mirror of
https://github.com/Grasscutters/mitmproxy.git
synced 2025-02-07 10:40:09 +00:00
ignore missing CN in certificates. fixes #169
This commit is contained in:
Maximilian Hils
parent
28a234e28b
commit
7db1430ee7
@ -312,7 +312,8 @@ class ProxyHandler(tcp.BaseHandler):
|
|||||||
if not self.config.no_upstream_cert:
|
if not self.config.no_upstream_cert:
|
||||||
conn = self.get_server_connection(cc, "https", host, port, sni)
|
conn = self.get_server_connection(cc, "https", host, port, sni)
|
||||||
sans = conn.cert.altnames
|
sans = conn.cert.altnames
|
||||||
host = conn.cert.cn.decode("utf8").encode("idna")
|
if conn.cert.cn:
|
||||||
|
host = conn.cert.cn.decode("utf8").encode("idna")
|
||||||
ret = self.config.certstore.get_cert(host, sans, self.config.cacert)
|
ret = self.config.certstore.get_cert(host, sans, self.config.cacert)
|
||||||
if not ret:
|
if not ret:
|
||||||
raise ProxyError(502, "Unable to generate dummy cert.")
|
raise ProxyError(502, "Unable to generate dummy cert.")
|
||||||
|
|||||||
20
test/data/no_common_name.pem
Normal file
20
test/data/no_common_name.pem
Normal file
@ -0,0 +1,20 @@
|
|||||||
|
-----BEGIN RSA PRIVATE KEY-----
|
||||||
|
MIIBOQIBAAJBAKVJ43C+8SjOvN9/pP/8HwzmHGQmRvdK/R6KlWdr7He6iiXDQNfH
|
||||||
|
RAp+gqX0hBRT80eRjGhSmTTBLCWiXVny4UUCAwEAAQJAUQ8nZ0d85VJd9g2XUaLH
|
||||||
|
Z4ACNGtBKk2wTKYSFyIqWZxsF5qhh7HGshJIAP6tYiX8ZW+mMSfme+zsJzWe8ChL
|
||||||
|
gQIhAM8QpAgUHnNteZvkv0XqceX1GILEWifMt+hO9yTp4dY5AiEAzFnKr77CKCri
|
||||||
|
/DPig4R/5q4KMpMx9EqJufHdGNmIA20CICMARxnufK86RCIr6oEg/hvG8Fu6YRr1
|
||||||
|
Kekk3/XnavtRAiBVLVQ7vwKE5aNpRmMzOKZrS736aLpYvjz8IaFr+zgjXQIgdad5
|
||||||
|
QZoTD49NTyMEgyZp70gTXcXQLrX2PgQKL4uNmoU=
|
||||||
|
-----END RSA PRIVATE KEY-----
|
||||||
|
-----BEGIN CERTIFICATE-----
|
||||||
|
MIIBgTCCASugAwIBAgIJAKlcXsPLQAQuMA0GCSqGSIb3DQEBBQUAMA0xCzAJBgNV
|
||||||
|
BAYTAkFVMB4XDTEzMTIxMjAxMzA1NVoXDTE0MDExMTAxMzA1NVowDTELMAkGA1UE
|
||||||
|
BhMCQVUwXDANBgkqhkiG9w0BAQEFAANLADBIAkEApUnjcL7xKM6833+k//wfDOYc
|
||||||
|
ZCZG90r9HoqVZ2vsd7qKJcNA18dECn6CpfSEFFPzR5GMaFKZNMEsJaJdWfLhRQID
|
||||||
|
AQABo24wbDAdBgNVHQ4EFgQUJm8BXcVRsROy0PVt5stkB3eVnEgwPQYDVR0jBDYw
|
||||||
|
NIAUJm8BXcVRsROy0PVt5stkB3eVnEihEaQPMA0xCzAJBgNVBAYTAkFVggkAqVxe
|
||||||
|
w8tABC4wDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQUFAANBAHHxcBEpWrIqtLVH
|
||||||
|
m6Yn1hgqrAbfMj9IK6zY9C5Cbad/DfUj3AZMb5u758WJK0x9brmckgqdrQsuf9He
|
||||||
|
Ef51/SU=
|
||||||
|
-----END CERTIFICATE-----
|
||||||
@ -197,6 +197,13 @@ class TestHTTPSCertfile(tservers.HTTPProxTest, CommonMixin):
|
|||||||
def test_certfile(self):
|
def test_certfile(self):
|
||||||
assert self.pathod("304")
|
assert self.pathod("304")
|
||||||
|
|
||||||
|
class TestHTTPSNoCommonName(tservers.HTTPProxTest, CommonMixin):
|
||||||
|
"""
|
||||||
|
Test what happens if we get a cert without common name back.
|
||||||
|
"""
|
||||||
|
ssl = True
|
||||||
|
ssloptions=pathod.SSLOptions(certfile=tutils.test_data.path("data/no_common_name.pem"),
|
||||||
|
keyfile=tutils.test_data.path("data/no_common_name.pem"))
|
||||||
|
|
||||||
class TestReverse(tservers.ReverseProxTest, CommonMixin):
|
class TestReverse(tservers.ReverseProxTest, CommonMixin):
|
||||||
reverse = True
|
reverse = True
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user