Grasscutters/mitmproxy
3
0
Fork 0
mirror of https://github.com/Grasscutters/mitmproxy.git synced 2024-11-23 08:11:00 +00:00
Code Issues Projects Releases Wiki Activity

Domain checks for persistent cert store is now irrelevant.

Browse Source 
We no longer store these on disk, so we don't care about path
components.
This commit is contained in:
Aldo Cortesi 2013-12-08 13:15:08 +13:00
parent 75745cb0af
commit d05c20d8fa
3 changed files with 3 additions and 25 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
netlib/certutils.py
View File

@ -116,18 +116,6 @@ class CertStore:
def __init__(self): def __init__(self):
self.certs = {} self.certs = {}
def check_domain(self, commonname):
try:
commonname.decode("idna")
commonname.decode("ascii")
except:
return False
if ".." in commonname:
return False
if "/" in commonname:
return False
return True
def get_cert(self, commonname, sans, cacert): def get_cert(self, commonname, sans, cacert):
""" """
Returns an SSLCert object. Returns an SSLCert object.
@ -141,8 +129,6 @@ class CertStore:
Return None if the certificate could not be found or generated. Return None if the certificate could not be found or generated.
""" """
if not self.check_domain(commonname):
return None
if commonname in self.certs: if commonname in self.certs:
return self.certs[commonname] return self.certs[commonname]
c = dummy_cert(cacert, commonname, sans) c = dummy_cert(cacert, commonname, sans)

5
netlib/tcp.py
View File

@ -346,8 +346,9 @@ class BaseHandler:
self.connection.sock_shutdown(socket.SHUT_WR) self.connection.sock_shutdown(socket.SHUT_WR)
else: else:
self.connection.shutdown(socket.SHUT_WR) self.connection.shutdown(socket.SHUT_WR)
#Section 4.2.2.13 of RFC 1122 tells us that a close() with any pending readable data could lead to an immediate RST being sent. # Section 4.2.2.13 of RFC 1122 tells us that a close() with any
#http://ia600609.us.archive.org/22/items/TheUltimateSo_lingerPageOrWhyIsMyTcpNotReliable/the-ultimate-so_linger-page-or-why-is-my-tcp-not-reliable.html # pending readable data could lead to an immediate RST being sent.
# http://ia600609.us.archive.org/22/items/TheUltimateSo_lingerPageOrWhyIsMyTcpNotReliable/the-ultimate-so_linger-page-or-why-is-my-tcp-not-reliable.html
while self.connection.recv(4096): while self.connection.recv(4096):
pass pass
except (socket.error, SSL.Error): except (socket.error, SSL.Error):

9
test/test_certutils.py
View File

@ -32,15 +32,6 @@ class TestCertStore:
assert c.get_cert("foo.com", [], ca) assert c.get_cert("foo.com", [], ca)
assert c.get_cert("*.foo.com", [], ca) assert c.get_cert("*.foo.com", [], ca)
def test_check_domain(self):
c = certutils.CertStore()
assert c.check_domain("foo")
assert c.check_domain("\x01foo")
assert not c.check_domain("\xfefoo")
assert not c.check_domain("xn--\0")
assert not c.check_domain("foo..foo")
assert not c.check_domain("foo/foo")
class TestDummyCert: class TestDummyCert:
def test_with_ca(self): def test_with_ca(self):