[zorp-hu] SSLProxy

Balazs Scheidler zorp-hu@lists.balabit.hu
Fri, 08 Apr 2005 11:15:37 +0200 

On Fri, 2005-04-08 at 06:58 +0200, Tuska Viktor wrote:
> Balazs Scheidler wrote:
> 
> >mintha el lenne rontva a Service() definiciod. meg tudod azt is mutatni
> >
> Ime:
> 
> def https():
>         Service("office_443-http", MyHttpsProxy, router=TransparentRouter())
>         Listener(SockAddrInet("1.2.3.4", 50443), "office_443-http")
> 


osszeraktam a configodat es nalam mukodik. a hibauzenet alapjan olyan,
mintha ez az ertekadas nem sikerulne:

session.client_stream.name =  session.session_id + '/' + self.proxy_class.name + '/client' 

Mivel vagy a session.session_id, vagy a self.proxy_class.name erteke None. Elvileg egyik 
sem fordulhat elo, normalis esetben. Nekem a proxy_class.name gyanusabb, a Python ugyanis 
az elso esetben mas hibauzenetet adna:

Python 2.3.5 (#2, Feb  9 2005, 00:38:15)
[GCC 3.3.5 (Debian 1:3.3.5-8)] on linux2
Type "help", "copyright", "credits" or "license" for more information.
>>> a=None + 'abc'
Traceback (most recent call last):
  File "<stdin>", line 1, in ?
TypeError: unsupported operand type(s) for +: 'NoneType' and 'str'
>>> a='abc' + None
Traceback (most recent call last):
  File "<stdin>", line 1, in ?
TypeError: cannot concatenate 'str' and 'NoneType' objects

Tehat olyan, mintha a proxy osztalyodbol valamiert rossz erteke van a "name" attributumnak. 
Ez az attributum adja meg a Python proxy osztalyhoz tartozo C-ben irt modult (azaz a 
PsslProxy-bol szarmazott osztalyok eseten az erteke "pssl" kellene, hogy legyen)

Biztosan jo konfigreszletet kuldtel? Nem irja valami felul azt az
attributumot?

ez a policy.py file, amivel kiprobaltam:

from Zorp.Core import *
from Zorp.Plug import *
from Zorp.Http import *
from Zorp.Pssl import *

InetZone('all', '0.0.0.0/0',
         inbound_services=['*'],
         outbound_services=['*'])


class MyHttpProxy(HttpProxy):
        def config(self):
                HttpProxy.config(self)

class MyHttpsProxy(PsslProxy):

        def config(self):
                PsslProxy.config(self)
                self.server_need_ssl = TRUE
                self.client_need_ssl = TRUE
                self.client_cert = 'proba.crt'
                self.client_key = 'proba.key'
                self.client_verify_type = SSL_VERIFY_NONE
                self.server_verify_type = SSL_VERIFY_NONE
                self.shutdown_soft      = TRUE
                self.stack_proxy = MyHttpProxy

def zorp():
        Service("office_443-http", MyHttpsProxy, router=TransparentRouter())
        Listener(SockAddrInet("1.2.3.4", 50443), "office_443-http")


-- 
Bazsi