From 4984bbb83ba3f6cbdfdd93520c6e3283709fea45 Mon Sep 17 00:00:00 2001 From: Maximilian Hils Date: Mon, 9 Dec 2013 19:10:15 +0100 Subject: [PATCH 1/2] remove code duplication in ProxyHandler by unifying read_transparent and read_reverse --- libmproxy/proxy.py | 42 +++++++++++++++++------------------------- 1 file changed, 17 insertions(+), 25 deletions(-) diff --git a/libmproxy/proxy.py b/libmproxy/proxy.py index ab2cdb7c5..a62803fbf 100644 --- a/libmproxy/proxy.py +++ b/libmproxy/proxy.py @@ -213,6 +213,8 @@ class ProxyHandler(tcp.BaseHandler): request = request_reply if self.config.reverse_proxy: scheme, host, port = self.config.reverse_proxy + elif self.config.forward_proxy: + scheme, host, port = self.config.forward_proxy else: scheme, host, port = request.scheme, request.host, request.port @@ -221,12 +223,7 @@ class ProxyHandler(tcp.BaseHandler): # the case, we want to reconnect without sending an error # to the client. while 1: - if self.config.forward_proxy: - forward_scheme, forward_host, forward_port = self.config.forward_proxy - sc = self.get_server_connection(cc, forward_scheme, forward_host, forward_port, self.sni) - else: - sc = self.get_server_connection(cc, scheme, host, port, self.sni) - + sc = self.get_server_connection(cc, scheme, host, port, self.sni) sc.send(request) if sc.requestcount == 1: # add timestamps only for first request (others are not directly affected) request.tcp_setup_timestamp = sc.tcp_setup_timestamp @@ -346,10 +343,21 @@ class ProxyHandler(tcp.BaseHandler): host, port = orig if port in self.config.transparent_proxy["sslports"]: scheme = "https" - if not self.ssl_established: - self.establish_ssl(client_conn, host, port) else: scheme = "http" + + return self._read_request_transparent(client_conn, scheme, host, port) + + def _read_request_transparent(self, client_conn, scheme, host, port): + """ + Read a transparent HTTP request. Transparent means that the client isn't aware of proxying. + In other words, the client request starts with + "GET /foo.html HTTP/1.1" + rather than + "CONNECT example.com:80 HTTP/1.1" + """ + if scheme.lower() == "https" and not self.ssl_established: + self.establish_ssl(client_conn, host, port) line = self.get_line(self.rfile) if line == "": return None @@ -417,23 +425,7 @@ class ProxyHandler(tcp.BaseHandler): def read_request_reverse(self, client_conn): scheme, host, port = self.config.reverse_proxy - if scheme.lower() == "https" and not self.ssl_established: - self.establish_ssl(client_conn, host, port) - line = self.get_line(self.rfile) - if line == "": - return None - r = http.parse_init_http(line) - if not r: - raise ProxyError(400, "Bad HTTP request line: %s"%repr(line)) - method, path, httpversion = r - headers = self.read_headers(authenticate=False) - content = http.read_http_body_request( - self.rfile, self.wfile, headers, httpversion, self.config.body_size_limit - ) - return flow.Request( - client_conn, httpversion, host, port, scheme, method, path, headers, content, - self.rfile.first_byte_timestamp, utils.timestamp() - ) + return self._read_request_transparent(client_conn, scheme, host, port) def read_request(self, client_conn): self.rfile.reset_timestamps() From f0e96be142dc9c43deb174bcaffc4b83726bb9bc Mon Sep 17 00:00:00 2001 From: Maximilian Hils Date: Tue, 10 Dec 2013 03:13:37 +0100 Subject: [PATCH 2/2] ensure binary read on windows --- libmproxy/proxy.py | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/libmproxy/proxy.py b/libmproxy/proxy.py index a62803fbf..7b2f9bfe0 100644 --- a/libmproxy/proxy.py +++ b/libmproxy/proxy.py @@ -302,7 +302,8 @@ class ProxyHandler(tcp.BaseHandler): def find_cert(self, cc, host, port, sni): if self.config.certfile: - return certutils.SSLCert.from_pem(file(self.config.certfile, "r").read()) + with open(self.config.certfile, "rb") as f: + return certutils.SSLCert.from_pem(f.read()) else: sans = [] if not self.config.no_upstream_cert: