Aldo Cortesi
7f0aa415e1
Add a request_client_cert argument to server SSL conversion.
...
By default, we now do not request the client cert. We're supposed to be able to
do this with no negative effects - if the client has no cert to present, we're
notified and proceed as usual. Unfortunately, Android seems to have a bug
(tested on 4.2.2) - when an Android client is asked to present a certificate it
does not have, it hangs up, which is frankly bogus. Some time down the track
we may be able to make the proper behaviour the default again, but until then
we're conservative.
2013-05-13 08:48:21 +12:00
Aldo Cortesi
9c13224353
Fix exception hierarchy.
2013-05-05 13:49:20 +12:00
Tim Becker
241465c368
extensions aren't supported in v1, set to v3 (value=2) if using them.
2013-04-19 15:37:14 +02:00
Aldo Cortesi
a94d17970e
Sync version number with mitmproxy.
2013-03-05 09:09:52 +13:00
Aldo Cortesi
5f0ad7b2a6
Ensure that HTTP methods are ASCII.
2013-03-03 22:13:23 +13:00
Aldo Cortesi
5a050bb6b2
Tighten up checks on port ranges and path character sets.
2013-03-03 21:39:15 +13:00
Aldo Cortesi
b21a7da142
parse_url: Handle invalid IPv6 addresses
2013-03-03 15:12:58 +13:00
Aldo Cortesi
7b9300743e
More parse_url solidification: check that port is in range 0-65535
2013-03-03 15:08:17 +13:00
Aldo Cortesi
cd4ed8530f
Check that hosts in parse_url do not contain NULL bytes.
2013-03-03 15:03:57 +13:00
Aldo Cortesi
2897ddfbee
Stricter error checking for http.parse_url
2013-03-03 14:52:06 +13:00
Aldo Cortesi
1fe1a802ad
100% test coverage.
2013-03-03 12:16:09 +13:00
Aldo Cortesi
0acab862a6
Integrate HTTP auth, test to 100%
2013-03-03 10:37:28 +13:00
Aldo Cortesi
97537417f0
Factor out http.parse_response_line
2013-03-02 16:57:38 +13:00
Aldo Cortesi
0fa6351965
ODict.keys
2013-02-28 09:28:48 +13:00
Aldo Cortesi
f30df13384
Make sni_handler an argument to BaseHandler.convert_to_ssl
2013-02-25 21:11:09 +13:00
Aldo Cortesi
97e11a219f
Housekeeping and cleanup, some minor argument name changes.
2013-02-24 15:36:15 +13:00
Aldo Cortesi
c6f9a2d74d
More accurate description of an HTTP read error, make pyflakes happy.
2013-02-24 11:08:43 +13:00
Aldo Cortesi
7d18535665
100% test coverage
2013-01-27 19:21:18 +13:00
Aldo Cortesi
7433dfceae
Bump unit tests, fix two serious wee buglets discovered.
2013-01-26 21:29:45 +13:00
Aldo Cortesi
e5b125eec8
Introduce the mock module to improve unit tests.
...
There are a few socket corner-cases that are incredibly hard to reproduce in a
unit test suite, so we use mock to trigger the exceptions instead.
2013-01-26 21:19:35 +13:00
Aldo Cortesi
cc4867064b
Streamline netlib.test API
2013-01-25 16:03:59 +13:00
Aldo Cortesi
2eb6651e51
Extract TCP test utilities into netlib.test
2013-01-25 15:54:41 +13:00
Aldo Cortesi
7248a22d5e
Improve error signalling for client certificates.
2013-01-20 22:36:54 +13:00
Aldo Cortesi
00d20abdd4
Beef up client certificate handling substantially.
2013-01-20 22:13:38 +13:00
Aldo Cortesi
1499529e62
Fix client cert typo.
2013-01-18 17:07:35 +13:00
Rouli
04048b4c73
renaming the timestamp in preparation of other timestamps that will be added later, adding tests
2013-01-16 22:30:19 +02:00
Israel Nir
10457e876a
adding read timestamp to enable better resolution of when certain reads were performed (timestamp is updated when the first byte is available on the network)
2013-01-10 15:51:37 +02:00
Aldo Cortesi
e4acace8ea
Sanity-check certstore common names.
2013-01-06 01:34:39 +13:00
Aldo Cortesi
91834ea78f
Generate certificates with a commencement date an hour in the past.
...
This helps smooth over small discrepancies in client and server times, where
it's possible for a certificate to seem to be "in the future" to the client.
2013-01-06 01:16:58 +13:00
Aldo Cortesi
72032d7fe7
Basic certificate store implementation and cert utils API cleanup.
2013-01-06 01:16:25 +13:00
Aldo Cortesi
d3b46feb60
Handle non-integer port error in parse_init_connect correctly
2013-01-05 20:06:55 +13:00
Aldo Cortesi
ddc08efde1
Minor cleanup of http.parse_init* methods.
2013-01-04 14:23:52 +13:00
Maximilian Hils
043d05bcde
add __iter__ for odict
2012-12-05 04:03:39 +01:00
Aldo Cortesi
f8e10bd6ae
Bump version.
2012-10-31 22:26:09 +13:00
Aldo Cortesi
6517d9e717
More info on disconnect exception.
2012-10-14 09:03:23 +13:00
Aldo Cortesi
77869634e2
Limit reads to block length.
2012-10-09 16:25:15 +13:00
Aldo Cortesi
15679e010d
Add a settimeout method to tcp.BaseHandler.
2012-10-01 11:30:02 +13:00
Aldo Cortesi
064b4c8001
Make cleanBin escape carriage returns.
...
We get confusing output on terminals if we leave \r unescaped.
2012-09-27 10:59:46 +12:00
Aldo Cortesi
b308824193
Create netlib.utils, move cleanBin and hexdump from libmproxy.utils.
2012-09-24 11:21:48 +12:00
Aldo Cortesi
3a21e28bf1
Split FileLike into Writer and Reader, and add logging functionality.
2012-09-24 11:10:21 +12:00
Aldo Cortesi
8a6cca530c
Don't create fresh FileLike objects when converting to SSL
2012-09-24 10:47:41 +12:00
Aldo Cortesi
1c80c2fdd7
Add a collection of standard User-Agent strings.
...
These will be used in both mitmproxy and pathod.
2012-09-01 23:04:44 +12:00
Aldo Cortesi
33557245bf
v0.2.1
2012-08-23 12:57:22 +12:00
Aldo Cortesi
877a3e2062
Add a get_first convenience function to ODict.
2012-08-18 18:14:13 +12:00
Aldo Cortesi
1c21a28e64
read_headers: handle some crashes, return None on invalid data.
2012-07-30 12:50:35 +12:00
Aldo Cortesi
eafa5566c2
Handle disconnects on flush.
2012-07-30 11:30:31 +12:00
Aldo Cortesi
4fb5d15f14
Bump version.
2012-07-29 15:53:42 +12:00
Aldo Cortesi
728ef107a0
Ignore SAN entries that we don't understand.
2012-07-24 14:55:54 +12:00
Aldo Cortesi
91752990d5
Handle HTTP responses that have a body but no content-length or transfer encoding
...
We check if the server sent a connection:close header, and read till the socket
closes.
Closes #2
2012-07-24 11:41:18 +12:00
Aldo Cortesi
eb88cea3c7
Catch an amazingly subtle SSL connection corruption bug.
...
Closing a set of pseudo-file descriptors in the wrong order caused junk data to
be written to the SSL stream. An apparent bug in OpenSSL then lets this corrupt
the _next_ SSL connection.
2012-07-23 23:20:32 +12:00
Aldo Cortesi
ed64b0e796
Fix http_protocol parsing crash discovered with pathoc fuzzing.
2012-07-22 12:35:16 +12:00
Aldo Cortesi
619f3c6edc
Handle unexpected SSL connection termination in readline.
2012-07-21 20:51:05 +12:00
Aldo Cortesi
b2c491fe39
Handle socket disconnects on reads.
2012-07-21 17:50:21 +12:00
Aldo Cortesi
29f907ecf9
Handle HTTP versions malformed due to non-integer major/minor numbers.
2012-07-21 17:27:23 +12:00
Aldo Cortesi
2387d2e8ed
Timeout for TCP clients.
2012-07-21 16:10:54 +12:00
Aldo Cortesi
ba53d2e4ca
Set ssl_established right after the connection object is changed.
2012-07-20 15:15:07 +12:00
Aldo Cortesi
a1a1663c0f
Fix cert path.
2012-07-20 14:45:58 +12:00
Aldo Cortesi
0791fe6cc6
Merge branch 'master' of ssh.github.com:cortesi/netlib
2012-07-20 14:44:23 +12:00
Aldo Cortesi
63d789109a
close() methods for clients and servers.
2012-07-20 14:43:51 +12:00
Maximilian Hils
9ab7842c81
fix relative certdir
2012-07-11 11:09:41 +02:00
Aldo Cortesi
1227369db3
Signal errors back to caller in WSGI .serve()
2012-07-11 07:16:45 +12:00
Aldo Cortesi
4fdc2179e2
Don't write empty values.
2012-07-10 16:34:39 +12:00
Aldo Cortesi
721e2c8277
Somewhat nicer handling of errors after thread termination.
2012-07-10 16:22:45 +12:00
Aldo Cortesi
ba7437abcb
Add an exception to indicate remote disconnects.
2012-07-08 23:50:38 +12:00
Aldo Cortesi
20cc1b6aa4
Refactor TCP test suite.
2012-07-05 10:57:20 +12:00
Aldo Cortesi
96af5c16a0
Expose SSL options, use TLSv1 by default for client connections.
2012-07-04 21:30:07 +12:00
Aldo Cortesi
67669a2a57
Allow control of buffer size for TCPClient, improve error messages.
2012-06-30 10:52:28 +12:00
Aldo Cortesi
7480f87cd7
Add utility function for converstion to PEM.
2012-06-28 14:56:21 +12:00
Aldo Cortesi
3f9aad53ab
Return a certutils.SSLCert object from get_remote_cert.
2012-06-28 10:59:03 +12:00
Aldo Cortesi
bae86480d4
Merge branch 'master' of github.com:cortesi/netlib
2012-06-28 09:57:33 +12:00
Aldo Cortesi
92c7d38bd3
Handle obscure termination scenario, where interpreter exits before thread termination.
2012-06-28 09:56:58 +12:00
Aldo Cortesi
a1491a6ae0
Add a get_remote_cert method to tcp client.
2012-06-28 08:15:55 +12:00
Aldo Cortesi
b0ef9ad07b
Refactor certutils.SSLCert API.
2012-06-27 22:11:58 +12:00
Aldo Cortesi
f7fcb1c80b
Add certutils to netlib.
2012-06-27 16:42:00 +12:00
Aldo Cortesi
97071c0952
Merge branch 'master' of ssh.github.com:cortesi/netlib
2012-06-27 16:24:34 +12:00
Aldo Cortesi
5d4c7829bf
Minor refactoring.
2012-06-27 16:24:22 +12:00
Aldo Cortesi
d0fd8385e6
Fix termiantion error in file read.
2012-06-27 12:11:55 +12:00
Aldo Cortesi
abe335e57d
Add a flag to track SSL connection establishment.
2012-06-26 23:52:35 +12:00
Aldo Cortesi
658c9c0446
Hunt down a tricky WSGI socket hang.
2012-06-26 14:49:23 +12:00
Aldo Cortesi
ccf2603ddc
Add SNI.
2012-06-26 09:50:42 +12:00
Aldo Cortesi
ea457fac2e
Perform handshake immediately on SSL conversion.
...
Otherwise the handshake happens at first write, which can balls up if either
side hangs immediately.
2012-06-25 16:16:01 +12:00
Aldo Cortesi
353efec7ce
Improve TCPClient interface.
...
- Don't pass SSL parameters on instantiation.
- Add a convert_to_ssl method analogous to that in TCPServer.
2012-06-25 14:42:15 +12:00
Aldo Cortesi
47f862ae27
Add a finished flag to BaseHandler, and catch an extra OpenSSL exception.
2012-06-25 11:34:10 +12:00
Aldo Cortesi
f3237503a7
Don't connect during __init__ methods for either client or server.
...
This means we now need to do these things explicitly at the caller.
2012-06-25 11:23:04 +12:00
Aldo Cortesi
8f0754b9c4
SSL tests, plus some self-signed test certificates.
2012-06-25 11:00:39 +12:00
Aldo Cortesi
7d01d5c797
Don't read all from server by default.
...
This can cause us to hang waiting for data. More research is needed to
establish the right course of action here.
2012-06-24 23:13:09 +12:00
Aldo Cortesi
820ac5152e
WSGI SERVER_PORT should be a string.
2012-06-24 22:57:09 +12:00
Aldo Cortesi
5988b65419
Add and unit test http.read_response
2012-06-24 22:45:40 +12:00
Aldo Cortesi
0de765f360
Make read_headers return an ODictCaseless object.
2012-06-24 21:49:23 +12:00
Aldo Cortesi
171de05d8e
Add http_status.py
2012-06-23 18:34:51 +12:00
Aldo Cortesi
1263221ddd
100% testcoverage for netlib.http
2012-06-23 15:07:42 +12:00
Aldo Cortesi
5cf6aeb926
protocol.py -> http.py
2012-06-23 13:56:17 +12:00
Aldo Cortesi
227e72abf4
README, setup.py, version
2012-06-23 13:49:57 +12:00
Aldo Cortesi
b706200796
Drop default poll interval to 0.1s.
2012-06-20 11:01:40 +12:00
Aldo Cortesi
084be7684d
Close socket on shutdown.
2012-06-20 10:51:02 +12:00
Aldo Cortesi
ce1ef55456
Adapt WSGI, convert test suite to nose.
2012-06-19 14:23:22 +12:00
Aldo Cortesi
c7e9051cbb
Import wsgi.
2012-06-19 10:42:25 +12:00
Aldo Cortesi
b558997fd9
Initial checkin.
2012-06-19 09:42:32 +12:00