From 5177a89bd10f8224b3a72001f0d02b1d727dd3e6 Mon Sep 17 00:00:00 2001 From: "jj-author@users.noreply.github.com" Date: Mon, 21 Oct 2024 02:52:39 +0200 Subject: [PATCH] improved proxypy startup logic and flags --- ontologytimemachine/custom_proxy.py | 16 +++++++++------- ontologytimemachine/utils/config.py | 1 + ontologytimemachine/utils/proxy_logic.py | 1 + 3 files changed, 11 insertions(+), 7 deletions(-) diff --git a/ontologytimemachine/custom_proxy.py b/ontologytimemachine/custom_proxy.py index d37f3dd..23a22b9 100644 --- a/ontologytimemachine/custom_proxy.py +++ b/ontologytimemachine/custom_proxy.py @@ -179,7 +179,7 @@ def queue_response(self, response): sys.argv = [sys.argv[0]] # check it https interception is enabled - if config.httpsInterception != HttpsInterception.NONE: + if config.httpsInterception != (HttpsInterception.NONE or HttpsInterception.BLOCK): sys.argv += [ "--ca-key-file", "ca-key.pem", @@ -190,12 +190,14 @@ def queue_response(self, response): ] sys.argv += [ - "--hostname", - IP, - "--port", - PORT, - "--plugins", - __name__ + ".OntologyTimeMachinePlugin", + "--hostname", IP, + "--port", PORT, + '--insecure-tls-interception', # without it the proxy would not let through a response using an invalid upstream certificate in interception mode + # since there currently is a bug in proxypy when a connect request uses an IP address instead of a domain name + # the proxy would not be able to work corectly in transparent mode using 3proxy setup since it tries to match + # the IP address as hostname with the certificate instead of the domain name in the SNI field + "--log-level", config.logLevel.name, + "--plugins", __name__ + ".OntologyTimeMachinePlugin", ] logger.info("Starting OntologyTimeMachineProxy server...") diff --git a/ontologytimemachine/utils/config.py b/ontologytimemachine/utils/config.py index 8e3f9e9..174494a 100644 --- a/ontologytimemachine/utils/config.py +++ b/ontologytimemachine/utils/config.py @@ -16,6 +16,7 @@ class LogLevel(EnumValuePrint): INFO = "info" WARNING = "warning" ERROR = "error" + CRITICAL = "critical" class OntoFormat(EnumValuePrint): diff --git a/ontologytimemachine/utils/proxy_logic.py b/ontologytimemachine/utils/proxy_logic.py index 62bebd5..6a135d7 100644 --- a/ontologytimemachine/utils/proxy_logic.py +++ b/ontologytimemachine/utils/proxy_logic.py @@ -162,6 +162,7 @@ def request_ontology(url, headers, disableRemovingRedirects=False, timeout=5): def proxy_logic(wrapped_request, config): logger.info("Proxy has to intervene") + response = mock_response_500 #default if we somehow forget to set the response set_onto_format_headers(wrapped_request, config) headers = wrapped_request.get_request_headers()