mirror of
https://github.com/Grasscutters/mitmproxy.git
synced 2024-11-30 03:14:22 +00:00
add ALPN to proxy connections
This commit is contained in:
parent
747699b126
commit
a9dd82c986
@ -1,7 +1,6 @@
|
||||
from __future__ import (absolute_import, print_function, division)
|
||||
|
||||
from .layer import Layer, ServerConnectionMixin
|
||||
from .http import HttpLayer
|
||||
|
||||
|
||||
class HttpProxy(Layer, ServerConnectionMixin):
|
||||
@ -22,3 +21,5 @@ class HttpUpstreamProxy(Layer, ServerConnectionMixin):
|
||||
for message in layer():
|
||||
if not self._handle_server_message(message):
|
||||
yield message
|
||||
|
||||
from .http import HttpLayer
|
||||
|
@ -1,7 +1,9 @@
|
||||
from __future__ import (absolute_import, print_function, division)
|
||||
|
||||
import traceback
|
||||
|
||||
from netlib import tcp
|
||||
import netlib.http.http2
|
||||
|
||||
from ..exceptions import ProtocolException
|
||||
from .layer import Layer, yield_from_callback
|
||||
@ -147,7 +149,8 @@ class TlsLayer(Layer):
|
||||
handle_sni=self.__handle_sni,
|
||||
cipher_list=self.config.ciphers_client,
|
||||
dhparams=self.config.certstore.dhparams,
|
||||
chain_file=chain_file
|
||||
chain_file=chain_file,
|
||||
alpn_select=netlib.http.http2.HTTP2Protocol.ALPN_PROTO_H2, # TODO: check if server is capable of h2 first
|
||||
)
|
||||
except tcp.NetLibError as e:
|
||||
raise ProtocolException(repr(e), e)
|
||||
@ -164,6 +167,9 @@ class TlsLayer(Layer):
|
||||
ca_path=self.config.openssl_trusted_cadir_server,
|
||||
ca_pemfile=self.config.openssl_trusted_ca_server,
|
||||
cipher_list=self.config.ciphers_server,
|
||||
alpn_protos=[
|
||||
netlib.http.http1.HTTP1Protocol.ALPN_PROTO_HTTP1,
|
||||
netlib.http.http2.HTTP2Protocol.ALPN_PROTO_H2], # TODO: read this from client_conn first
|
||||
)
|
||||
tls_cert_err = self.server_conn.ssl_verification_error
|
||||
if tls_cert_err is not None:
|
||||
|
@ -1,6 +1,8 @@
|
||||
from __future__ import absolute_import
|
||||
|
||||
import copy
|
||||
import os
|
||||
|
||||
from netlib import tcp, certutils
|
||||
from .. import stateobject, utils
|
||||
|
||||
@ -75,14 +77,14 @@ class ClientConnection(tcp.BaseHandler, stateobject.StateObject):
|
||||
return f
|
||||
|
||||
def convert_to_ssl(self, *args, **kwargs):
|
||||
# TODO: read ALPN from server and select same proto for client conn
|
||||
# alpn_select = 'h2'
|
||||
# def alpn_select_callback(conn_, options):
|
||||
# if alpn_select in options:
|
||||
# return bytes(alpn_select)
|
||||
# else: # pragma no cover
|
||||
# return options[0]
|
||||
# tcp.BaseHandler.convert_to_ssl(self, alpn_select=alpn_select_callback, *args, **kwargs)
|
||||
if 'alpn_select' in kwargs:
|
||||
alpn_select = kwargs['alpn_select']
|
||||
def alpn_select_callback(conn_, options):
|
||||
if alpn_select in options:
|
||||
return bytes(alpn_select)
|
||||
else: # pragma no cover
|
||||
return options[0]
|
||||
kwargs['alpn_select'] = alpn_select_callback
|
||||
|
||||
tcp.BaseHandler.convert_to_ssl(self, *args, **kwargs)
|
||||
self.timestamp_ssl_setup = utils.timestamp()
|
||||
@ -184,9 +186,6 @@ class ServerConnection(tcp.TCPClient, stateobject.StateObject):
|
||||
if os.path.exists(path):
|
||||
clientcert = path
|
||||
|
||||
# TODO: read ALPN from client and use same list for server conn
|
||||
# self.convert_to_ssl(cert=clientcert, sni=sni, alpn_protos=[netlib.http.http2.HTTP2Protocol.ALPN_PROTO_H2], **kwargs)
|
||||
|
||||
self.convert_to_ssl(cert=clientcert, sni=sni, **kwargs)
|
||||
self.sni = sni
|
||||
self.timestamp_ssl_setup = utils.timestamp()
|
||||
|
Loading…
Reference in New Issue
Block a user