Maximilian Hils
4bd15a28b7
fix #28
2014-03-10 17:43:39 +01:00
Aldo Cortesi
f5cc63d653
Certificate flags
2014-03-10 17:29:27 +13:00
Aldo Cortesi
2a12aa3c47
Support Ephemeral Diffie-Hellman
2014-03-07 16:38:50 +13:00
Aldo Cortesi
0c3bc1cff2
Much more sophisticated certificate store
...
- Handle wildcard lookup
- Handle lookup of SANs
- Provide hooks for registering override certs and keys for specific
domains (including wildcard specifications)
2014-03-05 13:19:16 +13:00
Aldo Cortesi
7c82418e0b
Beef up CertStore, add DH params.
2014-03-04 14:12:58 +13:00
Aldo Cortesi
d56f7fba80
We now require PyOpenSSL >= 0.14
2014-03-02 22:14:33 +13:00
Aldo Cortesi
cfaa3da25c
Use PyOpenSSL's underlying ffi interface to get current cipher for connections.
2014-03-02 21:37:28 +13:00
Aldo Cortesi
1acaf1c880
Re-add state operations to ODict.
2014-03-02 16:54:21 +13:00
Aldo Cortesi
e381c03668
Cleanups, tests, and no-cover directives for code sections we can't test.
2014-03-02 16:47:10 +13:00
Aldo Cortesi
7788391903
Minor improvement to CertStore interface
2014-03-02 13:50:19 +13:00
Aldo Cortesi
3443bae94e
Cipher suite selection for client connections, improved error handling
2014-02-27 18:35:16 +13:00
Aldo Cortesi
3d52d16e8d
Merge branch 'tcp_proxy'
2014-02-07 10:50:23 +13:00
Maximilian Hils
7fc544bc7f
adjust netlib.wsgi to reflect changes in mitmproxys flow format
2014-02-05 21:34:14 +01:00
Maximilian Hils
763cb90b66
add tcp.Address to unify ipv4/ipv6 address handling
2014-01-28 17:26:35 +01:00
Maximilian Hils
9759ec7c29
move test requirements out of main requirements.txt
2014-01-28 02:57:46 +01:00
Maximilian Hils
cebec67e08
refactor read_http_body
2013-12-15 06:43:54 +01:00
Maximilian Hils
0187d92ec0
test tcpclient.source_address, increase coverage
2013-12-14 00:19:24 +01:00
Maximilian Hils
f2e8efdf15
merge smurfix/ipv6, add ipv6 support for TCPServer, add ipv6 test
2013-12-13 15:04:38 +01:00
Aldo Cortesi
4840c6b3bf
Fix race condition in test suite.
2013-12-08 15:26:30 +13:00
Maximilian Hils
bae2b6ea36
fix AuthAction tests failures from last merge
2013-12-08 02:24:00 +01:00
Aldo Cortesi
7213f86d49
Unit test auth actions.
2013-12-08 13:35:42 +13:00
Aldo Cortesi
d05c20d8fa
Domain checks for persistent cert store is now irrelevant.
...
We no longer store these on disk, so we don't care about path
components.
2013-12-08 13:15:08 +13:00
Aldo Cortesi
75745cb0af
Zap stray print in tests.
2013-12-08 13:04:27 +13:00
Aldo Cortesi
98a580cf69
Merge pull request #19 from rouli/ciphersuites
...
adding cipher list selection option to BaseHandler
2013-12-07 15:51:44 -08:00
Maximilian Hils
643602c066
Merge branch 'fix_windows_bugs' into fix_invalid_tcp_close
2013-11-19 05:03:10 +01:00
Maximilian Hils
5e4ccbd7ed
attempt to fix #24
2013-11-19 04:11:24 +01:00
Israel Nir
d5b3e397e1
adding cipher list selection option to BaseHandler
2013-08-21 13:42:30 +03:00
Maximilian Hils
28a0030c1e
compatibility fixes for windows
2013-08-19 19:41:20 +02:00
Aldo Cortesi
62edceee09
Revamp dummy cert generation.
...
We no longer use on-disk storage - we just keep the certs in memory.
2013-08-12 16:03:29 +12:00
Aldo Cortesi
00cf889837
Merge pull request #15 from mhils/fix_binary_rw
...
always read files in binary mode
2013-06-15 15:35:36 -07:00
Maximilian Hils
c9ab1c60b5
always read files in binary mode
2013-06-16 00:28:21 +02:00
Maximilian Hils
f02c04d9d8
add test case for invalid characters in cert commonnames
2013-06-14 20:46:14 +02:00
Aldo Cortesi
7f0aa415e1
Add a request_client_cert argument to server SSL conversion.
...
By default, we now do not request the client cert. We're supposed to be able to
do this with no negative effects - if the client has no cert to present, we're
notified and proceed as usual. Unfortunately, Android seems to have a bug
(tested on 4.2.2) - when an Android client is asked to present a certificate it
does not have, it hangs up, which is frankly bogus. Some time down the track
we may be able to make the proper behaviour the default again, but until then
we're conservative.
2013-05-13 08:48:21 +12:00
Aldo Cortesi
9c13224353
Fix exception hierarchy.
2013-05-05 13:49:20 +12:00
Aldo Cortesi
a94d17970e
Sync version number with mitmproxy.
2013-03-05 09:09:52 +13:00
Aldo Cortesi
5f0ad7b2a6
Ensure that HTTP methods are ASCII.
2013-03-03 22:13:23 +13:00
Aldo Cortesi
5a050bb6b2
Tighten up checks on port ranges and path character sets.
2013-03-03 21:39:15 +13:00
Aldo Cortesi
b21a7da142
parse_url: Handle invalid IPv6 addresses
2013-03-03 15:12:58 +13:00
Aldo Cortesi
7b9300743e
More parse_url solidification: check that port is in range 0-65535
2013-03-03 15:08:17 +13:00
Aldo Cortesi
cd4ed8530f
Check that hosts in parse_url do not contain NULL bytes.
2013-03-03 15:03:57 +13:00
Aldo Cortesi
2897ddfbee
Stricter error checking for http.parse_url
2013-03-03 14:52:06 +13:00
Aldo Cortesi
1fe1a802ad
100% test coverage.
2013-03-03 12:16:09 +13:00
Aldo Cortesi
0acab862a6
Integrate HTTP auth, test to 100%
2013-03-03 10:37:28 +13:00
Aldo Cortesi
0fa6351965
ODict.keys
2013-02-28 09:28:48 +13:00
Aldo Cortesi
97e11a219f
Housekeeping and cleanup, some minor argument name changes.
2013-02-24 15:36:15 +13:00
Aldo Cortesi
c6f9a2d74d
More accurate description of an HTTP read error, make pyflakes happy.
2013-02-24 11:08:43 +13:00
Aldo Cortesi
7d18535665
100% test coverage
2013-01-27 19:21:18 +13:00
Aldo Cortesi
7433dfceae
Bump unit tests, fix two serious wee buglets discovered.
2013-01-26 21:29:45 +13:00
Aldo Cortesi
e5b125eec8
Introduce the mock module to improve unit tests.
...
There are a few socket corner-cases that are incredibly hard to reproduce in a
unit test suite, so we use mock to trigger the exceptions instead.
2013-01-26 21:19:35 +13:00
Aldo Cortesi
cc4867064b
Streamline netlib.test API
2013-01-25 16:03:59 +13:00