我该如何回应"CONNECT"消息?代理服务器中使用python中的套接字的方法请求? [英] How do I respond to a "CONNECT" method request in a proxy server using socket in python?

查看:101
本文介绍了我该如何回应"CONNECT"消息?代理服务器中使用python中的套接字的方法请求?的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

我目前正在使用httplib编程代理服务器, 当我尝试连接到HTTPS网站(例如facebook和google)时,我的客户向我发送了如下所示的"CONNECT"请求:

I am currently programming a proxy server using httplib, and when I try to connect to HTTPS websites (such as facebook and google) my client sends me "CONNECT" requests that look like this:

CONNECT www.google.co.il:443 HTTP/1.1\r\n
User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; rv:35.0) Gecko/20100101 Firefox/35.0\r\n
Proxy-Connection: keep-alive\r\n
Connection: keep-alive\r\n
Host: www.google.co.il:443\r\n
\r\n

我从互联网上获取了一个有效的代理,并将其放上,然后在Wireshark上嗅探了网络,对此请求的响应应如下所示:

I took a working proxy from the internet and put it on, then sniffed the network on wireshark, and the response to this request should look this way:

HTTP/1.1 200 Connection established\n
Proxy-agent: Python Proxy/0.1.0 Draft 1\n
\n

我注意到客户端将请求发送到代理本身,所以我决定使用套接字,并以这种方式将响应发送到客户端:

I noticed that the client sends the request to the proxy itself, so I decided to use socket, and send the response to the client in this way:

if getmethod(clientreq) is "CONNECT":
    text="HTTP/1.1 200 Connection established\nProxy-Agent: THE BB Proxy\n\n"
    client.send(text)

我真的希望处理那些"CONNECT"请求将是解决方案,并且我的服务器最终将处理HTTPS请求,但是不会,并且我发送给客户端的响应数据包甚至不会出现在Wireshk.

I really hoped that handling those "CONNECT" requests would be the solution and that my server will finally take care of HTTPS requests but it doesn't, and the response packets that I send to the client don't even appear on wireshark.

所以我的问题是: 1."CONNECT"方法的真正作用是什么? 2.除了处理"CONNECT"方法请求以便与HTTPS服务器通信外,我还需要什么?

So my questions are: 1. What does the "CONNECT" method really do? 2. What else do I need except handling "CONNECT" method requests in order to communicate with a HTTPS servers?

推荐答案

我经过了很长一段时间才回复,因为我最近使用了这个概念.它可能会帮助别人.

I am replying after this long time because I recently worked with this concept. It may help others.

要使用CONNECT http方法代理,需要使用服务器的https端口(例如443)创建套接字连接.建立连接后,您可以发送"HTTP/1.1 200连接建立"作为响应.

To work with CONNECT http method proxy need to create socket connection with the server's https port (ex. 443). Once connection is established you can send "HTTP/1.1 200 Connection established" as response.

此客户端和服务器之间通过代理相互通信之后.代理只能将数据从客户端套接字传输到服务器套接字,反之亦然.客户端和服务器将交换证书信息以进行握手,握手完成后,它们将开始以加密格式共享数据,因此代理将无法理解任何内容.

After this client and server with communicate with each other through proxy. Proxy has to just transfer data from client socket to server socket and vice versa. Client and server will exchange certificate information for handshaking, once handshaking is done they will start sharing data in encrypted format so proxy will not be able to understand anything.

愿以下代码对您有所帮助.

May the following code helps you.

def _read_write(self):
    socs = [self.client, self.target]
    count = 0
    while 1:
        count += 1
        (recv, _, error) = select.select(socs, [], socs, 3)
        if error:
            break
        if recv:
            for in_ in recv:
                data = in_.recv(BUFLEN)
                if in_ is self.client:
                    out = self.target
                else:
                    out = self.client
                if data:
                    out.send(data)
                    print(data)
                    count = 0
        if count == time_out_max:
            break

希望此答案对有需要的人有所帮助. 因为我必须经历很多事情才能找到这个答案.

Hope this answer helps anyone in need. As I had to go through a lot of things to find this answer.

这篇关于我该如何回应"CONNECT"消息?代理服务器中使用python中的套接字的方法请求?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!

查看全文
登录 关闭
扫码关注1秒登录
发送“验证码”获取 | 15天全站免登陆