Add a request_client_cert argument to server SSL conversion.

By default, we now do not request the client cert. We're supposed to be able to do this with no negative effects - if the client has no cert to present, we're notified and proceed as usual. Unfortunately, Android seems to have a bug (tested on 4.2.2) - when an Android client is asked to present a certificate it does not have, it hangs up, which is frankly bogus. Some time down the track we may be able to make the proper behaviour the default again, but until then we're conservative.
author: Aldo Cortesi <aldo@nullcube.com> 2013-05-13 08:48:21 +1200
committer: Aldo Cortesi <aldo@nullcube.com> 2013-05-13 08:48:21 +1200
commit: 7f0aa415e1ab95ed6b27a760cc9aa8ff4ee85080 (patch)
tree: cc935ae95c1a4621dd21827d09d1593e533cdd30 /netlib/certutils.py
parent: 9c13224353eefbb6b1824ded20846036b07c558f (diff)
download: mitmproxy-7f0aa415e1ab95ed6b27a760cc9aa8ff4ee85080.tar.gz
mitmproxy-7f0aa415e1ab95ed6b27a760cc9aa8ff4ee85080.tar.bz2
mitmproxy-7f0aa415e1ab95ed6b27a760cc9aa8ff4ee85080.zip
1 files changed, 0 insertions, 3 deletions
diff --git a/netlib/certutils.py b/netlib/certutils.py
index 8407dcc8..f18318f6 100644
--- a/netlib/certutils.py
+++ b/netlib/certutils.py
@@ -5,9 +5,6 @@ from pyasn1.error import PyAsn1Error
 import OpenSSL
 import tcp
 
-CERT_SLEEP_TIME = 1
-CERT_EXPIRY = str(365 * 3)
-
 
 def create_ca():
     key = OpenSSL.crypto.PKey()
author	Aldo Cortesi <aldo@nullcube.com>	2013-05-13 08:48:21 +1200
committer	Aldo Cortesi <aldo@nullcube.com>	2013-05-13 08:48:21 +1200
commit	7f0aa415e1ab95ed6b27a760cc9aa8ff4ee85080 (patch)
tree	cc935ae95c1a4621dd21827d09d1593e533cdd30 /netlib/certutils.py
parent	9c13224353eefbb6b1824ded20846036b07c558f (diff)
download	mitmproxy-7f0aa415e1ab95ed6b27a760cc9aa8ff4ee85080.tar.gz mitmproxy-7f0aa415e1ab95ed6b27a760cc9aa8ff4ee85080.tar.bz2 mitmproxy-7f0aa415e1ab95ed6b27a760cc9aa8ff4ee85080.zip