mirror of
https://github.com/Grasscutters/mitmproxy.git
synced 2024-11-26 10:16:27 +00:00
fix upstream proxy server change, update example
This commit is contained in:
parent
63ad4a4f51
commit
1e9aef5b1e
@ -1,29 +1,34 @@
|
|||||||
# This scripts demonstrates how mitmproxy can switch to a second/different upstream proxy
|
# This scripts demonstrates how mitmproxy can switch to a second/different upstream proxy
|
||||||
# in upstream proxy mode.
|
# in upstream proxy mode.
|
||||||
#
|
#
|
||||||
# Usage: mitmdump -U http://default-upstream-proxy.local:8080/ -s
|
# Usage: mitmdump -U http://default-upstream-proxy.local:8080/ -s change_upstream_proxy.py
|
||||||
# "change_upstream_proxy.py host"
|
#
|
||||||
from libmproxy.protocol.http import send_connect_request
|
# If you want to change the target server, you should modify flow.request.host and flow.request.port
|
||||||
|
# flow.live.set_server should only be used by inline scripts to change the upstream proxy.
|
||||||
alternative_upstream_proxy = ("localhost", 8082)
|
|
||||||
|
|
||||||
|
|
||||||
def should_redirect(flow):
|
def proxy_address(flow):
|
||||||
return flow.request.host == "example.com"
|
# Poor man's loadbalancing: route every second domain through the alternative proxy.
|
||||||
|
if hash(flow.request.host) % 2 == 1:
|
||||||
|
return ("localhost", 8082)
|
||||||
|
else:
|
||||||
|
return ("localhost", 8081)
|
||||||
|
|
||||||
|
|
||||||
def request(context, flow):
|
def request(context, flow):
|
||||||
if flow.live and should_redirect(flow):
|
if flow.request.method == "CONNECT":
|
||||||
|
# If the decision is done by domain, one could also modify the server address here.
|
||||||
# If you want to change the target server, you should modify flow.request.host and flow.request.port
|
# We do it after CONNECT here to have the request data available as well.
|
||||||
# flow.live.change_server should only be used by inline scripts to change the upstream proxy,
|
return
|
||||||
# unless you are sure that you know what you are doing.
|
address = proxy_address(flow)
|
||||||
server_changed = flow.live.change_server(
|
if flow.live:
|
||||||
alternative_upstream_proxy,
|
if flow.request.scheme == "http":
|
||||||
persistent_change=True)
|
# For a normal HTTP request, we just change the proxy server and we're done!
|
||||||
if flow.request.scheme == "https" and server_changed:
|
if address != flow.live.server_conn.address:
|
||||||
send_connect_request(
|
flow.live.set_server(address, depth=1)
|
||||||
flow.live.c.server_conn,
|
else:
|
||||||
flow.request.host,
|
# If we have CONNECTed (and thereby established "destination state"), the story is
|
||||||
flow.request.port)
|
# a bit more complex. Now we don't want to change the top level address (which is
|
||||||
flow.live.c.establish_ssl(server=True)
|
# the connect destination) but the address below that. (Notice the `.via` and depth=2).
|
||||||
|
if address != flow.live.server_conn.via.address:
|
||||||
|
flow.live.set_server(address, depth=2)
|
||||||
|
@ -116,6 +116,10 @@ class ServerConnectionMixin(object):
|
|||||||
self._disconnect()
|
self._disconnect()
|
||||||
self.log("Set new server address: " + repr(address), "debug")
|
self.log("Set new server address: " + repr(address), "debug")
|
||||||
self.server_conn.address = address
|
self.server_conn.address = address
|
||||||
|
if server_tls:
|
||||||
|
raise ProtocolException(
|
||||||
|
"Cannot upgrade to TLS, no TLS layer on the protocol stack."
|
||||||
|
)
|
||||||
else:
|
else:
|
||||||
self.ctx.set_server(address, server_tls, sni, depth - 1)
|
self.ctx.set_server(address, server_tls, sni, depth - 1)
|
||||||
|
|
||||||
|
@ -207,6 +207,9 @@ class ConnectServerConnection(object):
|
|||||||
def __getattr__(self, item):
|
def __getattr__(self, item):
|
||||||
return getattr(self.via, item)
|
return getattr(self.via, item)
|
||||||
|
|
||||||
|
def __nonzero__(self):
|
||||||
|
return bool(self.via)
|
||||||
|
|
||||||
|
|
||||||
class UpstreamConnectLayer(Layer):
|
class UpstreamConnectLayer(Layer):
|
||||||
def __init__(self, ctx, connect_request):
|
def __init__(self, ctx, connect_request):
|
||||||
@ -221,19 +224,22 @@ class UpstreamConnectLayer(Layer):
|
|||||||
layer = self.ctx.next_layer(self)
|
layer = self.ctx.next_layer(self)
|
||||||
layer()
|
layer()
|
||||||
|
|
||||||
|
def _send_connect_request(self):
|
||||||
|
self.send_request(self.connect_request)
|
||||||
|
resp = self.read_response("CONNECT")
|
||||||
|
if resp.code != 200:
|
||||||
|
raise ProtocolException("Reconnect: Upstream server refuses CONNECT request")
|
||||||
|
|
||||||
def connect(self):
|
def connect(self):
|
||||||
if not self.server_conn:
|
if not self.server_conn:
|
||||||
self.ctx.connect()
|
self.ctx.connect()
|
||||||
self.send_request(self.connect_request)
|
self._send_connect_request()
|
||||||
else:
|
else:
|
||||||
pass # swallow the message
|
pass # swallow the message
|
||||||
|
|
||||||
def reconnect(self):
|
def reconnect(self):
|
||||||
self.ctx.reconnect()
|
self.ctx.reconnect()
|
||||||
self.send_request(self.connect_request)
|
self._send_connect_request()
|
||||||
resp = self.read_response("CONNECT")
|
|
||||||
if resp.code != 200:
|
|
||||||
raise ProtocolException("Reconnect: Upstream server refuses CONNECT request")
|
|
||||||
|
|
||||||
def set_server(self, address, server_tls=None, sni=None, depth=1):
|
def set_server(self, address, server_tls=None, sni=None, depth=1):
|
||||||
if depth == 1:
|
if depth == 1:
|
||||||
@ -386,7 +392,7 @@ class HttpLayer(Layer):
|
|||||||
if self.supports_streaming:
|
if self.supports_streaming:
|
||||||
flow.response = self.read_response_headers()
|
flow.response = self.read_response_headers()
|
||||||
else:
|
else:
|
||||||
flow.response = self.read_response()
|
flow.response = self.read_response(flow.request.method)
|
||||||
|
|
||||||
try:
|
try:
|
||||||
get_response()
|
get_response()
|
||||||
@ -473,13 +479,6 @@ class HttpLayer(Layer):
|
|||||||
# Establish connection is neccessary.
|
# Establish connection is neccessary.
|
||||||
if not self.server_conn:
|
if not self.server_conn:
|
||||||
self.connect()
|
self.connect()
|
||||||
|
|
||||||
# SetServer is not guaranteed to work with TLS:
|
|
||||||
# If there's not TlsLayer below which could catch the exception,
|
|
||||||
# TLS will not be established.
|
|
||||||
if tls and not self.server_conn.tls_established:
|
|
||||||
raise ProtocolException(
|
|
||||||
"Cannot upgrade to SSL, no TLS layer on the protocol stack.")
|
|
||||||
else:
|
else:
|
||||||
if not self.server_conn:
|
if not self.server_conn:
|
||||||
self.connect()
|
self.connect()
|
||||||
|
@ -152,10 +152,12 @@ class TlsLayer(Layer):
|
|||||||
self._establish_tls_with_server()
|
self._establish_tls_with_server()
|
||||||
|
|
||||||
def set_server(self, address, server_tls=None, sni=None, depth=1):
|
def set_server(self, address, server_tls=None, sni=None, depth=1):
|
||||||
self.ctx.set_server(address, server_tls, sni, depth)
|
|
||||||
if depth == 1 and server_tls is not None:
|
if depth == 1 and server_tls is not None:
|
||||||
|
self.ctx.set_server(address, None, None, 1)
|
||||||
self._sni_from_server_change = sni
|
self._sni_from_server_change = sni
|
||||||
self._server_tls = server_tls
|
self._server_tls = server_tls
|
||||||
|
else:
|
||||||
|
self.ctx.set_server(address, server_tls, sni, depth)
|
||||||
|
|
||||||
@property
|
@property
|
||||||
def sni_for_server_connection(self):
|
def sni_for_server_connection(self):
|
||||||
|
Loading…
Reference in New Issue
Block a user