diff options
| author | Maximilian Hils <git@maximilianhils.com> | 2013-12-08 01:39:50 +0100 |
|---|---|---|
| committer | Maximilian Hils <git@maximilianhils.com> | 2013-12-08 01:39:50 +0100 |
| commit | 64139a1e7ed32f5d995c8fdea0d82c2d2d44f195 (patch) | |
| tree | 57f82ac4c4be727098a577f82e9d6a33a4c41e95 /netlib/certutils.py | |
| parent | 390f2a46c920ee332d758d6c46999b5147e0b30b (diff) | |
| parent | 7213f86d49960a625643fb6179e6a3731b16d462 (diff) | |
| download | mitmproxy-64139a1e7ed32f5d995c8fdea0d82c2d2d44f195.tar.gz mitmproxy-64139a1e7ed32f5d995c8fdea0d82c2d2d44f195.tar.bz2 mitmproxy-64139a1e7ed32f5d995c8fdea0d82c2d2d44f195.zip | |
merge origin/master
Diffstat (limited to 'netlib/certutils.py')
| -rw-r--r-- | netlib/certutils.py | 29 |
1 files changed, 9 insertions, 20 deletions
diff --git a/netlib/certutils.py b/netlib/certutils.py index dab7e318..d9b8ce57 100644 --- a/netlib/certutils.py +++ b/netlib/certutils.py @@ -5,17 +5,20 @@ from pyasn1.error import PyAsn1Error import OpenSSL import tcp +default_exp = 62208000 # =24 * 60 * 60 * 720 +default_o = "mitmproxy" +default_cn = "mitmproxy" -def create_ca(): +def create_ca(o=default_o, cn=default_cn, exp=default_exp): key = OpenSSL.crypto.PKey() key.generate_key(OpenSSL.crypto.TYPE_RSA, 1024) ca = OpenSSL.crypto.X509() ca.set_serial_number(int(time.time()*10000)) ca.set_version(2) - ca.get_subject().CN = "mitmproxy" - ca.get_subject().O = "mitmproxy" + ca.get_subject().CN = cn + ca.get_subject().O = o ca.gmtime_adj_notBefore(0) - ca.gmtime_adj_notAfter(24 * 60 * 60 * 720) + ca.gmtime_adj_notAfter(exp) ca.set_issuer(ca.get_subject()) ca.set_pubkey(key) ca.add_extensions([ @@ -35,7 +38,7 @@ def create_ca(): return key, ca -def dummy_ca(path): +def dummy_ca(path, o=default_o, cn=default_cn, exp=default_exp): dirname = os.path.dirname(path) if not os.path.exists(dirname): os.makedirs(dirname) @@ -45,7 +48,7 @@ def dummy_ca(path): else: basename = os.path.basename(path) - key, ca = create_ca() + key, ca = create_ca(o=o, cn=cn, exp=exp) # Dump the CA plus private key f = open(path, "wb") @@ -113,18 +116,6 @@ class CertStore: def __init__(self): self.certs = {} - def check_domain(self, commonname): - try: - commonname.decode("idna") - commonname.decode("ascii") - except: - return False - if ".." in commonname: - return False - if "/" in commonname: - return False - return True - def get_cert(self, commonname, sans, cacert): """ Returns an SSLCert object. @@ -138,8 +129,6 @@ class CertStore: Return None if the certificate could not be found or generated. """ - if not self.check_domain(commonname): - return None if commonname in self.certs: return self.certs[commonname] c = dummy_cert(cacert, commonname, sans) |