Commit Graph

236 Commits

Author SHA1 Message Date
Aldo Cortesi
0a642f2441 Make the certificate wait time configurable.
Since OpenSSL doesn't let us set certificate start times in the past, the
client and proxy machine time must be synchronized, or the client might reject
the certificate. We can bodgy over small discrepancies by waiting a few seconds
after a new certificate is generated (i.e. the first time an SSL domain is contacted).

Make this a configurable option, and turn it off by default.
2011-06-27 16:10:17 +12:00
Aldo Cortesi
f004326855 Try not to hang when user views large request & response bodies
Two different strategies here:

    - Use a simple heuristic to detect if we're looking at XML data when indent
    mode is used. On non-XML data we can hang even on small documents.

    - Only view partial data for large bodies. At the moment the cutoff is
    100k. I might finetune this later.
2011-06-27 15:59:17 +12:00
Aldo Cortesi
2ae7808ca9 Don't redraw the screen more often than necessary. 2011-06-27 14:01:08 +12:00
Aldo Cortesi
b04d074341 Repair a problem that sometimes caused SSL connections to peg the CPU. 2011-06-23 17:00:55 +12:00
Aldo Cortesi
0d9e0eac9a Don't backup flows before replay.
This lets us revert to the original request, even after replaying an edit.
2011-06-23 14:47:34 +12:00
Aldo Cortesi
00929a51c0 Merge pull request #2 from zellux/master
Fix urwid version parsing error when it's something like 0.9.10-pre
2011-06-20 02:46:08 -07:00
Yuangxuan Wang
e56793f01e Fix urwid version parsing error when it's something like 0.9.10-pre 2011-06-20 16:18:55 +08:00
Aldo Cortesi
7d7803a4d9 Add a hideous kludge to fix not-yet-valid certificates.
- The OpenSSL x509 has no way to explicitly set the notBefore value on
certificates.

- If two systems have the same configured time, it's possible to return a
certificate before the validity start time has arrived.

- We "solve" this by waiting for one second when a certificate is first
generated before returning the cert. The alternative is to rewrite pretty much
all of our certificate generation, a thought too horrible to contemplate.
2011-06-11 15:16:16 +12:00
Aldo Cortesi
62f9864395 Merge branch 'master' of github.com:cortesi/mitmproxy 2011-06-02 10:45:17 +12:00
Aldo Cortesi
1de5209340 Add an "SSL exception" to the license.
This is to clarify that mitmproxy can be distributed with OpenSSL. It's unclear
whether this is really needed, but I've had at least one request for this, and
there's a precendent in other Open Source projects.
2011-06-02 10:43:11 +12:00
Aldo Cortesi
07110bbbf1 Anticache and refresh_server_playback options are applied before flows are loaded.
You can now use mitmdump to preview how these options work, by running mitmdump
against a set of saved flows, and viewing the output.
2011-05-15 12:23:34 +12:00
Aldo Cortesi
e285b17e3f Add -r option to mitmdump and mitmproxy.
This option reads a set of flows from a file. I've also regularized the
mitmdump and mitmproxy command-line signatures by removing mitmproxy's old way
of specifying flow loads through naked arguments.
2011-05-15 11:54:12 +12:00
Aldo Cortesi
613e9a298e Add a new flow loading mechanism.
We now simulate the normal connection flow when we load flows. That means
that we can run scripts, hooks, sticky cookies, etc.
2011-05-15 11:22:35 +12:00
Aldo Cortesi
6175d92583 Minor code cleanup - no need to recreate the master queue. 2011-05-14 12:12:03 +12:00
Aldo Cortesi
f89581be1b Add a -n option which tells the tools not to bind a proxy.
This is useful when you just want to inspect or process dumps.
2011-05-14 10:44:25 +12:00
Aldo Cortesi
c6075e1d93 Add the 30-second client replay tutorial to the docs.
It's verbatim from the blog post at the moment - I might edit it a bit before
pushing it to mitmproxy.org.
2011-03-31 11:28:58 +13:00
Aldo Cortesi
3906f06617 Changelog for 0.4. 2011-03-30 18:27:25 +13:00
Aldo Cortesi
f12510d979 Spell-check docs, setup.py fixes, add missing files to manifest. 2011-03-30 12:05:50 +13:00
Aldo Cortesi
60aa16fc56 Minor docs tweaks. Mention countershape. 2011-03-29 11:53:13 +13:00
Aldo Cortesi
d917cfd916 Refactoring. 2011-03-29 10:57:50 +13:00
Aldo Cortesi
c3105153a5 Add some debugging output to help troubleshoot a performance problem. 2011-03-27 13:10:06 +13:00
Aldo Cortesi
c0bd1a39e4 unit test coverage ++ 2011-03-20 18:52:16 +13:00
Aldo Cortesi
c726519e73 Add a stickyauth option.
This allows us to replay an HTTP Authorization header, in the same way as we
replay cookies using stickycookies. This lets us conveniently get at HTTP Basic
Auth protected resources through the proxy, but is not enough to do the same
for HTTP Digest auth. We'll put that on the todo list.
2011-03-20 17:31:54 +13:00
Aldo Cortesi
4f877cde6a Reverse order of flows in mitmproxy.
It matches user expectations much better to have new flows appended to the bottom.
2011-03-20 09:31:39 +13:00
Aldo Cortesi
80e023b5ba Add a script to generate a contributors list, and use it to make a CONTRIBUTORS file. 2011-03-19 20:34:53 +13:00
Aldo Cortesi
5015b1dfb2 Docs - refinement and styling. 2011-03-19 19:47:19 +13:00
Aldo Cortesi
93373efc8c Documentation, styling to fit on website. 2011-03-19 16:30:45 +13:00
Aldo Cortesi
de73927896 Docs and todo. 2011-03-19 12:47:37 +13:00
Aldo Cortesi
6d4bb1faeb Docs.
Add screenshots and an explanation of interception.
2011-03-19 12:32:44 +13:00
Aldo Cortesi
3120b5ce15 Docs.
- Add IOS screenshots.
- Add drop-shadows to screenshots that need them.
- Optimise PNGs for size.
2011-03-19 11:57:14 +13:00
Aldo Cortesi
872b7881f2 Docs. 2011-03-19 11:26:51 +13:00
Aldo Cortesi
35a952ef3c Docs. 2011-03-18 17:53:00 +13:00
Aldo Cortesi
e22fd74d06 Revamp key generation.
We now create three different files in the .mitmproxy directory when a dummy CA
is made:

mitmproxy-ca.pem - the CA, including private key

mitmproxy-ca-cert.p12 - A pkcs12 version of the certificate, for distribution to Windows.

mitmproxy-ca-cert.pem - A PEM version of the certificate, for distribution to everyone else.
2011-03-18 16:45:31 +13:00
Aldo Cortesi
3fbf343985 Tweak CA and cert setup to be nice to Windows.
For some reason Satan's Operating System doesn't join up the certification path
if the key identifiers are set to hash. This took a few hours of trial and
error to figure out.
2011-03-18 14:48:43 +13:00
Aldo Cortesi
907536503c Enable request and response script commandline arguments for mitmproxy. 2011-03-18 10:43:43 +13:00
Aldo Cortesi
968c612769 Minor fix to setup.py. 2011-03-18 10:35:09 +13:00
Aldo Cortesi
fc9e0dcacb Maintain focus in mitmproxy when flows are loaded from file. 2011-03-18 10:33:32 +13:00
Aldo Cortesi
0e62dd479b Do id-based comparison rather than value-based comparison to establish flow focus.
This fixes a bug where focus would jump unpredictably between identical flows.
2011-03-18 10:21:59 +13:00
Aldo Cortesi
894d3cc62d Use path_prompt rather than plain prompt where needed in mitmproxy. 2011-03-18 10:14:57 +13:00
Aldo Cortesi
89b0ac5195 Server replay shortcut in mitmproxy can now be used to interrupt a current replay. 2011-03-18 09:43:47 +13:00
Aldo Cortesi
f97c144869 Client playback shortcut in mitmproxy can now be used to interrupt a current client playback. 2011-03-18 09:38:51 +13:00
Aldo Cortesi
4893e5e5a4 We have to pass -CAcreateserial after all. 2011-03-18 09:24:04 +13:00
Aldo Cortesi
e983253ecc Docs, minor cert tweaks. 2011-03-18 09:04:49 +13:00
Aldo Cortesi
2af6dcf6f7 Documentation. 2011-03-16 15:50:31 +13:00
Aldo Cortesi
9af516b14b Documentation. 2011-03-16 15:27:26 +13:00
Aldo Cortesi
e6ef0c3faf Begin to flesh out and refactor docs. 2011-03-16 11:09:10 +13:00
Aldo Cortesi
394bd1d6b0 Interrupt interception when deleting an intercepting flow.
Prompting the user for this is annoying.
2011-03-15 17:53:29 +13:00
Aldo Cortesi
e3ad3790de Fix minor styling and glitches. 2011-03-15 17:37:09 +13:00
Aldo Cortesi
6d5c32ad4b Fix hang on shutdown. 2011-03-15 17:21:35 +13:00
Aldo Cortesi
fb28e71f0b Do pre-processing of requests before replay.
This enables scripts, anticache, server playback and sticky cookies for
request replays.
2011-03-15 15:11:03 +13:00