From c7d8b7d6a720246785e632f00b6854e9b30a2778 Mon Sep 17 00:00:00 2001 From: Maximilian Hils Date: Fri, 3 Nov 2017 16:45:36 +0100 Subject: [PATCH 1/2] fix #2617 --- mitmproxy/proxy/protocol/http.py | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/mitmproxy/proxy/protocol/http.py b/mitmproxy/proxy/protocol/http.py index a366861d7..57ac0f169 100644 --- a/mitmproxy/proxy/protocol/http.py +++ b/mitmproxy/proxy/protocol/http.py @@ -165,7 +165,7 @@ class HttpLayer(base.Layer): def __init__(self, ctx, mode): super().__init__(ctx) self.mode = mode - self.__initial_server_conn = None + self.__initial_server_address = None # type: tuple "Contains the original destination in transparent mode, which needs to be restored" "if an inline script modified the target server for a single http request" # We cannot rely on server_conn.tls_established, @@ -177,7 +177,7 @@ class HttpLayer(base.Layer): def __call__(self): if self.mode == HTTPMode.transparent: self.__initial_server_tls = self.server_tls - self.__initial_server_conn = self.server_conn + self.__initial_server_address = self.server_conn.address while True: flow = http.HTTPFlow( self.client_conn, @@ -313,8 +313,8 @@ class HttpLayer(base.Layer): # Setting request.host also updates the host header, which we want # to preserve host_header = f.request.host_header - f.request.host = self.__initial_server_conn.address[0] - f.request.port = self.__initial_server_conn.address[1] + f.request.host = self.__initial_server_address[0] + f.request.port = self.__initial_server_address[1] f.request.host_header = host_header # set again as .host overwrites this. f.request.scheme = "https" if self.__initial_server_tls else "http" self.channel.ask("request", f) From 7e5eea19298d485584cda23e3e5bf63d473feb17 Mon Sep 17 00:00:00 2001 From: Maximilian Hils Date: Fri, 3 Nov 2017 16:46:05 +0100 Subject: [PATCH 2/2] fix re-use of serverconnection source address this previously made it impossible to redirect requests from example.com to localhost, as we still tried to bind to the external interface. --- mitmproxy/proxy/protocol/base.py | 26 ++++++++++++-------------- 1 file changed, 12 insertions(+), 14 deletions(-) diff --git a/mitmproxy/proxy/protocol/base.py b/mitmproxy/proxy/protocol/base.py index 7c0f78ae5..f1b8da6cb 100644 --- a/mitmproxy/proxy/protocol/base.py +++ b/mitmproxy/proxy/protocol/base.py @@ -96,15 +96,7 @@ class ServerConnectionMixin: def __init__(self, server_address=None): super().__init__() - self.server_conn = None - if self.config.options.spoof_source_address and self.config.options.upstream_bind_address == '': - self.server_conn = connections.ServerConnection( - server_address, (self.ctx.client_conn.address[0], 0), True) - else: - self.server_conn = connections.ServerConnection( - server_address, (self.config.options.upstream_bind_address, 0), - self.config.options.spoof_source_address - ) + self.server_conn = self.__make_server_conn(server_address) self.__check_self_connect() @@ -125,6 +117,16 @@ class ServerConnectionMixin: "The proxy shall not connect to itself.".format(repr(address)) ) + def __make_server_conn(self, server_address): + if self.config.options.spoof_source_address and self.config.options.upstream_bind_address == '': + return connections.ServerConnection( + server_address, (self.ctx.client_conn.address[0], 0), True) + else: + return connections.ServerConnection( + server_address, (self.config.options.upstream_bind_address, 0), + self.config.options.spoof_source_address + ) + def set_server(self, address): """ Sets a new server address. If there is an existing connection, it will be closed. @@ -146,11 +148,7 @@ class ServerConnectionMixin: self.server_conn.close() self.channel.tell("serverdisconnect", self.server_conn) - self.server_conn = connections.ServerConnection( - address, - (self.server_conn.source_address[0], 0), - self.config.options.spoof_source_address - ) + self.server_conn = self.__make_server_conn(address) def connect(self): """