Commit Graph

13 Commits

Author SHA1 Message Date
Abhinav Singh 62012ed181
Enable docker containers for TLS Interception (#375)
* Move static values to constants.py

* Install openssl in docker containers for TLS interception

* Complete TLS Interception with Docker doc
2020-06-17 17:54:43 +05:30
Abhinav Singh 419026dcdf
Build docker of Python 3.8 (#214) 2019-12-01 23:06:50 -08:00
Abhinav Singh 131e9366ac
Move plugin_examples/ as proxy.plugin and update readme (#179)
* Update dev guide

* Move plugin_examples/ as proxy.plugin

* Update proxy.plugin ref path in readme

* Remove unnecessary port flag

* Remove plugin_examples from github workflows

* dashboard folder is a npm package not python package anymore

* Plugins can now be tried using Docker image
2019-11-15 14:47:50 -08:00
Abhinav Singh 3aa1dc2824
Test refactor + Docker image CI (#154)
* Move tests into individual modules too

* Ensure one test class per file

* Fix docker image after refactoring

* Add github actions workflow for building docker image

* Fix image name

* Setup python required for extracting proxy version

* Version will also require deps
2019-10-29 20:41:39 -07:00
Abhinav Singh 3b5e2ccf9c Reduce docker image size 2019-10-11 11:03:51 -07:00
Abhinav Singh 3b9587b6f1
Ensure explicit flush before upgrade while TLS intercepting (#121)
* Ensure explicit flush before upgrade + nonblocking server sock.

* tls interception tests

* prepare for v1.1.1

* Add requirements.txt for typing extensions

* Add setup.py under lint workflow
2019-10-10 15:15:27 -07:00
Abhinav Singh 7a6247ea18 v1.1.0 release
Add pip install typing-extensions==3.7.4 for docker image
2019-10-10 00:29:41 -07:00
Abhinav Singh 92142a70d9
Add support for TLS/SSL interception and HTTPS server (#86)
* Handle OSError thrown when curl --proxy-cacert flag is invalid

* Add server-cert

* Dockerfile dont need --ipv4 since now its auto-detected and deprecated

* Add make server-cert info

* Add support for HTTPS interception.

1) Start as

    proxy.py --ca-key-file ca-key.pem --ca-cert-file ca-cert.pem --ca-signing-key-file ca-signing-key.pem

2) Test using curl

    curl -v -L -x proxy.py:8899 --cacert ca-cert.pem https://google.com

Now proxy.py is able to decrypt HTTPS traffic between curl and
google.com.  Generated certificates are stored under ~/.proxy.py
directory.

* Add comments for why interception do not work if client is communicating with proxy.py over https

* Fix tests

* Exit with message when trying to https intercept and also serve over https

* lint

* Disable OP_NO_SSLv2, OP_NO_SSLv3, OP_NO_TLSv1, OP_NO_TLSv1_1 when wrapping upstream server socket

* Ensure client.conn.shutdown is called if necessary.

* Add mypy check for plugin_examples.py

* Exception handling when client sends invalid requests

* Verify plugin_examples

* mypy compat

* HttpRequestRejected
2019-09-24 19:02:57 -07:00
Abhinav Singh 2b8fd53f15
Make docker v1.0.0 release (#82)
* Make docker v1.0.0 release

* 👍

* 👍 📱 💻 💡

* 👍 📱 💻 💡
2019-09-23 00:30:52 -07:00
Abhinav Singh 5eb4d8a97c
Use Pipe instead of Queue when passing sockets (#69)
* Use pipes instead of queues.

Possible solution for #68

* Handle ConnectionRefusedError

* Close corresponding pipes on shutdown

* Abstract classes for plugins.

* Add github workflows

* Use pytest for github workflow

* Add Windows/Mac workflows

* Use os.matrix

* 3.8 and 3.9 probably dont exists yet

* Do not fail-fast, also python 3.5 seems to be throwing syntax error for typing

* autopep8

* Disable windows-latest workflow which seems to hang
2019-09-16 20:18:14 -07:00
Abhinav Singh 3e92faba32 Necessary productionization tests. 2019-09-03 12:54:47 -07:00
Abhinav Singh 4019e95850 Per worker queue instead of shared one.
1. MultiCoreDispatcher now dispatches request in round robin fashion.
2. Added Python3 static type hinting

add Google Cloud Run Button

Preserve proxy.py name as otherwise it breaks module system.  Just provide a custom service name to fix Google Cloud Run issue

Custom service name for Google Cloud Run.

Specify port in app.json as required by Google Cloud Run

Go cannot unmarshall int :)

Port desc

Looks like PORT cannot be overridden, for now use port 8080 in Dockerfile

Remove cloudrun integration.

While proxy.py runs successfully within the container, gvisor
limitations doesn't allow proxy.py to accept client connections.
Specifically membarrier syscall isn't allowed.

Update README.md
2019-08-24 09:31:56 -07:00
Abhinav Singh 15b6fde86e Add Dockerfile and build rule 2018-12-22 07:08:04 -08:00