From 026330a3b014f24f095b839b29186036854de3bc Mon Sep 17 00:00:00 2001 From: Maximilian Hils Date: Sat, 8 Aug 2015 16:08:57 +0200 Subject: cleaner Exceptions, ssl -> tls, upstream proxy mode --- libmproxy/exceptions.py | 22 ++++ libmproxy/protocol2/__init__.py | 3 +- libmproxy/protocol2/auto.py | 4 +- libmproxy/protocol2/layer.py | 10 +- libmproxy/protocol2/messages.py | 4 +- libmproxy/protocol2/rawtcp.py | 8 +- libmproxy/protocol2/reverse_proxy.py | 10 +- libmproxy/protocol2/socks.py | 6 +- libmproxy/protocol2/ssl.py | 203 ------------------------------- libmproxy/protocol2/tls.py | 203 +++++++++++++++++++++++++++++++ libmproxy/protocol2/transparent_proxy.py | 24 ++++ libmproxy/protocol2/upstream_proxy.py | 18 +++ libmproxy/proxy/connection.py | 8 ++ libmproxy/proxy/primitives.py | 6 - libmproxy/proxy/server.py | 6 +- 15 files changed, 306 insertions(+), 229 deletions(-) create mode 100644 libmproxy/exceptions.py delete mode 100644 libmproxy/protocol2/ssl.py create mode 100644 libmproxy/protocol2/tls.py create mode 100644 libmproxy/protocol2/transparent_proxy.py create mode 100644 libmproxy/protocol2/upstream_proxy.py diff --git a/libmproxy/exceptions.py b/libmproxy/exceptions.py new file mode 100644 index 00000000..4d98c024 --- /dev/null +++ b/libmproxy/exceptions.py @@ -0,0 +1,22 @@ +from __future__ import (absolute_import, print_function, division) + + +class ProxyException(Exception): + """ + Base class for all exceptions thrown by libmproxy. + """ + def __init__(self, message, cause=None): + """ + :param message: Error Message + :param cause: Exception object that caused this exception to be thrown. + """ + super(ProxyException, self).__init__(message) + self.cause = cause + + +class ProtocolException(ProxyException): + pass + + +class ServerException(ProxyException): + pass \ No newline at end of file diff --git a/libmproxy/protocol2/__init__.py b/libmproxy/protocol2/__init__.py index 3f714f62..0d232b13 100644 --- a/libmproxy/protocol2/__init__.py +++ b/libmproxy/protocol2/__init__.py @@ -2,6 +2,7 @@ from __future__ import (absolute_import, print_function, division) from .layer import RootContext from .socks import Socks5IncomingLayer from .reverse_proxy import ReverseProxy +from .upstream_proxy import UpstreamProxy from .rawtcp import TcpLayer from .auto import AutoLayer -__all__ = ["Socks5IncomingLayer", "TcpLayer", "AutoLayer", "RootContext", "ReverseProxy"] +__all__ = ["Socks5IncomingLayer", "TcpLayer", "AutoLayer", "RootContext", "ReverseProxy", "UpstreamProxy"] diff --git a/libmproxy/protocol2/auto.py b/libmproxy/protocol2/auto.py index fc111758..4a930720 100644 --- a/libmproxy/protocol2/auto.py +++ b/libmproxy/protocol2/auto.py @@ -10,11 +10,11 @@ class AutoLayer(Layer): return # TLS ClientHello magic, see http://www.moserware.com/2009/06/first-few-milliseconds-of-https.html#client-hello if d[0] == "\x16": - layer = SslLayer(self, True, True) + layer = TlsLayer(self, True, True) else: layer = TcpLayer(self) for m in layer(): yield m from .rawtcp import TcpLayer -from .ssl import SslLayer +from .tls import TlsLayer diff --git a/libmproxy/protocol2/layer.py b/libmproxy/protocol2/layer.py index c18be83c..8aede22e 100644 --- a/libmproxy/protocol2/layer.py +++ b/libmproxy/protocol2/layer.py @@ -35,9 +35,10 @@ from __future__ import (absolute_import, print_function, division) import Queue import threading from netlib import tcp -from ..proxy import ProxyError2, Log +from ..proxy import Log from ..proxy.connection import ServerConnection from .messages import Connect, Reconnect, ChangeServer +from ..exceptions import ProtocolException class RootContext(object): @@ -51,6 +52,9 @@ class RootContext(object): self.channel = channel # provides .ask() method to communicate with FlowMaster self.config = config # Proxy Configuration + def next_layer(self): + print(type(self)) + class _LayerCodeCompletion(object): """ @@ -149,7 +153,7 @@ class ServerConnectionMixin(object): try: self.server_conn.connect() except tcp.NetLibError as e: - raise ProxyError2("Server connection to '%s' failed: %s" % (self.server_address, e), e) + raise ProtocolException("Server connection to '%s' failed: %s" % (self.server_address, e), e) def yield_from_callback(fun): @@ -197,7 +201,7 @@ def yield_from_callback(fun): break elif isinstance(msg, Exception): # TODO: Include func name? - raise ProxyError2("Error in %s: %s" % (fun.__name__, repr(msg)), msg) + raise ProtocolException("Error in %s: %s" % (fun.__name__, repr(msg)), msg) else: yield msg yield_queue.put(None) diff --git a/libmproxy/protocol2/messages.py b/libmproxy/protocol2/messages.py index baf4312d..3f53fbd4 100644 --- a/libmproxy/protocol2/messages.py +++ b/libmproxy/protocol2/messages.py @@ -32,9 +32,9 @@ class ChangeServer(_Message): Change the upstream server. """ - def __init__(self, address, server_ssl, sni, depth=1): + def __init__(self, address, server_tls, sni, depth=1): self.address = address - self.server_ssl = server_ssl + self.server_tls = server_tls self.sni = sni # upstream proxy scenario: you may want to change either the final target or the upstream proxy. diff --git a/libmproxy/protocol2/rawtcp.py b/libmproxy/protocol2/rawtcp.py index 39e48e24..608a53e3 100644 --- a/libmproxy/protocol2/rawtcp.py +++ b/libmproxy/protocol2/rawtcp.py @@ -1,4 +1,6 @@ from __future__ import (absolute_import, print_function, division) +import OpenSSL +from ..exceptions import ProtocolException from ..protocol.tcp import TCPHandler from .layer import Layer from .messages import Connect @@ -8,7 +10,11 @@ class TcpLayer(Layer): def __call__(self): yield Connect() tcp_handler = TCPHandler(self) - tcp_handler.handle_messages() + try: + tcp_handler.handle_messages() + except OpenSSL.SSL.Error as e: + raise ProtocolException("SSL error: %s" % repr(e), e) + def establish_server_connection(self): pass diff --git a/libmproxy/protocol2/reverse_proxy.py b/libmproxy/protocol2/reverse_proxy.py index dfffd2f2..cb6d1d78 100644 --- a/libmproxy/protocol2/reverse_proxy.py +++ b/libmproxy/protocol2/reverse_proxy.py @@ -1,19 +1,19 @@ from __future__ import (absolute_import, print_function, division) from .layer import Layer, ServerConnectionMixin -from .ssl import SslLayer +from .tls import TlsLayer class ReverseProxy(Layer, ServerConnectionMixin): - def __init__(self, ctx, server_address, client_ssl, server_ssl): + def __init__(self, ctx, server_address, client_tls, server_tls): super(ReverseProxy, self).__init__(ctx) self.server_address = server_address - self.client_ssl = client_ssl - self.server_ssl = server_ssl + self._client_tls = client_tls + self._server_tls = server_tls def __call__(self): - layer = SslLayer(self, self.client_ssl, self.server_ssl) + layer = TlsLayer(self, self._client_tls, self._server_tls) for message in layer(): if not self._handle_server_message(message): yield message diff --git a/libmproxy/protocol2/socks.py b/libmproxy/protocol2/socks.py index 14564521..1222ef5c 100644 --- a/libmproxy/protocol2/socks.py +++ b/libmproxy/protocol2/socks.py @@ -1,10 +1,10 @@ from __future__ import (absolute_import, print_function, division) -from ..proxy import ProxyError, Socks5ProxyMode, ProxyError2 +from ..exceptions import ProtocolException +from ..proxy import ProxyError, Socks5ProxyMode from .layer import Layer, ServerConnectionMixin from .auto import AutoLayer - class Socks5IncomingLayer(Layer, ServerConnectionMixin): def __call__(self): try: @@ -12,7 +12,7 @@ class Socks5IncomingLayer(Layer, ServerConnectionMixin): address = s5mode.get_upstream_server(self.client_conn)[2:] except ProxyError as e: # TODO: Unmonkeypatch - raise ProxyError2(str(e), e) + raise ProtocolException(str(e), e) self.server_address = address diff --git a/libmproxy/protocol2/ssl.py b/libmproxy/protocol2/ssl.py deleted file mode 100644 index a744a979..00000000 --- a/libmproxy/protocol2/ssl.py +++ /dev/null @@ -1,203 +0,0 @@ -from __future__ import (absolute_import, print_function, division) -import traceback -from netlib import tcp - -from ..proxy import ProxyError2 -from .layer import Layer, yield_from_callback -from .messages import Connect, Reconnect, ChangeServer -from .auto import AutoLayer - - -class SslLayer(Layer): - def __init__(self, ctx, client_ssl, server_ssl): - super(SslLayer, self).__init__(ctx) - self._client_ssl = client_ssl - self._server_ssl = server_ssl - self._connected = False - self.client_sni = None - self._sni_from_server_change = None - - def __call__(self): - """ - The strategy for establishing SSL is as follows: - First, we determine whether we need the server cert to establish ssl with the client. - If so, we first connect to the server and then to the client. - If not, we only connect to the client and do the server_ssl lazily on a Connect message. - - An additional complexity is that establish ssl with the server may require a SNI value from the client. - In an ideal world, we'd do the following: - 1. Start the SSL handshake with the client - 2. Check if the client sends a SNI. - 3. Pause the client handshake, establish SSL with the server. - 4. Finish the client handshake with the certificate from the server. - There's just one issue: We cannot get a callback from OpenSSL if the client doesn't send a SNI. :( - Thus, we resort to the following workaround when establishing SSL with the server: - 1. Try to establish SSL with the server without SNI. If this fails, we ignore it. - 2. Establish SSL with client. - - If there's a SNI callback, reconnect to the server with SNI. - - If not and the server connect failed, raise the original exception. - Further notes: - - OpenSSL 1.0.2 introduces a callback that would help here: - https://www.openssl.org/docs/ssl/SSL_CTX_set_cert_cb.html - - The original mitmproxy issue is https://github.com/mitmproxy/mitmproxy/issues/427 - """ - client_ssl_requires_server_cert = ( - self._client_ssl and self._server_ssl and not self.config.no_upstream_cert - ) - lazy_server_ssl = ( - self._server_ssl and not client_ssl_requires_server_cert - ) - - if client_ssl_requires_server_cert: - for m in self._establish_ssl_with_client_and_server(): - yield m - elif self.client_ssl: - for m in self._establish_ssl_with_client(): - yield m - - layer = AutoLayer(self) - for message in layer(): - if message != Connect or not self._connected: - yield message - if message == Connect: - if lazy_server_ssl: - self._establish_ssl_with_server() - if message == ChangeServer and message.depth == 1: - self.server_ssl = message.server_ssl - self._sni_from_server_change = message.sni - if message == Reconnect or message == ChangeServer: - if self.server_ssl: - self._establish_ssl_with_server() - - @property - def sni_for_upstream_connection(self): - if self._sni_from_server_change is False: - return None - else: - return self._sni_from_server_change or self.client_sni - - def _establish_ssl_with_client_and_server(self): - """ - This function deals with the problem that the server may require a SNI value from the client. - """ - - # First, try to connect to the server. - yield Connect() - self._connected = True - server_err = None - try: - self._establish_ssl_with_server() - except ProxyError2 as e: - server_err = e - - for message in self._establish_ssl_with_client(): - if message == Reconnect: - yield message - self._establish_ssl_with_server() - else: - raise RuntimeError("Unexpected Message: %s" % message) - - if server_err and not self.client_sni: - raise server_err - - def handle_sni(self, connection): - """ - This callback gets called during the SSL handshake with the client. - The client has just sent the Sever Name Indication (SNI). - """ - try: - old_upstream_sni = self.sni_for_upstream_connection - - sn = connection.get_servername() - if not sn: - return - self.client_sni = sn.decode("utf8").encode("idna") - - if old_upstream_sni != self.sni_for_upstream_connection: - # Perform reconnect - if self.server_ssl: - self.yield_from_callback(Reconnect()) - - if self.client_sni: - # Now, change client context to reflect possibly changed certificate: - cert, key, chain_file = self.find_cert() - new_context = self.client_conn.create_ssl_context( - cert, key, - method=self.config.openssl_method_client, - options=self.config.openssl_options_client, - cipher_list=self.config.ciphers_client, - dhparams=self.config.certstore.dhparams, - chain_file=chain_file - ) - connection.set_context(new_context) - # An unhandled exception in this method will core dump PyOpenSSL, so - # make dang sure it doesn't happen. - except: # pragma: no cover - self.log("Error in handle_sni:\r\n" + traceback.format_exc(), "error") - - @yield_from_callback - def _establish_ssl_with_client(self): - self.log("Establish SSL with client", "debug") - cert, key, chain_file = self.find_cert() - try: - self.client_conn.convert_to_ssl( - cert, key, - method=self.config.openssl_method_client, - options=self.config.openssl_options_client, - handle_sni=self.handle_sni, - cipher_list=self.config.ciphers_client, - dhparams=self.config.certstore.dhparams, - chain_file=chain_file - ) - except tcp.NetLibError as e: - raise ProxyError2(repr(e), e) - - def _establish_ssl_with_server(self): - self.log("Establish SSL with server", "debug") - try: - self.server_conn.establish_ssl( - self.config.clientcerts, - self.sni_for_upstream_connection, - method=self.config.openssl_method_server, - options=self.config.openssl_options_server, - verify_options=self.config.openssl_verification_mode_server, - ca_path=self.config.openssl_trusted_cadir_server, - ca_pemfile=self.config.openssl_trusted_ca_server, - cipher_list=self.config.ciphers_server, - ) - ssl_cert_err = self.server_conn.ssl_verification_error - if ssl_cert_err is not None: - self.log( - "SSL verification failed for upstream server at depth %s with error: %s" % - (ssl_cert_err['depth'], ssl_cert_err['errno']), - "error") - self.log("Ignoring server verification error, continuing with connection", "error") - except tcp.NetLibInvalidCertificateError as e: - ssl_cert_err = self.server_conn.ssl_verification_error - self.log( - "SSL verification failed for upstream server at depth %s with error: %s" % - (ssl_cert_err['depth'], ssl_cert_err['errno']), - "error") - self.log("Aborting connection attempt", "error") - raise ProxyError2(repr(e), e) - except tcp.NetLibError as e: - raise ProxyError2(repr(e), e) - - def find_cert(self): - host = self.server_conn.address.host - # TODO: Better use an OrderedSet here - sans = set() - # Incorporate upstream certificate - if self.server_conn.ssl_established and (not self.config.no_upstream_cert): - upstream_cert = self.server_conn.cert - sans.update(upstream_cert.altnames) - if upstream_cert.cn: - sans.add(host) - host = upstream_cert.cn.decode("utf8").encode("idna") - # Also add SNI values. - if self.client_sni: - sans.add(self.client_sni) - if self._sni_from_server_change: - sans.add(self._sni_from_server_change) - - return self.config.certstore.get_cert(host, list(sans)) diff --git a/libmproxy/protocol2/tls.py b/libmproxy/protocol2/tls.py new file mode 100644 index 00000000..2362b2b2 --- /dev/null +++ b/libmproxy/protocol2/tls.py @@ -0,0 +1,203 @@ +from __future__ import (absolute_import, print_function, division) +import traceback +from netlib import tcp + +from ..exceptions import ProtocolException +from .layer import Layer, yield_from_callback +from .messages import Connect, Reconnect, ChangeServer +from .auto import AutoLayer + + +class TlsLayer(Layer): + def __init__(self, ctx, client_tls, server_tls): + super(TlsLayer, self).__init__(ctx) + self._client_tls = client_tls + self._server_tls = server_tls + self._connected = False + self.client_sni = None + self._sni_from_server_change = None + + def __call__(self): + """ + The strategy for establishing SSL is as follows: + First, we determine whether we need the server cert to establish ssl with the client. + If so, we first connect to the server and then to the client. + If not, we only connect to the client and do the server_ssl lazily on a Connect message. + + An additional complexity is that establish ssl with the server may require a SNI value from the client. + In an ideal world, we'd do the following: + 1. Start the SSL handshake with the client + 2. Check if the client sends a SNI. + 3. Pause the client handshake, establish SSL with the server. + 4. Finish the client handshake with the certificate from the server. + There's just one issue: We cannot get a callback from OpenSSL if the client doesn't send a SNI. :( + Thus, we resort to the following workaround when establishing SSL with the server: + 1. Try to establish SSL with the server without SNI. If this fails, we ignore it. + 2. Establish SSL with client. + - If there's a SNI callback, reconnect to the server with SNI. + - If not and the server connect failed, raise the original exception. + Further notes: + - OpenSSL 1.0.2 introduces a callback that would help here: + https://www.openssl.org/docs/ssl/SSL_CTX_set_cert_cb.html + - The original mitmproxy issue is https://github.com/mitmproxy/mitmproxy/issues/427 + """ + client_tls_requires_server_cert = ( + self._client_tls and self._server_tls and not self.config.no_upstream_cert + ) + lazy_server_tls = ( + self._server_tls and not client_tls_requires_server_cert + ) + + if client_tls_requires_server_cert: + for m in self._establish_tls_with_client_and_server(): + yield m + elif self._client_tls: + for m in self._establish_tls_with_client(): + yield m + + self.next_layer() + layer = AutoLayer(self) + for message in layer(): + if message != Connect or not self._connected: + yield message + if message == Connect: + if lazy_server_tls: + self._establish_tls_with_server() + if message == ChangeServer and message.depth == 1: + self._server_tls = message.server_tls + self._sni_from_server_change = message.sni + if message == Reconnect or message == ChangeServer: + if self._server_tls: + self._establish_tls_with_server() + + @property + def sni_for_upstream_connection(self): + if self._sni_from_server_change is False: + return None + else: + return self._sni_from_server_change or self.client_sni + + def _establish_tls_with_client_and_server(self): + """ + This function deals with the problem that the server may require a SNI value from the client. + """ + + # First, try to connect to the server. + yield Connect() + self._connected = True + server_err = None + try: + self._establish_tls_with_server() + except ProtocolException as e: + server_err = e + + for message in self._establish_tls_with_client(): + if message == Reconnect: + yield message + self._establish_tls_with_server() + else: + raise RuntimeError("Unexpected Message: %s" % message) + + if server_err and not self.client_sni: + raise server_err + + def handle_sni(self, connection): + """ + This callback gets called during the TLS handshake with the client. + The client has just sent the Sever Name Indication (SNI). + """ + try: + old_upstream_sni = self.sni_for_upstream_connection + + sn = connection.get_servername() + if not sn: + return + self.client_sni = sn.decode("utf8").encode("idna") + + if old_upstream_sni != self.sni_for_upstream_connection: + # Perform reconnect + if self._server_tls: + self.yield_from_callback(Reconnect()) + + if self.client_sni: + # Now, change client context to reflect possibly changed certificate: + cert, key, chain_file = self.find_cert() + new_context = self.client_conn.create_ssl_context( + cert, key, + method=self.config.openssl_method_client, + options=self.config.openssl_options_client, + cipher_list=self.config.ciphers_client, + dhparams=self.config.certstore.dhparams, + chain_file=chain_file + ) + connection.set_context(new_context) + # An unhandled exception in this method will core dump PyOpenSSL, so + # make dang sure it doesn't happen. + except: # pragma: no cover + self.log("Error in handle_sni:\r\n" + traceback.format_exc(), "error") + + @yield_from_callback + def _establish_tls_with_client(self): + self.log("Establish TLS with client", "debug") + cert, key, chain_file = self.find_cert() + try: + self.client_conn.convert_to_ssl( + cert, key, + method=self.config.openssl_method_client, + options=self.config.openssl_options_client, + handle_sni=self.handle_sni, + cipher_list=self.config.ciphers_client, + dhparams=self.config.certstore.dhparams, + chain_file=chain_file + ) + except tcp.NetLibError as e: + raise ProtocolException(repr(e), e) + + def _establish_tls_with_server(self): + self.log("Establish TLS with server", "debug") + try: + self.server_conn.establish_ssl( + self.config.clientcerts, + self.sni_for_upstream_connection, + method=self.config.openssl_method_server, + options=self.config.openssl_options_server, + verify_options=self.config.openssl_verification_mode_server, + ca_path=self.config.openssl_trusted_cadir_server, + ca_pemfile=self.config.openssl_trusted_ca_server, + cipher_list=self.config.ciphers_server, + ) + tls_cert_err = self.server_conn.ssl_verification_error + if tls_cert_err is not None: + self.log( + "TLS verification failed for upstream server at depth %s with error: %s" % + (tls_cert_err['depth'], tls_cert_err['errno']), + "error") + self.log("Ignoring server verification error, continuing with connection", "error") + except tcp.NetLibInvalidCertificateError as e: + tls_cert_err = self.server_conn.ssl_verification_error + self.log( + "TLS verification failed for upstream server at depth %s with error: %s" % + (tls_cert_err['depth'], tls_cert_err['errno']), + "error") + self.log("Aborting connection attempt", "error") + raise ProtocolException(repr(e), e) + except tcp.NetLibError as e: + raise ProtocolException(repr(e), e) + + def find_cert(self): + host = self.server_conn.address.host + sans = set() + # Incorporate upstream certificate + if self.server_conn.tls_established and (not self.config.no_upstream_cert): + upstream_cert = self.server_conn.cert + sans.update(upstream_cert.altnames) + if upstream_cert.cn: + sans.add(host) + host = upstream_cert.cn.decode("utf8").encode("idna") + # Also add SNI values. + if self.client_sni: + sans.add(self.client_sni) + if self._sni_from_server_change: + sans.add(self._sni_from_server_change) + + return self.config.certstore.get_cert(host, list(sans)) diff --git a/libmproxy/protocol2/transparent_proxy.py b/libmproxy/protocol2/transparent_proxy.py new file mode 100644 index 00000000..078954c2 --- /dev/null +++ b/libmproxy/protocol2/transparent_proxy.py @@ -0,0 +1,24 @@ +from __future__ import (absolute_import, print_function, division) + +from ..exceptions import ProtocolException +from .. import platform +from .layer import Layer, ServerConnectionMixin +from .auto import AutoLayer + + +class TransparentProxy(Layer, ServerConnectionMixin): + + def __init__(self, ctx): + super(TransparentProxy, self).__init__(ctx) + self.resolver = platform.resolver() + + def __call__(self): + try: + self.server_address = self.resolver.original_addr(self.client_conn.connection) + except Exception as e: + raise ProtocolException("Transparent mode failure: %s" % repr(e), e) + + layer = AutoLayer(self) + for message in layer(): + if not self._handle_server_message(message): + yield message diff --git a/libmproxy/protocol2/upstream_proxy.py b/libmproxy/protocol2/upstream_proxy.py new file mode 100644 index 00000000..bd920309 --- /dev/null +++ b/libmproxy/protocol2/upstream_proxy.py @@ -0,0 +1,18 @@ +from __future__ import (absolute_import, print_function, division) + +from .layer import Layer, ServerConnectionMixin +#from .http import HttpLayer + + +class UpstreamProxy(Layer, ServerConnectionMixin): + + def __init__(self, ctx, server_address): + super(UpstreamProxy, self).__init__(ctx) + self.server_address = server_address + + def __call__(self): + #layer = HttpLayer(self) + layer = None + for message in layer(): + if not self._handle_server_message(message): + yield message diff --git a/libmproxy/proxy/connection.py b/libmproxy/proxy/connection.py index 9e03157a..49210e47 100644 --- a/libmproxy/proxy/connection.py +++ b/libmproxy/proxy/connection.py @@ -32,6 +32,10 @@ class ClientConnection(tcp.BaseHandler, stateobject.StateObject): port=self.address.port ) + @property + def tls_established(self): + return self.ssl_established + _stateobject_attributes = dict( ssl_established=bool, timestamp_start=float, @@ -112,6 +116,10 @@ class ServerConnection(tcp.TCPClient, stateobject.StateObject): port=self.address.port ) + @property + def tls_established(self): + return self.ssl_established + _stateobject_attributes = dict( state=list, timestamp_start=float, diff --git a/libmproxy/proxy/primitives.py b/libmproxy/proxy/primitives.py index fd4eb882..a9f31181 100644 --- a/libmproxy/proxy/primitives.py +++ b/libmproxy/proxy/primitives.py @@ -2,12 +2,6 @@ from __future__ import absolute_import from netlib import socks, tcp -class ProxyError2(Exception): - def __init__(self, message, cause=None): - super(ProxyError2, self).__init__(message) - self.cause = cause - - class ProxyError(Exception): def __init__(self, code, message, headers=None): super(ProxyError, self).__init__(message) diff --git a/libmproxy/proxy/server.py b/libmproxy/proxy/server.py index 32d596ad..c107cbed 100644 --- a/libmproxy/proxy/server.py +++ b/libmproxy/proxy/server.py @@ -7,7 +7,7 @@ from netlib import tcp from ..protocol.handle import protocol_handler from .. import protocol2 -from .primitives import ProxyServerError, Log, ProxyError, ProxyError2 +from .primitives import ProxyServerError, Log, ProxyError from .connection import ClientConnection, ServerConnection @@ -79,12 +79,12 @@ class ConnectionHandler2: self.config, self.channel ) - root_layer = protocol2.ReverseProxy(root_context, ("localhost", 5000), True, True) + root_layer = protocol2.Socks5IncomingLayer(root_context) try: for message in root_layer(): print("Root layer receveived: %s" % message) - except ProxyError2 as e: + except protocol2.ProtocolException as e: self.log(e, "info") except Exception: self.log(traceback.format_exc(), "error") -- cgit v1.2.3