From 00942c1431c551e0bded111271be9b69f5261d91 Mon Sep 17 00:00:00 2001 From: Aldo Cortesi Date: Mon, 27 Feb 2012 15:05:45 +1300 Subject: Add upstream certificate lookup. This initiates a connection to the server to obtain certificate information to generate interception certificates. At the moment, the information used is the Common Name, and the list of Subject Alternative Names. --- test/tools/getcn | 13 +++++++++++++ 1 file changed, 13 insertions(+) create mode 100755 test/tools/getcn (limited to 'test/tools') diff --git a/test/tools/getcn b/test/tools/getcn new file mode 100755 index 00000000..d17ec0f6 --- /dev/null +++ b/test/tools/getcn @@ -0,0 +1,13 @@ +#!/usr/bin/env python + +import sys +sys.path.insert(0, "../..") +from libmproxy import utils + +cn, san = utils.get_remote_cn(sys.argv[1], 443) +print cn +if san: + for i in san: + print "\t", i + + -- cgit v1.2.3 From 2ba8296843fc83256e3e13a23529a915d73a2e2d Mon Sep 17 00:00:00 2001 From: Aldo Cortesi Date: Mon, 27 Feb 2012 15:21:05 +1300 Subject: Better certificate parsing. --- test/tools/getcert | 24 ++++++++++++++++++++++++ test/tools/getcn | 2 +- 2 files changed, 25 insertions(+), 1 deletion(-) create mode 100755 test/tools/getcert (limited to 'test/tools') diff --git a/test/tools/getcert b/test/tools/getcert new file mode 100755 index 00000000..dc655958 --- /dev/null +++ b/test/tools/getcert @@ -0,0 +1,24 @@ +#!/usr/bin/env python +import sys +sys.path.insert(0, "../..") +import socket, tempfile, ssl, subprocess + +addr = socket.gethostbyname(sys.argv[1]) +s = ssl.get_server_certificate((addr, 443)) +f = tempfile.NamedTemporaryFile() +f.write(s) +f.flush() +p = subprocess.Popen( + [ + "openssl", + "x509", + "-in", f.name, + "-text", + "-noout" + ], + stdout = subprocess.PIPE +) +out, _ = p.communicate() +print out + + diff --git a/test/tools/getcn b/test/tools/getcn index d17ec0f6..4cc028ca 100755 --- a/test/tools/getcn +++ b/test/tools/getcn @@ -10,4 +10,4 @@ if san: for i in san: print "\t", i - + -- cgit v1.2.3