diff options
| author | Daniel Lenski <daniel.lenski@finalphasesystems.com> | 2017-02-12 13:28:24 -0800 |
|---|---|---|
| committer | Thomas Kriechbaumer <thomas@kriechbaumer.name> | 2017-02-21 20:57:29 +0100 |
| commit | 48b3d1af2fb43f119e0c011e2350728169c82acd (patch) | |
| tree | 9e92c77750692cf7b0bb7a7fe37b922d16bfb3fd | |
| parent | cf0bce77a91406681cf9fdc848d4b5e7b2da51a7 (diff) | |
| download | mitmproxy-48b3d1af2fb43f119e0c011e2350728169c82acd.tar.gz mitmproxy-48b3d1af2fb43f119e0c011e2350728169c82acd.tar.bz2 mitmproxy-48b3d1af2fb43f119e0c011e2350728169c82acd.zip | |
store generated cert for each flow
fixes #1935
| -rw-r--r-- | mitmproxy/connections.py | 4 | ||||
| -rw-r--r-- | mitmproxy/io_compat.py | 1 | ||||
| -rw-r--r-- | mitmproxy/proxy/protocol/tls.py | 2 | ||||
| -rw-r--r-- | mitmproxy/test/tflow.py | 1 |
4 files changed, 8 insertions, 0 deletions
diff --git a/mitmproxy/connections.py b/mitmproxy/connections.py index a32889bd..6d4d648f 100644 --- a/mitmproxy/connections.py +++ b/mitmproxy/connections.py @@ -17,6 +17,7 @@ class ClientConnection(tcp.BaseHandler, stateobject.StateObject): address: Remote address ssl_established: True if TLS is established, False otherwise clientcert: The TLS client certificate + mitmcert: The MITM'ed TLS server certificate presented to the client timestamp_start: Connection start timestamp timestamp_ssl_setup: TLS established timestamp timestamp_end: Connection end timestamp @@ -40,6 +41,7 @@ class ClientConnection(tcp.BaseHandler, stateobject.StateObject): self.clientcert = None self.ssl_established = None + self.mitmcert = None self.timestamp_start = time.time() self.timestamp_end = None self.timestamp_ssl_setup = None @@ -72,6 +74,7 @@ class ClientConnection(tcp.BaseHandler, stateobject.StateObject): address=tcp.Address, ssl_established=bool, clientcert=certs.SSLCert, + mitmcert=certs.SSLCert, timestamp_start=float, timestamp_ssl_setup=float, timestamp_end=float, @@ -98,6 +101,7 @@ class ClientConnection(tcp.BaseHandler, stateobject.StateObject): return cls.from_state(dict( address=dict(address=address, use_ipv6=False), clientcert=None, + mitmcert=None, ssl_established=False, timestamp_start=None, timestamp_end=None, diff --git a/mitmproxy/io_compat.py b/mitmproxy/io_compat.py index 8f89b86e..d299b973 100644 --- a/mitmproxy/io_compat.py +++ b/mitmproxy/io_compat.py @@ -88,6 +88,7 @@ def convert_019_100(data): def convert_100_200(data): data["version"] = (2, 0, 0) + data["client_conn"]["mitmcert"] = None return data diff --git a/mitmproxy/proxy/protocol/tls.py b/mitmproxy/proxy/protocol/tls.py index 08ce53d0..c174b003 100644 --- a/mitmproxy/proxy/protocol/tls.py +++ b/mitmproxy/proxy/protocol/tls.py @@ -465,6 +465,8 @@ class TlsLayer(base.Layer): self.log("Establish TLS with client", "debug") cert, key, chain_file = self._find_cert() + self.client_conn.mitmcert = cert + if self.config.options.add_upstream_certs_to_client_chain: extra_certs = self.server_conn.server_certs else: diff --git a/mitmproxy/test/tflow.py b/mitmproxy/test/tflow.py index 6d330840..ea7be4b9 100644 --- a/mitmproxy/test/tflow.py +++ b/mitmproxy/test/tflow.py @@ -144,6 +144,7 @@ def tclient_conn(): c = connections.ClientConnection.from_state(dict( address=dict(address=("address", 22), use_ipv6=True), clientcert=None, + mitmcert=None, ssl_established=False, timestamp_start=1, timestamp_ssl_setup=2, |