Grasscutters/mitmproxy
3
0
Fork 0
mirror of https://github.com/Grasscutters/mitmproxy.git synced 2024-11-23 08:11:00 +00:00
Code Issues Projects Releases Wiki Activity

Merge pull request #2436 from ujjwal96/addon

Browse Source 
Allow remote Addon
This commit is contained in:
Thomas Kriechbaumer 2017-07-15 10:57:45 +02:00 committed by GitHub
commit 374c27feb6
3 changed files with 69 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
mitmproxy/addons/__init__.py
View File

@ -1,3 +1,4 @@
from mitmproxy.addons import allowremote
from mitmproxy.addons import anticache from mitmproxy.addons import anticache
from mitmproxy.addons import anticomp from mitmproxy.addons import anticomp
from mitmproxy.addons import check_alpn from mitmproxy.addons import check_alpn
@ -25,6 +26,7 @@ def default_addons():
return [ return [
core.Core(), core.Core(),
core_option_validation.CoreOptionValidation(), core_option_validation.CoreOptionValidation(),
allowremote.AllowRemote(),
anticache.AntiCache(), anticache.AntiCache(),
anticomp.AntiComp(), anticomp.AntiComp(),
check_alpn.CheckALPN(), check_alpn.CheckALPN(),

29
mitmproxy/addons/allowremote.py Normal file
View File

@ -0,0 +1,29 @@
import ipaddress
from mitmproxy import ctx
class AllowRemote:
def load(self, loader):
loader.add_option(
"allow_remote", bool, False,
"""
Allow remote clients to connect to proxy. If set to false,
client will not be able to connect to proxy unless it is on the same network
or the proxyauth option is set
"""
)
def clientconnect(self, layer):
address = layer.client_conn.address
accept_connection = (
ctx.options.allow_remote or
ipaddress.ip_address(address[0]).is_private or
ctx.options.proxyauth is not None
)
if not accept_connection:
layer.reply.kill()
ctx.log.warn("Client connection was killed because allow_remote option is set to false, "
"client IP was not a private IP and proxyauth was not set.\n"
"To allow remote connections set allow_remote option to true or set proxyauth option.")

38
test/mitmproxy/addons/test_allowremote.py Normal file
View File

@ -0,0 +1,38 @@
from unittest import mock
import pytest
from mitmproxy.addons import allowremote
from mitmproxy.test import taddons
@pytest.mark.parametrize("allow_remote, ip, should_be_killed", [
(True, "192.168.1.3", False),
(True, "122.176.243.101", False),
(False, "192.168.1.3", False),
(False, "122.176.243.101", True),
(True, "::ffff:1:2", False),
(True, "fe80::", False),
(True, "2001:4860:4860::8888", False),
(False, "::ffff:1:2", False),
(False, "fe80::", False),
(False, "2001:4860:4860::8888", True),
])
def test_allowremote(allow_remote, ip, should_be_killed):
ar = allowremote.AllowRemote()
with taddons.context() as tctx:
tctx.master.addons.register(ar)
tctx.options.allow_remote = allow_remote
with mock.patch('mitmproxy.proxy.protocol.base.Layer') as layer:
layer.client_conn.address = (ip, 12345)
ar.clientconnect(layer)
if should_be_killed:
assert tctx.master.has_log("Client connection was killed", "warn")
else:
assert tctx.master.logs == []
tctx.master.clear()
tctx.options.proxyauth = "any"
ar.clientconnect(layer)
assert tctx.master.logs == []