2015-08-06 09:09:01 +00:00
|
|
|
from __future__ import (absolute_import, print_function, division)
|
2015-08-14 08:41:11 +00:00
|
|
|
|
2015-08-26 04:38:03 +00:00
|
|
|
import struct
|
2015-08-15 15:43:46 +00:00
|
|
|
|
2015-08-29 23:21:58 +00:00
|
|
|
from construct import ConstructError
|
2015-07-24 11:31:55 +00:00
|
|
|
|
2015-08-29 23:21:58 +00:00
|
|
|
from netlib.tcp import NetLibError, NetLibInvalidCertificateError
|
|
|
|
from netlib.http.http1 import HTTP1Protocol
|
2015-08-26 04:38:03 +00:00
|
|
|
from ..contrib.tls._constructs import ClientHello
|
2015-08-08 14:08:57 +00:00
|
|
|
from ..exceptions import ProtocolException
|
2015-08-18 13:59:44 +00:00
|
|
|
from .layer import Layer
|
2015-07-24 15:48:27 +00:00
|
|
|
|
|
|
|
|
2015-08-27 23:51:13 +00:00
|
|
|
def is_tls_record_magic(d):
|
|
|
|
"""
|
|
|
|
Returns:
|
|
|
|
True, if the passed bytes start with the TLS record magic bytes.
|
|
|
|
False, otherwise.
|
|
|
|
"""
|
|
|
|
d = d[:3]
|
2015-08-30 00:27:38 +00:00
|
|
|
|
|
|
|
# TLS ClientHello magic, works for SSLv3, TLSv1.0, TLSv1.1, TLSv1.2
|
|
|
|
# http://www.moserware.com/2009/06/first-few-milliseconds-of-https.html#client-hello
|
2015-08-27 23:51:13 +00:00
|
|
|
return (
|
|
|
|
len(d) == 3 and
|
|
|
|
d[0] == '\x16' and
|
|
|
|
d[1] == '\x03' and
|
|
|
|
d[2] in ('\x00', '\x01', '\x02', '\x03')
|
|
|
|
)
|
|
|
|
|
|
|
|
|
2015-08-08 14:08:57 +00:00
|
|
|
class TlsLayer(Layer):
|
|
|
|
def __init__(self, ctx, client_tls, server_tls):
|
2015-08-26 03:39:00 +00:00
|
|
|
self.client_sni = None
|
2015-08-26 04:38:03 +00:00
|
|
|
self.client_alpn_protocols = None
|
2015-08-26 03:39:00 +00:00
|
|
|
|
2015-08-08 14:08:57 +00:00
|
|
|
super(TlsLayer, self).__init__(ctx)
|
|
|
|
self._client_tls = client_tls
|
|
|
|
self._server_tls = server_tls
|
2015-08-26 03:39:00 +00:00
|
|
|
|
2015-07-24 15:48:27 +00:00
|
|
|
self._sni_from_server_change = None
|
2015-08-15 15:43:46 +00:00
|
|
|
|
2015-07-24 15:48:27 +00:00
|
|
|
def __call__(self):
|
|
|
|
"""
|
|
|
|
The strategy for establishing SSL is as follows:
|
|
|
|
First, we determine whether we need the server cert to establish ssl with the client.
|
|
|
|
If so, we first connect to the server and then to the client.
|
|
|
|
If not, we only connect to the client and do the server_ssl lazily on a Connect message.
|
|
|
|
|
|
|
|
An additional complexity is that establish ssl with the server may require a SNI value from the client.
|
|
|
|
In an ideal world, we'd do the following:
|
|
|
|
1. Start the SSL handshake with the client
|
|
|
|
2. Check if the client sends a SNI.
|
|
|
|
3. Pause the client handshake, establish SSL with the server.
|
|
|
|
4. Finish the client handshake with the certificate from the server.
|
|
|
|
There's just one issue: We cannot get a callback from OpenSSL if the client doesn't send a SNI. :(
|
2015-08-26 04:38:03 +00:00
|
|
|
Thus, we manually peek into the connection and parse the ClientHello message to obtain both SNI and ALPN values.
|
|
|
|
|
2015-07-24 15:48:27 +00:00
|
|
|
Further notes:
|
|
|
|
- OpenSSL 1.0.2 introduces a callback that would help here:
|
|
|
|
https://www.openssl.org/docs/ssl/SSL_CTX_set_cert_cb.html
|
|
|
|
- The original mitmproxy issue is https://github.com/mitmproxy/mitmproxy/issues/427
|
|
|
|
"""
|
2015-08-26 03:39:00 +00:00
|
|
|
|
2015-08-26 04:38:03 +00:00
|
|
|
client_tls_requires_server_cert = (
|
|
|
|
self._client_tls and self._server_tls and not self.config.no_upstream_cert
|
|
|
|
)
|
|
|
|
|
|
|
|
self._parse_client_hello()
|
|
|
|
|
|
|
|
if client_tls_requires_server_cert:
|
2015-08-27 13:59:56 +00:00
|
|
|
self._establish_tls_with_client_and_server()
|
2015-08-26 04:38:03 +00:00
|
|
|
elif self._client_tls:
|
|
|
|
self._establish_tls_with_client()
|
|
|
|
|
|
|
|
layer = self.ctx.next_layer(self)
|
|
|
|
layer()
|
|
|
|
|
2015-08-30 00:27:38 +00:00
|
|
|
def __repr__(self):
|
|
|
|
if self._client_tls and self._server_tls:
|
|
|
|
return "TlsLayer(client and server)"
|
|
|
|
elif self._client_tls:
|
|
|
|
return "TlsLayer(client)"
|
|
|
|
elif self._server_tls:
|
|
|
|
return "TlsLayer(server)"
|
|
|
|
else:
|
|
|
|
return "TlsLayer(inactive)"
|
|
|
|
|
2015-08-26 04:38:03 +00:00
|
|
|
def _get_client_hello(self):
|
2015-08-26 20:00:50 +00:00
|
|
|
"""
|
|
|
|
Peek into the socket and read all records that contain the initial client hello message.
|
|
|
|
|
|
|
|
Returns:
|
|
|
|
The raw handshake packet bytes, without TLS record header(s).
|
|
|
|
"""
|
2015-08-26 03:39:00 +00:00
|
|
|
client_hello = ""
|
|
|
|
client_hello_size = 1
|
|
|
|
offset = 0
|
|
|
|
while len(client_hello) < client_hello_size:
|
2015-08-27 23:51:13 +00:00
|
|
|
record_header = self.client_conn.rfile.peek(offset + 5)[offset:]
|
|
|
|
if not is_tls_record_magic(record_header) or len(record_header) != 5:
|
|
|
|
raise ProtocolException('Expected TLS record, got "%s" instead.' % record_header)
|
2015-08-26 03:39:00 +00:00
|
|
|
record_size = struct.unpack("!H", record_header[3:])[0] + 5
|
2015-08-27 23:51:13 +00:00
|
|
|
record_body = self.client_conn.rfile.peek(offset + record_size)[offset + 5:]
|
|
|
|
if len(record_body) != record_size - 5:
|
|
|
|
raise ProtocolException("Unexpected EOF in TLS handshake: %s" % record_body)
|
2015-08-26 03:39:00 +00:00
|
|
|
client_hello += record_body
|
|
|
|
offset += record_size
|
|
|
|
client_hello_size = struct.unpack("!I", '\x00' + client_hello[1:4])[0] + 4
|
2015-08-26 04:38:03 +00:00
|
|
|
return client_hello
|
2015-08-26 03:39:00 +00:00
|
|
|
|
2015-08-26 04:38:03 +00:00
|
|
|
def _parse_client_hello(self):
|
2015-08-26 20:00:50 +00:00
|
|
|
"""
|
|
|
|
Peek into the connection, read the initial client hello and parse it to obtain ALPN values.
|
|
|
|
"""
|
2015-08-27 23:51:13 +00:00
|
|
|
try:
|
|
|
|
raw_client_hello = self._get_client_hello()[4:] # exclude handshake header.
|
|
|
|
except ProtocolException as e:
|
|
|
|
self.log("Cannot parse Client Hello: %s" % repr(e), "error")
|
|
|
|
return
|
|
|
|
|
2015-08-26 04:38:03 +00:00
|
|
|
try:
|
2015-08-26 20:00:50 +00:00
|
|
|
client_hello = ClientHello.parse(raw_client_hello)
|
2015-08-26 04:38:03 +00:00
|
|
|
except ConstructError as e:
|
|
|
|
self.log("Cannot parse Client Hello: %s" % repr(e), "error")
|
2015-08-26 20:00:50 +00:00
|
|
|
self.log("Raw Client Hello:\r\n:%s" % raw_client_hello.encode("hex"), "debug")
|
2015-08-26 04:38:03 +00:00
|
|
|
return
|
2015-08-26 03:39:00 +00:00
|
|
|
|
|
|
|
for extension in client_hello.extensions:
|
|
|
|
if extension.type == 0x00:
|
2015-08-26 04:38:03 +00:00
|
|
|
if len(extension.server_names) != 1 or extension.server_names[0].type != 0:
|
|
|
|
self.log("Unknown Server Name Indication: %s" % extension.server_names, "error")
|
|
|
|
self.client_sni = extension.server_names[0].name
|
|
|
|
elif extension.type == 0x10:
|
2015-08-26 12:03:51 +00:00
|
|
|
self.client_alpn_protocols = list(extension.alpn_protocols)
|
2015-08-26 03:39:00 +00:00
|
|
|
|
2015-08-27 23:51:13 +00:00
|
|
|
self.log(
|
|
|
|
"Parsed Client Hello: sni=%s, alpn=%s" % (self.client_sni, self.client_alpn_protocols),
|
|
|
|
"debug"
|
|
|
|
)
|
2015-08-15 18:20:46 +00:00
|
|
|
|
2015-08-18 13:59:44 +00:00
|
|
|
def connect(self):
|
|
|
|
if not self.server_conn:
|
|
|
|
self.ctx.connect()
|
2015-08-26 03:39:00 +00:00
|
|
|
if self._server_tls and not self.server_conn.tls_established:
|
2015-08-18 13:59:44 +00:00
|
|
|
self._establish_tls_with_server()
|
|
|
|
|
|
|
|
def reconnect(self):
|
|
|
|
self.ctx.reconnect()
|
2015-08-26 03:39:00 +00:00
|
|
|
if self._server_tls and not self.server_conn.tls_established:
|
2015-08-18 13:59:44 +00:00
|
|
|
self._establish_tls_with_server()
|
2015-08-15 18:20:46 +00:00
|
|
|
|
2015-08-27 15:35:53 +00:00
|
|
|
def set_server(self, address, server_tls=None, sni=None, depth=1):
|
2015-08-18 13:59:44 +00:00
|
|
|
self.ctx.set_server(address, server_tls, sni, depth)
|
2015-08-27 15:35:53 +00:00
|
|
|
if depth == 1 and server_tls is not None:
|
2015-08-18 13:59:44 +00:00
|
|
|
self._sni_from_server_change = sni
|
|
|
|
self._server_tls = server_tls
|
2015-08-15 18:20:46 +00:00
|
|
|
|
2015-07-24 15:48:27 +00:00
|
|
|
@property
|
2015-08-26 04:38:03 +00:00
|
|
|
def sni_for_server_connection(self):
|
2015-07-24 15:48:27 +00:00
|
|
|
if self._sni_from_server_change is False:
|
|
|
|
return None
|
|
|
|
else:
|
2015-08-06 10:32:33 +00:00
|
|
|
return self._sni_from_server_change or self.client_sni
|
2015-07-24 15:48:27 +00:00
|
|
|
|
2015-08-26 04:38:03 +00:00
|
|
|
@property
|
|
|
|
def alpn_for_client_connection(self):
|
|
|
|
return self.server_conn.get_alpn_proto_negotiated()
|
2015-07-24 15:48:27 +00:00
|
|
|
|
2015-08-26 04:38:03 +00:00
|
|
|
def __alpn_select_callback(self, conn_, options):
|
2015-08-26 03:39:00 +00:00
|
|
|
"""
|
|
|
|
Once the client signals the alternate protocols it supports,
|
|
|
|
we reconnect upstream with the same list and pass the server's choice down to the client.
|
|
|
|
"""
|
2015-08-26 04:38:03 +00:00
|
|
|
|
|
|
|
# This gets triggered if we haven't established an upstream connection yet.
|
2015-08-29 23:21:58 +00:00
|
|
|
default_alpn = HTTP1Protocol.ALPN_PROTO_HTTP1
|
2015-08-26 04:38:03 +00:00
|
|
|
# alpn_preference = netlib.http.http2.HTTP2Protocol.ALPN_PROTO_H2
|
|
|
|
|
|
|
|
if self.alpn_for_client_connection in options:
|
2015-08-26 12:03:51 +00:00
|
|
|
choice = bytes(self.alpn_for_client_connection)
|
|
|
|
elif default_alpn in options:
|
|
|
|
choice = bytes(default_alpn)
|
|
|
|
else:
|
|
|
|
choice = options[0]
|
|
|
|
self.log("ALPN for client: %s" % choice, "debug")
|
|
|
|
return choice
|
2015-08-15 15:43:46 +00:00
|
|
|
|
2015-08-27 13:59:56 +00:00
|
|
|
def _establish_tls_with_client_and_server(self):
|
|
|
|
self.ctx.connect()
|
|
|
|
|
|
|
|
# If establishing TLS with the server fails, we try to establish TLS with the client nonetheless
|
|
|
|
# to send an error message over TLS.
|
|
|
|
try:
|
|
|
|
self._establish_tls_with_server()
|
|
|
|
except Exception as e:
|
|
|
|
try:
|
|
|
|
self._establish_tls_with_client()
|
|
|
|
except:
|
|
|
|
pass
|
|
|
|
raise e
|
|
|
|
|
|
|
|
self._establish_tls_with_client()
|
|
|
|
|
2015-08-08 14:08:57 +00:00
|
|
|
def _establish_tls_with_client(self):
|
|
|
|
self.log("Establish TLS with client", "debug")
|
2015-08-14 08:41:11 +00:00
|
|
|
cert, key, chain_file = self._find_cert()
|
2015-08-15 15:43:46 +00:00
|
|
|
|
2015-07-24 15:48:27 +00:00
|
|
|
try:
|
|
|
|
self.client_conn.convert_to_ssl(
|
|
|
|
cert, key,
|
|
|
|
method=self.config.openssl_method_client,
|
|
|
|
options=self.config.openssl_options_client,
|
|
|
|
cipher_list=self.config.ciphers_client,
|
|
|
|
dhparams=self.config.certstore.dhparams,
|
2015-08-15 15:43:46 +00:00
|
|
|
chain_file=chain_file,
|
2015-08-26 04:38:03 +00:00
|
|
|
alpn_select_callback=self.__alpn_select_callback,
|
2015-07-24 15:48:27 +00:00
|
|
|
)
|
2015-08-29 23:21:58 +00:00
|
|
|
except NetLibError as e:
|
2015-08-26 13:12:04 +00:00
|
|
|
raise ProtocolException("Cannot establish TLS with client: %s" % repr(e), e)
|
2015-07-24 15:48:27 +00:00
|
|
|
|
2015-08-08 14:08:57 +00:00
|
|
|
def _establish_tls_with_server(self):
|
|
|
|
self.log("Establish TLS with server", "debug")
|
2015-07-24 15:48:27 +00:00
|
|
|
try:
|
2015-08-26 12:03:51 +00:00
|
|
|
# We only support http/1.1 and h2.
|
|
|
|
# If the server only supports spdy (next to http/1.1), it may select that
|
|
|
|
# and mitmproxy would enter TCP passthrough mode, which we want to avoid.
|
|
|
|
deprecated_http2_variant = lambda x: x.startswith("h2-") or x.startswith("spdy")
|
2015-08-26 18:48:59 +00:00
|
|
|
if self.client_alpn_protocols:
|
|
|
|
alpn = filter(lambda x: not deprecated_http2_variant(x), self.client_alpn_protocols)
|
|
|
|
else:
|
|
|
|
alpn = None
|
2015-08-26 12:03:51 +00:00
|
|
|
|
2015-07-24 15:48:27 +00:00
|
|
|
self.server_conn.establish_ssl(
|
|
|
|
self.config.clientcerts,
|
2015-08-26 04:38:03 +00:00
|
|
|
self.sni_for_server_connection,
|
2015-07-24 15:48:27 +00:00
|
|
|
method=self.config.openssl_method_server,
|
|
|
|
options=self.config.openssl_options_server,
|
|
|
|
verify_options=self.config.openssl_verification_mode_server,
|
|
|
|
ca_path=self.config.openssl_trusted_cadir_server,
|
|
|
|
ca_pemfile=self.config.openssl_trusted_ca_server,
|
|
|
|
cipher_list=self.config.ciphers_server,
|
2015-08-26 12:03:51 +00:00
|
|
|
alpn_protos=alpn,
|
2015-07-24 15:48:27 +00:00
|
|
|
)
|
2015-08-08 14:08:57 +00:00
|
|
|
tls_cert_err = self.server_conn.ssl_verification_error
|
|
|
|
if tls_cert_err is not None:
|
2015-07-24 15:48:27 +00:00
|
|
|
self.log(
|
2015-08-08 14:08:57 +00:00
|
|
|
"TLS verification failed for upstream server at depth %s with error: %s" %
|
|
|
|
(tls_cert_err['depth'], tls_cert_err['errno']),
|
2015-07-24 15:48:27 +00:00
|
|
|
"error")
|
|
|
|
self.log("Ignoring server verification error, continuing with connection", "error")
|
2015-08-29 23:21:58 +00:00
|
|
|
except NetLibInvalidCertificateError as e:
|
2015-08-08 14:08:57 +00:00
|
|
|
tls_cert_err = self.server_conn.ssl_verification_error
|
2015-07-24 15:48:27 +00:00
|
|
|
self.log(
|
2015-08-08 14:08:57 +00:00
|
|
|
"TLS verification failed for upstream server at depth %s with error: %s" %
|
|
|
|
(tls_cert_err['depth'], tls_cert_err['errno']),
|
2015-07-24 15:48:27 +00:00
|
|
|
"error")
|
|
|
|
self.log("Aborting connection attempt", "error")
|
2015-08-26 13:12:04 +00:00
|
|
|
raise ProtocolException("Cannot establish TLS with server: %s" % repr(e), e)
|
2015-08-29 23:21:58 +00:00
|
|
|
except NetLibError as e:
|
2015-08-26 13:12:04 +00:00
|
|
|
raise ProtocolException("Cannot establish TLS with server: %s" % repr(e), e)
|
2015-07-24 15:48:27 +00:00
|
|
|
|
2015-08-26 12:03:51 +00:00
|
|
|
self.log("ALPN selected by server: %s" % self.alpn_for_client_connection, "debug")
|
|
|
|
|
2015-08-14 08:41:11 +00:00
|
|
|
def _find_cert(self):
|
2015-07-24 15:48:27 +00:00
|
|
|
host = self.server_conn.address.host
|
2015-08-06 09:09:01 +00:00
|
|
|
sans = set()
|
2015-07-24 15:48:27 +00:00
|
|
|
# Incorporate upstream certificate
|
2015-08-29 23:21:58 +00:00
|
|
|
use_upstream_cert = (
|
|
|
|
self.server_conn and
|
|
|
|
self.server_conn.tls_established and
|
|
|
|
(not self.config.no_upstream_cert)
|
|
|
|
)
|
|
|
|
if use_upstream_cert:
|
2015-07-24 15:48:27 +00:00
|
|
|
upstream_cert = self.server_conn.cert
|
2015-08-06 09:09:01 +00:00
|
|
|
sans.update(upstream_cert.altnames)
|
2015-07-24 15:48:27 +00:00
|
|
|
if upstream_cert.cn:
|
2015-08-06 09:09:01 +00:00
|
|
|
sans.add(host)
|
2015-07-24 15:48:27 +00:00
|
|
|
host = upstream_cert.cn.decode("utf8").encode("idna")
|
|
|
|
# Also add SNI values.
|
2015-08-06 10:32:33 +00:00
|
|
|
if self.client_sni:
|
|
|
|
sans.add(self.client_sni)
|
2015-07-24 15:48:27 +00:00
|
|
|
if self._sni_from_server_change:
|
2015-08-06 09:09:01 +00:00
|
|
|
sans.add(self._sni_from_server_change)
|
2015-07-24 15:48:27 +00:00
|
|
|
|
2015-08-16 21:25:02 +00:00
|
|
|
sans.discard(host)
|
2015-08-06 10:13:23 +00:00
|
|
|
return self.config.certstore.get_cert(host, list(sans))
|