From ab1d8fa3500f786528c5c6a3e2bba19cd96595d0 Mon Sep 17 00:00:00 2001 From: Aldo Cortesi Date: Mon, 2 Apr 2012 16:19:00 +1200 Subject: Expand SSL cert support - Capture the remote SSL certificate - Expose the remote cert as an attribute on Response - Expand the certutils.SSLCert interface to expose more cert info --- libmproxy/proxy.py | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) (limited to 'libmproxy/proxy.py') diff --git a/libmproxy/proxy.py b/libmproxy/proxy.py index c6a68ba3..a6db44c2 100644 --- a/libmproxy/proxy.py +++ b/libmproxy/proxy.py @@ -229,6 +229,7 @@ class ServerConnection: self.port = request.port self.scheme = request.scheme self.close = False + self.cert = None self.server, self.rfile, self.wfile = None, None, None self.connect() @@ -239,6 +240,8 @@ class ServerConnection: if self.scheme == "https": server = ssl.wrap_socket(server) server.connect((addr, self.port)) + if self.scheme == "https": + self.cert = server.getpeercert(True) except socket.error, err: raise ProxyError(502, 'Error connecting to "%s": %s' % (self.host, err)) self.server = server @@ -275,7 +278,7 @@ class ServerConnection: content = "" else: content = read_http_body(self.rfile, self, headers, True, self.config.body_size_limit) - return flow.Response(self.request, code, msg, headers, content) + return flow.Response(self.request, code, msg, headers, content, self.cert) def terminate(self): try: -- cgit v1.2.3