Use PyOpenSSL's underlying ffi interface to get current cipher for connections.

author: Aldo Cortesi <aldo@nullcube.com> 2014-03-02 21:37:28 +1300
committer: Aldo Cortesi <aldo@nullcube.com> 2014-03-02 21:37:28 +1300
commit: cfaa3da25cee39c5395a6ff27dfc47ff07dbeef6 (patch)
tree: 40ae30c793084d05837227a5bb6045100e8c0c46 /test/test_tcp.py
parent: 1acaf1c880ba7054e4eb1cc1ed4ea5d0cf852e61 (diff)
download: mitmproxy-cfaa3da25cee39c5395a6ff27dfc47ff07dbeef6.tar.gz
mitmproxy-cfaa3da25cee39c5395a6ff27dfc47ff07dbeef6.tar.bz2
mitmproxy-cfaa3da25cee39c5395a6ff27dfc47ff07dbeef6.zip
1 files changed, 34 insertions, 1 deletions
diff --git a/test/test_tcp.py b/test/test_tcp.py
index 4e27a632..387e3f33 100644
--- a/test/test_tcp.py
+++ b/test/test_tcp.py
@@ -49,6 +49,13 @@ class ClientCipherListHandler(tcp.BaseHandler):
         self.wfile.flush()
 
 
+class CurrentCipherHandler(tcp.BaseHandler):
+    sni = None
+    def handle(self):
+        self.wfile.write("%s"%str(self.get_current_cipher()))
+        self.wfile.flush()
+
+
 class DisconnectHandler(tcp.BaseHandler):
     def handle(self):
         self.close()
@@ -151,7 +158,8 @@ class TestServerSSL(test.ServerTestBase):
                 cert = tutils.test_data.path("data/server.crt"),
                 key = tutils.test_data.path("data/server.key"),
                 request_client_cert = False,
-                v3_only = False
+                v3_only = False,
+                cipher_list = "AES256-SHA"
             )
     def test_echo(self):
         c = tcp.TCPClient(("127.0.0.1", self.port))
@@ -165,6 +173,15 @@ class TestServerSSL(test.ServerTestBase):
     def test_get_remote_cert(self):
         assert certutils.get_remote_cert("127.0.0.1", self.port, None).digest("sha1")
 
+    def test_get_current_cipher(self):
+        c = tcp.TCPClient(("127.0.0.1", self.port))
+        c.connect()
+        assert not c.get_current_cipher()
+        c.convert_to_ssl(sni="foo.com")
+        ret = c.get_current_cipher()
+        assert ret
+        assert "AES" in ret[0]
+
 
 class TestSSLv3Only(test.ServerTestBase):
     handler = EchoHandler
@@ -236,6 +253,22 @@ class TestServerCipherList(test.ServerTestBase):
         assert c.rfile.readline() == "['RC4-SHA']"
 
 
+class TestServerCurrentCipher(test.ServerTestBase):
+    handler = CurrentCipherHandler
+    ssl = dict(
+        cert = tutils.test_data.path("data/server.crt"),
+        key = tutils.test_data.path("data/server.key"),
+        request_client_cert = False,
+        v3_only = False,
+        cipher_list = 'RC4-SHA'
+    )
+    def test_echo(self):
+        c = tcp.TCPClient(("127.0.0.1", self.port))
+        c.connect()
+        c.convert_to_ssl(sni="foo.com")
+        assert "RC4-SHA" in c.rfile.readline()
+
+
 class TestServerCipherListError(test.ServerTestBase):
     handler = ClientCipherListHandler
     ssl = dict(
author	Aldo Cortesi <aldo@nullcube.com>	2014-03-02 21:37:28 +1300
committer	Aldo Cortesi <aldo@nullcube.com>	2014-03-02 21:37:28 +1300
commit	cfaa3da25cee39c5395a6ff27dfc47ff07dbeef6 (patch)
tree	40ae30c793084d05837227a5bb6045100e8c0c46 /test/test_tcp.py
parent	1acaf1c880ba7054e4eb1cc1ed4ea5d0cf852e61 (diff)
download	mitmproxy-cfaa3da25cee39c5395a6ff27dfc47ff07dbeef6.tar.gz mitmproxy-cfaa3da25cee39c5395a6ff27dfc47ff07dbeef6.tar.bz2 mitmproxy-cfaa3da25cee39c5395a6ff27dfc47ff07dbeef6.zip