A starttls-capable transparent man-in-the-middle proxy。
starttls-mitm is a mitm proxy that will transparently proxy and dump both plaintext and TLS traffic. It uses a user-provided keyfile and certificate file to impersonate remote servers. The user must explicitly instruct the device being man-in-the-middled to trust this certificate authority -- so this is not a security compromise. It starts out relaying in plaintext, peeking at each packet for a ClientHello header, at which point it converts the sockets to TLS. This makes it suitable for proxying protocols that use STARTTLS (plaintext handshake + SSL upgrade). It's only been tested on XMPP so far, but it should theoretically work for IMAP and others as well.
frm https://github.com/ipopov/starttls-mitm
