def setUpClass(cls):
cls.selfSigned = spoof.SelfSignedSSLContext()
cls.sslContext = cls.selfSigned.sslContext
cls.httpd = spoof.HTTPServer(sslContext=cls.sslContext)
cls.httpd6 = spoof.HTTPServer6("::1", sslContext=cls.sslContext)
cls.httpd.start()
cls.httpd6.start()
def test_Server_get_upstream_gets_server_instance(self):
randupstream = True
with spoof.HTTPServer() as httpd:
httpd.upstream = randupstream
expected = httpd.server.upstream
result = httpd.upstream
self.assertEqual(expected, result)
def test_Server_get_timeout_gets_server_instance(self):
randTimeout = random.randint(1, 300)
with spoof.HTTPServer() as httpd:
httpd.timeout = randTimeout
expected = httpd.server.timeout
result = httpd.timeout
self.assertEqual(expected, result)
def test_spoof_https_site_through_https_proxy(self):
# This is a proof-of-concept for proxying HTTPS requests through an
# HTTPS server. Typically, HTTPS requests are proxied via CONNECT verb
# on a plain-text HTTP server. This means proxy credentials are sent
# in the clear, as well as the intended destination. Proxying via HTTPS
# allows these to be nominally protected. At this time, no major
# HTTP libraries support proxying HTTPS requests through HTTPS servers,
# so the actual request portion of the test is quite crude, reading and
# writing directly to sockets. The use of the `ssl.SSLContext.wrap_bio`
# method allows arbitrary SSL I/O, provided data is written to and read
# out of BIO instances. This is required as it's not possible to for an
# `ssl.SSLContext` socket to wrap another `ssl.SSLContext` socket.
expected = upstream_content = b"octet-comeback-squirmy"
chunk_size = 4096
httpd = spoof.HTTPServer(
sslContext=spoof.SSLContext.fromCertChain(self.cert, self.key))
httpd.defaultResponse = [200, [], ""]
httpd.start()
httpd.upstream = spoof.HTTPUpstreamServer(
sslContext=spoof.SSLContext.fromCertChain(self.cert, self.key))
httpd.upstream.defaultResponse = [200, [], upstream_content]
httpd.upstream.start()
client = ssl.create_default_context(cafile=self.cert).wrap_socket(
socket.create_connection(httpd.serverAddress),
server_hostname=httpd.address)
client.sendall(b"CONNECT google.com HTTP/1.0\r\n\r\n")
client.recv(chunk_size) # response headers
tunnel_in = ssl.MemoryBIO()
tunnel_out = ssl.MemoryBIO()
tunnel = ssl.create_default_context(cafile=self.cert).wrap_bio(
tunnel_in, tunnel_out, server_hostname="google.com")
tunnel_cmd = functools.partial(utils.ssl_io_loop, client, tunnel_in,
tunnel_out)
tunnel_cmd(tunnel.do_handshake)
tunnel_cmd(tunnel.write, b"GET / HTTP/1.0\r\n\r\n")
tunnel_cmd(tunnel.read, chunk_size) # response headers
result = tunnel_cmd(tunnel.read, chunk_size)
client.close()
httpd.upstream.stop()
httpd.stop()
self.assertEqual(expected, result)
def setUp(self):
self.httpd = spoof.HTTPServer()
self.httpd.start()
self.session = requests.Session()
def test_spoof_selfSigned_raises_exception_on_connect(self):
sslContext = spoof.SSLContext.selfSigned()
httpd = spoof.HTTPServer(sslContext=sslContext)
with self.assertRaises(requests.ConnectionError):
self.session.get(httpd.url + "/random")
def test_Server_server_is_None_outside_context_manager(self):
with spoof.HTTPServer() as httpd:
pass
self.assertIsNone(httpd.server)
def test_Server_server_not_None_inside_context_manager(self):
with spoof.HTTPServer() as httpd:
self.assertIsNotNone(httpd.server)
def test_Server_context_manager_returns_HTTPServer_instance(self):
with spoof.HTTPServer() as httpd:
self.assertIsInstance(httpd, spoof.HTTPServer)
def setUp(self):
self.httpd = spoof.HTTPServer()
