Better error handling for transparent mode remote address resolution.

2013-01-01 11:24:11 +13:00 · 2013-01-01 11:24:11 +13:00 · e42136a6ef
parent e2dc7ba09d
commit e42136a6ef
2 changed files with 8 additions and 2 deletions
--- a/libmproxy/platform/osx.py
+++ b/libmproxy/platform/osx.py
@ -16,5 +16,8 @@ class Resolver:

    def original_addr(self, csock):
        peer = csock.getpeername()
-        stxt = subprocess.check_output(self.STATECMD, stderr=subprocess.STDOUT)
+        try:
+            stxt = subprocess.check_output(self.STATECMD, stderr=subprocess.STDOUT)
+        except subprocess.CalledProcessError:
+            return None
        return pf.lookup(peer[0], peer[1], stxt)
--- a/libmproxy/proxy.py
+++ b/libmproxy/proxy.py
@ -267,7 +267,10 @@ class ProxyHandler(tcp.BaseHandler):

    def read_request(self, client_conn):
        if self.config.transparent_proxy:
-            host, port = self.config.transparent_proxy["resolver"].original_addr(self.connection)
+            orig = self.config.transparent_proxy["resolver"].original_addr(self.connection)
+            if not orig:
+                raise ProxyError(502, "Transparent mode failure: could not resolve original destination.")
+            host, port = orig
            if not self.ssl_established and (port in self.config.transparent_proxy["sslports"]):
                scheme = "https"
                certfile = self.find_cert(host, port, None)