diff --git a/pom.xml b/pom.xml index a8f4df3df..b25a7d883 100644 --- a/pom.xml +++ b/pom.xml @@ -73,7 +73,7 @@ jfog jfrog - https://dl.bintray.com/vg/vgs-misc + https://dl.bintray.com/vg/vgs-oss true @@ -201,7 +201,7 @@ com.google.guava guava - 20.0 + 23.0 @@ -570,7 +570,7 @@ io.vgs.tools aws-maven - 1.4.2 + 1.4.3 diff --git a/src/main/java/org/littleshoot/proxy/impl/ProxyToServerConnection.java b/src/main/java/org/littleshoot/proxy/impl/ProxyToServerConnection.java index c4a7ba1c3..c0ea3390b 100644 --- a/src/main/java/org/littleshoot/proxy/impl/ProxyToServerConnection.java +++ b/src/main/java/org/littleshoot/proxy/impl/ProxyToServerConnection.java @@ -44,6 +44,7 @@ import org.littleshoot.proxy.TransportProtocol; import org.littleshoot.proxy.UnknownTransportProtocolException; +import javax.net.ssl.SSLEngine; import javax.net.ssl.SSLProtocolException; import javax.net.ssl.SSLSession; import java.io.IOException; @@ -141,7 +142,7 @@ public class ProxyToServerConnection extends ProxyConnection { private static final int MINIMUM_RECV_BUFFER_SIZE_BYTES = 64; public static final AttributeKey REMOTE_ADDRESS_ATTR_KEY = AttributeKey.valueOf("remoteAddressAttrKey"); - + /** * Create a new ProxyToServerConnection. * @@ -557,8 +558,11 @@ private void initializeConnectionFlow() { .then(ConnectChannel); if (chainedProxy != null && chainedProxy.requiresEncryption()) { - connectionFlow.then(serverConnection.EncryptChannel(chainedProxy - .newSslEngine())); + InetSocketAddress proxyAddress = chainedProxy.getChainedProxyAddress(); + + SSLEngine engine = proxyAddress == null || proxyAddress.isUnresolved() ? chainedProxy.newSslEngine() : + chainedProxy.newSslEngine(proxyAddress.getHostName(), proxyAddress.getPort()); + connectionFlow.then(serverConnection.EncryptChannel(engine)); } if (ProxyUtils.isCONNECT(initialRequest)) { @@ -566,7 +570,7 @@ private void initializeConnectionFlow() { if (hasUpstreamChainedProxy()) { connectionFlow.then( serverConnection.HTTPCONNECTWithChainedProxy); - } + } MitmManager mitmManager = proxyServer.getMitmManager(clientConnection.channel); boolean isMitmEnabled = mitmManager != null; @@ -584,7 +588,7 @@ private void initializeConnectionFlow() { .serverSslEngine())); } else { connectionFlow.then(serverConnection.EncryptChannel(proxyServer.getMitmManager(clientConnection.channel) - .serverSslEngine(parsedHostAndPort.getHostText(), parsedHostAndPort.getPort()))); + .serverSslEngine(parsedHostAndPort.getHost(), parsedHostAndPort.getPort()))); } connectionFlow @@ -978,7 +982,7 @@ public static InetSocketAddress addressFor(String hostAndPort, DefaultHttpProxyS throw new UnknownHostException(hostAndPort); } - String host = parsedHostAndPort.getHostText(); + String host = parsedHostAndPort.getHost(); int port = parsedHostAndPort.getPortOrDefault(80); return proxyServer.getServerResolver().resolve(host, port); diff --git a/src/test/java/org/littleshoot/proxy/BadClientAuthenticationTCPChainedProxyTest.java b/src/test/java/org/littleshoot/proxy/BadClientAuthenticationTCPChainedProxyTest.java index 1ef321f95..e19aaa55b 100644 --- a/src/test/java/org/littleshoot/proxy/BadClientAuthenticationTCPChainedProxyTest.java +++ b/src/test/java/org/littleshoot/proxy/BadClientAuthenticationTCPChainedProxyTest.java @@ -47,6 +47,11 @@ public boolean requiresEncryption() { public SSLEngine newSslEngine() { return clientSslEngineSource.newSslEngine(); } + + @Override + public SSLEngine newSslEngine(String peerHost, int peerPort) { + return clientSslEngineSource.newSslEngine(peerHost, peerPort); + } }; } } diff --git a/src/test/java/org/littleshoot/proxy/BadServerAuthenticationTCPChainedProxyTest.java b/src/test/java/org/littleshoot/proxy/BadServerAuthenticationTCPChainedProxyTest.java index e75c87d12..12a6a324e 100644 --- a/src/test/java/org/littleshoot/proxy/BadServerAuthenticationTCPChainedProxyTest.java +++ b/src/test/java/org/littleshoot/proxy/BadServerAuthenticationTCPChainedProxyTest.java @@ -47,6 +47,11 @@ public boolean requiresEncryption() { public SSLEngine newSslEngine() { return clientSslEngineSource.newSslEngine(); } + + @Override + public SSLEngine newSslEngine(String peerHost, int peerPort) { + return clientSslEngineSource.newSslEngine(peerHost, peerPort); + } }; } } diff --git a/src/test/java/org/littleshoot/proxy/ChainedProxyWithFallbackToOtherChainedProxyDueToSSLTest.java b/src/test/java/org/littleshoot/proxy/ChainedProxyWithFallbackToOtherChainedProxyDueToSSLTest.java index c16ffa9d1..48665d968 100644 --- a/src/test/java/org/littleshoot/proxy/ChainedProxyWithFallbackToOtherChainedProxyDueToSSLTest.java +++ b/src/test/java/org/littleshoot/proxy/ChainedProxyWithFallbackToOtherChainedProxyDueToSSLTest.java @@ -41,6 +41,11 @@ public boolean requiresEncryption() { public SSLEngine newSslEngine() { return serverSslEngineSource.newSslEngine(); } + + @Override + public SSLEngine newSslEngine(String peerHost, int peerPort) { + return serverSslEngineSource.newSslEngine(peerHost, peerPort); + } }); } }; diff --git a/src/test/java/org/littleshoot/proxy/ClientAuthenticationNotRequiredTCPChainedProxyTest.java b/src/test/java/org/littleshoot/proxy/ClientAuthenticationNotRequiredTCPChainedProxyTest.java index 7a881311b..a05a540a1 100644 --- a/src/test/java/org/littleshoot/proxy/ClientAuthenticationNotRequiredTCPChainedProxyTest.java +++ b/src/test/java/org/littleshoot/proxy/ClientAuthenticationNotRequiredTCPChainedProxyTest.java @@ -43,6 +43,11 @@ public boolean requiresEncryption() { public SSLEngine newSslEngine() { return clientSslEngineSource.newSslEngine(); } + + @Override + public SSLEngine newSslEngine(String peerHost, int peerPort) { + return clientSslEngineSource.newSslEngine(peerHost, peerPort); + } }; } } diff --git a/src/test/java/org/littleshoot/proxy/EncryptedTCPChainedProxyTest.java b/src/test/java/org/littleshoot/proxy/EncryptedTCPChainedProxyTest.java index 32261035b..ea5aad723 100644 --- a/src/test/java/org/littleshoot/proxy/EncryptedTCPChainedProxyTest.java +++ b/src/test/java/org/littleshoot/proxy/EncryptedTCPChainedProxyTest.java @@ -34,6 +34,11 @@ public boolean requiresEncryption() { public SSLEngine newSslEngine() { return sslEngineSource.newSslEngine(); } + + @Override + public SSLEngine newSslEngine(String peerHost, int peerPort) { + return sslEngineSource.newSslEngine(peerHost, peerPort); + } }; } } diff --git a/src/test/java/org/littleshoot/proxy/EncryptedUDTChainedProxyTest.java b/src/test/java/org/littleshoot/proxy/EncryptedUDTChainedProxyTest.java index b5728caca..086da00b2 100644 --- a/src/test/java/org/littleshoot/proxy/EncryptedUDTChainedProxyTest.java +++ b/src/test/java/org/littleshoot/proxy/EncryptedUDTChainedProxyTest.java @@ -34,6 +34,11 @@ public boolean requiresEncryption() { public SSLEngine newSslEngine() { return sslEngineSource.newSslEngine(); } + + @Override + public SSLEngine newSslEngine(String peerHost, int peerPort) { + return sslEngineSource.newSslEngine(peerHost, peerPort); + } }; } } diff --git a/src/test/java/org/littleshoot/proxy/HttpFilterTest.java b/src/test/java/org/littleshoot/proxy/HttpFilterTest.java index 56e3a229e..ca786aa3c 100644 --- a/src/test/java/org/littleshoot/proxy/HttpFilterTest.java +++ b/src/test/java/org/littleshoot/proxy/HttpFilterTest.java @@ -633,6 +633,11 @@ public SSLEngine newSslEngine() { // use the same "bad" keystore as BadServerAuthenticationTCPChainedProxyTest return new SelfSignedSslEngineSource("chain_proxy_keystore_2.jks").newSslEngine(); } + + @Override + public SSLEngine newSslEngine(String peerHost, int peerPort) { + return new SelfSignedSslEngineSource("chain_proxy_keystore_2.jks").newSslEngine(peerHost, peerPort); + } }); } }) diff --git a/src/test/java/org/littleshoot/proxy/MitmWithBadClientAuthenticationTCPChainedProxyTest.java b/src/test/java/org/littleshoot/proxy/MitmWithBadClientAuthenticationTCPChainedProxyTest.java index e3b724c60..8789ce553 100644 --- a/src/test/java/org/littleshoot/proxy/MitmWithBadClientAuthenticationTCPChainedProxyTest.java +++ b/src/test/java/org/littleshoot/proxy/MitmWithBadClientAuthenticationTCPChainedProxyTest.java @@ -48,6 +48,11 @@ public boolean requiresEncryption() { public SSLEngine newSslEngine() { return clientSslEngineSource.newSslEngine(); } + + @Override + public SSLEngine newSslEngine(String peerHost, int peerPort) { + return clientSslEngineSource.newSslEngine(peerHost, peerPort); + } }; } } diff --git a/src/test/java/org/littleshoot/proxy/MitmWithBadServerAuthenticationTCPChainedProxyTest.java b/src/test/java/org/littleshoot/proxy/MitmWithBadServerAuthenticationTCPChainedProxyTest.java index bc192db8a..342af1a6f 100644 --- a/src/test/java/org/littleshoot/proxy/MitmWithBadServerAuthenticationTCPChainedProxyTest.java +++ b/src/test/java/org/littleshoot/proxy/MitmWithBadServerAuthenticationTCPChainedProxyTest.java @@ -48,6 +48,11 @@ public boolean requiresEncryption() { public SSLEngine newSslEngine() { return clientSslEngineSource.newSslEngine(); } + + @Override + public SSLEngine newSslEngine(String peerHost, int peerPort) { + return clientSslEngineSource.newSslEngine(peerHost, peerPort); + } }; } } diff --git a/src/test/java/org/littleshoot/proxy/MitmWithClientAuthenticationNotRequiredTCPChainedProxyTest.java b/src/test/java/org/littleshoot/proxy/MitmWithClientAuthenticationNotRequiredTCPChainedProxyTest.java index f748dddb7..3a17b25fa 100644 --- a/src/test/java/org/littleshoot/proxy/MitmWithClientAuthenticationNotRequiredTCPChainedProxyTest.java +++ b/src/test/java/org/littleshoot/proxy/MitmWithClientAuthenticationNotRequiredTCPChainedProxyTest.java @@ -43,6 +43,11 @@ public boolean requiresEncryption() { public SSLEngine newSslEngine() { return clientSslEngineSource.newSslEngine(); } + + @Override + public SSLEngine newSslEngine(String peerHost, int peerPort) { + return clientSslEngineSource.newSslEngine(peerHost, peerPort); + } }; } } diff --git a/src/test/java/org/littleshoot/proxy/MitmWithEncryptedTCPChainedProxyTest.java b/src/test/java/org/littleshoot/proxy/MitmWithEncryptedTCPChainedProxyTest.java index 418e7e8d6..0625e9af6 100644 --- a/src/test/java/org/littleshoot/proxy/MitmWithEncryptedTCPChainedProxyTest.java +++ b/src/test/java/org/littleshoot/proxy/MitmWithEncryptedTCPChainedProxyTest.java @@ -34,6 +34,11 @@ public boolean requiresEncryption() { public SSLEngine newSslEngine() { return sslEngineSource.newSslEngine(); } + + @Override + public SSLEngine newSslEngine(String peerHost, int peerPort) { + return sslEngineSource.newSslEngine(peerHost, peerPort); + } }; } } diff --git a/src/test/java/org/littleshoot/proxy/MitmWithEncryptedUDTChainedProxyTest.java b/src/test/java/org/littleshoot/proxy/MitmWithEncryptedUDTChainedProxyTest.java index 0630149d6..4955a784e 100644 --- a/src/test/java/org/littleshoot/proxy/MitmWithEncryptedUDTChainedProxyTest.java +++ b/src/test/java/org/littleshoot/proxy/MitmWithEncryptedUDTChainedProxyTest.java @@ -34,6 +34,11 @@ public boolean requiresEncryption() { public SSLEngine newSslEngine() { return sslEngineSource.newSslEngine(); } + + @Override + public SSLEngine newSslEngine(String peerHost, int peerPort) { + return sslEngineSource.newSslEngine(peerHost, peerPort); + } }; } }