Based on code from https://github.com/kr/mitm.
To build:
- Install Go 1.19 (amd64), which requires macOS High Sierra 10.13 or higher.
1.1 Additional Go versions can be found under "Archived versions" on the Go releases page.
1.2 Although this could technically be built with an earlier version of Go, the advantage of using this version (at a minimum) is that it uses Apple's native system framework for certificate validation, which improves performance, and means the proxy respects the certificate trust settings in Keychain Access.
- In
/usr/local/go/src/crypto/x509/root_darwin.go, change:
- policies := macOS.CFArrayCreateMutable()
- defer macOS.ReleaseCFArray(policies)
sslPolicy := macOS.SecPolicyCreateSSL(opts.DNSName)
- macOS.CFArrayAppendValue(policies, sslPolicy)
+ defer macOS.CFRelease(sslPolicy)
- trustObj, err := macOS.SecTrustCreateWithCertificates(certs, policies)
+ trustObj, err := macOS.SecTrustCreateWithCertificates(certs, sslPolicy)
- Build normally with
go build. - Place the aquaproxy binary in
Package/Aqua\ Proxy/AquaProxyasaquaproxy-64 - Install Go 1.13. You may need to switch to an older OS at this point; the author uses Mavericks.
- Use Go 1.13 to build 32-bit AquaProxy with
GOARCH=386 go build. - Place the 32 bit aquaproxy binary in binary in
Package/Aqua\ Proxy/AquaProxyasaquaproxy-32 - Run
gen_compat_build.shto inject needed compatibility libraries and lipo the slices together. Afterwards, delete the individualaquaproxy-64andaquaproxy-32
Note: If you choose to rebuild libMacPortsLegacySupport, make sure to run the build on Snow Leopard and use make ARCHS="i386 x86_64" so the binary will be compatible with all supported systems.