diff options
| author | Thomas Kriechbaumer <thomas@kriechbaumer.name> | 2015-08-19 15:23:52 +0200 |
|---|---|---|
| committer | Thomas Kriechbaumer <thomas@kriechbaumer.name> | 2015-08-19 16:32:02 +0200 |
| commit | c9fa8491ccc015ddff09ce15a5d718d6b58b515c (patch) | |
| tree | 2e5caf6fbf6273672f4371615ebd3d40f8839c1f /libmproxy/protocol2 | |
| parent | 9bae97eb17ed66a33b5b988c6857ca6c9fae8e22 (diff) | |
| download | mitmproxy-c9fa8491ccc015ddff09ce15a5d718d6b58b515c.tar.gz mitmproxy-c9fa8491ccc015ddff09ce15a5d718d6b58b515c.tar.bz2 mitmproxy-c9fa8491ccc015ddff09ce15a5d718d6b58b515c.zip | |
improve next_layer detection
Diffstat (limited to 'libmproxy/protocol2')
| -rw-r--r-- | libmproxy/protocol2/root_context.py | 31 |
1 files changed, 19 insertions, 12 deletions
diff --git a/libmproxy/protocol2/root_context.py b/libmproxy/protocol2/root_context.py index f0e5b9a7..9b18f0aa 100644 --- a/libmproxy/protocol2/root_context.py +++ b/libmproxy/protocol2/root_context.py @@ -6,6 +6,7 @@ from .rawtcp import RawTcpLayer from .tls import TlsLayer from .http import Http1Layer, Http2Layer, HttpLayer +from netlib.http.http2 import HTTP2Protocol class RootContext(object): """ @@ -25,11 +26,11 @@ class RootContext(object): :return: The next layer. """ - d = top_layer.client_conn.rfile.peek(3) - # TODO: Handle ignore and tcp passthrough - # TLS ClientHello magic, see http://www.moserware.com/2009/06/first-few-milliseconds-of-https.html#client-hello + # TLS ClientHello magic, works for SSLv3, TLSv1.0, TLSv1.1, TLSv1.2 + # http://www.moserware.com/2009/06/first-few-milliseconds-of-https.html#client-hello + d = top_layer.client_conn.rfile.peek(3) is_tls_client_hello = ( len(d) == 3 and d[0] == '\x16' and @@ -37,20 +38,26 @@ class RootContext(object): d[2] in ('\x00', '\x01', '\x02', '\x03') ) - is_ascii = all(x in string.ascii_uppercase for x in d) + d = top_layer.client_conn.rfile.peek(3) + is_ascii = ( + len(d) == 3 and + all(x in string.ascii_uppercase for x in d) + ) - # TODO: build is_http2_magic check here, maybe this is an easy way to detect h2c + d = top_layer.client_conn.rfile.peek(len(HTTP2Protocol.CLIENT_CONNECTION_PREFACE)) + is_http2_magic = (d == HTTP2Protocol.CLIENT_CONNECTION_PREFACE) - if not d: - return iter([]) + is_alpn_h2_negotiated = ( + isinstance(top_layer, TlsLayer) and + top_layer.client_conn.get_alpn_proto_negotiated() == HTTP2Protocol.ALPN_PROTO_H2 + ) if is_tls_client_hello: return TlsLayer(top_layer, True, True) - elif isinstance(top_layer, TlsLayer) and is_ascii: - if top_layer.client_conn.get_alpn_proto_negotiated() == 'h2': - return Http2Layer(top_layer, 'transparent') - else: - return Http1Layer(top_layer, "transparent") + elif is_alpn_h2_negotiated or is_http2_magic: + return Http2Layer(top_layer, 'transparent') + elif is_ascii: + return Http1Layer(top_layer, 'transparent') else: return RawTcpLayer(top_layer) |