diff --git a/mitmproxy/log.py b/mitmproxy/log.py index a2e7ea994..886b14492 100644 --- a/mitmproxy/log.py +++ b/mitmproxy/log.py @@ -4,6 +4,9 @@ class LogEntry: self.msg = msg self.level = level + def __repr__(self): + return "LogEntry({}, {})".format(self.msg, self.level) + class Log: """ diff --git a/mitmproxy/proxy/root_context.py b/mitmproxy/proxy/root_context.py index 1987c8dc5..3d21b13c3 100644 --- a/mitmproxy/proxy/root_context.py +++ b/mitmproxy/proxy/root_context.py @@ -70,8 +70,16 @@ class RootContext: top_layer.server_tls, top_layer.server_conn.address[0] ) - if isinstance(top_layer, protocol.ServerConnectionMixin) or isinstance(top_layer, protocol.UpstreamConnectLayer): + if isinstance(top_layer, protocol.ServerConnectionMixin): return protocol.TlsLayer(top_layer, client_tls, client_tls) + if isinstance(top_layer, protocol.UpstreamConnectLayer): + # if the user manually sets a scheme for connect requests, we use this to decide if we + # want TLS or not. + if top_layer.connect_request.scheme: + tls = top_layer.connect_request.scheme == "https" + else: + tls = client_tls + return protocol.TlsLayer(top_layer, client_tls, tls) # 3. In Http Proxy mode and Upstream Proxy mode, the next layer is fixed. if isinstance(top_layer, protocol.TlsLayer): diff --git a/mitmproxy/test/taddons.py b/mitmproxy/test/taddons.py index 5680e8477..49142871d 100644 --- a/mitmproxy/test/taddons.py +++ b/mitmproxy/test/taddons.py @@ -17,6 +17,8 @@ class TestAddons(addonmanager.AddonManager): def trigger(self, event, *args, **kwargs): if event == "log": self.master.logs.append(args[0]) + elif event == "tick" and not args and not kwargs: + pass else: self.master.events.append((event, args, kwargs)) super().trigger(event, *args, **kwargs) diff --git a/test/mitmproxy/proxy/test_server.py b/test/mitmproxy/proxy/test_server.py index b4bb46bb3..bd61f6004 100644 --- a/test/mitmproxy/proxy/test_server.py +++ b/test/mitmproxy/proxy/test_server.py @@ -1,28 +1,27 @@ import os import socket import time -import pytest from unittest import mock -from mitmproxy.test import tutils -from mitmproxy import options -from mitmproxy.addons import script -from mitmproxy.addons import proxyauth -from mitmproxy import http -from mitmproxy.proxy.config import HostMatcher +import pytest + import mitmproxy.net.http -from mitmproxy.net import tcp -from mitmproxy.net import socks from mitmproxy import certs from mitmproxy import exceptions +from mitmproxy import http +from mitmproxy import options +from mitmproxy.addons import proxyauth +from mitmproxy.addons import script +from mitmproxy.net import socks +from mitmproxy.net import tcp from mitmproxy.net.http import http1 +from mitmproxy.proxy.config import HostMatcher +from mitmproxy.test import tutils from pathod import pathoc from pathod import pathod - from .. import tservers from ...conftest import skip_appveyor - """ Note that the choice of response code in these tests matters more than you might think. libcurl treats a 304 response code differently from, say, a @@ -1009,6 +1008,40 @@ class TestUpstreamProxySSL( assert len(self.chain[0].tmaster.state.flows) == 0 assert len(self.chain[1].tmaster.state.flows) == 1 + def test_connect_https_to_http(self): + """ + https://github.com/mitmproxy/mitmproxy/issues/2329 + + Client <- HTTPS -> Proxy <- HTTP -> Proxy <- HTTPS -> Server + """ + self.proxy.tmaster.addons.add(RewriteToHttp()) + self.chain[1].tmaster.addons.add(RewriteToHttps()) + p = self.pathoc() + with p.connect(): + resp = p.request("get:'/p/418'") + + assert self.proxy.tmaster.state.flows[0].client_conn.tls_established + assert not self.proxy.tmaster.state.flows[0].server_conn.tls_established + assert not self.chain[1].tmaster.state.flows[0].client_conn.tls_established + assert self.chain[1].tmaster.state.flows[0].server_conn.tls_established + assert resp.status_code == 418 + + +class RewriteToHttp: + def http_connect(self, f): + f.request.scheme = "http" + + def request(self, f): + f.request.scheme = "http" + + +class RewriteToHttps: + def http_connect(self, f): + f.request.scheme = "https" + + def request(self, f): + f.request.scheme = "https" + class UpstreamProxyChanger: def __init__(self, addr): diff --git a/test/mitmproxy/test_log.py b/test/mitmproxy/test_log.py index 777ab4dd1..cde679edf 100644 --- a/test/mitmproxy/test_log.py +++ b/test/mitmproxy/test_log.py @@ -1 +1,6 @@ -# TODO: write tests +from mitmproxy import log + + +def test_logentry(): + e = log.LogEntry("foo", "info") + assert repr(e) == "LogEntry(foo, info)"