From 858b0af0bbcbf3c26e71c0b6e33b5de3a8f31c75 Mon Sep 17 00:00:00 2001 From: Maximilian Hils Date: Sun, 10 Aug 2014 16:10:49 +0200 Subject: [PATCH] fix #270 --- libmproxy/platform/linux.py | 3 ++- libmproxy/platform/osx.py | 13 ++++++------- libmproxy/platform/pf.py | 4 +++- libmproxy/platform/windows.py | 4 ++-- libmproxy/proxy/primitives.py | 7 ++++--- 5 files changed, 17 insertions(+), 14 deletions(-) diff --git a/libmproxy/platform/linux.py b/libmproxy/platform/linux.py index d37f0fe8c..d5cfec90f 100644 --- a/libmproxy/platform/linux.py +++ b/libmproxy/platform/linux.py @@ -3,7 +3,8 @@ import socket, struct # Python socket module does not have this constant SO_ORIGINAL_DST = 80 -class Resolver: + +class Resolver(object): def original_addr(self, csock): odestdata = csock.getsockopt(socket.SOL_IP, SO_ORIGINAL_DST, 16) _, port, a1, a2, a3, a4 = struct.unpack("!HHBBBBxxxxxxxx", odestdata) diff --git a/libmproxy/platform/osx.py b/libmproxy/platform/osx.py index 3a91ac2bb..810e5e5ff 100644 --- a/libmproxy/platform/osx.py +++ b/libmproxy/platform/osx.py @@ -13,15 +13,14 @@ import pf the output processing of pfctl (see pf.py). """ -class Resolver: + +class Resolver(object): STATECMD = ("sudo", "-n", "/sbin/pfctl", "-s", "state") - def __init__(self): - pass def original_addr(self, csock): peer = csock.getpeername() - try: - stxt = subprocess.check_output(self.STATECMD, stderr=subprocess.STDOUT) - except subprocess.CalledProcessError: - return None + stxt = subprocess.check_output(self.STATECMD, stderr=subprocess.STDOUT) + if "sudo: a password is required" in stxt: + raise RuntimeError("Insufficient privileges to access pfctl. " + "See http://mitmproxy.org/doc/transparent/osx.html for details.") return pf.lookup(peer[0], peer[1], stxt) diff --git a/libmproxy/platform/pf.py b/libmproxy/platform/pf.py index dc0f61046..8c2f46786 100644 --- a/libmproxy/platform/pf.py +++ b/libmproxy/platform/pf.py @@ -1,5 +1,6 @@ import sys + def lookup(address, port, s): """ Parse the pfctl state output s, to look up the destination host @@ -7,7 +8,7 @@ def lookup(address, port, s): Returns an (address, port) tuple, or None. """ - spec = "%s:%s"%(address, port) + spec = "%s:%s" % (address, port) for i in s.split("\n"): if "ESTABLISHED:ESTABLISHED" in i and spec in i: s = i.split() @@ -20,3 +21,4 @@ def lookup(address, port, s): if len(s) == 2: return s[0], int(s[1]) + raise RuntimeError("Could not resolve original destination.") \ No newline at end of file diff --git a/libmproxy/platform/windows.py b/libmproxy/platform/windows.py index 8c10421b2..587831255 100644 --- a/libmproxy/platform/windows.py +++ b/libmproxy/platform/windows.py @@ -16,7 +16,6 @@ PROXY_API_PORT = 8085 class Resolver(object): - def __init__(self): TransparentProxy.setup() @@ -40,6 +39,7 @@ class APIRequestHandler(SocketServer.StreamRequestHandler): TransparentProxy API: Returns the pickled server address, port tuple for each received pickled client address, port tuple. """ + def handle(self): proxifier = self.server.proxifier while True: @@ -174,7 +174,7 @@ class TransparentProxy(object): if e.winerror == 995: return None, None else: - raise e + raise def redirect(self): """ diff --git a/libmproxy/proxy/primitives.py b/libmproxy/proxy/primitives.py index 6154749cd..dc4b7e220 100644 --- a/libmproxy/proxy/primitives.py +++ b/libmproxy/proxy/primitives.py @@ -40,9 +40,10 @@ class TransparentUpstreamServerResolver(UpstreamServerResolver): self.sslports = sslports def __call__(self, conn): - dst = self.resolver.original_addr(conn) - if not dst: - raise ProxyError(502, "Transparent mode failure: could not resolve original destination.") + try: + dst = self.resolver.original_addr(conn) + except Exception, e: + raise ProxyError(502, "Transparent mode failure: %s" % str(e)) if dst[1] in self.sslports: ssl = True