Grasscutters/mitmproxy
3
0
Fork 0
mirror of https://github.com/Grasscutters/mitmproxy.git synced 2024-11-23 08:11:00 +00:00
Code Issues Projects Releases Wiki Activity

Rename 'server' to 'upstream' in identifiers related to the AddServerCertsToClientChain feature

Browse Source
This commit is contained in:
ikoz 2016-03-16 19:20:18 +00:00
parent 02e378486b
commit 9cc55f211f
5 changed files with 22 additions and 22 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
mitmproxy/cmdline.py
View File

@ -436,10 +436,10 @@ def proxy_ssl_options(parser):
) )
subgroup = group.add_mutually_exclusive_group() subgroup = group.add_mutually_exclusive_group()
subgroup.add_argument( subgroup.add_argument(
"--add-server-certs-to-client-chain", default=False, "--add-upstream-certs-to-client-chain", default=False,
action="store_true", dest="add_server_certs_to_client_chain", action="store_true", dest="add_upstream_certs_to_client_chain",
help="Add all the certificates of the server to the certificate chain " help="Add all certificates of the upstream server to the certificate chain "
"that will be served to the client, as extras." "that will be served to the proxy client, as extras."
) )
subgroup.add_argument( subgroup.add_argument(
"--verify-upstream-cert", default=False, "--verify-upstream-cert", default=False,

2
mitmproxy/protocol/tls.py
View File

@ -432,7 +432,7 @@ class TlsLayer(Layer):
self.log("Establish TLS with client", "debug") self.log("Establish TLS with client", "debug")
cert, key, chain_file = self._find_cert() cert, key, chain_file = self._find_cert()
if self.config.add_server_certs_to_client_chain: if self.config.add_upstream_certs_to_client_chain:
extra_certs = self.server_conn.server_certs extra_certs = self.server_conn.server_certs
else: else:
extra_certs = None extra_certs = None

6
mitmproxy/proxy/config.py
View File

@ -67,7 +67,7 @@ class ProxyConfig:
ssl_verify_upstream_cert=False, ssl_verify_upstream_cert=False,
ssl_verify_upstream_trusted_cadir=None, ssl_verify_upstream_trusted_cadir=None,
ssl_verify_upstream_trusted_ca=None, ssl_verify_upstream_trusted_ca=None,
add_server_certs_to_client_chain=False, add_upstream_certs_to_client_chain=False,
): ):
self.host = host self.host = host
self.port = port self.port = port
@ -108,7 +108,7 @@ class ProxyConfig:
self.openssl_verification_mode_server = SSL.VERIFY_NONE self.openssl_verification_mode_server = SSL.VERIFY_NONE
self.openssl_trusted_cadir_server = ssl_verify_upstream_trusted_cadir self.openssl_trusted_cadir_server = ssl_verify_upstream_trusted_cadir
self.openssl_trusted_ca_server = ssl_verify_upstream_trusted_ca self.openssl_trusted_ca_server = ssl_verify_upstream_trusted_ca
self.add_server_certs_to_client_chain = add_server_certs_to_client_chain self.add_upstream_certs_to_client_chain = add_upstream_certs_to_client_chain
def process_proxy_options(parser, options): def process_proxy_options(parser, options):
@ -209,5 +209,5 @@ def process_proxy_options(parser, options):
ssl_verify_upstream_cert=options.ssl_verify_upstream_cert, ssl_verify_upstream_cert=options.ssl_verify_upstream_cert,
ssl_verify_upstream_trusted_cadir=options.ssl_verify_upstream_trusted_cadir, ssl_verify_upstream_trusted_cadir=options.ssl_verify_upstream_trusted_cadir,
ssl_verify_upstream_trusted_ca=options.ssl_verify_upstream_trusted_ca, ssl_verify_upstream_trusted_ca=options.ssl_verify_upstream_trusted_ca,
add_server_certs_to_client_chain=options.add_server_certs_to_client_chain, add_upstream_certs_to_client_chain=options.add_upstream_certs_to_client_chain,
) )

24
test/mitmproxy/test_server.py
View File

@ -1001,7 +1001,7 @@ class TestProxyChainingSSLReconnect(tservers.HTTPUpstreamProxyTest):
assert self.chain[1].tmaster.state.flow_count() == 2 assert self.chain[1].tmaster.state.flow_count() == 2
class AddServerCertsToClientChainMixin: class AddUpstreamCertsToClientChainMixin:
ssl = True ssl = True
servercert = tutils.test_data.path("data/trusted-server.crt") servercert = tutils.test_data.path("data/trusted-server.crt")
@ -1012,30 +1012,30 @@ class AddServerCertsToClientChainMixin:
] ]
) )
def test_add_server_certs_to_client_chain(self): def test_add_upstream_certs_to_client_chain(self):
with open(self.servercert, "rb") as f: with open(self.servercert, "rb") as f:
d = f.read() d = f.read()
c1 = SSLCert.from_pem(d) upstreamCert = SSLCert.from_pem(d)
p = self.pathoc() p = self.pathoc()
server_cert_found_in_client_chain = False upstream_cert_found_in_client_chain = False
for cert in p.server_certs: for receivedCert in p.server_certs:
if cert.digest('sha256') == c1.digest('sha256'): if receivedCert.digest('sha256') == upstreamCert.digest('sha256'):
server_cert_found_in_client_chain = True upstream_cert_found_in_client_chain = True
break break
assert(server_cert_found_in_client_chain == self.add_server_certs_to_client_chain) assert(upstream_cert_found_in_client_chain == self.add_upstream_certs_to_client_chain)
class TestHTTPSAddServerCertsToClientChainTrue(AddServerCertsToClientChainMixin, tservers.HTTPProxyTest): class TestHTTPSAddUpstreamCertsToClientChainTrue(AddUpstreamCertsToClientChainMixin, tservers.HTTPProxyTest):
""" """
If --add-server-certs-to-client-chain is True, then the client should receive the upstream server's certificates If --add-server-certs-to-client-chain is True, then the client should receive the upstream server's certificates
""" """
add_server_certs_to_client_chain = True add_upstream_certs_to_client_chain = True
class TestHTTPSAddServerCertsToClientChainFalse(AddServerCertsToClientChainMixin, tservers.HTTPProxyTest): class TestHTTPSAddUpstreamCertsToClientChainFalse(AddUpstreamCertsToClientChainMixin, tservers.HTTPProxyTest):
""" """
If --add-server-certs-to-client-chain is False, then the client should not receive the upstream server's certificates If --add-server-certs-to-client-chain is False, then the client should not receive the upstream server's certificates
""" """
add_server_certs_to_client_chain = False add_upstream_certs_to_client_chain = False

4
test/mitmproxy/tservers.py
View File

@ -86,7 +86,7 @@ class ProxyTestBase(object):
no_upstream_cert = False no_upstream_cert = False
authenticator = None authenticator = None
masterclass = TestMaster masterclass = TestMaster
add_server_certs_to_client_chain = False add_upstream_certs_to_client_chain = False
@classmethod @classmethod
def setup_class(cls): def setup_class(cls):
@ -130,7 +130,7 @@ class ProxyTestBase(object):
no_upstream_cert = cls.no_upstream_cert, no_upstream_cert = cls.no_upstream_cert,
cadir = cls.cadir, cadir = cls.cadir,
authenticator = cls.authenticator, authenticator = cls.authenticator,
add_server_certs_to_client_chain = cls.add_server_certs_to_client_chain, add_upstream_certs_to_client_chain = cls.add_upstream_certs_to_client_chain,
) )