def handle(self):
with tutils.tmpdir() as d:
ca1 = certutils.CertStore.from_store(d, "test2")
ca2 = certutils.CertStore.from_store(d, "test3")
cert, _, _ = ca1.get_cert("foo.com", [])
key = ca2.gen_pkey(cert)
self.convert_to_ssl(cert, key)
def test_stream(self):
with tutils.tmpdir() as tdir:
p = os.path.join(tdir, "foo")
def r():
r = flow.FlowReader(open(p, "rb"))
return list(r.stream())
s = flow.State()
fm = flow.FlowMaster(None, s)
f = tutils.tflow(resp=True)
fm.start_stream(file(p, "ab"), None)
fm.handle_request(f)
fm.handle_response(f)
fm.stop_stream()
assert r()[0].response
f = tutils.tflow()
fm.start_stream(file(p, "ab"), None)
fm.handle_request(f)
fm.shutdown()
assert not r()[1].response
def handle(self):
with tutils.tmpdir() as d:
ca1 = certutils.CertStore.from_store(d, "test2")
ca2 = certutils.CertStore.from_store(d, "test3")
cert, _ = ca1.get_cert("foo.com", [])
key = ca2.gen_pkey(cert)
self.convert_to_ssl(cert, key)
def test_create_explicit(self):
with tutils.tmpdir() as d:
ca = os.path.join(d, "ca")
assert certutils.dummy_ca(ca)
c = certutils.CertStore(d)
c.cleanup()
assert os.path.exists(d)
def test_stream(self):
with tutils.tmpdir() as tdir:
p = os.path.join(tdir, "foo")
def r():
r = flow.FlowReader(open(p, "rb"))
return list(r.stream())
s = flow.State()
fm = flow.FlowMaster(None, s)
f = tutils.tflow(resp=True)
fm.start_stream(file(p, "ab"), None)
fm.handle_request(f)
fm.handle_response(f)
fm.stop_stream()
assert r()[0].response
f = tutils.tflow()
fm.start_stream(file(p, "ab"), None)
fm.handle_request(f)
fm.shutdown()
assert not r()[1].response
def test_with_ca(self):
with tutils.tmpdir() as d:
ca = certutils.CertStore.from_store(d, "test")
r = certutils.dummy_cert(ca.default_privatekey, ca.default_ca,
"foo.com",
["one.com", "two.com", "*.three.com"])
assert r.cn == "foo.com"
def test_access_control(self):
v = base.TokValue.parseString("<path")[0]
with tutils.tmpdir() as t:
p = os.path.join(t, "path")
with open(p, "wb") as f:
f.write(b"x" * 10000)
assert v.get_generator(language.Settings(staticdir=t))
v = base.TokValue.parseString("<path2")[0]
tutils.raises(
exceptions.FileAccessDenied,
v.get_generator,
language.Settings(staticdir=t)
)
tutils.raises(
"access disabled",
v.get_generator,
language.Settings()
)
v = base.TokValue.parseString("</outside")[0]
tutils.raises(
"outside",
v.get_generator,
language.Settings(staticdir=t)
)
def test_access_control(self):
v = language.Value.parseString("<path")[0]
with tutils.tmpdir() as t:
p = os.path.join(t, "path")
with open(p, "wb") as f:
f.write("x" * 10000)
assert v.get_generator(language.Settings(staticdir=t))
v = language.Value.parseString("<path2")[0]
tutils.raises(
language.FileAccessDenied,
v.get_generator,
language.Settings(staticdir=t)
)
tutils.raises(
"access disabled",
v.get_generator,
language.Settings()
)
v = language.Value.parseString("</outside")[0]
tutils.raises(
"outside",
v.get_generator,
language.Settings(staticdir=t)
)
def test_replay(self):
cs = StringIO()
o = dump.Options(server_replay="nonexistent", kill=True)
libpry.raises(dump.DumpError,
dump.DumpMaster,
None,
o,
None,
outfile=cs)
with tutils.tmpdir() as t:
p = os.path.join(t, "rep")
self._flowfile(p)
o = dump.Options(server_replay=p, kill=True)
m = dump.DumpMaster(None, o, None, outfile=cs)
self._cycle(m, "content")
self._cycle(m, "content")
o = dump.Options(server_replay=p, kill=False)
m = dump.DumpMaster(None, o, None, outfile=cs)
self._cycle(m, "nonexistent")
o = dump.Options(client_replay=p, kill=False)
m = dump.DumpMaster(None, o, None, outfile=cs)
def test_certs(self):
with tutils.tmpdir() as confdir:
self.assert_noerr("--client-certs", confdir)
self.assert_err("directory does not exist", "--client-certs", "nonexistent")
self.assert_noerr("--dummy-certs", confdir)
self.assert_err("directory does not exist", "--dummy-certs", "nonexistent")
def handle(self):
with tutils.tmpdir() as d:
ca1 = certutils.CertStore.from_store(d, "test2")
ca2 = certutils.CertStore.from_store(d, "test3")
cert, _ = ca1.get_cert("foo.com", [])
certffi.set_flags(ca2.privkey, 0)
self.convert_to_ssl(cert, ca2.privkey)
def test_create_explicit(self):
with tutils.tmpdir() as d:
ca = os.path.join(d, "ca")
assert certutils.dummy_ca(ca)
c = certutils.CertStore(d)
c.cleanup()
assert os.path.exists(d)
def test_client_certs(self):
with tutils.tmpdir() as cadir:
self.assert_noerr("--client-certs", cadir)
self.assert_err(
"directory does not exist",
"--client-certs",
"nonexistent")
def handle(self):
with tutils.tmpdir() as d:
ca1 = certutils.CertStore.from_store(d, "test2")
ca2 = certutils.CertStore.from_store(d, "test3")
cert, _, _ = ca1.get_cert("foo.com", [])
certffi.set_flags(ca2.default_privatekey, 0)
self.convert_to_ssl(cert, ca2.default_privatekey)
def test_with_ca(self):
with tutils.tmpdir() as d:
cacert = os.path.join(d, "cacert")
assert certutils.dummy_ca(cacert)
p = os.path.join(d, "foo")
certutils.dummy_cert(file(p, "w"), cacert, "foo.com",
["one.com", "two.com", "*.three.com"])
assert file(p).read()
def test_one(self):
with tutils.tmpdir() as t:
old = os.getcwd()
sub = os.path.join(t, "sub")
os.mkdir(sub)
with utils.InDir(sub):
assert os.getcwd() != old
assert os.getcwd() == old
def test_cert(self):
path = tutils.test_data.path("data/confdir/") + "mitmproxy-ca-cert."
with tutils.tmpdir() as d:
for ext in ["pem", "p12"]:
resp = self.app("/cert/%s" % ext)
assert resp.status_code == 200
with open(path + ext, "rb") as f:
assert resp.content == f.read()
def test_sans(self):
with tutils.tmpdir() as d:
ca = certutils.CertStore.from_store(d, "test")
c1 = ca.get_cert("foo.com", ["*.bar.com"])
c2 = ca.get_cert("foo.bar.com", [])
# assert c1 == c2
c3 = ca.get_cert("bar.com", [])
assert not c1 == c3
def test_create_tmp(self):
with tutils.tmpdir() as d:
ca = os.path.join(d, "ca")
assert certutils.dummy_ca(ca)
c = certutils.CertStore()
assert c.get_cert("foo.com", [], ca)
assert c.get_cert("foo.com", [], ca)
assert c.get_cert("*.foo.com", [], ca)
def test_cert(self):
path = tutils.test_data.path("data/confdir/") + "mitmproxy-ca-cert."
with tutils.tmpdir() as d:
for ext in ["pem", "p12"]:
resp = self.app("/cert/%s" % ext)
assert resp.status_code == 200
with open(path + ext, "rb") as f:
assert resp.content == f.read()
def test_sans(self):
with tutils.tmpdir() as d:
ca = certutils.CertStore.from_store(d, "test")
c1 = ca.get_cert("foo.com", ["*.bar.com"])
ca.get_cert("foo.bar.com", [])
# assert c1 == c2
c3 = ca.get_cert("bar.com", [])
assert not c1 == c3
def test_one(self):
with tutils.tmpdir() as t:
old = os.getcwd()
sub = os.path.join(t, "sub")
os.mkdir(sub)
with utils.InDir(sub):
assert os.getcwd() != old
assert os.getcwd() == old
def test_create_tmp(self):
with tutils.tmpdir() as d:
ca = certutils.CertStore.from_store(d, "test")
assert ca.get_cert("foo.com", [])
assert ca.get_cert("foo.com", [])
assert ca.get_cert("*.foo.com", [])
r = ca.get_cert("*.foo.com", [])
assert r[1] == ca.default_privatekey
def test_render(self):
with tutils.tmpdir() as t:
self.application.render(t)
assert os.path.isfile(os.path.join(t, "test.html"))
assert os.path.isfile(os.path.join(t, "copy"))
assert os.path.isfile(os.path.join(t, "copy2"))
assert os.path.isdir(os.path.join(t, "testmod"))
assert os.path.isfile(os.path.join(t, "testmod_index.html"))
assert os.path.isfile(os.path.join(t, "sitemap.xml"))
def test_create_explicit(self):
with tutils.tmpdir() as d:
ca = certutils.CertStore.from_store(d, "test")
assert ca.get_cert("foo", [])
ca2 = certutils.CertStore.from_store(d, "test")
assert ca2.get_cert("foo", [])
assert ca.default_ca.get_serial_number() == ca2.default_ca.get_serial_number()
def test_render(self):
with tutils.tmpdir() as t:
self.application.render(t)
assert os.path.isfile(os.path.join(t, "test.html"))
assert os.path.isfile(os.path.join(t, "copy"))
assert os.path.isfile(os.path.join(t, "copy2"))
assert os.path.isdir(os.path.join(t, "testmod"))
assert os.path.isfile(os.path.join(t, "testmod_index.html"))
assert os.path.isfile(os.path.join(t, "sitemap.xml"))
def test_render(self):
app = doc.Doc(tutils.test_data.path("doctree"))
with tutils.tmpdir() as t:
app.render(t)
assert "notcopied" in app.root.namespace["data"]
assert not os.path.isfile(os.path.join(t, "_notcopied.html"))
assert os.path.isfile(os.path.join(t, "include.css"))
assert os.path.isdir(os.path.join(t, "autocopy"))
assert os.path.isdir(os.path.join(t, "foo"))
def test_client_certs(self):
with tutils.tmpdir() as cadir:
self.assert_noerr("--client-certs", cadir)
self.assert_noerr(
"--client-certs",
os.path.join(tutils.test_data.path("data/clientcert"),
"client.pem"))
self.assert_err("path does not exist", "--client-certs",
"nonexistent")
def test_no_ca(self):
with tutils.tmpdir() as d:
p = certutils.dummy_cert(
d,
None,
"foo.com",
[]
)
assert os.path.exists(p)
def test_render(self):
app = doc.Doc(tutils.test_data.path("doctree"))
with tutils.tmpdir() as t:
app.render(t)
assert "notcopied" in app.root.namespace["data"]
assert not os.path.isfile(os.path.join(t, "_notcopied.html"))
assert os.path.isfile(os.path.join(t, "include.css"))
assert os.path.isdir(os.path.join(t, "autocopy"))
assert os.path.isdir(os.path.join(t, "foo"))
def test_gen_pkey(self):
try:
with tutils.tmpdir() as d:
ca1 = certutils.CertStore.from_store(os.path.join(d, "ca1"), "test")
ca2 = certutils.CertStore.from_store(os.path.join(d, "ca2"), "test")
cert = ca1.get_cert("foo.com", [])
assert certffi.get_flags(ca2.gen_pkey(cert[0])) == 1
finally:
certffi.set_flags(ca2.default_privatekey, 0)
def test_create_tmp(self):
with tutils.tmpdir() as d:
ca = certutils.CertStore.from_store(d, "test")
assert ca.get_cert("foo.com", [])
assert ca.get_cert("foo.com", [])
assert ca.get_cert("*.foo.com", [])
r = ca.get_cert("*.foo.com", [])
assert r[1] == ca.default_privatekey
def test_with_ca(self):
with tutils.tmpdir() as d:
cacert = os.path.join(d, "cacert")
assert certutils.dummy_ca(cacert)
r = certutils.dummy_cert(
cacert,
"foo.com",
["one.com", "two.com", "*.three.com"]
)
assert r.cn == "foo.com"
def test_with_ca(self):
with tutils.tmpdir() as d:
ca = certutils.CertStore.from_store(d, "test")
r = certutils.dummy_cert(
ca.default_privatekey,
ca.default_ca,
"foo.com",
["one.com", "two.com", "*.three.com"]
)
assert r.cn == "foo.com"
def test_client_certs(self):
with tutils.tmpdir() as cadir:
self.assert_noerr("--client-certs", cadir)
self.assert_noerr(
"--client-certs",
os.path.join(tutils.test_data.path("data/clientcert"), "client.pem"))
self.assert_err(
"path does not exist",
"--client-certs",
"nonexistent")
def test_create_tmp(self):
with tutils.tmpdir() as d:
ca = os.path.join(d, "ca")
assert certutils.dummy_ca(ca)
c = certutils.CertStore()
assert not c.get_cert("../foo.com", [])
assert not c.get_cert("foo.com", [])
assert c.get_cert("foo.com", [], ca)
assert c.get_cert("foo.com", [], ca)
c.cleanup()
def test_create_explicit(self):
with tutils.tmpdir() as d:
ca = certutils.CertStore.from_store(d, "test")
assert ca.get_cert("foo", [])
ca2 = certutils.CertStore.from_store(d, "test")
assert ca2.get_cert("foo", [])
assert ca.default_ca.get_serial_number(
) == ca2.default_ca.get_serial_number()
def test_read(self):
with tutils.tmpdir() as t:
p = os.path.join(t, "read")
self._flowfile(p)
assert "GET" in self._dummy_cycle(0, None, "", verbosity=1, rfile=p)
libpry.raises(dump.DumpError, self._dummy_cycle, 0, None, "", verbosity=1, rfile="/nonexistent")
# We now just ignore errors
self._dummy_cycle(0, None, "", verbosity=1, rfile=tutils.test_data.path("test_dump.py"))
def test_gen_pkey(self):
try:
with tutils.tmpdir() as d:
ca1 = certutils.CertStore.from_store(os.path.join(d, "ca1"),
"test")
ca2 = certutils.CertStore.from_store(os.path.join(d, "ca2"),
"test")
cert = ca1.get_cert("foo.com", [])
assert certffi.get_flags(ca2.gen_pkey(cert[0])) == 1
finally:
certffi.set_flags(ca2.default_privatekey, 0)
def test_dummy_ca():
with tutils.tmpdir() as d:
path = os.path.join(d, "foo/cert.cnf")
assert certutils.dummy_ca(path)
assert os.path.exists(path)
path = os.path.join(d, "foo/cert2.pem")
assert certutils.dummy_ca(path)
assert os.path.exists(path)
assert os.path.exists(os.path.join(d, "foo/cert2-cert.pem"))
assert os.path.exists(os.path.join(d, "foo/cert2-cert.p12"))
def test_dummy_ca():
with tutils.tmpdir() as d:
path = os.path.join(d, "foo/cert.cnf")
assert certutils.dummy_ca(path)
assert os.path.exists(path)
path = os.path.join(d, "foo/cert2.pem")
assert certutils.dummy_ca(path)
assert os.path.exists(path)
assert os.path.exists(os.path.join(d, "foo/cert2-cert.pem"))
assert os.path.exists(os.path.join(d, "foo/cert2-cert.p12"))
def test_filegenerator(self):
with tutils.tmpdir() as t:
path = os.path.join(t, "foo")
f = open(path, "w")
f.write("x" * 10000)
f.close()
g = rparse.FileGenerator(path)
assert len(g) == 10000
assert g[0] == "x"
assert g[-1] == "x"
assert g[0:5] == "xxxxx"
assert repr(g)
def test_filegenerator(self):
with tutils.tmpdir() as t:
path = os.path.join(t, "foo")
f = open(path, "w")
f.write("x"*10000)
f.close()
g = rparse.FileGenerator(path)
assert len(g) == 10000
assert g[0] == "x"
assert g[-1] == "x"
assert g[0:5] == "xxxxx"
assert repr(g)
def test_with_ca(self):
with tutils.tmpdir() as d:
cacert = os.path.join(d, "cacert")
assert certutils.dummy_ca(cacert)
p = os.path.join(d, "foo")
certutils.dummy_cert(
file(p, "w"),
cacert,
"foo.com",
["one.com", "two.com", "*.three.com"]
)
assert file(p).read()
def test_filegenerator(self):
with tutils.tmpdir() as t:
path = os.path.join(t, "foo")
f = open(path, "wb")
f.write("x"*10000)
f.close()
g = language.FileGenerator(path)
assert len(g) == 10000
assert g[0] == "x"
assert g[-1] == "x"
assert g[0:5] == "xxxxx"
assert repr(g)
del g # remove all references to FileGenerator instance to close the file handle.
def test_read(self):
with tutils.tmpdir() as t:
p = os.path.join(t, "read")
self._flowfile(p)
assert "GET" in self._dummy_cycle(0, None, "", verbosity=1, rfile=p)
tutils.raises(
dump.DumpError, self._dummy_cycle,
0, None, "", verbosity=1, rfile="/nonexistent"
)
# We now just ignore errors
self._dummy_cycle(0, None, "", verbosity=1, rfile=tutils.test_data.path("test_dump.py"))
def test_filegenerator(self):
with tutils.tmpdir() as t:
path = os.path.join(t, "foo")
f = open(path, "wb")
f.write("x" * 10000)
f.close()
g = language.FileGenerator(path)
assert len(g) == 10000
assert g[0] == "x"
assert g[-1] == "x"
assert g[0:5] == "xxxxx"
assert repr(g)
del g # remove all references to FileGenerator instance to close the file handle.
def test_overrides(self):
with tutils.tmpdir() as d:
ca1 = certutils.CertStore.from_store(os.path.join(d, "ca1"), "test")
ca2 = certutils.CertStore.from_store(os.path.join(d, "ca2"), "test")
assert not ca1.default_ca.get_serial_number() == ca2.default_ca.get_serial_number()
dc = ca2.get_cert("foo.com", [])
dcp = os.path.join(d, "dc")
f = open(dcp, "wb")
f.write(dc[0].to_pem())
f.close()
ca1.add_cert_file("foo.com", dcp)
ret = ca1.get_cert("foo.com", [])
assert ret[0].serial == dc[0].serial
def test_access_control(self):
v = language.Value.parseString("<path")[0]
with tutils.tmpdir() as t:
p = os.path.join(t, "path")
f = open(p, "w")
f.write("x"*10000)
f.close()
assert v.get_generator(dict(staticdir=t))
v = language.Value.parseString("<path2")[0]
tutils.raises(language.FileAccessDenied, v.get_generator, dict(staticdir=t))
tutils.raises("access disabled", v.get_generator, dict())
v = language.Value.parseString("</outside")[0]
tutils.raises("outside", v.get_generator, dict(staticdir=t))
def test_filegenerator():
with tutils.tmpdir() as t:
path = os.path.join(t, "foo")
f = open(path, "wb")
f.write(b"x" * 10000)
f.close()
g = generators.FileGenerator(path)
assert len(g) == 10000
assert g[0] == b"x"
assert g[-1] == b"x"
assert g[0:5] == b"xxxxx"
assert len(g[1:10]) == 9
assert len(g[10000:10001]) == 0
assert repr(g)
# remove all references to FileGenerator instance to close the file
# handle.
del g
def test_overrides(self):
with tutils.tmpdir() as d:
ca1 = certutils.CertStore.from_store(os.path.join(d, "ca1"),
"test")
ca2 = certutils.CertStore.from_store(os.path.join(d, "ca2"),
"test")
assert not ca1.default_ca.get_serial_number(
) == ca2.default_ca.get_serial_number()
dc = ca2.get_cert("foo.com", [])
dcp = os.path.join(d, "dc")
f = open(dcp, "wb")
f.write(dc[0].to_pem())
f.close()
ca1.add_cert_file("foo.com", dcp)
ret = ca1.get_cert("foo.com", [])
assert ret[0].serial == dc[0].serial
def test_with_ca(self):
with tutils.tmpdir() as d:
cacert = os.path.join(d, "foo/cert.cnf")
assert certutils.dummy_ca(cacert)
p = certutils.dummy_cert(
os.path.join(d, "foo"),
cacert,
"foo.com",
["one.com", "two.com", "*.three.com"]
)
assert os.path.exists(p)
# Short-circuit
assert certutils.dummy_cert(
os.path.join(d, "foo"),
cacert,
"foo.com",
[]
)
def test_read(self):
with tutils.tmpdir() as t:
p = os.path.join(t, "read")
self._flowfile(p)
assert "GET" in self._dummy_cycle(
0,
None,
"",
flow_detail=1,
rfile=p
)
tutils.raises(
dump.DumpError, self._dummy_cycle,
0, None, "", verbosity=1, rfile="/nonexistent"
)
tutils.raises(
dump.DumpError, self._dummy_cycle,
0, None, "", verbosity=1, rfile="test_dump.py"
)
def test_read(self):
with tutils.tmpdir() as t:
p = os.path.join(t, "read")
self._flowfile(p)
assert "GET" in self._dummy_cycle(
0,
None,
"",
flow_detail=1,
rfile=p
)
tutils.raises(
dump.DumpError, self._dummy_cycle,
0, None, "", verbosity=1, rfile="/nonexistent"
)
tutils.raises(
dump.DumpError, self._dummy_cycle,
0, None, "", verbosity=1, rfile="test_dump.py"
)
def test_log(self):
testval = "echo!\n"
_logfun = tcp.log_ssl_key
with tutils.tmpdir() as d:
logfile = os.path.join(d, "foo", "bar", "logfile")
tcp.log_ssl_key = tcp.SSLKeyLogger(logfile)
c = tcp.TCPClient(("127.0.0.1", self.port))
c.connect()
c.convert_to_ssl()
c.wfile.write(testval)
c.wfile.flush()
assert c.rfile.readline() == testval
c.finish()
tcp.log_ssl_key.close()
with open(logfile, "rb") as f:
assert f.read().count("CLIENT_RANDOM") == 2
tcp.log_ssl_key = _logfun
def test_log(self):
testval = "echo!\n"
_logfun = tcp.log_ssl_key
with tutils.tmpdir() as d:
logfile = os.path.join(d, "foo", "bar", "logfile")
tcp.log_ssl_key = tcp.SSLKeyLogger(logfile)
c = tcp.TCPClient(("127.0.0.1", self.port))
c.connect()
c.convert_to_ssl()
c.wfile.write(testval)
c.wfile.flush()
assert c.rfile.readline() == testval
c.finish()
tcp.log_ssl_key.close()
with open(logfile, "rb") as f:
assert f.read().count("CLIENT_RANDOM") == 2
tcp.log_ssl_key = _logfun
def test_fixedlengthvalue(self):
class TT(base.FixedLengthValue):
preamble = "m"
length = 4
e = TT.expr()
assert e.parseString("m@4")
tutils.raises("invalid value length", e.parseString, "m@100")
tutils.raises("invalid value length", e.parseString, "m@1")
with tutils.tmpdir() as t:
p = os.path.join(t, "path")
s = base.Settings(staticdir=t)
with open(p, "wb") as f:
f.write("a" * 20)
v = e.parseString("m<path")[0]
tutils.raises("invalid value length", v.values, s)
p = os.path.join(t, "path")
with open(p, "wb") as f:
f.write("a" * 4)
v = e.parseString("m<path")[0]
assert v.values(s)
