From 944f213ebca3bb70e0dc920d7095ae888cee2c8c Mon Sep 17 00:00:00 2001 From: Aldo Cortesi Date: Sun, 2 Mar 2014 22:10:49 +1300 Subject: [PATCH] Add connection cipher info to pathod server log --- libpathod/pathod.py | 39 +++++++++++++++++++++------------------ test/test_pathod.py | 11 +++++++++-- 2 files changed, 30 insertions(+), 20 deletions(-) diff --git a/libpathod/pathod.py b/libpathod/pathod.py index 0e3cca593..9730834a3 100644 --- a/libpathod/pathod.py +++ b/libpathod/pathod.py @@ -53,7 +53,7 @@ class PathodHandler(tcp.BaseHandler): def handle_sni(self, connection): self.sni = connection.get_servername() - def serve_crafted(self, crafted, request_log): + def serve_crafted(self, crafted): c = self.server.check_policy(crafted, self.server.request_settings) if c: err = language.make_error_response(c) @@ -68,14 +68,9 @@ class PathodHandler(tcp.BaseHandler): crafted = crafted.freeze(self.server.request_settings, None) self.info(">> Spec: %s"%crafted.spec()) response_log = language.serve(crafted, self.wfile, self.server.request_settings, None) - log = dict( - type = "crafted", - request=request_log, - response=response_log - ) if response_log["disconnect"]: - return False, log - return True, log + return False, response_log + return True, response_log def handle_request(self): """ @@ -141,15 +136,21 @@ class PathodHandler(tcp.BaseHandler): keyinfo = self.clientcert.keyinfo, ) - request_log = dict( - path = path, - method = method, - headers = headers.lst, - httpversion = httpversion, - sni = self.sni, - remote_address = self.address(), - clientcert = clientcert + retlog = dict( + type = "crafted", + request = dict( + path = path, + method = method, + headers = headers.lst, + httpversion = httpversion, + sni = self.sni, + remote_address = self.address(), + clientcert = clientcert, + ), + cipher = None, ) + if self.ssl_established: + retlog["cipher"] = self.get_current_cipher() try: content = http.read_http_body( @@ -164,7 +165,8 @@ class PathodHandler(tcp.BaseHandler): if i[0].match(path): self.info("crafting anchor: %s"%path) aresp = language.parse_response(self.server.request_settings, i[1]) - return self.serve_crafted(aresp, request_log) + again, retlog["response"] = self.serve_crafted(aresp) + return again, retlog if not self.server.nocraft and path.startswith(self.server.craftanchor): spec = urllib.unquote(path)[len(self.server.craftanchor):] @@ -177,7 +179,8 @@ class PathodHandler(tcp.BaseHandler): "Parse Error", "Error parsing response spec: %s\n"%v.msg + v.marked() ) - return self.serve_crafted(crafted, request_log) + again, retlog["response"] = self.serve_crafted(crafted) + return again, retlog elif self.server.noweb: crafted = language.make_error_response("Access Denied") language.serve(crafted, self.wfile, self.server.request_settings) diff --git a/test/test_pathod.py b/test/test_pathod.py index c98e14088..1ab330954 100644 --- a/test/test_pathod.py +++ b/test/test_pathod.py @@ -94,7 +94,7 @@ class TestNohang(tutils.DaemonTests): r = self.get("200:p0,0") assert r.status_code == 800 l = self.d.last_log() - assert "Pauses have been disabled" in l["msg"] + assert "Pauses have been disabled" in l["response"]["msg"] class TestHexdump(tutils.DaemonTests): @@ -113,7 +113,7 @@ class CommonTests(tutils.DaemonTests): r = self.get("200:b@1g") assert r.status_code == 800 l = self.d.last_log() - assert "too large" in l["msg"] + assert "too large" in l["response"]["msg"] def test_preline(self): r = self.pathoc(r"get:'/p/200':i0,'\r\n'") @@ -219,3 +219,10 @@ class TestDaemonSSL(CommonTests): assert l["type"] == "error" assert "SSL" in l["msg"] + def test_ssl_cipher(self): + r = self.pathoc(r"get:/p/202") + assert r.status_code == 202 + assert self.d.last_log()["cipher"][1] > 0 + + +