ooni / netem
83%
main: 84%

LAST BUILD BRANCH: debug/dpi
DEFAULT BRANCH: main
Repo Added
Token KfVZcFhSeFSAp4eZkrJOgW6W4rc6VH5UH regen
Build 115 Last
Files 28
Badge
Embed ▾
README BADGES
x

If you need to use a raster PNG badge, change the '.svg' to '.png' in the link

Markdown

Textile

RDoc

HTML

Rst

LAST BUILD ON BRANCH issue/1803
branch: issue/1803
CHANGE BRANCH
x
Sync Branches

coverage: 82.893% (-0.2%) from 83.112%
6095017614

Pull #37

github

bassosimone 
feat: fork google/martian/v3/mitm to build expired certs

To move forward with https://github.com/ooni/probe/issues/1803, I want to
generate expired certificates. To this end, I have forked the mitm package
to peek into internals and further customize certificate generation.

I forked at https://github.com/google/martian/commit/19163e1b8.

The diff between the original code and my code is the following:

```diff
--- mitmx/mitm.go.orig	2023-09-06 10:42:30
+++ mitmx/mitmx.go	2023-09-06 10:46:28
@@ -12,10 +12,12 @@
 // See the License for the specific language governing permissions and
 // limitations under the License.

-// Package mitm provides tooling for MITMing TLS connections. It provides
+// Package mitmx provides tooling for MITMing TLS connections. It provides
 // tooling to create CA certs and generate TLS configs that can be used to MITM
 // a TLS connection with a provided CA certificate.
-package mitm
+//
+// This package is a fork of the mitm package in github.com/google/martian/v3.
+package mitmx

 import (
 	"bytes"
@@ -51,7 +53,6 @@
 	validity               time.Duration
 	org                    string
 	h2Config               *h2.Config
-	getCertificate         func(*tls.ClientHelloInfo) (*tls.Certificate, error)
 	roots                  *x509.CertPool
 	skipVerify             bool
 	handshakeErrorCallback func(*http.Request, error)
@@ -63,6 +64,12 @@
 // NewAuthority creates a new CA certificate and associated
 // private key.
 func NewAuthority(name, organization string, validity time.Duration) (*x509.Certificate, *rsa.PrivateKey, error) {
+	return NewAuthorityWithTimeNow(name, organization, validity, time.Now)
+}
+
+// NewAuthorityWithTimeNow is like NewAuthority but allows to customize the time.Now func
+func NewAuthorityWithTimeNow(
+	name, organization string, validity time.Duration, timeNow func() time.Time) (*x509.Certificate, *rsa.PrivateKey, error) {
 	priv, err := rsa.GenerateKey(rand.Reader, 20... (continued)
Pull Request #37: feat: fork google/martian/v3/mitm to build expired certs

171 of 209 new or added lines in 3 files covered. (81.82%)

3 existing lines in 1 file now uncovered.

2476 of 2987 relevant lines covered (82.89%)

0.88 hits per line

Relevant lines Covered
2987 RELEVANT LINES 2476 COVERED LINES
0.88 HITS PER LINE
Source Files on issue/1803

Recent builds

Builds Branch Commit Type Ran Committer Via Coverage
6095017614 issue/1803 feat: fork google/martian/v3/mitm to build expired certs To move forward with https://github.com/ooni/probe/issues/1803, I want to generate expired certificates. To this end, I have forked the mitm package to peek into internals and further custo... Pull #37 bassosimone github
82.89
6090839673 issue/1803 x Pull #36 bassosimone github
83.11
6090766868 issue/1803 x Pull #36 Simone Basso github
82.97
6089924225 issue/1803 fix(DPISpoofDNSResponse): return NXDOMAIN if rule contains no address Required to move forward with https://github.com/ooni/probe/issues/1803 Pull #35 bassosimone github
83.06
5975468212 issue/1803 Update dpiblock.go Pull #34 web-flow github
82.8
5975457427 issue/1803 feat: add DPI rule to reject SYN with RST|ACK Pull #34 Simone Basso github
82.91
5974764041 issue/1803 Update dpiblock.go Pull #33 GitHub github
82.48
5974720760 issue/1803 x Pull #33 Simone Basso github
82.4
5974672146 issue/1803 feat: implement sending EOF for offending SNIs Useful to move forward with https://github.com/ooni/probe/issues/1803 Pull #33 bassosimone github
82.48
See All Builds (57)