mitmproxy/libmproxy/proxy/root_context.py

94 lines
3.5 KiB
Python
Raw Normal View History

2015-08-14 08:41:11 +00:00
from __future__ import (absolute_import, print_function, division)
2015-08-27 13:26:21 +00:00
from netlib.http.http1 import HTTP1Protocol
from netlib.http.http2 import HTTP2Protocol
2015-08-30 13:27:29 +00:00
from ..protocol import (
RawTCPLayer, TlsLayer, Http1Layer, Http2Layer, is_tls_record_magic, ServerConnectionMixin
)
from .modes import HttpProxy, HttpUpstreamProxy, ReverseProxy
2015-08-16 21:25:02 +00:00
2015-08-30 11:40:23 +00:00
2015-08-11 18:27:34 +00:00
class RootContext(object):
"""
The outmost context provided to the root layer.
As a consequence, every layer has .client_conn, .channel, .next_layer() and .config.
"""
def __init__(self, client_conn, config, channel):
self.client_conn = client_conn # Client Connection
self.channel = channel # provides .ask() method to communicate with FlowMaster
self.config = config # Proxy Configuration
def next_layer(self, top_layer):
"""
This function determines the next layer in the protocol stack.
2015-08-27 13:26:21 +00:00
Arguments:
top_layer: the current top layer.
Returns:
The next layer
2015-08-11 18:27:34 +00:00
"""
2015-08-27 13:26:21 +00:00
# 1. Check for --ignore.
if self.config.check_ignore(top_layer.server_conn.address):
2015-08-30 13:27:29 +00:00
return RawTCPLayer(top_layer, logging=False)
2015-08-14 08:41:11 +00:00
2015-08-19 13:23:52 +00:00
d = top_layer.client_conn.rfile.peek(3)
client_tls = is_tls_record_magic(d)
# 2. Always insert a TLS layer, even if there's neither client nor server tls.
# An inline script may upgrade from http to https,
# in which case we need some form of TLS layer.
if isinstance(top_layer, ReverseProxy):
return TlsLayer(top_layer, client_tls, top_layer.server_tls)
if isinstance(top_layer, ServerConnectionMixin):
return TlsLayer(top_layer, client_tls, client_tls)
# 3. In Http Proxy mode and Upstream Proxy mode, the next layer is fixed.
if isinstance(top_layer, TlsLayer):
if isinstance(top_layer.ctx, HttpProxy):
return Http1Layer(top_layer, "regular")
if isinstance(top_layer.ctx, HttpUpstreamProxy):
return Http1Layer(top_layer, "upstream")
# 4. Check for other TLS cases (e.g. after CONNECT).
if client_tls:
2015-08-27 13:26:21 +00:00
return TlsLayer(top_layer, True, True)
2015-08-11 18:27:34 +00:00
# 4. Check for --tcp
2015-08-27 13:26:21 +00:00
if self.config.check_tcp(top_layer.server_conn.address):
2015-08-30 13:27:29 +00:00
return RawTCPLayer(top_layer)
2015-08-18 12:15:08 +00:00
# 5. Check for TLS ALPN (HTTP1/HTTP2)
2015-08-27 13:26:21 +00:00
if isinstance(top_layer, TlsLayer):
alpn = top_layer.client_conn.get_alpn_proto_negotiated()
if alpn == HTTP2Protocol.ALPN_PROTO_H2:
return Http2Layer(top_layer, 'transparent')
if alpn == HTTP1Protocol.ALPN_PROTO_HTTP1:
return Http1Layer(top_layer, 'transparent')
# 6. Assume HTTP1 by default
2015-08-27 13:26:21 +00:00
return Http1Layer(top_layer, 'transparent')
2015-08-14 08:41:11 +00:00
2015-08-27 13:26:21 +00:00
# In a future version, we want to implement TCP passthrough as the last fallback,
# but we don't have the UI part ready for that.
#
# d = top_layer.client_conn.rfile.peek(3)
# is_ascii = (
# len(d) == 3 and
2015-08-29 23:21:58 +00:00
# # better be safe here and don't expect uppercase...
# all(x in string.ascii_letters for x in d)
2015-08-27 13:26:21 +00:00
# )
# # TODO: This could block if there are not enough bytes available?
# d = top_layer.client_conn.rfile.peek(len(HTTP2Protocol.CLIENT_CONNECTION_PREFACE))
# is_http2_magic = (d == HTTP2Protocol.CLIENT_CONNECTION_PREFACE)
2015-08-15 18:20:46 +00:00
2015-08-14 08:41:11 +00:00
@property
def layers(self):
return []
def __repr__(self):
return "RootContext"