Opened 7 years ago

Closed 7 years ago

#8358 closed defect (fixed)

ooni: tls_handshake.py dumps <X509Name object>s into report

Reported by: isis Owned by: isis
Priority: Medium Milestone:
Component: Archived/Ooni Version:
Severity: Keywords: ooni, bugreport
Cc: hellais, ioerror, aagbsn, isis Actual Points:
Parent ID: #8353 Points:
Reviewer: Sponsor:

Description

These need to be formatted correctly to pull out the Name fields.

Child Tickets

Change History (3)

comment:1 Changed 7 years ago by isis

Status: newaccepted

Fixed in commit 810c96bd4e48bef87d37b649204f3fb758708676 in my branch feature/tls-handshake-rebased.

comment:2 Changed 7 years ago by isis

Status: acceptedneeds_review

Changing to 'needs review'.

comment:3 Changed 7 years ago by isis

Resolution: fixed
Status: needs_reviewclosed

Merged in 875dc22d85d8391b81f6fe988f080a2cb41d65e3

An example report shows that it properly formats the certificate in a parsable manner (the double spacing is something that pyOpenSSL does, and it works fine to use these strings to re-import the certs):

###########################################
# OONI Probe Report for tls-handshake (0.0.3)
# Thu May  9 09:26:18 2013
###########################################
---
options: [-f, private/lists/tor-bridges.fake]
probe_asn: AS0
probe_cc: null
probe_ip: 127.0.0.1
software_name: ooniprobe
software_version: 0.0.11
start_time: 1368091578.0
test_name: tls-handshake
test_version: 0.0.3
...
---
cert_issuer:
- [CN, www.vm6jwg6yipl.com]
cert_public_key: '-----BEGIN PRIVATE KEY-----

  MIGkAgEAMA0GCSqGSIb3DQEBAQUABIGPMIGMAgEAAoGBAOPV8/ibOSq62jSJVRWy

  fkw8Xp7BezDKo9AtMIYCOIijoIEjIrgnsOZ+Zqspvb131O1XEHXW8G2onmi6ip1H

  OrnKcFdfZrZTzTXqXMAULAwlgXxyG8xWjnA4GYC7FgknbPlfN+s59pd3kXRJYK7R

  +WYkV2EJwkzoLQhhZ5OIFGtPAgMBAAE=

  -----END PRIVATE KEY-----

  '
cert_serial_no: 13703146291702084555
cert_sig_algo: sha1WithRSAEncryption
cert_subj_hash: 1110666974
cert_subject:
- [CN, www.qup5z7siun5d5d.net]
host: 85.10.205.21
input: [85.10.205.21, 18391]
port: 18391
renegotiations: 0
server_cert: '-----BEGIN CERTIFICATE-----

  MIIBuzCCASSgAwIBAgIJAL4rWvMuHTPLMA0GCSqGSIb3DQEBBQUAMB4xHDAaBgNV

  BAMTE3d3dy52bTZqd2c2eWlwbC5jb20wHhcNMTMwNTA5MDc1OTM2WhcNMTQwNTA5

  MDc1OTM2WjAhMR8wHQYDVQQDExZ3d3cucXVwNXo3c2l1bjVkNWQubmV0MIGfMA0G

  CSqGSIb3DQEBAQUAA4GNADCBiQKBgQDj1fP4mzkquto0iVUVsn5MPF6ewXswyqPQ

  LTCGAjiIo6CBIyK4J7DmfmarKb29d9TtVxB11vBtqJ5ouoqdRzq5ynBXX2a2U801

  6lzAFCwMJYF8chvMVo5wOBmAuxYJJ2z5XzfrOfaXd5F0SWCu0flmJFdhCcJM6C0I

  YWeTiBRrTwIDAQABMA0GCSqGSIb3DQEBBQUAA4GBAAyQ8NeTV3XlLnKI5nULop6t

  hvov4o08EzhNZbtQlcoEDadoMQZAGkgX94ycWE2dl2mNsZHsHKio9I5WKoN316+T

  0Xdvkel9WWNyLNX3lY1mU0OFQc6lKZfL7o1JXvNBhrcjayuShJQHuqNFRxFkqDnG

  LAKADOeM2EkG7eXj8GPg

  -----END CERTIFICATE-----

  '
server_cert_chain: '-----BEGIN CERTIFICATE-----

  MIIBuzCCASSgAwIBAgIJAL4rWvMuHTPLMA0GCSqGSIb3DQEBBQUAMB4xHDAaBgNV

  BAMTE3d3dy52bTZqd2c2eWlwbC5jb20wHhcNMTMwNTA5MDc1OTM2WhcNMTQwNTA5

  MDc1OTM2WjAhMR8wHQYDVQQDExZ3d3cucXVwNXo3c2l1bjVkNWQubmV0MIGfMA0G

  CSqGSIb3DQEBAQUAA4GNADCBiQKBgQDj1fP4mzkquto0iVUVsn5MPF6ewXswyqPQ

  LTCGAjiIo6CBIyK4J7DmfmarKb29d9TtVxB11vBtqJ5ouoqdRzq5ynBXX2a2U801

  6lzAFCwMJYF8chvMVo5wOBmAuxYJJ2z5XzfrOfaXd5F0SWCu0flmJFdhCcJM6C0I

  YWeTiBRrTwIDAQABMA0GCSqGSIb3DQEBBQUAA4GBAAyQ8NeTV3XlLnKI5nULop6t

  hvov4o08EzhNZbtQlcoEDadoMQZAGkgX94ycWE2dl2mNsZHsHKio9I5WKoN316+T

  0Xdvkel9WWNyLNX3lY1mU0OFQc6lKZfL7o1JXvNBhrcjayuShJQHuqNFRxFkqDnG

  LAKADOeM2EkG7eXj8GPg

  -----END CERTIFICATE-----

  '
server_ciphersuite: [ECDHE-ECDSA-AES256-SHA, ECDHE-RSA-AES256-SHA, DHE-RSA-CAMELLIA256-SHA,
  DHE-DSS-CAMELLIA256-SHA, DHE-RSA-AES256-SHA, DHE-DSS-AES256-SHA, CAMELLIA256-SHA,
  AES256-SHA, ECDHE-ECDSA-RC4-SHA, ECDHE-ECDSA-AES128-SHA, ECDHE-RSA-RC4-SHA, ECDHE-RSA-AES128-SHA,
  DHE-RSA-CAMELLIA128-SHA, DHE-DSS-CAMELLIA128-SHA]
session_key: !!binary |
  78lUBAjSnSgTOl6nwELNlgMYlR/2rP4nRE+rMKEd1Xgtxoba9xgb2z6a/0A7UT2c
state: SSL negotiation finished successfully
...
---
host: &id001 [54.242.208.158, 443]
input: *id001
port: 443
state: ''
...
Note: See TracTickets for help on using tickets.