Merge pull request #123 from jrgp/proxy_https

Add support for hitting chained proxy via HTTPS

Author: dpowell

README.md

@@ -145,6 +145,12 @@ Sometimes you will want to route requests through an upstream proxy server. In t
     [~]$ curl -X POST http://localhost:8080/proxy?httpProxy=yourproxyserver.com:8080
     {"port":8081}
 
+If your upstream proxy server uses https, you can enable connecting using https like this:
+
+    [~]$ curl -X POST http://localhost:8080/proxy?httpProxy=yourproxyserver.com:8080&proxyHTTPS=true
+    {"port":8081}
+
+
 Alternatively, you can specify the upstream proxy config for all proxies created using the standard JVM [system properties for HTTP proxies](http://docs.oracle.com/javase/6/docs/technotes/guides/net/proxies.html).
 Note that you can still override the default upstream proxy via the POST payload, but if you omit the payload the JVM
 system properties will be used to specify the upstream proxy.

browserup-proxy-core/src/main/java/com/browserup/bup/BrowserUpProxy.java

@@ -78,7 +78,7 @@ public interface BrowserUpProxy {
      * @throws java.lang.IllegalStateException if the proxy has not been started.
      */
     void stop();
-    
+
     /**
      * Like {@link #stop()}, shuts down the proxy server and no longer accepts incoming connections, but does not wait for any existing
      * network traffic to cease. Any existing connections to clients or to servers may be force-killed immediately.
@@ -564,6 +564,13 @@ public interface BrowserUpProxy {
      */
     void setChainedProxy(InetSocketAddress chainedProxyAddress);
 
+    /**
+     * Instructs this proxy to route traffic through an upstream proxy using HTTPS.
+     *
+     * @param chainedProxyHTTPS address of the upstream proxy
+     */
+    void setChainedProxyHTTPS(boolean chainedProxyHTTPS);
+
     /**
      * Returns the address and port of the upstream proxy.
      *

browserup-proxy-core/src/main/java/com/browserup/bup/BrowserUpProxyServer.java

@@ -65,6 +65,8 @@
 import com.browserup.bup.proxy.dns.DelegatingHostResolver;
 import com.browserup.bup.util.BrowserUpHttpUtil;
 import com.browserup.bup.util.BrowserUpProxyUtil;
+import org.littleshoot.proxy.SslEngineSource;
+import org.littleshoot.proxy.extras.SelfSignedSslEngineSource;
 import org.apache.commons.lang3.StringUtils;
 import org.littleshoot.proxy.ChainedProxy;
 import org.littleshoot.proxy.ChainedProxyAdapter;
@@ -102,6 +104,7 @@
 import java.util.concurrent.atomic.AtomicInteger;
 import java.util.concurrent.atomic.AtomicReference;
 import java.util.regex.Pattern;
+import javax.net.ssl.SSLEngine;
 
 import static java.util.stream.Collectors.toCollection;
 
@@ -243,6 +246,11 @@ public class BrowserUpProxyServer implements BrowserUpProxy {
      */
     private volatile InetSocketAddress upstreamProxyAddress;
 
+    /**
+     * Whether to connect to that upstream chained proxy using https, rather than http
+     */
+    private volatile boolean upstreamProxyHTTPS;
+
     /**
      * The chained proxy manager that manages upstream proxies.
      */
@@ -376,6 +384,7 @@ public int getMaximumResponseBufferSizeInBytes() {
                 public void lookupChainedProxies(HttpRequest httpRequest, Queue<ChainedProxy> chainedProxies, ClientDetails clientDetails) {
                     final InetSocketAddress upstreamProxy = upstreamProxyAddress;
                     if (upstreamProxy != null) {
+                        final boolean useEncryption = upstreamProxyHTTPS;
                         chainedProxies.add(new ChainedProxyAdapter() {
                             @Override
                             public InetSocketAddress getChainedProxyAddress() {
@@ -393,6 +402,21 @@ public void filterRequest(HttpObject httpObject) {
                                     }
                                 }
                             }
+
+                            @Override
+                            public boolean requiresEncryption() {
+                                return useEncryption;
+                            }
+
+                            @Override
+                            public SSLEngine newSslEngine() {
+                                if (useEncryption) {
+                                    return new SelfSignedSslEngineSource(
+                                        true, false).newSslEngine();
+                                } else {
+                                    return null;
+                                }
+                            }
                         });
                     }
                 }
@@ -929,6 +953,11 @@ public void setChainedProxy(InetSocketAddress chainedProxyAddress) {
         upstreamProxyAddress = chainedProxyAddress;
     }
 
+    @Override
+    public void setChainedProxyHTTPS(boolean chainedProxyHTTPS) {
+        upstreamProxyHTTPS = chainedProxyHTTPS;
+    }
+
     @Override
     public InetSocketAddress getChainedProxy() {
         return upstreamProxyAddress;

browserup-proxy-rest/src/main/java/com/browserup/bup/proxy/ProxyManager.java

@@ -133,7 +133,7 @@ public void onRemoval(RemovalNotification<Integer, BrowserUpProxyServer> removal
         }
     }
 
-    public BrowserUpProxyServer create(String upstreamHttpProxy, String proxyUsername, String proxyPassword, Integer port, String bindAddr, String serverBindAddr, boolean useEcc, boolean trustAllServers) {
+    public BrowserUpProxyServer create(String upstreamHttpProxy, boolean upstreamProxyHttps, String proxyUsername, String proxyPassword, Integer port, String bindAddr, String serverBindAddr, boolean useEcc, boolean trustAllServers) {
         LOG.debug("Instantiate ProxyServer...");
         BrowserUpProxyServer proxy = new BrowserUpProxyServer();
 
@@ -161,6 +161,8 @@ public BrowserUpProxyServer create(String upstreamHttpProxy, String proxyUsernam
                 LOG.error("Invalid upstream http proxy specified: " + upstreamHttpProxy + ". Must use host:port format.");
                 throw new RuntimeException("Invalid upstream http proxy");
             }
+
+            proxy.setChainedProxyHTTPS(upstreamProxyHttps);
         }
 
         InetAddress clientBindAddress = null;
@@ -204,23 +206,23 @@ public BrowserUpProxyServer create(String upstreamHttpProxy, String proxyUsernam
     }
 
     public BrowserUpProxyServer create(String upstreamHttpProxy, String proxyUsername, String proxyPassword, Integer port, String bindAddr, boolean useEcc, boolean trustAllServers) {
-        return create(upstreamHttpProxy, proxyUsername, proxyPassword, port, null, null, false, false);
+        return create(upstreamHttpProxy, false, proxyUsername, proxyPassword, port, null, null, false, false);
     }
 
     public BrowserUpProxyServer create(String upstreamHttpProxy, String proxyUsername, String proxyPassword, Integer port) {
-        return create(upstreamHttpProxy, proxyUsername, proxyPassword, port, null, null, false, false);
+        return create(upstreamHttpProxy, false, proxyUsername, proxyPassword, port, null, null, false, false);
     }
 
     public BrowserUpProxyServer create(String upstreamHttpProxy, String proxyUsername, String proxyPassword) {
-        return create(upstreamHttpProxy, proxyUsername, proxyPassword, null, null, null, false, false);
+        return create(upstreamHttpProxy, false, proxyUsername, proxyPassword, null, null, null, false, false);
     }
 
     public BrowserUpProxyServer create() {
-        return create(null, null, null, null, null, null, false, false);
+        return create(null, false, null, null, null, null, null, false, false);
     }
 
     public BrowserUpProxyServer create(int port) {
-        return create(null, null, null, port, null, null, false, false);
+        return create(null, false,null , null, port, null, null, false, false);
     }
 
     public BrowserUpProxyServer get(int port) {

browserup-proxy-rest/src/main/java/com/browserup/bup/proxy/bricks/ProxyResource.java

@@ -76,6 +76,7 @@ public Reply<?> newProxy(Request request) {
         String httpProxy = request.param("httpProxy");
         String proxyUsername = request.param("proxyUsername");
         String proxyPassword = request.param("proxyPassword");
+        boolean upstreamProxyHttps = "true".equals(request.param("proxyHTTPS"));
 
         Hashtable<String, String> options = new Hashtable<String, String>();
 
@@ -101,7 +102,7 @@ public Reply<?> newProxy(Request request) {
                 paramBindAddr, paramPort, paramServerBindAddr);
         BrowserUpProxyServer proxy;
         try {
-            proxy = proxyManager.create(upstreamHttpProxy, proxyUsername, proxyPassword, paramPort, paramBindAddr, paramServerBindAddr, useEcc, trustAllServers);
+            proxy = proxyManager.create(upstreamHttpProxy, upstreamProxyHttps, proxyUsername, proxyPassword, paramPort, paramBindAddr, paramServerBindAddr, useEcc, trustAllServers);
         } catch (ProxyExistsException ex) {
             return Reply.with(new ProxyDescriptor(ex.getPort())).status(455).as(Json.class);
         } catch (ProxyPortsExhaustedException ex) {