davechri 1.0.0

package/build/node-http-mitm-proxy/examples/onCertificateMissing.js

@@ -0,0 +1,30 @@
+'use strict';
+
+var port = 8081;
+var path = require('path');
+
+var Proxy = require('../');
+var proxy = Proxy();
+
+proxy.onError(function(ctx, err, errorKind) {
+  // ctx may be null
+  var url = (ctx && ctx.clientToProxyRequest) ? ctx.clientToProxyRequest.url : '';
+  console.error(errorKind + ' on ' + url + ':', err);
+});
+
+proxy.onCertificateMissing = function(ctx, files, callback) {
+  console.log('Looking for "%s" certificates', ctx.hostname);
+  console.log('"%s" missing', ctx.files.keyFile);
+  console.log('"%s" missing', ctx.files.certFile);
+
+  // Here you have the last chance to provide certificate files data
+  // A tipical use case would be creating them on the fly
+  //
+  // return callback(null, {
+  //   key: keyFileData,
+  //   cert: certFileData
+  // });
+};
+
+proxy.listen({ port: port });
+console.log('listening on ' + port);

package/build/node-http-mitm-proxy/examples/onCertificateRequired.js

@@ -0,0 +1,23 @@
+'use strict';
+
+var port = 8081;
+var path = require('path');
+
+var Proxy = require('../');
+var proxy = Proxy();
+
+proxy.onError(function(ctx, err, errorKind) {
+  // ctx may be null
+  var url = (ctx && ctx.clientToProxyRequest) ? ctx.clientToProxyRequest.url : '';
+  console.error(errorKind + ' on ' + url + ':', err);
+});
+
+proxy.onCertificateRequired = function(hostname, callback) {
+  return callback(null, {
+    keyFile: path.resolve('/ca/certs/', hostname + '.key'),
+    certFile: path.resolve('/ca/certs/', hostname + '.crt')
+  });
+};
+
+proxy.listen({ port: port });
+console.log('listening on ' + port);

package/build/node-http-mitm-proxy/examples/preventRequest.js

@@ -0,0 +1,20 @@
+'use strict';
+
+var port = 8081;
+
+var Proxy = require('../');
+var proxy = Proxy();
+
+proxy.onError(function(ctx, err, errorKind) {
+  // ctx may be null
+  var url = (ctx && ctx.clientToProxyRequest) ? ctx.clientToProxyRequest.url : '';
+  console.error(errorKind + ' on ' + url + ':', err);
+});
+
+proxy.onRequest(function(ctx, callback) {
+  ctx.proxyToClientResponse.end('Hacked, you cannot proceed to the website');
+  // no callback() so proxy request is not sent to the server
+});
+
+proxy.listen({ port: port });
+console.log('listening on ' + port);

package/build/node-http-mitm-proxy/examples/processFullResponseBody.js

@@ -0,0 +1,36 @@
+'use strict';
+
+var port = 8081;
+
+var Proxy = require('../');
+var proxy = Proxy();
+
+proxy.onError(function(ctx, err, errorKind) {
+  // ctx may be null
+  var url = (ctx && ctx.clientToProxyRequest) ? ctx.clientToProxyRequest.url : '';
+  console.error(errorKind + ' on ' + url + ':', err);
+});
+
+proxy.use(Proxy.gunzip);
+
+proxy.onRequest(function(ctx, callback) {
+  var chunks = [];
+  ctx.onResponseData(function(ctx, chunk, callback) {
+    chunks.push(chunk);
+    return callback(null, null); // don't write chunks to client response
+  });
+  ctx.onResponseEnd(function(ctx, callback) {
+    var body = Buffer.concat(chunks);
+    if(ctx.serverToProxyResponse.headers['content-type'] && ctx.serverToProxyResponse.headers['content-type'].indexOf('text/html') === 0) {
+      body = body.toString().replace(/Lucky/g, 'Sexy');
+    }
+    ctx.proxyToClientResponse.write(body);
+    return callback();
+  });
+  callback();
+});
+
+
+
+proxy.listen({ port: port });
+console.log('listening on ' + port);

package/build/node-http-mitm-proxy/examples/removeProxyToServerContentLength.js

@@ -0,0 +1,17 @@
+'use strict';
+
+var port = 8081;
+
+var Proxy = require('../');
+var proxy = Proxy();
+
+proxy.onRequest(function(ctx, callback) {
+    if('content-length' in ctx.proxyToServerRequestOptions.headers) {
+        console.log(`found "content-length" header in request to "${ctx.proxyToServerRequestOptions.host}${ctx.proxyToServerRequestOptions.path}". Removing.`);
+        delete ctx.proxyToServerRequestOptions.headers['content-length'];
+    }
+    callback();
+});
+
+proxy.listen({ port: port });
+console.log('listening on ' + port);

package/build/node-http-mitm-proxy/examples/websocket.js

@@ -0,0 +1,31 @@
+'use strict';
+
+var port = 8081;
+
+var Proxy = require('../');
+var proxy = Proxy();
+
+proxy.onError(function(ctx, err, errorKind) {
+  // ctx may be null
+  var url = (ctx && ctx.clientToProxyRequest) ? ctx.clientToProxyRequest.url : '';
+  console.error(errorKind + ' on ' + url + ':', err);
+});
+proxy.onWebSocketConnection(function(ctx, callback) {
+  console.log('WEBSOCKET CONNECT:', ctx.clientToProxyWebSocket.upgradeReq.url);
+  return callback();
+});
+proxy.onWebSocketFrame(function(ctx, type, fromServer, message, flags, callback) {
+  console.log('WEBSOCKET FRAME ' + type + ' received from ' + (fromServer ? 'server' : 'client'), ctx.clientToProxyWebSocket.upgradeReq.url, message);
+  if (message) var hackedMessage = message.replace(/Rock it/ig, 'Hack it');
+  return callback(null, message, flags);
+});
+proxy.onWebSocketError(function(ctx, err) {
+  console.log('WEBSOCKET ERROR ', ctx.clientToProxyWebSocket.upgradeReq.url, err);
+});
+proxy.onWebSocketClose(function(ctx, code, message, callback) {
+  console.log('WEBSOCKET CLOSED BY '+(ctx.closedByServer ? 'SERVER' : 'CLIENT'), ctx.clientToProxyWebSocket.upgradeReq.url, code, message);
+  callback(null, code, message);
+});
+
+proxy.listen({ port: port });
+console.log('listening on ' + port);

package/build/node-http-mitm-proxy/examples/wildcard.js

@@ -0,0 +1,17 @@
+'use strict';
+
+var port = 8081;
+
+var Proxy = require('../');
+var proxy = Proxy();
+
+proxy.use(Proxy.wildcard);
+
+proxy.onError(function(ctx, err, errorKind) {
+  // ctx may be null
+  var url = (ctx && ctx.clientToProxyRequest) ? ctx.clientToProxyRequest.url : '';
+  console.error(errorKind + ' on ' + url + ':', err);
+});
+
+proxy.listen({ port: port });
+console.log('listening on ' + port);

package/build/node-http-mitm-proxy/index.d.ts

@@ -0,0 +1,233 @@
+//definitions by jason swearingen.  jasons aat novaleaf doot coom.  for node-htt-mitm-proxy v0.5.2.  
+
+ import http = require("http");
+ import https = require("https");
+ import net = require("net");
+
+
+ declare namespace HttpMitmProxy {
+     export interface IProxyStatic {
+         (): IProxy;
+         /** mod to pass to the use() function: Gunzip response filter (uncompress gzipped content before onResponseData and compress back after)*/
+         gunzip: any;
+         /** mod to pass to the use() function: Generates wilcard certificates by default (so less certificates are generated)*/
+         wildcard: any;
+     }
+
+     export interface IProxyOptions {
+         /**port - The port or named socket to listen on (default: 8080).*/
+         port?: number;
+         /**host - The hostname or local address to listen on.*/
+         host?: string;
+         /** - Path to the certificates cache directory (default: process.cwd() + '/.http-mitm-proxy')*/
+         sslCaDir?: string;
+         /**  - enable HTTP persistent connection*/
+         keepAlive?: boolean;
+         /**  - The number of milliseconds of inactivity before a socket is presumed to have timed out. Defaults to no timeout. */
+         timeout?: number;
+         /**  - The http.Agent to use when making http requests. Useful for chaining proxys. (default: internal Agent) */
+         httpAgent?: http.Agent;
+         /** - The https.Agent to use when making https requests. Useful for chaining proxys. (default: internal Agent) */
+         httpsAgent?: https.Agent;
+         /** - force use of SNI by the client. Allow node-http-mitm-proxy to handle all HTTPS requests with a single internal server. */
+         forceSNI?: boolean;
+         /** - The port or named socket for https server to listen on. (forceSNI must be enabled) */
+         httpsPort?: number;
+         /** - Setting this option will remove the content-length from the proxy to server request, forcing chunked encoding */
+         forceChunkedRequest?: boolean;
+     }
+
+     export type IProxy = ICallbacks & {
+         /** Starts the proxy listening on the given port..  example: proxy.listen({ port: 80 }); */
+         listen(/** An object with the following options: */ options?: IProxyOptions, callback?: Function): void;
+         /** proxy.close
+         Stops the proxy listening.
+        
+         Example
+        
+         proxy.close(); */
+         close(): void;
+
+
+         onCertificateRequired(hostname: string, callback: (error: Error | undefined, certDetails: { keyFile: string; certFile: string; hosts: string[]; }) => void): void;
+         onCertificateMissing(ctx: IContext, files: any, callback: (error: Error | undefined, certDetails: { keyFileData: string; certFileData: string; hosts: string[]; }) => void): void;
+
+         //undocumented helpers
+         onConnect(fcn: (req: http.IncomingMessage, socket: net.Socket, head: any, callback: (error?: Error) => void) => void): void;
+         onRequestHeaders(fcn: (ctx: IContext, callback: (error?: Error) => void) => void): void;
+         onResponseHeaders(fcn: (ctx: IContext, callback: (error?: Error) => void) => void): void;
+         onWebSocketConnection(fcn: (ctx: IContext, callback: (error?: Error) => void) => void): void;
+         onWebSocketSend(fcn: (ctx: IContext, message: any, flags: any, callback: (err: Error | undefined, message: any, flags: any) => void) => void): void;
+         onWebSocketMessage(fcn: (ctx: IContext, message: any, flags: any, callback: (err: Error | undefined, message: any, flags: any) => void) => void): void;
+         onWebSocketFrame(fcn: (ctx: IContext, type: any, fromServer: boolean, message: any, flags: any, callback: (err: Error | undefined, message: any, flags: any) => void) => void): void;
+         onWebSocketError(fcn: (ctx: IContext, err: Error | undefined) => void): void;
+         onWebSocketClose(fcn: (ctx: IContext, code: any, message: any, callback: (err: Error | undefined, code: any, message: any) => void) => void): void;
+
+         // onConnectHandlers:((req,socket,head,callback)=>void)[];
+         // onRequestHandlers:((ctx,callback)=>void)[];
+
+         options: IProxyOptions;
+         httpPort: number;
+         timeout: number;
+         keepAlive: boolean;
+         httpAgent: http.Agent;
+         httpsAgent: https.Agent;
+         forceSNI: boolean;
+         httpsPort?: number;
+         sslCaDir: string;
+
+     }
+
+     /** signatures for various callback functions */
+     export interface ICallbacks {
+         onError(/**Adds a function to the list of functions to get called if an error occures.
+
+ Arguments
+
+ fn(ctx, err, errorKind) - The function to be called on an error.*/callback: (context: IContext, err?: Error, errorKind?: string) => void): void;
+
+         /** Adds a function to get called at the beginning of a request.
+        
+         Arguments
+        
+         fn(ctx, callback) - The function that gets called on each request.
+         Example
+        
+         proxy.onRequest(function(ctx, callback) {
+           console.log('REQUEST:', ctx.clientToProxyRequest.url);
+           return callback();
+         }); */
+         onRequest(fcn: (ctx: IContext, callback: (error?: Error) => void) => void): void;
+
+         onRequestData(fcn: (ctx: IContext, chunk: Buffer, callback: (error?: Error, chunk?: Buffer) => void) => void): void;
+
+         onRequestEnd(fcn: (ctx: IContext, callback: (error?: Error) => void) => void): void;
+         /** Adds a function to get called at the beginning of the response.
+        
+         Arguments
+        
+         fn(ctx, callback) - The function that gets called on each response.
+         Example
+        
+         proxy.onResponse(function(ctx, callback) {
+           console.log('BEGIN RESPONSE');
+           return callback();
+         }); */
+         onResponse(fcn: (ctx: IContext, callback: (error?: Error) => void) => void): void;
+
+         onResponseData(fcn: (ctx: IContext, chunk: Buffer, callback: (error?: Error, chunk?: Buffer) => void) => void): void;
+
+         onResponseEnd(fcn: (ctx: IContext, callback: (error?: Error) => void) => void): void;
+
+         /** Adds a module into the proxy. Modules encapsulate multiple life cycle processing functions into one object.
+
+             Arguments
+
+             module - The module to add. Modules contain a hash of functions to add.
+             Example
+
+             proxy.use({
+             onError: function(ctx, err) { },
+             onCertificateRequired: function(hostname, callback) { return callback(); },
+             onCertificateMissing: function(ctx, files, callback) { return callback(); },
+             onRequest: function(ctx, callback) { return callback(); },
+             onRequestData: function(ctx, chunk, callback) { return callback(null, chunk); },
+             onResponse: function(ctx, callback) { return callback(); },
+             onResponseData: function(ctx, chunk, callback) { return callback(null, chunk); },
+             onWebSocketConnection: function(ctx, callback) { return callback(); },
+             onWebSocketSend: function(ctx, message, flags, callback) { return callback(null, message, flags); },
+             onWebSocketMessage: function(ctx, message, flags, callback) { return callback(null, message, flags); },
+             onWebSocketError: function(ctx, err) {  },
+             onWebSocketClose: function(ctx, code, message, callback) {  },
+             });
+             node-http-mitm-proxy provide some ready to use modules:
+
+             Proxy.gunzip Gunzip response filter (uncompress gzipped content before onResponseData and compress back after)
+             Proxy.wildcard Generates wilcard certificates by default (so less certificates are generated) */
+         use(mod: any): void;
+
+
+
+     }
+
+
+     export type IContext = ICallbacks & {
+         isSSL: boolean;
+
+         /** may be set to true/false when dealing with websockets. */
+         closedByServer?: boolean;
+
+         clientToProxyRequest: http.IncomingMessage;
+         proxyToClientResponse: http.ServerResponse;
+         proxyToServerRequest: http.ClientRequest;
+         serverToProxyResponse: http.IncomingMessage;
+
+
+         /** instance of WebSocket object from https://github.com/websockets/ws */
+         clientToProxyWebSocket: any;
+         /** instance of WebSocket object from https://github.com/websockets/ws */
+         proxyToServerWebSocket: any;
+
+         /** user defined tags, initially constructed in the proxy-internals.tx proxy.onRequest() callback, you can add what you like here. */
+         tags: {
+             id: number;
+             uri:string;
+             /** ln 743 of proxy.js, hack to retry */
+             failedUpstreamCalls:number;
+             /** ln 743 of proxy.js, hack to retry */
+             retryProxyRequest:boolean;
+             [key: string]: any;
+         }
+
+         /**Adds a stream into the request body stream.
+
+ Arguments
+
+ stream - The read/write stream to add in the request body stream.
+ Example
+
+ ctx.addRequestFilter(zlib.createGunzip()); */
+         addRequestFilter(stream: any): void;
+         /** Adds a stream into the response body stream.
+
+ Arguments
+
+ stream - The read/write stream to add in the response body stream.
+ Example
+
+ ctx.addResponseFilter(zlib.createGunzip()); */
+         addResponseFilter(stream: any): void;
+
+         /** filters added by .addRequestFilter() */
+         requestFilters: any[];
+
+         /** filters added by .addResponseFilter() */
+         responseFilters: any[];
+
+         /** undocumented, allows adjusting the request in callbacks (such as .onRequest()) before sending  upstream (to proxy or target host)..  
+          * FYI these values seem pre-populated with defaults based on the request, you can modify them to change behavior. */
+         proxyToServerRequestOptions: {
+             /** ex: "GET" */
+             method: string;
+             /** ex: "/success.txt" */
+             path: string;
+
+             /** example: "detectportal.firefox.com" */
+             host: string;
+             port: null;
+             headers: { [key: string]: string };
+             agent: http.Agent;
+
+         };
+
+         onResponseDataHandlers:Function[];
+         onResponseEndHandlers:Function[];
+
+
+
+     }
+ }
+
+ declare const HttpMitmProxy: HttpMitmProxy.IProxyStatic
+ export = HttpMitmProxy;
+ export as namespace HttpMitmProxy;

package/build/node-http-mitm-proxy/index.js

@@ -0,0 +1,3 @@
+'use strict';
+
+module.exports = require('./lib/proxy');

package/build/node-http-mitm-proxy/lib/ca.js

@@ -0,0 +1,245 @@
+'use strict';
+
+var FS = require('fs');
+var path = require('path');
+var Forge = require('node-forge');
+var pki = Forge.pki;
+var mkdirp = require('mkdirp');
+var async = require('async');
+
+var CAattrs = [{
+  name: 'commonName',
+  value: 'NodeMITMProxyCA'
+}, {
+  name: 'countryName',
+  value: 'Internet'
+}, {
+  shortName: 'ST',
+  value: 'Internet'
+}, {
+  name: 'localityName',
+  value: 'Internet'
+}, {
+  name: 'organizationName',
+  value: 'Node MITM Proxy CA'
+}, {
+  shortName: 'OU',
+  value: 'CA'
+}];
+
+var CAextensions = [{
+  name: 'basicConstraints',
+  cA: true
+}, {
+  name: 'keyUsage',
+  keyCertSign: true,
+  digitalSignature: true,
+  nonRepudiation: true,
+  keyEncipherment: true,
+  dataEncipherment: true
+}, {
+  name: 'extKeyUsage',
+  serverAuth: true,
+  clientAuth: true,
+  codeSigning: true,
+  emailProtection: true,
+  timeStamping: true
+}, {
+  name: 'nsCertType',
+  client: true,
+  server: true,
+  email: true,
+  objsign: true,
+  sslCA: true,
+  emailCA: true,
+  objCA: true
+}, {
+  name: 'subjectKeyIdentifier'
+}];
+
+var ServerAttrs = [{
+  name: 'countryName',
+  value: 'Internet'
+}, {
+  shortName: 'ST',
+  value: 'Internet'
+}, {
+  name: 'localityName',
+  value: 'Internet'
+}, {
+  name: 'organizationName',
+  value: 'Node MITM Proxy CA'
+}, {
+  shortName: 'OU',
+  value: 'Node MITM Proxy Server Certificate'
+}];
+
+var ServerExtensions = [{
+  name: 'basicConstraints',
+  cA: false
+}, {
+  name: 'keyUsage',
+  keyCertSign: false,
+  digitalSignature: true,
+  nonRepudiation: false,
+  keyEncipherment: true,
+  dataEncipherment: true
+}, {
+  name: 'extKeyUsage',
+  serverAuth: true,
+  clientAuth: true,
+  codeSigning: false,
+  emailProtection: false,
+  timeStamping: false
+}, {
+  name: 'nsCertType',
+  client: true,
+  server: true,
+  email: false,
+  objsign: false,
+  sslCA: false,
+  emailCA: false,
+  objCA: false
+}, {
+  name: 'subjectKeyIdentifier'
+}];
+
+var CA = function () {
+};
+
+CA.create = function (caFolder, callback) {
+  var ca = new CA();
+  ca.baseCAFolder = caFolder;
+  ca.certsFolder = path.join(ca.baseCAFolder, 'certs');
+  ca.keysFolder = path.join(ca.baseCAFolder, 'keys');
+  async.series([
+    mkdirp.bind(null, ca.baseCAFolder),
+    mkdirp.bind(null, ca.certsFolder),
+    mkdirp.bind(null, ca.keysFolder),
+    function (callback) {
+      FS.exists(path.join(ca.certsFolder, 'ca.pem'), function (exists) {
+        if (exists) {
+          ca.loadCA(callback);
+        } else {
+          ca.generateCA(callback);
+        }
+      });
+    }
+  ], function (err) {
+    if (err) {
+      return callback(err);
+    }
+    return callback(null, ca);
+  });
+};
+
+CA.prototype.randomSerialNumber = function () {
+	// generate random 16 bytes hex string
+	var sn = '';
+	for (var i=0; i<4; i++) {
+		sn += ('00000000' + Math.floor(Math.random()*Math.pow(256, 4)).toString(16)).slice(-8);
+	}
+	return sn;
+}
+
+CA.prototype.generateCA = function (callback) {
+  var self = this;
+  pki.rsa.generateKeyPair({bits: 2048}, function(err, keys) {
+    if (err) {
+      return callback(err);
+    }
+    var cert = pki.createCertificate();
+    cert.publicKey = keys.publicKey;
+    cert.serialNumber = self.randomSerialNumber();
+    cert.validity.notBefore = new Date();
+    cert.validity.notBefore.setDate(cert.validity.notBefore.getDate() - 1);
+    cert.validity.notAfter = new Date();
+    cert.validity.notAfter.setFullYear(cert.validity.notBefore.getFullYear() + 2);
+    cert.setSubject(CAattrs);
+    cert.setIssuer(CAattrs);
+    cert.setExtensions(CAextensions);
+    cert.sign(keys.privateKey, Forge.md.sha256.create());
+    self.CAcert = cert;
+    self.CAkeys = keys;
+    async.parallel([
+      FS.writeFile.bind(null, path.join(self.certsFolder, 'ca.pem'), pki.certificateToPem(cert)),
+      FS.writeFile.bind(null, path.join(self.keysFolder, 'ca.private.key'), pki.privateKeyToPem(keys.privateKey)),
+      FS.writeFile.bind(null, path.join(self.keysFolder, 'ca.public.key'), pki.publicKeyToPem(keys.publicKey))
+    ], callback);
+  });
+};
+
+CA.prototype.loadCA = function (callback) {
+  var self = this;
+  async.auto({
+    certPEM: function (callback) {
+      FS.readFile(path.join(self.certsFolder, 'ca.pem'), 'utf-8', callback);
+    },
+    keyPrivatePEM: function (callback) {
+      FS.readFile(path.join(self.keysFolder, 'ca.private.key'), 'utf-8', callback);
+    },
+    keyPublicPEM: function (callback) {
+      FS.readFile(path.join(self.keysFolder, 'ca.public.key'), 'utf-8', callback);
+    }
+  }, function (err, results) {
+    if (err) {
+      return callback(err);
+    }
+    self.CAcert = pki.certificateFromPem(results.certPEM);
+    self.CAkeys = {
+      privateKey: pki.privateKeyFromPem(results.keyPrivatePEM),
+      publicKey: pki.publicKeyFromPem(results.keyPublicPEM)
+    };
+    return callback();
+  });
+};
+
+CA.prototype.generateServerCertificateKeys = function (hosts, cb) {
+  var self = this;
+  if (typeof(hosts) === "string") hosts = [hosts];
+  var mainHost = hosts[0];
+  var keysServer = pki.rsa.generateKeyPair(2048);
+  var certServer = pki.createCertificate();
+  certServer.publicKey = keysServer.publicKey;
+  certServer.serialNumber = this.randomSerialNumber();
+  certServer.validity.notBefore = new Date();
+  certServer.validity.notBefore.setDate(certServer.validity.notBefore.getDate() - 1);
+  certServer.validity.notAfter = new Date();
+  certServer.validity.notAfter.setFullYear(certServer.validity.notBefore.getFullYear() + 2);
+  var attrsServer = ServerAttrs.slice(0);
+  attrsServer.unshift({
+    name: 'commonName',
+    value: mainHost
+  })
+  certServer.setSubject(attrsServer);
+  certServer.setIssuer(this.CAcert.issuer.attributes);
+  certServer.setExtensions(ServerExtensions.concat([{
+    name: 'subjectAltName',
+    altNames: hosts.map(function(host) {
+      if (host.match(/^[\d\.]+$/)) {
+        return {type: 7, ip: host};
+      }
+      return {type: 2, value: host};
+    })
+  }]));
+  certServer.sign(this.CAkeys.privateKey, Forge.md.sha256.create());
+  var certPem = pki.certificateToPem(certServer);
+  var keyPrivatePem = pki.privateKeyToPem(keysServer.privateKey)
+  var keyPublicPem = pki.publicKeyToPem(keysServer.publicKey)
+  FS.writeFile(this.certsFolder + '/' + mainHost.replace(/\*/g, '_') + '.pem', certPem, function(error) {
+    if (error) console.error("Failed to save certificate to disk in "+self.certsFolder, error);
+  });
+  FS.writeFile(this.keysFolder + '/' + mainHost.replace(/\*/g, '_') + '.key', keyPrivatePem, function(error) {
+    if (error) console.error("Failed to save private key to disk in "+self.keysFolder, error);
+  });
+  FS.writeFile(this.keysFolder + '/' + mainHost.replace(/\*/g, '_') + '.public.key', keyPublicPem, function(error) {
+    if (error) console.error("Failed to save public key to disk in "+self.keysFolder, error);
+  });
+  // returns synchronously even before files get written to disk
+  cb(certPem, keyPrivatePem);
+};
+
+CA.prototype.getCACertPath = function () {
+  return this.certsFolder + '/ca.pem';
+};
+module.exports = CA;

package/build/node-http-mitm-proxy/lib/middleware/gunzip.js

@@ -0,0 +1,19 @@
+'use strict';
+
+var zlib = require('zlib');
+
+module.exports = {
+  onResponse: function(ctx, callback) {
+    if (ctx.serverToProxyResponse.headers['content-encoding']
+      && ctx.serverToProxyResponse.headers['content-encoding'].toLowerCase() == 'gzip') {
+      delete ctx.serverToProxyResponse.headers['content-encoding'];
+      ctx.addResponseFilter(zlib.createGunzip());
+    }
+    return callback();
+  },
+  onRequest: function(ctx, callback) {
+    ctx.proxyToServerRequestOptions.headers['accept-encoding'] = 'gzip';
+    return callback();
+  }
+};
+