Commit Graph

295 Commits

Author SHA1 Message Date
Aldo Cortesi
3e96015e61 Add SetHeaders, analogous to ReplaceHooks, with a graphical editor in mitmproxy (H shortcut).
SetHeaders defines headers that are set on flows, based on a matching pattern.
Existing headers are over-ridden.
2012-08-18 23:41:04 +12:00
Aldo Cortesi
b70e91bbd4 Send tracebacks from content viewers to event log.
Also, 100% test coverage for content viewers.
2012-08-18 17:42:40 +12:00
Aldo Cortesi
e8553f966f Further simplifcation and testing of contentviews. 2012-08-18 17:29:29 +12:00
Aldo Cortesi
11c63dcb9f Huge cleanup of content viewers. 2012-08-18 17:08:17 +12:00
Sahn Lam
3189d144a5 Optional AMF decoding support
If PyAMF is installed, enable AMF decoding.
2012-08-17 18:45:26 -07:00
Aldo Cortesi
a66d018363 Fix unit tests after argparse conversion. 2012-08-18 10:27:31 +12:00
Aldo Cortesi
32ad26f8bf Add a size() method to flow.Request and flow.Response. 2012-08-04 13:18:05 +12:00
Aldo Cortesi
84bffad3fc Fix flow read unit test to accomodate more tolerant dumpfile parsing. 2012-07-24 15:30:52 +12:00
András Veres-Szentkirályi
1a26f8215d removed assigned but unread variables 2012-07-15 22:42:59 +02:00
András Veres-Szentkirályi
da496669c2 removed unused imports 2012-07-15 22:42:45 +02:00
Aldo Cortesi
e4079aa746 Add an ~a filter expression, matching an asset content type in responses.
Asset content types are Javascript, images, Flash and CSS. This is useful
because doing a quick "!~a" while auditing an app will filter out the majority
of the static asset cruft, letting you focus on what matters.
2012-07-14 16:55:21 +12:00
Aldo Cortesi
01b8b0d876 Refine semantics of replay_request method. 2012-07-10 23:29:33 +12:00
Aldo Cortesi
04d9ec8c3c Make WSGI apps work in transparent mode. 2012-07-10 15:53:53 +12:00
Aldo Cortesi
79af9e89c4 Test replay corner cases. Fix discovered bugs. 2012-07-09 11:18:03 +12:00
Aldo Cortesi
aab45078ad Unit test request replay thread.
This is a small patch, but is the culmination of lots of work: we can now unit
test the deep innards of mitmproxy, with coverage. There's a lot more to come
in this vein.
2012-07-09 11:03:55 +12:00
Aldo Cortesi
e49c920d16 Refator server tests to use flow.FlowMaster and flow.State 2012-07-09 10:58:28 +12:00
Aldo Cortesi
572e8a4962 Add streaming to FlowMaster 2012-07-09 10:18:37 +12:00
Aldo Cortesi
4b6fdc92dc Remove ODict tests. ODict is now in netlib. 2012-07-09 09:54:15 +12:00
Aldo Cortesi
d02bcade3a Add a domain match filter (~d regex) 2012-07-06 22:21:44 +12:00
Aldo Cortesi
aa708a2d28 Fix error when serializing reverted SSL flows. 2012-07-05 11:52:56 +12:00
Aldo Cortesi
90365e270e Catch and handle SSL connection errors. 2012-07-01 12:10:32 +12:00
Aldo Cortesi
d74a341e5d Beef up logging substantially. 2012-07-01 00:15:03 +12:00
Aldo Cortesi
f070e4523a Handle invalid data more gracefully.
Fixes #47
2012-06-30 15:59:42 +12:00
Aldo Cortesi
47651b1ff2 Serialization and de-serialization of new cert format. 2012-06-28 14:29:15 +12:00
Aldo Cortesi
35ee0c098f Remove certutils from mitmproxy. 2012-06-27 16:43:33 +12:00
Aldo Cortesi
8ccfb376f3 Remove -T and -U command-line options.
They're redundant convenience options, and we need more space.
2012-06-26 19:57:59 +12:00
Aldo Cortesi
874649f134 Adapt for API changes in netlib. 2012-06-23 14:06:34 +12:00
Aldo Cortesi
7cb242c168 Move wsgi to netlib. 2012-06-19 10:42:55 +12:00
Aldo Cortesi
1b1ccab8b7 Extract protocol and tcp server implementations into netlib. 2012-06-19 09:58:50 +12:00
Aldo Cortesi
7b9756f48e Refactor protocol.py to remove dependence on flow and utils. 2012-06-17 10:52:39 +12:00
Aldo Cortesi
aae8a9959c Pull out protocol components into protocol.py 2012-06-16 21:23:32 +12:00
Aldo Cortesi
d5a0099f49 Test suite and refactoring for netlib. 2012-06-16 16:22:51 +12:00
Aldo Cortesi
4e53f1ee90 Rename our tcpserver to netlib, expand to include client network functions. 2012-06-16 13:38:10 +12:00
Aldo Cortesi
c7952371b7 Fix a problem in ODictCaseless that could cause duplicate headers. 2012-06-15 17:40:08 +12:00
Aldo Cortesi
8ae3270807 Basic transparent mode. 2012-06-15 09:47:04 +12:00
Aldo Cortesi
a9495dc02f Refactor test suite to make room for transparent mode tests. 2012-06-15 09:20:10 +12:00
Aldo Cortesi
8a9352b3f7 First draft conversion of server to PyOpenSSL. 2012-06-13 18:16:47 +12:00
Aldo Cortesi
d032504b17 Fix an exception when replaying a flow with no response. 2012-06-10 17:10:43 +12:00
Aldo Cortesi
d60fa9918b Localise client connection object manipulation.
This simplifies the call signature for a bunch of functions.
2012-06-10 16:49:59 +12:00
Aldo Cortesi
6ba5f0f35b Add HTTP version to response objects.
Another change in the serialization format.
2012-06-10 13:27:43 +12:00
Aldo Cortesi
52779d9db9 Refactoring of proxy.py
- Correctly pass HTTP request version on to upstream servers
- Adjust tests not to hang due to a pathod response with no content-length
2012-06-10 13:17:18 +12:00
Aldo Cortesi
55ddf853cd Add HTTP version to flow.Request
This is a serialization format change, that makes us incompatible with previous
versions.
2012-06-10 10:46:22 +12:00
Aldo Cortesi
a3b47e0cb5 Consolidate HTTP major and minor versions into a single variable. 2012-06-10 10:31:04 +12:00
Aldo Cortesi
8254187bf3 Add proxy.should_connection_close, and strip out unused code. 2012-06-10 10:10:46 +12:00
Aldo Cortesi
18c1b44475 Reverse proxy testing. 2012-06-09 20:41:28 +12:00
Aldo Cortesi
05492baf8d Move from requests to human_curl.
It turns out that _none_ of the Python stdlib or anything that relies on it
supports CONNECT through a proxy. Beggars belief, but there you go.
2012-06-09 16:17:51 +12:00
Aldo Cortesi
22192d1a46 Nose mopup: docs, no cover pragmas, a few missing path specs. 2012-06-09 13:55:55 +12:00
Aldo Cortesi
b7b357528c Port mitmproxy test suite entirely to nose. 2012-06-09 13:42:43 +12:00
Aldo Cortesi
a63240a848 Move pathod service testing truss to nose. 2012-06-09 12:13:01 +12:00
Aldo Cortesi
e78b48ab20 Start conversion to nose.
RIP pry.
2012-06-09 10:57:00 +12:00
Aldo Cortesi
7a312546f3 Shift mitmproxy test suite over to pathod.
This opens a whole brave new world of testing for mitmproxy.
2012-06-08 10:00:16 +12:00
Aldo Cortesi
e9109812e1 Split parsing of intial line into separate protocols. 2012-06-03 06:04:57 -07:00
Aldo Cortesi
491f9bdcee Add unit tests for console/help.py 2012-06-03 01:11:07 -07:00
Aldo Cortesi
ee2950cd19 Fix a crashing bug when replacing text in a flow with unicode bodies. 2012-05-25 18:10:31 -07:00
Aldo Cortesi
0a90a3eaba Refuse to replay a request with missing content. 2012-05-16 18:24:32 +12:00
Aldo Cortesi
0c2d894cea Add the ability to flag content as missing in a request or a response.
We'll use this in a number of situations. First, we'll soon have response
streaming that directly pipes responses to clients. These will be content-less
from mitmproxy's perspective. Second, we'll be growing new events that fire
after headers are received, but before content is read.
2012-05-16 15:42:58 +12:00
Aldo Cortesi
116fcfcf7a Internal error page for WSGI.
Also, 100% test coverage.
2012-04-27 15:56:42 +12:00
Aldo Cortesi
c8d2b2594b Add a WSGI adapter that lets us serve a WSGI app out of mitmproxy.
This commit adds:
    - A WSGI App adapter for mitmproxy
    - An app registry in the proxy instance that lets us link WSGI apps with
    (hostname, port) combinations.
    - Fixes for a number of bugs discovered while creating this feature.
2012-04-24 14:52:29 +12:00
Aldo Cortesi
8c96264304 Serialized data version check. 2012-04-11 10:10:53 +12:00
Aldo Cortesi
4e2d19714c Add an "f" shortcut key to load full body contents. 2012-04-08 19:44:01 +12:00
Aldo Cortesi
a4f7728fad XML/HTML pretty view tweaks. 2012-04-07 22:15:31 +12:00
Aldo Cortesi
f1dc3f2ab2 Integrate lxml for pretty-printing HTML and XML.
Tackling the pretty-printing performance problem head-on, at the cost of a
major dependency.
2012-04-07 13:47:03 +12:00
Aldo Cortesi
ab0e10e60f Serialize requestcount for ClientConnect objects. 2012-04-03 22:37:24 +12:00
Aldo Cortesi
61fab03b24 Add a details page, available from a flow view with the 'X' shortcut
At the moment, this shows the upstream SSL certificate details. More
fine-grained detail that doesn't fit in the flow view itself will be added.
2012-04-03 11:10:25 +12:00
Aldo Cortesi
f526e5fa12 Minor unit test bump. 2012-04-03 09:52:26 +12:00
Aldo Cortesi
4979a22d3e Add accessor method for SSLCert object on Response. 2012-04-02 17:02:23 +12:00
Aldo Cortesi
ab1d8fa350 Expand SSL cert support
- Capture the remote SSL certificate
- Expose the remote cert as an attribute on Response
- Expand the certutils.SSLCert interface to expose more cert info
2012-04-02 16:21:23 +12:00
Aldo Cortesi
c02fdb2463 Refactor proxy.Server to fix a crash when replaying with -n 2012-04-02 13:24:51 +12:00
Aldo Cortesi
15cc09f1b8 Start rationalizing content views.
We now no longer have distinction between "pretty" view and hex/raw. Instead,
we simply a default AUTO view with a global override (M) and a local override
(m).
2012-04-02 10:30:35 +12:00
Aldo Cortesi
7fef0ecdf5 Make "T" pretty view over-ride persistent when switching between flows.
We do this by adding a flow settings mechanism to ConsoleState. This is pretty
rough at the moment and should become more sophisticated as needed.
2012-04-02 09:30:38 +12:00
Aldo Cortesi
e9ac4bef20 Add a variant of cleanBin that escapes newlines and tabs.
Use this to fix the hex display option.
2012-03-27 11:25:50 +13:00
Aldo Cortesi
a050eeef05 Add a pretty-viewer for images.
This shows basic image information like dimensions, plus extracted EXIF tags
and other metadata.
2012-03-26 11:26:02 +13:00
Aldo Cortesi
2240d2a6a5 Pretty view now indents Javascript.
Thanks to the JSBeautifier project, which is now included in the contrib directory.
2012-03-25 10:56:45 +13:00
Aldo Cortesi
74c51df580 Re-enable simple multipart form parsing and preview. 2012-03-25 10:10:48 +13:00
Aldo Cortesi
62e51018d0 Refactor pretty view mechanism.
Also start adding unit tests for this subsystem.
2012-03-24 14:20:24 +13:00
Aldo Cortesi
ed74ed24a0 Add error indications to GridEditor. 2012-03-23 13:28:33 +13:00
Aldo Cortesi
2739cb4861 Add a simple parser for content type specifications. 2012-03-20 10:31:07 +13:00
Aldo Cortesi
5690e7c399 Generalize GridEditor to N columns.
Start adding a replacement rule editor.
2012-03-18 14:39:21 +13:00
Aldo Cortesi
76175672ad Add specification of replacement patterns on the command line. 2012-03-17 17:20:34 +13:00
Aldo Cortesi
c8ae1e85b3 Hooks -> ReplaceHooks
It makes more sense to specialize this, which will let me build a nicer
interface for replacement hooks in mitmproxy.
2012-03-17 11:31:05 +13:00
Aldo Cortesi
08f410cacc Add a hooks mechanism, based on filter expressions. 2012-03-16 17:13:11 +13:00
Aldo Cortesi
d138af7217 replace() methods now decode and re-encode contents before substitution. 2012-03-16 11:24:18 +13:00
Aldo Cortesi
d51b8cab0c Add a decoded context manager.
This simplifies a common chore when modifying traffic - decoding the object,
modifying it, then re-encoding it with the same encoding afterwards. You can
now simply say:

with flow.decoded(request):
    request.content = "bar"
2012-03-16 11:12:56 +13:00
Aldo Cortesi
fa6305ee98 Cleanliness fixes.
- Remove unused code during previous commit.
- Code coverage fixes.
2012-03-12 11:25:50 +13:00
Aldo Cortesi
d3aad7a185 Merge remote-tracking branch 'taiste/server-replay-pop' 2012-03-10 13:36:50 +13:00
Valtteri Virtanen
041eafba73 Added tests for ServerPlaybackState with nopop 2012-03-05 13:57:57 +02:00
Valtteri Virtanen
5b5b79f5c4 Fixed old tests 2012-03-05 13:40:18 +02:00
Aldo Cortesi
e1356dd2b6 Create an SSL certificate class. 2012-03-05 10:22:47 +13:00
András Veres-Szentkirályi
15ad7704d2 Removed imports left unused after Py{OpenSSL,ASN1}
Commits 533f61f67a and
8b841bc9e3 left some imports unused while
swithing to PyOpenSSL and PyASN1 -- this commit removes these imports.
2012-03-01 16:20:34 +01:00
Aldo Cortesi
533f61f67a Use PyOpenSSL and PyASN1 for certificate parsing.
Yes, these are two more major dependencies for mitmproxy, but if we're going to
do all the cool things I want to do with SSL certs, there is no other way.
2012-03-01 21:08:44 +13:00
Aldo Cortesi
8b841bc9e3 Factor out cert operations in to certutils.py. 2012-02-29 13:20:53 +13:00
Aldo Cortesi
688faa9baa Repair unit tests. 2012-02-27 20:34:47 +13:00
Aldo Cortesi
764724748b Fix cert generation harder. 2012-02-27 15:59:29 +13:00
Aldo Cortesi
2ba8296843 Better certificate parsing. 2012-02-27 15:21:05 +13:00
Aldo Cortesi
00942c1431 Add upstream certificate lookup.
This initiates a connection to the server to obtain certificate information to
generate interception certificates. At the moment, the information used is the
Common Name, and the list of Subject Alternative Names.
2012-02-27 15:05:45 +13:00
Aldo Cortesi
986a41d180 Unit test++. 2012-02-25 12:19:54 +13:00
Aldo Cortesi
25fa596cd6 Fix detection of URL-encoded forms.
Thanks to Paul Capestany <capestany@gmail.com> for reporting this.
2012-02-24 13:03:24 +13:00
Aldo Cortesi
ddc9155c24 Make "~q" filter work more intuitively.
It now matches any flow that has no response.
2012-02-23 17:06:09 +13:00
Aldo Cortesi
2df9c52c09 Refactor filter matching. 2012-02-23 17:03:58 +13:00
Aldo Cortesi
dbd75e02f7 Create ODictCaseless for headers, use vanilla ODict for everything else. 2012-02-20 11:29:36 +13:00