3

I’m in quite a predicament and you are my last hope. I started doing a project making a MITM proxy with ssl. My program uses the HTTP CONNECT method. To keep this concise my program follows the following diagram…

      Client          Proxy             Server
           +              +             +
  CONNECT  |              |             |
           +------------> |             |
           |              |             |
           |    200 Established         |
           |  <-----------+             |
           |              |             |
           | <----------> |             |
           |  Handshake   |             |
           |              | <---------> |
           |              |  Handshake  |
           |              |             |
           |              |             |
           | <----------> | <---------> |
           | Data Exchange| Data Exchange
           |              |             |

My proxy shares a certificate with the client however my client seems to be unable to connect and my proxy hangs on do_handshake() when I call wrap_socket() on the accepted socket. Here’s the section of python where a client connects to the proxy…

import ssl, socket
from _thread import *
port = 8000
def run():
    sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
    sock.bind(('localhost', port))
    sock.listen(10)
    while True:
        connection, addr = sock.accept()
        data = connection.recv(8192)
        connection.send(b"HTTP/1.0 200 OK")
        connection = ssl.wrap_socket(connection, keyfile='private.pem', certfile='cacert.pem', server_side=True)
        start_new_thread(connection_string, (connection, data, addr))  # start thread to handle CONNECT

I simulate a client with Openssl 

openssl s_client -proxy 127.0.0.1:8000 -connect www.google.com:443 -state -verify 1 -CAfile cacert.pem -verify_return_error

When the client connects to the proxy they both hang. If I kill the client I receive

Traceback (most recent call last):
  File "/mitm/mitm_proxy.py", line 100, in <module>
    run()
  File “/mitm/mitm_proxy.py", line 92, in run
    connection = ssl.wrap_socket(connection, keyfile='private.pem', certfile='cacert.pem', server_side=True)
  File "/usr/lib/python3.5/ssl.py", line 1069, in wrap_socket
    ciphers=ciphers)
  File "/usr/lib/python3.5/ssl.py", line 752, in __init__
    self.do_handshake()
  File "/usr/lib/python3.5/ssl.py", line 988, in do_handshake
    self._sslobj.do_handshake()
  File "/usr/lib/python3.5/ssl.py", line 633, in do_handshake
    self._sslobj.do_handshake()
ssl.SSLEOFError: EOF occurred in violation of protocol (_ssl.c:645)

if I kill my proxy my client says 

CONNECTED(00000003)
s_client: HTTP CONNECT failed
---
no peer certificate available
---
No client certificate CA names sent
---
SSL handshake has read 140709212149056 bytes and written 39 bytes
Verification: OK
---
New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
---

I’ve compared my code with others that work and they are essentially the same which is why I’m here. I can’t figure out whats going wrong.

jww
  • 97,681
  • 90
  • 411
  • 885
Peter Krasinski
  • 182
  • 1
  • 10

1 Answers1

1

I'm not sure if this the main cause of your problem but this one is definitely wrong:

    connection.send(b"HTTP/1.0 200 OK")

The correct response of the server should be the status line ending with \r\n, optional key:value\r\n pairs and then the \r\n to mark the end of the HTTP header, i.e. minimally:

    connection.send(b"HTTP/1.0 200 OK\r\n\r\n")

Since the client is not receiving the missing \r\n\r\n it will probably wait for it and not start the TLS handshake (i.e. send ClientHello). The server instead will wait for the client to start the handshake and this way both will wait for each other forever.

Apart from you not following the standard openssl s_client -proxy ... seems to not follow the standard too. It actually needs the response to contain the word "established" as the following excerpt from the lazy HTTP parsing code in apps/s_client.c in OpenSSL 1.1.0c suggests:

case PROTO_CONNECT:
        ...
        BIO_printf(fbio, "CONNECT %s HTTP/1.0\r\n\r\n", connectstr);
        (void)BIO_flush(fbio);
        /* wait for multi-line response to end CONNECT response */
        do {
            mbuf_len = BIO_gets(fbio, mbuf, BUFSIZZ);
            if (strstr(mbuf, "200") != NULL
                && strstr(mbuf, "established") != NULL)
                foundit++;
        } while (mbuf_len > 3 && foundit == 0);

So try with the following line:

    connection.send(b"HTTP/1.0 200 established\r\n\r\n")
Steffen Ullrich
  • 114,247
  • 10
  • 131
  • 172
  • This now causes the client to produce the same output above as soon as it tries to connect. The proxy also produces the same EOF error as above indicating the client is exiting after receiving `HTTP/1.0 200 OK\r\n\r\n` – Peter Krasinski Nov 28 '16 at 22:44
  • @PeterKrasinski: there seems to be a bug with s_client too. See my edited answer. – Steffen Ullrich Nov 29 '16 at 05:09