diff --git a/doc-src/02-docstyle.css b/doc-src/02-docstyle.css index 855899f60..ed83708a9 100644 --- a/doc-src/02-docstyle.css +++ b/doc-src/02-docstyle.css @@ -4,6 +4,13 @@ background: #000000; } + pre { + margin-top: 10px; color: #333; } + + +.tablenum { + font-weight: bold; +} diff --git a/doc-src/_explicit.graffle/data.plist b/doc-src/_explicit.graffle/data.plist new file mode 100644 index 000000000..bc5ef104a --- /dev/null +++ b/doc-src/_explicit.graffle/data.plist @@ -0,0 +1,572 @@ + + + + + ActiveLayerIndex + 0 + ApplicationVersion + + com.omnigroup.OmniGraffle.MacAppStore + 139.16 + + AutoAdjust + + BackgroundGraphic + + Bounds + {{0, 0}, {559.19998741149902, 782.79998779296875}} + Class + SolidGraphic + ID + 2 + Style + + shadow + + Draws + NO + + stroke + + Draws + NO + + + + BaseZoom + 0 + CanvasOrigin + {0, 0} + ColumnAlign + 1 + ColumnSpacing + 36 + CreationDate + 2013-01-02 19:31:53 +0000 + Creator + Aldo Cortesi + DisplayScale + 1.000 cm = 1.000 cm + GraphDocumentVersion + 8 + GraphicsList + + + Class + LineGraphic + ID + 4074 + Points + + {300.4483540852865, 420.70833897590637} + {344.88497416178387, 420.70833897590654} + {362.21830749511713, 420.04167230923986} + {413.55166625976557, 419.70833905537921} + + Style + + stroke + + HeadArrow + FilledArrow + Legacy + + TailArrow + 0 + + + + + Class + LineGraphic + ID + 4070 + Points + + {84.896692911783873, 420.66667453447985} + {129.33331298828122, 420.66667453448002} + {146.66664632161454, 420.00000786781334} + {198.00000508626297, 419.66667461395269} + + Style + + stroke + + HeadArrow + FilledArrow + Legacy + + TailArrow + 0 + + + + + Bounds + {{326.00000000000023, 391.39999198913591}, {62, 24}} + Class + ShapedGraphic + FitText + YES + Flow + Resize + FontInfo + + Font + Helvetica + Size + 12 + + ID + 4063 + Shape + Rectangle + Style + + fill + + Draws + NO + + shadow + + Draws + NO + + stroke + + Draws + NO + + + Text + + Pad + 0 + Text + {\rtf1\ansi\ansicpg1252\cocoartf1187\cocoasubrtf340 +\cocoascreenfonts1{\fonttbl\f0\fswiss\fcharset0 Helvetica;} +{\colortbl;\red255\green255\blue255;} +\pard\tx560\tx1120\tx1680\tx2240\tx2800\tx3360\tx3920\tx4480\tx5040\tx5600\tx6160\tx6720\pardirnatural\qc + +\f0\fs20 \cf0 2: Forwarded \ +Request} + VerticalPad + 0 + + Wrap + NO + + + Bounds + {{110, 403.39997863769622}, {49, 12}} + Class + ShapedGraphic + FitText + YES + Flow + Resize + FontInfo + + Font + Helvetica + Size + 12 + + ID + 4061 + Shape + Rectangle + Style + + fill + + Draws + NO + + shadow + + Draws + NO + + stroke + + Draws + NO + + + Text + + Pad + 0 + Text + {\rtf1\ansi\ansicpg1252\cocoartf1187\cocoasubrtf340 +\cocoascreenfonts1{\fonttbl\f0\fswiss\fcharset0 Helvetica;} +{\colortbl;\red255\green255\blue255;} +\pard\tx560\tx1120\tx1680\tx2240\tx2800\tx3360\tx3920\tx4480\tx5040\tx5600\tx6160\tx6720\pardirnatural\qc + +\f0\fs20 \cf0 1: Request} + VerticalPad + 0 + + Wrap + NO + + + Bounds + {{430.83098347981803, 515.99999999999989}, {36, 14}} + Class + ShapedGraphic + FitText + YES + Flow + Resize + ID + 4026 + Shape + Rectangle + Style + + fill + + Draws + NO + + shadow + + Draws + NO + + stroke + + Draws + NO + + + Text + + Pad + 0 + Text + {\rtf1\ansi\ansicpg1252\cocoartf1187\cocoasubrtf340 +\cocoascreenfonts1{\fonttbl\f0\fswiss\fcharset0 Helvetica;} +{\colortbl;\red255\green255\blue255;} +\pard\tx560\tx1120\tx1680\tx2240\tx2800\tx3360\tx3920\tx4480\tx5040\tx5600\tx6160\tx6720\pardirnatural\qc + +\f0\fs24 \cf0 Server} + VerticalPad + 0 + + Wrap + NO + + + Bounds + {{40.499999999999993, 486.66666666666663}, {31, 14}} + Class + ShapedGraphic + FitText + YES + Flow + Resize + ID + 4025 + Shape + Rectangle + Style + + fill + + Draws + NO + + shadow + + Draws + NO + + stroke + + Draws + NO + + + Text + + Pad + 0 + Text + {\rtf1\ansi\ansicpg1252\cocoartf1187\cocoasubrtf340 +\cocoascreenfonts1{\fonttbl\f0\fswiss\fcharset0 Helvetica;} +{\colortbl;\red255\green255\blue255;} +\pard\tx560\tx1120\tx1680\tx2240\tx2800\tx3360\tx3920\tx4480\tx5040\tx5600\tx6160\tx6720\pardirnatural\qc + +\f0\fs24 \cf0 Client} + VerticalPad + 0 + + Wrap + NO + + + Bounds + {{417.16432189941418, 323.90565299479198}, {63.333332061767578, 185.52200317382812}} + Class + ShapedGraphic + ID + 4004 + ImageID + 6 + Shape + Rectangle + Style + + fill + + Draws + NO + + shadow + + Draws + NO + + stroke + + Draws + NO + + + + + Bounds + {{205.34386889139773, 289.33333333333331}, {84, 248.66667175292969}} + Class + ShapedGraphic + ID + 4023 + Shape + Rectangle + Style + + fill + + Color + + b + 0 + g + 0.463735 + r + 1 + + + + Text + + Text + {\rtf1\ansi\ansicpg1252\cocoartf1187\cocoasubrtf340 +\cocoascreenfonts1{\fonttbl\f0\fswiss\fcharset0 Helvetica;} +{\colortbl;\red255\green255\blue255;\red37\green17\blue0;} +\pard\tx560\tx1120\tx1680\tx2240\tx2800\tx3360\tx3920\tx4480\tx5040\tx5600\tx6160\tx6720\pardirnatural\qc + +\f0\fs24 \cf2 mitmproxy} + + + + Bounds + {{4.6666666467984399, 351.33332316080771}, {102.66666412353516, 130.66667175292969}} + Class + ShapedGraphic + ID + 134 + ImageID + 3 + Shape + Rectangle + Style + + fill + + Draws + NO + + shadow + + Draws + NO + + stroke + + Draws + NO + + + + + GridInfo + + GuidesLocked + NO + GuidesVisible + YES + HPages + 1 + ImageCounter + 7 + ImageLinkBack + + + + + ImageList + + image6.tiff + image3.icns + + KeepToScale + + Layers + + + Lock + NO + Name + Layer 1 + Print + YES + View + YES + + + LayoutInfo + + Animate + NO + circoMinDist + 18 + circoSeparation + 0.0 + layoutEngine + dot + neatoSeparation + 0.0 + twopiSeparation + 0.0 + + LinksVisible + NO + MagnetsVisible + NO + MasterSheets + + ModificationDate + 2013-01-03 02:27:49 +0000 + Modifier + Aldo Cortesi + NotesVisible + NO + Orientation + 2 + OriginVisible + NO + PageBreaks + YES + PrintInfo + + NSBottomMargin + + float + 41 + + NSHorizonalPagination + + coded + BAtzdHJlYW10eXBlZIHoA4QBQISEhAhOU051bWJlcgCEhAdOU1ZhbHVlAISECE5TT2JqZWN0AIWEASqEhAFxlwCG + + NSLeftMargin + + float + 18 + + NSPaperSize + + size + {595.19998741149902, 841.79998779296875} + + NSPrintReverseOrientation + + int + 0 + + NSRightMargin + + float + 18 + + NSTopMargin + + float + 18 + + + PrintOnePage + + ReadOnly + NO + RowAlign + 1 + RowSpacing + 36 + SheetTitle + Canvas 1 + SmartAlignmentGuidesActive + YES + SmartDistanceGuidesActive + YES + UniqueID + 1 + UseEntirePage + + VPages + 1 + WindowInfo + + CurrentSheet + 0 + ExpandedCanvases + + + name + Canvas 1 + + + Frame + {{300, 236}, {974, 874}} + ListView + + OutlineWidth + 142 + RightSidebar + + ShowRuler + + Sidebar + + SidebarWidth + 120 + VisibleRegion + {{0, 202}, {550, 469.33333333333337}} + Zoom + 1.5 + ZoomValues + + + Canvas 1 + 1.5 + 1 + + + + + diff --git a/doc-src/_explicit.graffle/image3.icns b/doc-src/_explicit.graffle/image3.icns new file mode 100644 index 000000000..964df4b8c Binary files /dev/null and b/doc-src/_explicit.graffle/image3.icns differ diff --git a/doc-src/_explicit.graffle/image6.tiff b/doc-src/_explicit.graffle/image6.tiff new file mode 100644 index 000000000..bd6ed534b Binary files /dev/null and b/doc-src/_explicit.graffle/image6.tiff differ diff --git a/doc-src/_explicit_https.graffle/data.plist b/doc-src/_explicit_https.graffle/data.plist new file mode 100644 index 000000000..306630a09 --- /dev/null +++ b/doc-src/_explicit_https.graffle/data.plist @@ -0,0 +1,1054 @@ + + + + + ActiveLayerIndex + 0 + ApplicationVersion + + com.omnigroup.OmniGraffle.MacAppStore + 139.16 + + AutoAdjust + + BackgroundGraphic + + Bounds + {{0, 0}, {559.19998741149902, 782.79998779296875}} + Class + SolidGraphic + ID + 2 + Style + + shadow + + Draws + NO + + stroke + + Draws + NO + + + + BaseZoom + 0 + CanvasOrigin + {0, 0} + ColumnAlign + 1 + ColumnSpacing + 36 + CreationDate + 2013-01-02 19:31:53 +0000 + Creator + Aldo Cortesi + DisplayScale + 1.000 cm = 1.000 cm + GraphDocumentVersion + 8 + GraphicsList + + + Class + LineGraphic + ID + 4075 + Points + + {299.94835408528644, 473.66668184598285} + {344.38497416178376, 473.66668184598302} + {361.71830749511713, 473.00001517931634} + {413.05166625976557, 472.66668192545569} + + Style + + stroke + + HeadArrow + FilledArrow + Legacy + + TailArrow + 0 + + + + + Class + LineGraphic + ID + 4074 + Points + + {300.4483540852865, 420.70833897590637} + {344.88497416178387, 420.70833897590654} + {362.21830749511713, 420.04167230923986} + {413.55166625976557, 419.70833905537921} + + Style + + stroke + + HeadArrow + 0 + Legacy + + TailArrow + FilledArrow + + + + + Class + LineGraphic + ID + 4073 + Points + + {300.44835408528655, 367.66666611035561} + {344.88497416178393, 367.66666611035578} + {362.21830749511719, 366.99999944368909} + {413.55166625976568, 366.66666618982845} + + Style + + stroke + + HeadArrow + FilledArrow + Legacy + + TailArrow + 0 + + + + + Class + LineGraphic + ID + 4072 + Points + + {84.896697998046875, 526.66670727729809} + {129.33331807454422, 526.6667072772982} + {146.66665140787754, 526.00004061063157} + {198.00001017252598, 525.66670735677087} + + Style + + stroke + + HeadArrow + FilledArrow + Legacy + + TailArrow + 0 + + + + + Class + LineGraphic + ID + 4071 + Points + + {84.896687825520942, 472.91668446858688} + {197.99999491373694, 472.66668319702148} + + Style + + stroke + + HeadArrow + 0 + Legacy + + TailArrow + FilledArrow + + + + + Class + LineGraphic + ID + 4070 + Points + + {84.896692911783873, 420.66667453447985} + {129.33331298828122, 420.66667453448002} + {146.66664632161454, 420.00000786781334} + {198.00000508626297, 419.66667461395269} + + Style + + stroke + + HeadArrow + FilledArrow + Legacy + + TailArrow + 0 + + + + + Bounds + {{316.49998792012531, 326.66665395100904}, {65, 36}} + Class + ShapedGraphic + FitText + YES + Flow + Resize + FontInfo + + Font + Helvetica + Size + 12 + + ID + 4069 + Shape + Rectangle + Style + + fill + + Draws + NO + + shadow + + Draws + NO + + stroke + + Draws + NO + + + Text + + Pad + 0 + Text + {\rtf1\ansi\ansicpg1252\cocoartf1187\cocoasubrtf340 +\cocoascreenfonts1{\fonttbl\f0\fswiss\fcharset0 Helvetica;} +{\colortbl;\red255\green255\blue255;} +\pard\tx560\tx1120\tx1680\tx2240\tx2800\tx3360\tx3920\tx4480\tx5040\tx5600\tx6160\tx6720\pardirnatural\qc + +\f0\fs20 \cf0 4: Initiate SSL \ +handshake \ +with SNI} + VerticalPad + 0 + + Wrap + NO + + + Bounds + {{317.00000000000006, 456.66707356770831}, {49, 12}} + Class + ShapedGraphic + FitText + YES + Flow + Resize + FontInfo + + Font + Helvetica + Size + 12 + + ID + 4067 + Shape + Rectangle + Style + + fill + + Draws + NO + + shadow + + Draws + NO + + stroke + + Draws + NO + + + Text + + Pad + 0 + Text + {\rtf1\ansi\ansicpg1252\cocoartf1187\cocoasubrtf340 +\cocoascreenfonts1{\fonttbl\f0\fswiss\fcharset0 Helvetica;} +{\colortbl;\red255\green255\blue255;} +\pard\tx560\tx1120\tx1680\tx2240\tx2800\tx3360\tx3920\tx4480\tx5040\tx5600\tx6160\tx6720\pardirnatural\qc + +\f0\fs20 \cf0 8: Request} + VerticalPad + 0 + + Wrap + NO + + + Bounds + {{94.187746683756515, 509.33333333333331}, {49, 12}} + Class + ShapedGraphic + FitText + YES + Flow + Resize + FontInfo + + Font + Helvetica + Size + 12 + + ID + 4066 + Shape + Rectangle + Style + + fill + + Draws + NO + + shadow + + Draws + NO + + stroke + + Draws + NO + + + Text + + Pad + 0 + Text + {\rtf1\ansi\ansicpg1252\cocoartf1187\cocoasubrtf340 +\cocoascreenfonts1{\fonttbl\f0\fswiss\fcharset0 Helvetica;} +{\colortbl;\red255\green255\blue255;} +\pard\tx560\tx1120\tx1680\tx2240\tx2800\tx3360\tx3920\tx4480\tx5040\tx5600\tx6160\tx6720\pardirnatural\qc + +\f0\fs20 \cf0 7: Request} + VerticalPad + 0 + + Wrap + NO + + + Bounds + {{94.1877466837567, 441.50006103515642}, {76, 24}} + Class + ShapedGraphic + FitText + YES + Flow + Resize + FontInfo + + Font + Helvetica + Size + 12 + + ID + 4065 + Shape + Rectangle + Style + + fill + + Draws + NO + + shadow + + Draws + NO + + stroke + + Draws + NO + + + Text + + Pad + 0 + Text + {\rtf1\ansi\ansicpg1252\cocoartf1187\cocoasubrtf340 +\cocoascreenfonts1{\fonttbl\f0\fswiss\fcharset0 Helvetica;} +{\colortbl;\red255\green255\blue255;} +\pard\tx560\tx1120\tx1680\tx2240\tx2800\tx3360\tx3920\tx4480\tx5040\tx5600\tx6160\tx6720\pardirnatural\qc + +\f0\fs20 \cf0 6: Complete SSL\ +handshake} + VerticalPad + 0 + + Wrap + NO + + + Bounds + {{316.99998982747411, 403.66686820983904}, {64, 12}} + Class + ShapedGraphic + FitText + YES + Flow + Resize + FontInfo + + Font + Helvetica + Size + 12 + + ID + 4063 + Shape + Rectangle + Style + + fill + + Draws + NO + + shadow + + Draws + NO + + stroke + + Draws + NO + + + Text + + Pad + 0 + Text + {\rtf1\ansi\ansicpg1252\cocoartf1187\cocoasubrtf340 +\cocoascreenfonts1{\fonttbl\f0\fswiss\fcharset0 Helvetica;} +{\colortbl;\red255\green255\blue255;} +\pard\tx560\tx1120\tx1680\tx2240\tx2800\tx3360\tx3920\tx4480\tx5040\tx5600\tx6160\tx6720\pardirnatural\qc + +\f0\fs20 \cf0 5: CN & SANs} + VerticalPad + 0 + + Wrap + NO + + + Bounds + {{94.187741597493542, 380.00018183390387}, {65, 36}} + Class + ShapedGraphic + FitText + YES + Flow + Resize + FontInfo + + Font + Helvetica + Size + 12 + + ID + 4061 + Shape + Rectangle + Style + + fill + + Draws + NO + + shadow + + Draws + NO + + stroke + + Draws + NO + + + Text + + Pad + 0 + Text + {\rtf1\ansi\ansicpg1252\cocoartf1187\cocoasubrtf340 +\cocoascreenfonts1{\fonttbl\f0\fswiss\fcharset0 Helvetica;} +{\colortbl;\red255\green255\blue255;} +\pard\tx560\tx1120\tx1680\tx2240\tx2800\tx3360\tx3920\tx4480\tx5040\tx5600\tx6160\tx6720\pardirnatural\qc + +\f0\fs20 \cf0 3: Initiate SSL \ +handshake \ +with SNI} + VerticalPad + 0 + + Wrap + NO + + + Bounds + {{94.187745571136503, 338.66666666666669}, {84, 24}} + Class + ShapedGraphic + FitText + YES + Flow + Resize + FontInfo + + Font + Helvetica + Size + 12 + + ID + 4060 + Shape + Rectangle + Style + + fill + + Draws + NO + + shadow + + Draws + NO + + stroke + + Draws + NO + + + Text + + Pad + 0 + Text + {\rtf1\ansi\ansicpg1252\cocoartf1187\cocoasubrtf340 +\cocoascreenfonts1{\fonttbl\f0\fswiss\fcharset0 Helvetica;} +{\colortbl;\red255\green255\blue255;} +\pard\tx560\tx1120\tx1680\tx2240\tx2800\tx3360\tx3920\tx4480\tx5040\tx5600\tx6160\tx6720\pardirnatural\qc + +\f0\fs20 \cf0 2: 200 Connection \ +Established} + VerticalPad + 0 + + Wrap + NO + + + Bounds + {{94.187741915384976, 283.66659164428717}, {64, 24}} + Class + ShapedGraphic + FitText + YES + Flow + Resize + FontInfo + + Font + Helvetica + Size + 12 + + ID + 4058 + Shape + Rectangle + Style + + fill + + Draws + NO + + shadow + + Draws + NO + + stroke + + Draws + NO + + + Text + + Pad + 0 + Text + {\rtf1\ansi\ansicpg1252\cocoartf1187\cocoasubrtf340 +\cocoascreenfonts1{\fonttbl\f0\fswiss\fcharset0 Helvetica;} +{\colortbl;\red255\green255\blue255;} +\pard\tx560\tx1120\tx1680\tx2240\tx2800\tx3360\tx3920\tx4480\tx5040\tx5600\tx6160\tx6720\pardirnatural\qc + +\f0\fs20 \cf0 1: CONNECT \ +request} + VerticalPad + 0 + + Wrap + NO + + + Class + LineGraphic + ID + 4041 + Points + + {84.896692911783944, 366.91666793823208} + {198, 366.66666666666669} + + Style + + stroke + + HeadArrow + 0 + Legacy + + TailArrow + FilledArrow + + + + + Class + LineGraphic + ID + 31 + Points + + {84.896687825520857, 314.66666126251221} + {129.33330790201822, 314.66666126251238} + {146.66664123535153, 313.99999459584569} + {198, 313.66666134198505} + + Style + + stroke + + HeadArrow + FilledArrow + Legacy + + TailArrow + 0 + + + + + Bounds + {{430.83098347981803, 515.99999999999989}, {36, 14}} + Class + ShapedGraphic + FitText + YES + Flow + Resize + ID + 4026 + Shape + Rectangle + Style + + fill + + Draws + NO + + shadow + + Draws + NO + + stroke + + Draws + NO + + + Text + + Pad + 0 + Text + {\rtf1\ansi\ansicpg1252\cocoartf1187\cocoasubrtf340 +\cocoascreenfonts1{\fonttbl\f0\fswiss\fcharset0 Helvetica;} +{\colortbl;\red255\green255\blue255;} +\pard\tx560\tx1120\tx1680\tx2240\tx2800\tx3360\tx3920\tx4480\tx5040\tx5600\tx6160\tx6720\pardirnatural\qc + +\f0\fs24 \cf0 Server} + VerticalPad + 0 + + Wrap + NO + + + Bounds + {{40.499999999999993, 486.66666666666663}, {31, 14}} + Class + ShapedGraphic + FitText + YES + Flow + Resize + ID + 4025 + Shape + Rectangle + Style + + fill + + Draws + NO + + shadow + + Draws + NO + + stroke + + Draws + NO + + + Text + + Pad + 0 + Text + {\rtf1\ansi\ansicpg1252\cocoartf1187\cocoasubrtf340 +\cocoascreenfonts1{\fonttbl\f0\fswiss\fcharset0 Helvetica;} +{\colortbl;\red255\green255\blue255;} +\pard\tx560\tx1120\tx1680\tx2240\tx2800\tx3360\tx3920\tx4480\tx5040\tx5600\tx6160\tx6720\pardirnatural\qc + +\f0\fs24 \cf0 Client} + VerticalPad + 0 + + Wrap + NO + + + Bounds + {{417.16432189941418, 323.90565299479198}, {63.333332061767578, 185.52200317382812}} + Class + ShapedGraphic + ID + 4004 + ImageID + 6 + Shape + Rectangle + Style + + fill + + Draws + NO + + shadow + + Draws + NO + + stroke + + Draws + NO + + + + + Bounds + {{205.34386889139773, 289.33333333333331}, {84, 248.66667175292969}} + Class + ShapedGraphic + ID + 4023 + Shape + Rectangle + Style + + fill + + Color + + b + 0 + g + 0.463735 + r + 1 + + + + Text + + Text + {\rtf1\ansi\ansicpg1252\cocoartf1187\cocoasubrtf340 +\cocoascreenfonts1{\fonttbl\f0\fswiss\fcharset0 Helvetica;} +{\colortbl;\red255\green255\blue255;\red37\green17\blue0;} +\pard\tx560\tx1120\tx1680\tx2240\tx2800\tx3360\tx3920\tx4480\tx5040\tx5600\tx6160\tx6720\pardirnatural\qc + +\f0\fs24 \cf2 mitmproxy} + + + + Bounds + {{4.6666666467984399, 351.33332316080771}, {102.66666412353516, 130.66667175292969}} + Class + ShapedGraphic + ID + 134 + ImageID + 3 + Shape + Rectangle + Style + + fill + + Draws + NO + + shadow + + Draws + NO + + stroke + + Draws + NO + + + + + GridInfo + + GuidesLocked + NO + GuidesVisible + YES + HPages + 1 + ImageCounter + 7 + ImageLinkBack + + + + + ImageList + + image6.tiff + image3.icns + + KeepToScale + + Layers + + + Lock + NO + Name + Layer 1 + Print + YES + View + YES + + + LayoutInfo + + Animate + NO + circoMinDist + 18 + circoSeparation + 0.0 + layoutEngine + dot + neatoSeparation + 0.0 + twopiSeparation + 0.0 + + LinksVisible + NO + MagnetsVisible + NO + MasterSheets + + ModificationDate + 2013-01-03 02:14:45 +0000 + Modifier + Aldo Cortesi + NotesVisible + NO + Orientation + 2 + OriginVisible + NO + PageBreaks + YES + PrintInfo + + NSBottomMargin + + float + 41 + + NSHorizonalPagination + + coded + BAtzdHJlYW10eXBlZIHoA4QBQISEhAhOU051bWJlcgCEhAdOU1ZhbHVlAISECE5TT2JqZWN0AIWEASqEhAFxlwCG + + NSLeftMargin + + float + 18 + + NSPaperSize + + size + {595.19998741149902, 841.79998779296875} + + NSPrintReverseOrientation + + int + 0 + + NSRightMargin + + float + 18 + + NSTopMargin + + float + 18 + + + PrintOnePage + + ReadOnly + NO + RowAlign + 1 + RowSpacing + 36 + SheetTitle + Canvas 1 + SmartAlignmentGuidesActive + YES + SmartDistanceGuidesActive + YES + UniqueID + 1 + UseEntirePage + + VPages + 1 + WindowInfo + + CurrentSheet + 0 + ExpandedCanvases + + + name + Canvas 1 + + + Frame + {{271, 336}, {974, 874}} + ListView + + OutlineWidth + 142 + RightSidebar + + ShowRuler + + Sidebar + + SidebarWidth + 120 + VisibleRegion + {{0, 202}, {550, 469.33333333333337}} + Zoom + 1.5 + ZoomValues + + + Canvas 1 + 1.5 + 1 + + + + + diff --git a/doc-src/_explicit_https.graffle/image3.icns b/doc-src/_explicit_https.graffle/image3.icns new file mode 100644 index 000000000..964df4b8c Binary files /dev/null and b/doc-src/_explicit_https.graffle/image3.icns differ diff --git a/doc-src/_explicit_https.graffle/image6.tiff b/doc-src/_explicit_https.graffle/image6.tiff new file mode 100644 index 000000000..bd6ed534b Binary files /dev/null and b/doc-src/_explicit_https.graffle/image6.tiff differ diff --git a/doc-src/_layout.html b/doc-src/_layout.html index a4e84bcc8..d9ff6be1e 100644 --- a/doc-src/_layout.html +++ b/doc-src/_layout.html @@ -19,42 +19,45 @@ diff --git a/doc-src/_transparent.graffle/data.plist b/doc-src/_transparent.graffle/data.plist new file mode 100644 index 000000000..722b4a44a --- /dev/null +++ b/doc-src/_transparent.graffle/data.plist @@ -0,0 +1,771 @@ + + + + + ActiveLayerIndex + 0 + ApplicationVersion + + com.omnigroup.OmniGraffle.MacAppStore + 139.16 + + AutoAdjust + + BackgroundGraphic + + Bounds + {{0, 0}, {559.19998741149902, 782.79998779296875}} + Class + SolidGraphic + ID + 2 + Style + + shadow + + Draws + NO + + stroke + + Draws + NO + + + + BaseZoom + 0 + CanvasOrigin + {0, 0} + ColumnAlign + 1 + ColumnSpacing + 36 + CreationDate + 2013-01-02 19:31:53 +0000 + Creator + Aldo Cortesi + DisplayScale + 1.000 cm = 1.000 cm + GraphDocumentVersion + 8 + GraphicsList + + + Bounds + {{101.18773396809897, 358.41662979125977}, {62, 12}} + Class + ShapedGraphic + FitText + YES + Flow + Resize + FontInfo + + Font + Helvetica + Size + 12 + + ID + 4079 + Shape + Rectangle + Style + + fill + + Draws + NO + + shadow + + Draws + NO + + stroke + + Draws + NO + + + Text + + Pad + 0 + Text + {\rtf1\ansi\ansicpg1252\cocoartf1187\cocoasubrtf340 +\cocoascreenfonts1{\fonttbl\f0\fswiss\fcharset0 Helvetica;} +{\colortbl;\red255\green255\blue255;} +\pard\tx560\tx1120\tx1680\tx2240\tx2800\tx3360\tx3920\tx4480\tx5040\tx5600\tx6160\tx6720\pardirnatural\qc + +\f0\fs20 \cf0 2: Redirection} + VerticalPad + 0 + + Wrap + NO + + + Bounds + {{102.18775939941409, 405.16666666666663}, {78, 12}} + Class + ShapedGraphic + FitText + YES + Flow + Resize + FontInfo + + Font + Helvetica + Size + 12 + + ID + 4078 + Shape + Rectangle + Style + + fill + + Draws + NO + + shadow + + Draws + NO + + stroke + + Draws + NO + + + Text + + Pad + 0 + Text + {\rtf1\ansi\ansicpg1252\cocoartf1187\cocoasubrtf340 +\cocoascreenfonts1{\fonttbl\f0\fswiss\fcharset0 Helvetica;} +{\colortbl;\red255\green255\blue255;} +\pard\tx560\tx1120\tx1680\tx2240\tx2800\tx3360\tx3920\tx4480\tx5040\tx5600\tx6160\tx6720\pardirnatural\qc + +\f0\fs20 \cf0 3: HTTP Request} + VerticalPad + 0 + + Wrap + NO + + + Class + LineGraphic + ControlPoints + + {-29.333333333333343, 15.666671991348267} + {-14, -7.3333333333333712} + + ID + 37 + Points + + {196.99999491373691, 331.83332316080725} + {198.00000508626303, 402.49998982747394} + + Style + + stroke + + Bezier + + HeadArrow + FilledArrow + Legacy + + LineType + 1 + TailArrow + 0 + + + + + Bounds + {{205.34387397766082, 289.3333333333328}, {84, 52.666667938232422}} + Class + ShapedGraphic + ID + 4076 + Shape + Rectangle + Style + + fill + + Color + + b + 0.547829 + g + 1 + r + 0.790866 + + + + Text + + Text + {\rtf1\ansi\ansicpg1252\cocoartf1187\cocoasubrtf340 +\cocoascreenfonts1{\fonttbl\f0\fswiss\fcharset0 Helvetica;} +{\colortbl;\red255\green255\blue255;\red37\green17\blue0;} +\pard\tx560\tx1120\tx1680\tx2240\tx2800\tx3360\tx3920\tx4480\tx5040\tx5600\tx6160\tx6720\pardirnatural\qc + +\f0\fs24 \cf2 router} + + + + Class + LineGraphic + ID + 4075 + Points + + {304.061024983724, 422.16667167345679} + {348.49764506022132, 422.16667167345696} + {365.83097839355469, 421.50000500679027} + {417.16433715820312, 421.16667175292963} + + Style + + stroke + + HeadArrow + FilledArrow + Legacy + + TailArrow + 0 + + + + + Bounds + {{321.11267089843761, 405.16706339518225}, {49, 12}} + Class + ShapedGraphic + FitText + YES + Flow + Resize + FontInfo + + Font + Helvetica + Size + 12 + + ID + 4067 + Shape + Rectangle + Style + + fill + + Draws + NO + + shadow + + Draws + NO + + stroke + + Draws + NO + + + Text + + Pad + 0 + Text + {\rtf1\ansi\ansicpg1252\cocoartf1187\cocoasubrtf340 +\cocoascreenfonts1{\fonttbl\f0\fswiss\fcharset0 Helvetica;} +{\colortbl;\red255\green255\blue255;} +\pard\tx560\tx1120\tx1680\tx2240\tx2800\tx3360\tx3920\tx4480\tx5040\tx5600\tx6160\tx6720\pardirnatural\qc + +\f0\fs20 \cf0 4: Request} + VerticalPad + 0 + + Wrap + NO + + + Bounds + {{101.18773682912195, 295.66660690307623}, {62, 12}} + Class + ShapedGraphic + FitText + YES + Flow + Resize + FontInfo + + Font + Helvetica + Size + 12 + + ID + 4058 + Shape + Rectangle + Style + + fill + + Draws + NO + + shadow + + Draws + NO + + stroke + + Draws + NO + + + Text + + Pad + 0 + Text + {\rtf1\ansi\ansicpg1252\cocoartf1187\cocoasubrtf340 +\cocoascreenfonts1{\fonttbl\f0\fswiss\fcharset0 Helvetica;} +{\colortbl;\red255\green255\blue255;} +\pard\tx560\tx1120\tx1680\tx2240\tx2800\tx3360\tx3920\tx4480\tx5040\tx5600\tx6160\tx6720\pardirnatural\qc + +\f0\fs20 \cf0 1: Connection} + VerticalPad + 0 + + Wrap + NO + + + Class + LineGraphic + ID + 4041 + Points + + {85.896713256836037, 421.41666793823208} + {199.00002034505209, 421.16666666666669} + + Style + + stroke + + HeadArrow + FilledArrow + Legacy + + TailArrow + 0 + + + + + Class + LineGraphic + ID + 31 + Points + + {84.896687825520857, 314.66666126251221} + {129.33330790201822, 314.66666126251238} + {146.66664123535153, 313.99999459584569} + {198, 313.66666134198505} + + Style + + stroke + + HeadArrow + FilledArrow + Legacy + + TailArrow + 0 + + + + + Bounds + {{430.83098347981803, 515.99999999999989}, {36, 14}} + Class + ShapedGraphic + FitText + YES + Flow + Resize + ID + 4026 + Shape + Rectangle + Style + + fill + + Draws + NO + + shadow + + Draws + NO + + stroke + + Draws + NO + + + Text + + Pad + 0 + Text + {\rtf1\ansi\ansicpg1252\cocoartf1187\cocoasubrtf340 +\cocoascreenfonts1{\fonttbl\f0\fswiss\fcharset0 Helvetica;} +{\colortbl;\red255\green255\blue255;} +\pard\tx560\tx1120\tx1680\tx2240\tx2800\tx3360\tx3920\tx4480\tx5040\tx5600\tx6160\tx6720\pardirnatural\qc + +\f0\fs24 \cf0 Server} + VerticalPad + 0 + + Wrap + NO + + + Bounds + {{40.499999999999993, 486.66666666666663}, {31, 14}} + Class + ShapedGraphic + FitText + YES + Flow + Resize + ID + 4025 + Shape + Rectangle + Style + + fill + + Draws + NO + + shadow + + Draws + NO + + stroke + + Draws + NO + + + Text + + Pad + 0 + Text + {\rtf1\ansi\ansicpg1252\cocoartf1187\cocoasubrtf340 +\cocoascreenfonts1{\fonttbl\f0\fswiss\fcharset0 Helvetica;} +{\colortbl;\red255\green255\blue255;} +\pard\tx560\tx1120\tx1680\tx2240\tx2800\tx3360\tx3920\tx4480\tx5040\tx5600\tx6160\tx6720\pardirnatural\qc + +\f0\fs24 \cf0 Client} + VerticalPad + 0 + + Wrap + NO + + + Bounds + {{417.16432189941418, 323.90565299479198}, {63.333332061767578, 185.52200317382812}} + Class + ShapedGraphic + ID + 4004 + ImageID + 6 + Shape + Rectangle + Style + + fill + + Draws + NO + + shadow + + Draws + NO + + stroke + + Draws + NO + + + + + Bounds + {{205.34386889139773, 289.33333333333331}, {84, 248.66667175292969}} + Class + ShapedGraphic + ID + 4023 + Shape + Rectangle + Style + + fill + + Color + + b + 0 + g + 0.463735 + r + 1 + + + + Text + + Text + {\rtf1\ansi\ansicpg1252\cocoartf1187\cocoasubrtf340 +\cocoascreenfonts1{\fonttbl\f0\fswiss\fcharset0 Helvetica;} +{\colortbl;\red255\green255\blue255;\red37\green17\blue0;} +\pard\tx560\tx1120\tx1680\tx2240\tx2800\tx3360\tx3920\tx4480\tx5040\tx5600\tx6160\tx6720\pardirnatural\qc + +\f0\fs24 \cf2 mitmproxy} + + + + Bounds + {{4.6666666467984399, 351.33332316080771}, {102.66666412353516, 130.66667175292969}} + Class + ShapedGraphic + ID + 134 + ImageID + 3 + Shape + Rectangle + Style + + fill + + Draws + NO + + shadow + + Draws + NO + + stroke + + Draws + NO + + + + + GridInfo + + GuidesLocked + NO + GuidesVisible + YES + HPages + 1 + ImageCounter + 7 + ImageLinkBack + + + + + ImageList + + image6.tiff + image3.icns + + KeepToScale + + Layers + + + Lock + NO + Name + Layer 1 + Print + YES + View + YES + + + LayoutInfo + + Animate + NO + circoMinDist + 18 + circoSeparation + 0.0 + layoutEngine + dot + neatoSeparation + 0.0 + twopiSeparation + 0.0 + + LinksVisible + NO + MagnetsVisible + NO + MasterSheets + + ModificationDate + 2013-01-03 04:13:10 +0000 + Modifier + Aldo Cortesi + NotesVisible + NO + Orientation + 2 + OriginVisible + NO + PageBreaks + YES + PrintInfo + + NSBottomMargin + + float + 41 + + NSHorizonalPagination + + coded + BAtzdHJlYW10eXBlZIHoA4QBQISEhAhOU051bWJlcgCEhAdOU1ZhbHVlAISECE5TT2JqZWN0AIWEASqEhAFxlwCG + + NSLeftMargin + + float + 18 + + NSPaperSize + + size + {595.19998741149902, 841.79998779296875} + + NSPrintReverseOrientation + + int + 0 + + NSRightMargin + + float + 18 + + NSTopMargin + + float + 18 + + + PrintOnePage + + ReadOnly + NO + RowAlign + 1 + RowSpacing + 36 + SheetTitle + Canvas 1 + SmartAlignmentGuidesActive + YES + SmartDistanceGuidesActive + YES + UniqueID + 1 + UseEntirePage + + VPages + 1 + WindowInfo + + CurrentSheet + 0 + ExpandedCanvases + + + name + Canvas 1 + + + Frame + {{295, 141}, {974, 874}} + ListView + + OutlineWidth + 142 + RightSidebar + + ShowRuler + + Sidebar + + SidebarWidth + 120 + VisibleRegion + {{0, 208}, {550, 469.33333333333337}} + Zoom + 1.5 + ZoomValues + + + Canvas 1 + 1.5 + 1 + + + + + diff --git a/doc-src/_transparent.graffle/image3.icns b/doc-src/_transparent.graffle/image3.icns new file mode 100644 index 000000000..964df4b8c Binary files /dev/null and b/doc-src/_transparent.graffle/image3.icns differ diff --git a/doc-src/_transparent.graffle/image6.tiff b/doc-src/_transparent.graffle/image6.tiff new file mode 100644 index 000000000..bd6ed534b Binary files /dev/null and b/doc-src/_transparent.graffle/image6.tiff differ diff --git a/doc-src/_transparent_https.graffle/data.plist b/doc-src/_transparent_https.graffle/data.plist new file mode 100644 index 000000000..9c1395d78 --- /dev/null +++ b/doc-src/_transparent_https.graffle/data.plist @@ -0,0 +1,1096 @@ + + + + + ActiveLayerIndex + 0 + ApplicationVersion + + com.omnigroup.OmniGraffle.MacAppStore + 139.16 + + AutoAdjust + + BackgroundGraphic + + Bounds + {{0, 0}, {559.19998741149902, 782.79998779296875}} + Class + SolidGraphic + ID + 2 + Style + + shadow + + Draws + NO + + stroke + + Draws + NO + + + + BaseZoom + 0 + CanvasOrigin + {0, 0} + ColumnAlign + 1 + ColumnSpacing + 36 + CreationDate + 2013-01-02 19:31:53 +0000 + Creator + Aldo Cortesi + DisplayScale + 1.000 cm = 1.000 cm + GraphDocumentVersion + 8 + GraphicsList + + + Class + LineGraphic + ID + 4075 + Points + + {299.99999999999994, 470.90565482775372} + {344.43662007649726, 470.90565482775389} + {361.76995340983063, 470.23898816108721} + {413.10331217447907, 469.90565490722656} + + Style + + stroke + + HeadArrow + FilledArrow + Legacy + + TailArrow + 0 + + + + + Class + LineGraphic + ID + 4074 + Points + + {300.5, 417.94731195767724} + {344.93662007649738, 417.94731195767741} + {362.26995340983063, 417.28064529101073} + {413.60331217447907, 416.94731203715008} + + Style + + stroke + + HeadArrow + 0 + Legacy + + TailArrow + FilledArrow + + + + + Class + LineGraphic + ID + 4073 + Points + + {300.50000000000006, 364.90563909212648} + {344.93662007649743, 364.90563909212665} + {362.26995340983069, 364.23897242545996} + {413.60331217447919, 363.90563917159932} + + Style + + stroke + + HeadArrow + FilledArrow + Legacy + + TailArrow + 0 + + + + + Bounds + {{316.55163383483881, 323.90562693277991}, {65, 36}} + Class + ShapedGraphic + FitText + YES + Flow + Resize + FontInfo + + Font + Helvetica + Size + 12 + + ID + 4069 + Shape + Rectangle + Style + + fill + + Draws + NO + + shadow + + Draws + NO + + stroke + + Draws + NO + + + Text + + Pad + 0 + Text + {\rtf1\ansi\ansicpg1252\cocoartf1187\cocoasubrtf340 +\cocoascreenfonts1{\fonttbl\f0\fswiss\fcharset0 Helvetica;} +{\colortbl;\red255\green255\blue255;} +\pard\tx560\tx1120\tx1680\tx2240\tx2800\tx3360\tx3920\tx4480\tx5040\tx5600\tx6160\tx6720\pardirnatural\qc + +\f0\fs20 \cf0 4: Initiate SSL \ +handshake \ +with SNI} + VerticalPad + 0 + + Wrap + NO + + + Bounds + {{317.05164591471356, 453.90604654947919}, {49, 12}} + Class + ShapedGraphic + FitText + YES + Flow + Resize + FontInfo + + Font + Helvetica + Size + 12 + + ID + 4067 + Shape + Rectangle + Style + + fill + + Draws + NO + + shadow + + Draws + NO + + stroke + + Draws + NO + + + Text + + Pad + 0 + Text + {\rtf1\ansi\ansicpg1252\cocoartf1187\cocoasubrtf340 +\cocoascreenfonts1{\fonttbl\f0\fswiss\fcharset0 Helvetica;} +{\colortbl;\red255\green255\blue255;} +\pard\tx560\tx1120\tx1680\tx2240\tx2800\tx3360\tx3920\tx4480\tx5040\tx5600\tx6160\tx6720\pardirnatural\qc + +\f0\fs20 \cf0 8: Request} + VerticalPad + 0 + + Wrap + NO + + + Bounds + {{317.05163574218761, 400.90584119160991}, {64, 12}} + Class + ShapedGraphic + FitText + YES + Flow + Resize + FontInfo + + Font + Helvetica + Size + 12 + + ID + 4063 + Shape + Rectangle + Style + + fill + + Draws + NO + + shadow + + Draws + NO + + stroke + + Draws + NO + + + Text + + Pad + 0 + Text + {\rtf1\ansi\ansicpg1252\cocoartf1187\cocoasubrtf340 +\cocoascreenfonts1{\fonttbl\f0\fswiss\fcharset0 Helvetica;} +{\colortbl;\red255\green255\blue255;} +\pard\tx560\tx1120\tx1680\tx2240\tx2800\tx3360\tx3920\tx4480\tx5040\tx5600\tx6160\tx6720\pardirnatural\qc + +\f0\fs20 \cf0 5: CN & SANs} + VerticalPad + 0 + + Wrap + NO + + + Class + LineGraphic + ID + 4072 + Points + + {85.333343505859332, 525.3331921100596} + {129.7699635823565, 525.3331921100596} + {147.10329691568987, 524.66652544339308} + {198.4366556803383, 524.33319218953238} + + Style + + stroke + + HeadArrow + FilledArrow + Legacy + + TailArrow + 0 + + + + + Class + LineGraphic + ID + 4071 + Points + + {85.3333333333334, 471.58316930134964} + {198.43664042154924, 471.33316802978419} + + Style + + stroke + + HeadArrow + 0 + Legacy + + TailArrow + FilledArrow + + + + + Class + LineGraphic + ID + 4070 + Points + + {85.33333841959633, 419.33315936724267} + {129.76995849609349, 419.33315936724279} + {147.10329182942687, 418.66649270057616} + {198.4366505940753, 418.33315944671557} + + Style + + stroke + + HeadArrow + FilledArrow + Legacy + + TailArrow + 0 + + + + + Bounds + {{97.957725524902315, 508.66666666666663}, {49, 12}} + Class + ShapedGraphic + FitText + YES + Flow + Resize + FontInfo + + Font + Helvetica + Size + 12 + + ID + 4066 + Shape + Rectangle + Style + + fill + + Draws + NO + + shadow + + Draws + NO + + stroke + + Draws + NO + + + Text + + Pad + 0 + Text + {\rtf1\ansi\ansicpg1252\cocoartf1187\cocoasubrtf340 +\cocoascreenfonts1{\fonttbl\f0\fswiss\fcharset0 Helvetica;} +{\colortbl;\red255\green255\blue255;} +\pard\tx560\tx1120\tx1680\tx2240\tx2800\tx3360\tx3920\tx4480\tx5040\tx5600\tx6160\tx6720\pardirnatural\qc + +\f0\fs20 \cf0 7: Request} + VerticalPad + 0 + + Wrap + NO + + + Bounds + {{94.624392191569157, 440.16654586791918}, {76, 24}} + Class + ShapedGraphic + FitText + YES + Flow + Resize + FontInfo + + Font + Helvetica + Size + 12 + + ID + 4065 + Shape + Rectangle + Style + + fill + + Draws + NO + + shadow + + Draws + NO + + stroke + + Draws + NO + + + Text + + Pad + 0 + Text + {\rtf1\ansi\ansicpg1252\cocoartf1187\cocoasubrtf340 +\cocoascreenfonts1{\fonttbl\f0\fswiss\fcharset0 Helvetica;} +{\colortbl;\red255\green255\blue255;} +\pard\tx560\tx1120\tx1680\tx2240\tx2800\tx3360\tx3920\tx4480\tx5040\tx5600\tx6160\tx6720\pardirnatural\qc + +\f0\fs20 \cf0 6: Complete SSL\ +handshake} + VerticalPad + 0 + + Wrap + NO + + + Bounds + {{94.624387105305999, 377.33333333333331}, {65, 36}} + Class + ShapedGraphic + FitText + YES + Flow + Resize + FontInfo + + Font + Helvetica + Size + 12 + + ID + 4061 + Shape + Rectangle + Style + + fill + + Draws + NO + + shadow + + Draws + NO + + stroke + + Draws + NO + + + Text + + Pad + 0 + Text + {\rtf1\ansi\ansicpg1252\cocoartf1187\cocoasubrtf340 +\cocoascreenfonts1{\fonttbl\f0\fswiss\fcharset0 Helvetica;} +{\colortbl;\red255\green255\blue255;} +\pard\tx560\tx1120\tx1680\tx2240\tx2800\tx3360\tx3920\tx4480\tx5040\tx5600\tx6160\tx6720\pardirnatural\qc + +\f0\fs20 \cf0 3: Initiate SSL \ +handshake \ +with SNI} + VerticalPad + 0 + + Wrap + NO + + + Bounds + {{94.624387105305971, 344.58320871988946}, {62, 12}} + Class + ShapedGraphic + FitText + YES + Flow + Resize + FontInfo + + Font + Helvetica + Size + 12 + + ID + 4079 + Shape + Rectangle + Style + + fill + + Draws + NO + + shadow + + Draws + NO + + stroke + + Draws + NO + + + Text + + Pad + 0 + Text + {\rtf1\ansi\ansicpg1252\cocoartf1187\cocoasubrtf340 +\cocoascreenfonts1{\fonttbl\f0\fswiss\fcharset0 Helvetica;} +{\colortbl;\red255\green255\blue255;} +\pard\tx560\tx1120\tx1680\tx2240\tx2800\tx3360\tx3920\tx4480\tx5040\tx5600\tx6160\tx6720\pardirnatural\qc + +\f0\fs20 \cf0 2: Redirection} + VerticalPad + 0 + + Wrap + NO + + + Class + LineGraphic + ControlPoints + + {-29.333333333333343, 15.666671991348267} + {-14, -7.3333333333333712} + + ID + 37 + Points + + {197.43664042154938, 317.99990208943694} + {198.4366505940755, 388.66656875610363} + + Style + + stroke + + Bezier + + HeadArrow + FilledArrow + Legacy + + LineType + 1 + TailArrow + 0 + + + + + Bounds + {{205.34387397766082, 289.3333333333328}, {84, 52.666667938232422}} + Class + ShapedGraphic + ID + 4076 + Shape + Rectangle + Style + + fill + + Color + + b + 0.547829 + g + 1 + r + 0.790866 + + + + Text + + Text + {\rtf1\ansi\ansicpg1252\cocoartf1187\cocoasubrtf340 +\cocoascreenfonts1{\fonttbl\f0\fswiss\fcharset0 Helvetica;} +{\colortbl;\red255\green255\blue255;\red37\green17\blue0;} +\pard\tx560\tx1120\tx1680\tx2240\tx2800\tx3360\tx3920\tx4480\tx5040\tx5600\tx6160\tx6720\pardirnatural\qc + +\f0\fs24 \cf2 router} + + + + Bounds + {{97.957725842793792, 284.99970499674527}, {62, 12}} + Class + ShapedGraphic + FitText + YES + Flow + Resize + FontInfo + + Font + Helvetica + Size + 12 + + ID + 4058 + Shape + Rectangle + Style + + fill + + Draws + NO + + shadow + + Draws + NO + + stroke + + Draws + NO + + + Text + + Pad + 0 + Text + {\rtf1\ansi\ansicpg1252\cocoartf1187\cocoasubrtf340 +\cocoascreenfonts1{\fonttbl\f0\fswiss\fcharset0 Helvetica;} +{\colortbl;\red255\green255\blue255;} +\pard\tx560\tx1120\tx1680\tx2240\tx2800\tx3360\tx3920\tx4480\tx5040\tx5600\tx6160\tx6720\pardirnatural\qc + +\f0\fs20 \cf0 1: Connection} + VerticalPad + 0 + + Wrap + NO + + + Class + LineGraphic + ID + 31 + Points + + {85.333333333333329, 300.8332401911419} + {129.76995340983069, 300.83324019114207} + {147.10328674316401, 300.16657352447538} + {198.43664550781247, 299.83324027061474} + + Style + + stroke + + HeadArrow + FilledArrow + Legacy + + TailArrow + 0 + + + + + Bounds + {{430.83098347981803, 515.99999999999989}, {36, 14}} + Class + ShapedGraphic + FitText + YES + Flow + Resize + ID + 4026 + Shape + Rectangle + Style + + fill + + Draws + NO + + shadow + + Draws + NO + + stroke + + Draws + NO + + + Text + + Pad + 0 + Text + {\rtf1\ansi\ansicpg1252\cocoartf1187\cocoasubrtf340 +\cocoascreenfonts1{\fonttbl\f0\fswiss\fcharset0 Helvetica;} +{\colortbl;\red255\green255\blue255;} +\pard\tx560\tx1120\tx1680\tx2240\tx2800\tx3360\tx3920\tx4480\tx5040\tx5600\tx6160\tx6720\pardirnatural\qc + +\f0\fs24 \cf0 Server} + VerticalPad + 0 + + Wrap + NO + + + Bounds + {{40.499999999999993, 486.66666666666663}, {31, 14}} + Class + ShapedGraphic + FitText + YES + Flow + Resize + ID + 4025 + Shape + Rectangle + Style + + fill + + Draws + NO + + shadow + + Draws + NO + + stroke + + Draws + NO + + + Text + + Pad + 0 + Text + {\rtf1\ansi\ansicpg1252\cocoartf1187\cocoasubrtf340 +\cocoascreenfonts1{\fonttbl\f0\fswiss\fcharset0 Helvetica;} +{\colortbl;\red255\green255\blue255;} +\pard\tx560\tx1120\tx1680\tx2240\tx2800\tx3360\tx3920\tx4480\tx5040\tx5600\tx6160\tx6720\pardirnatural\qc + +\f0\fs24 \cf0 Client} + VerticalPad + 0 + + Wrap + NO + + + Bounds + {{417.16432189941418, 323.90565299479198}, {63.333332061767578, 185.52200317382812}} + Class + ShapedGraphic + ID + 4004 + ImageID + 6 + Shape + Rectangle + Style + + fill + + Draws + NO + + shadow + + Draws + NO + + stroke + + Draws + NO + + + + + Bounds + {{205.34386889139773, 289.33333333333331}, {84, 248.66667175292969}} + Class + ShapedGraphic + ID + 4023 + Shape + Rectangle + Style + + fill + + Color + + b + 0 + g + 0.463735 + r + 1 + + + + Text + + Text + {\rtf1\ansi\ansicpg1252\cocoartf1187\cocoasubrtf340 +\cocoascreenfonts1{\fonttbl\f0\fswiss\fcharset0 Helvetica;} +{\colortbl;\red255\green255\blue255;\red37\green17\blue0;} +\pard\tx560\tx1120\tx1680\tx2240\tx2800\tx3360\tx3920\tx4480\tx5040\tx5600\tx6160\tx6720\pardirnatural\qc + +\f0\fs24 \cf2 mitmproxy} + + + + Bounds + {{4.6666666467984399, 351.33332316080771}, {102.66666412353516, 130.66667175292969}} + Class + ShapedGraphic + ID + 134 + ImageID + 3 + Shape + Rectangle + Style + + fill + + Draws + NO + + shadow + + Draws + NO + + stroke + + Draws + NO + + + + + GridInfo + + GuidesLocked + NO + GuidesVisible + YES + HPages + 1 + ImageCounter + 7 + ImageLinkBack + + + + + ImageList + + image6.tiff + image3.icns + + KeepToScale + + Layers + + + Lock + NO + Name + Layer 1 + Print + YES + View + YES + + + LayoutInfo + + Animate + NO + circoMinDist + 18 + circoSeparation + 0.0 + layoutEngine + dot + neatoSeparation + 0.0 + twopiSeparation + 0.0 + + LinksVisible + NO + MagnetsVisible + NO + MasterSheets + + ModificationDate + 2013-01-03 04:16:32 +0000 + Modifier + Aldo Cortesi + NotesVisible + NO + Orientation + 2 + OriginVisible + NO + PageBreaks + YES + PrintInfo + + NSBottomMargin + + float + 41 + + NSHorizonalPagination + + coded + BAtzdHJlYW10eXBlZIHoA4QBQISEhAhOU051bWJlcgCEhAdOU1ZhbHVlAISECE5TT2JqZWN0AIWEASqEhAFxlwCG + + NSLeftMargin + + float + 18 + + NSPaperSize + + size + {595.19998741149902, 841.79998779296875} + + NSPrintReverseOrientation + + int + 0 + + NSRightMargin + + float + 18 + + NSTopMargin + + float + 18 + + + PrintOnePage + + ReadOnly + NO + RowAlign + 1 + RowSpacing + 36 + SheetTitle + Canvas 1 + SmartAlignmentGuidesActive + YES + SmartDistanceGuidesActive + YES + UniqueID + 1 + UseEntirePage + + VPages + 1 + WindowInfo + + CurrentSheet + 0 + ExpandedCanvases + + + name + Canvas 1 + + + Frame + {{869, 248}, {974, 874}} + ListView + + OutlineWidth + 142 + RightSidebar + + ShowRuler + + Sidebar + + SidebarWidth + 120 + VisibleRegion + {{0, 208}, {550, 469.33333333333337}} + Zoom + 1.5 + ZoomValues + + + Canvas 1 + 1.5 + 1 + + + + + diff --git a/doc-src/_transparent_https.graffle/image3.icns b/doc-src/_transparent_https.graffle/image3.icns new file mode 100644 index 000000000..964df4b8c Binary files /dev/null and b/doc-src/_transparent_https.graffle/image3.icns differ diff --git a/doc-src/_transparent_https.graffle/image6.tiff b/doc-src/_transparent_https.graffle/image6.tiff new file mode 100644 index 000000000..bd6ed534b Binary files /dev/null and b/doc-src/_transparent_https.graffle/image6.tiff differ diff --git a/doc-src/explicit.png b/doc-src/explicit.png new file mode 100644 index 000000000..c9ba26a73 Binary files /dev/null and b/doc-src/explicit.png differ diff --git a/doc-src/explicit_https.png b/doc-src/explicit_https.png new file mode 100644 index 000000000..1f1ca0231 Binary files /dev/null and b/doc-src/explicit_https.png differ diff --git a/doc-src/howmitmproxy.html b/doc-src/howmitmproxy.html new file mode 100644 index 000000000..6ea723cdc --- /dev/null +++ b/doc-src/howmitmproxy.html @@ -0,0 +1,341 @@ + +TODO: + +- Clarify terminology: SSL vs TLS + + +Mitmproxy is an enormously flexible tool. Knowing exactly how the proxying +process works will help you deploy it more creatively, and let you understand +its fundamental assumptions and how to work around them. This document explains +mitmproxy's proxy mechanism by example, starting with the simplest explicit +proxy configuration, and working up to the most complicated interaction - +transparent proxying of SSL-protected traffic in the presence of SNI. + + +
+

Explicit HTTP

+
+ +Configuring the client to use mitmproxy as an explicit proxy is the simplest +and most reliable way to intercept traffic. The proxy protocol is codified in +the [HTTP RFC](http://www.ietf.org/rfc/rfc2068.txt), so the behaviour of both +the client and the server is well defined, and usually reliable. In the +simplest possible interaction with mitmproxy, a client connects directly to the +proxy, and makes a request that looks like this: + +
GET http://example.com/index.html HTTP/1.1
+ +This is a proxy GET request - an extended form of the vanilla HTTP GET request +that includes a schema and host specification, and it includes all the +information mitmproxy needs to proceed. + + + + + + + + + + + + + + + + + + + + + +
1The client connects to the proxy and makes a request.
2Mitmproxy connects to the upstream server and simply forwards + the request on.
+ + +
+

Explicit HTTPS

+
+ +The process for an explicitly proxied HTTPS connection is quite different. The +client connects to the proxy and makes a request that looks like this: + +
CONNECT example.com:443 HTTP/1.1
+ +A conventional proxy can neither view nor manipulate an SSL-encrypted data +stream, so a CONNECT request simply asks the proxy to open a pipe between the +client and server. The proxy here is just a facilitator - it blindly forwards +data in both directions without knowing anything about the contents. The +negotiation of the SSL connection happens over this pipe, and the subsequent +flow of requests and responses are completely opaque to the proxy. + +## The MITM in mitmproxy + +This is where mitmproxy's fundamental trick comes in to play. The MITM in its +name stands for Man-In-The-Middle - a reference to the process we use to +intercept and interfere with these theoretially opaque data streams. The basic +idea is to pretend to be the server to the client, and pretend to be the client +to the server. The tricky part is that the Certificate Authority system is +designed to prevent exactly this attack, by allowing a trusted third-party to +cryptographically sign a server's SSL certificates to verify that the certs are +legit. If this signature is from a non-trusted party, a secure client will +simply drop the connection and refuse to proceed. Despite the many shortcomings +of the CA system as it exists today, this is usually fatal to attempts to MITM +an SSL connection for analysis. + +Our answer to this conundrum is to become a trusted Certificate Authority +ourselves. Mitmproxy includes a full CA implementation that generates +interception certificates on the fly. To get the client to trust these +certificates, we register mitmproxy as a CA with the device manually. + +## Complication 1: What's the remote hostname? + +To proceed with this plan, we need to know the domain name to use in the +interception certificate - the client will verify that the certificate is for +the domain it's connecting to, and abort if this is not the case. At first +blush, it seems that the CONNECT request above gives us all we need - in this +example, both of these values are "example.com". But what if the client had +initiated the connection as follows: + +
CONNECT 10.1.1.1:443 HTTP/1.1
+ +Using the IP address is perfectly legitimate because it gives us enough +information to initiate the pipe, even though it doesn't reveal the remote +hostname. + +Mitmproxy has a cunning mechanism that smooths this over - upstream certificate +sniffing. As soon as we see the CONNECT request, we pause the client part of +the conversation, and initiate a simultaneous connection to the server. We +complete the SSL handshake with the server, and inspect the certificates it +used. Now, we use the Common Name in the upstream SSL certificates to generate +the dummy certificate for the client. Voila, we have the correct hostname to +present to the client, even if it was never specified. + + +## Complication 2: Subject Alternate Name + +Enter the next complication. Sometimes, the certificate Common Name is not, in +fact, the hostname that the client is connecting to. This is because of the +optional Subject Alternate Name field in the SSL certificate that allows an +arbitrary number of alternate domains to be specified. If the expected domain +matches any of these, the client wil proceed, even though the domain doesn't +match the certificate Common Name. The answer here is simple: when extract the +CN from the upstream cert, we also extract the SANs, and add them to the +generated dummy certificate. + + +## Complication 3: Server Name Indication + +One of the big limitations of conventional SSL is that each certificate +requires its own IP address. This means that you couldn't do virtual hosting +where multiple domains with independent certificates share the same IP address. +In a world with a rapidly shrinking IPv4 address pool this is a problem, and we +have a solution in the form of the Server Name Indication extension to the SSL +and TLS protocols. This lets the client specify the remote server name at the +start of the SSL handshake, which then lets the server select the right +certificate to complete the process. + +SNI breaks our upstream certificate sniffing process, because when we connect +without using SNI, we get served a default certificate that may have nothing to +do with the certificate expected by the client. The solution is another tricky +complication to the client connection process. After the client connects, we +allow the SSL handshake to continue until just _after_ the SNI value has been +passed to us. Now we can pause the conversation, and initiate an upstream +connection using the correct SNI value, which then serves us the correct +upstream certificate, from which we can extract the expected CN and SANs. + + +## Putting it all together + +Lets put all of this together into the complete explicitly proxied HTTPS flow. + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
1The client makes a connection to mitmproxy, and issues an HTTP + CONNECT request.
2Mitmproxy responds with a 200 Connection Established, as if it + has set up the CONNECT pipe.
3The client believes it's talking to the remote server, and + initiates the SSL connection. It uses SNI to indicate the hostname + it is connecting to.
4Mitmproxy connects to the server, and establishes an SSL + connection using the SNI hostname indicated by the client.
5The server responds with the matching SSL certificate, which + contains the CN and SAN values needed to generate the interception + certificate.
6Mitmproxy generates the interception cert, and continues the + client SSL handshake paused in step 3.
7The client sends the request over the established SSL + connection.
7Mitmproxy passes the request on to the server over the SSL + connection initiated in step 4.
+ + +
+

Transparent HTTP

+
+ +When a transparent proxy is used, the HTTP/S connection is redirected into a +proxy at the network layer, without any client configuration being required. +This makes transparent proxying ideal for those situations where you can't +change client behaviour - proxy-oblivious Android applications being a common +example. + +To achieve this, we need to introduce two extra components. The first new +component is a router that transparently redirects the TCP connection to the +proxy. Once the client has initiated the connection, it makes a vanilla HTTP +request, which might look something like this: + +
GET /index.html HTTP/1.1
+ +Note that this request differs from the explicit proxy variation, in that it +omits the scheme and hostname. How, then, do we know which upstream host to +forward the request to? The routing mechanism that has performed the +redirection keeps track of the original destination. Each different routing +mechanism has its own ideosyncratic way of exposing this data, so this +introduces the second component required for working transparent proxying: a +host module that knows how to retrieve the original destination address from +the router. Once we have this information, the process is fairly +straight-forward. + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
1The client makes a connection to the server.
2The router redirects the connection to mitmproxy, which is + typically listening on a local port of the same host. Mitmproxy + then consults the routing mechanism to establish what the original + destination was.
3Now, we simply read the client's request...
4... and forward it upstream.
+ +
+

Transparent HTTPS

+
+ +The process for transparently proxying an HTTPS request is a merger of the +methods we've outlined for transparently proxying HTTP, and explicitly proxying +HTTPS. We use the routing mechanism to establish the upstream server address, +and then proceed as for explit HTTPS connections to establish the CN and SANs, +and cope with SNI. + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
1The client makes a connection to the server.
2The router redirects the connection to mitmproxy, which is + typically listening on a local port of the same host. Mitmproxy + then consults the routing mechanism to establish what the original + destination was.
3The client believes it's talking to the remote server, and + initiates the SSL connection. It uses SNI to indicate the hostname + it is connecting to.
4Mitmproxy connects to the server, and establishes an SSL + connection using the SNI hostname indicated by the client.
5The server responds with the matching SSL certificate, which + contains the CN and SAN values needed to generate the interception + certificate.
6Mitmproxy generates the interception cert, and continues the + client SSL handshake paused in step 3.
7The client sends the request over the established SSL + connection.
7Mitmproxy passes the request on to the server over the SSL + connection initiated in step 4.
+ + + diff --git a/doc-src/index.py b/doc-src/index.py index 01b9363d2..930037ecd 100644 --- a/doc-src/index.py +++ b/doc-src/index.py @@ -65,12 +65,13 @@ pages = [ Page("install.html", "Installation"), Page("mitmproxy.html", "mitmproxy"), Page("mitmdump.html", "mitmdump"), + Page("howmitmproxy.html", "How mitmproxy works"), Page("ssl.html", "Overview"), - Page("transparent.html", "Overview"), Directory("certinstall"), Directory("scripting"), Directory("tutorials"), + Page("transparent.html", "Overview"), Directory("transparent"), Page("faq.html", "FAQ"), ] diff --git a/doc-src/transparent.html b/doc-src/transparent.html index 9e77d70db..e69de29bb 100644 --- a/doc-src/transparent.html +++ b/doc-src/transparent.html @@ -1,2 +0,0 @@ - -Foo diff --git a/doc-src/transparent.png b/doc-src/transparent.png new file mode 100644 index 000000000..3994d6815 Binary files /dev/null and b/doc-src/transparent.png differ diff --git a/doc-src/transparent_https.png b/doc-src/transparent_https.png new file mode 100644 index 000000000..559cddd21 Binary files /dev/null and b/doc-src/transparent_https.png differ diff --git a/test/tools/getcert b/test/tools/getcert index 6447ecc71..8fabefb75 100755 --- a/test/tools/getcert +++ b/test/tools/getcert @@ -5,5 +5,3 @@ import socket, tempfile, ssl, subprocess addr = socket.gethostbyname(sys.argv[1]) print ssl.get_server_certificate((addr, 443)) - - diff --git a/test/tools/getcn b/test/tools/getcn deleted file mode 100755 index 212977c33..000000000 --- a/test/tools/getcn +++ /dev/null @@ -1,17 +0,0 @@ -#!/usr/bin/env python -import sys -sys.path.insert(0, "../../") -from libmproxy import certutils - -if len(sys.argv) > 2: - port = int(sys.argv[2]) -else: - pport = 443 - -cn, san = certutils.get_remote_cn(sys.argv[1], port) -print cn -if san: - for i in san: - print "\t", i - -