mitmproxy/libmproxy/proxy/server.py

from __future__ import (absolute_import, print_function, division)

import traceback
import sys
import socket
import six

from netlib import tcp
from netlib.exceptions import TcpException
from netlib.http.http1 import assemble_response
from ..exceptions import ProtocolException, ServerException, ClientHandshakeException
from ..protocol import Kill
from ..models import ClientConnection, make_error_response
from .modes import HttpUpstreamProxy, HttpProxy, ReverseProxy, TransparentProxy, Socks5Proxy
from .root_context import RootContext, Log


class DummyServer:
    bound = False

    def __init__(self, config):
        self.config = config

    def start_slave(self, *args):
        pass

    def shutdown(self):
        pass


class ProxyServer(tcp.TCPServer):
    allow_reuse_address = True
    bound = True

    def __init__(self, config):
        """
            Raises ProxyServerError if there's a startup problem.
        """
        self.config = config
        try:
            super(ProxyServer, self).__init__((config.host, config.port))
        except socket.error as e:
            six.reraise(
                ServerException,
                ServerException('Error starting proxy server: ' + repr(e)),
                sys.exc_info()[2]
            )
        self.channel = None

    def start_slave(self, klass, channel):
        slave = klass(channel, self)
        slave.start()

    def set_channel(self, channel):
        self.channel = channel

    def handle_client_connection(self, conn, client_address):
        h = ConnectionHandler(
            conn,
            client_address,
            self.config,
            self.channel
        )
        h.handle()


class ConnectionHandler(object):
    def __init__(self, client_conn, client_address, config, channel):
        self.config = config
        """@type: libmproxy.proxy.config.ProxyConfig"""
        self.client_conn = ClientConnection(
            client_conn,
            client_address,
            None)
        """@type: libmproxy.proxy.connection.ClientConnection"""
        self.channel = channel
        """@type: libmproxy.controller.Channel"""

    def _create_root_layer(self):
        root_context = RootContext(
            self.client_conn,
            self.config,
            self.channel
        )

        mode = self.config.mode
        if mode == "upstream":
            return HttpUpstreamProxy(
                root_context,
                self.config.upstream_server.address
            )
        elif mode == "transparent":
            return TransparentProxy(root_context)
        elif mode == "reverse":
            server_tls = self.config.upstream_server.scheme == "https"
            return ReverseProxy(
                root_context,
                self.config.upstream_server.address,
                server_tls
            )
        elif mode == "socks5":
            return Socks5Proxy(root_context)
        elif mode == "regular":
            return HttpProxy(root_context)
        elif callable(mode):  # pragma: nocover
            return mode(root_context)
        else:  # pragma: nocover
            raise ValueError("Unknown proxy mode: %s" % mode)

    def handle(self):
        self.log("clientconnect", "info")

        root_layer = self._create_root_layer()
        root_layer = self.channel.ask("clientconnect", root_layer)
        if root_layer == Kill:
            def root_layer():
                raise Kill()

        try:
            root_layer()
        except Kill:
            self.log("Connection killed", "info")
        except ProtocolException as e:

            if isinstance(e, ClientHandshakeException):
                self.log(
                    "Client Handshake failed. "
                    "The client may not trust the proxy's certificate for {}.".format(e.server),
                    "error"
                )
                self.log(repr(e), "debug")
            else:
                self.log(repr(e), "error")

                self.log(traceback.format_exc(), "debug")
            # If an error propagates to the topmost level,
            # we send an HTTP error response, which is both
            # understandable by HTTP clients and humans.
            try:
                error_response = make_error_response(502, repr(e))
                self.client_conn.send(assemble_response(error_response))
            except TcpException:
                pass
        except Exception:
            self.log(traceback.format_exc(), "error")
            print(traceback.format_exc(), file=sys.stderr)
            print("mitmproxy has crashed!", file=sys.stderr)
            print("Please lodge a bug report at: https://github.com/mitmproxy/mitmproxy", file=sys.stderr)

        self.log("clientdisconnect", "info")
        self.channel.tell("clientdisconnect", root_layer)
        self.client_conn.finish()

    def log(self, msg, level):
        msg = "{}: {}".format(repr(self.client_conn.address), msg)
        self.channel.tell("log", Log(msg, level))
fix dns_spoofing example, avoid connecting to itself 2015-08-31 11:43:30 +00:00			`from __future__ import (absolute_import, print_function, division)`
always use relative imports, fix status bar bug 2014-03-10 21:36:47 +00:00
first initial proof-of-concept 2015-07-24 11:31:55 +00:00			`import traceback`
			`import sys`
split up proxy.py 2014-03-09 20:13:08 +00:00			`import socket`
better exception handling 2015-09-10 23:39:33 +00:00			`import six`
move files around 2015-08-30 13:27:29 +00:00
finish proxy.py split up 2014-03-09 20:51:24 +00:00			`from netlib import tcp`
use new netlib exceptions 2015-09-17 00:13:28 +00:00			`from netlib.exceptions import TcpException`
adjust to netlib changes 2015-09-16 16:45:22 +00:00			`from netlib.http.http1 import assemble_response`
better error messages, remove error cause 2015-09-11 00:17:04 +00:00			`from ..exceptions import ProtocolException, ServerException, ClientHandshakeException`
remove ServerConnectionMixin.reconnect 2015-09-03 15:01:25 +00:00			`from ..protocol import Kill`
move files around 2015-08-30 13:27:29 +00:00			`from ..models import ClientConnection, make_error_response`
			`from .modes import HttpUpstreamProxy, HttpProxy, ReverseProxy, TransparentProxy, Socks5Proxy`
remove ServerConnectionMixin.reconnect 2015-09-03 15:01:25 +00:00			`from .root_context import RootContext, Log`
split up proxy.py 2014-03-09 20:13:08 +00:00

finish proxy.py split up 2014-03-09 20:51:24 +00:00			`class DummyServer:`
			`bound = False`
groundwork completed 2014-01-09 04:34:29 +00:00
finish proxy.py split up 2014-03-09 20:51:24 +00:00			`def __init__(self, config):`
			`self.config = config`
groundwork completed 2014-01-09 04:34:29 +00:00
finish proxy.py split up 2014-03-09 20:51:24 +00:00			`def start_slave(self, *args):`
			`pass`
Much more sophisticated cert handling - Specify per-domain certificates and keys - Certs are no longer regenerated for SANs - And more. :) 2014-03-05 04:25:12 +00:00
finish proxy.py split up 2014-03-09 20:51:24 +00:00			`def shutdown(self):`
			`pass`
Minor cleanups of proxy request handling. 2013-01-04 01:19:32 +00:00
push failing tests down to 43 2014-02-04 04:02:17 +00:00
finish proxy.py split up 2014-03-09 20:51:24 +00:00			`class ProxyServer(tcp.TCPServer):`
			`allow_reuse_address = True`
			`bound = True`
update docs, fix #215 2014-03-10 16:01:30 +00:00
mitmproxy -> libmproxy.main. do some leanup on the way 2014-09-08 21:34:43 +00:00			`def __init__(self, config):`
finish proxy.py split up 2014-03-09 20:51:24 +00:00			`"""`
			`Raises ProxyServerError if there's a startup problem.`
			`"""`
			`self.config = config`
			`try:`
restructure code, remove cruft 2015-08-29 23:21:58 +00:00			`super(ProxyServer, self).__init__((config.host, config.port))`
			`except socket.error as e:`
better exception handling 2015-09-10 23:39:33 +00:00			`six.reraise(`
			`ServerException,`
better error messages, remove error cause 2015-09-11 00:17:04 +00:00			`ServerException('Error starting proxy server: ' + repr(e)),`
better exception handling 2015-09-10 23:39:33 +00:00			`sys.exc_info()[2]`
			`)`
finish proxy.py split up 2014-03-09 20:51:24 +00:00			`self.channel = None`
Add a basic built-in web app. 2013-03-24 20:20:26 +00:00
finish proxy.py split up 2014-03-09 20:51:24 +00:00			`def start_slave(self, klass, channel):`
			`slave = klass(channel, self)`
			`slave.start()`
Achievement Unlocked: Proxy Chain 2014-02-07 06:08:59 +00:00
finish proxy.py split up 2014-03-09 20:51:24 +00:00			`def set_channel(self, channel):`
			`self.channel = channel`
Refactor to prepare for SNI fixes. 2013-02-24 04:35:24 +00:00
finish proxy.py split up 2014-03-09 20:51:24 +00:00			`def handle_client_connection(self, conn, client_address):`
restructure code, remove cruft 2015-08-29 23:21:58 +00:00			`h = ConnectionHandler(`
Add coding style check, reformat. 2015-05-30 00:03:28 +00:00			`conn,`
			`client_address,`
restructure code, remove cruft 2015-08-29 23:21:58 +00:00			`self.config,`
			`self.channel`
			`)`
finish proxy.py split up 2014-03-09 20:51:24 +00:00			`h.handle()`
merge flow classes. current status: basic mitmdump working 2014-01-30 04:00:13 +00:00
add skeleton to change destinatin server during intercept, fix all testcases on windows 2014-02-05 19:26:47 +00:00
restructure code, remove cruft 2015-08-29 23:21:58 +00:00			`class ConnectionHandler(object):`
			`def __init__(self, client_conn, client_address, config, channel):`
first initial proof-of-concept 2015-07-24 11:31:55 +00:00			`self.config = config`
			`"""@type: libmproxy.proxy.config.ProxyConfig"""`
			`self.client_conn = ClientConnection(`
			`client_conn,`
			`client_address,`
restructure code, remove cruft 2015-08-29 23:21:58 +00:00			`None)`
first initial proof-of-concept 2015-07-24 11:31:55 +00:00			`"""@type: libmproxy.proxy.connection.ClientConnection"""`
			`self.channel = channel`
			`"""@type: libmproxy.controller.Channel"""`

restructure code, remove cruft 2015-08-29 23:21:58 +00:00			`def _create_root_layer(self):`
move files around 2015-08-30 13:27:29 +00:00			`root_context = RootContext(`
first initial proof-of-concept 2015-07-24 11:31:55 +00:00			`self.client_conn,`
			`self.config,`
			`self.channel`
			`)`
improve protocol handling 2015-08-16 21:25:02 +00:00
clean up config/cmdline, fix bugs, remove cruft 2015-08-27 23:51:13 +00:00			`mode = self.config.mode`
			`if mode == "upstream":`
move files around 2015-08-30 13:27:29 +00:00			`return HttpUpstreamProxy(`
clean up config/cmdline, fix bugs, remove cruft 2015-08-27 23:51:13 +00:00			`root_context,`
			`self.config.upstream_server.address`
			`)`
			`elif mode == "transparent":`
move files around 2015-08-30 13:27:29 +00:00			`return TransparentProxy(root_context)`
clean up config/cmdline, fix bugs, remove cruft 2015-08-27 23:51:13 +00:00			`elif mode == "reverse":`
always insert tls layer for inline script upgrades 2015-08-30 00:27:38 +00:00			`server_tls = self.config.upstream_server.scheme == "https"`
move files around 2015-08-30 13:27:29 +00:00			`return ReverseProxy(`
clean up config/cmdline, fix bugs, remove cruft 2015-08-27 23:51:13 +00:00			`root_context,`
			`self.config.upstream_server.address,`
			`server_tls`
			`)`
			`elif mode == "socks5":`
move files around 2015-08-30 13:27:29 +00:00			`return Socks5Proxy(root_context)`
clean up config/cmdline, fix bugs, remove cruft 2015-08-27 23:51:13 +00:00			`elif mode == "regular":`
move files around 2015-08-30 13:27:29 +00:00			`return HttpProxy(root_context)`
clean up config/cmdline, fix bugs, remove cruft 2015-08-27 23:51:13 +00:00			`elif callable(mode): # pragma: nocover`
restructure code, remove cruft 2015-08-29 23:21:58 +00:00			`return mode(root_context)`
clean up config/cmdline, fix bugs, remove cruft 2015-08-27 23:51:13 +00:00			`else: # pragma: nocover`
			`raise ValueError("Unknown proxy mode: %s" % mode)`
first initial proof-of-concept 2015-07-24 11:31:55 +00:00
restructure code, remove cruft 2015-08-29 23:21:58 +00:00			`def handle(self):`
			`self.log("clientconnect", "info")`

			`root_layer = self._create_root_layer()`
update inline script hooks 2015-08-31 15:05:52 +00:00			`root_layer = self.channel.ask("clientconnect", root_layer)`
			`if root_layer == Kill:`
			`def root_layer():`
			`raise Kill()`
restructure code, remove cruft 2015-08-29 23:21:58 +00:00
first initial proof-of-concept 2015-07-24 11:31:55 +00:00			`try:`
yield -> callbacks 2015-08-18 13:59:44 +00:00			`root_layer()`
restructure code, remove cruft 2015-08-29 23:21:58 +00:00			`except Kill:`
yield -> callbacks 2015-08-18 13:59:44 +00:00			`self.log("Connection killed", "info")`
wip commit 2015-08-11 18:27:34 +00:00			`except ProtocolException as e:`
better error messages, remove error cause 2015-09-11 00:17:04 +00:00
			`if isinstance(e, ClientHandshakeException):`
			`self.log(`
			`"Client Handshake failed. "`
			`"The client may not trust the proxy's certificate for {}.".format(e.server),`
			`"error"`
			`)`
			`self.log(repr(e), "debug")`
			`else:`
			`self.log(repr(e), "error")`

			`self.log(traceback.format_exc(), "debug")`
clean up config/cmdline, fix bugs, remove cruft 2015-08-27 23:51:13 +00:00			`# If an error propagates to the topmost level,`
			`# we send an HTTP error response, which is both`
			`# understandable by HTTP clients and humans.`
			`try:`
move files around 2015-08-30 13:27:29 +00:00			`error_response = make_error_response(502, repr(e))`
adjust to netlib changes 2015-09-16 16:45:22 +00:00			`self.client_conn.send(assemble_response(error_response))`
use new netlib exceptions 2015-09-17 00:13:28 +00:00			`except TcpException:`
clean up config/cmdline, fix bugs, remove cruft 2015-08-27 23:51:13 +00:00			`pass`
first initial proof-of-concept 2015-07-24 11:31:55 +00:00			`except Exception:`
			`self.log(traceback.format_exc(), "error")`
			`print(traceback.format_exc(), file=sys.stderr)`
			`print("mitmproxy has crashed!", file=sys.stderr)`
			`print("Please lodge a bug report at: https://github.com/mitmproxy/mitmproxy", file=sys.stderr)`

minor fixes 2015-08-25 16:24:17 +00:00			`self.log("clientdisconnect", "info")`
update inline script hooks 2015-08-31 15:05:52 +00:00			`self.channel.tell("clientdisconnect", root_layer)`
add priorities for the destination server address 2014-02-04 01:56:59 +00:00			`self.client_conn.finish()`

restructure code, remove cruft 2015-08-29 23:21:58 +00:00			`def log(self, msg, level):`
			`msg = "{}: {}".format(repr(self.client_conn.address), msg)`
expose `next_layer` to inline scripts 2015-09-07 11:51:46 +00:00			`self.channel.tell("log", Log(msg, level))`