diff --git a/packages/mitmproxy/src/lib/proxy/common/config.js b/packages/mitmproxy/src/lib/proxy/common/config.js index 1ba20e2031..fd37b6e0ab 100644 --- a/packages/mitmproxy/src/lib/proxy/common/config.js +++ b/packages/mitmproxy/src/lib/proxy/common/config.js @@ -1,16 +1,13 @@ const path = require('path') const config = exports -config.caCertFileName = 'dev-sidecar.ca.crt' - -config.caKeyFileName = 'dev-sidecar.ca.key.pem' - config.defaultHost = '127.0.0.1' - config.defaultPort = 31181 +config.defaultMaxLength = 100 +config.caCertFileName = 'dev-sidecar.ca.crt' +config.caKeyFileName = 'dev-sidecar.ca.key.pem' config.caName = 'DevSidecar - This certificate is generated locally' - config.caBasePath = buildDefaultCABasePath() config.getDefaultCABasePath = function () { diff --git a/packages/mitmproxy/src/lib/proxy/mitmproxy/createConnectHandler.js b/packages/mitmproxy/src/lib/proxy/mitmproxy/createConnectHandler.js index 65eb8387a3..6c8faaae9e 100644 --- a/packages/mitmproxy/src/lib/proxy/mitmproxy/createConnectHandler.js +++ b/packages/mitmproxy/src/lib/proxy/mitmproxy/createConnectHandler.js @@ -39,6 +39,8 @@ module.exports = function createConnectHandler (sslConnectInterceptor, middlewar connect(req, cltSocket, head, localIP, serverObj.port) }, (e) => { log.error(`----- fakeServer getServerPromise error: ${hostname}:${port}, error:`, e) + }).catch((e) => { + log.error(`----- fakeServer getServerPromise error: ${hostname}:${port}, error:`, e) }) } else { log.info(`未匹配到任何 sslConnectInterceptors,不拦截请求,直接连接目标服务器: ${hostname}:${port}, headers:`, req.headers) diff --git a/packages/mitmproxy/src/lib/proxy/mitmproxy/createFakeServerCenter.js b/packages/mitmproxy/src/lib/proxy/mitmproxy/createFakeServerCenter.js index 977831c571..cf90b771e8 100644 --- a/packages/mitmproxy/src/lib/proxy/mitmproxy/createFakeServerCenter.js +++ b/packages/mitmproxy/src/lib/proxy/mitmproxy/createFakeServerCenter.js @@ -3,6 +3,7 @@ const forge = require('node-forge') const FakeServersCenter = require('../tls/FakeServersCenter') const log = require('../../../utils/util.log') module.exports = function createFakeServerCenter ({ + maxLength, caCertPath, caKeyPath, requestHandler, @@ -26,7 +27,7 @@ module.exports = function createFakeServerCenter ({ return new FakeServersCenter({ caCert, caKey, - maxLength: 100, + maxLength, requestHandler, upgradeHandler, getCertSocketTimeout diff --git a/packages/mitmproxy/src/lib/proxy/mitmproxy/index.js b/packages/mitmproxy/src/lib/proxy/mitmproxy/index.js index 5beee0826f..684a2d79f4 100644 --- a/packages/mitmproxy/src/lib/proxy/mitmproxy/index.js +++ b/packages/mitmproxy/src/lib/proxy/mitmproxy/index.js @@ -11,6 +11,7 @@ module.exports = { createProxy ({ host = config.defaultHost, port = config.defaultPort, + maxLength = config.defaultMaxLength, caCertPath, caKeyPath, sslConnectInterceptor, @@ -63,6 +64,7 @@ module.exports = { const upgradeHandler = createUpgradeHandler(setting) const fakeServersCenter = createFakeServerCenter({ + maxLength, caCertPath, caKeyPath, requestHandler, @@ -81,49 +83,51 @@ module.exports = { const server = new http.Server() server.listen(port, host, () => { log.info(`dev-sidecar启动端口: ${host}:${port}`) - server.on('error', (err) => { - log.error('server error:', err) - }) server.on('request', (req, res) => { const ssl = false - log.debug('【server request】req:', req) + log.debug('【server request】\r\n----- req -----\r\n', req, '\r\n----- res -----\r\n', res) requestHandler(req, res, ssl) }) // tunneling for https server.on('connect', (req, cltSocket, head) => { - log.debug('【server connect】req:', req, ', socket:', cltSocket, ', head:', head) + log.debug('【server connect】\r\n----- req -----\r\n', req, '\r\n----- cltSocket -----\r\n', cltSocket, '\r\n----- head -----\r\n', head) connectHandler(req, cltSocket, head) }) // TODO: handler WebSocket server.on('upgrade', function (req, cltSocket, head) { const ssl = false - log.debug('【server upgrade】req:', req) + log.debug('【server upgrade】\r\n----- req -----\r\n', req) upgradeHandler(req, cltSocket, head, ssl) }) + server.on('error', (err) => { + log.error('【server error】\r\n----- error -----\r\n', err) + }) server.on('clientError', (err, cltSocket) => { - log.error('【server clientError】error:', err, ', socket:', cltSocket) + log.error('【server clientError】\r\n----- error -----\r\n', err, '\r\n----- cltSocket -----\r\n', cltSocket) cltSocket.end('HTTP/1.1 400 Bad Request\r\n\r\n') }) // 其他事件:仅记录debug日志 - server.on('close', () => { - log.debug('【server close】') - }) - server.on('connection', (cltSocket) => { - log.debug('【server connection】socket:', cltSocket) - }) - server.on('listening', () => { - log.debug('【server listening】') - }) - server.on('checkContinue', (req, res) => { - log.debug('【server checkContinue】req:', req, ', res:', res) - }) - server.on('checkExpectation', (req, res) => { - log.debug('【server checkExpectation】req:', req, ', res:', res) - }) - server.on('dropRequest', (req, cltSocket) => { - log.debug('【server checkExpectation】req:', req, ', socket:', cltSocket) - }) + if (process.env.NODE_ENV === 'development') { + server.on('close', () => { + log.debug('【server close】no arguments...') + }) + server.on('connection', (cltSocket) => { + log.debug('【server connection】\r\n----- cltSocket -----\r\n', cltSocket) + }) + server.on('listening', () => { + log.debug('【server listening】no arguments...') + }) + server.on('checkContinue', (req, res) => { + log.debug('【server checkContinue】\r\n----- req -----\r\n', req, '\r\n----- res -----\r\n', res) + }) + server.on('checkExpectation', (req, res) => { + log.debug('【server checkExpectation】\r\n----- req -----\r\n', req, '\r\n----- res -----\r\n', res) + }) + server.on('dropRequest', (req, cltSocket) => { + log.debug('【server checkExpectation】\r\n----- req -----\r\n', req, '\r\n----- cltSocket -----\r\n', cltSocket) + }) + } if (callback) { callback(server) diff --git a/packages/mitmproxy/src/lib/proxy/tls/FakeServersCenter.js b/packages/mitmproxy/src/lib/proxy/tls/FakeServersCenter.js index cf3d954820..a066b2b6db 100644 --- a/packages/mitmproxy/src/lib/proxy/tls/FakeServersCenter.js +++ b/packages/mitmproxy/src/lib/proxy/tls/FakeServersCenter.js @@ -26,7 +26,7 @@ module.exports = class FakeServersCenter { log.info('超过最大服务数量,删除旧服务。delServerObj:', delServerObj) delServerObj.serverObj.server.close() } catch (e) { - log.info('`delServerObj.serverObj.server.close()` error:', e) + log.error('`delServerObj.serverObj.server.close()` error:', e) } } this.queue.push(serverPromiseObj) @@ -78,26 +78,71 @@ module.exports = class FakeServersCenter { port: 0 // if prot === 0 ,should listen server's `listening` event. } serverPromiseObj.serverObj = serverObj + fakeServer.listen(0, () => { const address = fakeServer.address() serverObj.port = address.port }) fakeServer.on('request', (req, res) => { const ssl = true + log.debug(`【fakeServer request - ${hostname}:${port}】\r\n----- req -----\r\n`, req, '\r\n----- res -----\r\n', res) this.requestHandler(req, res, ssl) }) - fakeServer.on('error', (e) => { - log.error('fakeServer error:', e) - }) fakeServer.on('listening', () => { - const mappingHostNames = tlsUtils.getMappingHostNamesFromCert(certObj.cert) - serverPromiseObj.mappingHostNames = mappingHostNames + log.debug(`【fakeServer listening - ${hostname}:${port}】no arguments...`) + serverPromiseObj.mappingHostNames = tlsUtils.getMappingHostNamesFromCert(certObj.cert) resolve(serverObj) }) fakeServer.on('upgrade', (req, socket, head) => { const ssl = true + log.debug(`【fakeServer upgrade - ${hostname}:${port}】\r\n----- req -----\r\n`, req, '\r\n----- socket -----\r\n', socket, '\r\n----- head -----\r\n', head) this.upgradeHandler(req, socket, head, ssl) }) + + // 三个 error 事件 + fakeServer.on('error', (e) => { + log.error(`【fakeServer error - ${hostname}:${port}】\r\n----- error -----\r\n`, e) + }) + fakeServer.on('clientError', (err, socket) => { + log.error(`【fakeServer clientError - ${hostname}:${port}】\r\n----- error -----\r\n`, err, '\r\n----- socket -----\r\n', socket) + }) + fakeServer.on('tlsClientError', (err, tlsSocket) => { + log.error(`【fakeServer tlsClientError - ${hostname}:${port}】\r\n----- error -----\r\n`, err, '\r\n----- tlsSocket -----\r\n', tlsSocket) + }) + + // 其他监听事件,只打印debug日志 + if (process.env.NODE_ENV === 'development') { + fakeServer.on('keylog', (line, tlsSocket) => { + log.debug(`【fakeServer keylog - ${hostname}:${port}】\r\n----- line -----\r\n`, line, '\r\n----- tlsSocket -----\r\n', tlsSocket) + }) + // fakeServer.on('newSession', (sessionId, sessionData, callback) => { + // log.debug('【fakeServer newSession - ${hostname}:${port}】\r\n----- sessionId -----\r\n', sessionId, '\r\n----- sessionData -----\r\n', sessionData, '\r\n----- callback -----\r\n', callback) + // }) + // fakeServer.on('OCSPRequest', (certificate, issuer, callback) => { + // log.debug('【fakeServer OCSPRequest - ${hostname}:${port}】\r\n----- certificate -----\r\n', certificate, '\r\n----- issuer -----\r\n', issuer, '\r\n----- callback -----\r\n', callback) + // }) + // fakeServer.on('resumeSession', (sessionId, callback) => { + // log.debug('【fakeServer resumeSession - ${hostname}:${port}】\r\n----- sessionId -----\r\n', sessionId, '\r\n----- callback -----\r\n', callback) + // }) + fakeServer.on('secureConnection', (tlsSocket) => { + log.debug(`【fakeServer secureConnection - ${hostname}:${port}】\r\n----- tlsSocket -----\r\n`, tlsSocket) + }) + fakeServer.on('close', () => { + log.debug(`【fakeServer close - ${hostname}:${port}】no arguments...`) + }) + fakeServer.on('connection', (socket) => { + log.debug(`【fakeServer connection - ${hostname}:${port}】\r\n----- socket -----\r\n`, socket) + }) + fakeServer.on('checkContinue', (req, res) => { + log.debug(`【fakeServer checkContinue - ${hostname}:${port}】\r\n----- req -----\r\n`, req, '\r\n----- res -----\r\n', res) + }) + fakeServer.on('checkExpectation', (req, res) => { + log.debug(`【fakeServer checkExpectation - ${hostname}:${port}】\r\n----- req -----\r\n`, req, '\r\n----- res -----\r\n', res) + }) + fakeServer.on('connect', (req, socket, head) => { + log.debug(`【fakeServer resumeSession - ${hostname}:${port}】\r\n----- req -----\r\n`, req, '\r\n----- socket -----\r\n', socket, '\r\n----- head -----\r\n', head) + }) + } })() }) diff --git a/packages/mitmproxy/src/lib/proxy/tls/tlsUtils.js b/packages/mitmproxy/src/lib/proxy/tls/tlsUtils.js index 5b029e0f2c..f0476d2b4a 100644 --- a/packages/mitmproxy/src/lib/proxy/tls/tlsUtils.js +++ b/packages/mitmproxy/src/lib/proxy/tls/tlsUtils.js @@ -226,6 +226,10 @@ utils.isBrowserRequest = function (userAgent) { // /^[^.]+\.a\.com$/.test('c.a.com') // utils.isMappingHostName = function (DNSName, hostname) { + if (DNSName === hostname) { + return true + } + let reg = DNSName.replace(/\./g, '\\.').replace(/\*/g, '[^.]+') reg = '^' + reg + '$' return (new RegExp(reg)).test(hostname)