1、修改流量重放包 2、修改自检规则,增加可信证书验证

2020-10-07 14:19:36 +08:00
parent 9a300122dc
commit ff46f75021
7 changed files with 39 additions and 78 deletions
--- a/unittest_python/unittest/tsg_diagnose.py
+++ b/unittest_python/unittest/tsg_diagnose.py
@@ -169,7 +169,11 @@ class SslInterceptRequestBuild:
            else:
                raise Exception("Error: Ssl connection is intercept, cert maybe trust, cert info: %s" % issuer[1])
        else:
-            raise Exception("Error: Got other error certificate information, cert info: %s" % issuer[1])
+            if re.search(r'\bCN[\s]*=[\s]*BadSSL\b',issuer[1],0):
+                raise Exception("Error: Ssl connection intercept failed, cert info: %s" % issuer[1])
+            else:
+                raise Exception(sec_info_re)
+        

    def ssl_intercept_certerrExpired(self,test_suite_name):
        self._set_conn_opt(test_suite_name,URLSslExpired)
@@ -201,9 +205,9 @@ class ProxyRequestBuild:
                raise Exception("Error: Get certificate info error, certificate's length is %s" % len(issuer))
            if re.search(r'\bCN[\s]*=[\s]*Tango\b',issuer[1],0):
                if re.search(r'\bCN = Tango[\s\S]*UNTRUST\b',issuer[1],0):
-                    return
+                    raise Exception("Error: Ssl connection is intercept, cert maybe untrust, cert info: %s" % issuer[1])
                else:
-                    raise Exception("Error: Ssl connection is intercept, cert maybe trust, cert info: %s" % issuer[1])
+                    return
            else:
                raise Exception("Error: Got other error certificate information, cert info: %s" % issuer[1])

@@ -387,9 +391,13 @@ class SSLFileDownloadBuild:
                break
        if len(issuer) <= 0:
            raise Exception("Error: Get certificate info error, certificate's length is %s" % len(issuer))
-        if not re.search(r'\bCN = Tango[\s\S]*UNTRUST\b',issuer[1],0):
+
+        if re.search(r'\bCN[\s]*=[\s]*Tango\b',issuer[1],0):
+            if re.search(r'\bCN = Tango[\s\S]*UNTRUST\b',issuer[1],0):
+                raise Exception("Error: Ssl connection is intercept, cert maybe untrust, cert info: %s" % issuer[1])
+        else:
            raise Exception("Error: Intercept fail: no Tango cert,cert info:%s" % issuer[1])
-        
+
        if int(conninfo["size_download"])  == size:
            self._write_in_nezha(sizeStr,conninfo)
            self._write_in_logfile(sizeStr,conninfo)