Change variable o to organization for generated certficates.

author: Abhigyan Khaund <20434085+abhigyank@users.noreply.github.com> 2018-11-11 10:58:14 +0530
committer: Abhigyan Khaund <20434085+abhigyank@users.noreply.github.com> 2018-11-11 10:58:14 +0530
commit: cda4248610a802c8e97b9917fd44d264dcb06584 (patch)
tree: 8346169e6f427c24f3f14f567476fe39f57d3085
parent: d4f4cfe2252ac82bc361c098e7fba48d70466890 (diff)
download: mitmproxy-cda4248610a802c8e97b9917fd44d264dcb06584.tar.gz
mitmproxy-cda4248610a802c8e97b9917fd44d264dcb06584.tar.bz2
mitmproxy-cda4248610a802c8e97b9917fd44d264dcb06584.zip
3 files changed, 21 insertions, 21 deletions
diff --git a/mitmproxy/certs.py b/mitmproxy/certs.py
index 6970618e..6f5f8c09 100644
--- a/mitmproxy/certs.py
+++ b/mitmproxy/certs.py
@@ -36,14 +36,14 @@ rD693XKIHUCWOjMh1if6omGXKHH40QuME2gNa50+YPn1iYDl88uDbbMCAQI=
 """
 
 
-def create_ca(o, cn, exp):
+def create_ca(organization, cn, exp):
     key = OpenSSL.crypto.PKey()
     key.generate_key(OpenSSL.crypto.TYPE_RSA, 2048)
     cert = OpenSSL.crypto.X509()
     cert.set_serial_number(int(time.time() * 10000))
     cert.set_version(2)
     cert.get_subject().CN = cn
-    cert.get_subject().O = o
+    cert.get_subject().O = organization
     cert.gmtime_adj_notBefore(-3600 * 48)
     cert.gmtime_adj_notAfter(exp)
     cert.set_issuer(cert.get_subject())
@@ -80,7 +80,7 @@ def create_ca(o, cn, exp):
     return key, cert
 
 
-def dummy_cert(privkey, cacert, commonname, sans, o):
+def dummy_cert(privkey, cacert, commonname, sans, organization):
     """
         Generates a dummy certificate.
 
@@ -88,7 +88,7 @@ def dummy_cert(privkey, cacert, commonname, sans, o):
         cacert: CA certificate
         commonname: Common name for the generated certificate.
         sans: A list of Subject Alternate Names.
-        o: Organization name for the generated certificate.
+        organization: Organization name for the generated certificate.
 
         Returns cert if operation succeeded, None if not.
     """
@@ -108,8 +108,8 @@ def dummy_cert(privkey, cacert, commonname, sans, o):
     cert.set_issuer(cacert.get_subject())
     if commonname is not None and len(commonname) < 64:
         cert.get_subject().CN = commonname
-    if o is not None:
-        cert.get_subject().O = o
+    if organization is not None:
+        cert.get_subject().O = organization
     cert.set_serial_number(int(time.time() * 10000))
     if ss:
         cert.set_version(2)
@@ -215,14 +215,14 @@ class CertStore:
             os.umask(original_umask)
 
     @staticmethod
-    def create_store(path, basename, o=None, cn=None, expiry=DEFAULT_EXP):
+    def create_store(path, basename, organization=None, cn=None, expiry=DEFAULT_EXP):
         if not os.path.exists(path):
             os.makedirs(path)
 
-        o = o or basename
+        organization = organization or basename
         cn = cn or basename
 
-        key, ca = create_ca(o=o, cn=cn, exp=expiry)
+        key, ca = create_ca(organization=organization, cn=cn, exp=expiry)
         # Dump the CA plus private key
         with CertStore.umask_secret(), open(os.path.join(path, basename + "-ca.pem"), "wb") as f:
             f.write(
@@ -308,7 +308,7 @@ class CertStore:
             ret.append(b"*." + b".".join(parts[i:]))
         return ret
 
-    def get_cert(self, commonname: typing.Optional[bytes], sans: typing.List[bytes], o: typing.Optional[bytes] = None):
+    def get_cert(self, commonname: typing.Optional[bytes], sans: typing.List[bytes], organization: typing.Optional[bytes] = None):
         """
             Returns an (cert, privkey, cert_chain) tuple.
 
@@ -317,7 +317,7 @@ class CertStore:
 
             sans: A list of Subject Alternate Names.
 
-            o: Organization name for the generated certificate.
+            organization: Organization name for the generated certificate.
         """
 
         potential_keys: typing.List[TCertId] = []
@@ -341,7 +341,7 @@ class CertStore:
                     self.default_ca,
                     commonname,
                     sans,
-                    o),
+                    organization),
                 privatekey=self.default_privatekey,
                 chain_file=self.default_chain_file)
             self.certs[(commonname, tuple(sans))] = entry
@@ -454,7 +454,7 @@ class Cert(serializable.Serializable):
         return c
 
     @property
-    def o(self):
+    def organization(self):
         c = None
         for i in self.subject:
             if i[0] == b"O":
diff --git a/mitmproxy/proxy/protocol/tls.py b/mitmproxy/proxy/protocol/tls.py
index 3577af13..096aae9f 100644
--- a/mitmproxy/proxy/protocol/tls.py
+++ b/mitmproxy/proxy/protocol/tls.py
@@ -464,12 +464,12 @@ class TlsLayer(base.Layer):
 
     def _find_cert(self):
         """
-        This function determines the Common Name (CN) and Subject Alternative Names (SANs)
+        This function determines the Common Name (CN), Subject Alternative Names (SANs) and Organization Name
         our certificate should have and then fetches a matching cert from the certstore.
         """
         host = None
         sans = set()
-        o = None
+        organization = None
 
         # In normal operation, the server address should always be known at this point.
         # However, we may just want to establish TLS so that we can send an error message to the client,
@@ -489,8 +489,8 @@ class TlsLayer(base.Layer):
             if upstream_cert.cn:
                 sans.add(host)
                 host = upstream_cert.cn.decode("utf8").encode("idna")
-            if upstream_cert.o:
-                o = upstream_cert.o
+            if upstream_cert.organization:
+                organization = upstream_cert.organization
         # Also add SNI values.
         if self._client_hello.sni:
             sans.add(self._client_hello.sni.encode("idna"))
@@ -501,4 +501,4 @@ class TlsLayer(base.Layer):
         # In other words, the Common Name is irrelevant then.
         if host:
             sans.add(host)
-        return self.config.certstore.get_cert(host, list(sans), o)
+        return self.config.certstore.get_cert(host, list(sans), organization)
diff --git a/test/mitmproxy/test_certs.py b/test/mitmproxy/test_certs.py
index 9b4c9516..b8ad1d36 100644
--- a/test/mitmproxy/test_certs.py
+++ b/test/mitmproxy/test_certs.py
@@ -134,7 +134,7 @@ class TestDummyCert:
         )
         assert r.cn == b"foo.com"
         assert r.altnames == [b'one.com', b'two.com', b'*.three.com']
-        assert r.o == b"Foo Ltd."
+        assert r.organization == b"Foo Ltd."
 
         r = certs.dummy_cert(
             ca.default_privatekey,
@@ -144,7 +144,7 @@ class TestDummyCert:
             None
         )
         assert r.cn is None
-        assert r.o is None
+        assert r.organization is None
         assert r.altnames == []
 
 
@@ -156,7 +156,7 @@ class TestCert:
         c1 = certs.Cert.from_pem(d)
         assert c1.cn == b"google.com"
         assert len(c1.altnames) == 436
-        assert c1.o == b"Google Inc"
+        assert c1.organization == b"Google Inc"
 
         with open(tdata.path("mitmproxy/net/data/text_cert_2"), "rb") as f:
             d = f.read()
author	Abhigyan Khaund <20434085+abhigyank@users.noreply.github.com>	2018-11-11 10:58:14 +0530
committer	Abhigyan Khaund <20434085+abhigyank@users.noreply.github.com>	2018-11-11 10:58:14 +0530
commit	cda4248610a802c8e97b9917fd44d264dcb06584 (patch)
tree	8346169e6f427c24f3f14f567476fe39f57d3085
parent	d4f4cfe2252ac82bc361c098e7fba48d70466890 (diff)
download	mitmproxy-cda4248610a802c8e97b9917fd44d264dcb06584.tar.gz mitmproxy-cda4248610a802c8e97b9917fd44d264dcb06584.tar.bz2 mitmproxy-cda4248610a802c8e97b9917fd44d264dcb06584.zip