We can reuse the RSA private key we create or load on
`CertificateAuthority.__init__`. There is no need to create another one
for each host we connect to.
`rsa.generate_private_key` is a very slow function.
warcprox crashes with the following error when using
`cryptography==35.0.0`.
```
ValueError: Valid PEM but no BEGIN CERTIFICATE/END CERTIFICATE delimiters. Are you sure this is a certificate?
Traceback (most recent call last):
File "/opt/spn2/bin/warcprox", line 8, in <module>
sys.exit(main())
File "/opt/spn2/lib/python3.8/site-packages/warcprox/main.py", line 330, in main
controller = warcprox.controller.WarcproxController(options)
File "/opt/spn2/lib/python3.8/site-packages/warcprox/controller.py", line 145, in __init__
self.proxy = warcprox.warcproxy.WarcProxy(
File "/opt/spn2/lib/python3.8/site-packages/warcprox/warcproxy.py", line 561, in __init__
SingleThreadedWarcProxy.__init__(
File "/opt/spn2/lib/python3.8/site-packages/warcprox/warcproxy.py", line 509, in __init__
warcprox.mitmproxy.SingleThreadedMitmProxy.__init__(
File "/opt/spn2/lib/python3.8/site-packages/warcprox/mitmproxy.py", line 861, in __init__
self.ca = CertificateAuthority(
File "/opt/spn2/lib/python3.8/site-packages/warcprox/certauth.py", line 69, in __init__
self.cert, self.key = self.read_pem(ca_file)
File "/opt/spn2/lib/python3.8/site-packages/warcprox/certauth.py", line 210, in read_pem
cert = x509.load_pem_x509_certificate(f.read(), default_backend())
File "/opt/spn2/lib/python3.8/site-packages/cryptography/x509/base.py", line 436, in load_pem_x509_certificate
return rust_x509.load_pem_x509_certificate(data)
ValueError: Valid PEM but no BEGIN CERTIFICATE/END CERTIFICATE delimiters. Are you sure this is a certificate?
```
PyOpenSSL is deprecated. We replace it with `cryptography` following
their recommendation at: https://pypi.org/project/pyOpenSSL/
We drop the `pyopenssl` dependency.
Copy certauth.py and tests_certauth.gr from `certauth==1.1.6`
b526eb2bfd
Change only imports.
Drop unused imports.
Update setup.py: drop `certauth` and add `pyopenssl`.
Save WARCs in subdirectories equal to the current value of Warcprox-Meta['warc-prefix'].
E.g. if warc-prefix=='spn2' and --dir=/warcs, save them in /warcs/spn2/.
There is no need to use such an old `idna` version.
The latest works with py35+ and all tests pass.
Newer `idna` supports the latest Unicode standard and latest python
versions.
https://github.com/kjd/idna/blob/master/HISTORY.rst
cryptography 41.0.0 crashes warcprox with the following exception:
```
File "/opt/spn2/lib/python3.8/site-packages/warcprox/main.py", line 317, in main
cryptography.hazmat.backends.openssl.backend.activate_builtin_random()
AttributeError: 'Backend' object has no attribute 'activate_builtin_random'
```
Also, cryptography==40.0.0 isn't OK because when I try to use it I get:
```
pyopenssl 23.2.0 requires cryptography!=40.0.0,!=40.0.1,<42,>=38.0.0, but you have cryptography 40.0.0 which is incompatible.
```
So, the version should be <=39.0.0