def serverconnect(self, server_conn):
hostname = server_conn.address.host
# TODO (NOT FOR ALL SITE, BUT NEEDED FOR YOUTUBE)
server_conn.sni = ''
server_conn.cachebrowsed = False
server_conn.cdn = None
server_conn.cb_status_message = ''
try:
host = self._get_or_bootstrap_host(hostname=hostname)
except DoesNotExist:
err = "Bootstrap information not available for".format(hostname)
server_conn.cb_status_message = err
self.log(err, 'debug')
return server_conn
cdn = host.cdn
if not cdn.valid or not cdn.edge_server:
err = "Host {} does not have a valid CDN".format(hostname)
server_conn.cb_status_message = err
return server_conn
server_conn.address = Address(
(cdn.edge_server, server_conn.address.port))
server_conn.cachebrowsed = True
server_conn.cdn = None if cdn is None else cdn.name or cdn.id
server_conn.host = host
return server_conn
def __init__(
self,
host='',
port=8080,
cadir=CA_DIR,
clientcerts=None,
no_upstream_cert=False,
body_size_limit=None,
mode="regular",
upstream_server=None,
authenticator=None,
ignore_hosts=tuple(),
tcp_hosts=tuple(),
http2=False,
rawtcp=False,
ciphers_client=DEFAULT_CLIENT_CIPHERS,
ciphers_server=None,
certs=tuple(),
ssl_version_client="secure",
ssl_version_server="secure",
ssl_verify_upstream_cert=False,
ssl_verify_upstream_trusted_cadir=None,
ssl_verify_upstream_trusted_ca=None,
):
self.host = host
self.port = port
self.ciphers_client = ciphers_client
self.ciphers_server = ciphers_server
self.clientcerts = clientcerts
self.no_upstream_cert = no_upstream_cert
self.body_size_limit = body_size_limit
self.mode = mode
if upstream_server:
self.upstream_server = ServerSpec(upstream_server[0],
Address.wrap(upstream_server[1]))
else:
self.upstream_server = None
self.check_ignore = HostMatcher(ignore_hosts)
self.check_tcp = HostMatcher(tcp_hosts)
self.http2 = http2
self.rawtcp = rawtcp
self.authenticator = authenticator
self.cadir = os.path.expanduser(cadir)
self.certstore = certutils.CertStore.from_store(
self.cadir, CONF_BASENAME)
for spec, cert in certs:
self.certstore.add_cert_file(spec, cert)
self.openssl_method_client, self.openssl_options_client = \
sslversion_choices[ssl_version_client]
self.openssl_method_server, self.openssl_options_server = \
sslversion_choices[ssl_version_server]
if ssl_verify_upstream_cert:
self.openssl_verification_mode_server = SSL.VERIFY_PEER
else:
self.openssl_verification_mode_server = SSL.VERIFY_NONE
self.openssl_trusted_cadir_server = ssl_verify_upstream_trusted_cadir
self.openssl_trusted_ca_server = ssl_verify_upstream_trusted_ca
def parse_server_spec(url):
p = netlib.utils.parse_url(url)
if not p or not p[1] or p[0] not in ("http", "https"):
raise configargparse.ArgumentTypeError(
"Invalid server specification: %s" % url)
address = Address(p[1:3])
scheme = p[0].lower()
return config.ServerSpec(scheme, address)
def __init__(
self,
host='',
port=8080,
cadir=CA_DIR,
clientcerts=None,
no_upstream_cert=False,
body_size_limit=None,
mode="regular",
upstream_server=None,
authenticator=None,
ignore_hosts=tuple(),
tcp_hosts=tuple(),
ciphers_client=None,
ciphers_server=None,
certs=tuple(),
ssl_version_client="secure",
ssl_version_server="secure",
ssl_verify_upstream_cert=False,
ssl_verify_upstream_trusted_cadir=None,
ssl_verify_upstream_trusted_ca=None,
):
self.host = host
self.port = port
self.ciphers_client = ciphers_client
self.ciphers_server = ciphers_server
self.clientcerts = clientcerts
self.no_upstream_cert = no_upstream_cert
self.body_size_limit = body_size_limit
self.mode = mode
if upstream_server:
self.upstream_server = ServerSpec(upstream_server[0], Address.wrap(upstream_server[1]))
else:
self.upstream_server = None
self.check_ignore = HostMatcher(ignore_hosts)
self.check_tcp = HostMatcher(tcp_hosts)
self.authenticator = authenticator
self.cadir = os.path.expanduser(cadir)
self.certstore = certutils.CertStore.from_store(
self.cadir,
CONF_BASENAME
)
for spec, cert in certs:
self.certstore.add_cert_file(spec, cert)
self.openssl_method_client, self.openssl_options_client = \
sslversion_choices[ssl_version_client]
self.openssl_method_server, self.openssl_options_server = \
sslversion_choices[ssl_version_server]
if ssl_verify_upstream_cert:
self.openssl_verification_mode_server = SSL.VERIFY_PEER
else:
self.openssl_verification_mode_server = SSL.VERIFY_NONE
self.openssl_trusted_cadir_server = ssl_verify_upstream_trusted_cadir
self.openssl_trusted_ca_server = ssl_verify_upstream_trusted_ca
def set_server(self, address, server_tls=None, sni=None):
if self.ctx.server_conn:
self.ctx.disconnect()
address = Address.wrap(address)
self.connect_request.host = address.host
self.connect_request.port = address.port
self.server_conn.address = address
if server_tls:
raise ProtocolException("Cannot upgrade to TLS, no TLS layer on the protocol stack.")
def set_server(self, address, server_tls=None, sni=None):
if self.ctx.server_conn:
self.ctx.disconnect()
address = Address.wrap(address)
self.connect_request.host = address.host
self.connect_request.port = address.port
self.server_conn.address = address
if server_tls:
raise ProtocolException(
"Cannot upgrade to TLS, no TLS layer on the protocol stack.")
def handle_request(self, f):
if f.request.path == "/p/201":
# This part should have no impact, but it should also not cause any exceptions.
addr = f.live.server_conn.address
addr2 = Address(("127.0.0.1", self.redirect_port))
f.live.set_server(addr2)
f.live.set_server(addr)
# This is the actual redirection.
f.request.port = self.redirect_port
super(MasterRedirectRequest, self).handle_request(f)
def make_connect_request(address):
address = Address.wrap(address)
return HTTPRequest(
"authority", "CONNECT", None, address.host, address.port, None, b"HTTP/1.1",
Headers(), ""
)
def make_connect_request(address):
address = Address.wrap(address)
return HTTPRequest("authority", "CONNECT", None, address.host,
address.port, None, (1, 1), odict.ODictCaseless(), "")
