def __init__( self, host='', port=8080, cadir=CA_DIR, clientcerts=None, no_upstream_cert=False, body_size_limit=None, mode="regular", upstream_server=None, authenticator=None, ignore_hosts=tuple(), tcp_hosts=tuple(), ciphers_client=None, ciphers_server=None, certs=tuple(), ssl_version_client="secure", ssl_version_server="secure", ssl_verify_upstream_cert=False, ssl_verify_upstream_trusted_cadir=None, ssl_verify_upstream_trusted_ca=None, ): self.host = host self.port = port self.ciphers_client = ciphers_client self.ciphers_server = ciphers_server self.clientcerts = clientcerts self.no_upstream_cert = no_upstream_cert self.body_size_limit = body_size_limit self.mode = mode if upstream_server: self.upstream_server = ServerSpec(upstream_server[0], Address.wrap(upstream_server[1])) else: self.upstream_server = None self.check_ignore = HostMatcher(ignore_hosts) self.check_tcp = HostMatcher(tcp_hosts) self.authenticator = authenticator self.cadir = os.path.expanduser(cadir) self.certstore = certutils.CertStore.from_store( self.cadir, CONF_BASENAME ) for spec, cert in certs: self.certstore.add_cert_file(spec, cert) self.openssl_method_client, self.openssl_options_client = \ sslversion_choices[ssl_version_client] self.openssl_method_server, self.openssl_options_server = \ sslversion_choices[ssl_version_server] if ssl_verify_upstream_cert: self.openssl_verification_mode_server = SSL.VERIFY_PEER else: self.openssl_verification_mode_server = SSL.VERIFY_NONE self.openssl_trusted_cadir_server = ssl_verify_upstream_trusted_cadir self.openssl_trusted_ca_server = ssl_verify_upstream_trusted_ca
def set_server(self, address, server_tls=None, sni=None): if self.ctx.server_conn: self.ctx.disconnect() address = Address.wrap(address) self.connect_request.host = address.host self.connect_request.port = address.port self.server_conn.address = address if server_tls: raise ProtocolException("Cannot upgrade to TLS, no TLS layer on the protocol stack.")
def set_server(self, address, server_tls=None, sni=None): if self.ctx.server_conn: self.ctx.disconnect() address = Address.wrap(address) self.connect_request.host = address.host self.connect_request.port = address.port self.server_conn.address = address if server_tls: raise ProtocolException( "Cannot upgrade to TLS, no TLS layer on the protocol stack." )
def make_connect_request(address): address = Address.wrap(address) return HTTPRequest( "authority", "CONNECT", None, address.host, address.port, None, b"HTTP/1.1", Headers(), "" )
def __init__( self, host='', port=8080, cadir=CA_DIR, clientcerts=None, no_upstream_cert=False, body_size_limit=None, mode="regular", upstream_server=None, authenticator=None, ignore_hosts=tuple(), tcp_hosts=tuple(), http2=False, rawtcp=False, ciphers_client=None, ciphers_server=None, certs=tuple(), ssl_version_client="secure", ssl_version_server="secure", ssl_verify_upstream_cert=False, ssl_verify_upstream_trusted_cadir=None, ssl_verify_upstream_trusted_ca=None, ): self.host = host self.port = port self.ciphers_client = ciphers_client self.ciphers_server = ciphers_server self.clientcerts = clientcerts self.no_upstream_cert = no_upstream_cert self.body_size_limit = body_size_limit self.mode = mode if upstream_server: self.upstream_server = ServerSpec(upstream_server[0], Address.wrap(upstream_server[1])) else: self.upstream_server = None self.check_ignore = HostMatcher(ignore_hosts) self.check_tcp = HostMatcher(tcp_hosts) self.http2 = http2 self.rawtcp = rawtcp self.authenticator = authenticator self.cadir = os.path.expanduser(cadir) self.certstore = certutils.CertStore.from_store( self.cadir, CONF_BASENAME ) for spec, cert in certs: self.certstore.add_cert_file(spec, cert) self.openssl_method_client, self.openssl_options_client = \ sslversion_choices[ssl_version_client] self.openssl_method_server, self.openssl_options_server = \ sslversion_choices[ssl_version_server] if ssl_verify_upstream_cert: self.openssl_verification_mode_server = SSL.VERIFY_PEER else: self.openssl_verification_mode_server = SSL.VERIFY_NONE self.openssl_trusted_cadir_server = ssl_verify_upstream_trusted_cadir self.openssl_trusted_ca_server = ssl_verify_upstream_trusted_ca
def make_connect_request(address): address = Address.wrap(address) return HTTPRequest("authority", "CONNECT", None, address.host, address.port, None, (1, 1), odict.ODictCaseless(), "")