Grasscutters/mitmproxy
3
0
Fork 0
mirror of https://github.com/Grasscutters/mitmproxy.git synced 2024-11-26 02:10:59 +00:00
Code Issues Projects Releases Wiki Activity

Merge pull request #4631 from mhils/issue-4630

Browse Source 
fix #4630
This commit is contained in:
Maximilian Hils 2021-06-10 00:23:52 +02:00 committed by GitHub
commit 8a17866113
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 13 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
mitmproxy/addons/tlsconfig.py
View File

@ -169,18 +169,19 @@ class TlsConfig:
if not server.alpn_offers: if not server.alpn_offers:
if client.alpn_offers: if client.alpn_offers:
if ctx.options.http2: if ctx.options.http2:
# We would perfectly support HTTP/1 -> HTTP/2, but we want to keep things on the same protocol
# version. There are some edge cases where we want to mirror the regular server's behavior
# accurately, for example header capitalization.
server.alpn_offers = tuple(client.alpn_offers) server.alpn_offers = tuple(client.alpn_offers)
else: else:
server.alpn_offers = tuple(x for x in client.alpn_offers if x != b"h2") server.alpn_offers = tuple(x for x in client.alpn_offers if x != b"h2")
elif client.tls_established:
# We would perfectly support HTTP/1 -> HTTP/2, but we want to keep things on the same protocol version.
# There are some edge cases where we want to mirror the regular server's behavior accurately,
# for example header capitalization.
server.alpn_offers = []
elif ctx.options.http2:
server.alpn_offers = tls.HTTP_ALPNS
else: else:
server.alpn_offers = tls.HTTP1_ALPNS # We either have no client TLS or a client without ALPN.
# - If the client does use TLS but did not send an ALPN extension, we want to mirror that upstream.
# - If the client does not use TLS, there's no clear-cut answer. As a pragmatic approach, we also do
# not send any ALPN extension in this case, which defaults to whatever protocol we are speaking
# or falls back to HTTP.
server.alpn_offers = []
if not server.cipher_list and ctx.options.ciphers_server: if not server.cipher_list and ctx.options.ciphers_server:
server.cipher_list = ctx.options.ciphers_server.split(":") server.cipher_list = ctx.options.ciphers_server.split(":")

3
test/helper_tools/loggrep.py
View File

@ -1,6 +1,7 @@
#!/usr/bin/env python3 #!/usr/bin/env python3
import fileinput import fileinput
import sys import sys
import re
if __name__ == "__main__": if __name__ == "__main__":
if len(sys.argv) < 3: if len(sys.argv) < 3:
@ -10,7 +11,7 @@ if __name__ == "__main__":
port = sys.argv[1] port = sys.argv[1]
matches = False matches = False
for line in fileinput.input(sys.argv[2:]): for line in fileinput.input(sys.argv[2:]):
if line.startswith("["): if re.match(r"^\[|(\d+\.){3}", line):
matches = port in line matches = port in line
if matches: if matches:
print(line, end="") print(line, end="")

4
test/mitmproxy/addons/test_tlsconfig.py
View File

@ -190,8 +190,8 @@ class TestTlsConfig:
assert_alpn(True, tls.HTTP_ALPNS + (b"foo",), tls.HTTP_ALPNS + (b"foo",)) assert_alpn(True, tls.HTTP_ALPNS + (b"foo",), tls.HTTP_ALPNS + (b"foo",))
assert_alpn(False, tls.HTTP_ALPNS + (b"foo",), tls.HTTP1_ALPNS + (b"foo",)) assert_alpn(False, tls.HTTP_ALPNS + (b"foo",), tls.HTTP1_ALPNS + (b"foo",))
assert_alpn(True, [], tls.HTTP_ALPNS) assert_alpn(True, [], [])
assert_alpn(False, [], tls.HTTP1_ALPNS) assert_alpn(False, [], [])
ctx.client.timestamp_tls_setup = time.time() ctx.client.timestamp_tls_setup = time.time()
# make sure that we don't upgrade h1 to h2, # make sure that we don't upgrade h1 to h2,
# see comment in tlsconfig.py # see comment in tlsconfig.py