A project at work recently led me down the path of looking to proxy some TLS traffic. While looking at the state of the art, I came across a program on GitHub simply called sniproxy. Even better, it was written by a friend of mine named Dustin Lundquist. Since I haven’t spoken with Dustin in a while, I took this oppurtunity to not only look closely at his program but also reconnect. This is one of the advantages of Open Source, the ability to connect at a social level with people.
It turns out that sniproxy is quite state of the art, even in 2020. The ability to proxy based on the SNI value in the initial ClientHello message of a TLS session may seem like something old, but it’s still in use today in a variety of places.
I’ll have more to say about my usage of sniproxy and what I ultimately want to do with it in the near future. For now, go and have a look at this wonderful little proxy written in C!