v0.8.1: fix MITM leaf cert extensions — HTTPS through the proxy now works (closes #11)

Multiple users reported the same thing (issue #11): they trusted the
CA, then re-installed it, then deleted and re-generated it, and still
every HTTPS site through the proxy failed in the browser. The python
version of the same project doesn't have the issue.

Root cause: rcgen's CertificateParams::default() produces a
minimum-viable x509 cert that does NOT carry:

  - ExtendedKeyUsage extension with id-kp-serverAuth
  - KeyUsage extension with digitalSignature + keyEncipherment

Modern Chrome / Firefox / Edge / Safari all reject TLS server leaves
without those. The CA trust bit didn't matter — the browser's chain
validator rejected the leaf itself with NET::ERR_CERT_INVALID before
ever consulting the trust store. So 'reinstall the CA' was powerless
to help.

Fix in src/mitm.rs::issue_leaf:
  - Set params.extended_key_usages = [ServerAuth].
  - Set params.key_usages = [DigitalSignature, KeyEncipherment].
  - Backdate not_before by 5 min to absorb clock skew between the
    MITM process and a slightly-fast client clock. Same fix in the
    CA's own not_before.

Also added src/mitm.rs::tests::leaf_has_serverauth_eku_and_key_usage
as a permanent regression guard — it parses the DER with x509-parser
and asserts the three extensions are present. Added x509-parser to
dev-dependencies (already in the tree transitively via rcgen).

Upgrade path for users affected by #11: download v0.8.1, run it. No
CA reinstall required — the CA cert itself was fine, only the per-
site leaves were broken.

Verified end-to-end locally:
  curl --cacert <ca.crt> -x http://127.0.0.1:... https://httpbin.org/ip
  curl --cacert <ca.crt> -x socks5h://127.0.0.1:... https://httpbin.org/ip
Both return JSON without cert errors, through the Apps Script relay
path. 37 unit tests pass.

Author: therealaleph

Cargo.lock

@@ -1,6 +1,6 @@
 [package]
 name = "mhrv-rs"
-version = "0.8.0"
+version = "0.8.1"
 edition = "2021"
 description = "Rust port of MasterHttpRelayVPN -- DPI bypass via Google Apps Script relay with domain fronting"
 license = "MIT"
@@ -62,6 +62,10 @@ eframe = { version = "0.28", default-features = false, features = [
 [target.'cfg(unix)'.dependencies]
 libc = "0.2"
 
+[dev-dependencies]
+# Used in mitm tests to sanity-check the cert extensions we emit.
+x509-parser = "0.16"
+
 [profile.release]
 panic = "abort"
 codegen-units = 1

Cargo.toml

@@ -3,8 +3,8 @@ use std::path::{Path, PathBuf};
 use std::sync::Arc;
 
 use rcgen::{
-    BasicConstraints, Certificate, CertificateParams, DistinguishedName, DnType, IsCa, KeyPair,
-    KeyUsagePurpose, SanType,
+    BasicConstraints, Certificate, CertificateParams, DistinguishedName, DnType,
+    ExtendedKeyUsagePurpose, IsCa, KeyPair, KeyUsagePurpose, SanType,
 };
 use rustls::pki_types::{CertificateDer, PrivateKeyDer, PrivatePkcs8KeyDer};
 use rustls::ServerConfig;
@@ -104,7 +104,7 @@ impl MitmCertManager {
             KeyUsagePurpose::CrlSign,
         ];
         let now = time::OffsetDateTime::now_utc();
-        params.not_before = now;
+        params.not_before = now - time::Duration::minutes(5);
         params.not_after = now + time::Duration::days(3650);
 
         let key_pair = KeyPair::generate()?;
@@ -162,8 +162,25 @@ impl MitmCertManager {
             MitmError::Invalid(format!("bad dns name '{}': {}", domain, e))
         })?;
         params.subject_alt_names.push(SanType::DnsName(dns_name));
+
+        // Modern browsers (Chrome/Firefox, all current versions) reject TLS
+        // leaves that don't carry:
+        //   - ExtendedKeyUsage: serverAuth   → NET::ERR_CERT_INVALID otherwise
+        //   - KeyUsage: digitalSignature + keyEncipherment
+        // rcgen's `CertificateParams::default()` doesn't set these — we have
+        // to add them explicitly. Skipping this was the root cause of issue #11
+        // where users reinstalled the trusted CA dozens of times and browsers
+        // still refused to load HTTPS sites through the proxy.
+        params.key_usages = vec![
+            KeyUsagePurpose::DigitalSignature,
+            KeyUsagePurpose::KeyEncipherment,
+        ];
+        params.extended_key_usages = vec![ExtendedKeyUsagePurpose::ServerAuth];
+
+        // Backdate not_before by 5 min to absorb clock skew between the
+        // MITM process and the browser / system clock.
         let now = time::OffsetDateTime::now_utc();
-        params.not_before = now;
+        params.not_before = now - time::Duration::minutes(5);
         params.not_after = now + time::Duration::days(365);
 
         let leaf_key = KeyPair::generate()?;
@@ -198,6 +215,48 @@ mod tests {
         let _ = std::fs::remove_dir_all(&tmp);
     }
 
+    #[test]
+    fn leaf_has_serverauth_eku_and_key_usage() {
+        // Regression guard for issue #11. rcgen's CertificateParams::default()
+        // doesn't set these extensions; without them modern Chrome/Firefox
+        // reject every leaf with NET::ERR_CERT_INVALID even after the CA is
+        // trusted. Verified by spot-checking the DER with x509-parser.
+        use x509_parser::prelude::*;
+
+        init_crypto();
+        let tmp = tempdir();
+        let m = MitmCertManager::new_in(&tmp).unwrap();
+        let (leaf_der, _) = m.issue_leaf("example.com").unwrap();
+        let (_, parsed) = X509Certificate::from_der(&leaf_der).unwrap();
+
+        // ExtendedKeyUsage: serverAuth present.
+        let eku = parsed
+            .extended_key_usage()
+            .expect("eku extension lookup")
+            .expect("eku extension present");
+        assert!(eku.value.server_auth, "leaf must have serverAuth EKU");
+
+        // KeyUsage: digitalSignature + keyEncipherment present.
+        let ku = parsed
+            .key_usage()
+            .expect("key_usage extension lookup")
+            .expect("key_usage extension present");
+        assert!(ku.value.digital_signature(), "leaf must have digitalSignature KU");
+        assert!(ku.value.key_encipherment(), "leaf must have keyEncipherment KU");
+
+        // SAN has the domain we asked for.
+        let san = parsed
+            .subject_alternative_name()
+            .expect("san extension lookup")
+            .expect("san extension present");
+        let has_name = san.value.general_names.iter().any(|n| {
+            matches!(n, GeneralName::DNSName(s) if *s == "example.com")
+        });
+        assert!(has_name, "leaf SAN must contain example.com");
+
+        let _ = std::fs::remove_dir_all(&tmp);
+    }
+
     #[test]
     fn issues_different_certs_per_domain() {
         init_crypto();