2014-03-07 03:38:24 +00:00
|
|
|
import os.path
|
2015-05-30 00:03:28 +00:00
|
|
|
import threading
|
|
|
|
import Queue
|
|
|
|
import shutil
|
|
|
|
import tempfile
|
2013-02-16 03:46:16 +00:00
|
|
|
import flask
|
2014-08-08 02:43:44 +00:00
|
|
|
import mock
|
|
|
|
|
2014-03-09 20:51:24 +00:00
|
|
|
from libmproxy.proxy.config import ProxyConfig
|
|
|
|
from libmproxy.proxy.server import ProxyServer
|
2014-09-08 12:32:42 +00:00
|
|
|
from libmproxy.proxy.primitives import TransparentProxyMode
|
2015-05-30 00:03:28 +00:00
|
|
|
import libpathod.test
|
|
|
|
import libpathod.pathoc
|
2014-03-09 20:51:24 +00:00
|
|
|
from libmproxy import flow, controller
|
2013-08-18 18:03:53 +00:00
|
|
|
from libmproxy.cmdline import APP_HOST, APP_PORT
|
2013-02-16 03:46:16 +00:00
|
|
|
import tutils
|
|
|
|
|
|
|
|
testapp = flask.Flask(__name__)
|
|
|
|
|
2015-05-30 00:03:28 +00:00
|
|
|
|
2013-02-16 03:46:16 +00:00
|
|
|
@testapp.route("/")
|
|
|
|
def hello():
|
|
|
|
return "testapp"
|
|
|
|
|
2015-05-30 00:03:28 +00:00
|
|
|
|
2013-02-16 03:46:16 +00:00
|
|
|
@testapp.route("/error")
|
|
|
|
def error():
|
|
|
|
raise ValueError("An exception...")
|
|
|
|
|
|
|
|
|
|
|
|
def errapp(environ, start_response):
|
|
|
|
raise ValueError("errapp")
|
|
|
|
|
|
|
|
|
|
|
|
class TestMaster(flow.FlowMaster):
|
2014-02-07 06:08:59 +00:00
|
|
|
def __init__(self, config):
|
2014-09-08 21:34:43 +00:00
|
|
|
config.port = 0
|
|
|
|
s = ProxyServer(config)
|
2013-02-16 03:46:16 +00:00
|
|
|
state = flow.State()
|
|
|
|
flow.FlowMaster.__init__(self, s, state)
|
2014-01-04 01:35:11 +00:00
|
|
|
self.apps.add(testapp, "testapp", 80)
|
|
|
|
self.apps.add(errapp, "errapp", 80)
|
2013-03-02 01:52:05 +00:00
|
|
|
self.clear_log()
|
2013-02-16 03:46:16 +00:00
|
|
|
|
2014-09-03 14:57:56 +00:00
|
|
|
def handle_request(self, f):
|
|
|
|
flow.FlowMaster.handle_request(self, f)
|
|
|
|
f.reply()
|
2013-02-23 03:34:59 +00:00
|
|
|
|
2014-09-03 14:57:56 +00:00
|
|
|
def handle_response(self, f):
|
|
|
|
flow.FlowMaster.handle_response(self, f)
|
|
|
|
f.reply()
|
2013-02-16 03:46:16 +00:00
|
|
|
|
2013-03-02 01:52:05 +00:00
|
|
|
def clear_log(self):
|
|
|
|
self.log = []
|
|
|
|
|
2013-02-24 09:24:21 +00:00
|
|
|
def handle_log(self, l):
|
|
|
|
self.log.append(l.msg)
|
|
|
|
l.reply()
|
|
|
|
|
2013-02-16 03:46:16 +00:00
|
|
|
|
|
|
|
class ProxyThread(threading.Thread):
|
2013-02-23 03:34:59 +00:00
|
|
|
def __init__(self, tmaster):
|
2013-02-16 03:46:16 +00:00
|
|
|
threading.Thread.__init__(self)
|
2013-02-23 03:34:59 +00:00
|
|
|
self.tmaster = tmaster
|
2015-05-30 00:03:28 +00:00
|
|
|
self.name = "ProxyThread (%s:%s)" % (
|
|
|
|
tmaster.server.address.host, tmaster.server.address.port)
|
2013-02-23 03:34:59 +00:00
|
|
|
controller.should_exit = False
|
2013-02-16 03:46:16 +00:00
|
|
|
|
|
|
|
@property
|
|
|
|
def port(self):
|
2014-01-29 01:49:11 +00:00
|
|
|
return self.tmaster.server.address.port
|
2013-02-16 03:46:16 +00:00
|
|
|
|
2013-02-24 09:24:21 +00:00
|
|
|
@property
|
|
|
|
def log(self):
|
|
|
|
return self.tmaster.log
|
|
|
|
|
2013-02-16 03:46:16 +00:00
|
|
|
def run(self):
|
|
|
|
self.tmaster.run()
|
|
|
|
|
|
|
|
def shutdown(self):
|
|
|
|
self.tmaster.shutdown()
|
|
|
|
|
|
|
|
|
2014-02-07 06:08:59 +00:00
|
|
|
class ProxTestBase(object):
|
2013-02-24 09:52:59 +00:00
|
|
|
# Test Configuration
|
|
|
|
ssl = None
|
2013-05-12 21:08:24 +00:00
|
|
|
ssloptions = False
|
2013-02-24 09:52:59 +00:00
|
|
|
clientcerts = False
|
2013-03-02 03:59:16 +00:00
|
|
|
no_upstream_cert = False
|
2013-03-02 22:04:33 +00:00
|
|
|
authenticator = None
|
2013-02-23 03:34:59 +00:00
|
|
|
masterclass = TestMaster
|
2014-09-04 22:18:17 +00:00
|
|
|
|
2013-02-16 03:46:16 +00:00
|
|
|
@classmethod
|
|
|
|
def setupAll(cls):
|
2015-05-30 00:03:28 +00:00
|
|
|
cls.server = libpathod.test.Daemon(
|
|
|
|
ssl=cls.ssl,
|
|
|
|
ssloptions=cls.ssloptions)
|
|
|
|
cls.server2 = libpathod.test.Daemon(
|
|
|
|
ssl=cls.ssl,
|
|
|
|
ssloptions=cls.ssloptions)
|
2014-09-04 22:18:17 +00:00
|
|
|
|
|
|
|
cls.config = ProxyConfig(**cls.get_proxy_config())
|
|
|
|
|
2014-08-08 02:43:44 +00:00
|
|
|
tmaster = cls.masterclass(cls.config)
|
2014-09-13 23:46:01 +00:00
|
|
|
tmaster.start_app(APP_HOST, APP_PORT)
|
2013-02-23 03:34:59 +00:00
|
|
|
cls.proxy = ProxyThread(tmaster)
|
2013-02-16 03:46:16 +00:00
|
|
|
cls.proxy.start()
|
|
|
|
|
|
|
|
@classmethod
|
|
|
|
def teardownAll(cls):
|
2014-11-15 03:17:05 +00:00
|
|
|
shutil.rmtree(cls.cadir)
|
2013-02-16 03:46:16 +00:00
|
|
|
cls.proxy.shutdown()
|
|
|
|
cls.server.shutdown()
|
2013-02-24 09:24:21 +00:00
|
|
|
cls.server2.shutdown()
|
2013-02-16 03:46:16 +00:00
|
|
|
|
|
|
|
def setUp(self):
|
2013-03-02 01:52:05 +00:00
|
|
|
self.master.clear_log()
|
2013-02-16 03:46:16 +00:00
|
|
|
self.master.state.clear()
|
2013-03-02 01:52:05 +00:00
|
|
|
self.server.clear_log()
|
|
|
|
self.server2.clear_log()
|
2013-02-16 03:46:16 +00:00
|
|
|
|
|
|
|
@property
|
2014-09-04 22:18:17 +00:00
|
|
|
def master(self):
|
|
|
|
return self.proxy.tmaster
|
2013-02-16 03:46:16 +00:00
|
|
|
|
|
|
|
@classmethod
|
|
|
|
def get_proxy_config(cls):
|
2014-11-15 03:17:05 +00:00
|
|
|
cls.cadir = os.path.join(tempfile.gettempdir(), "mitmproxy")
|
2014-09-04 22:18:17 +00:00
|
|
|
return dict(
|
|
|
|
no_upstream_cert = cls.no_upstream_cert,
|
2014-11-15 03:17:05 +00:00
|
|
|
cadir = cls.cadir,
|
2014-09-04 22:18:17 +00:00
|
|
|
authenticator = cls.authenticator,
|
|
|
|
ssl_ports=([cls.server.port, cls.server2.port] if cls.ssl else []),
|
|
|
|
clientcerts = tutils.test_data.path("data/clientcert") if cls.clientcerts else None
|
|
|
|
)
|
2013-02-16 03:46:16 +00:00
|
|
|
|
2013-02-24 09:52:59 +00:00
|
|
|
|
|
|
|
class HTTPProxTest(ProxTestBase):
|
2013-03-02 03:59:16 +00:00
|
|
|
def pathoc_raw(self):
|
2015-05-02 04:46:15 +00:00
|
|
|
return libpathod.pathoc.Pathoc(("127.0.0.1", self.proxy.port), fp=None)
|
2013-03-02 09:42:36 +00:00
|
|
|
|
2013-03-02 03:59:16 +00:00
|
|
|
def pathoc(self, sni=None):
|
2013-02-23 21:51:14 +00:00
|
|
|
"""
|
|
|
|
Returns a connected Pathoc instance.
|
|
|
|
"""
|
2015-05-02 04:46:15 +00:00
|
|
|
p = libpathod.pathoc.Pathoc(
|
|
|
|
("localhost", self.proxy.port), ssl=self.ssl, sni=sni, fp=None
|
|
|
|
)
|
2013-03-02 03:59:16 +00:00
|
|
|
if self.ssl:
|
|
|
|
p.connect(("127.0.0.1", self.server.port))
|
|
|
|
else:
|
|
|
|
p.connect()
|
2013-02-16 03:46:16 +00:00
|
|
|
return p
|
|
|
|
|
2013-03-02 01:52:05 +00:00
|
|
|
def pathod(self, spec, sni=None):
|
2013-02-16 03:46:16 +00:00
|
|
|
"""
|
2013-02-28 20:05:39 +00:00
|
|
|
Constructs a pathod GET request, with the appropriate base and proxy.
|
2013-02-16 03:46:16 +00:00
|
|
|
"""
|
2013-03-02 03:59:16 +00:00
|
|
|
p = self.pathoc(sni=sni)
|
2013-03-02 09:42:36 +00:00
|
|
|
spec = spec.encode("string_escape")
|
2013-02-28 20:05:39 +00:00
|
|
|
if self.ssl:
|
2015-05-30 00:03:28 +00:00
|
|
|
q = "get:'/p/%s'" % spec
|
2013-02-28 20:05:39 +00:00
|
|
|
else:
|
2015-05-30 00:03:28 +00:00
|
|
|
q = "get:'%s/p/%s'" % (self.server.urlbase, spec)
|
2013-02-28 20:05:39 +00:00
|
|
|
return p.request(q)
|
2013-02-16 03:46:16 +00:00
|
|
|
|
2013-03-24 20:20:26 +00:00
|
|
|
def app(self, page):
|
|
|
|
if self.ssl:
|
2015-05-02 04:46:15 +00:00
|
|
|
p = libpathod.pathoc.Pathoc(
|
|
|
|
("127.0.0.1", self.proxy.port), True, fp=None
|
|
|
|
)
|
2013-12-08 14:46:11 +00:00
|
|
|
p.connect((APP_HOST, APP_PORT))
|
2015-05-30 00:03:28 +00:00
|
|
|
return p.request("get:'%s'" % page)
|
2013-03-24 20:20:26 +00:00
|
|
|
else:
|
|
|
|
p = self.pathoc()
|
2015-05-30 00:03:28 +00:00
|
|
|
return p.request("get:'http://%s%s'" % (APP_HOST, page))
|
2013-03-24 20:20:26 +00:00
|
|
|
|
2013-02-16 03:46:16 +00:00
|
|
|
|
|
|
|
class TResolver:
|
|
|
|
def __init__(self, port):
|
|
|
|
self.port = port
|
|
|
|
|
|
|
|
def original_addr(self, sock):
|
|
|
|
return ("127.0.0.1", self.port)
|
|
|
|
|
|
|
|
|
|
|
|
class TransparentProxTest(ProxTestBase):
|
|
|
|
ssl = None
|
2013-03-02 09:42:36 +00:00
|
|
|
resolver = TResolver
|
2014-08-08 02:43:44 +00:00
|
|
|
|
2013-02-16 03:46:16 +00:00
|
|
|
@classmethod
|
2014-08-08 02:43:44 +00:00
|
|
|
@mock.patch("libmproxy.platform.resolver")
|
|
|
|
def setupAll(cls, _):
|
|
|
|
super(TransparentProxTest, cls).setupAll()
|
2013-02-28 20:05:39 +00:00
|
|
|
if cls.ssl:
|
|
|
|
ports = [cls.server.port, cls.server2.port]
|
|
|
|
else:
|
|
|
|
ports = []
|
2015-05-30 00:03:28 +00:00
|
|
|
cls.config.mode = TransparentProxyMode(
|
|
|
|
cls.resolver(
|
|
|
|
cls.server.port),
|
|
|
|
ports)
|
2014-08-08 02:43:44 +00:00
|
|
|
|
|
|
|
@classmethod
|
|
|
|
def get_proxy_config(cls):
|
|
|
|
d = ProxTestBase.get_proxy_config()
|
|
|
|
d["mode"] = "transparent"
|
2013-02-24 09:52:59 +00:00
|
|
|
return d
|
2013-02-16 03:46:16 +00:00
|
|
|
|
2013-03-02 02:06:49 +00:00
|
|
|
def pathod(self, spec, sni=None):
|
2013-02-16 03:46:16 +00:00
|
|
|
"""
|
2013-03-02 02:06:49 +00:00
|
|
|
Constructs a pathod GET request, with the appropriate base and proxy.
|
2013-02-16 03:46:16 +00:00
|
|
|
"""
|
2013-03-02 02:06:49 +00:00
|
|
|
if self.ssl:
|
|
|
|
p = self.pathoc(sni=sni)
|
2015-05-30 00:03:28 +00:00
|
|
|
q = "get:'/p/%s'" % spec
|
2013-03-02 02:06:49 +00:00
|
|
|
else:
|
|
|
|
p = self.pathoc()
|
2015-05-30 00:03:28 +00:00
|
|
|
q = "get:'/p/%s'" % spec
|
2013-03-02 02:06:49 +00:00
|
|
|
return p.request(q)
|
2013-02-16 03:46:16 +00:00
|
|
|
|
2013-03-02 02:06:49 +00:00
|
|
|
def pathoc(self, sni=None):
|
2013-02-28 20:05:39 +00:00
|
|
|
"""
|
|
|
|
Returns a connected Pathoc instance.
|
|
|
|
"""
|
2015-05-02 04:46:15 +00:00
|
|
|
p = libpathod.pathoc.Pathoc(
|
|
|
|
("localhost", self.proxy.port), ssl=self.ssl, sni=sni, fp=None
|
|
|
|
)
|
2013-03-02 02:06:49 +00:00
|
|
|
p.connect()
|
2013-02-28 20:05:39 +00:00
|
|
|
return p
|
|
|
|
|
2013-02-16 03:46:16 +00:00
|
|
|
|
|
|
|
class ReverseProxTest(ProxTestBase):
|
|
|
|
ssl = None
|
2015-05-30 00:03:28 +00:00
|
|
|
|
2013-02-16 03:46:16 +00:00
|
|
|
@classmethod
|
|
|
|
def get_proxy_config(cls):
|
2013-02-24 09:52:59 +00:00
|
|
|
d = ProxTestBase.get_proxy_config()
|
2015-02-27 08:17:41 +00:00
|
|
|
d["upstream_server"] = [
|
2014-03-10 04:11:51 +00:00
|
|
|
True if cls.ssl else False,
|
|
|
|
True if cls.ssl else False,
|
|
|
|
"127.0.0.1",
|
|
|
|
cls.server.port
|
2015-02-27 08:17:41 +00:00
|
|
|
]
|
2014-09-08 12:32:42 +00:00
|
|
|
d["mode"] = "reverse"
|
2013-02-24 09:52:59 +00:00
|
|
|
return d
|
2013-02-16 03:46:16 +00:00
|
|
|
|
2013-03-02 02:09:22 +00:00
|
|
|
def pathoc(self, sni=None):
|
2013-02-16 03:46:16 +00:00
|
|
|
"""
|
2013-03-02 02:09:22 +00:00
|
|
|
Returns a connected Pathoc instance.
|
2013-02-16 03:46:16 +00:00
|
|
|
"""
|
2015-05-02 04:46:15 +00:00
|
|
|
p = libpathod.pathoc.Pathoc(
|
|
|
|
("localhost", self.proxy.port), ssl=self.ssl, sni=sni, fp=None
|
|
|
|
)
|
2013-03-02 02:09:22 +00:00
|
|
|
p.connect()
|
|
|
|
return p
|
|
|
|
|
|
|
|
def pathod(self, spec, sni=None):
|
|
|
|
"""
|
|
|
|
Constructs a pathod GET request, with the appropriate base and proxy.
|
|
|
|
"""
|
|
|
|
if self.ssl:
|
|
|
|
p = self.pathoc(sni=sni)
|
2015-05-30 00:03:28 +00:00
|
|
|
q = "get:'/p/%s'" % spec
|
2013-03-02 02:09:22 +00:00
|
|
|
else:
|
|
|
|
p = self.pathoc()
|
2015-05-30 00:03:28 +00:00
|
|
|
q = "get:'/p/%s'" % spec
|
2013-03-02 02:09:22 +00:00
|
|
|
return p.request(q)
|
2013-02-16 03:46:16 +00:00
|
|
|
|
2013-03-24 20:20:26 +00:00
|
|
|
|
2015-07-03 00:47:12 +00:00
|
|
|
class SocksModeTest(HTTPProxTest):
|
|
|
|
@classmethod
|
|
|
|
def get_proxy_config(cls):
|
|
|
|
d = ProxTestBase.get_proxy_config()
|
|
|
|
d["mode"] = "socks5"
|
|
|
|
return d
|
|
|
|
|
2015-06-22 15:57:33 +00:00
|
|
|
class SpoofModeTest(ProxTestBase):
|
|
|
|
ssl = None
|
|
|
|
|
|
|
|
@classmethod
|
|
|
|
def get_proxy_config(cls):
|
|
|
|
d = ProxTestBase.get_proxy_config()
|
|
|
|
d["upstream_server"] = None
|
|
|
|
d["mode"] = "spoof"
|
|
|
|
return d
|
|
|
|
|
|
|
|
def pathoc(self, sni=None):
|
|
|
|
"""
|
|
|
|
Returns a connected Pathoc instance.
|
|
|
|
"""
|
|
|
|
p = libpathod.pathoc.Pathoc(
|
|
|
|
("localhost", self.proxy.port), ssl=self.ssl, sni=sni, fp=None
|
|
|
|
)
|
|
|
|
p.connect()
|
|
|
|
return p
|
|
|
|
|
|
|
|
|
|
|
|
class SSLSpoofModeTest(ProxTestBase):
|
|
|
|
ssl = True
|
|
|
|
|
|
|
|
@classmethod
|
|
|
|
def get_proxy_config(cls):
|
|
|
|
d = ProxTestBase.get_proxy_config()
|
|
|
|
d["upstream_server"] = None
|
|
|
|
d["mode"] = "sslspoof"
|
|
|
|
d["spoofed_ssl_port"] = 443
|
|
|
|
return d
|
|
|
|
|
|
|
|
def pathoc(self, sni=None):
|
|
|
|
"""
|
|
|
|
Returns a connected Pathoc instance.
|
|
|
|
"""
|
|
|
|
p = libpathod.pathoc.Pathoc(
|
|
|
|
("localhost", self.proxy.port), ssl=self.ssl, sni=sni, fp=None
|
|
|
|
)
|
|
|
|
p.connect()
|
|
|
|
return p
|
|
|
|
|
|
|
|
|
2014-02-07 06:08:59 +00:00
|
|
|
class ChainProxTest(ProxTestBase):
|
|
|
|
"""
|
2014-09-04 22:18:17 +00:00
|
|
|
Chain three instances of mitmproxy in a row to test upstream mode.
|
|
|
|
Proxy order is cls.proxy -> cls.chain[0] -> cls.chain[1]
|
|
|
|
cls.proxy and cls.chain[0] are in upstream mode,
|
|
|
|
cls.chain[1] is in regular mode.
|
2014-02-07 06:08:59 +00:00
|
|
|
"""
|
2014-09-04 22:18:17 +00:00
|
|
|
chain = None
|
2014-02-07 06:08:59 +00:00
|
|
|
n = 2
|
2014-09-04 22:18:17 +00:00
|
|
|
|
2014-02-07 06:08:59 +00:00
|
|
|
@classmethod
|
|
|
|
def setupAll(cls):
|
2014-02-07 17:14:15 +00:00
|
|
|
cls.chain = []
|
2014-09-04 22:18:17 +00:00
|
|
|
super(ChainProxTest, cls).setupAll()
|
|
|
|
for _ in range(cls.n):
|
|
|
|
config = ProxyConfig(**cls.get_proxy_config())
|
2014-02-07 06:08:59 +00:00
|
|
|
tmaster = cls.masterclass(config)
|
2014-09-04 22:18:17 +00:00
|
|
|
proxy = ProxyThread(tmaster)
|
|
|
|
proxy.start()
|
|
|
|
cls.chain.insert(0, proxy)
|
|
|
|
|
|
|
|
# Patch the orginal proxy to upstream mode
|
2015-05-30 00:03:28 +00:00
|
|
|
cls.config = cls.proxy.tmaster.config = cls.proxy.tmaster.server.config = ProxyConfig(
|
|
|
|
**cls.get_proxy_config())
|
2014-02-07 06:08:59 +00:00
|
|
|
|
|
|
|
@classmethod
|
|
|
|
def teardownAll(cls):
|
|
|
|
super(ChainProxTest, cls).teardownAll()
|
2014-09-04 22:18:17 +00:00
|
|
|
for proxy in cls.chain:
|
|
|
|
proxy.shutdown()
|
2013-03-24 20:20:26 +00:00
|
|
|
|
2014-02-07 17:14:15 +00:00
|
|
|
def setUp(self):
|
|
|
|
super(ChainProxTest, self).setUp()
|
2014-09-04 22:18:17 +00:00
|
|
|
for proxy in self.chain:
|
|
|
|
proxy.tmaster.clear_log()
|
|
|
|
proxy.tmaster.state.clear()
|
2014-02-07 17:14:15 +00:00
|
|
|
|
2014-09-04 22:18:17 +00:00
|
|
|
@classmethod
|
|
|
|
def get_proxy_config(cls):
|
|
|
|
d = super(ChainProxTest, cls).get_proxy_config()
|
|
|
|
if cls.chain: # First proxy is in normal mode.
|
|
|
|
d.update(
|
|
|
|
mode="upstream",
|
|
|
|
upstream_server=(False, False, "127.0.0.1", cls.chain[0].port)
|
|
|
|
)
|
|
|
|
return d
|
2013-03-24 20:20:26 +00:00
|
|
|
|
2015-05-30 00:03:28 +00:00
|
|
|
|
2014-09-04 22:18:17 +00:00
|
|
|
class HTTPUpstreamProxTest(ChainProxTest, HTTPProxTest):
|
2015-05-02 04:46:15 +00:00
|
|
|
pass
|