Add a get_remote_cert method to tcp client.

author: Aldo Cortesi <aldo@nullcube.com> 2012-06-28 08:15:55 +1200
committer: Aldo Cortesi <aldo@nullcube.com> 2012-06-28 08:15:55 +1200
commit: a1491a6ae037b7874dd71de11f5cd43e10aa46e7 (patch)
tree: 2b81c0f48e0fa0ac95f9e487504a6be7d105b1b3 /netlib/certutils.py
parent: b0ef9ad07ba4b805f3130237dcf9207434c33d84 (diff)
download: mitmproxy-a1491a6ae037b7874dd71de11f5cd43e10aa46e7.tar.gz
mitmproxy-a1491a6ae037b7874dd71de11f5cd43e10aa46e7.tar.bz2
mitmproxy-a1491a6ae037b7874dd71de11f5cd43e10aa46e7.zip
1 files changed, 6 insertions, 4 deletions
diff --git a/netlib/certutils.py b/netlib/certutils.py
index 6c9a5c57..180e1ac0 100644
--- a/netlib/certutils.py
+++ b/netlib/certutils.py
@@ -2,6 +2,7 @@ import os, ssl, hashlib, socket, time, datetime
 from pyasn1.type import univ, constraint, char, namedtype, tag
 from pyasn1.codec.der.decoder import decode
 import OpenSSL
+import tcp
 
 CERT_SLEEP_TIME = 1
 CERT_EXPIRY = str(365 * 3)
@@ -218,7 +219,8 @@ class SSLCert:
         return altnames
 
 
-def get_remote_cert(host, port): # pragma: no cover
-    addr = socket.gethostbyname(host)
-    s = ssl.get_server_certificate((addr, port))
-    return SSLCert(s)
+def get_remote_cert(host, port, sni):
+    c = tcp.TCPClient(host, port)
+    c.connect()
+    c.convert_to_ssl(sni=sni)
+    return c.cert
author	Aldo Cortesi <aldo@nullcube.com>	2012-06-28 08:15:55 +1200
committer	Aldo Cortesi <aldo@nullcube.com>	2012-06-28 08:15:55 +1200
commit	a1491a6ae037b7874dd71de11f5cd43e10aa46e7 (patch)
tree	2b81c0f48e0fa0ac95f9e487504a6be7d105b1b3 /netlib/certutils.py
parent	b0ef9ad07ba4b805f3130237dcf9207434c33d84 (diff)
download	mitmproxy-a1491a6ae037b7874dd71de11f5cd43e10aa46e7.tar.gz mitmproxy-a1491a6ae037b7874dd71de11f5cd43e10aa46e7.tar.bz2 mitmproxy-a1491a6ae037b7874dd71de11f5cd43e10aa46e7.zip