Skip to content

Commit

Permalink
Add support for custom HTTP user agent
Browse files Browse the repository at this point in the history
  • Loading branch information
mxsasha committed Apr 2, 2024
1 parent 761892b commit ea78fb8
Show file tree
Hide file tree
Showing 4 changed files with 20 additions and 5 deletions.
8 changes: 6 additions & 2 deletions sslyze/connection_helpers/http_request_generator.py
Original file line number Diff line number Diff line change
@@ -1,3 +1,5 @@
from typing import Optional

from sslyze import __version__


Expand All @@ -16,5 +18,7 @@ class HttpRequestGenerator:
)

@classmethod
def get_request(cls, host: str, path: str = "/") -> bytes:
return cls.HTTP_GET_FORMAT.format(host=host, path=path, user_agent=cls.DEFAULT_USER_AGENT).encode("utf-8")
def get_request(cls, host: str, path: str = "/", user_agent: Optional[str] = None) -> bytes:
if not user_agent:
user_agent = cls.DEFAULT_USER_AGENT
return cls.HTTP_GET_FORMAT.format(host=host, path=path, user_agent=user_agent).encode("utf-8")
5 changes: 4 additions & 1 deletion sslyze/plugins/early_data_plugin.py
Original file line number Diff line number Diff line change
Expand Up @@ -89,7 +89,10 @@ def _test_early_data_support(server_info: ServerConnectivityInfo) -> bool:
# Perform an SSL handshake and keep the session
ssl_connection.connect()
# Send and receive data for the TLS session to be created
ssl_connection.ssl_client.write(HttpRequestGenerator.get_request(host=server_info.server_location.hostname))
ssl_connection.ssl_client.write(HttpRequestGenerator.get_request(
host=server_info.server_location.hostname,
user_agent=server_info.network_configuration.http_user_agent
))
ssl_connection.ssl_client.read(2048)
session = ssl_connection.ssl_client.get_session()
except ServerRejectedTlsHandshake:
Expand Down
8 changes: 6 additions & 2 deletions sslyze/plugins/http_headers_plugin.py
Original file line number Diff line number Diff line change
Expand Up @@ -200,7 +200,9 @@ def _retrieve_and_analyze_http_response(server_info: ServerConnectivityInfo) ->
# Send an HTTP GET request to the server
ssl_connection.ssl_client.write(
HttpRequestGenerator.get_request(
host=server_info.network_configuration.tls_server_name_indication, path=next_location_path
host=server_info.network_configuration.tls_server_name_indication,
path=next_location_path,
user_agent=server_info.network_configuration.http_user_agent,
)
)
http_response = HttpResponseParser.parse_from_ssl_connection(ssl_connection.ssl_client)
Expand All @@ -225,7 +227,9 @@ def _retrieve_and_analyze_http_response(server_info: ServerConnectivityInfo) ->

# Prepare the results
initial_http_request = HttpRequestGenerator.get_request(
host=server_info.network_configuration.tls_server_name_indication, path="/"
host=server_info.network_configuration.tls_server_name_indication,
path="/",
user_agent=server_info.network_configuration.http_user_agent,
).decode("ascii")

if http_error_trace:
Expand Down
4 changes: 4 additions & 0 deletions sslyze/server_setting.py
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,7 @@

from nassl.ssl_client import OpenSslFileTypeEnum, SslClient

from sslyze import __version__
from sslyze.connection_helpers.opportunistic_tls_helpers import ProtocolWithOpportunisticTlsEnum
from sslyze.errors import InvalidServerNetworkConfigurationError, ServerHostnameCouldNotBeResolved

Expand Down Expand Up @@ -173,6 +174,8 @@ class ServerNetworkConfiguration:
xmpp_to_hostname: The hostname to set within the `to` attribute of the XMPP stream. If not supplied, the
server's hostname will be used. Should only be set if the supplied `tls_wrapped_protocol` is an
XMPP protocol.
http_user_agent: The User-Agent to send in HTTP requests. If not supplied, a default Chrome-like
is used that includes the sslyze version.
network_timeout: The timeout (in seconds) to be used when attempting to establish a connection to the
server.
network_max_retries: The number of retries SSLyze will perform when attempting to establish a connection
Expand All @@ -184,6 +187,7 @@ class ServerNetworkConfiguration:
tls_client_auth_credentials: Optional[ClientAuthenticationCredentials] = None

xmpp_to_hostname: Optional[str] = None
http_user_agent: Optional[str] = None

network_timeout: int = 5
network_max_retries: int = 3
Expand Down

0 comments on commit ea78fb8

Please sign in to comment.