Commit Graph

625 Commits

Author SHA1 Message Date
Maximilian Hils
0ca0469d6e Merge pull request #110 from snemes/master
Added getter/setter for TCPClient source_address
2016-01-17 20:09:33 +01:00
Sandor Nemes
d12e256749 Merge branch 'master' into master 2016-01-13 15:05:29 +01:00
Thomas Kriechbaumer
e1e2f7464e Merge pull request #112 from mitmproxy/update-cryptography
upgrade cryptography dependency for new wheels
2016-01-13 13:10:23 +01:00
Thomas Kriechbaumer
9e2d050bb3 upgrade cryptography dependency for new wheels 2016-01-13 12:05:38 +01:00
Sandor Nemes
b8e8c4d682 Simplified setting the source_address in the TCPClient constructor 2016-01-11 08:10:36 +01:00
Maximilian Hils
46428412d6 Merge pull request #111 from felixonmars/master
Allow cryptography 1.2.*
2016-01-10 18:20:41 +01:00
Felix Yan
739806bfe2 Allow cryptography 1.2.* 2016-01-11 00:37:43 +08:00
Sandor Nemes
4bb9f3d35b Added getter/setter for TCPClient source_address 2016-01-08 18:04:47 +01:00
Maximilian Hils
d1e6b5366c bump version 2015-12-25 16:00:50 +01:00
Maximilian Hils
c10b614f70 update ssl_match_hostname dependency, refs #868 2015-12-25 15:56:26 +01:00
Maximilian Hils
71834421bb bump version 2015-12-03 18:13:24 +01:00
Maximilian Hils
4718f36379 use version specifiers compatible with old setuptools releases 2015-12-03 17:56:57 +01:00
Maximilian Hils
9f224f7dbd add 3.5 compat classifiers 2015-11-29 19:06:54 +01:00
Maximilian Hils
7cb57e206f README: mkd -> rst
pypi only renders reStructuredText.
2015-11-29 19:04:19 +01:00
Maximilian Hils
4d17ddba38 Merge pull request #105 from bltb/master
Allow empty HTTP header value.
2015-11-17 11:19:33 +01:00
Benjamin Lee
52c02bc930 Add test for empty header field value. 2015-11-17 06:51:22 +11:00
Benjamin Lee
cf1889e157 WIP. Add breaking test. 2015-11-17 06:46:48 +11:00
Benjamin Lee
c1385c9a17 Fix to ignore empty header value.
According to Augmented BNF in the following RFCs

http://tools.ietf.org/html/rfc5234#section-3.6

http://www.w3.org/Protocols/rfc2616/rfc2616-sec2.html#sec2.1

        field-value    = *( field-content | LWS )

http://tools.ietf.org/html/rfc7230#section-3.2

        field-value    = *( field-content / obs-fold )

... the HTTP message header `field-value` is allowed to be empty.
2015-11-17 04:51:20 +11:00
Maximilian Hils
0df7e27c3b Merge pull request #103 from scone/master
Utils port to 3.4 keeping py2 compatibility
2015-11-14 22:15:24 -08:00
Sam Cleveland
ce02874e2a Fixing test_wsgi to remove py.test warnings
Renamed TestApp class to ExampleApp to prevent py.test from trying to
collect it as a test.
2015-11-14 13:42:43 -06:00
Maximilian Hils
5916260849 be more conservative about dependency versions 2015-11-13 20:00:54 +01:00
Sam Cleveland
2bd7bcb371 Porting to Python 3.4
Updated wsgi to support Python 3.4 byte strings.
Updated test_wsgi to remove py.test warning for TestApp having an
__init__ constructor.

samc$ sudo py.test netlib/test/test_wsgi.py -r w
= test session starts =
platform darwin -- Python 3.4.1, pytest-2.8.2, py-1.4.30, pluggy-0.3.1
rootdir: /Users/samc/src/python/netlib, inifile:
collected 6 items

netlib/test/test_wsgi.py ......

= 6 passed in 0.20 seconds =
2015-11-11 20:27:10 -06:00
Sam Cleveland
6689a342ae Porting to Python 3.4
Fixed byte string formatting for hexdump.

= test session starts =
platform darwin -- Python 3.4.1, pytest-2.8.2, py-1.4.30, pluggy-0.3.1
rootdir: /Users/samc/src/python/netlib, inifile:
collected 11 items

netlib/test/test_utils.py ...........

= 11 passed in 0.23 seconds =
2015-11-11 19:53:51 -06:00
Sam Cleveland
2d48f12332 Revert "Porting netlib to python3.4"
This reverts commit 8237183485.
2015-11-11 19:41:42 -06:00
Sam Cleveland
8237183485 Porting netlib to python3.4
Updated utils.py using 2to3-3.4
Updated hexdump to use .format() with .encode() to support python 3.4
Python 3.5 supports .format() on bytes objects, but 3.4 is the current
default on Ubuntu.

samc$ py.test netlib/test/test_utils.py
= test session starts =
platform darwin -- Python 3.4.1, pytest-2.8.2, py-1.4.30, pluggy-0.3.1
rootdir: /Users/samc/src/python/netlib, inifile:
collected 11 items

netlib/test/test_utils.py ...........

= 11 passed in 0.19 seconds =
2015-11-11 11:32:02 -06:00
Aldo Cortesi
9cab9ee5d6 Bump version for next release cycle 2015-11-07 09:30:49 +13:00
Aldo Cortesi
41e91dae00 Add CONTRIBUTORS 2015-11-06 14:08:38 +13:00
Aldo Cortesi
3e2eb3fef1 Bump version 2015-11-06 13:51:15 +13:00
Maximilian Hils
810c2f2414 Merge remote-tracking branch 'origin/hostname-validation' 2015-11-04 21:33:32 +01:00
Maximilian Hils
9d12425d5e Set default cert expiry to <39 months
This sould fix mitmproxy/mitmproxy#815
2015-11-04 11:28:02 +01:00
Maximilian Hils
9d36f8e43f minor fixes 2015-11-01 18:20:00 +01:00
Maximilian Hils
5af9df326a fix certificate verification
This commit fixes netlib's optional (turned off by default)
certificate verification, which previously did not validate the
cert's host name. As it turns out, verifying the connection's host
name on an intercepting proxy is not really straightforward - if
we receive a connection in transparent mode without SNI, we have no
clue which hosts the client intends to connect to. There are two
basic approaches to solve this problem:

 1. Exactly mirror the host names presented by the server in the
    spoofed certificate presented to the client.
 2. Require the client to send the TLS Server Name Indication
    extension. While this does not work with older clients,
    we can validate the hostname on the proxy.

Approach 1 is problematic in mitmproxy's use case, as we may want
to deliberately divert connections without the client's knowledge.
As a consequence, we opt for approach 2. While mitmproxy does now
require a SNI value to be sent by the client if certificate
verification is turned on, we retain our ability to present
certificates to the client which are accepted with a maximum
likelihood.
2015-11-01 18:15:30 +01:00
Maximilian Hils
b4eb4eab92 adjust test certificate generation 2015-11-01 17:48:34 +01:00
Maximilian Hils
267837f441 add test certificate generator 2015-10-16 18:12:36 +02:00
Maximilian Hils
2e1f7ecd55 fix tests 2015-09-28 14:04:25 +02:00
Maximilian Hils
67229fbdf7 Merge branch 'http-models' 2015-09-28 13:53:59 +02:00
Maximilian Hils
5261bcdf4b properly adjust tests for 87566da3ba 2015-09-28 11:46:18 +02:00
Maximilian Hils
87566da3ba fix mitmproxy/mitmproxy#784 2015-09-28 11:18:00 +02:00
Maximilian Hils
23d13e4c12 test response model, push coverage to 100% branch cov 2015-09-27 00:49:41 +02:00
Maximilian Hils
466888b01a improve request tests, coverage++ 2015-09-26 20:07:11 +02:00
Maximilian Hils
49ea8fc0eb refactor response model 2015-09-26 17:39:50 +02:00
Maximilian Hils
106f7046d3 refactor request model 2015-09-26 00:39:04 +02:00
Maximilian Hils
45f2ea33b2 minor fixes 2015-09-25 18:24:18 +02:00
Maximilian Hils
c7b8322500 also accept bytes as arguments 2015-09-22 01:56:09 +02:00
Maximilian Hils
f937522773 Headers: return str on all Python versions 2015-09-22 01:48:35 +02:00
Maximilian Hils
9fbeac50ce revert websocket changes from 73586b1b
The DEFAULT construct is very weird,
but with None we apparently break pathod
in some difficult-to-debug ways.
Revisit once we do more here.
2015-09-21 22:49:39 +02:00
Thomas Kriechbaumer
21579f0add Merge pull request #98 from Kriechi/master
backport changes
2015-09-21 18:51:44 +02:00
Thomas Kriechbaumer
e9fe45f3f4 backport changes 2015-09-21 18:45:49 +02:00
Maximilian Hils
1ff8f294b4 minor encoding fixes 2015-09-21 18:34:43 +02:00
Maximilian Hils
9dea36e439 remove nose references 2015-09-21 01:22:05 +02:00