Commit Graph

249 Commits

Author SHA1 Message Date
Aldo Cortesi
e54bf1a804 Adjust for upstream cert store changes, improve cert handling significantly 2014-03-05 15:03:31 +13:00
Aldo Cortesi
944f213ebc Add connection cipher info to pathod server log 2014-03-02 22:10:49 +13:00
Aldo Cortesi
53334e437c pathoc -S dumps information on the remote SSL certificate chain 2014-03-02 19:04:56 +13:00
Aldo Cortesi
0177eb899a Support cert/key combo files in args. Improve argument names in SSLOptions 2014-03-02 15:56:36 +13:00
Aldo Cortesi
234d326080 Implement custom certs. 2014-03-02 15:13:56 +13:00
Aldo Cortesi
091e539a02 Big improvements to SSL handling
- pathod now dynamically generates SSL certs, using the ~/.mitmproxy
cacert
- pathoc returns data on SSL peer certificates
- Pathod certificate CN can be specified on command line
- Support SSLv23
2014-03-02 13:45:35 +13:00
Maximilian Hils
b994fb5a27 adjust to signature changes in netlib.tcp 2014-01-28 19:28:20 +01:00
Maximilian Hils
ea894282f3 move test requirements out of main requirements.txt 2014-01-28 03:21:59 +01:00
Aldo Cortesi
a9f8dcf755 Merge pull request #11 from mitmproxy/refactor_read_http_body
always return Content-Length: 0 if r is not set
2014-01-04 14:48:12 -08:00
Maximilian Hils
e0d376381e fix windows compatibility 2013-12-16 04:47:29 +01:00
Maximilian Hils
7049becdfe always return Content-Length: 0 if r is not set 2013-12-15 06:42:58 +01:00
Maximilian Hils
0382b809ea always read files in binary mode 2013-06-16 00:30:13 +02:00
Aldo Cortesi
5eeb52183a Adapt for new request_client_cert option in netlib. 2013-05-13 09:03:48 +12:00
Aldo Cortesi
0504bcfd96 Changelog, minor cleanups. 2013-04-30 09:32:11 +12:00
Aldo Cortesi
110a8bb594 Print pathod craft explanations to stdout. 2013-03-03 16:33:50 +13:00
Aldo Cortesi
155710f991 Improve robustness of proxy CONNECT, test coverage to 100%. 2013-03-02 16:57:00 +13:00
Aldo Cortesi
9167b9b8b6 Make pathoc request return more human-friendly. 2013-02-27 09:07:16 +13:00
Aldo Cortesi
69339836c2 Adapt to netlib API changes. 2013-02-24 15:36:35 +13:00
Aldo Cortesi
9c9e15341f Make last_log return None if nothing is logged. 2013-02-23 21:46:01 +13:00
Aldo Cortesi
9bd269c26a Add support for client certificates
- pathod request logs now include a clientcert member with details on the
client cert, or None if there wasn't one.
- pathoc has a -C option to specify a client certificate
2013-01-20 22:37:43 +13:00
Aldo Cortesi
ed7ef84557 Implement and unit test not-after-connect option. 2013-01-05 20:36:06 +13:00
Aldo Cortesi
5493925ea0 CONNECT through proxy mode for pathoc
Also, use this to unit test the pathod CONNECT implementation.
2013-01-05 20:29:46 +13:00
Aldo Cortesi
c744ef2dcb Proxy mode: drop to SSL if we see an HTTP CONNECT request 2013-01-05 17:15:42 +13:00
Aldo Cortesi
3886ccae93 Provisional proxy mode support for pathod. 2013-01-05 15:25:09 +13:00
Aldo Cortesi
d7f641c6ee Shift SSL parameters into Pathoc class 2013-01-04 10:37:26 +13:00
Aldo Cortesi
781592d6c0 Fix timeout test. 2012-11-18 09:34:15 +13:00
Aldo Cortesi
e40482576c Add disconnect specifiers to test suite.
Fixes hangs seen in test suite with recent versions of requetss.
2012-11-18 09:04:49 +13:00
Aldo Cortesi
af698b2fda :u belongs on Request not Response 2012-11-16 14:41:02 +13:00
Aldo Cortesi
ef9cbe3b25 Add u User-agent shortcut.
Usage:
    200:ua       - Shortcut "a" for Android.
    200:u"foo"   - Or a value literal

Shortcuts can be listed using the --show-uas argument to pathoc.
2012-11-16 13:46:42 +13:00
Aldo Cortesi
3f50930dc0 Use .freeze to implement the -e explain flags for pathod and pathoc.
This now prints (in pathoc) or logs (in pathod) a frozen specification that
includes an expanded record of all generated values and locations.
2012-10-31 11:34:58 +13:00
Aldo Cortesi
8c6cc8140c Fix generated values in request path specification. 2012-10-31 09:48:55 +13:00
Aldo Cortesi
0c9cfb3f38 Add a .freeze() method to all components.
This expands and freezes all randomly generated values. The message returned
can be queried for a precise spec to reproduce the message.
2012-10-31 09:32:21 +13:00
Aldo Cortesi
f8df0a1e75 Add a .values method to messages, simplify a lot of stuff as a consequence. 2012-10-30 16:08:36 +13:00
Aldo Cortesi
a09584b9e6 Make Message classes more self-contained. 2012-10-30 15:22:53 +13:00
Aldo Cortesi
b2deb470de Extract .serve() method from message classes. 2012-10-30 14:46:18 +13:00
Aldo Cortesi
677f0e0580 Change preview_safe to return a safe copy of the current message. 2012-10-30 13:36:32 +13:00
Aldo Cortesi
a1f782b543 Simplify Request/Response class hierarchy. 2012-10-30 13:28:22 +13:00
Aldo Cortesi
3e0cd6442a Add .spec methods for Request and Response objects. 2012-10-29 17:33:10 +13:00
Aldo Cortesi
747eafd107 Add a .spec method to the token ABC, and to all tokens. 2012-10-29 16:31:35 +13:00
Aldo Cortesi
8741600ce7 Refactoring: canonical storage of a message is now the sequence of tokens that defines it.
We use a set of accessor properties to ease access to tokens. We can now ditch
the .accept() methods.
2012-10-29 15:16:44 +13:00
Aldo Cortesi
882969086c Cleaup, some more ABCs. 2012-10-29 10:19:58 +13:00
Aldo Cortesi
61f8992fbf Change response spec format to code[:features]
Reason message is now specified as just another feature with the "m" mnemonic.
2012-10-28 22:18:06 +13:00
Aldo Cortesi
07560ffe30 Cleaup, ABC for Value classes. 2012-10-28 22:00:19 +13:00
Aldo Cortesi
35f37626a9 Clean up .accept() signature. 2012-10-28 17:39:58 +13:00
Aldo Cortesi
7d74f75f6d Split Code and Reason into separate _Component objects. 2012-10-28 17:07:16 +13:00
Aldo Cortesi
e9af434c2b .body and .method to lazy generator instantiation.
Also introduce a _Component ABC.
2012-10-28 14:15:29 +13:00
Aldo Cortesi
9d42a06c92 Move message body to new lazy-generator scheme. 2012-10-28 12:56:08 +13:00
Aldo Cortesi
f54ed69a35 Adjust serve() API. 2012-10-28 09:06:55 +13:00
Aldo Cortesi
ac5aacce44 Remove check argument to serve() methods.
Refactoring means we can now do this without a callback.

Also introduce the maximum_length method that estimates the max possible
message length.
2012-10-27 17:40:22 +13:00
Aldo Cortesi
06864e5a1b Major refactoring towars separate representation of expressions and request/response service. 2012-10-27 14:00:50 +13:00
Aldo Cortesi
6174e46023 Unit test suite love: 100% coverage
Also start figuring out how to sanitize binary data in the JSON API.
2012-10-25 10:59:18 +13:00
Aldo Cortesi
173b5c596e Start moving policy checks to service-time, rather than parse-time. 2012-10-25 09:45:55 +13:00
Aldo Cortesi
c684f7417d Extend Action and Value classes
- Values now know how to print their own specs
- Actions now know how to print their own specs
- Actions have a resolve_offset method that resolves relative and random offsets.
2012-10-24 11:32:53 +13:00
Aldo Cortesi
e83392bfc8 Start making Action objects more sophisticated. 2012-10-05 11:23:30 +13:00
Aldo Cortesi
495daf2b64 Remove actions log and explain, preparing for a more sophisticated take on this. 2012-10-05 11:14:17 +13:00
Aldo Cortesi
f5d5cc4988 rparse.py -> language.py 2012-10-05 10:30:32 +13:00
Aldo Cortesi
41f1c66772 Add -q and -r flags to pathod, logging request and respnose bytes.
- These flags also mean that a bytes log is included in the internal log
buffer.
- There's an -x flag to turn on hex dump output in the text logs (does
not affect the log buffer).
2012-10-01 12:48:26 +13:00
Aldo Cortesi
915bcfbd30 Add timeout argument to Pathod, and matching -t command-line option. 2012-10-01 12:01:02 +13:00
Aldo Cortesi
8bb81be2b0 Add pathoc -T to ignore timeouts.
Also move -c to -C for consistency.
2012-09-28 11:38:49 +12:00
Aldo Cortesi
7209a75201 Add pathoc -c to specify a list of return codes to ignore. 2012-09-27 09:44:25 +12:00
Aldo Cortesi
10a19fc4da Refactor print_requests -> print_request
- Change to handle one request at a time
- Shift error handling around
2012-09-26 14:25:39 +12:00
Aldo Cortesi
b67d99638a Response printing
Options to output full response, as sniffed from the socket.
2012-09-26 11:07:22 +12:00
Aldo Cortesi
a69d602087 Hex and verbatim output of requests.
This works by sniffing traffic through the socket, so always gives us the exact
traffic sent upstream.
2012-09-26 10:38:47 +12:00
Aldo Cortesi
0a5d4fbbbb Stub out new output argument structure. 2012-09-26 10:12:30 +12:00
Aldo Cortesi
2f7188164c Download page, MANIFEST.in 2012-08-23 12:54:58 +12:00
Aldo Cortesi
fde65270af Testing examples and docs. 2012-07-30 20:58:59 +12:00
Aldo Cortesi
e52a37ffa9 Cleanup of libpathod.test, test example for front page. 2012-07-30 17:29:36 +12:00
Aldo Cortesi
e26aac1d3c 100% test coverage. 2012-07-30 13:52:40 +12:00
Aldo Cortesi
3e158211a8 Add a --nohang flag that turns off pauses in response generation. 2012-07-26 20:01:51 +12:00
Aldo Cortesi
eb43291b3c Note that pauses are skipped during previews. 2012-07-25 12:49:22 +12:00
Aldo Cortesi
24f69419df Unit test about page. 2012-07-25 12:39:51 +12:00
Aldo Cortesi
e7e6a60246 Nicer error for empty preview spec submission. 2012-07-25 10:55:00 +12:00
Aldo Cortesi
59f408dcf4 Refine parse error message a bit. 2012-07-25 10:44:21 +12:00
Aldo Cortesi
8cfbc2f80e Refactor test.py, add unit tests for app.py corner case. 2012-07-25 10:34:57 +12:00
Aldo Cortesi
e1df7f47a6 Sizing and placeholder for preview forms. 2012-07-25 10:24:09 +12:00
Aldo Cortesi
7dab85e8b1 Handle file access denied errors in previews. 2012-07-25 00:18:23 +12:00
Aldo Cortesi
64ef0a4561 Swap the offset, seconds arguments for the pause operator.
This makes it uniform with the other operators.s
2012-07-24 23:57:18 +12:00
Aldo Cortesi
cb09488dc8 Make actions at end of message work. 2012-07-24 23:49:58 +12:00
Aldo Cortesi
ab59d6dccf Add preview for pathoc requests to web app. 2012-07-24 23:13:04 +12:00
Aldo Cortesi
6c565e778f Make previews safer by stripping pauses. 2012-07-24 22:38:48 +12:00
Aldo Cortesi
94b491bb27 Add a Host header to pathoc requests by default. 2012-07-24 21:38:28 +12:00
Aldo Cortesi
a9e60fa3e6 Add a Date header to server responses, unless raw is set. 2012-07-24 12:46:14 +12:00
Aldo Cortesi
dbed251fb9 Add a raw modifier to requests and responses, which turn off automatic additions.
For now, this just turns off adding a Content-Length header when a body is specified.
2012-07-24 12:18:14 +12:00
Aldo Cortesi
622a2b5607 Add a --noweb option to turn web iface off, refactor unit tests. 2012-07-23 19:55:33 +12:00
Aldo Cortesi
eba485f5eb 100% unit test coverage 2012-07-23 19:25:57 +12:00
Aldo Cortesi
763e1ff786 pathod.py unit tests++ 2012-07-23 17:53:17 +12:00
Aldo Cortesi
1d1098687c 100% test coverage for pathoc.py 2012-07-23 17:42:44 +12:00
Aldo Cortesi
2880fee4e3 Escape unprintable content in preview. 2012-07-23 16:39:25 +12:00
Aldo Cortesi
e354974787 100% test coverage for app.py 2012-07-23 16:28:34 +12:00
Aldo Cortesi
773ada882d Unit tests for most of app.py, return 404 for unknown log entry. 2012-07-23 16:18:47 +12:00
Aldo Cortesi
5283bb2507 Refactor rparse.InternalResponse -> rparse.PathodErrorResponse 2012-07-23 15:11:40 +12:00
Aldo Cortesi
1c45f5b05c Use policy hook to apply a size limit in pathod, add corresponding cmdline arg. 2012-07-23 15:03:56 +12:00
Aldo Cortesi
c7b5faf7db Add hooks for policy checks of served data. 2012-07-23 14:37:00 +12:00
Aldo Cortesi
204a556aa7 Add function for effective length calculation when actions are present. 2012-07-23 10:47:33 +12:00
Aldo Cortesi
96db3557ce Constrain file access to configured directory in pathod. 2012-07-22 23:46:56 +12:00
Aldo Cortesi
1b03fd6780 Allow execution of specs from file, using +./path 2012-07-22 23:37:46 +12:00
Aldo Cortesi
817e550aa1 Multiline specifications for pathod and pathoc. 2012-07-22 15:26:05 +12:00
Aldo Cortesi
1e93e42883 Escape special characters in first line error log. 2012-07-22 12:40:27 +12:00
Aldo Cortesi
8d8ede7e26 Handle invalid content length headers. 2012-07-22 12:30:10 +12:00
Aldo Cortesi
7a49cdfef3 More robust response handling. 2012-07-21 20:50:41 +12:00
Aldo Cortesi
86fe199988 pathoc: add a flag to dump request information. 2012-07-21 20:20:37 +12:00
Aldo Cortesi
5577d85ce6 Use injection to test a corner case in pathod daemon. 2012-07-21 14:14:31 +12:00
Aldo Cortesi
8ec44c6277 Allow Python string escape sequences in value literals. 2012-07-21 14:12:45 +12:00
Aldo Cortesi
8e0c01ae39 Fine-tuning for injection: docs, bugfixes. 2012-07-20 23:47:34 +12:00
Aldo Cortesi
d7841898e3 Add an injection operator. 2012-07-20 23:36:39 +12:00
Aldo Cortesi
21ef35fd28 Much simpler rewrite of inner data sending loop.
We don't have to do the asynchronous code contortion anymore.
2012-07-20 20:14:35 +12:00
Aldo Cortesi
03f4dcc02b Extend test suite to cover SSL. Log SSL connection errors. 2012-07-20 13:21:33 +12:00
Aldo Cortesi
76f0c3ea78 Handle invalid first line errors, add an error log buffer type. 2012-07-20 11:40:37 +12:00
Aldo Cortesi
2cb55ee0f5 Factor out request printing in to a method, and test it. 2012-06-30 10:51:13 +12:00
Aldo Cortesi
1b42f5ab1f Allow naked literals for path specification. 2012-06-29 10:42:15 +12:00
Aldo Cortesi
8f148b6b14 Split pathod and pathoc daemon test suites out. 2012-06-26 17:28:07 +12:00
Aldo Cortesi
33be5a72bf Fixed the WSGI server hang in netlib, remove fudge. 2012-06-26 14:49:40 +12:00
Aldo Cortesi
90c6fb394d Sketch out pathoc commandline interaction. 2012-06-24 21:10:10 +12:00
Aldo Cortesi
8bec99f858 Request service rendering. 2012-06-24 19:12:52 +12:00
Aldo Cortesi
2ac84be7cb Add Path specification to request parser. 2012-06-24 18:38:22 +12:00
Aldo Cortesi
f8622ea914 Simple request spec parsing. 2012-06-24 17:47:55 +12:00
Aldo Cortesi
75f06d56cd Request method parsing. 2012-06-24 17:23:37 +12:00
Aldo Cortesi
d4ad3f0b2c Refactor to extract ready_actions and write_values. 2012-06-24 17:01:04 +12:00
Aldo Cortesi
4fc64ac04f Enable anchors on command line. 2012-06-24 16:38:32 +12:00
Aldo Cortesi
e6aa9ff675 Re-enable anchors. 2012-06-24 16:20:50 +12:00
Aldo Cortesi
877b5a2d11 Add staticdir to test.Test. 2012-06-24 15:12:31 +12:00
Aldo Cortesi
2e558b7e9d Fix disconnect, improve coverage, enable file value specifier. 2012-06-24 15:07:45 +12:00
Aldo Cortesi
f0fd33fb11 Log inspection and manipulation from tests. 2012-06-21 15:39:40 +12:00
Aldo Cortesi
12c140b951 Restore client argument parsing. Add thread-safe logging subsystem. 2012-06-21 14:29:49 +12:00
Aldo Cortesi
1089a52f3d Disconnect, rest refactoring. 2012-06-21 10:56:30 +12:00
Aldo Cortesi
a700721891 Porting to netlib proceeds apace. 2012-06-19 13:23:07 +12:00
Aldo Cortesi
00c8bef0ff Port test suite over to Nose. 2012-06-09 15:08:51 +12:00
Aldo Cortesi
a29ebe31dc SSL support for test struss.
Also, rewrite requests usage for latest version.
2012-06-07 17:02:17 +12:00
Aldo Cortesi
9ae53aecd0 We can't sensibly unit test pages withhout firing up a server.
We've just added functionality to do this ourselves, so rip out the old stuff.
2012-06-07 16:35:54 +12:00
Aldo Cortesi
26c8437e88 Better test daemon cleanup, improve utils test coverage. 2012-06-07 14:05:42 +12:00
Aldo Cortesi
34ffe46fa0 Add /api/info, returning general info on the running pathod daemon. 2012-06-07 11:39:37 +12:00
Aldo Cortesi
14b2a69d21 Start building a Pathod unit testing truss.
- Add test.py, which will house the testing API.
- Extend API with a shutdown method, used to terminate the test daemon.
- Refactor to allow clean shutdown.
2012-06-07 11:23:23 +12:00
Aldo Cortesi
049d3d2b45 lippathod/app.py -> libpathod/pathod.py 2012-06-07 08:50:06 +12:00
Aldo Cortesi
d171e13fd3 Fix redundant imports, tweak TODO for 0.2 2012-04-30 10:09:16 +12:00
Aldo Cortesi
1431b36c4a Preview in web application. 2012-04-29 21:15:02 +12:00
Aldo Cortesi
f2b11e5d5c Add logging, expose logs through the web app interface. 2012-04-29 16:22:53 +12:00
Aldo Cortesi
fd946f0c04 Basic logging. 2012-04-29 14:59:54 +12:00
Aldo Cortesi
6d4500c679 Regularize language even further
- Unify offset specifcation syntax, so there's now oly one form for specify
pauses and disconnects.
- Use @ instead of ! for content generation. Mildy more convenient in the shell.
2012-04-29 14:20:27 +12:00
Aldo Cortesi
f03ce81070 Anchor management: list and remove anchors. 2012-04-29 12:18:34 +12:00
Aldo Cortesi
2d88d88f8c Basic anchor adding. 2012-04-29 12:05:38 +12:00
Aldo Cortesi
77eca33f26 Refactor application definitions and startup.
Also, create one of the dodgiest web testing trusses in history. Tornado just
seems to have no nice way of doing this.
2012-04-29 10:56:33 +12:00
Aldo Cortesi
ee909e265b Add a shortcut for setting Location header. 2012-04-28 22:54:45 +12:00
Aldo Cortesi
2d989e2fbb Add a shortcut for setting content-type. 2012-04-28 22:51:36 +12:00
Aldo Cortesi
5052a6d34e Unify pause and disconnect event frameworks. 2012-04-28 22:28:28 +12:00
Aldo Cortesi
7810ee475d More language tweaks.
Separators this time - move to colon-separated features, use = for header
key/value separation.
2012-04-28 17:28:40 +12:00
Aldo Cortesi
a779aac9db Make specification language more terse, and more regular. 2012-04-28 17:12:39 +12:00
Aldo Cortesi
5fc2a63781 Better internal error pages. 2012-04-28 14:43:57 +12:00
Aldo Cortesi
2c8f17eae7 First pass at static file serving. 2012-04-28 13:16:51 +12:00
Aldo Cortesi
b4105be21e Initial checkin. 2012-04-28 12:42:03 +12:00