-                //instead it will be relayed via a secure TCP tunnel
+                //Exclude Https addresses you don't want to proxy
+                //Useful for clients that use certificate pinning
+                //for example dropbox.com
                 return await Task.FromResult(true);
             }
             else
@@ -183,7 +180,7 @@ private async Task OnRequest(object sender, SessionEventArgs e)
             //Filter URL
             if (e.WebSession.Request.RequestUri.AbsoluteUri.Contains("yahoo.com"))
             {
-                await e.Ok("<!DOCTYPE html>" +
+                e.Ok("<!DOCTYPE html>" +
                       "<html><body><h1>" +
                       "Website Blocked" +
                       "</h1>" +
@@ -195,7 +192,7 @@ await e.Ok("<!DOCTYPE html>" +
             ////Redirect example
             //if (e.WebSession.Request.RequestUri.AbsoluteUri.Contains("wikipedia.org"))
             //{
-            //    await e.Redirect("https://www.paypal.com");
+            //   e.Redirect("https://www.paypal.com");
             //}
         }
 

Examples/Titanium.Web.Proxy.Examples.Wpf/MainWindow.xaml.cs

@@ -62,29 +62,25 @@ public int ServerConnectionCount
         public MainWindow()
         {
             proxyServer = new ProxyServer();
-            //proxyServer.CertificateEngine = CertificateEngine.DefaultWindows;
+            //proxyServer.CertificateManager.CertificateEngine = CertificateEngine.DefaultWindows;
 
             ////Set a password for the .pfx file
-            //proxyServer.PfxPassword = "PfxPassword";
+            //proxyServer.CertificateManager.PfxPassword = "PfxPassword";
 
             ////Set Name(path) of the Root certificate file
-            //proxyServer.PfxFilePath = @"C:\NameFolder\rootCert.pfx";
+            //proxyServer.CertificateManager.PfxFilePath = @"C:\NameFolder\rootCert.pfx";
 
             ////do you want Replace an existing Root certificate file(.pfx) if password is incorrect(RootCertificate=null)?  yes====>true
-            //proxyServer.OverwritePfxFile = true;
+            //proxyServer.CertificateManager.OverwritePfxFile = true;
 
             ////save all fake certificates in folder "crts"(will be created in proxy dll directory)
             ////if create new Root certificate file(.pfx) ====> delete folder "crts"
-            //proxyServer.SaveFakeCertificates = true;
-
-            //Trust Root Certificate
-            proxyServer.TrustRootCertificate = true;
-            proxyServer.TrustRootCertificateAsAdministrator = true;
+            //proxyServer.CertificateManager.SaveFakeCertificates = true;
 
             proxyServer.ForwardToUpstreamGateway = true;
 
             ////if you need Load or Create Certificate now. ////// "true" if you need Enable===> Trust the RootCertificate used by this proxy server
-            //proxyServer.EnsureRootCertificate(true);
+            //proxyServer.CertificateManager.EnsureRootCertificate(true);
 
             ////or load directly certificate(As Administrator if need this)
             ////and At the same time chose path and password

README.md

@@ -52,11 +52,11 @@ Setup HTTP proxy:
 var proxyServer = new ProxyServer();
 
 //locally trust root certificate used by this proxy 
-proxyServer.TrustRootCertificate = true;
+proxyServer.CertificateManager.TrustRootCertificate = true;
 
 //optionally set the Certificate Engine
 //Under Mono only BouncyCastle will be supported
-//proxyServer.CertificateEngine = Network.CertificateEngine.BouncyCastle;
+//proxyServer.CertificateManager.CertificateEngine = Network.CertificateEngine.BouncyCastle;
 
 proxyServer.BeforeRequest += OnRequest;
 proxyServer.BeforeResponse += OnResponse;
@@ -66,17 +66,17 @@ proxyServer.ClientCertificateSelectionCallback += OnCertificateSelection;
 
 var explicitEndPoint = new ExplicitProxyEndPoint(IPAddress.Any, 8000, true)
 {
-//Exclude HTTPS addresses you don't want to proxy
-//Useful for clients that use certificate pinning
-//for example dropbox.com
-// ExcludedHttpsHostNameRegex = new List<string>() { "google.com", "dropbox.com" }
+//You can set only one of the ExcludedHttpsHostNameRegex and IncludedHttpsHostNameRegex properties, otherwise ArgumentException will be thrown
 
-//Use self-issued generic certificate on all HTTPS requests
-//Optimizes performance by not creating a certificate for each HTTPS-enabled domain
+//Use self-issued generic certificate on all https requests
+//Optimizes performance by not creating a certificate for each https-enabled domain
 //Useful when certificate trust is not required by proxy clients
-// GenericCertificate = new X509Certificate2(Path.Combine(System.IO.Path.GetDirectoryName(System.Reflection.Assembly.GetExecutingAssembly().Location), "genericcert.pfx"), "password")
+//GenericCertificate = new X509Certificate2(Path.Combine(System.IO.Path.GetDirectoryName(System.Reflection.Assembly.GetExecutingAssembly().Location), "genericcert.pfx"), "password")
 };
 
+//Fired when a CONNECT request is received
+explicitEndPoint.BeforeTunnelConnect += OnBeforeTunnelConnect;
+
 //An explicit endpoint is where the client knows about the existence of a proxy
 //So client sends request in a proxy friendly manner
 proxyServer.AddEndPoint(explicitEndPoint);
@@ -109,6 +109,7 @@ proxyServer.SetAsSystemHttpsProxy(explicitEndPoint);
 Console.Read();
 
 //Unsubscribe & Quit
+explicitEndPoint.BeforeTunnelConnect -= OnBeforeTunnelConnect;
 proxyServer.BeforeRequest -= OnRequest;
 proxyServer.BeforeResponse -= OnResponse;
 proxyServer.ServerCertificateValidationCallback -= OnCertificateValidation;
@@ -125,6 +126,21 @@ Sample request and response event handlers
 private IDictionary<Guid, string> requestBodyHistory 
         = new ConcurrentDictionary<Guid, string>();
 
+private async Task<bool> OnBeforeTunnelConnect(string hostname)
+{
+    if (hostname.Contains("dropbox.com"))
+    {
+         //Exclude Https addresses you don't want to proxy
+         //Useful for clients that use certificate pinning
+         //for example dropbox.com
+        return await Task.FromResult(true);
+    }
+    else
+    {
+        return await Task.FromResult(false);
+    }
+}
+
 public async Task OnRequest(object sender, SessionEventArgs e)
 {
     Console.WriteLine(e.WebSession.Request.Url);
@@ -152,7 +168,7 @@ public async Task OnRequest(object sender, SessionEventArgs e)
     //Filter URL
     if (e.WebSession.Request.RequestUri.AbsoluteUri.Contains("google.com"))
     {
-	await e.Ok("<!DOCTYPE html>" +
+	e.Ok("<!DOCTYPE html>" +
 	      "<html><body><h1>" +
 	      "Website Blocked" +
 	      "</h1>" +
@@ -163,7 +179,7 @@ public async Task OnRequest(object sender, SessionEventArgs e)
     //Redirect example
     if (e.WebSession.Request.RequestUri.AbsoluteUri.Contains("wikipedia.org"))
     {
-	await e.Redirect("https://www.paypal.com");
+	e.Redirect("https://www.paypal.com");
     }
 }
 

Tests/Titanium.Web.Proxy.IntegrationTests/SslTests.cs

@@ -51,7 +51,6 @@ public class ProxyTestController
         public ProxyTestController()
         {
             proxyServer = new ProxyServer();
-            proxyServer.TrustRootCertificate = true;
         }
 
         public void StartProxy(int proxyPort)

Tests/Titanium.Web.Proxy.UnitTests/CertificateManagerTests.cs

@@ -15,28 +15,53 @@ private static readonly string[] hostNames
         private readonly Random random = new Random();
 
         [TestMethod]
-        public async Task Simple_Create_Certificate_Stress_Test()
+        public async Task Simple_Create_Certificate_Test()
         {
             var tasks = new List<Task>();
 
             var mgr = new CertificateManager(new Lazy<Action<Exception>>(() => (e => { })).Value);
 
-            mgr.ClearIdleCertificates(1);
+            mgr.ClearIdleCertificates();
 
-            for (int i = 0; i < 1000; i++)
+            foreach (string host in hostNames)
             {
-                foreach (string host in hostNames)
+                tasks.Add(Task.Run(async () =>
                 {
-                    tasks.Add(Task.Run(async () =>
-                    {
-                        await Task.Delay(random.Next(0, 10) * 1000);
 
-                        //get the connection
-                        var certificate = mgr.CreateCertificate(host, false);
+                    //get the connection
+                    var certificate = await mgr.CreateCertificateAsync(host);
 
-                        Assert.IsNotNull(certificate);
-                    }));
-                }
+                    Assert.IsNotNull(certificate);
+                }));
+            }
+
+            await Task.WhenAll(tasks.ToArray());
+
+            mgr.StopClearIdleCertificates();
+        }
+
+        //uncomment this to compare WinCert maker performance with BC (BC takes more time for same test above)
+        //cannot run this test in build server since trusting the certificate won't happen successfully
+        //[TestMethod]
+        public async Task Simple_Create_Win_Certificate_Test()
+        {
+            var tasks = new List<Task>();
+
+            var mgr = new CertificateManager(new Lazy<Action<Exception>>(() => (e => { })).Value);
+            mgr.CreateRootCertificate(true);
+            mgr.TrustRootCertificate();
+            mgr.ClearIdleCertificates();
+            mgr.CertificateEngine = CertificateEngine.DefaultWindows;
+
+            foreach (string host in hostNames)
+            {
+                tasks.Add(Task.Run(async () =>
+                {
+                    //get the connection
+                    var certificate = await mgr.CreateCertificateAsync(host);
+
+                    Assert.IsNotNull(certificate);
+                }));
             }
 
             await Task.WhenAll(tasks.ToArray());

Titanium.Web.Proxy/EventArguments/SessionEventArgs.cs

@@ -531,7 +531,7 @@ private async Task<byte[]> GetDecompressedBodyAsync(string encodingType, byte[]
         /// </summary>
         /// <param name="html"></param>
         /// <param name="headers"></param>
-        public async Task Ok(string html, Dictionary<string, HttpHeader> headers = null)
+        public void Ok(string html, Dictionary<string, HttpHeader> headers = null)
         {
             var response = new OkResponse();
             if (headers != null)
@@ -542,7 +542,7 @@ public async Task Ok(string html, Dictionary<string, HttpHeader> headers = null)
             response.HttpVersion = WebSession.Request.HttpVersion;
             response.Body = response.Encoding.GetBytes(html ?? string.Empty);
 
-            await Respond(response);
+            Respond(response);
         }
 
         /// <summary>
@@ -552,14 +552,14 @@ public async Task Ok(string html, Dictionary<string, HttpHeader> headers = null)
         /// </summary>
         /// <param name="result"></param>
         /// <param name="headers"></param>
-        public async Task Ok(byte[] result, Dictionary<string, HttpHeader> headers = null)
+        public void Ok(byte[] result, Dictionary<string, HttpHeader> headers = null)
         {
             var response = new OkResponse();
             response.Headers.AddHeaders(headers);
             response.HttpVersion = WebSession.Request.HttpVersion;
             response.Body = result;
 
-            await Respond(response);
+            Respond(response);
         }
 
         /// <summary>
@@ -572,14 +572,14 @@ public async Task Ok(byte[] result, Dictionary<string, HttpHeader> headers = nul
         /// <param name="status"></param>
         /// <param name="headers"></param>
         /// <returns></returns>
-        public async Task GenericResponse(string html, HttpStatusCode status, Dictionary<string, HttpHeader> headers = null)
+        public void GenericResponse(string html, HttpStatusCode status, Dictionary<string, HttpHeader> headers = null)
         {
             var response = new GenericResponse(status);
             response.HttpVersion = WebSession.Request.HttpVersion;
             response.Headers.AddHeaders(headers);
             response.Body = response.Encoding.GetBytes(html ?? string.Empty);
 
-            await Respond(response);
+            Respond(response);
         }
 
         /// <summary>
@@ -592,33 +592,33 @@ public async Task GenericResponse(string html, HttpStatusCode status, Dictionary
         /// <param name="status"></param>
         /// <param name="headers"></param>
         /// <returns></returns>
-        public async Task GenericResponse(byte[] result, HttpStatusCode status, Dictionary<string, HttpHeader> headers)
+        public void GenericResponse(byte[] result, HttpStatusCode status, Dictionary<string, HttpHeader> headers)
         {
             var response = new GenericResponse(status);
             response.HttpVersion = WebSession.Request.HttpVersion;
             response.Headers.AddHeaders(headers);
             response.Body = result;
 
-            await Respond(response);
+            Respond(response);
         }
 
         /// <summary>
         /// Redirect to URL.
         /// </summary>
         /// <param name="url"></param>
         /// <returns></returns>
-        public async Task Redirect(string url)
+        public void Redirect(string url)
         {
             var response = new RedirectResponse();
             response.HttpVersion = WebSession.Request.HttpVersion;
             response.Headers.AddHeader(KnownHeaders.Location, url);
             response.Body = emptyData;
 
-            await Respond(response);
+            Respond(response);
         }
 
         /// a generic responder method 
-        public async Task Respond(Response response)
+        public void Respond(Response response)
         {
             if (WebSession.Request.RequestLocked)
             {