2015-12-28 20:20:45 +00:00
|
|
|
import os
|
2015-08-30 13:27:29 +00:00
|
|
|
import mock
|
|
|
|
from OpenSSL import SSL
|
|
|
|
|
2014-03-09 20:51:24 +00:00
|
|
|
from libmproxy import cmdline
|
2015-08-29 23:21:58 +00:00
|
|
|
from libmproxy.proxy import ProxyConfig
|
|
|
|
from libmproxy.proxy.config import process_proxy_options
|
2015-08-30 13:27:29 +00:00
|
|
|
from libmproxy.models.connections import ServerConnection
|
2015-08-29 23:21:58 +00:00
|
|
|
from libmproxy.proxy.server import DummyServer, ProxyServer, ConnectionHandler
|
2015-09-17 00:13:28 +00:00
|
|
|
from netlib.exceptions import TcpDisconnect
|
2013-01-06 03:44:12 +00:00
|
|
|
from libpathod import test
|
2015-09-16 16:45:22 +00:00
|
|
|
from netlib.http import http1
|
2016-02-02 12:25:31 +00:00
|
|
|
from . import tutils
|
2015-06-29 17:32:57 +00:00
|
|
|
|
2012-06-10 04:49:59 +00:00
|
|
|
|
2015-09-21 00:26:47 +00:00
|
|
|
class TestServerConnection(object):
|
2013-01-06 03:44:12 +00:00
|
|
|
|
|
|
|
def test_simple(self):
|
2015-09-21 00:26:47 +00:00
|
|
|
self.d = test.Daemon()
|
2014-09-03 21:44:54 +00:00
|
|
|
sc = ServerConnection((self.d.IFACE, self.d.port))
|
2013-02-24 09:24:21 +00:00
|
|
|
sc.connect()
|
2014-09-03 14:57:56 +00:00
|
|
|
f = tutils.tflow()
|
|
|
|
f.server_conn = sc
|
|
|
|
f.request.path = "/p/200:da"
|
2015-07-29 09:39:53 +00:00
|
|
|
|
|
|
|
# use this protocol just to assemble - not for actual sending
|
2015-09-16 16:45:22 +00:00
|
|
|
sc.wfile.write(http1.assemble_request(f.request))
|
|
|
|
sc.wfile.flush()
|
2015-07-22 11:04:45 +00:00
|
|
|
|
2015-09-16 16:45:22 +00:00
|
|
|
assert http1.read_response(sc.rfile, f.request, 1000)
|
2013-01-06 03:44:12 +00:00
|
|
|
assert self.d.last_log()
|
|
|
|
|
2014-01-29 01:49:11 +00:00
|
|
|
sc.finish()
|
2015-09-21 00:26:47 +00:00
|
|
|
self.d.shutdown()
|
2013-01-28 08:59:03 +00:00
|
|
|
|
|
|
|
def test_terminate_error(self):
|
2015-09-21 00:26:47 +00:00
|
|
|
self.d = test.Daemon()
|
2014-09-03 21:44:54 +00:00
|
|
|
sc = ServerConnection((self.d.IFACE, self.d.port))
|
2013-02-24 09:24:21 +00:00
|
|
|
sc.connect()
|
2013-01-28 08:59:03 +00:00
|
|
|
sc.connection = mock.Mock()
|
2014-01-29 01:49:11 +00:00
|
|
|
sc.connection.recv = mock.Mock(return_value=False)
|
2015-09-17 00:13:28 +00:00
|
|
|
sc.connection.flush = mock.Mock(side_effect=TcpDisconnect)
|
2014-01-29 01:49:11 +00:00
|
|
|
sc.finish()
|
2015-09-21 00:26:47 +00:00
|
|
|
self.d.shutdown()
|
2013-01-28 22:35:57 +00:00
|
|
|
|
2014-09-04 17:08:54 +00:00
|
|
|
def test_repr(self):
|
|
|
|
sc = tutils.tserver_conn()
|
|
|
|
assert "address:22" in repr(sc)
|
|
|
|
assert "ssl" not in repr(sc)
|
|
|
|
sc.ssl_established = True
|
|
|
|
assert "ssl" in repr(sc)
|
|
|
|
sc.sni = "foo"
|
|
|
|
assert "foo" in repr(sc)
|
|
|
|
|
2013-03-02 21:37:06 +00:00
|
|
|
|
2013-03-02 22:58:57 +00:00
|
|
|
class TestProcessProxyOptions:
|
2016-01-27 09:12:18 +00:00
|
|
|
|
2013-03-02 22:58:57 +00:00
|
|
|
def p(self, *args):
|
2014-03-10 04:11:51 +00:00
|
|
|
parser = tutils.MockParser()
|
2013-03-02 22:58:57 +00:00
|
|
|
cmdline.common_options(parser)
|
|
|
|
opts = parser.parse_args(args=args)
|
2014-03-10 04:11:51 +00:00
|
|
|
return parser, process_proxy_options(parser, opts)
|
2013-03-02 22:58:57 +00:00
|
|
|
|
|
|
|
def assert_err(self, err, *args):
|
2014-03-10 04:11:51 +00:00
|
|
|
tutils.raises(err, self.p, *args)
|
2013-03-02 22:58:57 +00:00
|
|
|
|
|
|
|
def assert_noerr(self, *args):
|
|
|
|
m, p = self.p(*args)
|
|
|
|
assert p
|
|
|
|
return p
|
|
|
|
|
|
|
|
def test_simple(self):
|
|
|
|
assert self.p()
|
|
|
|
|
2014-11-15 03:17:05 +00:00
|
|
|
def test_cadir(self):
|
|
|
|
with tutils.tmpdir() as cadir:
|
|
|
|
self.assert_noerr("--cadir", cadir)
|
2013-03-02 22:58:57 +00:00
|
|
|
|
|
|
|
@mock.patch("libmproxy.platform.resolver", None)
|
|
|
|
def test_no_transparent(self):
|
|
|
|
self.assert_err("transparent mode not supported", "-T")
|
|
|
|
|
|
|
|
@mock.patch("libmproxy.platform.resolver")
|
2014-09-06 10:23:05 +00:00
|
|
|
def test_modes(self, _):
|
2014-03-10 04:11:51 +00:00
|
|
|
self.assert_noerr("-R", "http://localhost")
|
2014-09-06 10:23:05 +00:00
|
|
|
self.assert_err("expected one argument", "-R")
|
|
|
|
self.assert_err("Invalid server specification", "-R", "reverse")
|
|
|
|
|
|
|
|
self.assert_noerr("-T")
|
|
|
|
|
|
|
|
self.assert_noerr("-U", "http://localhost")
|
|
|
|
self.assert_err("expected one argument", "-U")
|
|
|
|
self.assert_err("Invalid server specification", "-U", "upstream")
|
|
|
|
|
2015-08-27 23:51:13 +00:00
|
|
|
self.assert_err("not allowed with", "-R", "http://localhost", "-T")
|
2013-03-02 22:58:57 +00:00
|
|
|
|
2015-08-31 15:29:14 +00:00
|
|
|
def test_socks_auth(self):
|
|
|
|
self.assert_err("Proxy Authentication not supported in SOCKS mode.", "--socks", "--nonanonymous")
|
|
|
|
|
2014-03-05 04:25:12 +00:00
|
|
|
def test_client_certs(self):
|
2014-11-15 03:17:05 +00:00
|
|
|
with tutils.tmpdir() as cadir:
|
|
|
|
self.assert_noerr("--client-certs", cadir)
|
2015-12-28 20:20:45 +00:00
|
|
|
self.assert_noerr(
|
|
|
|
"--client-certs",
|
|
|
|
os.path.join(tutils.test_data.path("data/clientcert"), "client.pem"))
|
2015-05-30 00:03:28 +00:00
|
|
|
self.assert_err(
|
2015-12-29 16:48:02 +00:00
|
|
|
"path does not exist",
|
2015-05-30 00:03:28 +00:00
|
|
|
"--client-certs",
|
|
|
|
"nonexistent")
|
2013-03-02 22:58:57 +00:00
|
|
|
|
2014-03-05 04:25:12 +00:00
|
|
|
def test_certs(self):
|
2014-11-15 03:17:05 +00:00
|
|
|
with tutils.tmpdir() as cadir:
|
2015-05-30 00:03:28 +00:00
|
|
|
self.assert_noerr(
|
|
|
|
"--cert",
|
|
|
|
tutils.test_data.path("data/testkey.pem"))
|
2014-03-05 04:25:12 +00:00
|
|
|
self.assert_err("does not exist", "--cert", "nonexistent")
|
|
|
|
|
2013-03-02 22:58:57 +00:00
|
|
|
def test_auth(self):
|
|
|
|
p = self.assert_noerr("--nonanonymous")
|
|
|
|
assert p.authenticator
|
|
|
|
|
2015-05-30 00:03:28 +00:00
|
|
|
p = self.assert_noerr(
|
|
|
|
"--htpasswd",
|
|
|
|
tutils.test_data.path("data/htpasswd"))
|
2013-03-02 22:58:57 +00:00
|
|
|
assert p.authenticator
|
2015-05-30 00:03:28 +00:00
|
|
|
self.assert_err(
|
|
|
|
"malformed htpasswd file",
|
|
|
|
"--htpasswd",
|
|
|
|
tutils.test_data.path("data/htpasswd.invalid"))
|
2013-03-02 22:58:57 +00:00
|
|
|
|
|
|
|
p = self.assert_noerr("--singleuser", "test:test")
|
|
|
|
assert p.authenticator
|
2015-05-30 00:03:28 +00:00
|
|
|
self.assert_err(
|
|
|
|
"invalid single-user specification",
|
|
|
|
"--singleuser",
|
|
|
|
"test")
|
2013-03-02 22:58:57 +00:00
|
|
|
|
2015-06-29 17:32:57 +00:00
|
|
|
def test_verify_upstream_cert(self):
|
|
|
|
p = self.assert_noerr("--verify-upstream-cert")
|
|
|
|
assert p.openssl_verification_mode_server == SSL.VERIFY_PEER
|
|
|
|
|
|
|
|
def test_upstream_trusted_cadir(self):
|
|
|
|
expected_dir = "/path/to/a/ca/dir"
|
|
|
|
p = self.assert_noerr("--upstream-trusted-cadir", expected_dir)
|
|
|
|
assert p.openssl_trusted_cadir_server == expected_dir
|
|
|
|
|
|
|
|
def test_upstream_trusted_ca(self):
|
|
|
|
expected_file = "/path/to/a/cert/file"
|
|
|
|
p = self.assert_noerr("--upstream-trusted-ca", expected_file)
|
|
|
|
assert p.openssl_trusted_ca_server == expected_file
|
|
|
|
|
2013-03-02 21:37:06 +00:00
|
|
|
|
2013-03-02 23:13:33 +00:00
|
|
|
class TestProxyServer:
|
2015-05-30 00:03:28 +00:00
|
|
|
# binding to 0.0.0.0:1 works without special permissions on Windows
|
2016-01-27 09:12:18 +00:00
|
|
|
|
2015-11-24 18:05:37 +00:00
|
|
|
@tutils.skip_windows
|
2013-03-02 23:13:33 +00:00
|
|
|
def test_err(self):
|
2014-09-08 21:34:43 +00:00
|
|
|
conf = ProxyConfig(
|
|
|
|
port=1
|
|
|
|
)
|
|
|
|
tutils.raises("error starting proxy server", ProxyServer, conf)
|
2013-03-02 23:13:33 +00:00
|
|
|
|
2014-09-06 11:09:57 +00:00
|
|
|
def test_err_2(self):
|
2014-09-08 21:34:43 +00:00
|
|
|
conf = ProxyConfig(
|
|
|
|
host="invalidhost"
|
|
|
|
)
|
|
|
|
tutils.raises("error starting proxy server", ProxyServer, conf)
|
2014-09-06 11:09:57 +00:00
|
|
|
|
2013-03-02 23:13:33 +00:00
|
|
|
|
|
|
|
class TestDummyServer:
|
2016-01-27 09:12:18 +00:00
|
|
|
|
2013-03-02 23:13:33 +00:00
|
|
|
def test_simple(self):
|
2014-03-09 20:51:24 +00:00
|
|
|
d = DummyServer(None)
|
2013-03-02 23:13:33 +00:00
|
|
|
d.start_slave()
|
|
|
|
d.shutdown()
|
|
|
|
|
2014-09-06 11:09:57 +00:00
|
|
|
|
|
|
|
class TestConnectionHandler:
|
2016-01-27 09:12:18 +00:00
|
|
|
|
2014-09-06 11:09:57 +00:00
|
|
|
def test_fatal_error(self):
|
2014-09-08 12:32:42 +00:00
|
|
|
config = mock.Mock()
|
2015-08-29 18:53:25 +00:00
|
|
|
root_layer = mock.Mock()
|
|
|
|
root_layer.side_effect = RuntimeError
|
|
|
|
config.mode.return_value = root_layer
|
2015-08-31 15:05:52 +00:00
|
|
|
channel = mock.Mock()
|
|
|
|
|
|
|
|
def ask(_, x):
|
|
|
|
return x
|
|
|
|
channel.ask = ask
|
2015-08-29 23:21:58 +00:00
|
|
|
c = ConnectionHandler(
|
2015-05-30 00:03:28 +00:00
|
|
|
mock.MagicMock(),
|
2015-08-29 23:21:58 +00:00
|
|
|
("127.0.0.1", 8080),
|
|
|
|
config,
|
2015-08-31 15:05:52 +00:00
|
|
|
channel
|
2015-08-29 23:21:58 +00:00
|
|
|
)
|
2014-09-06 11:09:57 +00:00
|
|
|
with tutils.capture_stderr(c.handle) as output:
|
2014-09-07 01:04:18 +00:00
|
|
|
assert "mitmproxy has crashed" in output
|