def test_upstream_https(tctx):
"""
Test mitmproxy in HTTPS upstream mode with another mitmproxy instance upstream.
In other words:
mitmdump --mode upstream:https://localhost:8081 --ssl-insecure
mitmdump -p 8081
curl -x localhost:8080 -k http://example.com
"""
tctx1 = Context(Client(("client", 1234), ("127.0.0.1", 8080), 1605699329),
copy.deepcopy(tctx.options))
tctx1.options.mode = "upstream:https://example.mitmproxy.org:8081"
tctx2 = Context(Client(("client", 4321), ("127.0.0.1", 8080), 1605699329),
copy.deepcopy(tctx.options))
assert tctx2.options.mode == "regular"
del tctx
proxy1 = Playbook(modes.HttpProxy(tctx1), hooks=False)
proxy2 = Playbook(modes.HttpProxy(tctx2), hooks=False)
upstream = Placeholder(Server)
server = Placeholder(Server)
clienthello = Placeholder(bytes)
serverhello = Placeholder(bytes)
request = Placeholder(bytes)
tls_finished = Placeholder(bytes)
response = Placeholder(bytes)
assert (
proxy1 >> DataReceived(
tctx1.client,
b"GET http://example.com/ HTTP/1.1\r\nHost: example.com\r\n\r\n")
<< NextLayerHook(Placeholder(NextLayer)) >>
reply_next_layer(lambda ctx: http.HttpLayer(ctx, HTTPMode.upstream)) <<
OpenConnection(upstream) >> reply(None) << TlsStartServerHook(
Placeholder()) >> reply_tls_start_server(alpn=b"http/1.1") <<
SendData(upstream, clienthello))
assert upstream().address == ("example.mitmproxy.org", 8081)
assert upstream().sni == "example.mitmproxy.org"
assert (proxy2 >> DataReceived(
tctx2.client, clienthello()) << NextLayerHook(Placeholder(NextLayer))
>> reply_next_layer(ClientTLSLayer) << TlsStartClientHook(
Placeholder()) >> reply_tls_start_client(alpn=b"http/1.1") <<
SendData(tctx2.client, serverhello))
assert (proxy1 >> DataReceived(upstream, serverhello()) << SendData(
upstream, request))
assert (proxy2 >> DataReceived(tctx2.client, request()) << SendData(
tctx2.client, tls_finished) << NextLayerHook(Placeholder(NextLayer)) >>
reply_next_layer(lambda ctx: http.HttpLayer(ctx, HTTPMode.regular))
<< OpenConnection(server) >> reply(None) << SendData(
server, b'GET / HTTP/1.1\r\nHost: example.com\r\n\r\n') >>
DataReceived(server,
b"HTTP/1.1 200 OK\r\nContent-Length: 0\r\n\r\n") <<
SendData(tctx2.client, response))
assert server().address == ("example.com", 80)
assert (proxy1 >> DataReceived(
upstream,
tls_finished() + response()) << SendData(
tctx1.client, b"HTTP/1.1 200 OK\r\nContent-Length: 0\r\n\r\n"))
def __init__(self, reader: asyncio.StreamReader, writer: asyncio.StreamWriter, options: moptions.Options) -> None:
client = Client(
writer.get_extra_info('peername'),
writer.get_extra_info('sockname'),
time.time(),
)
context = Context(client, options)
super().__init__(context)
self.transports[client] = ConnectionIO(handler=None, reader=reader, writer=writer)
def __init__(self, flow: http.HTTPFlow, options: Options) -> None:
client = flow.client_conn.copy()
client.state = ConnectionState.OPEN
context = Context(client, options)
context.server = Server((flow.request.host, flow.request.port))
context.server.tls = flow.request.scheme == "https"
if options.mode.startswith("upstream:"):
context.server.via = server_spec.parse_with_mode(options.mode)[1]
super().__init__(context)
self.layer = layers.HttpLayer(context, HTTPMode.transparent)
self.layer.connections[client] = MockServer(flow, context.fork())
self.flow = flow
self.done = asyncio.Event()
from hypothesis import given
from hypothesis.strategies import binary
from mitmproxy import options
from mitmproxy.connection import Client
from mitmproxy.proxy.context import Context
from mitmproxy.proxy.events import DataReceived
from mitmproxy.proxy.layers.modes import Socks5Proxy
opts = options.Options()
tctx = Context(Client(("client", 1234), ("127.0.0.1", 8080), 1605699329), opts)
@given(binary())
def test_socks5_fuzz(data):
layer = Socks5Proxy(tctx)
list(layer.handle_event(DataReceived(tctx.client, data)))