I did look at it! It's still an option in my back pocket if I find things that don't work nicely, but right now this is much easier. I'd need to use LD_PRELOAD to hook lots of different libraries and tools (OpenSSL is just the start, and I also need to hook proxy settings), plus handle different versions of the hooked libs, and make it work reliably on Windows & Linux & Mac.
AFAICT, it's hard to do everywhere reliably for the general case, though as I say I might use it for specific niche cases later. At the moment there's zero native code required in this terminal hooking, which is very nice, and it's very nearly identical logic for all platforms too. It's not so bad, right now it's less than 1000 lines of code in total, and it works out of the box for Python/Node/Ruby/PHP/curl/npm/apt-get, etc etc etc.
An LD_PRELOAD approach would be useful for working around that flavour of certificate 'pinning' where the cert files are embedded in the application rather read from the filesystem. I don't know how common that is compared to the other pinning methods (public key pinning, hashing) but maybe you could make it work for those also. I guess you'd have to implement it for each individual library but does any other (free) mitm proxy offer this feature?
