Grasscutters/mitmproxy
3
0
Fork 0
mirror of https://github.com/Grasscutters/mitmproxy.git synced 2025-02-07 10:40:09 +00:00
Code Issues Projects Releases Wiki Activity

bump cryptography min-version

Browse Source 
This removes OpenSSL v0.9.8 support.
This commit is contained in:
Thomas Kriechbaumer 2017-04-27 19:39:53 +02:00
parent e32efcae49
commit 3e82f4d6c4
3 changed files with 8 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
mitmproxy/net/tcp.py
View File

@ -503,8 +503,6 @@ class _Connection:
if cipher_list: if cipher_list:
try: try:
context.set_cipher_list(cipher_list) context.set_cipher_list(cipher_list)
# TODO: maybe change this to with newer pyOpenSSL APIs
context.set_tmp_ecdh(OpenSSL.crypto.get_elliptic_curve('prime256v1')) context.set_tmp_ecdh(OpenSSL.crypto.get_elliptic_curve('prime256v1'))
except SSL.Error as v: except SSL.Error as v:
raise exceptions.TlsException("SSL cipher specification error: %s" % str(v)) raise exceptions.TlsException("SSL cipher specification error: %s" % str(v))
@ -617,11 +615,6 @@ class TCPClient(_Connection):
raise self.ssl_verification_error raise self.ssl_verification_error
else: else:
raise exceptions.TlsException("SSL handshake error: %s" % repr(v)) raise exceptions.TlsException("SSL handshake error: %s" % repr(v))
else:
# Fix for pre v1.0 OpenSSL, which doesn't throw an exception on
# certificate validation failure
if verification_mode == SSL.VERIFY_PEER and self.ssl_verification_error:
raise self.ssl_verification_error
self.cert = certs.SSLCert(self.connection.get_peer_certificate()) self.cert = certs.SSLCert(self.connection.get_peer_certificate())

14
mitmproxy/utils/version_check.py
View File

@ -8,17 +8,17 @@ import os.path
import OpenSSL import OpenSSL
PYOPENSSL_MIN_VERSION = (0, 15) PYOPENSSL_MIN_VERSION = (16, 0)
def check_pyopenssl_version(min_version=PYOPENSSL_MIN_VERSION, fp=sys.stderr): def check_pyopenssl_version(min_version=PYOPENSSL_MIN_VERSION, fp=sys.stderr):
min_version_str = u".".join(str(x) for x in min_version) min_version_str = ".".join(str(x) for x in min_version)
try: try:
v = tuple(int(x) for x in OpenSSL.__version__.split(".")[:2]) v = tuple(int(x) for x in OpenSSL.__version__.split(".")[:2])
except ValueError: except ValueError:
print( print(
u"Cannot parse pyOpenSSL version: {}" "Cannot parse pyOpenSSL version: {}"
u"mitmproxy requires pyOpenSSL {} or greater.".format( "mitmproxy requires pyOpenSSL {} or greater.".format(
OpenSSL.__version__, min_version_str OpenSSL.__version__, min_version_str
), ),
file=fp file=fp
@ -26,15 +26,15 @@ def check_pyopenssl_version(min_version=PYOPENSSL_MIN_VERSION, fp=sys.stderr):
return return
if v < min_version: if v < min_version:
print( print(
u"You are using an outdated version of pyOpenSSL: " "You are using an outdated version of pyOpenSSL: "
u"mitmproxy requires pyOpenSSL {} or greater.".format(min_version_str), "mitmproxy requires pyOpenSSL {} or greater.".format(min_version_str),
file=fp file=fp
) )
# Some users apparently have multiple versions of pyOpenSSL installed. # Some users apparently have multiple versions of pyOpenSSL installed.
# Report which one we got. # Report which one we got.
pyopenssl_path = os.path.dirname(inspect.getfile(OpenSSL)) pyopenssl_path = os.path.dirname(inspect.getfile(OpenSSL))
print( print(
u"Your pyOpenSSL {} installation is located at {}".format( "Your pyOpenSSL {} installation is located at {}".format(
OpenSSL.__version__, pyopenssl_path OpenSSL.__version__, pyopenssl_path
), ),
file=fp file=fp

2
setup.py
View File

@ -64,7 +64,7 @@ setup(
"click>=6.2, <7", "click>=6.2, <7",
"certifi>=2015.11.20.1", # no semver here - this should always be on the last release! "certifi>=2015.11.20.1", # no semver here - this should always be on the last release!
"construct>=2.8, <2.9", "construct>=2.8, <2.9",
"cryptography>=1.3, <1.9", "cryptography>=1.4, <1.9",
"cssutils>=1.0.1, <1.1", "cssutils>=1.0.1, <1.1",
"h2>=3.0, <4", "h2>=3.0, <4",
"html2text>=2016.1.8, <=2016.9.19", "html2text>=2016.1.8, <=2016.9.19",