diff options
| author | Kyle Morton <kylemorton@google.com> | 2015-06-20 12:54:03 -0700 |
|---|---|---|
| committer | Kyle Morton <kylemorton@google.com> | 2015-06-22 16:48:09 -0700 |
| commit | 7afe44ba4ee8810e24abfa32f74dfac61e5551d3 (patch) | |
| tree | ddcec133c985d2105c6ddfa4d28c08736a95bca3 | |
| parent | 2aa1b98fbf8d03005e022da86e3e534cf25ebf62 (diff) | |
| download | mitmproxy-7afe44ba4ee8810e24abfa32f74dfac61e5551d3.tar.gz mitmproxy-7afe44ba4ee8810e24abfa32f74dfac61e5551d3.tar.bz2 mitmproxy-7afe44ba4ee8810e24abfa32f74dfac61e5551d3.zip | |
Updating TCPServer to allow tests (and potentially other use cases) to serve
certificate chains instead of only single certificates.
| -rw-r--r-- | netlib/tcp.py | 8 | ||||
| -rw-r--r-- | test/tservers.py | 3 |
2 files changed, 7 insertions, 4 deletions
diff --git a/netlib/tcp.py b/netlib/tcp.py index 77eb7b52..61306e4e 100644 --- a/netlib/tcp.py +++ b/netlib/tcp.py @@ -567,7 +567,8 @@ class BaseHandler(_Connection): dhparams=None, **sslctx_kwargs): """ - cert: A certutils.SSLCert object. + cert: A certutils.SSLCert object or the path to a certificate + chain file. handle_sni: SNI handler, should take a connection object. Server name can be retrieved like this: @@ -594,7 +595,10 @@ class BaseHandler(_Connection): context = self._create_ssl_context(**sslctx_kwargs) context.use_privatekey(key) - context.use_certificate(cert.x509) + if isinstance(cert, certutils.SSLCert): + context.use_certificate(cert.x509) + else: + context.use_certificate_chain_file(cert) if handle_sni: # SNI callback happens during do_handshake() diff --git a/test/tservers.py b/test/tservers.py index 899b51bd..5c1ea08b 100644 --- a/test/tservers.py +++ b/test/tservers.py @@ -72,10 +72,9 @@ class TServer(tcp.TCPServer): h = self.handler_klass(request, client_address, self) self.last_handler = h if self.ssl is not None: - raw_cert = self.ssl.get( + cert = self.ssl.get( "cert", tutils.test_data.path("data/server.crt")) - cert = certutils.SSLCert.from_pem(open(raw_cert, "rb").read()) raw_key = self.ssl.get( "key", tutils.test_data.path("data/server.key")) |