def _forward_ssl(self, hostname, port): client = self.request server = connect(hostname, port, False) self.wfile.write("HTTP/1.1 200 Connection established\r\n\r\n") ui_lock.acquire() print self.pt, "<" + info("CONNECT"), hostname + ">" ui_lock.release() if not server: raise UnableToConnect() try: while not self.server._BaseServer__shutdown_request: ready, _, excpt = select.select([client, server], [], [], 2) if ready: for s in ready: data = s.recv(4096) if len(data) == 0: ui_lock.acquire() print self.pt, "<" + info( "CONNECT"), hostname + "> ended" ui_lock.release() return for d in [client, server]: if d != s: d.send(data) except socket.error: ui_lock.acquire() print self.pt, "<" + info("CONNECT"), hostname + "> died" ui_lock.release()
def _forward_ssl(self, hostname, port): client = self.request server = connect(hostname, port, False) self.wfile.write("HTTP/1.1 200 Connection established\r\n\r\n") ui_lock.acquire() print self.pt, "<" + info("CONNECT"), hostname + ">" ui_lock.release() if not server: raise UnableToConnect() try: while not self.server._BaseServer__shutdown_request: ready, _, excpt = select.select([client, server], [], [], 2) if ready: for s in ready: data = s.recv(4096) if len(data) == 0: ui_lock.acquire() print self.pt, "<" + info("CONNECT"), hostname + "> ended" ui_lock.release() return for d in [client, server]: if d != s: d.send(data) except socket.error: ui_lock.acquire() print self.pt, "<" + info("CONNECT"), hostname + "> died" ui_lock.release()
def _bypass_ssl(self, hostname, port, proxy_aware=False): """ SSL bypass, behave like the requested server and provide a certificate. """ if proxy_aware: self.wfile.write( "HTTP/1.1 200 Connection established\r\n\r\n") # yes, sure try: if conf.ssl_reverse: s = connect(hostname=hostname, port=port, use_ssl=True) cert = s.getpeercert() if cert: name = extract_name(cert) if name: ssl_hostname = name elif conf.ssl_hostname: hostname = conf.ssl_hostname ssl_hostname = hostname else: ssl_hostname = hostname self.ssl_sock = ssl.wrap_socket( self.request, server_side=True, certfile=generate_ssl_cert(ssl_hostname), keyfile=get_key_file(), ssl_version=conf._ssl_version) self.rfile = self.ssl_sock.makefile('rb', self.rbufsize) self.wfile = self.ssl_sock.makefile('wb', self.wbufsize) return Request(self.rfile, hostname=hostname, port=port, use_ssl=True) except ssl.SSLError as e: ui_lock.acquire() if "alert unknown ca" in str( e) or "alert certificate unknown" in str(e): print self.pt, "<" + warning("SSLError") + ": " + \ "Burst certificate for {} ".format(hostname) + \ "has been rejected by your client. >" elif "EOF occurred in violation of protocol" in str(e): print self.pt, "<" + warning("SSLError") + ": " + \ "Connection to {} has been dropped by the client. ".format(hostname) + \ "Fake certificate may have been refused? >" else: print warning(str(e)) ui_lock.release()
def _bypass_ssl(self, hostname, port, proxy_aware=False): """ SSL bypass, behave like the requested server and provide a certificate. """ if proxy_aware: self.wfile.write("HTTP/1.1 200 Connection established\r\n\r\n") # yes, sure try: if conf.ssl_reverse: s = connect(hostname=hostname, port=port, use_ssl=True) cert = s.getpeercert() if cert: name = extract_name(cert) if name: ssl_hostname = name elif conf.ssl_hostname: hostname = conf.ssl_hostname ssl_hostname = hostname else: ssl_hostname = hostname self.ssl_sock = ssl.wrap_socket(self.request, server_side=True, certfile=generate_ssl_cert(ssl_hostname), keyfile=get_key_file(), ssl_version=conf._ssl_version) self.rfile = self.ssl_sock.makefile('rb', self.rbufsize) self.wfile = self.ssl_sock.makefile('wb', self.wbufsize) return Request(self.rfile, hostname=hostname, port=port, use_ssl=True) except ssl.SSLError as e: ui_lock.acquire() if "alert unknown ca" in str(e) or "alert certificate unknown" in str(e): print self.pt, "<" + warning("SSLError") + ": " + \ "Burst certificate for {} ".format(hostname) + \ "has been rejected by your client. >" elif "EOF occurred in violation of protocol" in str(e): print self.pt, "<" + warning("SSLError") + ": " + \ "Connection to {} has been dropped by the client. ".format(hostname) + \ "Fake certificate may have been refused? >" else: print warning(str(e)) ui_lock.release()
def _init_connection(self): """ Init the connection with the remote server """ return connect(self.r.hostname, self.r.port, self.r.use_ssl)