Example #1
0
    def read_request_proxy(self, client_conn):
        line = self.get_line(self.rfile)
        if line == "":
            return None
        if http.parse_init_connect(line):
            r = http.parse_init_connect(line)
            if not r:
                raise ProxyError(400, "Bad HTTP request line: %s"%repr(line))
            host, port, httpversion = r

            headers = self.read_headers(authenticate=True)

            self.wfile.write(
                        'HTTP/1.1 200 Connection established\r\n' +
                        ('Proxy-agent: %s\r\n'%self.server_version) +
                        '\r\n'
                        )
            self.wfile.flush()
            certfile = self.find_cert(host, port, None)
            try:
                self.convert_to_ssl(certfile, self.config.certfile or self.config.cacert)
            except tcp.NetLibError, v:
                raise ProxyError(400, str(v))
            self.proxy_connect_state = (host, port, httpversion)
            line = self.rfile.readline(line)
Example #2
0
def test_parse_init_connect():
    assert http.parse_init_connect("CONNECT host.com:443 HTTP/1.0")
    assert not http.parse_init_connect("C\xfeONNECT host.com:443 HTTP/1.0")
    assert not http.parse_init_connect("CONNECT \0host.com:443 HTTP/1.0")
    assert not http.parse_init_connect("CONNECT host.com:444444 HTTP/1.0")
    assert not http.parse_init_connect("bogus")
    assert not http.parse_init_connect("GET host.com:443 HTTP/1.0")
    assert not http.parse_init_connect("CONNECT host.com443 HTTP/1.0")
    assert not http.parse_init_connect("CONNECT host.com:443 foo/1.0")
    assert not http.parse_init_connect("CONNECT host.com:foo HTTP/1.0")
Example #3
0
def test_parse_init_connect():
    assert http.parse_init_connect("CONNECT host.com:443 HTTP/1.0")
    assert not http.parse_init_connect("C\xfeONNECT host.com:443 HTTP/1.0")
    assert not http.parse_init_connect("CONNECT \0host.com:443 HTTP/1.0")
    assert not http.parse_init_connect("CONNECT host.com:444444 HTTP/1.0")
    assert not http.parse_init_connect("bogus")
    assert not http.parse_init_connect("GET host.com:443 HTTP/1.0")
    assert not http.parse_init_connect("CONNECT host.com443 HTTP/1.0")
    assert not http.parse_init_connect("CONNECT host.com:443 foo/1.0")
    assert not http.parse_init_connect("CONNECT host.com:foo HTTP/1.0")
Example #4
0
    def read_request_proxy(self, client_conn):
        line = self.get_line(self.rfile)
        if line == "":
            return None

        if not self.proxy_connect_state:
            connparts = http.parse_init_connect(line)
            if connparts:
                host, port, httpversion = connparts
                headers = self.read_headers(authenticate=True)
                self.wfile.write(
                            'HTTP/1.1 200 Connection established\r\n' +
                            ('Proxy-agent: %s\r\n'%self.server_version) +
                            '\r\n'
                            )
                self.wfile.flush()
                dummycert = self.find_cert(client_conn, host, port, host)
                sni = HandleSNI(
                    self, client_conn, host, port,
                    dummycert, self.config.certfile or self.config.cacert
                )
                try:
                    self.convert_to_ssl(dummycert, self.config.certfile or self.config.cacert, handle_sni=sni)
                except tcp.NetLibError, v:
                    raise ProxyError(400, str(v))
                self.proxy_connect_state = (host, port, httpversion)
                line = self.rfile.readline(line)
Example #5
0
    def handle_request(self):
        """
            Returns a (again, log) tuple.

            again: True if request handling should continue.
            log: A dictionary, or None
        """
        line = self.rfile.readline()
        if line == "\r\n" or line == "\n":  # Possible leftover from previous message
            line = self.rfile.readline()
        if line == "":
            # Normal termination
            return False, None

        m = utils.MemBool()
        if m(http.parse_init_connect(line)):
            headers = http.read_headers(self.rfile)
            self.wfile.write('HTTP/1.1 200 Connection established\r\n' +
                             ('Proxy-agent: %s\r\n' % version.NAMEVERSION) +
                             '\r\n')
            self.wfile.flush()
            if not self.server.ssloptions.not_after_connect:
                try:
                    self.convert_to_ssl(self.server.ssloptions.cert,
                                        self.server.ssloptions.keyfile,
                                        handle_sni=self.handle_sni,
                                        request_client_cert=self.server.
                                        ssloptions.request_client_cert)
                except tcp.NetLibError, v:
                    s = str(v)
                    self.info(s)
                    return False, dict(type="error", msg=s)
            return True, None
Example #6
0
    def handle_request(self):
        """
            Returns a (again, log) tuple.

            again: True if request handling should continue.
            log: A dictionary, or None
        """
        line = self.rfile.readline()
        if line == "\r\n" or line == "\n": # Possible leftover from previous message
            line = self.rfile.readline()
        if line == "":
            # Normal termination
            return False, None

        m = utils.MemBool()
        if m(http.parse_init_connect(line)):
            headers = http.read_headers(self.rfile)
            self.wfile.write(
                        'HTTP/1.1 200 Connection established\r\n' +
                        ('Proxy-agent: %s\r\n'%version.NAMEVERSION) +
                        '\r\n'
                        )
            self.wfile.flush()
            if not self.server.ssloptions.not_after_connect:
                try:
                    self.convert_to_ssl(
                        self.server.ssloptions.certfile,
                        self.server.ssloptions.keyfile,
                    )
                except tcp.NetLibError, v:
                    s = str(v)
                    self.info(s)
                    return False, dict(type = "error", msg = s)
            return True, None
Example #7
0
    def read_request_proxy(self, client_conn):
        line = self.get_line(self.rfile)
        if line == "":
            return None

        if not self.proxy_connect_state:
            connparts = http.parse_init_connect(line)
            if connparts:
                host, port, httpversion = connparts
                headers = self.read_headers(authenticate=True)
                self.wfile.write('HTTP/1.1 200 Connection established\r\n' +
                                 ('Proxy-agent: %s\r\n' %
                                  self.server_version) + '\r\n')
                self.wfile.flush()
                dummycert = self.find_cert(client_conn, host, port, host)
                sni = HandleSNI(self, client_conn, host, port, dummycert,
                                self.config.certfile or self.config.cacert)
                try:
                    self.convert_to_ssl(dummycert,
                                        self.config.certfile
                                        or self.config.cacert,
                                        handle_sni=sni)
                except tcp.NetLibError, v:
                    raise ProxyError(400, str(v))
                self.proxy_connect_state = (host, port, httpversion)
                line = self.rfile.readline(line)
Example #8
0
    def from_stream(cls, rfile, include_content=True, body_size_limit=None):
        """
        Parse an HTTP request from a file stream
        """
        httpversion, host, port, scheme, method, path, headers, content, timestamp_start, timestamp_end \
            = None, None, None, None, None, None, None, None, None, None

        if hasattr(rfile, "reset_timestamps"):
            rfile.reset_timestamps()

        request_line = get_line(rfile)

        if hasattr(rfile, "first_byte_timestamp"):
            timestamp_start = rfile.first_byte_timestamp
        else:
            timestamp_start = utils.timestamp()

        request_line_parts = http.parse_init(request_line)
        if not request_line_parts:
            raise http.HttpError(
                400, "Bad HTTP request line: %s" % repr(request_line))
        method, path, httpversion = request_line_parts

        if path == '*':
            form_in = "asterisk"
        elif path.startswith("/"):
            form_in = "origin"
            if not netlib.utils.isascii(path):
                raise http.HttpError(
                    400, "Bad HTTP request line: %s" % repr(request_line))
        elif method.upper() == 'CONNECT':
            form_in = "authority"
            r = http.parse_init_connect(request_line)
            if not r:
                raise http.HttpError(
                    400, "Bad HTTP request line: %s" % repr(request_line))
            host, port, _ = r
            path = None
        else:
            form_in = "absolute"
            r = http.parse_init_proxy(request_line)
            if not r:
                raise http.HttpError(
                    400, "Bad HTTP request line: %s" % repr(request_line))
            _, scheme, host, port, path, _ = r

        headers = http.read_headers(rfile)
        if headers is None:
            raise http.HttpError(400, "Invalid headers")

        if include_content:
            content = http.read_http_body(rfile, headers, body_size_limit,
                                          True)
            timestamp_end = utils.timestamp()

        return HTTPRequest(form_in, method, scheme, host, port, path,
                           httpversion, headers, content, timestamp_start,
                           timestamp_end)
Example #9
0
    def from_stream(cls, rfile, include_content=True, body_size_limit=None):
        """
        Parse an HTTP request from a file stream
        """
        httpversion, host, port, scheme, method, path, headers, content, timestamp_start, timestamp_end \
            = None, None, None, None, None, None, None, None, None, None

        if hasattr(rfile, "reset_timestamps"):
            rfile.reset_timestamps()

        request_line = get_line(rfile)

        if hasattr(rfile, "first_byte_timestamp"):
            timestamp_start = rfile.first_byte_timestamp
        else:
            timestamp_start = utils.timestamp()

        request_line_parts = http.parse_init(request_line)
        if not request_line_parts:
            raise http.HttpError(400, "Bad HTTP request line: %s" % repr(request_line))
        method, path, httpversion = request_line_parts

        if path == '*':
            form_in = "asterisk"
        elif path.startswith("/"):
            form_in = "origin"
            if not netlib.utils.isascii(path):
                raise http.HttpError(400, "Bad HTTP request line: %s" % repr(request_line))
        elif method.upper() == 'CONNECT':
            form_in = "authority"
            r = http.parse_init_connect(request_line)
            if not r:
                raise http.HttpError(400, "Bad HTTP request line: %s" % repr(request_line))
            host, port, _ = r
            path = None
        else:
            form_in = "absolute"
            r = http.parse_init_proxy(request_line)
            if not r:
                raise http.HttpError(400, "Bad HTTP request line: %s" % repr(request_line))
            _, scheme, host, port, path, _ = r

        headers = http.read_headers(rfile)
        if headers is None:
            raise http.HttpError(400, "Invalid headers")

        if include_content:
            content = http.read_http_body(rfile, headers, body_size_limit, True)
            timestamp_end = utils.timestamp()

        return HTTPRequest(form_in, method, scheme, host, port, path, httpversion, headers, content,
                           timestamp_start, timestamp_end)
Example #10
0
    def read_request_proxy(self, client_conn):
        line = self.get_line(self.rfile)
        if line == "":
            return None

        if not self.proxy_connect_state:
            connparts = http.parse_init_connect(line)
            if connparts:
                host, port, httpversion = connparts
                headers = self.read_headers(authenticate=True)
                self.wfile.write(
                            'HTTP/1.1 200 Connection established\r\n' +
                            ('Proxy-agent: %s\r\n'%self.server_version) +
                            '\r\n'
                            )
                self.wfile.flush()
                self.establish_ssl(client_conn, host, port)
                self.proxy_connect_state = (host, port, httpversion)
                line = self.rfile.readline(line)

        if self.proxy_connect_state:
            r = http.parse_init_http(line)
            if not r:
                raise ProxyError(400, "Bad HTTP request line: %s"%repr(line))
            method, path, httpversion = r
            headers = self.read_headers(authenticate=False)

            host, port, _ = self.proxy_connect_state
            content = http.read_http_body_request(
                self.rfile, self.wfile, headers, httpversion, self.config.body_size_limit
            )
            return flow.Request(
                        client_conn, httpversion, host, port, "https", method, path, headers, content,
                        self.rfile.first_byte_timestamp, utils.timestamp()
                   )
        else:
            r = http.parse_init_proxy(line)
            if not r:
                raise ProxyError(400, "Bad HTTP request line: %s"%repr(line))
            method, scheme, host, port, path, httpversion = r
            headers = self.read_headers(authenticate=True)
            content = http.read_http_body_request(
                self.rfile, self.wfile, headers, httpversion, self.config.body_size_limit
            )
            return flow.Request(
                        client_conn, httpversion, host, port, scheme, method, path, headers, content,
                        self.rfile.first_byte_timestamp, utils.timestamp()
                    )
Example #11
0
 def _read_request_authority_form(self, line):
     """
     The authority-form of request-target is only used for CONNECT requests.
     The CONNECT method is used to request a tunnel to the destination server.
     This function sends a "200 Connection established" response to the client
     and returns the host information that can be used to process further requests in origin-form.
     An example authority-form request line would be:
         CONNECT www.example.com:80 HTTP/1.1
     """
     connparts = http.parse_init_connect(line)
     if connparts:
         self.read_headers(authenticate=True)
         # respond according to http://tools.ietf.org/html/draft-luotonen-web-proxy-tunneling-01 section 3.2
         self.wfile.write('HTTP/1.1 200 Connection established\r\n' +
                          ('Proxy-agent: %s\r\n' % self.server_version) +
                          '\r\n')
         self.wfile.flush()
     return connparts
Example #12
0
    def handle_request(self):
        """
            Returns a (again, log) tuple.

            again: True if request handling should continue.
            log: A dictionary, or None
        """
        if self.server.logreq:
            self.rfile.start_log()
        if self.server.logresp:
            self.wfile.start_log()

        line = http.get_request_line(self.rfile)
        if not line:
            # Normal termination
            return False

        m = utils.MemBool()
        if m(http.parse_init_connect(line)):
            headers = http.read_headers(self.rfile)
            self.wfile.write(
                'HTTP/1.1 200 Connection established\r\n' +
                ('Proxy-agent: %s\r\n' % version.NAMEVERSION) +
                '\r\n'
            )
            self.wfile.flush()
            if not self.server.ssloptions.not_after_connect:
                try:
                    cert, key, chain_file = self.server.ssloptions.get_cert(
                        m.v[0]
                    )
                    self.convert_to_ssl(
                        cert, key,
                        handle_sni=self.handle_sni,
                        request_client_cert=self.server.ssloptions.request_client_cert,
                        cipher_list=self.server.ssloptions.ciphers,
                        method=self.server.ssloptions.sslversion,
                    )
                except tcp.NetLibError, v:
                    s = str(v)
                    self.info(s)
                    self.addlog(dict(type="error", msg=s))
                    return False
            return True
Example #13
0
    def handle_request(self):
        """
            Returns a (again, log) tuple.

            again: True if request handling should continue.
            log: A dictionary, or None
        """
        if self.server.logreq:
            self.rfile.start_log()
        if self.server.logresp:
            self.wfile.start_log()

        line = http.get_request_line(self.rfile)
        if not line:
            # Normal termination
            return False

        m = utils.MemBool()
        if m(http.parse_init_connect(line)):
            headers = http.read_headers(self.rfile)
            self.wfile.write('HTTP/1.1 200 Connection established\r\n' +
                             ('Proxy-agent: %s\r\n' % version.NAMEVERSION) +
                             '\r\n')
            self.wfile.flush()
            if not self.server.ssloptions.not_after_connect:
                try:
                    cert, key, chain_file = self.server.ssloptions.get_cert(
                        m.v[0])
                    self.convert_to_ssl(
                        cert,
                        key,
                        handle_sni=self.handle_sni,
                        request_client_cert=self.server.ssloptions.
                        request_client_cert,
                        cipher_list=self.server.ssloptions.ciphers,
                        method=self.server.ssloptions.sslversion,
                    )
                except tcp.NetLibError, v:
                    s = str(v)
                    self.info(s)
                    self.addlog(dict(type="error", msg=s))
                    return False
            return True
Example #14
0
 def _read_request_authority_form(self, line):
     """
     The authority-form of request-target is only used for CONNECT requests.
     The CONNECT method is used to request a tunnel to the destination server.
     This function sends a "200 Connection established" response to the client
     and returns the host information that can be used to process further requests in origin-form.
     An example authority-form request line would be:
         CONNECT www.example.com:80 HTTP/1.1
     """
     connparts = http.parse_init_connect(line)
     if connparts:
         self.read_headers(authenticate=True)
         # respond according to http://tools.ietf.org/html/draft-luotonen-web-proxy-tunneling-01 section 3.2
         self.wfile.write(
             'HTTP/1.1 200 Connection established\r\n' +
             ('Proxy-agent: %s\r\n'%self.server_version) +
             '\r\n'
         )
         self.wfile.flush()
     return connparts
Example #15
0
 def read_request(self, client_conn):
     if self.config.transparent_proxy:
         host, port = self.config.transparent_proxy["resolver"].original_addr(self.connection)
         if not self.ssl_established and (port in self.config.transparent_proxy["sslports"]):
             scheme = "https"
             certfile = self.find_cert(host, port, None)
             self.convert_to_ssl(certfile, self.config.certfile or self.config.cacert)
         else:
             scheme = "http"
         host = self.sni or host
         line = self.get_line(self.rfile)
         if line == "":
             return None
         r = http.parse_init_http(line)
         if not r:
             raise ProxyError(400, "Bad HTTP request line: %s"%line)
         method, path, httpversion = r
         headers = http.read_headers(self.rfile)
         content = http.read_http_body_request(
                     self.rfile, self.wfile, headers, httpversion, self.config.body_size_limit
                 )
         return flow.Request(client_conn, httpversion, host, port, scheme, method, path, headers, content)
     elif self.config.reverse_proxy:
         line = self.get_line(self.rfile)
         if line == "":
             return None
         scheme, host, port = self.config.reverse_proxy
         r = http.parse_init_http(line)
         if not r:
             raise ProxyError(400, "Bad HTTP request line: %s"%line)
         method, path, httpversion = r
         headers = http.read_headers(self.rfile)
         content = http.read_http_body_request(
                     self.rfile, self.wfile, headers, httpversion, self.config.body_size_limit
                 )
         return flow.Request(client_conn, httpversion, host, port, "http", method, path, headers, content)
     else:
         line = self.get_line(self.rfile)
         if line == "":
             return None
         if line.startswith("CONNECT"):
             host, port, httpversion = http.parse_init_connect(line)
             # FIXME: Discard additional headers sent to the proxy. Should I expose
             # these to users?
             while 1:
                 d = self.rfile.readline()
                 if d == '\r\n' or d == '\n':
                     break
             self.wfile.write(
                         'HTTP/1.1 200 Connection established\r\n' +
                         ('Proxy-agent: %s\r\n'%version.NAMEVERSION) +
                         '\r\n'
                         )
             self.wfile.flush()
             certfile = self.find_cert(host, port, None)
             self.convert_to_ssl(certfile, self.config.certfile or self.config.cacert)
             self.proxy_connect_state = (host, port, httpversion)
             line = self.rfile.readline(line)
         if self.proxy_connect_state:
             host, port, httpversion = self.proxy_connect_state
             r = http.parse_init_http(line)
             if not r:
                 raise ProxyError(400, "Bad HTTP request line: %s"%line)
             method, path, httpversion = r
             headers = http.read_headers(self.rfile)
             content = http.read_http_body_request(
                 self.rfile, self.wfile, headers, httpversion, self.config.body_size_limit
             )
             return flow.Request(client_conn, httpversion, host, port, "https", method, path, headers, content)
         else:
             method, scheme, host, port, path, httpversion = http.parse_init_proxy(line)
             headers = http.read_headers(self.rfile)
             content = http.read_http_body_request(
                 self.rfile, self.wfile, headers, httpversion, self.config.body_size_limit
             )
             return flow.Request(client_conn, httpversion, host, port, scheme, method, path, headers, content)
Example #16
0
    def handle_request(self):
        """
            Returns a (again, log) tuple.

            again: True if request handling should continue.
            log: A dictionary, or None
        """
        line = self.rfile.readline()
        if line == "\r\n" or line == "\n":  # Possible leftover from previous message
            line = self.rfile.readline()
        if line == "":
            # Normal termination
            return False, None

        m = utils.MemBool()
        if m(http.parse_init_connect(line)):
            headers = http.read_headers(self.rfile)
            self.wfile.write(
                'HTTP/1.1 200 Connection established\r\n' +
                ('Proxy-agent: %s\r\n' % version.NAMEVERSION) +
                '\r\n'
            )
            self.wfile.flush()
            if not self.server.ssloptions.not_after_connect:
                try:
                    cert, key, chain_file = self.server.ssloptions.get_cert(m.v[0])
                    self.convert_to_ssl(
                        cert, key,
                        handle_sni=self.handle_sni,
                        request_client_cert=self.server.ssloptions.request_client_cert,
                        cipher_list=self.server.ssloptions.ciphers,
                        method=self.server.ssloptions.sslversion,
                    )
                except tcp.NetLibError as v:
                    s = str(v)
                    self.info(s)
                    return False, dict(type="error", msg=s)
            return True, None
        elif m(http.parse_init_proxy(line)):
            method, _, _, _, path, httpversion = m.v
        elif m(http.parse_init_http(line)):
            method, path, httpversion = m.v
        else:
            s = "Invalid first line: %s" % repr(line)
            self.info(s)
            return False, dict(type="error", msg=s)

        headers = http.read_headers(self.rfile)
        if headers is None:
            s = "Invalid headers"
            self.info(s)
            return False, dict(type="error", msg=s)

        clientcert = None
        if self.clientcert:
            clientcert = dict(
                cn=self.clientcert.cn,
                subject=self.clientcert.subject,
                serial=self.clientcert.serial,
                notbefore=self.clientcert.notbefore.isoformat(),
                notafter=self.clientcert.notafter.isoformat(),
                keyinfo=self.clientcert.keyinfo,
            )

        retlog = dict(
            type="crafted",
            request=dict(
                path=path,
                method=method,
                headers=headers.lst,
                httpversion=httpversion,
                sni=self.sni,
                remote_address=self.address(),
                clientcert=clientcert,
            ),
            cipher=None,
        )
        if self.ssl_established:
            retlog["cipher"] = self.get_current_cipher()

        try:
            content = http.read_http_body(
                self.rfile, headers, None,
                method, None, True
            )
        except http.HttpError as s:
            s = str(s)
            self.info(s)
            return False, dict(type="error", msg=s)

        for i in self.server.anchors:
            if i[0].match(path):
                self.info("crafting anchor: %s" % path)
                again, retlog["response"] = self.serve_crafted(i[1])
                return again, retlog

        if not self.server.nocraft and path.startswith(self.server.craftanchor):
            spec = urllib.parse.unquote(path)[len(self.server.craftanchor):]
            self.info("crafting spec: %s" % spec)
            try:
                crafted = language.parse_response(spec)
            except language.ParseException as v:
                self.info("Parse error: %s" % v.msg)
                crafted = language.make_error_response(
                    "Parse Error",
                    "Error parsing response spec: %s\n" % v.msg + v.marked()
                )
            again, retlog["response"] = self.serve_crafted(crafted)
            return again, retlog
        elif self.server.noweb:
            crafted = language.make_error_response("Access Denied")
            language.serve(crafted, self.wfile, self.server.request_settings)
            return False, dict(
                type="error",
                msg="Access denied: web interface disabled"
            )
        else:
            self.info("app: %s %s" % (method, path))
            req = wsgi.Request("http", method, path, headers, content)
            flow = wsgi.Flow(self.address, req)
            sn = self.connection.getsockname()
            a = wsgi.WSGIAdaptor(
                self.server.app,
                sn[0],
                self.server.address.port,
                version.NAMEVERSION
            )
            a.serve(flow, self.wfile)
            return True, None
Example #17
0
     scheme, host, port = self.config.reverse_proxy
     r = http.parse_init_http(line)
     if not r:
         raise ProxyError(400, "Bad HTTP request line: %s"%repr(line))
     method, path, httpversion = r
     headers = http.read_headers(self.rfile)
     content = http.read_http_body_request(
                 self.rfile, self.wfile, headers, httpversion, self.config.body_size_limit
             )
     return flow.Request(client_conn, httpversion, host, port, "http", method, path, headers, content)
 else:
     line = self.get_line(self.rfile)
     if line == "":
         return None
     if line.startswith("CONNECT"):
         r = http.parse_init_connect(line)
         if not r:
             raise ProxyError(400, "Bad HTTP request line: %s"%repr(line))
         host, port, httpversion = r
         # FIXME: Discard additional headers sent to the proxy. Should I expose
         # these to users?
         while 1:
             d = self.rfile.readline()
             if d == '\r\n' or d == '\n':
                 break
         self.wfile.write(
                     'HTTP/1.1 200 Connection established\r\n' +
                     ('Proxy-agent: %s\r\n'%self.server_version) +
                     '\r\n'
                     )
         self.wfile.flush()
Example #18
0
     if not r:
         raise ProxyError(400, "Bad HTTP request line: %s"%repr(line))
     method, path, httpversion = r
     headers = http.read_headers(self.rfile)
     if headers is None:
         raise ProxyError(400, "Invalid headers")
     content = http.read_http_body_request(
                 self.rfile, self.wfile, headers, httpversion, self.config.body_size_limit
             )
     return flow.Request(client_conn, httpversion, host, port, "http", method, path, headers, content)
 else:
     line = self.get_line(self.rfile)
     if line == "":
         return None
     if line.startswith("CONNECT"):
         r = http.parse_init_connect(line)
         if not r:
             raise ProxyError(400, "Bad HTTP request line: %s"%repr(line))
         host, port, httpversion = r
         # FIXME: Discard additional headers sent to the proxy. Should I expose
         # these to users?
         while 1:
             d = self.rfile.readline()
             if d == '\r\n' or d == '\n':
                 break
         self.wfile.write(
                     'HTTP/1.1 200 Connection established\r\n' +
                     ('Proxy-agent: %s\r\n'%self.server_version) +
                     '\r\n'
                     )
         self.wfile.flush()