proxy.py/Makefile

SHELL := /bin/bash

NS ?= abhinavsingh
IMAGE_NAME ?= proxy.py
VERSION ?= v$(shell python proxy.py --version)
LATEST_TAG := $(NS)/$(IMAGE_NAME):latest
IMAGE_TAG := $(NS)/$(IMAGE_NAME):$(VERSION)

HTTPS_KEY_FILE_PATH := https-key.pem
HTTPS_CERT_FILE_PATH := https-cert.pem

CA_KEY_FILE_PATH := ca-key.pem
CA_CERT_FILE_PATH := ca-cert.pem
CA_SIGNING_KEY_FILE_PATH := ca-signing-key.pem

.PHONY: all clean test package test-release release coverage lint autopep8
.PHONY: container run-container release-container https-certificates ca-certificates

all: clean test

clean:
	find . -name '*.pyc' -exec rm -f {} +
	find . -name '*.pyo' -exec rm -f {} +
	find . -name '*~' -exec rm -f {} +
	rm -f .coverage
	rm -rf htmlcov dist build .pytest_cache proxy.py.egg-info

test:
	python -m unittest tests

package: clean
	python setup.py sdist bdist_wheel

test-release: package
	twine upload --verbose --repository-url https://test.pypi.org/legacy/ dist/*

release: package
	twine upload dist/*

coverage:
	coverage3 run --source=proxy tests.py
	coverage3 html
	open htmlcov/index.html

lint:
	flake8 --ignore=W504 --max-line-length=127 proxy.py tests.py
	mypy --strict --ignore-missing-imports proxy.py plugin_examples.py tests.py

autopep8:
	autopep8 --recursive --in-place --aggressive proxy.py
	autopep8 --recursive --in-place --aggressive tests.py
	autopep8 --recursive --in-place --aggressive plugin_examples.py

container:
	docker build -t $(LATEST_TAG) -t $(IMAGE_TAG) .

run-container:
	docker run -it -p 8899:8899 --rm $(LATEST_TAG)

release-container:
	docker push $(IMAGE_TAG)

https-certificates:
	# Generate server key
	openssl genrsa -out $(HTTPS_KEY_FILE_PATH) 2048
	# Generate server certificate
	openssl req -new -x509 -days 3650 -key $(HTTPS_KEY_FILE_PATH) -out $(HTTPS_CERT_FILE_PATH)

ca-certificates:
	# Generate CA key
	openssl genrsa -out $(CA_KEY_FILE_PATH) 2048
	# Generate CA certificate
	openssl req -new -x509 -days 3650 -key $(CA_KEY_FILE_PATH) -out $(CA_CERT_FILE_PATH)
	# Generate key that will be used to generate domain certificates on the fly
	# Generated certificates are then signed with CA certificate / key generated above
	openssl genrsa -out $(CA_SIGNING_KEY_FILE_PATH) 2048
Add Dockerfile and build rule 2018-12-22 15:08:04 +00:00			`SHELL := /bin/bash`

			`NS ?= abhinavsingh`
			`IMAGE_NAME ?= proxy.py`
Add --version flag also used by Makefile for releases. 2019-08-24 17:23:30 +00:00			`VERSION ?= v$(shell python proxy.py --version)`
Release docker container and prep for v0.4 2019-02-09 05:13:34 +00:00			`LATEST_TAG := $(NS)/$(IMAGE_NAME):latest`
Add Dockerfile and build rule 2018-12-22 15:08:04 +00:00			`IMAGE_TAG := $(NS)/$(IMAGE_NAME):$(VERSION)`

Add support for TLS/SSL interception and HTTPS server (#86) * Handle OSError thrown when curl --proxy-cacert flag is invalid * Add server-cert * Dockerfile dont need --ipv4 since now its auto-detected and deprecated * Add make server-cert info * Add support for HTTPS interception. 1) Start as proxy.py --ca-key-file ca-key.pem --ca-cert-file ca-cert.pem --ca-signing-key-file ca-signing-key.pem 2) Test using curl curl -v -L -x proxy.py:8899 --cacert ca-cert.pem https://google.com Now proxy.py is able to decrypt HTTPS traffic between curl and google.com. Generated certificates are stored under ~/.proxy.py directory. * Add comments for why interception do not work if client is communicating with proxy.py over https * Fix tests * Exit with message when trying to https intercept and also serve over https * lint * Disable OP_NO_SSLv2, OP_NO_SSLv3, OP_NO_TLSv1, OP_NO_TLSv1_1 when wrapping upstream server socket * Ensure client.conn.shutdown is called if necessary. * Add mypy check for plugin_examples.py * Exception handling when client sends invalid requests * Verify plugin_examples * mypy compat * HttpRequestRejected 2019-09-25 02:02:57 +00:00			`HTTPS_KEY_FILE_PATH := https-key.pem`
			`HTTPS_CERT_FILE_PATH := https-cert.pem`

			`CA_KEY_FILE_PATH := ca-key.pem`
			`CA_CERT_FILE_PATH := ca-cert.pem`
			`CA_SIGNING_KEY_FILE_PATH := ca-signing-key.pem`

Test coverage and mypy compliance (#94) * Add tests and mypy compliance for tests * Add pragma: no cover for abstract class methods * mypy --strict compliance for tests.py * Refactor and test coverage * lint fixes 2019-09-25 22:51:12 +00:00			`.PHONY: all clean test package test-release release coverage lint autopep8`
Add support for TLS/SSL interception and HTTPS server (#86) * Handle OSError thrown when curl --proxy-cacert flag is invalid * Add server-cert * Dockerfile dont need --ipv4 since now its auto-detected and deprecated * Add make server-cert info * Add support for HTTPS interception. 1) Start as proxy.py --ca-key-file ca-key.pem --ca-cert-file ca-cert.pem --ca-signing-key-file ca-signing-key.pem 2) Test using curl curl -v -L -x proxy.py:8899 --cacert ca-cert.pem https://google.com Now proxy.py is able to decrypt HTTPS traffic between curl and google.com. Generated certificates are stored under ~/.proxy.py directory. * Add comments for why interception do not work if client is communicating with proxy.py over https * Fix tests * Exit with message when trying to https intercept and also serve over https * lint * Disable OP_NO_SSLv2, OP_NO_SSLv3, OP_NO_TLSv1, OP_NO_TLSv1_1 when wrapping upstream server socket * Ensure client.conn.shutdown is called if necessary. * Add mypy check for plugin_examples.py * Exception handling when client sends invalid requests * Verify plugin_examples * mypy compat * HttpRequestRejected 2019-09-25 02:02:57 +00:00			`.PHONY: container run-container release-container https-certificates ca-certificates`
variablize reply pkt, ignore, Makefile 2013-12-23 21:51:45 +00:00
			`all: clean test`

			`clean:`
			`find . -name '*.pyc' -exec rm -f {} +`
			`find . -name '*.pyo' -exec rm -f {} +`
			`find . -name '*~' -exec rm -f {} +`
Fixes #20 HttpParser bug content-length is missing 2018-12-22 20:43:17 +00:00			`rm -f .coverage`
Bump develop version to 1.0.1 and Autopep8 (#103) * autopep8 * add int support for text_ and bytes_ 2019-09-27 22:43:35 +00:00			`rm -rf htmlcov dist build .pytest_cache proxy.py.egg-info`
variablize reply pkt, ignore, Makefile 2013-12-23 21:51:45 +00:00
			`test:`
Fix default listen on IPV6 for linux systems. Closes #59 2019-09-02 18:20:26 +00:00			`python -m unittest tests`
variablize reply pkt, ignore, Makefile 2013-12-23 21:51:45 +00:00
Prepare for v0.3 release 2019-02-09 02:57:44 +00:00			`package: clean`
			`python setup.py sdist bdist_wheel`
variablize reply pkt, ignore, Makefile 2013-12-23 21:51:45 +00:00
Prepare for v0.3 release 2019-02-09 02:57:44 +00:00			`test-release: package`
Make pypi release 1.0.0 2019-09-27 20:42:53 +00:00			`twine upload --verbose --repository-url https://test.pypi.org/legacy/ dist/*`
Add Dockerfile and build rule 2018-12-22 15:08:04 +00:00
Prepare for v0.3 release 2019-02-09 02:57:44 +00:00			`release: package`
			`twine upload dist/*`

			`coverage:`
Use selectors.DefaultSelector instead of select.select (#106) * Use selectors.DefaultSelector instead of select.select * Unregister to avoid endless loop * Cleanup event register/unregiter * Cleanup event registration * Add google-fluentd.conf. Use if running proxy.py on Google Cloud. * Send server error from proxy if for whatever reason we fail to process the request (or should it be BadRequest based upon situation?) * Fix tests for selectors * Only include proxy.py and tests.py in coverage report * Only include proxy.py for coverage * remove redundant integration test, will rewrite using mocks * Proper unregister of events * Change multi core accept model to avoid client TIME_WAIT. Fixes #97 * Catch BlockingIOError * Remove redundant comments * Simplify with AcceptorPool * Pass family to acceptor processes * Remove plugin.access_log for core plugins * Return 501 not implemented for web socket upgrade requests to inbuilt HTTP server * Add support for websocket upgrade * Websocket frame parser * Enable websocket based routing * Add WebsocketClient * Websocket * mypy fixes * Sync GitHub workflow lint and makefile lint commands. For now comment out tests which are broken :( New tests coming next. * Start fixing tests for new code * Fix formatting * Fix main tests * Add worker tests * GitHub only ran windows tests, may be require unique names * Use 3.6/3.7 dev versions for GitHub actions * Add AcceptorPool test * Add x64 and x86 matrix for actions tests * Dont use dev versions since they dont exists for x86 * Ha no x86 support itself * Add backer link * Remove support badge for 3.5 as it doesnt support typing * Update read me with changed architecture notes * Update read me with changed architecture notes * Add `import proxy` usage instructions. * Add pydoc reference for developers * Put pydoc as internal documentation 2019-10-02 07:09:35 +00:00			`coverage3 run --source=proxy tests.py`
Add coveralls integration No use mirrors Enforce coverage3 Add coverage badge and use python -m to invoke coverage Enforce pip3, remove SyntaxError reported line Use develop branch for coverage status 2019-08-25 17:31:42 +00:00			`coverage3 html`
Add tests for HttpRequestRejected responses and open file limit setter. 2019-08-24 18:31:55 +00:00			`open htmlcov/index.html`
Fixes #20 HttpParser bug content-length is missing 2018-12-22 20:43:17 +00:00
Use Pipe instead of Queue when passing sockets (#69) * Use pipes instead of queues. Possible solution for #68 * Handle ConnectionRefusedError * Close corresponding pipes on shutdown * Abstract classes for plugins. * Add github workflows * Use pytest for github workflow * Add Windows/Mac workflows * Use os.matrix * 3.8 and 3.9 probably dont exists yet * Do not fail-fast, also python 3.5 seems to be throwing syntax error for typing * autopep8 * Disable windows-latest workflow which seems to hang 2019-09-17 03:18:14 +00:00			`lint:`
Use selectors.DefaultSelector instead of select.select (#106) * Use selectors.DefaultSelector instead of select.select * Unregister to avoid endless loop * Cleanup event register/unregiter * Cleanup event registration * Add google-fluentd.conf. Use if running proxy.py on Google Cloud. * Send server error from proxy if for whatever reason we fail to process the request (or should it be BadRequest based upon situation?) * Fix tests for selectors * Only include proxy.py and tests.py in coverage report * Only include proxy.py for coverage * remove redundant integration test, will rewrite using mocks * Proper unregister of events * Change multi core accept model to avoid client TIME_WAIT. Fixes #97 * Catch BlockingIOError * Remove redundant comments * Simplify with AcceptorPool * Pass family to acceptor processes * Remove plugin.access_log for core plugins * Return 501 not implemented for web socket upgrade requests to inbuilt HTTP server * Add support for websocket upgrade * Websocket frame parser * Enable websocket based routing * Add WebsocketClient * Websocket * mypy fixes * Sync GitHub workflow lint and makefile lint commands. For now comment out tests which are broken :( New tests coming next. * Start fixing tests for new code * Fix formatting * Fix main tests * Add worker tests * GitHub only ran windows tests, may be require unique names * Use 3.6/3.7 dev versions for GitHub actions * Add AcceptorPool test * Add x64 and x86 matrix for actions tests * Dont use dev versions since they dont exists for x86 * Ha no x86 support itself * Add backer link * Remove support badge for 3.5 as it doesnt support typing * Update read me with changed architecture notes * Update read me with changed architecture notes * Add `import proxy` usage instructions. * Add pydoc reference for developers * Put pydoc as internal documentation 2019-10-02 07:09:35 +00:00			`flake8 --ignore=W504 --max-line-length=127 proxy.py tests.py`
Test coverage and mypy compliance (#94) * Add tests and mypy compliance for tests * Add pragma: no cover for abstract class methods * mypy --strict compliance for tests.py * Refactor and test coverage * lint fixes 2019-09-25 22:51:12 +00:00			`mypy --strict --ignore-missing-imports proxy.py plugin_examples.py tests.py`

			`autopep8:`
Add support for TLS/SSL interception and HTTPS server (#86) * Handle OSError thrown when curl --proxy-cacert flag is invalid * Add server-cert * Dockerfile dont need --ipv4 since now its auto-detected and deprecated * Add make server-cert info * Add support for HTTPS interception. 1) Start as proxy.py --ca-key-file ca-key.pem --ca-cert-file ca-cert.pem --ca-signing-key-file ca-signing-key.pem 2) Test using curl curl -v -L -x proxy.py:8899 --cacert ca-cert.pem https://google.com Now proxy.py is able to decrypt HTTPS traffic between curl and google.com. Generated certificates are stored under ~/.proxy.py directory. * Add comments for why interception do not work if client is communicating with proxy.py over https * Fix tests * Exit with message when trying to https intercept and also serve over https * lint * Disable OP_NO_SSLv2, OP_NO_SSLv3, OP_NO_TLSv1, OP_NO_TLSv1_1 when wrapping upstream server socket * Ensure client.conn.shutdown is called if necessary. * Add mypy check for plugin_examples.py * Exception handling when client sends invalid requests * Verify plugin_examples * mypy compat * HttpRequestRejected 2019-09-25 02:02:57 +00:00			`autopep8 --recursive --in-place --aggressive proxy.py`
			`autopep8 --recursive --in-place --aggressive tests.py`
			`autopep8 --recursive --in-place --aggressive plugin_examples.py`
Fixes #20 HttpParser bug content-length is missing 2018-12-22 20:43:17 +00:00
Prepare for v0.3 release 2019-02-09 02:57:44 +00:00			`container:`
Release docker container and prep for v0.4 2019-02-09 05:13:34 +00:00			`docker build -t $(LATEST_TAG) -t $(IMAGE_TAG) .`

			`run-container:`
			`docker run -it -p 8899:8899 --rm $(LATEST_TAG)`

			`release-container:`
			`docker push $(IMAGE_TAG)`
Add support for TLS/SSL interception and HTTPS server (#86) * Handle OSError thrown when curl --proxy-cacert flag is invalid * Add server-cert * Dockerfile dont need --ipv4 since now its auto-detected and deprecated * Add make server-cert info * Add support for HTTPS interception. 1) Start as proxy.py --ca-key-file ca-key.pem --ca-cert-file ca-cert.pem --ca-signing-key-file ca-signing-key.pem 2) Test using curl curl -v -L -x proxy.py:8899 --cacert ca-cert.pem https://google.com Now proxy.py is able to decrypt HTTPS traffic between curl and google.com. Generated certificates are stored under ~/.proxy.py directory. * Add comments for why interception do not work if client is communicating with proxy.py over https * Fix tests * Exit with message when trying to https intercept and also serve over https * lint * Disable OP_NO_SSLv2, OP_NO_SSLv3, OP_NO_TLSv1, OP_NO_TLSv1_1 when wrapping upstream server socket * Ensure client.conn.shutdown is called if necessary. * Add mypy check for plugin_examples.py * Exception handling when client sends invalid requests * Verify plugin_examples * mypy compat * HttpRequestRejected 2019-09-25 02:02:57 +00:00
			`https-certificates:`
Test coverage and mypy compliance (#94) * Add tests and mypy compliance for tests * Add pragma: no cover for abstract class methods * mypy --strict compliance for tests.py * Refactor and test coverage * lint fixes 2019-09-25 22:51:12 +00:00			`# Generate server key`
Add support for TLS/SSL interception and HTTPS server (#86) * Handle OSError thrown when curl --proxy-cacert flag is invalid * Add server-cert * Dockerfile dont need --ipv4 since now its auto-detected and deprecated * Add make server-cert info * Add support for HTTPS interception. 1) Start as proxy.py --ca-key-file ca-key.pem --ca-cert-file ca-cert.pem --ca-signing-key-file ca-signing-key.pem 2) Test using curl curl -v -L -x proxy.py:8899 --cacert ca-cert.pem https://google.com Now proxy.py is able to decrypt HTTPS traffic between curl and google.com. Generated certificates are stored under ~/.proxy.py directory. * Add comments for why interception do not work if client is communicating with proxy.py over https * Fix tests * Exit with message when trying to https intercept and also serve over https * lint * Disable OP_NO_SSLv2, OP_NO_SSLv3, OP_NO_TLSv1, OP_NO_TLSv1_1 when wrapping upstream server socket * Ensure client.conn.shutdown is called if necessary. * Add mypy check for plugin_examples.py * Exception handling when client sends invalid requests * Verify plugin_examples * mypy compat * HttpRequestRejected 2019-09-25 02:02:57 +00:00			`openssl genrsa -out $(HTTPS_KEY_FILE_PATH) 2048`
			`# Generate server certificate`
			`openssl req -new -x509 -days 3650 -key $(HTTPS_KEY_FILE_PATH) -out $(HTTPS_CERT_FILE_PATH)`

			`ca-certificates:`
			`# Generate CA key`
			`openssl genrsa -out $(CA_KEY_FILE_PATH) 2048`
			`# Generate CA certificate`
			`openssl req -new -x509 -days 3650 -key $(CA_KEY_FILE_PATH) -out $(CA_CERT_FILE_PATH)`
			`# Generate key that will be used to generate domain certificates on the fly`
			`# Generated certificates are then signed with CA certificate / key generated above`
			`openssl genrsa -out $(CA_SIGNING_KEY_FILE_PATH) 2048`