Paths

Table of Contentst

Differential D16090

Introduce PhutilHTTPEngineExtension, for flexibly compromising SSL
ClosedPublic
Actions

Authored by epriestley on Jun 9 2016, 6:45 PM.

Tags

None

Referenced Files

	F15458496: D16090.id38715.diff
	Mon, Mar 31, 4:04 AM

	F15445846: D16090.id38715.diff
	Thu, Mar 27, 4:12 PM

	F15445756: D16090.diff
	Thu, Mar 27, 3:50 PM

	F15434000: D16090.diff
	Tue, Mar 25, 1:30 AM

	F15429866: D16090.diff
	Mon, Mar 24, 4:41 AM

	F15422828: D16090.id38715.diff
	Sat, Mar 22, 10:58 AM

	F15417442: D16090.id38715.diff
	Thu, Mar 20, 5:01 PM

	F15394769: D16090.id38712.diff
	Sun, Mar 16, 1:03 AM

Subscribers

None

Details

Reviewers

Maniphest Tasks

T10227: Provide an extension point for HTTP behaviors (proxies, SSL trust)

Commits

rPHU01d14978d08e: Introduce PhutilHTTPEngineExtension, for flexibly compromising SSL

Summary

Ref T10227. Currently, we have a weird one-off thing in arc for blindly trusting domains, since this was easier than dealing with all the users using self-signed certificates.

Convert this into a modular extension and extend it to support certificates with bad hostnames (maybe plausibly legitimate when connecting to a machine via different interfaces? I guess?) and proxies.

This is the first of three changes which bring support to all of libphutil, arcanist, and Phabricator.

Test Plan

Defined a "trust authority" extension, saw it trust/not trust authority.
Defined a "proxy" extension, saw requests go through a proxy.
Used --trace, saw proxy in trace.

Diff Detail

Repository

Lint

Lint Not Applicable

Unit

Tests Not Applicable

Event Timeline

epriestley updated this revision to Diff 38712.Jun 9 2016, 6:45 PM

epriestley retitled this revision from to Introduce PhutilHTTPEngineExtension, for flexibly compromising SSL.

epriestley updated this object.

epriestley edited the test plan for this revision. (Show Details)

epriestley added a reviewer: chad.

epriestley added a task: T10227: Provide an extension point for HTTP behaviors (proxies, SSL trust).

epriestley mentioned this in D16091: Use an HTTPEngineExtension to implement "https.blindly-trust-domains" in Arcanist.Jun 9 2016, 6:47 PM

chad accepted this revision.Jun 9 2016, 6:57 PM

chad edited edge metadata.

This revision is now accepted and ready to land.Jun 9 2016, 6:57 PM

Closed by commit rPHU01d14978d08e: Introduce PhutilHTTPEngineExtension, for flexibly compromising SSL (authored by epriestley, committed by epriestley). · Explain WhyJun 9 2016, 7:01 PM

This revision was automatically updated to reflect the committed changes.

epriestley mentioned this in rARCc13e5a629535: Use an HTTPEngineExtension to implement "https.blindly-trust-domains" in….

Revision Contents
Changeset List

Path

Size

src/

__phutil_library_map__.php

2 lines

future/

http/

HTTPSFuture.php

39 lines

PhutilHTTPEngineExtension.php

141 lines

serviceprofiler/

PhutilServiceProfiler.php

15 lines

Diff 38715

src/__phutil_library_map__.php

Loading...

src/future/http/HTTPSFuture.php

Loading...

src/future/http/PhutilHTTPEngineExtension.php

Loading...

src/serviceprofiler/PhutilServiceProfiler.php

Loading...