Python-HTTPS代理隧道

client = socket.socket(socket.AF_INET, socket.SOCK_STREAM) if headers["Method"] == "CONNECT": client = ssl.wrap_socket(client) try: client.connect(( headers["Host"], headers["Port"] )) reply = "HTTP/1.0 200 Connection established\r\n" reply += "Proxy-agent: Pyx\r\n" reply += "\r\n" browser.sendall( reply.encode() ) except socket.error as err: print(err) break while True: now not sure

1条回答

网友

1楼 · 发布于 2024-06-02 11:30:11

找到相关问题的答案后：HTTPS Proxy Implementation (SSLStream)

我意识到目标服务器（在本例中是google.co.uk）443端口上的初始连接不应该加密。因此，我删除了

client = ssl.wrap_socket(client)

行以继续使用纯文本隧道而不是ssl。一旦

HTTP/1.1 200 Connection established\r\n\r\n

消息发送后，浏览器和终端服务器将通过代理形成自己的ssl连接，因此代理不需要做任何与实际https连接相关的事情。

修改后的代码（包括字节转发）：

# If we receive a CONNECT request
if headers["Method"] == "CONNECT":
    # Connect to port 443
    try:
        # If successful, send 200 code response
        client.connect(( headers["Host"], headers["Port"] ))
        reply = "HTTP/1.0 200 Connection established\r\n"
        reply += "Proxy-agent: Pyx\r\n"
        reply += "\r\n"
        browser.sendall( reply.encode() )
    except socket.error as err:
        # If the connection could not be established, exit
        # Should properly handle the exit with http error code here
        print(err)
        break

    # Indiscriminately forward bytes
    browser.setblocking(0)
    client.setblocking(0)
    while True:
        try:
            request = browser.recv(1024)
            client.sendall( request )
        except socket.error as err:
            pass
        try:
            reply = client.recv(1024)
            browser.sendall( reply )
        except socket.error as err:
            pass

参考文献：

HTTPS Proxy Implementation (SSLStream)

http://tools.ietf.org/html/draft-luotonen-ssl-tunneling-03

http://www.ietf.org/rfc/rfc2817.txt

相关问题更多 >

编程相关推荐

热门问题

热门文章