search

chhsiao90 / nitmproxy

Proxy server based on netty
MIT License
153 stars 68 forks source link

WebSockets not functional if response intercepted #120

Open abbasvalliani opened 3 years ago

abbasvalliani commented 3 years ago

Need to explore this more but looks like WebSockets are not functioning if HTTP2 responses are being intercepted. Will provide more details shortly.

abbasvalliani commented 3 years ago

@chhsiao90 This is big one. WebSockets are no longer functional with the release.

abbasvalliani commented 3 years ago 
14:31:02.790 [nioEventLoopGroup-3-2] DEBUG c.g.c.nitmproxy.NitmProxyInitializer - [Client (kubernetes.docker.internal:61622)] <=> [PROXY] : connection init
14:31:02.798 [nioEventLoopGroup-3-2] DEBUG c.g.c.n.h.p.h.Http1FrontendHandler - [Client (kubernetes.docker.internal:61622)] <=> [PROXY] : handlerAdded
14:31:02.941 [nioEventLoopGroup-3-2] DEBUG c.g.c.n.h.p.tls.TlsBackendHandler - [Client (kubernetes.docker.internal:61622)] <=> [Server (live.chess.com:443)] : handlerAdded
14:31:02.977 [nioEventLoopGroup-3-2] DEBUG c.g.c.n.h.p.h.Http1FrontendHandler - [Client (kubernetes.docker.internal:61622)] <=> [Server (live.chess.com:443)] : DefaultFullHttpResponse(length=0)
14:31:03.004 [nioEventLoopGroup-3-2] DEBUG c.g.c.n.h.p.tls.TlsFrontendHandler - [Client (kubernetes.docker.internal:61622)] <=> [Server (live.chess.com:443)] : handlerAdded
14:31:03.010 [nioEventLoopGroup-3-2] DEBUG c.g.c.n.h.p.tls.TlsFrontendHandler - [Client (kubernetes.docker.internal:61622)] <=> [Server (live.chess.com:443)] : handlerRemoved
14:31:03.011 [nioEventLoopGroup-3-2] DEBUG c.g.c.n.h.p.h.Http1FrontendHandler - [Client (kubernetes.docker.internal:61622)] <=> [Server (live.chess.com:443)] : handlerRemoved
14:31:03.019 [nioEventLoopGroup-3-2] DEBUG c.g.c.n.h.p.tls.TlsFrontendHandler - SSL detection with true
14:31:03.023 [nioEventLoopGroup-3-2] DEBUG c.g.c.n.h.p.tls.TlsFrontendHandler - Client SNI lookup with live.chess.com
14:31:03.030 [nioEventLoopGroup-3-2] DEBUG c.g.c.n.h.p.tls.TlsFrontendHandler - Client ALPN lookup with null
14:31:03.130 [nioEventLoopGroup-3-2] DEBUG i.n.u.internal.NativeLibraryLoader - -Dio.netty.native.workdir: C:\Users\valli\AppData\Local\Temp (io.netty.tmpdir)
14:31:03.131 [nioEventLoopGroup-3-2] DEBUG i.n.u.internal.NativeLibraryLoader - -Dio.netty.native.deleteLibAfterLoading: true
14:31:03.131 [nioEventLoopGroup-3-2] DEBUG i.n.u.internal.NativeLibraryLoader - -Dio.netty.native.tryPatchShadedId: true
14:31:03.257 [nioEventLoopGroup-3-2] DEBUG i.n.u.internal.NativeLibraryLoader - Successfully loaded the library C:\Users\valli\AppData\Local\Temp\netty_tcnative_windows_x86_642322335641692384828.dll
14:31:03.259 [nioEventLoopGroup-3-2] DEBUG io.netty.handler.ssl.OpenSsl - Initialize netty-tcnative using engine: 'default'
14:31:03.259 [nioEventLoopGroup-3-2] DEBUG io.netty.handler.ssl.OpenSsl - netty-tcnative using native library: BoringSSL
14:31:03.382 [nioEventLoopGroup-3-2] DEBUG i.n.util.ResourceLeakDetectorFactory - Loaded default ResourceLeakDetector: io.netty.util.ResourceLeakDetector@7c7efc
14:31:03.396 [nioEventLoopGroup-3-2] DEBUG i.n.handler.ssl.CipherSuiteConverter - Cipher suite mapping: TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 => ECDHE-ECDSA-AES128-GCM-SHA256
14:31:03.396 [nioEventLoopGroup-3-2] DEBUG i.n.handler.ssl.CipherSuiteConverter - Cipher suite mapping: SSL_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 => ECDHE-ECDSA-AES128-GCM-SHA256
14:31:03.396 [nioEventLoopGroup-3-2] DEBUG i.n.handler.ssl.CipherSuiteConverter - Cipher suite mapping: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 => ECDHE-RSA-AES128-GCM-SHA256
14:31:03.396 [nioEventLoopGroup-3-2] DEBUG i.n.handler.ssl.CipherSuiteConverter - Cipher suite mapping: SSL_ECDHE_RSA_WITH_AES_128_GCM_SHA256 => ECDHE-RSA-AES128-GCM-SHA256
14:31:03.396 [nioEventLoopGroup-3-2] DEBUG i.n.handler.ssl.CipherSuiteConverter - Cipher suite mapping: TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 => ECDHE-ECDSA-AES256-GCM-SHA384
14:31:03.396 [nioEventLoopGroup-3-2] DEBUG i.n.handler.ssl.CipherSuiteConverter - Cipher suite mapping: SSL_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 => ECDHE-ECDSA-AES256-GCM-SHA384
14:31:03.396 [nioEventLoopGroup-3-2] DEBUG i.n.handler.ssl.CipherSuiteConverter - Cipher suite mapping: TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 => ECDHE-RSA-AES256-GCM-SHA384
14:31:03.396 [nioEventLoopGroup-3-2] DEBUG i.n.handler.ssl.CipherSuiteConverter - Cipher suite mapping: SSL_ECDHE_RSA_WITH_AES_256_GCM_SHA384 => ECDHE-RSA-AES256-GCM-SHA384
14:31:03.396 [nioEventLoopGroup-3-2] DEBUG i.n.handler.ssl.CipherSuiteConverter - Cipher suite mapping: TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 => ECDHE-ECDSA-CHACHA20-POLY1305
14:31:03.396 [nioEventLoopGroup-3-2] DEBUG i.n.handler.ssl.CipherSuiteConverter - Cipher suite mapping: SSL_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 => ECDHE-ECDSA-CHACHA20-POLY1305
14:31:03.396 [nioEventLoopGroup-3-2] DEBUG i.n.handler.ssl.CipherSuiteConverter - Cipher suite mapping: TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 => ECDHE-RSA-CHACHA20-POLY1305
14:31:03.396 [nioEventLoopGroup-3-2] DEBUG i.n.handler.ssl.CipherSuiteConverter - Cipher suite mapping: SSL_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 => ECDHE-RSA-CHACHA20-POLY1305
14:31:03.396 [nioEventLoopGroup-3-2] DEBUG i.n.handler.ssl.CipherSuiteConverter - Cipher suite mapping: TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256 => ECDHE-PSK-CHACHA20-POLY1305
14:31:03.396 [nioEventLoopGroup-3-2] DEBUG i.n.handler.ssl.CipherSuiteConverter - Cipher suite mapping: SSL_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256 => ECDHE-PSK-CHACHA20-POLY1305
14:31:03.396 [nioEventLoopGroup-3-2] DEBUG i.n.handler.ssl.CipherSuiteConverter - Cipher suite mapping: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA => ECDHE-ECDSA-AES128-SHA
14:31:03.396 [nioEventLoopGroup-3-2] DEBUG i.n.handler.ssl.CipherSuiteConverter - Cipher suite mapping: SSL_ECDHE_ECDSA_WITH_AES_128_CBC_SHA => ECDHE-ECDSA-AES128-SHA
14:31:03.396 [nioEventLoopGroup-3-2] DEBUG i.n.handler.ssl.CipherSuiteConverter - Cipher suite mapping: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA => ECDHE-RSA-AES128-SHA
14:31:03.396 [nioEventLoopGroup-3-2] DEBUG i.n.handler.ssl.CipherSuiteConverter - Cipher suite mapping: SSL_ECDHE_RSA_WITH_AES_128_CBC_SHA => ECDHE-RSA-AES128-SHA
14:31:03.397 [nioEventLoopGroup-3-2] DEBUG i.n.handler.ssl.CipherSuiteConverter - Cipher suite mapping: TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA => ECDHE-PSK-AES128-CBC-SHA
14:31:03.397 [nioEventLoopGroup-3-2] DEBUG i.n.handler.ssl.CipherSuiteConverter - Cipher suite mapping: SSL_ECDHE_PSK_WITH_AES_128_CBC_SHA => ECDHE-PSK-AES128-CBC-SHA
14:31:03.397 [nioEventLoopGroup-3-2] DEBUG i.n.handler.ssl.CipherSuiteConverter - Cipher suite mapping: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA => ECDHE-ECDSA-AES256-SHA
14:31:03.397 [nioEventLoopGroup-3-2] DEBUG i.n.handler.ssl.CipherSuiteConverter - Cipher suite mapping: SSL_ECDHE_ECDSA_WITH_AES_256_CBC_SHA => ECDHE-ECDSA-AES256-SHA
14:31:03.397 [nioEventLoopGroup-3-2] DEBUG i.n.handler.ssl.CipherSuiteConverter - Cipher suite mapping: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA => ECDHE-RSA-AES256-SHA
14:31:03.397 [nioEventLoopGroup-3-2] DEBUG i.n.handler.ssl.CipherSuiteConverter - Cipher suite mapping: SSL_ECDHE_RSA_WITH_AES_256_CBC_SHA => ECDHE-RSA-AES256-SHA
14:31:03.397 [nioEventLoopGroup-3-2] DEBUG i.n.handler.ssl.CipherSuiteConverter - Cipher suite mapping: TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA => ECDHE-PSK-AES256-CBC-SHA
14:31:03.397 [nioEventLoopGroup-3-2] DEBUG i.n.handler.ssl.CipherSuiteConverter - Cipher suite mapping: SSL_ECDHE_PSK_WITH_AES_256_CBC_SHA => ECDHE-PSK-AES256-CBC-SHA
14:31:03.397 [nioEventLoopGroup-3-2] DEBUG i.n.handler.ssl.CipherSuiteConverter - Cipher suite mapping: TLS_RSA_WITH_AES_128_GCM_SHA256 => AES128-GCM-SHA256
14:31:03.397 [nioEventLoopGroup-3-2] DEBUG i.n.handler.ssl.CipherSuiteConverter - Cipher suite mapping: SSL_RSA_WITH_AES_128_GCM_SHA256 => AES128-GCM-SHA256
14:31:03.397 [nioEventLoopGroup-3-2] DEBUG i.n.handler.ssl.CipherSuiteConverter - Cipher suite mapping: TLS_RSA_WITH_AES_256_GCM_SHA384 => AES256-GCM-SHA384
14:31:03.397 [nioEventLoopGroup-3-2] DEBUG i.n.handler.ssl.CipherSuiteConverter - Cipher suite mapping: SSL_RSA_WITH_AES_256_GCM_SHA384 => AES256-GCM-SHA384
14:31:03.397 [nioEventLoopGroup-3-2] DEBUG i.n.handler.ssl.CipherSuiteConverter - Cipher suite mapping: TLS_RSA_WITH_AES_128_CBC_SHA => AES128-SHA
14:31:03.397 [nioEventLoopGroup-3-2] DEBUG i.n.handler.ssl.CipherSuiteConverter - Cipher suite mapping: SSL_RSA_WITH_AES_128_CBC_SHA => AES128-SHA
14:31:03.397 [nioEventLoopGroup-3-2] DEBUG i.n.handler.ssl.CipherSuiteConverter - Cipher suite mapping: TLS_PSK_WITH_AES_128_CBC_SHA => PSK-AES128-CBC-SHA
14:31:03.397 [nioEventLoopGroup-3-2] DEBUG i.n.handler.ssl.CipherSuiteConverter - Cipher suite mapping: SSL_PSK_WITH_AES_128_CBC_SHA => PSK-AES128-CBC-SHA
14:31:03.397 [nioEventLoopGroup-3-2] DEBUG i.n.handler.ssl.CipherSuiteConverter - Cipher suite mapping: TLS_RSA_WITH_AES_256_CBC_SHA => AES256-SHA
14:31:03.397 [nioEventLoopGroup-3-2] DEBUG i.n.handler.ssl.CipherSuiteConverter - Cipher suite mapping: SSL_RSA_WITH_AES_256_CBC_SHA => AES256-SHA
14:31:03.397 [nioEventLoopGroup-3-2] DEBUG i.n.handler.ssl.CipherSuiteConverter - Cipher suite mapping: TLS_PSK_WITH_AES_256_CBC_SHA => PSK-AES256-CBC-SHA
14:31:03.397 [nioEventLoopGroup-3-2] DEBUG i.n.handler.ssl.CipherSuiteConverter - Cipher suite mapping: SSL_PSK_WITH_AES_256_CBC_SHA => PSK-AES256-CBC-SHA
14:31:03.398 [nioEventLoopGroup-3-2] DEBUG i.n.handler.ssl.CipherSuiteConverter - Cipher suite mapping: TLS_RSA_WITH_3DES_EDE_CBC_SHA => DES-CBC3-SHA
14:31:03.398 [nioEventLoopGroup-3-2] DEBUG i.n.handler.ssl.CipherSuiteConverter - Cipher suite mapping: SSL_RSA_WITH_3DES_EDE_CBC_SHA => DES-CBC3-SHA
14:31:03.398 [nioEventLoopGroup-3-2] DEBUG io.netty.handler.ssl.OpenSsl - Supported protocols (OpenSSL): [SSLv2Hello, TLSv1, TLSv1.1, TLSv1.2, TLSv1.3] 
14:31:03.398 [nioEventLoopGroup-3-2] DEBUG io.netty.handler.ssl.OpenSsl - Default cipher suites (OpenSSL): [TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, TLS_RSA_WITH_AES_128_GCM_SHA256, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_256_CBC_SHA, TLS_AES_128_GCM_SHA256, TLS_AES_256_GCM_SHA384, TLS_AES_128_GCM_SHA256, TLS_AES_256_GCM_SHA384, TLS_AES_128_GCM_SHA256, TLS_AES_256_GCM_SHA384, TLS_CHACHA20_POLY1305_SHA256]
14:31:03.560 [nioEventLoopGroup-3-2] DEBUG io.netty.handler.ssl.SslHandler - [id: 0x4503f758, L:/192.168.1.113:61645 - R:live.chess.com/207.97.242.140:443] HANDSHAKEN: protocol:TLSv1.3 cipher suite:TLS_AES_256_GCM_SHA384
14:31:03.561 [nioEventLoopGroup-3-2] DEBUG c.g.c.n.h.p.tls.TlsFrontendHandler - ALPN negotiated with http/1.1
14:31:04.226 [nioEventLoopGroup-3-2] DEBUG c.g.c.n.h.p.h.Http1BackendHandler - [Client (kubernetes.docker.internal:61622)] <=> [Server (live.chess.com:443)] : handlerAdded
14:31:04.234 [nioEventLoopGroup-3-2] DEBUG c.g.c.n.h.p.w.WebSocketBackendHandler - [Client (kubernetes.docker.internal:61622)] <=> [Server (live.chess.com:443)] : handlerAdded
14:31:04.253 [nioEventLoopGroup-3-2] DEBUG c.g.c.n.h.p.tls.TlsBackendHandler - [Client (kubernetes.docker.internal:61622)] <=> [Server (live.chess.com:443)] : handlerRemoved
14:31:04.257 [nioEventLoopGroup-3-2] DEBUG io.netty.handler.ssl.SslHandler - [id: 0x2dedfc71, L:/127.0.0.1:8080 - R:/127.0.0.1:61622] HANDSHAKEN: protocol:TLSv1.3 cipher suite:TLS_AES_128_GCM_SHA256
14:31:04.257 [nioEventLoopGroup-3-2] DEBUG c.g.c.n.h.p.h.Http1FrontendHandler - [Client (kubernetes.docker.internal:61622)] <=> [Server (live.chess.com:443)] : handlerAdded
14:31:04.260 [nioEventLoopGroup-3-2] DEBUG c.g.c.n.h.p.w.WebSocketFrontendHandler - [Client (kubernetes.docker.internal:61622)] <=> [Server (live.chess.com:443)] : handlerAdded
abbasvalliani commented 3 years ago

@chhsiao90 I attached the log file. No interception here. live.chess.com which uses websocket is not functional. You can test it by going to chess.com and click play.