Introduce PhutilHTTPEngineExtension, for flexibly compromising SSL
01d14978d08e
Actions

Authored by epriestley <git@epriestley.com> on Jun 9 2016, 19:42.

Description

Introduce PhutilHTTPEngineExtension, for flexibly compromising SSL

Summary:
Ref T10227. Currently, we have a weird one-off thing in arc for blindly trusting domains, since this was easier than dealing with all the users using self-signed certificates.

Convert this into a modular extension and extend it to support certificates with bad hostnames (maybe plausibly legitimate when connecting to a machine via different interfaces? I guess?) and proxies.

This is the first of three changes which bring support to all of libphutil, arcanist, and Phabricator.

Test Plan:

Defined a "trust authority" extension, saw it trust/not trust authority.
Defined a "proxy" extension, saw requests go through a proxy.
Used --trace, saw proxy in trace.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10227

Differential Revision: https://secure.phabricator.com/D16090

Details

Committed

epriestley <git@epriestley.com>

Jun 9 2016, 21:01

Pushed

aubort

Mar 17 2017, 12:03

Parents

rPHUb11a344ba571: Allow prose and code diffs to use different smoothing

Branches

Unknown

Tags

Unknown

Event Timeline

epriestley <git@epriestley.com> committed rPHU01d14978d08e: Introduce PhutilHTTPEngineExtension, for flexibly compromising SSL (authored by epriestley <git@epriestley.com>).Jun 9 2016, 21:01

Changes (4)

				Path
	M			src/__phutil_library_map__.php
	M			src/future/http/HTTPSFuture.php
	A			src/future/http/PhutilHTTPEngineExtension.php
	M			src/serviceprofiler/PhutilServiceProfiler.php