stackoom
  简体   繁体   中英

How to handle https clients with sockets in python? Making proxy server

 原文  2020-04-14 16:11:32       python/ sockets/ https/ proxy

Question

Im creating proxy server using sockets in python. I know how to handle http clients. But with https it doesnt work. I send to client message that everything is ok. Then i try to wrap client socket as a secure socket. But it doesnt work.

I got message:

Exception in thread Thread-14:
Traceback (most recent call last):
  File "C:\Python37\lib\threading.py", line 926, in _bootstrap_inner
    self.run()
  File "C:\Python37\lib\threading.py", line 870, in run
    self._target(*self._args, **self._kwargs)
  File "C:/Users/Даниил/Downloads/python/proxy_server/proxy_server.py", line 39, in __handle_client
    self.__handle_https(client_sock, client_data, host, port)
  File "C:/Users/Даниил/Downloads/python/proxy_server/proxy_server.py", line 62, in __handle_https
    server_side=True)
  File "C:\Python37\lib\ssl.py", line 1238, in wrap_socket
    suppress_ragged_eofs=suppress_ragged_eofs
  File "C:\Python37\lib\ssl.py", line 423, in wrap_socket
    session=session
  File "C:\Python37\lib\ssl.py", line 870, in _create
    self.do_handshake()
  File "C:\Python37\lib\ssl.py", line 1139, in do_handshake
    self._sslobj.do_handshake()
ssl.SSLError: [SSL: SSLV3_ALERT_CERTIFICATE_UNKNOWN] sslv3 alert certificate unknown (_ssl.c:1076)

I have certificate with Common Name: localhost and i added it in browser. Even when I create certificate with Common Name of host (eg docs.python.org) and add it to browser it doesnt work.

Here is my code of handling https requests:

   def __handle_https(self, client_sock, data, host, port):
        client_sock.sendall(b'HTTP/1.1 200 Connection Established\r\n\r\n')

        sclient = ssl.wrap_socket(client_sock,
                                  certfile='server.crt',
                                  keyfile='server.key',
                                  server_side=True)

1 answers

solution1
 0  2020-04-14 17:59:24

A HTTP proxy should only forward the data between client and server after the CONNECT request is done. It should not handle the TLS itself as you try. Instead it should forward the data unchanged so that there is an end-to-end TLS connection between the client to the server via the proxy.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question how to maintain connection between several clients and server in a Python Sockets program HTTPS proxy server python Creating an HTTPS proxy server in Python FTP server not sending data to proxy in Python with sockets How to handle multithreading with sockets in Python? Python sockets - multiple clients to one server, bad connection or bad threading? I need the server to send messages to all clients (Python, sockets) How to make a TCP server handle multiple clients? Python: HTTPS using a proxy server with requests Reverse proxy with twisted python HTTPS server
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM