Commit Graph

386 Commits

Author SHA1 Message Date
Maximilian Hils
b917b61e6a be more explicit about requirements 2014-11-11 12:28:08 +01:00
Aldo Cortesi
956149c126 --memo-limit - limit failed attempts to find new generated requests to N 2014-10-26 18:16:47 +13:00
Aldo Cortesi
bd1f7ebb5c Improve netability of grammars 2014-10-26 16:27:25 +13:00
Aldo Cortesi
974bd9d0f9 Resolve a quoting ambiguity in nested response specs 2014-10-26 12:56:28 +13:00
Aldo Cortesi
fc1fc80469 Allow nesting of pathod response specs in pathoc specs
This opens the door to really neat, repeatable, client-side driven
fuzzing, especially of proxies.
2014-10-26 10:50:32 +13:00
Aldo Cortesi
c00ae41486 Add a memoize argument to prevent playing the same pattern twice
Also remove addition of Date header, which makes this non-deterministic
2014-10-25 19:50:48 +13:00
Aldo Cortesi
fc4f9a1c7a pathoc -n 0 repeats forever 2014-10-25 17:58:59 +13:00
Aldo Cortesi
609d6eab30 Make grammar less ambiguous for multi-pattern files 2014-10-25 17:27:08 +13:00
Aldo Cortesi
ac4e9f8cb5 Rationalize pathoc arguments, add -r flag to randomly select a request from the provided specs 2014-10-25 16:43:01 +13:00
Aldo Cortesi
384abbfdd5 Nicer port specification for pathoc 2014-10-25 16:34:19 +13:00
Aldo Cortesi
6d8431ab3e Allow specification of multiple patterns from file and on command line 2014-10-25 16:20:23 +13:00
Aldo Cortesi
d4e6c25d45 Update pyparsing 2014-10-25 15:37:57 +13:00
Aldo Cortesi
00d0ee5ad5 Parse patterns eagerly on instantiation 2014-10-25 15:30:54 +13:00
Aldo Cortesi
d6ee532711 Whitespace and formatting 2014-10-25 14:24:05 +13:00
Aldo Cortesi
5aadf92767 Nicer way to specify patterns read for file - just use a path 2014-10-25 08:18:39 +13:00
Aldo Cortesi
3de68da3ad Add forgotten import. Oops. 2014-10-24 17:21:28 +13:00
Aldo Cortesi
c6c0509836 Strictly separate argument parsing from main loops 2014-10-24 17:19:55 +13:00
Aldo Cortesi
cd481fdd14 Refactor and whitespace 2014-10-24 17:12:54 +13:00
Aldo Cortesi
962a414327 Fix tests, re-add scripts 2014-10-24 14:01:34 +13:00
Maximilian Hils
60e3e0b898 fix pathod 2014-10-09 03:35:39 +02:00
Maximilian Hils
14c9ba1af6 adjust to netlib changes 2014-10-08 20:48:16 +02:00
Maximilian Hils
d4bd2101b5 increment version 2014-09-28 03:14:59 +02:00
Aldo Cortesi
14d7beee13 Merge pull request #16 from mitmproxy/dist
improve distribution
2014-09-08 20:40:36 +12:00
Aldo Cortesi
211b0dfe1f Merge pull request #18 from mitmproxy/mitm_issue_341
adapt pathod to netlib changes
2014-09-07 13:05:35 +12:00
Aldo Cortesi
c198406b12 Silence insecure requets warnings in our test package 2014-09-07 11:38:44 +12:00
Maximilian Hils
6114f07f76 adapt pathod to netlib changes 2014-09-06 01:23:07 +02:00
Maximilian Hils
658a56a1ac use setuptools entrypoints rather than scripts 2014-08-31 02:09:04 +02:00
Maximilian Hils
534c66644f only require the minor version of netlib to match 2014-08-19 15:29:37 +02:00
Maximilian Hils
a0c8b20b7d adjust to netlib api changes 2014-07-21 14:08:09 +02:00
Aldo Cortesi
9cc83ed9a8 Also dump SANs for pathoc -S 2014-03-07 15:21:34 +13:00
Aldo Cortesi
e54bf1a804 Adjust for upstream cert store changes, improve cert handling significantly 2014-03-05 15:03:31 +13:00
Aldo Cortesi
944f213ebc Add connection cipher info to pathod server log 2014-03-02 22:10:49 +13:00
Aldo Cortesi
602e400ccc Use new get_current_cipher to show cipher in pathoc SSL output 2014-03-02 21:54:30 +13:00
Aldo Cortesi
53334e437c pathoc -S dumps information on the remote SSL certificate chain 2014-03-02 19:04:56 +13:00
Aldo Cortesi
0177eb899a Support cert/key combo files in args. Improve argument names in SSLOptions 2014-03-02 15:56:36 +13:00
Aldo Cortesi
234d326080 Implement custom certs. 2014-03-02 15:13:56 +13:00
Aldo Cortesi
091e539a02 Big improvements to SSL handling
- pathod now dynamically generates SSL certs, using the ~/.mitmproxy
cacert
- pathoc returns data on SSL peer certificates
- Pathod certificate CN can be specified on command line
- Support SSLv23
2014-03-02 13:45:35 +13:00
Aldo Cortesi
a1d0da2b53 Expand SSL support
- Cipher suite selection for both pathoc and pathod
- SSL version specification for pathod
- Expose SSLv23 as an option, and use it by default
2014-02-27 18:33:48 +13:00
Maximilian Hils
0c04abb6e4 fix pathod main script 2014-02-08 22:42:27 +01:00
Aldo Cortesi
0baa296613 Merge branch 'tcp_proxy' 2014-02-07 10:50:57 +13:00
Maximilian Hils
b64e1ccf91 adjust for netlib.tcp.Address changes 2014-01-30 20:06:33 +01:00
Maximilian Hils
b994fb5a27 adjust to signature changes in netlib.tcp 2014-01-28 19:28:20 +01:00
Maximilian Hils
1b566869de Merge branch 'master' into tcp_proxy 2014-01-28 17:44:55 +01:00
Aldo Cortesi
dc6d573d39 Adjust docs for inclusion of content-length header by default. 2014-01-28 15:31:30 +13:00
Aldo Cortesi
26d6b189fc Pyflakes cleanup, adjust requirements.txt 2014-01-19 18:20:01 +13:00
Aldo Cortesi
25ed5537da Bump version. 2014-01-19 16:03:51 +13:00
Maximilian Hils
f83508d4bf Merge branch 'master' into tcp_proxy 2014-01-09 18:06:12 +01:00
Maximilian Hils
d31b7daf6c change method signature 2014-01-09 18:04:04 +01:00
Aldo Cortesi
a9f8dcf755 Merge pull request #11 from mitmproxy/refactor_read_http_body
always return Content-Length: 0 if r is not set
2014-01-04 14:48:12 -08:00
Aldo Cortesi
467ef0c02a Merge branch 'master' of ssh.github.com:mitmproxy/pathod 2013-12-17 14:32:56 +13:00
Aldo Cortesi
8229c3884f Ability to specify SSL/TLS version 2013-12-17 14:32:41 +13:00
Maximilian Hils
e0d376381e fix windows compatibility 2013-12-16 04:47:29 +01:00
Maximilian Hils
210e0c891e Merge branch 'master' into refactor_read_http_body 2013-12-16 03:59:52 +01:00
Maximilian Hils
7049becdfe always return Content-Length: 0 if r is not set 2013-12-15 06:42:58 +01:00
Aldo Cortesi
c4e6d7aea6 Merge branch 'master' of ssh.github.com:mitmproxy/pathod 2013-08-25 10:46:11 +12:00
Aldo Cortesi
d285508994 Fix download link. 2013-08-25 10:45:16 +12:00
Aldo Cortesi
a424eff309 Version bump and changelog. 2013-08-25 10:34:14 +12:00
Maximilian Hils
42aede6181 ensure binary read on windows 2013-08-19 19:21:47 +02:00
Aldo Cortesi
19c55361c8 Adapt to new cert storage API. 2013-08-12 16:05:07 +12:00
Aldo Cortesi
3defe0cbb1 Bump version. 2013-06-16 15:31:25 +12:00
Maximilian Hils
0382b809ea always read files in binary mode 2013-06-16 00:30:13 +02:00
Aldo Cortesi
9e7f08acea Download path, version flags for both tools. 2013-05-15 18:56:05 +12:00
Aldo Cortesi
c65ab6961d Layout and docs. 2013-05-15 08:47:19 +12:00
Aldo Cortesi
5eeb52183a Adapt for new request_client_cert option in netlib. 2013-05-13 09:03:48 +12:00
Aldo Cortesi
3217fcad14 Doc layout refactoring. 2013-05-02 09:11:16 +12:00
Aldo Cortesi
0504bcfd96 Changelog, minor cleanups. 2013-04-30 09:32:11 +12:00
Aldo Cortesi
beb47eba51 Sync version number with mitmproxy. 2013-03-05 09:11:19 +13:00
Aldo Cortesi
110a8bb594 Print pathod craft explanations to stdout. 2013-03-03 16:33:50 +13:00
Aldo Cortesi
155710f991 Improve robustness of proxy CONNECT, test coverage to 100%. 2013-03-02 16:57:00 +13:00
Aldo Cortesi
9167b9b8b6 Make pathoc request return more human-friendly. 2013-02-27 09:07:16 +13:00
Aldo Cortesi
25656f4889 Adapt for new netlib SNI API. 2013-02-27 09:05:05 +13:00
Aldo Cortesi
ba0caff2dc Wrap webapp in a creation function.
This lets us spawn multiple instances of Pathod.
2013-02-24 19:42:40 +13:00
Aldo Cortesi
69339836c2 Adapt to netlib API changes. 2013-02-24 15:36:35 +13:00
Aldo Cortesi
9c9e15341f Make last_log return None if nothing is logged. 2013-02-23 21:46:01 +13:00
Aldo Cortesi
5288848d03 Adjust docs, old -C is now -I. 2013-01-21 09:36:20 +13:00
Aldo Cortesi
9bd269c26a Add support for client certificates
- pathod request logs now include a clientcert member with details on the
client cert, or None if there wasn't one.
- pathoc has a -C option to specify a client certificate
2013-01-20 22:37:43 +13:00
Aldo Cortesi
369b55b094 Docs - pathoc and pathod proxy behaviour 2013-01-05 20:46:31 +13:00
Aldo Cortesi
ed7ef84557 Implement and unit test not-after-connect option. 2013-01-05 20:36:06 +13:00
Aldo Cortesi
5493925ea0 CONNECT through proxy mode for pathoc
Also, use this to unit test the pathod CONNECT implementation.
2013-01-05 20:29:46 +13:00
Aldo Cortesi
c744ef2dcb Proxy mode: drop to SSL if we see an HTTP CONNECT request 2013-01-05 17:15:42 +13:00
Aldo Cortesi
1e932e7045 Collect SSL options into an SSLOptions object
Also split SSL cert specifications from SSL service mode - we can now enter SSL
service mode through a proxy CONNECT request as well.
2013-01-05 16:48:49 +13:00
Aldo Cortesi
3886ccae93 Provisional proxy mode support for pathod. 2013-01-05 15:25:09 +13:00
Aldo Cortesi
d7f641c6ee Shift SSL parameters into Pathoc class 2013-01-04 10:37:26 +13:00
Aldo Cortesi
b07ab253b7 Require requests > 1.0.4
This changes the API slightly, since json is now a method, not a property.
2012-12-31 12:23:42 +13:00
Aldo Cortesi
b11260f064 Expand basic fuzzing example. 2012-11-16 15:00:15 +13:00
Aldo Cortesi
5fb31f9162 Add :u shortcut example.
Update trove specifiers, netlib dependency.
2012-11-16 14:51:31 +13:00
Aldo Cortesi
af698b2fda :u belongs on Request not Response 2012-11-16 14:41:02 +13:00
Aldo Cortesi
ef9cbe3b25 Add u User-agent shortcut.
Usage:
    200:ua       - Shortcut "a" for Android.
    200:u"foo"   - Or a value literal

Shortcuts can be listed using the --show-uas argument to pathoc.
2012-11-16 13:46:42 +13:00
Aldo Cortesi
5d18830f71 Fix typo. 2012-11-02 14:36:19 +13:00
Aldo Cortesi
791252ac5e Examples and documentation. 2012-11-02 14:22:54 +13:00
Aldo Cortesi
27d90a3594 Bump version, update CHANGELOG 2012-10-31 12:37:11 +13:00
Aldo Cortesi
3f50930dc0 Use .freeze to implement the -e explain flags for pathod and pathoc.
This now prints (in pathoc) or logs (in pathod) a frozen specification that
includes an expanded record of all generated values and locations.
2012-10-31 11:34:58 +13:00
Aldo Cortesi
8c6cc8140c Fix generated values in request path specification. 2012-10-31 09:48:55 +13:00
Aldo Cortesi
0c9cfb3f38 Add a .freeze() method to all components.
This expands and freezes all randomly generated values. The message returned
can be queried for a precise spec to reproduce the message.
2012-10-31 09:32:21 +13:00
Aldo Cortesi
f8df0a1e75 Add a .values method to messages, simplify a lot of stuff as a consequence. 2012-10-30 16:08:36 +13:00
Aldo Cortesi
a09584b9e6 Make Message classes more self-contained. 2012-10-30 15:22:53 +13:00
Aldo Cortesi
b2deb470de Extract .serve() method from message classes. 2012-10-30 14:46:18 +13:00
Aldo Cortesi
677f0e0580 Change preview_safe to return a safe copy of the current message. 2012-10-30 13:36:32 +13:00
Aldo Cortesi
a1f782b543 Simplify Request/Response class hierarchy. 2012-10-30 13:28:22 +13:00
Aldo Cortesi
3e0cd6442a Add .spec methods for Request and Response objects. 2012-10-29 17:33:10 +13:00
Aldo Cortesi
747eafd107 Add a .spec method to the token ABC, and to all tokens. 2012-10-29 16:31:35 +13:00
Aldo Cortesi
8741600ce7 Refactoring: canonical storage of a message is now the sequence of tokens that defines it.
We use a set of accessor properties to ease access to tokens. We can now ditch
the .accept() methods.
2012-10-29 15:16:44 +13:00
Aldo Cortesi
882969086c Cleaup, some more ABCs. 2012-10-29 10:19:58 +13:00
Aldo Cortesi
61f8992fbf Change response spec format to code[:features]
Reason message is now specified as just another feature with the "m" mnemonic.
2012-10-28 22:18:06 +13:00
Aldo Cortesi
07560ffe30 Cleaup, ABC for Value classes. 2012-10-28 22:00:19 +13:00
Aldo Cortesi
35f37626a9 Clean up .accept() signature. 2012-10-28 17:39:58 +13:00
Aldo Cortesi
7d74f75f6d Split Code and Reason into separate _Component objects. 2012-10-28 17:07:16 +13:00
Aldo Cortesi
e9af434c2b .body and .method to lazy generator instantiation.
Also introduce a _Component ABC.
2012-10-28 14:15:29 +13:00
Aldo Cortesi
9d42a06c92 Move message body to new lazy-generator scheme. 2012-10-28 12:56:08 +13:00
Aldo Cortesi
f54ed69a35 Adjust serve() API. 2012-10-28 09:06:55 +13:00
Aldo Cortesi
ac5aacce44 Remove check argument to serve() methods.
Refactoring means we can now do this without a callback.

Also introduce the maximum_length method that estimates the max possible
message length.
2012-10-27 17:40:22 +13:00
Aldo Cortesi
06864e5a1b Major refactoring towars separate representation of expressions and request/response service. 2012-10-27 14:00:50 +13:00
Aldo Cortesi
6174e46023 Unit test suite love: 100% coverage
Also start figuring out how to sanitize binary data in the JSON API.
2012-10-25 10:59:18 +13:00
Aldo Cortesi
173b5c596e Start moving policy checks to service-time, rather than parse-time. 2012-10-25 09:45:55 +13:00
Aldo Cortesi
c684f7417d Extend Action and Value classes
- Values now know how to print their own specs
- Actions now know how to print their own specs
- Actions have a resolve_offset method that resolves relative and random offsets.
2012-10-24 11:32:53 +13:00
Aldo Cortesi
e83392bfc8 Start making Action objects more sophisticated. 2012-10-05 11:23:30 +13:00
Aldo Cortesi
495daf2b64 Remove actions log and explain, preparing for a more sophisticated take on this. 2012-10-05 11:14:17 +13:00
Aldo Cortesi
f5d5cc4988 rparse.py -> language.py 2012-10-05 10:30:32 +13:00
Aldo Cortesi
d3e1f8a014 Stub out documentation changes 2012-10-04 12:17:35 +13:00
Aldo Cortesi
41f1c66772 Add -q and -r flags to pathod, logging request and respnose bytes.
- These flags also mean that a bytes log is included in the internal log
buffer.
- There's an -x flag to turn on hex dump output in the text logs (does
not affect the log buffer).
2012-10-01 12:48:26 +13:00
Aldo Cortesi
915bcfbd30 Add timeout argument to Pathod, and matching -t command-line option. 2012-10-01 12:01:02 +13:00
Aldo Cortesi
8bb81be2b0 Add pathoc -T to ignore timeouts.
Also move -c to -C for consistency.
2012-09-28 11:38:49 +12:00
Aldo Cortesi
65108ed429 Add pathoc -o, oneshot mode, exits after the first non-ignored response. 2012-09-27 10:56:06 +12:00
Aldo Cortesi
7209a75201 Add pathoc -c to specify a list of return codes to ignore. 2012-09-27 09:44:25 +12:00
Aldo Cortesi
10a19fc4da Refactor print_requests -> print_request
- Change to handle one request at a time
- Shift error handling around
2012-09-26 14:25:39 +12:00
Aldo Cortesi
424d15c28b Expand the docs to explain pathoc multiple requests. 2012-09-26 11:21:40 +12:00
Aldo Cortesi
b67d99638a Response printing
Options to output full response, as sniffed from the socket.
2012-09-26 11:07:22 +12:00
Aldo Cortesi
a69d602087 Hex and verbatim output of requests.
This works by sniffing traffic through the socket, so always gives us the exact
traffic sent upstream.
2012-09-26 10:38:47 +12:00
Aldo Cortesi
0a5d4fbbbb Stub out new output argument structure. 2012-09-26 10:12:30 +12:00
Aldo Cortesi
0dd250d4f8 Fix utils.get_header case handling. 2012-09-24 10:08:18 +12:00
Aldo Cortesi
9db2bcabad Auto-generate download links. 2012-08-25 11:30:55 +12:00
Aldo Cortesi
d36cf63112 Bump for minor release. 2012-08-25 11:26:18 +12:00
Aldo Cortesi
2f7188164c Download page, MANIFEST.in 2012-08-23 12:54:58 +12:00
Aldo Cortesi
b78a3817cd Adjust examples and docs. 2012-08-23 12:37:02 +12:00
Aldo Cortesi
d758409b76 Make sure date stamps are added to all logs. 2012-08-23 12:00:16 +12:00
Aldo Cortesi
95968ad558 Don't allow negative integer offsets for now. 2012-08-17 10:08:02 +12:00
Aldo Cortesi
13cb0cab90 Tweak front page: correct public pathod URL, more illustrative examples. 2012-08-16 22:29:14 +12:00
Aldo Cortesi
51d10f53c1 Add Cache-Control directives to static pages. 2012-08-11 17:06:51 +12:00
Aldo Cortesi
8d26db4931 Docs. 2012-08-07 23:19:48 +12:00
Aldo Cortesi
158106d346 Doc tweaks. 2012-07-30 21:12:42 +12:00
Aldo Cortesi
fde65270af Testing examples and docs. 2012-07-30 20:58:59 +12:00
Aldo Cortesi
e52a37ffa9 Cleanup of libpathod.test, test example for front page. 2012-07-30 17:29:36 +12:00
Aldo Cortesi
e26aac1d3c 100% test coverage. 2012-07-30 13:52:40 +12:00
Aldo Cortesi
43314c77c8 Handle invalid headers better. 2012-07-30 12:53:41 +12:00
Aldo Cortesi
5b08703fa8 Handle disconnects on flush. 2012-07-30 12:02:42 +12:00
Aldo Cortesi
b1ac4245c8 docs: pathod 2012-07-30 00:14:34 +12:00
Aldo Cortesi
bc1cfd9f75 Docs. 2012-07-29 22:26:31 +12:00
Aldo Cortesi
d7db6757b2 Listen on localhost by default. 2012-07-29 17:29:38 +12:00
Aldo Cortesi
c21639deab Tweak about page to be less po-faced. 2012-07-29 16:46:24 +12:00
Aldo Cortesi
08b95f6aa1 Refactor preview display pages. 2012-07-29 16:33:45 +12:00