mitmproxy icon indicating copy to clipboard operation
mitmproxy copied to clipboard

Published 20 hours ago verified publisher icon mitmproxy

Response always 400 by refusing connect Upstream server

Open rechieKing opened this issue 10 months ago • 7 comments

Problem Description

What is the difference between mitmproxy 6.0.2 and 7.0.0 I try to connect my proxy with mitmproxy as below:

mitmproxy -m upstream:http://<this is my proxy server>:9782 --ssl-insecure

And i can get the correct response in terminal tool when i use mitmproxy 6.0.2

Steps to reproduce the behavior:

  1. Upgrade 6.0.2 to 7.0.0
  2. Connect mitmproxy as mitmproxy -m upstream:http://<this is my proxy server>:9782 --ssl-insecure
  3. View api response in terminal tool
  4. The response always 400

System Information

Mitmproxy: 7.0.0 Python: 3.10.0 OpenSSL: OpenSSL 1.1.1i 8 Dec 2020 Platform: macOS-12.6.7-x86_64-i386-64bit

rechieKing avatar Aug 12 '23 03:08 rechieKing

What happens if you use mitmproxy 10?

mhils avatar Aug 12 '23 07:08 mhils

Thank you for your replying, I try to use mitmproxy 10 and openssl 3.0.7, and the phenomenon is same as mitmproxy 7.0.0

System Information:

Mitmproxy: 10.0.0 Python: 3.11.4 OpenSSL: OpenSSL 3.0.7 1 Nov 2022 Platform: macOS-13.3.1-arm64-arm-64bit

rechieKing avatar Aug 14 '23 01:08 rechieKing

Actually, I use the mitmproxy 9.0.1 first, and it return 400 error code, then, i try to upgrade my mitmproxy to latest version 10.0.0, the the phenomenon still happened as before So, i try to downgrade mitmproxy one by one until the 6.0.2 work

I think the difference between 6.02 and 7.0.0 is the reason of 400 And i have look through the CHANGELOG for 7.0.0, I found the major difference is the support SSL version But i didn't find the solution about that, Maybe there is any other important upgrade in mitmproxy that i ignored

Could you please help me fix it or other actions for my problem, thanks very much

rechieKing avatar Aug 14 '23 01:08 rechieKing

Thanks. This needs more details on the specific error, and steps how it can be reproduced by others.

mhils avatar Aug 14 '23 06:08 mhils

Sorry, for now, i can only provide some event log as possible as i can

And my mitmproxy cmd like this:

mitmproxy -m upstream:http://<proxyhost>:9782 --ssl-insecure --set ciphers_client=DEFAULT@SECLEVEL=0 --set tls_version_client_min=UNBOUNDED --set tls_version_server_min=UNBOUNDED --set connection_strategy=lazy

Because of some privacy policy of my company, our proxy (Upstream proxy) can not be access from others

So, thanks for your replying

Please give me some advice if you are able to get some important information from below event log:

 Unable to establish TLS connection with server (Upstream proxy <proxyhost>:9782 refused HTTP CONNECT request: 400 Bad Request). Trying to establish TLS
with client anyway. If you plan to redirect requests away from this server, consider setting `connection_strategy` to `lazy` to suppress early connections.

rechieKing avatar Aug 14 '23 08:08 rechieKing