mirror of
https://github.com/Grasscutters/mitmproxy.git
synced 2024-11-23 08:11:00 +00:00
Thomas Kriechbaumer
GitHub
commit
19b2208c27
@ -93,9 +93,9 @@ def dummy_cert(privkey, cacert, commonname, sans):
|
|||||||
try:
|
try:
|
||||||
ipaddress.ip_address(i.decode("ascii"))
|
ipaddress.ip_address(i.decode("ascii"))
|
||||||
except ValueError:
|
except ValueError:
|
||||||
ss.append(b"DNS: %s" % i)
|
ss.append(b"DNS:%s" % i)
|
||||||
else:
|
else:
|
||||||
ss.append(b"IP: %s" % i)
|
ss.append(b"IP:%s" % i)
|
||||||
ss = b", ".join(ss)
|
ss = b", ".join(ss)
|
||||||
|
|
||||||
cert = OpenSSL.crypto.X509()
|
cert = OpenSSL.crypto.X509()
|
||||||
@ -356,14 +356,14 @@ class CertStore:
|
|||||||
|
|
||||||
|
|
||||||
class _GeneralName(univ.Choice):
|
class _GeneralName(univ.Choice):
|
||||||
# We are only interested in dNSNames. We use a default handler to ignore
|
# We only care about dNSName and iPAddress
|
||||||
# other types.
|
|
||||||
# TODO: We should also handle iPAddresses.
|
|
||||||
componentType = namedtype.NamedTypes(
|
componentType = namedtype.NamedTypes(
|
||||||
namedtype.NamedType('dNSName', char.IA5String().subtype(
|
namedtype.NamedType('dNSName', char.IA5String().subtype(
|
||||||
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2)
|
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2)
|
||||||
)
|
)),
|
||||||
),
|
namedtype.NamedType('iPAddress', univ.OctetString().subtype(
|
||||||
|
implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 7)
|
||||||
|
)),
|
||||||
)
|
)
|
||||||
|
|
||||||
|
|
||||||
@ -477,5 +477,10 @@ class SSLCert(serializable.Serializable):
|
|||||||
except PyAsn1Error:
|
except PyAsn1Error:
|
||||||
continue
|
continue
|
||||||
for i in dec[0]:
|
for i in dec[0]:
|
||||||
altnames.append(i[0].asOctets())
|
if i[0] is None and isinstance(i[1], univ.OctetString) and not isinstance(i[1], char.IA5String):
|
||||||
|
# This would give back the IP address: b'.'.join([str(e).encode() for e in i[1].asNumbers()])
|
||||||
|
continue
|
||||||
|
else:
|
||||||
|
e = i[0].asOctets()
|
||||||
|
altnames.append(e)
|
||||||
return altnames
|
return altnames
|
||||||
|
|||||||
@ -34,7 +34,6 @@ exclude =
|
|||||||
mitmproxy/proxy/root_context.py
|
mitmproxy/proxy/root_context.py
|
||||||
mitmproxy/proxy/server.py
|
mitmproxy/proxy/server.py
|
||||||
mitmproxy/tools/
|
mitmproxy/tools/
|
||||||
mitmproxy/certs.py
|
|
||||||
mitmproxy/controller.py
|
mitmproxy/controller.py
|
||||||
mitmproxy/export.py
|
mitmproxy/export.py
|
||||||
mitmproxy/flow.py
|
mitmproxy/flow.py
|
||||||
@ -50,7 +49,6 @@ exclude =
|
|||||||
mitmproxy/addonmanager.py
|
mitmproxy/addonmanager.py
|
||||||
mitmproxy/addons/onboardingapp/app.py
|
mitmproxy/addons/onboardingapp/app.py
|
||||||
mitmproxy/addons/termlog.py
|
mitmproxy/addons/termlog.py
|
||||||
mitmproxy/certs.py
|
|
||||||
mitmproxy/contentviews/base.py
|
mitmproxy/contentviews/base.py
|
||||||
mitmproxy/contentviews/wbxml.py
|
mitmproxy/contentviews/wbxml.py
|
||||||
mitmproxy/contentviews/xml_html.py
|
mitmproxy/contentviews/xml_html.py
|
||||||
|
|||||||
@ -602,12 +602,6 @@ class TestDHParams(tservers.ServerTestBase):
|
|||||||
ret = c.get_current_cipher()
|
ret = c.get_current_cipher()
|
||||||
assert ret[0] == "DHE-RSA-AES256-SHA"
|
assert ret[0] == "DHE-RSA-AES256-SHA"
|
||||||
|
|
||||||
def test_create_dhparams(self):
|
|
||||||
with tutils.tmpdir() as d:
|
|
||||||
filename = os.path.join(d, "dhparam.pem")
|
|
||||||
certs.CertStore.load_dhparam(filename)
|
|
||||||
assert os.path.exists(filename)
|
|
||||||
|
|
||||||
|
|
||||||
class TestTCPClient:
|
class TestTCPClient:
|
||||||
|
|
||||||
|
|||||||
@ -117,6 +117,12 @@ class TestCertStore:
|
|||||||
ret = ca1.get_cert(b"foo.com", [])
|
ret = ca1.get_cert(b"foo.com", [])
|
||||||
assert ret[0].serial == dc[0].serial
|
assert ret[0].serial == dc[0].serial
|
||||||
|
|
||||||
|
def test_create_dhparams(self):
|
||||||
|
with tutils.tmpdir() as d:
|
||||||
|
filename = os.path.join(d, "dhparam.pem")
|
||||||
|
certs.CertStore.load_dhparam(filename)
|
||||||
|
assert os.path.exists(filename)
|
||||||
|
|
||||||
|
|
||||||
class TestDummyCert:
|
class TestDummyCert:
|
||||||
|
|
||||||
@ -127,9 +133,10 @@ class TestDummyCert:
|
|||||||
ca.default_privatekey,
|
ca.default_privatekey,
|
||||||
ca.default_ca,
|
ca.default_ca,
|
||||||
b"foo.com",
|
b"foo.com",
|
||||||
[b"one.com", b"two.com", b"*.three.com"]
|
[b"one.com", b"two.com", b"*.three.com", b"127.0.0.1"]
|
||||||
)
|
)
|
||||||
assert r.cn == b"foo.com"
|
assert r.cn == b"foo.com"
|
||||||
|
assert r.altnames == [b'one.com', b'two.com', b'*.three.com']
|
||||||
|
|
||||||
r = certs.dummy_cert(
|
r = certs.dummy_cert(
|
||||||
ca.default_privatekey,
|
ca.default_privatekey,
|
||||||
@ -138,6 +145,7 @@ class TestDummyCert:
|
|||||||
[]
|
[]
|
||||||
)
|
)
|
||||||
assert r.cn is None
|
assert r.cn is None
|
||||||
|
assert r.altnames == []
|
||||||
|
|
||||||
|
|
||||||
class TestSSLCert:
|
class TestSSLCert:
|
||||||
@ -179,3 +187,20 @@ class TestSSLCert:
|
|||||||
d = f.read()
|
d = f.read()
|
||||||
s = certs.SSLCert.from_der(d)
|
s = certs.SSLCert.from_der(d)
|
||||||
assert s.cn
|
assert s.cn
|
||||||
|
|
||||||
|
def test_state(self):
|
||||||
|
with open(tutils.test_data.path("mitmproxy/net/data/text_cert"), "rb") as f:
|
||||||
|
d = f.read()
|
||||||
|
c = certs.SSLCert.from_pem(d)
|
||||||
|
|
||||||
|
c.get_state()
|
||||||
|
c2 = c.copy()
|
||||||
|
a = c.get_state()
|
||||||
|
b = c2.get_state()
|
||||||
|
assert a == b
|
||||||
|
assert c == c2
|
||||||
|
assert c is not c2
|
||||||
|
|
||||||
|
x = certs.SSLCert('')
|
||||||
|
x.set_state(a)
|
||||||
|
assert x == c
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user