diff options
| -rw-r--r-- | .travis.yml | 5 | ||||
| -rw-r--r-- | netlib/tcp.py | 25 | ||||
| -rw-r--r-- | netlib/utils.py | 21 | ||||
| -rw-r--r-- | test/tservers.py | 4 | ||||
| -rw-r--r-- | test/tutils.py | 3 |
5 files changed, 46 insertions, 12 deletions
diff --git a/.travis.yml b/.travis.yml index 83fcc265..4991e241 100644 --- a/.travis.yml +++ b/.travis.yml @@ -48,6 +48,11 @@ notifications: - "irc.oftc.net#mitmproxy" on_success: change on_failure: always + slack: + rooms: + - mitmproxy:YaDGC9Gt9TEM7o8zkC2OLNsu + on_success: :change + on_failure: always # exclude cryptography from cache # it depends on libssl-dev version diff --git a/netlib/tcp.py b/netlib/tcp.py index 2cae34ec..74a275c9 100644 --- a/netlib/tcp.py +++ b/netlib/tcp.py @@ -16,13 +16,24 @@ from . import certutils EINTR = 4 -SSLv2_METHOD = SSL.SSLv2_METHOD -SSLv3_METHOD = SSL.SSLv3_METHOD -SSLv23_METHOD = SSL.SSLv23_METHOD -TLSv1_METHOD = SSL.TLSv1_METHOD -TLSv1_1_METHOD = SSL.TLSv1_1_METHOD -TLSv1_2_METHOD = SSL.TLSv1_2_METHOD +# To enable all SSL methods use: SSLv23 +# then add options to disable certain methods +# https://bugs.launchpad.net/pyopenssl/+bug/1020632/comments/3 +# Use ONLY for parsing of CLI arguments! +# All code internals should use OpenSSL constants directly! +SSL_VERSIONS = { + 'TLSv1.2': SSL.TLSv1_2_METHOD, + 'TLSv1.1': SSL.TLSv1_1_METHOD, + 'TLSv1': SSL.TLSv1_METHOD, + 'SSLv3': SSL.SSLv3_METHOD, + 'SSLv2': SSL.SSLv2_METHOD, + 'SSLv23': SSL.SSLv23_METHOD, +} + +SSL_DEFAULT_VERSION = 'SSLv23' + +SSL_DEFAULT_METHOD = SSL_VERSIONS[SSL_DEFAULT_VERSION] SSL_DEFAULT_OPTIONS = ( SSL.OP_NO_SSLv2 | @@ -376,7 +387,7 @@ class _Connection(object): pass def _create_ssl_context(self, - method=SSLv23_METHOD, + method=SSL_DEFAULT_METHOD, options=SSL_DEFAULT_OPTIONS, verify_options=SSL.VERIFY_NONE, ca_path=certifi.where(), diff --git a/netlib/utils.py b/netlib/utils.py index ac42bd53..bee412f9 100644 --- a/netlib/utils.py +++ b/netlib/utils.py @@ -1,5 +1,5 @@ from __future__ import (absolute_import, print_function, division) - +import os.path def isascii(s): try: @@ -110,3 +110,22 @@ def pretty_size(size): if x == int(x): x = int(x) return str(x) + suf + + +class Data(object): + def __init__(self, name): + m = __import__(name) + dirname, _ = os.path.split(m.__file__) + self.dirname = os.path.abspath(dirname) + + def path(self, path): + """ + Returns a path to the package data housed at 'path' under this + module.Path can be a path to a file, or to a directory. + + This function will raise ValueError if the path does not exist. + """ + fullpath = os.path.join(self.dirname, path) + if not os.path.exists(fullpath): + raise ValueError("dataPath: %s does not exist." % fullpath) + return fullpath diff --git a/test/tservers.py b/test/tservers.py index 5c1ea08b..5e99c0e2 100644 --- a/test/tservers.py +++ b/test/tservers.py @@ -82,10 +82,10 @@ class TServer(tcp.TCPServer): OpenSSL.crypto.FILETYPE_PEM, open(raw_key, "rb").read()) if self.ssl.get("v3_only", False): - method = tcp.SSLv3_METHOD + method = OpenSSL.SSL.SSLv3_METHOD options = OpenSSL.SSL.OP_NO_SSLv2 | OpenSSL.SSL.OP_NO_TLSv1 else: - method = tcp.SSLv23_METHOD + method = OpenSSL.SSL.SSLv23_METHOD options = None h.convert_to_ssl( cert, key, diff --git a/test/tutils.py b/test/tutils.py index 95c8b80a..94139f6f 100644 --- a/test/tutils.py +++ b/test/tutils.py @@ -3,9 +3,8 @@ import tempfile import os import shutil from contextlib import contextmanager -from libpathod import utils -from netlib import tcp +from netlib import tcp, utils def treader(bytes): |