Commit Graph

211 Commits

Author SHA1 Message Date
Thomas Kriechbaumer
161bc2cfaa cleanup code with autoflake
run the following command:
  $ autoflake -r -i --remove-all-unused-imports --remove-unused-variables .
2015-05-27 11:25:33 +02:00
Thomas Kriechbaumer
e3d390e036 cleanup code with autopep8
run the following command:
  $ autopep8 -i -r -a -a .
2015-05-27 11:19:11 +02:00
Thomas Kriechbaumer
041ca5c499 update TLS defaults: signature hash and DH params
* SHA1 is deprecated (use SHA256)
* increase RSA key to 2048 bits
* increase DH params to 4096 bits (LogJam attack)
2015-05-27 10:53:57 +02:00
Thomas Kriechbaumer
4ce6f43616 implement basic HTTP/2 frame classes 2015-05-26 17:59:29 +02:00
Aldo Cortesi
dabb356c15 Zap a left-over test 2015-05-05 10:52:50 +12:00
Aldo Cortesi
f2bc58cdd2 Add tcp.Reader.safe_read, use it in socks and websockets
safe_read is guaranteed to raise or return a byte string of the
requested length. It's particularly useful for implementing binary
protocols.
2015-05-05 10:47:02 +12:00
Aldo Cortesi
7d9e38ffb1 websockets: A progressive masker. 2015-05-01 10:09:35 +12:00
Aldo Cortesi
4dce7ee074 websockets: more compact and legible human_readable 2015-04-30 12:10:08 +12:00
Aldo Cortesi
8086022920 Add a tiny utility class for keeping bi-directional mappings.
Use it in websocket and socks.
2015-04-30 09:04:22 +12:00
Aldo Cortesi
b7a2fc8553 testing: http read_request corner case 2015-04-30 08:41:13 +12:00
Aldo Cortesi
18df329930 websockets: nicer frame construction
- Resolve unspecified values on instantiation
- Add a check for masking key length
- Smarter resolution for masking_key and mask values. Do the right thing unless told not to.
2015-04-24 15:42:31 +12:00
Aldo Cortesi
192fd1db7f websockets: include all header values in frame roundtrip 2015-04-24 15:31:14 +12:00
Aldo Cortesi
def93ea8ca websockets: remove validation
We don't really need this any more. The interface is much less error prone
because bit flags are no longer integers, we have a range check on opcode on
header instantiation, and we've deferred length code calculation and so forth
into the byte render methods.
2015-04-24 15:23:00 +12:00
Aldo Cortesi
f22bc0b4c7 websocket: interface refactoring
- Separate out FrameHeader. We need to deal with this separately in many circumstances.
- Simpler equality scheme.
- Bits are now specified by truthiness - we don't care about the integer value.
This means lots of validation is not needed any more.
2015-04-24 15:09:21 +12:00
Aldo Cortesi
3519871f34 websockets: refactor to avoid rundantly specifying payloads and payload lengths 2015-04-24 09:21:04 +12:00
Aldo Cortesi
bdd52fead3 websockets: extract frame header creation into a function 2015-04-24 08:47:09 +12:00
Aldo Cortesi
42a87a1d8b websockets: handshake checks only take headers 2015-04-23 08:23:51 +12:00
Aldo Cortesi
176e29fc09 websockets: constants, variable names, refactoring 2015-04-21 23:13:42 +12:00
Aldo Cortesi
1b509d5aea Whitespace, interface simplification
- safe_tobytes doesn't buy us much
- move masking key generation inline
2015-04-21 22:51:01 +12:00
Aldo Cortesi
3e0a71ea34 websockets: refactor to use http and header functions in http.py 2015-04-21 22:39:45 +12:00
Aldo Cortesi
e5f1264838 Whitespace, indentation, nounce -> nonce 2015-04-21 13:39:00 +12:00
Aldo Cortesi
7d83e388aa Whitespace, pep8, mixed indentation 2015-04-21 11:19:00 +12:00
Aldo Cortesi
dd7ea896f2 Return a named tuple from read_response 2015-04-21 11:11:16 +12:00
Aldo Cortesi
2c660d7633 Migrate requeset reading from mitmproxy to netlib 2015-04-21 11:05:12 +12:00
Chandler Abraham
2c9079b518 whitespace 2015-04-19 22:22:15 -07:00
Chandler Abraham
4ea1ccb638 fixing test coverage, adding to_file/from_file reader writes to match socks.py 2015-04-19 22:18:30 -07:00
Aldo Cortesi
74389ef04a Websockets: reorganise
- websockets.py to top-level
- implementations into test suite
2015-04-20 09:38:09 +12:00
Aldo Cortesi
7defb5be86 websockets: more whitespace, WebSocketFrame -> Frame 2015-04-17 14:29:20 +12:00
Aldo Cortesi
3bbafa24bd Merge pull request #54 from Chandler/websockets
Netlib WebSockets take 1
2015-04-17 13:46:51 +12:00
Aldo Cortesi
0c85c72dc4 ODict improvements
- Setting values now tries to preserve the existing order, rather than
just appending to the end.
- __repr__ now returns  a repr of the tuple list. The old repr becomes a
.format() method. This is clearer, makes troubleshooting easier, and
doesn't assume all data in ODicts are header-like
2015-04-15 10:28:17 +12:00
Aldo Cortesi
d739882bf2 Add an .extend method for ODicts 2015-04-14 13:50:57 +12:00
Aldo Cortesi
6db5e0a4a1 Remove old-style set-cookie cruft, unit tests to 100% 2015-04-14 10:13:03 +12:00
Aldo Cortesi
de9e741125 Firm up cookie parsing and formatting API
Make a tough call: we won't support old-style comma-separated set-cookie
headers. Real world testing has shown that the latest rfc (6265) is
often violated in ways that make the parsing problem indeterminate.
Since this is much more common than the old style deprecated set-cookie
variant, we focus on the most useful case.
2015-04-14 10:02:10 +12:00
Chandler Abraham
2d72a1b6b5 100% test coverage, though still need plenty more 2015-04-13 13:36:09 -07:00
Chandler Abraham
0ed2a29063 whitespace 2015-04-11 17:28:52 -07:00
Chandler Abraham
f131f9b855 handshake tests, serialization test 2015-04-11 17:26:59 -07:00
Aldo Cortesi
1a79ef8b6c Merge branch 'master' of https://github.com/mitmproxy/netlib 2015-04-12 11:32:27 +12:00
Aldo Cortesi
2630da7263 cookies: Cater for special values, fix some bugs found in real-world testing 2015-04-12 11:30:35 +12:00
Aldo Cortesi
73ce169e3d Initial outline of a cookie parsing and serialization module. 2015-04-12 10:26:09 +12:00
Chandler Abraham
0edc04814e small cleanups, working on tests 2015-04-11 11:35:15 -07:00
Chandler Abraham
e41e5cbfdd netlib websockets 2015-04-10 18:37:41 -07:00
Maximilian Hils
7f7ccd3a18 100% test coverage 2015-04-09 00:57:37 +02:00
Maximilian Hils
dbadc1b613 clean up cert handling, fix mitmproxy/mitmproxy#472 2015-03-07 01:22:02 +01:00
Maximilian Hils
24a3dd59fe try harder to fix race condition in tests 2015-02-27 22:34:36 +01:00
Maximilian Hils
d71f3b68fd make tests more robust, fix coveralls 2015-02-27 22:27:23 +01:00
Maximilian Hils
da1eb94ccd 100% test coverage 🎉 2015-02-27 22:02:52 +01:00
Maximilian Hils
63fb433690 fix #53 2015-02-27 20:40:17 +01:00
Maximilian Hils
60584387ff be more explicit about requirements 2014-11-11 12:26:20 +01:00
Aldo Cortesi
396fb1943a Merge branch 'merge' 2014-11-11 14:02:56 +13:00
Aldo Cortesi
3b468849e6 Update pathod version number in requirements 2014-11-11 14:02:13 +13:00
Aldo Cortesi
9ce2f473f6 Simplify expected_http_body_size signature, fixing a traceback found in fuzzing 2014-11-07 15:59:00 +13:00
Maximilian Hils
74a5600190 fix tests 2014-10-23 15:31:42 +02:00
Maximilian Hils
9ef84ccc1c clean up code 2014-10-09 00:15:39 +02:00
Maximilian Hils
fdb6f5552d CertStore: add support for cert chains 2014-10-08 20:46:30 +02:00
Aldo Cortesi
414a0a1602 Adjust for state object protocol changes in mitmproxy. 2014-09-17 11:47:07 +12:00
Aldo Cortesi
63c1efd394 Remove avoidable imports from OpenSSL
Fixes #38
2014-09-09 10:08:56 +12:00
Maximilian Hils
3d489f3bb7 adapt netlib.wsgi to changes in mitmproxy/mitmproxy#341 2014-09-03 17:15:50 +02:00
Maximilian Hils
f93cd6a335 always use with statement to open files 2014-08-16 18:35:58 +02:00
Maximilian Hils
6d1b601ddf minor cleanups 2014-08-16 15:53:07 +02:00
Maximilian Hils
1c1167eda0 use passlib instead of md5crypt 2014-08-16 15:28:09 +02:00
Maximilian Hils
254a686235 Merge branch 'master' into stream
Conflicts:
	netlib/http.py
2014-07-21 14:02:56 +02:00
Maximilian Hils
6bd5df79f8 refactor response length handling 2014-07-21 14:01:24 +02:00
Maximilian Hils
cba927885e fix tests 2014-07-18 23:08:29 +02:00
Maximilian Hils
a7837846a2 temporarily replace DNTree with a simpler cert lookup mechanism, fix mitmproxy/mitmproxy#295 2014-07-18 22:55:25 +02:00
Brad Peabody
280d9b8625 added some additional functions for dealing with chunks - needed for mitmproxy streaming capability 2014-07-17 22:34:29 -07:00
Maximilian Hils
55c2133b69 add test case for mitmproxy/mitmproxy#295 2014-07-17 01:47:24 +02:00
Brad Peabody
273c25a705 added option for read_response to only read the headers, beginnings of implementing streamed result in mitmproxy 2014-07-12 22:42:06 -07:00
Maximilian Hils
dfabe165d4 socks: 100% test coverage 2014-06-25 21:45:45 +02:00
Maximilian Hils
896e1a5524 fix overly restrictive tests 2014-06-25 21:31:10 +02:00
Maximilian Hils
e69133f98c remove ntop windows workaround 2014-06-25 21:16:47 +02:00
Maximilian Hils
6405595ae8 socks module: polish, add tests 2014-06-25 20:31:28 +02:00
Maximilian Hils
dc3d3e5f0a add inet_ntop/inet_pton functions 2014-06-25 20:31:10 +02:00
Maximilian Hils
4bd15a28b7 fix #28 2014-03-10 17:43:39 +01:00
Aldo Cortesi
f5cc63d653 Certificate flags 2014-03-10 17:29:27 +13:00
Aldo Cortesi
2a12aa3c47 Support Ephemeral Diffie-Hellman 2014-03-07 16:38:50 +13:00
Aldo Cortesi
0c3bc1cff2 Much more sophisticated certificate store
- Handle wildcard lookup
- Handle lookup of SANs
- Provide hooks for registering override certs and keys for specific
domains (including wildcard specifications)
2014-03-05 13:19:16 +13:00
Aldo Cortesi
7c82418e0b Beef up CertStore, add DH params. 2014-03-04 14:12:58 +13:00
Aldo Cortesi
d56f7fba80 We now require PyOpenSSL >= 0.14 2014-03-02 22:14:33 +13:00
Aldo Cortesi
cfaa3da25c Use PyOpenSSL's underlying ffi interface to get current cipher for connections. 2014-03-02 21:37:28 +13:00
Aldo Cortesi
1acaf1c880 Re-add state operations to ODict. 2014-03-02 16:54:21 +13:00
Aldo Cortesi
e381c03668 Cleanups, tests, and no-cover directives for code sections we can't test. 2014-03-02 16:47:10 +13:00
Aldo Cortesi
7788391903 Minor improvement to CertStore interface 2014-03-02 13:50:19 +13:00
Aldo Cortesi
3443bae94e Cipher suite selection for client connections, improved error handling 2014-02-27 18:35:16 +13:00
Aldo Cortesi
3d52d16e8d Merge branch 'tcp_proxy' 2014-02-07 10:50:23 +13:00
Maximilian Hils
7fc544bc7f adjust netlib.wsgi to reflect changes in mitmproxys flow format 2014-02-05 21:34:14 +01:00
Maximilian Hils
763cb90b66 add tcp.Address to unify ipv4/ipv6 address handling 2014-01-28 17:26:35 +01:00
Maximilian Hils
9759ec7c29 move test requirements out of main requirements.txt 2014-01-28 02:57:46 +01:00
Maximilian Hils
cebec67e08 refactor read_http_body 2013-12-15 06:43:54 +01:00
Maximilian Hils
0187d92ec0 test tcpclient.source_address, increase coverage 2013-12-14 00:19:24 +01:00
Maximilian Hils
f2e8efdf15 merge smurfix/ipv6, add ipv6 support for TCPServer, add ipv6 test 2013-12-13 15:04:38 +01:00
Aldo Cortesi
4840c6b3bf Fix race condition in test suite. 2013-12-08 15:26:30 +13:00
Maximilian Hils
bae2b6ea36 fix AuthAction tests failures from last merge 2013-12-08 02:24:00 +01:00
Aldo Cortesi
7213f86d49 Unit test auth actions. 2013-12-08 13:35:42 +13:00
Aldo Cortesi
d05c20d8fa Domain checks for persistent cert store is now irrelevant.
We no longer store these on disk, so we don't care about path
components.
2013-12-08 13:15:08 +13:00
Aldo Cortesi
75745cb0af Zap stray print in tests. 2013-12-08 13:04:27 +13:00
Aldo Cortesi
98a580cf69 Merge pull request #19 from rouli/ciphersuites
adding cipher list selection option to BaseHandler
2013-12-07 15:51:44 -08:00
Maximilian Hils
643602c066 Merge branch 'fix_windows_bugs' into fix_invalid_tcp_close 2013-11-19 05:03:10 +01:00
Maximilian Hils
5e4ccbd7ed attempt to fix #24 2013-11-19 04:11:24 +01:00
Israel Nir
d5b3e397e1 adding cipher list selection option to BaseHandler 2013-08-21 13:42:30 +03:00
Maximilian Hils
28a0030c1e compatibility fixes for windows 2013-08-19 19:41:20 +02:00