Rooba
/
mitmproxy
mirror of https://github.com/mitmproxy/mitmproxy.git
1
1
Fork 0
Code Issues Packages Projects Releases Wiki Activity

unify SSL version/method handling

This commit is contained in:
Thomas Kriechbaumer 2015-06-22 20:38:53 +02:00
parent 7a3623a14e
commit 5d63afdc6d
5 changed files with 27 additions and 26 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
libpathod/pathoc.py
View File

@ -154,7 +154,7 @@ class Pathoc(tcp.TCPClient):
# SSL # SSL
ssl=None, ssl=None,
sni=None, sni=None,
sslversion='SSLv23', ssl_version=tcp.SSL_DEFAULT_METHOD,
clientcert=None, clientcert=None,
ciphers=None, ciphers=None,
@ -193,7 +193,7 @@ class Pathoc(tcp.TCPClient):
self.ssl, self.sni = ssl, sni self.ssl, self.sni = ssl, sni
self.clientcert = clientcert self.clientcert = clientcert
self.sslversion = utils.SSLVERSIONS[sslversion] self.ssl_version = ssl_version
self.ciphers = ciphers self.ciphers = ciphers
self.sslinfo = None self.sslinfo = None
@ -280,7 +280,7 @@ class Pathoc(tcp.TCPClient):
self.convert_to_ssl( self.convert_to_ssl(
sni=self.sni, sni=self.sni,
cert=self.clientcert, cert=self.clientcert,
method=self.sslversion, method=self.ssl_version,
cipher_list=self.ciphers, cipher_list=self.ciphers,
alpn_protos=alpn_protos alpn_protos=alpn_protos
) )
@ -461,7 +461,7 @@ def main(args): # pragma: nocover
(args.host, args.port), (args.host, args.port),
ssl=args.ssl, ssl=args.ssl,
sni=args.sni, sni=args.sni,
sslversion=args.sslversion, ssl_version=args.ssl_version,
clientcert=args.clientcert, clientcert=args.clientcert,
ciphers=args.ciphers, ciphers=args.ciphers,
use_http2=args.use_http2, use_http2=args.use_http2,

14
libpathod/pathoc_cmdline.py
View File

@ -1,9 +1,9 @@
#!/usr/bin/env python
import sys import sys
import argparse import argparse
import os import os
import os.path import os.path
from netlib import http_uastrings
from netlib import http_uastrings, tcp
from . import pathoc, version, utils, language from . import pathoc, version, utils, language
@ -108,10 +108,11 @@ def args_pathoc(argv, stdout=sys.stdout, stderr=sys.stderr):
help="SSL cipher specification" help="SSL cipher specification"
) )
group.add_argument( group.add_argument(
"--sslversion", dest="sslversion", type=str, default='SSLv23', "--ssl-version", dest="ssl_version", type=str, default=tcp.SSL_DEFAULT_VERSION,
choices=utils.SSLVERSIONS.keys(), choices=tcp.SSL_VERSIONS.keys(),
help="""" help=""""
Use a specified protocol - TLSv1.2, TLSv1.1, TLSv1, SSLv3, SSLv2, SSLv23. Use a specified protocol:
TLSv1.2, TLSv1.1, TLSv1, SSLv3, SSLv2, SSLv23.
Default to SSLv23.""" Default to SSLv23."""
) )
@ -161,6 +162,8 @@ def args_pathoc(argv, stdout=sys.stdout, stderr=sys.stderr):
args = parser.parse_args(argv[1:]) args = parser.parse_args(argv[1:])
args.ssl_version = tcp.SSL_VERSIONS[args.ssl_version]
args.port = None args.port = None
if ":" in args.host: if ":" in args.host:
h, p = args.host.rsplit(":", 1) h, p = args.host.rsplit(":", 1)
@ -215,6 +218,7 @@ def args_pathoc(argv, stdout=sys.stdout, stderr=sys.stderr):
print >> stderr, v.marked() print >> stderr, v.marked()
sys.exit(1) sys.exit(1)
args.requests = reqs args.requests = reqs
return args return args

10
libpathod/pathod.py
View File

@ -37,7 +37,7 @@ class SSLOptions(object):
sans=(), sans=(),
not_after_connect=None, not_after_connect=None,
request_client_cert=False, request_client_cert=False,
sslversion=tcp.SSLv23_METHOD, ssl_version=tcp.SSL_DEFAULT_METHOD,
ciphers=None, ciphers=None,
certs=None, certs=None,
alpn_select=http2.HTTP2Protocol.ALPN_PROTO_H2, alpn_select=http2.HTTP2Protocol.ALPN_PROTO_H2,
@ -47,7 +47,7 @@ class SSLOptions(object):
self.sans = sans self.sans = sans
self.not_after_connect = not_after_connect self.not_after_connect = not_after_connect
self.request_client_cert = request_client_cert self.request_client_cert = request_client_cert
self.sslversion = sslversion self.ssl_version = ssl_version
self.ciphers = ciphers self.ciphers = ciphers
self.alpn_select = alpn_select self.alpn_select = alpn_select
self.certstore = certutils.CertStore.from_store( self.certstore = certutils.CertStore.from_store(
@ -181,7 +181,7 @@ class PathodHandler(tcp.BaseHandler):
handle_sni=self._handle_sni, handle_sni=self._handle_sni,
request_client_cert=self.server.ssloptions.request_client_cert, request_client_cert=self.server.ssloptions.request_client_cert,
cipher_list=self.server.ssloptions.ciphers, cipher_list=self.server.ssloptions.ciphers,
method=self.server.ssloptions.sslversion, method=self.server.ssloptions.ssl_version,
alpn_select=self.server.ssloptions.alpn_select, alpn_select=self.server.ssloptions.alpn_select,
) )
except tcp.NetLibError as v: except tcp.NetLibError as v:
@ -403,7 +403,7 @@ class PathodHandler(tcp.BaseHandler):
handle_sni=self._handle_sni, handle_sni=self._handle_sni,
request_client_cert=self.server.ssloptions.request_client_cert, request_client_cert=self.server.ssloptions.request_client_cert,
cipher_list=self.server.ssloptions.ciphers, cipher_list=self.server.ssloptions.ciphers,
method=self.server.ssloptions.sslversion, method=self.server.ssloptions.ssl_version,
alpn_select=self.server.ssloptions.alpn_select, alpn_select=self.server.ssloptions.alpn_select,
) )
except tcp.NetLibError as v: except tcp.NetLibError as v:
@ -592,7 +592,7 @@ def main(args): # pragma: nocover
confdir=args.confdir, confdir=args.confdir,
not_after_connect=args.ssl_not_after_connect, not_after_connect=args.ssl_not_after_connect,
ciphers=args.ciphers, ciphers=args.ciphers,
sslversion=utils.SSLVERSIONS[args.sslversion], ssl_version=args.ssl_version,
certs=args.ssl_certs, certs=args.ssl_certs,
sans=args.sans, sans=args.sans,
) )

13
libpathod/pathod_cmdline.py
View File

@ -1,9 +1,10 @@
#!/usr/bin/env python
import sys import sys
import argparse import argparse
import os import os
import os.path import os.path
import re import re
from netlib import tcp
from . import pathod, version, utils from . import pathod, version, utils
@ -138,10 +139,11 @@ def args_pathod(argv, stdout_=sys.stdout, stderr_=sys.stderr):
""" """
) )
group.add_argument( group.add_argument(
"--sslversion", dest="sslversion", type=str, default='SSLv23', "--ssl-version", dest="ssl_version", type=str, default=tcp.SSL_DEFAULT_VERSION,
choices=utils.SSLVERSIONS.keys(), choices=tcp.SSL_VERSIONS.keys(),
help="""" help=""""
Use a specified protocol - TLSv1.2, TLSv1.1, TLSv1, SSLv3, SSLv2, SSLv23. Use a specified protocol:
TLSv1.2, TLSv1.1, TLSv1, SSLv3, SSLv2, SSLv23.
Default to SSLv23.""" Default to SSLv23."""
) )
@ -180,6 +182,8 @@ def args_pathod(argv, stdout_=sys.stdout, stderr_=sys.stderr):
args = parser.parse_args(argv[1:]) args = parser.parse_args(argv[1:])
args.ssl_version = tcp.SSL_VERSIONS[args.ssl_version]
certs = [] certs = []
for i in args.ssl_certs: for i in args.ssl_certs:
parts = i.split("=", 1) parts = i.split("=", 1)
@ -220,6 +224,7 @@ def args_pathod(argv, stdout_=sys.stdout, stderr_=sys.stderr):
return parser.error("Invalid regex in anchor: %s" % patt) return parser.error("Invalid regex in anchor: %s" % patt)
anchors.append((arex, spec)) anchors.append((arex, spec))
args.anchors = anchors args.anchors = anchors
return args return args

8
libpathod/utils.py
View File

@ -2,14 +2,6 @@ import os
import sys import sys
from netlib import tcp from netlib import tcp
SSLVERSIONS = {
'TLSv1.2': tcp.TLSv1_2_METHOD,
'TLSv1.1': tcp.TLSv1_1_METHOD,
'TLSv1': tcp.TLSv1_METHOD,
'SSLv3': tcp.SSLv3_METHOD,
'SSLv2': tcp.SSLv2_METHOD,
'SSLv23': tcp.SSLv23_METHOD,
}
SIZE_UNITS = dict( SIZE_UNITS = dict(
b=1024 ** 0, b=1024 ** 0,