Maximilian Hils
931b5459e9
remove code duplication
2016-02-01 20:19:34 +01:00
Maximilian Hils
a3af0ce71d
tests++
2016-02-01 20:10:18 +01:00
Maximilian Hils
bda49dd178
fix #113 , make Reader.peek() work on Python 3
2016-02-01 19:38:14 +01:00
Thomas Kriechbaumer
e98c729bb9
test on python3
2016-01-31 20:19:32 +01:00
Thomas Kriechbaumer
280b491ab2
migrate to hyperframe
2016-01-31 20:03:25 +01:00
Thomas Kriechbaumer
d253ebc142
fix test request and response headers
2016-01-30 22:03:24 +01:00
Thomas Kriechbaumer
1b487539b1
move tservers to netlib module
2016-01-25 09:20:44 +01:00
Sandor Nemes
b8e8c4d682
Simplified setting the source_address in the TCPClient constructor
2016-01-11 08:10:36 +01:00
Sandor Nemes
4bb9f3d35b
Added getter/setter for TCPClient source_address
2016-01-08 18:04:47 +01:00
Maximilian Hils
d1e6b5366c
bump version
2015-12-25 16:00:50 +01:00
Maximilian Hils
71834421bb
bump version
2015-12-03 18:13:24 +01:00
Benjamin Lee
c1385c9a17
Fix to ignore empty header value.
...
According to Augmented BNF in the following RFCs
http://tools.ietf.org/html/rfc5234#section-3.6
http://www.w3.org/Protocols/rfc2616/rfc2616-sec2.html#sec2.1
field-value = *( field-content | LWS )
http://tools.ietf.org/html/rfc7230#section-3.2
field-value = *( field-content / obs-fold )
... the HTTP message header `field-value` is allowed to be empty.
2015-11-17 04:51:20 +11:00
Sam Cleveland
2bd7bcb371
Porting to Python 3.4
...
Updated wsgi to support Python 3.4 byte strings.
Updated test_wsgi to remove py.test warning for TestApp having an
__init__ constructor.
samc$ sudo py.test netlib/test/test_wsgi.py -r w
= test session starts =
platform darwin -- Python 3.4.1, pytest-2.8.2, py-1.4.30, pluggy-0.3.1
rootdir: /Users/samc/src/python/netlib, inifile:
collected 6 items
netlib/test/test_wsgi.py ......
= 6 passed in 0.20 seconds =
2015-11-11 20:27:10 -06:00
Sam Cleveland
6689a342ae
Porting to Python 3.4
...
Fixed byte string formatting for hexdump.
= test session starts =
platform darwin -- Python 3.4.1, pytest-2.8.2, py-1.4.30, pluggy-0.3.1
rootdir: /Users/samc/src/python/netlib, inifile:
collected 11 items
netlib/test/test_utils.py ...........
= 11 passed in 0.23 seconds =
2015-11-11 19:53:51 -06:00
Sam Cleveland
2d48f12332
Revert "Porting netlib to python3.4"
...
This reverts commit 8237183485
.
2015-11-11 19:41:42 -06:00
Sam Cleveland
8237183485
Porting netlib to python3.4
...
Updated utils.py using 2to3-3.4
Updated hexdump to use .format() with .encode() to support python 3.4
Python 3.5 supports .format() on bytes objects, but 3.4 is the current
default on Ubuntu.
samc$ py.test netlib/test/test_utils.py
= test session starts =
platform darwin -- Python 3.4.1, pytest-2.8.2, py-1.4.30, pluggy-0.3.1
rootdir: /Users/samc/src/python/netlib, inifile:
collected 11 items
netlib/test/test_utils.py ...........
= 11 passed in 0.19 seconds =
2015-11-11 11:32:02 -06:00
Aldo Cortesi
9cab9ee5d6
Bump version for next release cycle
2015-11-07 09:30:49 +13:00
Aldo Cortesi
3e2eb3fef1
Bump version
2015-11-06 13:51:15 +13:00
Maximilian Hils
810c2f2414
Merge remote-tracking branch 'origin/hostname-validation'
2015-11-04 21:33:32 +01:00
Maximilian Hils
9d12425d5e
Set default cert expiry to <39 months
...
This sould fix mitmproxy/mitmproxy#815
2015-11-04 11:28:02 +01:00
Maximilian Hils
9d36f8e43f
minor fixes
2015-11-01 18:20:00 +01:00
Maximilian Hils
5af9df326a
fix certificate verification
...
This commit fixes netlib's optional (turned off by default)
certificate verification, which previously did not validate the
cert's host name. As it turns out, verifying the connection's host
name on an intercepting proxy is not really straightforward - if
we receive a connection in transparent mode without SNI, we have no
clue which hosts the client intends to connect to. There are two
basic approaches to solve this problem:
1. Exactly mirror the host names presented by the server in the
spoofed certificate presented to the client.
2. Require the client to send the TLS Server Name Indication
extension. While this does not work with older clients,
we can validate the hostname on the proxy.
Approach 1 is problematic in mitmproxy's use case, as we may want
to deliberately divert connections without the client's knowledge.
As a consequence, we opt for approach 2. While mitmproxy does now
require a SNI value to be sent by the client if certificate
verification is turned on, we retain our ability to present
certificates to the client which are accepted with a maximum
likelihood.
2015-11-01 18:15:30 +01:00
Maximilian Hils
67229fbdf7
Merge branch 'http-models'
2015-09-28 13:53:59 +02:00
Maximilian Hils
87566da3ba
fix mitmproxy/mitmproxy#784
2015-09-28 11:18:00 +02:00
Maximilian Hils
23d13e4c12
test response model, push coverage to 100% branch cov
2015-09-27 00:49:41 +02:00
Maximilian Hils
466888b01a
improve request tests, coverage++
2015-09-26 20:07:11 +02:00
Maximilian Hils
49ea8fc0eb
refactor response model
2015-09-26 17:39:50 +02:00
Maximilian Hils
106f7046d3
refactor request model
2015-09-26 00:39:04 +02:00
Maximilian Hils
45f2ea33b2
minor fixes
2015-09-25 18:24:18 +02:00
Maximilian Hils
c7b8322500
also accept bytes as arguments
2015-09-22 01:56:09 +02:00
Maximilian Hils
f937522773
Headers: return str on all Python versions
2015-09-22 01:48:35 +02:00
Maximilian Hils
9fbeac50ce
revert websocket changes from 73586b1b
...
The DEFAULT construct is very weird,
but with None we apparently break pathod
in some difficult-to-debug ways.
Revisit once we do more here.
2015-09-21 22:49:39 +02:00
Thomas Kriechbaumer
e9fe45f3f4
backport changes
2015-09-21 18:45:49 +02:00
Maximilian Hils
1ff8f294b4
minor encoding fixes
2015-09-21 18:34:43 +02:00
Maximilian Hils
73586b1be9
python 3++
2015-09-21 00:44:17 +02:00
Maximilian Hils
daebd1bd27
python3++
2015-09-20 20:35:45 +02:00
Maximilian Hils
0ad5cbc6bf
python3++
2015-09-20 19:56:45 +02:00
Maximilian Hils
693cdfc6d7
python3++
2015-09-20 19:40:09 +02:00
Maximilian Hils
3f1ca556d1
python3++
2015-09-20 18:12:55 +02:00
Maximilian Hils
91cdd78201
improve http error messages
2015-09-19 11:59:40 +02:00
Maximilian Hils
551d9f11e5
experimental: don't interfere with headers
2015-09-18 18:05:50 +02:00
Maximilian Hils
d1904c2f52
python3++
2015-09-18 15:38:31 +02:00
Maximilian Hils
7b6b157547
properly handle SNI IPs
...
fixes mitmproxy/mitmproxy#772
We must use the ipaddress package here, because that's what cryptography
uses. If we opt for something else, we have nasty namespace conflicts.
2015-09-18 15:35:02 +02:00
Maximilian Hils
266b80238d
fix tests
2015-09-17 17:29:55 +02:00
Maximilian Hils
d798ed955d
python3++
2015-09-17 16:31:50 +02:00
Maximilian Hils
8d71059d77
clean up http message models
2015-09-17 15:16:12 +02:00
Maximilian Hils
a07e43df8b
http1: add assemble_body function
2015-09-17 02:39:42 +02:00
Maximilian Hils
dad9f06cb9
organize exceptions, improve content-length handling
2015-09-17 02:14:14 +02:00
Maximilian Hils
265f31e878
adjust http1-related code
2015-09-16 18:43:24 +02:00
Maximilian Hils
a077d8877d
finish netlib.http.http1 refactor
2015-09-16 00:04:23 +02:00
Maximilian Hils
11e7f476bd
wip
2015-09-15 19:12:15 +02:00
Maximilian Hils
997fcde8ce
make clean_bin unicode-aware
2015-09-12 17:03:09 +02:00
Maximilian Hils
a38142d595
don't yield empty chunks
2015-09-11 01:17:39 +02:00
Maximilian Hils
92c763f469
fix mitmproxy/mitmproxy#759
2015-09-10 12:32:38 +02:00
Maximilian Hils
a5f7752cf1
add ssl_read_select
2015-09-10 11:30:41 +02:00
Maximilian Hils
32b3c32138
add tcp.Address.__hash__
2015-09-08 21:31:27 +02:00
Maximilian Hils
fc86bbd03e
let Headers inherit from object
...
fixes mitmproxy/mitmproxy#753
2015-09-08 15:16:25 +02:00
Maximilian Hils
50bf92ccce
Merge branch 'master' of https://github.com/mitmproxy/netlib
2015-09-05 18:16:41 +02:00
Maximilian Hils
66ee1f465f
headers: adjust everything
2015-09-05 18:15:47 +02:00
Maximilian Hils
3718e59308
finalize Headers, add tests
2015-09-05 15:27:48 +02:00
Maximilian Hils
5f97701958
add new headers class
2015-09-05 13:26:36 +02:00
Thomas Kriechbaumer
3ebe5a5147
http2: do net let Settings frames escape
2015-09-03 21:24:07 +02:00
Thomas Kriechbaumer
53abf5f4d7
http2: handle Ping in protocol
2015-09-03 21:24:07 +02:00
Maximilian Hils
2d0d240abc
Merge branch 'master' of https://github.com/mitmproxy/netlib
2015-08-29 20:56:19 +02:00
Maximilian Hils
4a8fd79e33
don't yield prefix and suffix
2015-08-29 20:54:54 +02:00
Maximilian Hils
1265945f55
move sslversion mapping to netlib
2015-08-29 12:30:35 +02:00
Maximilian Hils
982d8000c4
wip
2015-08-28 17:35:48 +02:00
Thomas Kriechbaumer
3e3b59aa71
http2: fix priority stream dependency check
2015-08-26 20:58:00 +02:00
Maximilian Hils
de0ced73f8
fix error messages
2015-08-25 18:33:55 +02:00
Maximilian Hils
21858995ae
request -> request_method
2015-08-24 18:16:34 +02:00
Maximilian Hils
622665952c
minor stylistic fixes
2015-08-24 16:52:32 +02:00
Thomas Kriechbaumer
cd9701050f
read_response depends on request for stream_id
2015-08-21 10:04:57 +02:00
Thomas Kriechbaumer
53f2582313
http2: fix unhandled settings frame
2015-08-20 20:36:51 +02:00
Thomas Kriechbaumer
16f697f68a
http2: disable features we do not support yet
2015-08-20 10:27:06 +02:00
Thomas Kriechbaumer
94b7beae2a
http2: implement basic flow control updates
2015-08-20 10:27:06 +02:00
Thomas Kriechbaumer
eb34305518
http2: fix frame length field
2015-08-20 10:27:06 +02:00
Thomas Kriechbaumer
e20d4e5c02
http2: add callback to handle unexpected frames
2015-08-20 10:27:06 +02:00
Thomas Kriechbaumer
1025c15242
fix typo
2015-08-20 10:27:06 +02:00
Maximilian Hils
9920de1e15
tcp._Connection: clean up code, fix inheritance
2015-08-19 16:06:33 +02:00
Maximilian Hils
6810fba54e
add ssl peek polyfill
2015-08-19 16:05:42 +02:00
Thomas Kriechbaumer
9686a77dcb
http2: implement request target
2015-08-18 22:17:00 +02:00
Thomas Kriechbaumer
07a1356e2f
http2: add support for too large header frames
2015-08-18 21:22:42 +02:00
Thomas Kriechbaumer
0d384ac2a9
http2: add support for too large data frames
2015-08-18 21:22:42 +02:00
Maximilian Hils
231656859f
TCPClient: more sophisticated address handling
2015-08-18 21:08:42 +02:00
Maximilian Hils
62416daa4a
add Reader.peek()
2015-08-18 21:08:01 +02:00
Maximilian Hils
c92dc1b868
re-add form_out
2015-08-18 21:07:38 +02:00
Aldo Cortesi
3d30667125
Bump netlib version - 0.13.1 is already out
2015-08-17 10:21:30 +12:00
Thomas Kriechbaumer
85cede47aa
allow direct ALPN callback method
2015-08-16 11:41:34 +02:00
Thomas Kriechbaumer
b7e6e1c9b2
add HTTP/1.1 ALPN version string
2015-08-15 17:49:59 +02:00
Thomas Kriechbaumer
6a30ad2ad2
fix minor style offences
2015-08-10 20:50:05 +02:00
Thomas Kriechbaumer
ff27d65f08
cleanup whitespace
2015-08-10 20:44:36 +02:00
Thomas Kriechbaumer
476badf45c
cleanup imports
2015-08-10 20:36:47 +02:00
Thomas Kriechbaumer
690b8b4f4e
add move tests and code from mitmproxy
2015-08-10 20:34:27 +02:00
Maximilian Hils
c2832ef72b
fix mitmproxy/mitmproxy#705
2015-08-03 18:06:31 +02:00
Thomas Kriechbaumer
6a678d86e1
fix mitmproxy tests
2015-08-02 11:27:01 +02:00
Thomas Kriechbaumer
0be84fd6b9
fix tutils imports
2015-08-01 14:49:15 +02:00
Thomas Kriechbaumer
a837230320
move code from mitmproxy to netlib
2015-08-01 12:40:40 +02:00
Thomas Kriechbaumer
7b10817670
http2: improve protocol
2015-07-30 19:40:00 +02:00
Thomas Kriechbaumer
c7fcc2cca5
add on-the-wire representation methods
2015-07-29 11:27:43 +02:00
Thomas Kriechbaumer
827fe824d9
move code from mitmproxy to netlib
2015-07-27 11:48:38 +02:00
Maximilian Hils
fb48217224
improve pyopenssl version check
2015-07-25 13:30:25 +02:00
Maximilian Hils
b57c1386a1
Merge pull request #81 from Kriechi/protocol-refactor
...
HTTP protocol refactoring
2015-07-24 16:50:56 +02:00
Maximilian Hils
1b26161382
add distinct error for cert verification issues
2015-07-24 16:47:28 +02:00
Thomas Kriechbaumer
657973eca3
fix bugs
2015-07-22 16:13:06 +02:00
Thomas Kriechbaumer
faf17d3d60
http2: make proper use of odict
2015-07-22 15:30:51 +02:00
Thomas Kriechbaumer
ecc7ffe928
reduce public interface
...
use private indicator pattern “_methodname”
2015-07-22 15:30:51 +02:00
Thomas Kriechbaumer
83f013fca1
introduce EmptyRequest class
2015-07-22 15:30:51 +02:00
Thomas Kriechbaumer
d62dbee0f6
rename content -> body
2015-07-22 15:30:51 +02:00
Thomas Kriechbaumer
37a0cb858c
introduce ConnectRequest class
2015-07-22 15:30:51 +02:00
Thomas Kriechbaumer
4617ab8a3a
add Request class and unify read_request interface
2015-07-22 15:30:51 +02:00
Thomas Kriechbaumer
808b294865
refactor HTTP/1 as protocol
2015-07-22 15:30:51 +02:00
Thomas Kriechbaumer
230c16122b
change HTTP2 interface to match HTTP1
2015-07-22 15:30:51 +02:00
Thomas Kriechbaumer
bab6cbff1e
extract authentication methods from protocol
2015-07-22 15:30:51 +02:00
Thomas Kriechbaumer
f50deb7b76
move bits around
2015-07-22 15:30:51 +02:00
Thomas Kriechbaumer
bd5ee21284
refactor websockets into protocol
2015-07-22 15:30:50 +02:00
Thomas Kriechbaumer
6dcfc35011
introduce http_semantics module
...
used for generic HTTP representation
everything should apply for HTTP/1 and HTTP/2
2015-07-22 15:30:50 +02:00
Maximilian Hils
e316a9cdb4
bump version
2015-07-22 13:39:48 +02:00
Kyle Morton
c17af4162b
Added a fix for pre-1.0 OpenSSL which wasn't correctly erring on failed certificate validation
2015-07-21 19:15:11 -07:00
Kyle Morton
155bdeb123
Fixing default CA which ought to be read as a pemfile and not a directory
2015-07-21 18:09:42 -07:00
Maximilian Hils
9fdc412fa0
bump version
2015-07-22 00:17:05 +02:00
M. Utku Altinkaya
397b3bba5e
Fixed version error formatting issue
2015-07-21 13:17:46 +03:00
Maximilian Hils
880c66fe48
socks: optionally fail early
2015-07-03 02:45:12 +02:00
Maximilian Hils
9aaf10120d
socks: add assert_socks5 method
2015-07-03 02:01:30 +02:00
Kyle Morton
0a2b25187f
Fixing how certifi is made the default ca_path to simplify calling logic.
2015-06-26 14:57:00 -07:00
Maximilian Hils
2723a0e573
remove certffi
2015-06-26 13:26:35 +02:00
Aldo Cortesi
41925b01f7
Fix printing of SSL version error
...
Fixes #73
2015-06-25 10:37:01 +12:00
Aldo Cortesi
db6576ca6f
Merge pull request #76 from kyle-m/master
...
Provide debugging information when upstream server certificate fails validation
2015-06-24 09:27:08 +12:00
Aldo Cortesi
80dd703a2a
Merge branch 'Kriechi-ssl-version-handling'
2015-06-23 22:18:10 +12:00
Aldo Cortesi
239f4758af
Remove dependence on pathod in test suite.
2015-06-23 22:16:03 +12:00
Kyle Morton
d1452424be
Cleaning up upstream server verification. Adding storage of cerificate
...
verification errors on TCPClient object to enable warnings in downstream
projects.
2015-06-22 17:31:13 -07:00
Kyle Morton
7afe44ba4e
Updating TCPServer to allow tests (and potentially other use cases) to serve
...
certificate chains instead of only single certificates.
2015-06-22 16:48:09 -07:00
Thomas Kriechbaumer
58118d607e
unify SSL version/method handling
2015-06-22 20:39:34 +02:00
Aldo Cortesi
2aa1b98fbf
netlib/test.py -> test/tservers.py
2015-06-22 14:52:23 +12:00
Thomas Kriechbaumer
f5c5deb2ae
fix http user agents
2015-06-18 17:36:58 +02:00
Thomas Kriechbaumer
69e71097f7
mark unused variables and arguments
2015-06-18 17:14:38 +02:00
Aldo Cortesi
4579c67150
Merge branch 'master' of https://github.com/kyle-m/netlib into kyle-m-master
2015-06-18 12:23:03 +12:00
Aldo Cortesi
6e301f37d0
Only set OP_NO_COMPRESSION by default if it exists in our version of OpenSSL
...
We'll need to start testing under both new and old versions of OpenSSL
somehow to catch these...
2015-06-18 12:18:22 +12:00
Aldo Cortesi
4152b14387
Merge pull request #71 from Kriechi/landscape
...
fix warnings and code smells
2015-06-18 12:07:20 +12:00
Thomas Kriechbaumer
836b1eab97
fix warnings and code smells
...
use prospector to find them
2015-06-17 13:10:27 +02:00
Kyle Morton
c9c93af453
Adding certifi as default CA bundle.
2015-06-16 11:11:10 -07:00
Thomas Kriechbaumer
eb823a04a1
http2: improve :authority header
2015-06-16 15:00:29 +02:00
Thomas Kriechbaumer
abb37a3ef5
http2: improve test suite
2015-06-16 15:00:28 +02:00
Thomas Kriechbaumer
20c136e070
http2: return stream_id from request for response
2015-06-16 15:00:28 +02:00
Thomas Kriechbaumer
1c124421e3
http2: fix header_block_fragments and length
2015-06-16 15:00:28 +02:00
Thomas Kriechbaumer
d0a9d3cdda
http2: only first headers frame as END_STREAM flag
2015-06-16 15:00:28 +02:00
Thomas Kriechbaumer
e3db241a2f
http2: improve frame output
2015-06-16 15:00:28 +02:00
Thomas Kriechbaumer
79ff439930
add elliptic curve during TLS handshake
2015-06-16 15:00:28 +02:00
Thomas Kriechbaumer
12702b9a01
http2: improve frame output
2015-06-16 14:55:08 +02:00
Aldo Cortesi
bb206323ab
Merge pull request #69 from kyle-m/master
...
Adding support for upstream certificate validation when using SSL/TLS…
2015-06-16 10:34:09 +12:00
Kyle Morton
fe764cde52
Adding support for upstream certificate validation when using SSL/TLS with an
...
instance of TCPClient.
2015-06-15 10:18:54 -07:00
Thomas Kriechbaumer
0d137eac6f
simplify ALPN
2015-06-14 19:50:35 +02:00
Thomas Kriechbaumer
8d71a5b4ab
http2: add authority header
2015-06-14 19:43:32 +02:00
Thomas Kriechbaumer
9c6d237d02
add new TLS methods
2015-06-14 18:17:53 +02:00
Thomas Kriechbaumer
5fab755a05
add more tests
2015-06-12 15:27:29 +02:00
Thomas Kriechbaumer
a901bc3032
http2: add response creation
2015-06-12 14:45:51 +02:00
Thomas Kriechbaumer
8ea157775d
http2: general improvements
2015-06-12 14:42:07 +02:00
Thomas Kriechbaumer
eeaed93a83
improve ALPN integration
2015-06-11 15:37:17 +02:00
Thomas Kriechbaumer
0595585974
fix coding style
2015-06-08 17:00:03 +02:00
Thomas Kriechbaumer
fdbb3b76cf
http2: add warning if raw data looks like HTTP/1
2015-06-08 16:54:19 +02:00
Thomas Kriechbaumer
abbe88c8ce
fix non-ALPN supported OpenSSL-related tests
2015-06-08 13:25:42 +02:00
Thomas Kriechbaumer
4666d1e7bb
improve ALPN support on travis
2015-06-08 12:52:06 +02:00
Thomas Kriechbaumer
359ef46905
fix coding style
2015-06-08 12:29:39 +02:00
Aldo Cortesi
9c48bfb2a5
http2: ditch the logging for now
...
The API is well designed: it looks like we can get all the information
we need to expose debugging in the caller of the API.
2015-06-06 12:30:53 +12:00
Aldo Cortesi
f2d784896d
http2: resolve module structure and circular dependencies
...
- Move implementation out of __init__.py to protocol.py (an anti-pattern
because it makes the kind of structural refactoring we need hard)
- protocol imports frame, frame does not import protocol. To do this, we
shift the default settings to frame. If this feels wrong, we can move
them to a separate module (defaults.py?.).
2015-06-06 12:26:48 +12:00
Aldo Cortesi
fcaabeb455
Merge pull request #65 from Kriechi/h2-client
...
HTTP/2 protocol definition
2015-06-06 11:54:35 +12:00
Thomas Kriechbaumer
f2db8abbe8
use open instead of file
2015-06-05 20:52:11 +02:00
Thomas Kriechbaumer
fdc908cb98
http2: add protocol tests
2015-06-05 20:19:48 +02:00
Thomas Kriechbaumer
f003f87197
http2: rename module and refactor as strategy
2015-06-05 13:33:37 +02:00
Thomas Kriechbaumer
623dd850e0
http2: add logging and error handling
2015-06-05 13:33:37 +02:00
Thomas Kriechbaumer
40fa113116
http2: change header_block_fragment handling
2015-06-05 13:33:37 +02:00
Thomas Kriechbaumer
5cecbdc168
http2: add basic protocol handling
2015-06-05 13:33:37 +02:00
Thomas Kriechbaumer
e4c129026f
http2: introduce state for connection objects
2015-06-05 13:33:37 +02:00
Thomas Kriechbaumer
436291764c
http2: fix default settings
2015-06-05 13:33:37 +02:00
Thomas Kriechbaumer
9883509f89
simplify default ssl params for test servers
2015-06-05 13:33:37 +02:00
Aldo Cortesi
0269d0fb8b
repr for websocket frames
2015-06-05 17:08:22 +12:00
Aldo Cortesi
2d9b9be1f4
Revert "tcp: clear_log to clear socket logs"
...
start_log also clears the log, which is good enough.
This reverts commit 4ca62e0d9b
.
2015-06-05 11:50:29 +12:00
Aldo Cortesi
4ca62e0d9b
tcp: clear_log to clear socket logs
2015-06-05 11:42:06 +12:00
Aldo Cortesi
113c5c187f
Bump version
2015-06-04 11:14:47 +12:00
Maximilian Hils
c725325a78
Merge pull request #61 from Kriechi/distribute-cffi
...
distribute cffi correctly
2015-05-31 11:44:27 +02:00
Aldo Cortesi
35856ead07
websockets: nicer human readable
2015-05-31 17:24:44 +12:00
Aldo Cortesi
f7bd690e3a
When we see an incomplete read with 0 bytes, it's a disconnect
...
Partially fixes mitmproxy/mitmproxy:#593
2015-05-31 17:18:55 +12:00
Aldo Cortesi
73376e605a
Save first byte timestamp for writers too.
2015-05-31 16:54:14 +12:00
Aldo Cortesi
4ec181c140
Move version check to netlib, unit test it.
2015-05-31 13:12:01 +12:00
Thomas Kriechbaumer
b395049a85
distribute cffi correctly
2015-05-30 15:15:08 +02:00
Aldo Cortesi
f76bfabc5d
Adjust pep8 parameters, reformat
2015-05-30 12:02:58 +12:00
Thomas Kriechbaumer
c32d8189fa
cleanup imports
2015-05-29 17:00:38 +02:00
Thomas Kriechbaumer
e2de49596d
add HTTP/2-capable client
2015-05-29 15:31:22 +02:00
Thomas Kriechbaumer
780836b182
add ALPN support to TCP abstraction
2015-05-29 15:31:22 +02:00
Thomas Kriechbaumer
d50b9be0d5
add generic frame parsing method
2015-05-29 15:31:22 +02:00
Thomas Kriechbaumer
4c469fdee1
add hpack to encode and decode headers
2015-05-29 15:31:22 +02:00
Thomas Kriechbaumer
754f929187
fix default argument
...
Python evaluates default args during method definition.
So you get the same dict each time you call this method.
Therefore the dict is the SAME actual object each time.
2015-05-29 11:42:46 +02:00
Thomas Kriechbaumer
5288aa3640
add human_readable() to each frame for debugging
2015-05-29 11:42:46 +02:00
Aldo Cortesi
1dda164d03
Satisfy autobots.
2015-05-28 12:18:56 +12:00
Aldo Cortesi
41af65a1c4
Merge branch 'Kriechi-cleanup'
2015-05-28 12:12:37 +12:00
Thomas Kriechbaumer
161bc2cfaa
cleanup code with autoflake
...
run the following command:
$ autoflake -r -i --remove-all-unused-imports --remove-unused-variables .
2015-05-27 11:25:33 +02:00
Thomas Kriechbaumer
e3d390e036
cleanup code with autopep8
...
run the following command:
$ autopep8 -i -r -a -a .
2015-05-27 11:19:11 +02:00
Thomas Kriechbaumer
041ca5c499
update TLS defaults: signature hash and DH params
...
* SHA1 is deprecated (use SHA256)
* increase RSA key to 2048 bits
* increase DH params to 4096 bits (LogJam attack)
2015-05-27 10:53:57 +02:00
Thomas Kriechbaumer
d6a68e1394
remove outdated workarounds
2015-05-27 10:23:43 +02:00
Aldo Cortesi
3f25df0b12
Merge pull request #56 from Kriechi/http2-frames
...
implement basic HTTP/2 frame classes
2015-05-27 09:30:52 +12:00
Thomas Kriechbaumer
4ce6f43616
implement basic HTTP/2 frame classes
2015-05-26 17:59:29 +02:00
Aldo Cortesi
ae749975e5
Post release version bump.
2015-05-26 10:43:28 +12:00
Maximilian Hils
46fadfc823
improve displaying tcp addresses
2015-05-18 17:16:42 +02:00
Aldo Cortesi
f40bf865b1
release prep: bump version
2015-05-18 10:46:00 +12:00
Aldo Cortesi
ace4454523
Zap outdated comment
2015-05-16 11:32:18 +12:00
Aldo Cortesi
f2bc58cdd2
Add tcp.Reader.safe_read, use it in socks and websockets
...
safe_read is guaranteed to raise or return a byte string of the
requested length. It's particularly useful for implementing binary
protocols.
2015-05-05 10:47:02 +12:00
Aldo Cortesi
08b2e2a6a9
websockets: more flexible masking interface.
2015-05-01 10:31:20 +12:00
Aldo Cortesi
7d9e38ffb1
websockets: A progressive masker.
2015-05-01 10:09:35 +12:00
Aldo Cortesi
4dce7ee074
websockets: more compact and legible human_readable
2015-04-30 12:10:08 +12:00
Aldo Cortesi
8086022920
Add a tiny utility class for keeping bi-directional mappings.
...
Use it in websocket and socks.
2015-04-30 09:04:22 +12:00
Aldo Cortesi
18df329930
websockets: nicer frame construction
...
- Resolve unspecified values on instantiation
- Add a check for masking key length
- Smarter resolution for masking_key and mask values. Do the right thing unless told not to.
2015-04-24 15:42:31 +12:00
Aldo Cortesi
192fd1db7f
websockets: include all header values in frame roundtrip
2015-04-24 15:31:14 +12:00
Aldo Cortesi
def93ea8ca
websockets: remove validation
...
We don't really need this any more. The interface is much less error prone
because bit flags are no longer integers, we have a range check on opcode on
header instantiation, and we've deferred length code calculation and so forth
into the byte render methods.
2015-04-24 15:23:00 +12:00
Aldo Cortesi
f22bc0b4c7
websocket: interface refactoring
...
- Separate out FrameHeader. We need to deal with this separately in many circumstances.
- Simpler equality scheme.
- Bits are now specified by truthiness - we don't care about the integer value.
This means lots of validation is not needed any more.
2015-04-24 15:09:21 +12:00
Aldo Cortesi
3519871f34
websockets: refactor to avoid rundantly specifying payloads and payload lengths
2015-04-24 09:21:04 +12:00
Aldo Cortesi
bdd52fead3
websockets: extract frame header creation into a function
2015-04-24 08:47:09 +12:00
Aldo Cortesi
42a87a1d8b
websockets: handshake checks only take headers
2015-04-23 08:23:51 +12:00
Aldo Cortesi
4fb49c8e55
websockets: (very) slightly nicer is_valid constraints
2015-04-21 23:49:27 +12:00
Aldo Cortesi
176e29fc09
websockets: constants, variable names, refactoring
2015-04-21 23:13:42 +12:00
Aldo Cortesi
1b509d5aea
Whitespace, interface simplification
...
- safe_tobytes doesn't buy us much
- move masking key generation inline
2015-04-21 22:51:01 +12:00
Aldo Cortesi
3e0a71ea34
websockets: refactor to use http and header functions in http.py
2015-04-21 22:39:45 +12:00
Aldo Cortesi
e5f1264838
Whitespace, indentation, nounce -> nonce
2015-04-21 13:39:00 +12:00
Aldo Cortesi
7d83e388aa
Whitespace, pep8, mixed indentation
2015-04-21 11:19:00 +12:00
Aldo Cortesi
dd7ea896f2
Return a named tuple from read_response
2015-04-21 11:11:16 +12:00
Aldo Cortesi
2c660d7633
Migrate requeset reading from mitmproxy to netlib
2015-04-21 11:05:12 +12:00
Chandler Abraham
4ea1ccb638
fixing test coverage, adding to_file/from_file reader writes to match socks.py
2015-04-19 22:18:30 -07:00
Aldo Cortesi
74389ef04a
Websockets: reorganise
...
- websockets.py to top-level
- implementations into test suite
2015-04-20 09:38:09 +12:00
Maximilian Hils
08ba987a84
Merge branch 'master' of github.com:mitmproxy/netlib
2015-04-17 16:29:25 +02:00
Maximilian Hils
0c2ad1edb1
fix socket_close on Windows, refs mitmproxy/mitmproxy#527
2015-04-17 16:29:09 +02:00
Aldo Cortesi
7defb5be86
websockets: more whitespace, WebSocketFrame -> Frame
2015-04-17 14:29:20 +12:00
Aldo Cortesi
488c25d812
websockets: whitespace, PEP8
2015-04-17 13:57:39 +12:00
Aldo Cortesi
3bbafa24bd
Merge pull request #54 from Chandler/websockets
...
Netlib WebSockets take 1
2015-04-17 13:46:51 +12:00
Aldo Cortesi
c53d89fd7f
Improve flexibility of http_cookies._format_pairs
2015-04-16 08:30:54 +12:00
Aldo Cortesi
0c85c72dc4
ODict improvements
...
- Setting values now tries to preserve the existing order, rather than
just appending to the end.
- __repr__ now returns a repr of the tuple list. The old repr becomes a
.format() method. This is clearer, makes troubleshooting easier, and
doesn't assume all data in ODicts are header-like
2015-04-15 10:28:17 +12:00
Aldo Cortesi
aeebf31927
odict: don't convert values to strings when added
2015-04-14 16:20:02 +12:00
Aldo Cortesi
d739882bf2
Add an .extend method for ODicts
2015-04-14 13:50:57 +12:00
Aldo Cortesi
6db5e0a4a1
Remove old-style set-cookie cruft, unit tests to 100%
2015-04-14 10:13:03 +12:00
Aldo Cortesi
de9e741125
Firm up cookie parsing and formatting API
...
Make a tough call: we won't support old-style comma-separated set-cookie
headers. Real world testing has shown that the latest rfc (6265) is
often violated in ways that make the parsing problem indeterminate.
Since this is much more common than the old style deprecated set-cookie
variant, we focus on the most useful case.
2015-04-14 10:02:10 +12:00
Chandler Abraham
2d72a1b6b5
100% test coverage, though still need plenty more
2015-04-13 13:36:09 -07:00
Chandler Abraham
f131f9b855
handshake tests, serialization test
2015-04-11 17:26:59 -07:00
Aldo Cortesi
1a79ef8b6c
Merge branch 'master' of https://github.com/mitmproxy/netlib
2015-04-12 11:32:27 +12:00
Aldo Cortesi
2630da7263
cookies: Cater for special values, fix some bugs found in real-world testing
2015-04-12 11:30:35 +12:00
Aldo Cortesi
73ce169e3d
Initial outline of a cookie parsing and serialization module.
2015-04-12 10:26:09 +12:00
Chandler Abraham
0edc04814e
small cleanups, working on tests
2015-04-11 11:35:15 -07:00
Chandler Abraham
e41e5cbfdd
netlib websockets
2015-04-10 18:37:41 -07:00
Maximilian Hils
e58f76aec1
fix code smell
2015-04-09 02:09:33 +02:00
Maximilian Hils
7f7ccd3a18
100% test coverage
2015-04-09 00:57:37 +02:00
Maximilian Hils
6fbe3006af
fail gracefully if we cannot start a new thread
2015-04-09 00:13:01 +02:00
Maximilian Hils
d5eff70b6e
fix tests on Windows
2015-03-07 01:31:31 +01:00
Maximilian Hils
dbadc1b613
clean up cert handling, fix mitmproxy/mitmproxy#472
2015-03-07 01:22:02 +01:00
Maximilian Hils
d71f3b68fd
make tests more robust, fix coveralls
2015-02-27 22:27:23 +01:00
Maximilian Hils
da1eb94ccd
100% test coverage 🎉
2015-02-27 22:02:52 +01:00
Maximilian Hils
63fb433690
fix #53
2015-02-27 20:40:17 +01:00
Maximilian Hils
738a7b34a2
Merge branch 'master' of github.com:mitmproxy/netlib
2015-02-27 17:00:19 +01:00
Maximilian Hils
224f737646
add option to log ssl keys
...
refs mitmproxy/mitmproxy#475
2015-02-27 16:59:29 +01:00
Maximilian Hils
2a2402dfff
...two years is not enough.
2015-02-17 00:10:10 +01:00
Aldo Cortesi
7e5bb74e72
5 years is enough...
2015-02-17 12:03:52 +13:00
Aldo Cortesi
c9de3e770b
By popular demand, bump dummy cert expiry to 5 years
...
fixes #52
2015-02-17 11:59:07 +13:00
Aldo Cortesi
3c919631d4
Bump version
2014-12-28 22:46:19 +13:00
Maximilian Hils
438c1fbc7d
TCPClient: Use TLS1.1+ where available, BaseHandler: disable SSLv2
2014-12-15 12:32:36 +01:00
Aldo Cortesi
7098c90a6d
Bump version to 0.11.1
2014-11-15 12:45:06 +13:00
Aldo Cortesi
c56e7a90d8
Fix tracebacks in connection finish
2014-11-15 12:31:13 +13:00
Maximilian Hils
60584387ff
be more explicit about requirements
2014-11-11 12:26:20 +01:00
Aldo Cortesi
0811a9ebde
.flush can raise NetlibDisconnect. This fixes a traceback found in fuzzing.
2014-11-07 16:01:41 +13:00
Aldo Cortesi
9ce2f473f6
Simplify expected_http_body_size signature, fixing a traceback found in fuzzing
2014-11-07 15:59:00 +13:00
Aldo Cortesi
ba468f12b8
Whitespace and legibility
2014-10-26 17:30:26 +13:00
Maximilian Hils
ed5e685565
refactor tcp close, fix mitmproxy/mitmproxy#376
2014-10-22 17:54:20 +02:00
Maximilian Hils
29a4e91050
fix mitmproxy/mitmproxy#375
2014-10-17 18:48:30 +02:00
Maximilian Hils
e6a8730f98
fix tcp closing for ssled connections
2014-10-09 04:42:39 +02:00
Maximilian Hils
987fa22e64
make socks reading more bulletproof
2014-10-09 01:46:08 +02:00
Maximilian Hils
9ef84ccc1c
clean up code
2014-10-09 00:15:39 +02:00
Maximilian Hils
fdb6f5552d
CertStore: add support for cert chains
2014-10-08 20:46:30 +02:00
Maximilian Hils
274688172d
fix mitmproxy/mitmproxy#373
2014-10-08 18:40:46 +02:00
Maximilian Hils
e73a2dbab1
minor changes
2014-09-28 03:15:26 +02:00
Aldo Cortesi
0e30796469
Short-form getstate
2014-09-17 14:04:26 +12:00
Aldo Cortesi
414a0a1602
Adjust for state object protocol changes in mitmproxy.
2014-09-17 11:47:07 +12:00
Aldo Cortesi
b21df0cf44
Merge branch 'master' of ssh.github.com:cortesi/netlib
2014-09-09 10:10:10 +12:00
Aldo Cortesi
63c1efd394
Remove avoidable imports from OpenSSL
...
Fixes #38
2014-09-09 10:08:56 +12:00
Maximilian Hils
f90ea89e69
more verbose errors
2014-09-08 18:38:05 +02:00
Aldo Cortesi
5dcc7f78df
Merge pull request #34 from bbaetz/master
...
Change the criticality of a number of X509 extentions, to match
2014-09-07 12:50:36 +12:00
Aldo Cortesi
754b627937
Merge pull request #48 from mitmproxy/mitmproxy_issue_341
...
Adjust netlib to mitmproxy changes
2014-09-07 12:47:49 +12:00
Aldo Cortesi
f4013dcd40
Add a FIXME note for discarded credentials
2014-09-07 12:47:17 +12:00
Aldo Cortesi
52f430c934
Merge pull request #37 from pritambaral/urlparse
...
More accurate host, port parsing
2014-09-07 12:46:01 +12:00
Aldo Cortesi
f98989b075
Merge branch 'master' into mitmproxy_issue_341
...
Conflicts:
netlib/tcp.py
2014-09-07 12:39:59 +12:00
Aldo Cortesi
b688661ffb
Merge branch 'func'
2014-09-07 11:25:28 +12:00
Aldo Cortesi
3b81d678c4
Use print function after future import
2014-09-07 11:24:41 +12:00
Maximilian Hils
c2e74ef95c
Merge branch 'master' into mitmproxy_issue_341
2014-09-04 21:21:03 +02:00
Maximilian Hils
d9a731b23a
make inequality comparison work
2014-09-04 19:18:43 +02:00
Maximilian Hils
4bf7f3c0ff
set source_address if not manually specified
2014-09-04 16:55:02 +02:00
Maximilian Hils
ec628bc37d
fix tcp.Address inequality comparison
2014-09-04 01:10:44 +02:00
Maximilian Hils
3d489f3bb7
adapt netlib.wsgi to changes in mitmproxy/mitmproxy#341
2014-09-03 17:15:50 +02:00
Maximilian Hils
6d1b601ddf
minor cleanups
2014-08-16 15:53:07 +02:00
Maximilian Hils
1c1167eda0
use passlib instead of md5crypt
2014-08-16 15:28:09 +02:00
Maximilian Hils
1b8529649c
Merge pull request #42 from mitmproxy/stream
...
Stream
2014-07-31 22:05:44 +02:00
kronick
197dae9183
Made attribute optional (as it is in pyOpenSSL)
...
See 0d7e8a1af2
-- It looks like this constant isn't set on some platforms (including Raspberry Pi's libssl)
2014-07-29 15:12:13 +02:00
Maximilian Hils
254a686235
Merge branch 'master' into stream
...
Conflicts:
netlib/http.py
2014-07-21 14:02:56 +02:00
Maximilian Hils
6bd5df79f8
refactor response length handling
2014-07-21 14:01:24 +02:00
Maximilian Hils
d382bb27bf
certstore: add support for asterisk form to DNTree replacement
2014-07-19 00:02:31 +02:00
Maximilian Hils
a7837846a2
temporarily replace DNTree with a simpler cert lookup mechanism, fix mitmproxy/mitmproxy#295
2014-07-18 22:55:25 +02:00
Brad Peabody
280d9b8625
added some additional functions for dealing with chunks - needed for mitmproxy streaming capability
2014-07-17 22:34:29 -07:00
Maximilian Hils
24ef9c61a3
improve docs
2014-07-14 17:38:49 +02:00