Grasscutters/mitmproxy
3
0
Fork 0
mirror of https://github.com/Grasscutters/mitmproxy.git synced 2024-11-23 00:01:36 +00:00
Code Issues Projects Releases Wiki Activity

rename TLS/SSL-related functions

Browse Source 
SSL is an outdated protocol superseeded by TLS. Although the commonly
used library is called OpenSSL, it is no reason to still use outdated
language for function names.
This commit is contained in:
Thomas Kriechbaumer 2018-01-06 10:43:33 +01:00
parent 9aae3213b9
commit d15e96dee1
19 changed files with 63 additions and 63 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
mitmproxy/certs.py
View File

@ -436,7 +436,7 @@ class SSLCert(serializable.Serializable):
Returns: Returns:
All DNS altnames. All DNS altnames.
""" """
# tcp.TCPClient.convert_to_ssl assumes that this property only contains DNS altnames for hostname verification. # tcp.TCPClient.convert_to_tls assumes that this property only contains DNS altnames for hostname verification.
altnames = [] altnames = []
for i in range(self.x509.get_extension_count()): for i in range(self.x509.get_extension_count()):
ext = self.x509.get_extension(i) ext = self.x509.get_extension(i)

8
mitmproxy/connections.py
View File

@ -127,8 +127,8 @@ class ClientConnection(tcp.BaseHandler, stateobject.StateObject):
tls_version=None, tls_version=None,
)) ))
def convert_to_ssl(self, cert, *args, **kwargs): def convert_to_tls(self, cert, *args, **kwargs):
super().convert_to_ssl(cert, *args, **kwargs) super().convert_to_tls(cert, *args, **kwargs)
self.timestamp_tls_setup = time.time() self.timestamp_tls_setup = time.time()
self.mitmcert = cert self.mitmcert = cert
sni = self.connection.get_servername() sni = self.connection.get_servername()
@ -261,7 +261,7 @@ class ServerConnection(tcp.TCPClient, stateobject.StateObject):
self.wfile.write(message) self.wfile.write(message)
self.wfile.flush() self.wfile.flush()
def establish_ssl(self, clientcerts, sni, **kwargs): def establish_tls(self, clientcerts, sni, **kwargs):
if sni and not isinstance(sni, str): if sni and not isinstance(sni, str):
raise ValueError("sni must be str, not " + type(sni).__name__) raise ValueError("sni must be str, not " + type(sni).__name__)
clientcert = None clientcert = None
@ -275,7 +275,7 @@ class ServerConnection(tcp.TCPClient, stateobject.StateObject):
if os.path.exists(path): if os.path.exists(path):
clientcert = path clientcert = path
self.convert_to_ssl(cert=clientcert, sni=sni, **kwargs) self.convert_to_tls(cert=clientcert, sni=sni, **kwargs)
self.sni = sni self.sni = sni
self.alpn_proto_negotiated = self.get_alpn_proto_negotiated() self.alpn_proto_negotiated = self.get_alpn_proto_negotiated()
self.tls_version = self.connection.get_protocol_version_name() self.tls_version = self.connection.get_protocol_version_name()

4
mitmproxy/net/tcp.py
View File

@ -381,7 +381,7 @@ class TCPClient(_Connection):
else: else:
close_socket(self.connection) close_socket(self.connection)
def convert_to_ssl(self, sni=None, alpn_protos=None, **sslctx_kwargs): def convert_to_tls(self, sni=None, alpn_protos=None, **sslctx_kwargs):
context = tls.create_client_context( context = tls.create_client_context(
alpn_protos=alpn_protos, alpn_protos=alpn_protos,
sni=sni, sni=sni,
@ -491,7 +491,7 @@ class BaseHandler(_Connection):
self.server = server self.server = server
self.clientcert = None self.clientcert = None
def convert_to_ssl(self, cert, key, **sslctx_kwargs): def convert_to_tls(self, cert, key, **sslctx_kwargs):
""" """
Convert connection to SSL. Convert connection to SSL.
For a list of parameters, see tls.create_server_context(...) For a list of parameters, see tls.create_server_context(...)

4
mitmproxy/proxy/protocol/http_replay.py
View File

@ -75,7 +75,7 @@ class RequestReplayThread(basethread.BaseThread):
) )
if resp.status_code != 200: if resp.status_code != 200:
raise exceptions.ReplayException("Upstream server refuses CONNECT request") raise exceptions.ReplayException("Upstream server refuses CONNECT request")
server.establish_ssl( server.establish_tls(
self.options.client_certs, self.options.client_certs,
sni=self.f.server_conn.sni sni=self.f.server_conn.sni
) )
@ -90,7 +90,7 @@ class RequestReplayThread(basethread.BaseThread):
) )
server.connect() server.connect()
if r.scheme == "https": if r.scheme == "https":
server.establish_ssl( server.establish_tls(
self.options.client_certs, self.options.client_certs,
sni=self.f.server_conn.sni sni=self.f.server_conn.sni
) )

4
mitmproxy/proxy/protocol/tls.py
View File

@ -487,7 +487,7 @@ class TlsLayer(base.Layer):
extra_certs = None extra_certs = None
try: try:
self.client_conn.convert_to_ssl( self.client_conn.convert_to_tls(
cert, key, cert, key,
method=self.config.openssl_method_client, method=self.config.openssl_method_client,
options=self.config.openssl_options_client, options=self.config.openssl_options_client,
@ -543,7 +543,7 @@ class TlsLayer(base.Layer):
ciphers_server.append(CIPHER_ID_NAME_MAP[id]) ciphers_server.append(CIPHER_ID_NAME_MAP[id])
ciphers_server = ':'.join(ciphers_server) ciphers_server = ':'.join(ciphers_server)
self.server_conn.establish_ssl( self.server_conn.establish_tls(
self.config.client_certs, self.config.client_certs,
self.server_sni, self.server_sni,
method=self.config.openssl_method_server, method=self.config.openssl_method_server,

2
pathod/pathoc.py
View File

@ -313,7 +313,7 @@ class Pathoc(tcp.TCPClient):
if self.use_http2: if self.use_http2:
alpn_protos.append(b'h2') alpn_protos.append(b'h2')
self.convert_to_ssl( self.convert_to_tls(
sni=self.sni, sni=self.sni,
cert=self.clientcert, cert=self.clientcert,
method=self.ssl_version, method=self.ssl_version,

2
pathod/pathod.py
View File

@ -244,7 +244,7 @@ class PathodHandler(tcp.BaseHandler):
if self.server.ssl: if self.server.ssl:
try: try:
cert, key, _ = self.server.ssloptions.get_cert(None) cert, key, _ = self.server.ssloptions.get_cert(None)
self.convert_to_ssl( self.convert_to_tls(
cert, cert,
key, key,
handle_sni=self.handle_sni, handle_sni=self.handle_sni,

2
pathod/protocols/http.py
View File

@ -27,7 +27,7 @@ class HTTPProtocol:
cert, key, chain_file_ = self.pathod_handler.server.ssloptions.get_cert( cert, key, chain_file_ = self.pathod_handler.server.ssloptions.get_cert(
connect[0].encode() connect[0].encode()
) )
self.pathod_handler.convert_to_ssl( self.pathod_handler.convert_to_tls(
cert, cert,
key, key,
handle_sni=self.pathod_handler.handle_sni, handle_sni=self.pathod_handler.handle_sni,

52
test/mitmproxy/net/test_tcp.py
View File

@ -178,7 +178,7 @@ class TestServerSSL(tservers.ServerTestBase):
def test_echo(self): def test_echo(self):
c = tcp.TCPClient(("127.0.0.1", self.port)) c = tcp.TCPClient(("127.0.0.1", self.port))
with c.connect(): with c.connect():
c.convert_to_ssl(sni="foo.com", options=SSL.OP_ALL) c.convert_to_tls(sni="foo.com", options=SSL.OP_ALL)
testval = b"echo!\n" testval = b"echo!\n"
c.wfile.write(testval) c.wfile.write(testval)
c.wfile.flush() c.wfile.flush()
@ -188,7 +188,7 @@ class TestServerSSL(tservers.ServerTestBase):
c = tcp.TCPClient(("127.0.0.1", self.port)) c = tcp.TCPClient(("127.0.0.1", self.port))
with c.connect(): with c.connect():
assert not c.get_current_cipher() assert not c.get_current_cipher()
c.convert_to_ssl(sni="foo.com") c.convert_to_tls(sni="foo.com")
ret = c.get_current_cipher() ret = c.get_current_cipher()
assert ret assert ret
assert "AES" in ret[0] assert "AES" in ret[0]
@ -205,7 +205,7 @@ class TestSSLv3Only(tservers.ServerTestBase):
c = tcp.TCPClient(("127.0.0.1", self.port)) c = tcp.TCPClient(("127.0.0.1", self.port))
with c.connect(): with c.connect():
with pytest.raises(exceptions.TlsException): with pytest.raises(exceptions.TlsException):
c.convert_to_ssl(sni="foo.com") c.convert_to_tls(sni="foo.com")
class TestInvalidTrustFile(tservers.ServerTestBase): class TestInvalidTrustFile(tservers.ServerTestBase):
@ -213,7 +213,7 @@ class TestInvalidTrustFile(tservers.ServerTestBase):
c = tcp.TCPClient(("127.0.0.1", self.port)) c = tcp.TCPClient(("127.0.0.1", self.port))
with c.connect(): with c.connect():
with pytest.raises(exceptions.TlsException): with pytest.raises(exceptions.TlsException):
c.convert_to_ssl( c.convert_to_tls(
sni="example.mitmproxy.org", sni="example.mitmproxy.org",
verify=SSL.VERIFY_PEER, verify=SSL.VERIFY_PEER,
ca_pemfile=tutils.test_data.path("mitmproxy/net/data/verificationcerts/generate.py") ca_pemfile=tutils.test_data.path("mitmproxy/net/data/verificationcerts/generate.py")
@ -231,7 +231,7 @@ class TestSSLUpstreamCertVerificationWBadServerCert(tservers.ServerTestBase):
def test_mode_default_should_pass(self): def test_mode_default_should_pass(self):
c = tcp.TCPClient(("127.0.0.1", self.port)) c = tcp.TCPClient(("127.0.0.1", self.port))
with c.connect(): with c.connect():
c.convert_to_ssl() c.convert_to_tls()
# Verification errors should be saved even if connection isn't aborted # Verification errors should be saved even if connection isn't aborted
# aborted # aborted
@ -245,7 +245,7 @@ class TestSSLUpstreamCertVerificationWBadServerCert(tservers.ServerTestBase):
def test_mode_none_should_pass(self): def test_mode_none_should_pass(self):
c = tcp.TCPClient(("127.0.0.1", self.port)) c = tcp.TCPClient(("127.0.0.1", self.port))
with c.connect(): with c.connect():
c.convert_to_ssl(verify=SSL.VERIFY_NONE) c.convert_to_tls(verify=SSL.VERIFY_NONE)
# Verification errors should be saved even if connection isn't aborted # Verification errors should be saved even if connection isn't aborted
assert c.ssl_verification_error assert c.ssl_verification_error
@ -259,7 +259,7 @@ class TestSSLUpstreamCertVerificationWBadServerCert(tservers.ServerTestBase):
c = tcp.TCPClient(("127.0.0.1", self.port)) c = tcp.TCPClient(("127.0.0.1", self.port))
with c.connect(): with c.connect():
with pytest.raises(exceptions.InvalidCertificateException): with pytest.raises(exceptions.InvalidCertificateException):
c.convert_to_ssl( c.convert_to_tls(
sni="example.mitmproxy.org", sni="example.mitmproxy.org",
verify=SSL.VERIFY_PEER, verify=SSL.VERIFY_PEER,
ca_pemfile=tutils.test_data.path("mitmproxy/net/data/verificationcerts/trusted-root.crt") ca_pemfile=tutils.test_data.path("mitmproxy/net/data/verificationcerts/trusted-root.crt")
@ -284,7 +284,7 @@ class TestSSLUpstreamCertVerificationWBadHostname(tservers.ServerTestBase):
c = tcp.TCPClient(("127.0.0.1", self.port)) c = tcp.TCPClient(("127.0.0.1", self.port))
with c.connect(): with c.connect():
with pytest.raises(exceptions.TlsException): with pytest.raises(exceptions.TlsException):
c.convert_to_ssl( c.convert_to_tls(
verify=SSL.VERIFY_PEER, verify=SSL.VERIFY_PEER,
ca_pemfile=tutils.test_data.path("mitmproxy/net/data/verificationcerts/trusted-root.crt") ca_pemfile=tutils.test_data.path("mitmproxy/net/data/verificationcerts/trusted-root.crt")
) )
@ -292,7 +292,7 @@ class TestSSLUpstreamCertVerificationWBadHostname(tservers.ServerTestBase):
def test_mode_none_should_pass_without_sni(self): def test_mode_none_should_pass_without_sni(self):
c = tcp.TCPClient(("127.0.0.1", self.port)) c = tcp.TCPClient(("127.0.0.1", self.port))
with c.connect(): with c.connect():
c.convert_to_ssl( c.convert_to_tls(
verify=SSL.VERIFY_NONE, verify=SSL.VERIFY_NONE,
ca_path=tutils.test_data.path("mitmproxy/net/data/verificationcerts/") ca_path=tutils.test_data.path("mitmproxy/net/data/verificationcerts/")
) )
@ -303,7 +303,7 @@ class TestSSLUpstreamCertVerificationWBadHostname(tservers.ServerTestBase):
c = tcp.TCPClient(("127.0.0.1", self.port)) c = tcp.TCPClient(("127.0.0.1", self.port))
with c.connect(): with c.connect():
with pytest.raises(exceptions.InvalidCertificateException): with pytest.raises(exceptions.InvalidCertificateException):
c.convert_to_ssl( c.convert_to_tls(
sni="mitmproxy.org", sni="mitmproxy.org",
verify=SSL.VERIFY_PEER, verify=SSL.VERIFY_PEER,
ca_pemfile=tutils.test_data.path("mitmproxy/net/data/verificationcerts/trusted-root.crt") ca_pemfile=tutils.test_data.path("mitmproxy/net/data/verificationcerts/trusted-root.crt")
@ -322,7 +322,7 @@ class TestSSLUpstreamCertVerificationWValidCertChain(tservers.ServerTestBase):
def test_mode_strict_w_pemfile_should_pass(self): def test_mode_strict_w_pemfile_should_pass(self):
c = tcp.TCPClient(("127.0.0.1", self.port)) c = tcp.TCPClient(("127.0.0.1", self.port))
with c.connect(): with c.connect():
c.convert_to_ssl( c.convert_to_tls(
sni="example.mitmproxy.org", sni="example.mitmproxy.org",
verify=SSL.VERIFY_PEER, verify=SSL.VERIFY_PEER,
ca_pemfile=tutils.test_data.path("mitmproxy/net/data/verificationcerts/trusted-root.crt") ca_pemfile=tutils.test_data.path("mitmproxy/net/data/verificationcerts/trusted-root.crt")
@ -338,7 +338,7 @@ class TestSSLUpstreamCertVerificationWValidCertChain(tservers.ServerTestBase):
def test_mode_strict_w_cadir_should_pass(self): def test_mode_strict_w_cadir_should_pass(self):
c = tcp.TCPClient(("127.0.0.1", self.port)) c = tcp.TCPClient(("127.0.0.1", self.port))
with c.connect(): with c.connect():
c.convert_to_ssl( c.convert_to_tls(
sni="example.mitmproxy.org", sni="example.mitmproxy.org",
verify=SSL.VERIFY_PEER, verify=SSL.VERIFY_PEER,
ca_path=tutils.test_data.path("mitmproxy/net/data/verificationcerts/") ca_path=tutils.test_data.path("mitmproxy/net/data/verificationcerts/")
@ -372,7 +372,7 @@ class TestSSLClientCert(tservers.ServerTestBase):
def test_clientcert(self): def test_clientcert(self):
c = tcp.TCPClient(("127.0.0.1", self.port)) c = tcp.TCPClient(("127.0.0.1", self.port))
with c.connect(): with c.connect():
c.convert_to_ssl( c.convert_to_tls(
cert=tutils.test_data.path("mitmproxy/net/data/clientcert/client.pem")) cert=tutils.test_data.path("mitmproxy/net/data/clientcert/client.pem"))
assert c.rfile.readline().strip() == b"1" assert c.rfile.readline().strip() == b"1"
@ -380,7 +380,7 @@ class TestSSLClientCert(tservers.ServerTestBase):
c = tcp.TCPClient(("127.0.0.1", self.port)) c = tcp.TCPClient(("127.0.0.1", self.port))
with c.connect(): with c.connect():
with pytest.raises(exceptions.TlsException): with pytest.raises(exceptions.TlsException):
c.convert_to_ssl(cert=tutils.test_data.path("mitmproxy/net/data/clientcert/make")) c.convert_to_tls(cert=tutils.test_data.path("mitmproxy/net/data/clientcert/make"))
class TestSNI(tservers.ServerTestBase): class TestSNI(tservers.ServerTestBase):
@ -400,14 +400,14 @@ class TestSNI(tservers.ServerTestBase):
def test_echo(self): def test_echo(self):
c = tcp.TCPClient(("127.0.0.1", self.port)) c = tcp.TCPClient(("127.0.0.1", self.port))
with c.connect(): with c.connect():
c.convert_to_ssl(sni="foo.com") c.convert_to_tls(sni="foo.com")
assert c.sni == "foo.com" assert c.sni == "foo.com"
assert c.rfile.readline() == b"foo.com" assert c.rfile.readline() == b"foo.com"
def test_idn(self): def test_idn(self):
c = tcp.TCPClient(("127.0.0.1", self.port)) c = tcp.TCPClient(("127.0.0.1", self.port))
with c.connect(): with c.connect():
c.convert_to_ssl(sni="mitmproxyäöüß.example.com") c.convert_to_tls(sni="mitmproxyäöüß.example.com")
assert c.tls_established assert c.tls_established
assert "doesn't match" not in str(c.ssl_verification_error) assert "doesn't match" not in str(c.ssl_verification_error)
@ -421,7 +421,7 @@ class TestServerCipherList(tservers.ServerTestBase):
def test_echo(self): def test_echo(self):
c = tcp.TCPClient(("127.0.0.1", self.port)) c = tcp.TCPClient(("127.0.0.1", self.port))
with c.connect(): with c.connect():
c.convert_to_ssl(sni="foo.com") c.convert_to_tls(sni="foo.com")
expected = b"['AES256-GCM-SHA384']" expected = b"['AES256-GCM-SHA384']"
assert c.rfile.read(len(expected) + 2) == expected assert c.rfile.read(len(expected) + 2) == expected
@ -442,7 +442,7 @@ class TestServerCurrentCipher(tservers.ServerTestBase):
def test_echo(self): def test_echo(self):
c = tcp.TCPClient(("127.0.0.1", self.port)) c = tcp.TCPClient(("127.0.0.1", self.port))
with c.connect(): with c.connect():
c.convert_to_ssl(sni="foo.com") c.convert_to_tls(sni="foo.com")
assert b'AES256-GCM-SHA384' in c.rfile.readline() assert b'AES256-GCM-SHA384' in c.rfile.readline()
@ -456,7 +456,7 @@ class TestServerCipherListError(tservers.ServerTestBase):
c = tcp.TCPClient(("127.0.0.1", self.port)) c = tcp.TCPClient(("127.0.0.1", self.port))
with c.connect(): with c.connect():
with pytest.raises(Exception, match="handshake error"): with pytest.raises(Exception, match="handshake error"):
c.convert_to_ssl(sni="foo.com") c.convert_to_tls(sni="foo.com")
class TestClientCipherListError(tservers.ServerTestBase): class TestClientCipherListError(tservers.ServerTestBase):
@ -469,7 +469,7 @@ class TestClientCipherListError(tservers.ServerTestBase):
c = tcp.TCPClient(("127.0.0.1", self.port)) c = tcp.TCPClient(("127.0.0.1", self.port))
with c.connect(): with c.connect():
with pytest.raises(Exception, match="cipher specification"): with pytest.raises(Exception, match="cipher specification"):
c.convert_to_ssl(sni="foo.com", cipher_list="bogus") c.convert_to_tls(sni="foo.com", cipher_list="bogus")
class TestSSLDisconnect(tservers.ServerTestBase): class TestSSLDisconnect(tservers.ServerTestBase):
@ -484,7 +484,7 @@ class TestSSLDisconnect(tservers.ServerTestBase):
def test_echo(self): def test_echo(self):
c = tcp.TCPClient(("127.0.0.1", self.port)) c = tcp.TCPClient(("127.0.0.1", self.port))
with c.connect(): with c.connect():
c.convert_to_ssl() c.convert_to_tls()
# Excercise SSL.ZeroReturnError # Excercise SSL.ZeroReturnError
c.rfile.read(10) c.rfile.read(10)
c.close() c.close()
@ -501,7 +501,7 @@ class TestSSLHardDisconnect(tservers.ServerTestBase):
def test_echo(self): def test_echo(self):
c = tcp.TCPClient(("127.0.0.1", self.port)) c = tcp.TCPClient(("127.0.0.1", self.port))
with c.connect(): with c.connect():
c.convert_to_ssl() c.convert_to_tls()
# Exercise SSL.SysCallError # Exercise SSL.SysCallError
c.rfile.read(10) c.rfile.read(10)
c.close() c.close()
@ -565,7 +565,7 @@ class TestALPNClient(tservers.ServerTestBase):
def test_alpn(self, monkeypatch, alpn_protos, expected_negotiated, expected_response): def test_alpn(self, monkeypatch, alpn_protos, expected_negotiated, expected_response):
c = tcp.TCPClient(("127.0.0.1", self.port)) c = tcp.TCPClient(("127.0.0.1", self.port))
with c.connect(): with c.connect():
c.convert_to_ssl(alpn_protos=alpn_protos) c.convert_to_tls(alpn_protos=alpn_protos)
assert c.get_alpn_proto_negotiated() == expected_negotiated assert c.get_alpn_proto_negotiated() == expected_negotiated
assert c.rfile.readline().strip() == expected_response assert c.rfile.readline().strip() == expected_response
@ -587,7 +587,7 @@ class TestSSLTimeOut(tservers.ServerTestBase):
def test_timeout_client(self): def test_timeout_client(self):
c = tcp.TCPClient(("127.0.0.1", self.port)) c = tcp.TCPClient(("127.0.0.1", self.port))
with c.connect(): with c.connect():
c.convert_to_ssl() c.convert_to_tls()
c.settimeout(0.1) c.settimeout(0.1)
with pytest.raises(exceptions.TcpTimeout): with pytest.raises(exceptions.TcpTimeout):
c.rfile.read(10) c.rfile.read(10)
@ -605,7 +605,7 @@ class TestDHParams(tservers.ServerTestBase):
def test_dhparams(self): def test_dhparams(self):
c = tcp.TCPClient(("127.0.0.1", self.port)) c = tcp.TCPClient(("127.0.0.1", self.port))
with c.connect(): with c.connect():
c.convert_to_ssl() c.convert_to_tls()
ret = c.get_current_cipher() ret = c.get_current_cipher()
assert ret[0] == "DHE-RSA-AES256-SHA" assert ret[0] == "DHE-RSA-AES256-SHA"
@ -801,5 +801,5 @@ class TestPeekSSL(TestPeek):
def _connect(self, c): def _connect(self, c):
with c.connect() as conn: with c.connect() as conn:
c.convert_to_ssl() c.convert_to_tls()
return conn.pop() return conn.pop()

2
test/mitmproxy/net/test_tls.py
View File

@ -22,7 +22,7 @@ class TestMasterSecretLogger(tservers.ServerTestBase):
c = TCPClient(("127.0.0.1", self.port)) c = TCPClient(("127.0.0.1", self.port))
with c.connect(): with c.connect():
c.convert_to_ssl() c.convert_to_tls()
c.wfile.write(testval) c.wfile.write(testval)
c.wfile.flush() c.wfile.flush()
assert c.rfile.readline() == testval assert c.rfile.readline() == testval

2
test/mitmproxy/net/tools/getcertnames
View File

@ -7,7 +7,7 @@ from mitmproxy.net import tcp
def get_remote_cert(host, port, sni): def get_remote_cert(host, port, sni):
c = tcp.TCPClient((host, port)) c = tcp.TCPClient((host, port))
c.connect() c.connect()
c.convert_to_ssl(sni=sni) c.convert_to_tls(sni=sni)
return c.cert return c.cert
if len(sys.argv) > 2: if len(sys.argv) > 2:

2
test/mitmproxy/net/tservers.py
View File

@ -60,7 +60,7 @@ class _TServer(tcp.TCPServer):
else: else:
method = OpenSSL.SSL.SSLv23_METHOD method = OpenSSL.SSL.SSLv23_METHOD
options = None options = None
h.convert_to_ssl( h.convert_to_tls(
cert, cert,
key, key,
method=method, method=method,

2
test/mitmproxy/proxy/protocol/test_http2.py
View File

@ -141,7 +141,7 @@ class _Http2TestBase:
while self.client.rfile.readline() != b"\r\n": while self.client.rfile.readline() != b"\r\n":
pass pass
self.client.convert_to_ssl(alpn_protos=[b'h2']) self.client.convert_to_tls(alpn_protos=[b'h2'])
config = h2.config.H2Configuration( config = h2.config.H2Configuration(
client_side=True, client_side=True,

2
test/mitmproxy/proxy/protocol/test_websocket.py
View File

@ -101,7 +101,7 @@ class _WebSocketTestBase:
response = http.http1.read_response(self.client.rfile, request) response = http.http1.read_response(self.client.rfile, request)
if self.ssl: if self.ssl:
self.client.convert_to_ssl() self.client.convert_to_tls()
assert self.client.tls_established assert self.client.tls_established
request = http.Request( request = http.Request(

2
test/mitmproxy/proxy/test_server.py
View File

@ -579,7 +579,7 @@ class TestSocks5SSL(tservers.SocksModeTest):
p = self.pathoc_raw() p = self.pathoc_raw()
with p.connect(): with p.connect():
p.socks_connect(("localhost", self.server.port)) p.socks_connect(("localhost", self.server.port))
p.convert_to_ssl() p.convert_to_tls()
f = p.request("get:/p/200") f = p.request("get:/p/200")
assert f.status_code == 200 assert f.status_code == 200

6
test/mitmproxy/test_connections.py
View File

@ -155,7 +155,7 @@ class TestServerConnection:
def test_sni(self): def test_sni(self):
c = connections.ServerConnection(('', 1234)) c = connections.ServerConnection(('', 1234))
with pytest.raises(ValueError, matches='sni must be str, not '): with pytest.raises(ValueError, matches='sni must be str, not '):
c.establish_ssl(None, b'foobar') c.establish_tls(None, b'foobar')
def test_state(self): def test_state(self):
c = tflow.tserver_conn() c = tflow.tserver_conn()
@ -206,7 +206,7 @@ class TestClientConnectionTLS:
key = OpenSSL.crypto.load_privatekey( key = OpenSSL.crypto.load_privatekey(
OpenSSL.crypto.FILETYPE_PEM, OpenSSL.crypto.FILETYPE_PEM,
raw_key) raw_key)
c.convert_to_ssl(cert, key) c.convert_to_tls(cert, key)
assert c.connected() assert c.connected()
assert c.sni == sni assert c.sni == sni
assert c.tls_established assert c.tls_established
@ -230,7 +230,7 @@ class TestServerConnectionTLS(tservers.ServerTestBase):
def test_tls(self, clientcert): def test_tls(self, clientcert):
c = connections.ServerConnection(("127.0.0.1", self.port)) c = connections.ServerConnection(("127.0.0.1", self.port))
c.connect() c.connect()
c.establish_ssl(clientcert, "foo.com") c.establish_tls(clientcert, "foo.com")
assert c.connected() assert c.connected()
assert c.sni == "foo.com" assert c.sni == "foo.com"
assert c.tls_established assert c.tls_established

16
test/pathod/protocols/test_http2.py
View File

@ -75,7 +75,7 @@ class TestCheckALPNMatch(net_tservers.ServerTestBase):
def test_check_alpn(self): def test_check_alpn(self):
c = tcp.TCPClient(("127.0.0.1", self.port)) c = tcp.TCPClient(("127.0.0.1", self.port))
with c.connect(): with c.connect():
c.convert_to_ssl(alpn_protos=[b'h2']) c.convert_to_tls(alpn_protos=[b'h2'])
protocol = HTTP2StateProtocol(c) protocol = HTTP2StateProtocol(c)
assert protocol.check_alpn() assert protocol.check_alpn()
@ -89,7 +89,7 @@ class TestCheckALPNMismatch(net_tservers.ServerTestBase):
def test_check_alpn(self): def test_check_alpn(self):
c = tcp.TCPClient(("127.0.0.1", self.port)) c = tcp.TCPClient(("127.0.0.1", self.port))
with c.connect(): with c.connect():
c.convert_to_ssl(alpn_protos=[b'h2']) c.convert_to_tls(alpn_protos=[b'h2'])
protocol = HTTP2StateProtocol(c) protocol = HTTP2StateProtocol(c)
with pytest.raises(NotImplementedError): with pytest.raises(NotImplementedError):
protocol.check_alpn() protocol.check_alpn()
@ -207,7 +207,7 @@ class TestApplySettings(net_tservers.ServerTestBase):
def test_apply_settings(self): def test_apply_settings(self):
c = tcp.TCPClient(("127.0.0.1", self.port)) c = tcp.TCPClient(("127.0.0.1", self.port))
with c.connect(): with c.connect():
c.convert_to_ssl() c.convert_to_tls()
protocol = HTTP2StateProtocol(c) protocol = HTTP2StateProtocol(c)
protocol._apply_settings({ protocol._apply_settings({
@ -302,7 +302,7 @@ class TestReadRequest(net_tservers.ServerTestBase):
def test_read_request(self): def test_read_request(self):
c = tcp.TCPClient(("127.0.0.1", self.port)) c = tcp.TCPClient(("127.0.0.1", self.port))
with c.connect(): with c.connect():
c.convert_to_ssl() c.convert_to_tls()
protocol = HTTP2StateProtocol(c, is_server=True) protocol = HTTP2StateProtocol(c, is_server=True)
protocol.connection_preface_performed = True protocol.connection_preface_performed = True
@ -328,7 +328,7 @@ class TestReadRequestRelative(net_tservers.ServerTestBase):
def test_asterisk_form(self): def test_asterisk_form(self):
c = tcp.TCPClient(("127.0.0.1", self.port)) c = tcp.TCPClient(("127.0.0.1", self.port))
with c.connect(): with c.connect():
c.convert_to_ssl() c.convert_to_tls()
protocol = HTTP2StateProtocol(c, is_server=True) protocol = HTTP2StateProtocol(c, is_server=True)
protocol.connection_preface_performed = True protocol.connection_preface_performed = True
@ -351,7 +351,7 @@ class TestReadRequestAbsolute(net_tservers.ServerTestBase):
def test_absolute_form(self): def test_absolute_form(self):
c = tcp.TCPClient(("127.0.0.1", self.port)) c = tcp.TCPClient(("127.0.0.1", self.port))
with c.connect(): with c.connect():
c.convert_to_ssl() c.convert_to_tls()
protocol = HTTP2StateProtocol(c, is_server=True) protocol = HTTP2StateProtocol(c, is_server=True)
protocol.connection_preface_performed = True protocol.connection_preface_performed = True
@ -378,7 +378,7 @@ class TestReadResponse(net_tservers.ServerTestBase):
def test_read_response(self): def test_read_response(self):
c = tcp.TCPClient(("127.0.0.1", self.port)) c = tcp.TCPClient(("127.0.0.1", self.port))
with c.connect(): with c.connect():
c.convert_to_ssl() c.convert_to_tls()
protocol = HTTP2StateProtocol(c) protocol = HTTP2StateProtocol(c)
protocol.connection_preface_performed = True protocol.connection_preface_performed = True
@ -404,7 +404,7 @@ class TestReadEmptyResponse(net_tservers.ServerTestBase):
def test_read_empty_response(self): def test_read_empty_response(self):
c = tcp.TCPClient(("127.0.0.1", self.port)) c = tcp.TCPClient(("127.0.0.1", self.port))
with c.connect(): with c.connect():
c.convert_to_ssl() c.convert_to_tls()
protocol = HTTP2StateProtocol(c) protocol = HTTP2StateProtocol(c)
protocol.connection_preface_performed = True protocol.connection_preface_performed = True

8
test/pathod/test_pathoc.py
View File

@ -238,11 +238,11 @@ class TestDaemonHTTP2(PathocTestDaemon):
http2_skip_connection_preface=True, http2_skip_connection_preface=True,
) )
tmp_convert_to_ssl = c.convert_to_ssl tmp_convert_to_tls = c.convert_to_tls
c.convert_to_ssl = Mock() c.convert_to_tls = Mock()
c.convert_to_ssl.side_effect = tmp_convert_to_ssl c.convert_to_tls.side_effect = tmp_convert_to_tls
with c.connect(): with c.connect():
_, kwargs = c.convert_to_ssl.call_args _, kwargs = c.convert_to_tls.call_args
assert set(kwargs['alpn_protos']) == set([b'http/1.1', b'h2']) assert set(kwargs['alpn_protos']) == set([b'http/1.1', b'h2'])
def test_request(self): def test_request(self):

4
test/pathod/test_pathod.py
View File

@ -153,7 +153,7 @@ class CommonTests(tservers.DaemonTests):
c = tcp.TCPClient(("localhost", self.d.port)) c = tcp.TCPClient(("localhost", self.d.port))
with c.connect(): with c.connect():
if self.ssl: if self.ssl:
c.convert_to_ssl() c.convert_to_tls()
c.wfile.write(b"foo\n\n\n") c.wfile.write(b"foo\n\n\n")
c.wfile.flush() c.wfile.flush()
l = self.d.last_log() l = self.d.last_log()
@ -241,7 +241,7 @@ class TestDaemonSSL(CommonTests):
with c.connect(): with c.connect():
c.wfile.write(b"\0\0\0\0") c.wfile.write(b"\0\0\0\0")
with pytest.raises(exceptions.TlsException): with pytest.raises(exceptions.TlsException):
c.convert_to_ssl() c.convert_to_tls()
l = self.d.last_log() l = self.d.last_log()
assert l["type"] == "error" assert l["type"] == "error"
assert "SSL" in l["msg"] assert "SSL" in l["msg"]