简体   繁体   中英

Reverse proxy with twisted python HTTPS server

I am trying to build a reverse proxy to filter all the request that are coming to a local server.

server:

import BaseHTTPServer, SimpleHTTPServer
import ssl
import os

def main():
    httpd = BaseHTTPServer.HTTPServer(('192.168.58.1', 4443), SimpleHTTPServer.SimpleHTTPRequestHandler)
    os.chdir('./content')
    # httpd.socket = ssl.wrap_socket(httpd.socket, certfile='../server.pem', server_side=True)
    httpd.serve_forever()

if __name__ == '__main__':
    main()

proxy:

from twisted.web import proxy, server
from twisted.internet import ssl, reactor
import argparse
from OpenSSL import crypto

class BadURL():
    def render(self, request):
        return "Banned"

class HTTPSReverseProxyResource(proxy.ReverseProxyResource, object):

    def getChild(self, path, request):

        if "fmm" in path:
            return BadURL()
        child = super(HTTPSReverseProxyResource, self).getChild(path, request)
        return HTTPSReverseProxyResource(child.host, child.port, child.path,
                                     child.reactor)


if __name__ == '__main__':

    ap = argparse.ArgumentParser()
    ap.add_argument('-c', type=str)
    ap.add_argument('-k', type=str)
    ns = ap.parse_args()

    myProxy = HTTPSReverseProxyResource('192.168.58.1', 4443, '')

    site = server.Site(myProxy)

    if ns.c:
        with open(ns.c, 'rb') as fp:
            ssl_cert = fp.read()
        if ns.k:

            with open(ns.k, 'rb') as fp:
                ssl_key = fp.read()
            certificate = ssl.PrivateCertificate.load(
                    ssl_cert,
                    ssl.KeyPair.load(ssl_key, crypto.FILETYPE_PEM),
                    crypto.FILETYPE_PEM)
        else:
            certificate = ssl.PrivateCertificate.loadPEM(ssl_cert)
        reactor.listenSSL(8080, site, certificate.options())
    else:
        reactor.listenTCP(8080, site)
    reactor.run()

The problem and my question is that when I use the HTTPS server (uncomment "httpd.socket = ssl.wrap_socket..." line in the server) all the pages returned by the proxy are blank.

You didnt add proxyClientFactoryClass method to your reverse proxy class ( Python-Twisted: Reverse Proxy to HTTPS API: Could not connect ). Try this:

class HTTPSReverseProxyResource(proxy.ReverseProxyResource, object):
    def proxyClientFactoryClass(self, *args, **kwargs):
        """
        Make all connections using HTTPS.
        """
        return TLSMemoryBIOFactory(
            ssl.optionsForClientTLS(self.host.decode("ascii")), True,
            super(HTTPSReverseProxyResource, self)
            .proxyClientFactoryClass(*args, **kwargs))

    def getChild(self, path, request):

        if "fmm" in path:
            return BadURL()
        child = super(HTTPSReverseProxyResource, self).getChild(path, request)
        return HTTPSReverseProxyResource(child.host, child.port, child.path,
                                     child.reactor)

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM