def _do_start_ssl_proxy(port: int, target: PortOrUrl, target_ssl=False):
import pproxy
from localstack.services.generic_proxy import GenericProxy
if ":" not in str(target):
target = "127.0.0.1:%s" % target
LOG.debug("Starting SSL proxy server %s -> %s", port, target)
# create server and remote connection
server = pproxy.Server("secure+tunnel://0.0.0.0:%s" % port)
target_proto = "ssl+tunnel" if target_ssl else "tunnel"
remote = pproxy.Connection("%s://%s" % (target_proto, target))
args = dict(rserver=[remote], verbose=print)
# set SSL contexts
_, cert_file_name, key_file_name = GenericProxy.create_ssl_cert()
for context in pproxy.server.sslcontexts:
context.load_cert_chain(cert_file_name, key_file_name)
loop = ensure_event_loop()
handler = loop.run_until_complete(server.start_server(args))
try:
loop.run_forever()
except KeyboardInterrupt:
print("exit!")
handler.close()
loop.run_until_complete(handler.wait_closed())
loop.run_until_complete(loop.shutdown_asyncgens())
loop.close()
async def configure_service(user_id, session_id, public_key, ssl_context=None):
global FETCHER_TRANS
await asyncio.wait([
fetcher_upstream.configure_client(user_id, session_id, public_key,
ssl_context),
])
# On reconnect we don't want to set it up again
if FETCHER_TRANS:
return
if FETCHER_VERSION == 'asyncio':
server = pproxy.Server('http+socks4+socks5://:%s' %
hpxclient_settings.PROXY_FETCHER_LOCAL_PORT)
settings = {
'listen':
pproxy.server.ProxyURI.compile_relay(
'http+socks4+socks5://:8080/'),
'rserver': [], # TODO: fix this
'ulisten': [],
'urserver': [],
}
FETCHER_TRANS = await server.start_server(settings)
elif FETCHER_VERSION == 'thread':
FETCHER_TRANS = await asyncio.wait([fetcher_transp.configure_server()])
def start_ssl_proxy(port, target, target_ssl=False):
import pproxy
from localstack.services.generic_proxy import GenericProxy
if ':' not in str(target):
target = '127.0.0.1:%s' % target
print('Starting SSL proxy server %s -> %s' % (port, target))
# create server and remote connection
server = pproxy.Server('secure+tunnel://0.0.0.0:%s' % port)
target_proto = 'secure+tunnel' if target_ssl else 'tunnel'
remote = pproxy.Connection('%s://%s' % (target_proto, target))
args = dict(rserver=[remote], verbose=print)
# set SSL contexts
_, cert_file_name, key_file_name = GenericProxy.create_ssl_cert()
for context in pproxy.server.sslcontexts:
context.load_cert_chain(cert_file_name, key_file_name)
loop = asyncio.get_event_loop()
handler = loop.run_until_complete(server.start_server(args))
try:
loop.run_forever()
except KeyboardInterrupt:
print('exit!')
handler.close()
loop.run_until_complete(handler.wait_closed())
loop.run_until_complete(loop.shutdown_asyncgens())
loop.close()
def _do_start_ssl_proxy(
port: int,
target: PortOrUrl,
target_ssl=False,
client_cert_key: Tuple[str, str] = None,
bind_address: str = "0.0.0.0",
):
"""
Starts a tcp proxy (with tls) on the specified port
:param port: Port the proxy should bind to
:param target: Target of the proxy. If a port, it will connect to localhost:
:param target_ssl: Specify if the proxy should connect to the target using SSL/TLS
:param client_cert_key: Client certificate for the target connection. Only set if target_ssl=True
:param bind_address: Bind address of the proxy server
"""
import pproxy
from localstack.services.generic_proxy import GenericProxy
if ":" not in str(target):
target = f"127.0.0.1:{target}"
LOG.debug("Starting SSL proxy server %s -> %s", port, target)
# create server and remote connection
server = pproxy.Server(f"secure+tunnel://{bind_address}:{port}")
target_proto = "ssl+tunnel" if target_ssl else "tunnel"
remote = pproxy.Connection(f"{target_proto}://{target}")
if client_cert_key:
# TODO verify client certs server side?
LOG.debug("Configuring ssl proxy to use client certs")
cert_file, key_file = _save_cert_keys(client_cert_key=client_cert_key)
remote.sslclient.load_cert_chain(certfile=cert_file, keyfile=key_file)
args = dict(rserver=[remote])
# set SSL contexts
_, cert_file_name, key_file_name = GenericProxy.create_ssl_cert()
for context in pproxy.server.sslcontexts:
context.load_cert_chain(cert_file_name, key_file_name)
loop = ensure_event_loop()
handler = loop.run_until_complete(server.start_server(args))
try:
loop.run_forever()
except KeyboardInterrupt:
print("exit!")
handler.close()
loop.run_until_complete(handler.wait_closed())
loop.run_until_complete(loop.shutdown_asyncgens())
loop.close()
async def build(self, lifetime: int = 0) -> None:
self.build_time = datetime.now()
if lifetime > 0:
self.destroy_time = self.build_time + timedelta(seconds=lifetime)
self.__destroy_task = asyncio.create_task(
self.run_destruction_timer())
server = pproxy.Server(f'http+socks4+socks5://0.0.0.0:{self.port}')
connection = pproxy.Connection(
f'{self.inner_proxy.url}__{self.outer_proxy.url}')
try:
self.server = await server.start_server({
'rserver': [connection],
'verbose':
self.verbose_func
})
except OSError:
self.port = utils.get_ephemeral_port()
await self.build(lifetime)
def run_pproxy(socks: int, haproxy_port: int, socks_port: int):
server = pproxy.Server(f'http://0.0.0.0:{haproxy_port}')
num_of_socks = range(socks)
remotes: list = []
for i in num_of_socks:
remotes.append(pproxy.Connection(f'socks5://localhost:{socks_port + i}'))
args = dict(rserver=remotes,
verbose=print, salgorithm="rr")
loop = asyncio.get_event_loop()
handler = loop.run_until_complete(server.start_server(args))
try:
loop.run_forever()
except KeyboardInterrupt:
print('exit!')
handler.close()
loop.run_until_complete(handler.wait_closed())
loop.run_until_complete(loop.shutdown_asyncgens())
loop.close()
import asyncio
import pproxy
server = pproxy.Server('ss://0.0.0.0:1234')
remote = pproxy.Connection('ss://1.2.3.4:5678')
args = dict(rserver=[remote], verbose=print)
loop = asyncio.get_event_loop()
handler = loop.run_until_complete(server.start_server(args))
try:
loop.run_forever()
except KeyboardInterrupt:
print('exit!')
handler.close()
loop.run_until_complete(handler.wait_closed())
loop.run_until_complete(loop.shutdown_asyncgens())
loop.close()