def setUpClass(cls): cls.selfSigned = spoof.SelfSignedSSLContext() cls.sslContext = cls.selfSigned.sslContext cls.httpd = spoof.HTTPServer(sslContext=cls.sslContext) cls.httpd6 = spoof.HTTPServer6("::1", sslContext=cls.sslContext) cls.httpd.start() cls.httpd6.start()
def test_Server_get_upstream_gets_server_instance(self): randupstream = True with spoof.HTTPServer() as httpd: httpd.upstream = randupstream expected = httpd.server.upstream result = httpd.upstream self.assertEqual(expected, result)
def test_Server_get_timeout_gets_server_instance(self): randTimeout = random.randint(1, 300) with spoof.HTTPServer() as httpd: httpd.timeout = randTimeout expected = httpd.server.timeout result = httpd.timeout self.assertEqual(expected, result)
def test_spoof_https_site_through_https_proxy(self): # This is a proof-of-concept for proxying HTTPS requests through an # HTTPS server. Typically, HTTPS requests are proxied via CONNECT verb # on a plain-text HTTP server. This means proxy credentials are sent # in the clear, as well as the intended destination. Proxying via HTTPS # allows these to be nominally protected. At this time, no major # HTTP libraries support proxying HTTPS requests through HTTPS servers, # so the actual request portion of the test is quite crude, reading and # writing directly to sockets. The use of the `ssl.SSLContext.wrap_bio` # method allows arbitrary SSL I/O, provided data is written to and read # out of BIO instances. This is required as it's not possible to for an # `ssl.SSLContext` socket to wrap another `ssl.SSLContext` socket. expected = upstream_content = b"octet-comeback-squirmy" chunk_size = 4096 httpd = spoof.HTTPServer( sslContext=spoof.SSLContext.fromCertChain(self.cert, self.key)) httpd.defaultResponse = [200, [], ""] httpd.start() httpd.upstream = spoof.HTTPUpstreamServer( sslContext=spoof.SSLContext.fromCertChain(self.cert, self.key)) httpd.upstream.defaultResponse = [200, [], upstream_content] httpd.upstream.start() client = ssl.create_default_context(cafile=self.cert).wrap_socket( socket.create_connection(httpd.serverAddress), server_hostname=httpd.address) client.sendall(b"CONNECT google.com HTTP/1.0\r\n\r\n") client.recv(chunk_size) # response headers tunnel_in = ssl.MemoryBIO() tunnel_out = ssl.MemoryBIO() tunnel = ssl.create_default_context(cafile=self.cert).wrap_bio( tunnel_in, tunnel_out, server_hostname="google.com") tunnel_cmd = functools.partial(utils.ssl_io_loop, client, tunnel_in, tunnel_out) tunnel_cmd(tunnel.do_handshake) tunnel_cmd(tunnel.write, b"GET / HTTP/1.0\r\n\r\n") tunnel_cmd(tunnel.read, chunk_size) # response headers result = tunnel_cmd(tunnel.read, chunk_size) client.close() httpd.upstream.stop() httpd.stop() self.assertEqual(expected, result)
def setUp(self): self.httpd = spoof.HTTPServer() self.httpd.start() self.session = requests.Session()
def test_spoof_selfSigned_raises_exception_on_connect(self): sslContext = spoof.SSLContext.selfSigned() httpd = spoof.HTTPServer(sslContext=sslContext) with self.assertRaises(requests.ConnectionError): self.session.get(httpd.url + "/random")
def test_Server_server_is_None_outside_context_manager(self): with spoof.HTTPServer() as httpd: pass self.assertIsNone(httpd.server)
def test_Server_server_not_None_inside_context_manager(self): with spoof.HTTPServer() as httpd: self.assertIsNotNone(httpd.server)
def test_Server_context_manager_returns_HTTPServer_instance(self): with spoof.HTTPServer() as httpd: self.assertIsInstance(httpd, spoof.HTTPServer)
def setUp(self): self.httpd = spoof.HTTPServer()