From e2e728d0af4305c353ae026362fee96e94482258 Mon Sep 17 00:00:00 2001 From: Maximilian Hils Date: Thu, 13 Oct 2022 14:33:55 +0200 Subject: [PATCH] Update pyOpenSSL (#5639) * [requires.io] dependency update * [requires.io] dependency update * [requires.io] dependency update * [requires.io] dependency update * [requires.io] dependency update * [requires.io] dependency update * [requires.io] dependency update * [requires.io] dependency update * [requires.io] dependency update * [requires.io] dependency update * [requires.io] dependency update * [requires.io] dependency update * Update setup.py * use latest pyOpenSSL APIs Co-authored-by: requires.io --- mitmproxy/addons/tlsconfig.py | 7 ++----- setup.py | 10 +++++----- test/mitmproxy/net/test_tls.py | 7 ++----- tox.ini | 6 +++--- 4 files changed, 12 insertions(+), 18 deletions(-) diff --git a/mitmproxy/addons/tlsconfig.py b/mitmproxy/addons/tlsconfig.py index 25adfa71b..ef015562f 100644 --- a/mitmproxy/addons/tlsconfig.py +++ b/mitmproxy/addons/tlsconfig.py @@ -175,11 +175,8 @@ class TlsConfig: ) tls_start.ssl_conn = SSL.Connection(ssl_ctx) - # Use pyOpenSSL API once it has shipped: https://github.com/pyca/pyopenssl/pull/1121 - ok = SSL._lib.SSL_use_certificate(tls_start.ssl_conn._ssl, entry.cert.to_pyopenssl()._x509) # type: ignore - SSL._openssl_assert(ok == 1) # type: ignore - ok = SSL._lib.SSL_use_PrivateKey(tls_start.ssl_conn._ssl, crypto.PKey.from_cryptography_key(entry.privatekey)._pkey) # type: ignore - SSL._openssl_assert(ok == 1) # type: ignore + tls_start.ssl_conn.use_certificate(entry.cert.to_pyopenssl()) + tls_start.ssl_conn.use_privatekey(crypto.PKey.from_cryptography_key(entry.privatekey)) # Force HTTP/1 for secure web proxies, we currently don't support CONNECT over HTTP/2. # There is a proof-of-concept branch at https://github.com/mhils/mitmproxy/tree/http2-proxy, diff --git a/setup.py b/setup.py index b7968f3da..5c2c4efc1 100644 --- a/setup.py +++ b/setup.py @@ -77,7 +77,7 @@ setup( "certifi>=2019.9.11", # no semver here - this should always be on the last release! "cryptography>=38.0,<38.1", "flask>=1.1.1,<2.3", - "h11>=0.11,<0.14", + "h11>=0.11,<0.15", "h2>=4.1,<5", "hyperframe>=6.0,<7", "kaitaistruct>=0.10,<0.11", @@ -86,7 +86,7 @@ setup( "msgpack>=1.0.0, <1.1.0", "passlib>=1.6.5, <1.8", "protobuf>=3.14,<5", - "pyOpenSSL>=22.0,<22.1", + "pyOpenSSL>=22.1,<22.2", "pyparsing>=2.4.2,<3.1", "pyperclip>=1.6.0,<1.9", "ruamel.yaml>=0.16,<0.18", @@ -96,7 +96,7 @@ setup( "wsproto>=1.0,<1.3", "publicsuffix2>=2.20190812,<3", "zstandard>=0.11,<0.19", - "typing-extensions>=4.3,<4.4; python_version<'3.10'", + "typing-extensions>=4.3,<4.5; python_version<'3.10'", ], extras_require={ ':sys_platform == "win32"': [ @@ -107,9 +107,9 @@ setup( "hypothesis>=5.8,<7", "parver>=0.1,<2.0", "pdoc>=4.0.0", - "pyinstaller==5.4.1", + "pyinstaller==5.5", "pytest-asyncio>=0.17,<0.20", - "pytest-cov>=2.7.1,<3.1", + "pytest-cov>=2.7.1,<4.1", "pytest-timeout>=1.3.3,<2.2", "pytest-xdist>=2.1.0,<3", "pytest>=6.1.0,<8", diff --git a/test/mitmproxy/net/test_tls.py b/test/mitmproxy/net/test_tls.py index 900160329..c4fb16062 100644 --- a/test/mitmproxy/net/test_tls.py +++ b/test/mitmproxy/net/test_tls.py @@ -47,11 +47,8 @@ def test_sslkeylogfile(tdata, monkeypatch): server = SSL.Connection(sctx) server.set_accept_state() - # Use pyOpenSSL API once it has shipped: https://github.com/pyca/pyopenssl/pull/1121 - ok = SSL._lib.SSL_use_certificate(server._ssl, entry.cert.to_pyopenssl()._x509) # type: ignore - SSL._openssl_assert(ok == 1) # type: ignore - ok = SSL._lib.SSL_use_PrivateKey(server._ssl, crypto.PKey.from_cryptography_key(entry.privatekey)._pkey) # type: ignore - SSL._openssl_assert(ok == 1) # type: ignore + server.use_certificate(entry.cert.to_pyopenssl()) + server.use_privatekey(crypto.PKey.from_cryptography_key(entry.privatekey)) client = SSL.Connection(cctx) client.set_connect_state() diff --git a/tox.ini b/tox.ini index 029e480e3..51e1dcb28 100644 --- a/tox.ini +++ b/tox.ini @@ -29,13 +29,13 @@ commands = [testenv:mypy] deps = - mypy==0.971 + mypy==0.982 types-certifi==2021.10.8.3 types-Flask==1.1.6 types-Werkzeug==1.0.9 - types-requests==2.28.10 + types-requests==2.28.11.2 types-cryptography==3.3.23 - types-pyOpenSSL==22.0.10 + types-pyOpenSSL==22.1.0.0 -e .[dev] commands =