Page MenuHomePhabricator

Introduce PhutilHTTPEngineExtension, for flexibly compromising SSL
ClosedPublic

Authored by epriestley on Jun 9 2016, 6:45 PM.
Tags
None
Referenced Files
Unknown Object (File)
Fri, Nov 22, 3:20 AM
Unknown Object (File)
Tue, Nov 19, 12:04 AM
Unknown Object (File)
Oct 21 2024, 3:06 PM
Unknown Object (File)
Oct 17 2024, 3:40 AM
Unknown Object (File)
Oct 15 2024, 8:53 AM
Unknown Object (File)
Oct 15 2024, 1:19 AM
Unknown Object (File)
Sep 26 2024, 3:51 PM
Unknown Object (File)
Sep 12 2024, 8:32 AM
Subscribers
None

Details

Summary

Ref T10227. Currently, we have a weird one-off thing in arc for blindly trusting domains, since this was easier than dealing with all the users using self-signed certificates.

Convert this into a modular extension and extend it to support certificates with bad hostnames (maybe plausibly legitimate when connecting to a machine via different interfaces? I guess?) and proxies.

This is the first of three changes which bring support to all of libphutil, arcanist, and Phabricator.

Test Plan
  • Defined a "trust authority" extension, saw it trust/not trust authority.
  • Defined a "proxy" extension, saw requests go through a proxy.
  • Used --trace, saw proxy in trace.

Diff Detail

Repository
rPHU libphutil
Branch
http1
Lint
Lint Passed
Unit
Tests Passed
Build Status
Buildable 12583
Build 15969: Run Core Tests
Build 15968: arc lint + arc unit

Event Timeline

epriestley retitled this revision from to Introduce PhutilHTTPEngineExtension, for flexibly compromising SSL.
epriestley updated this object.
epriestley edited the test plan for this revision. (Show Details)
epriestley added a reviewer: chad.
chad edited edge metadata.
This revision is now accepted and ready to land.Jun 9 2016, 6:57 PM