search

stefan2904 / exitmap

Performs a task over (a subset of) all Tor exit relays.
http://www.cs.kau.se/philwint/spoiled_onions/
GNU General Public License v3.0
0 stars 0 forks source link

Use TorBrowser Headers for ssl.get_server_certificate #1

Closed stefan2904 closed 8 years ago

stefan2904 commented 8 years ago

In certutil.py -> handleCertError()

_ssl.get_servercertificate is using it's own HTTP Headers and therefore may be distinguishable from an actual TorBrowser by a malicious ExitNode.

See certutil.py -> readCertOfPage()

to see how conn.request sets the HTTP_HEADERS.

stefan2904 commented 8 years ago

TODO: Figure out if this is necessary, since ssl.get_server_certificate is doing a SSL connection but no HTTP, so there are no HTTP headers?

See code of ssl.get_server_certificate: https://hg.python.org/cpython/file/2.7/Lib/ssl.py#l992

stefan2904 commented 8 years ago 
def get_server_certificate(addr, ssl_version=PROTOCOL_SSLv23, ca_certs=None):

    """Retrieve the certificate from the server at the specified address,

    and return it as a PEM-encoded string.

    If 'ca_certs' is specified, validate the server cert against it.

    If 'ssl_version' is specified, use it in the connection attempt."""

    host, port = addr

    if ca_certs is not None:

        cert_reqs = CERT_REQUIRED

    else:

        cert_reqs = CERT_NONE

    context = _create_stdlib_context(ssl_version,

                                     cert_reqs=cert_reqs,

                                     cafile=ca_certs)

    with closing(create_connection(addr)) as sock:

        with closing(context.wrap_socket(sock)) as sslsock:

            dercert = sslsock.getpeercert(True)

    return DER_cert_to_PEM_cert(dercert)

=> no HTTP :)