Commit Graph

448 Commits

Author SHA1 Message Date
Aldo Cortesi
71642eac65 Make space = page down global. 2012-02-06 10:22:51 +13:00
Aldo Cortesi
4b9ee4c31e Very basic KV editor mockup. 2012-02-06 09:49:49 +13:00
Aldo Cortesi
5075ede6a9 Make adding a response to a response-less flow nicer. 2012-01-23 13:25:15 +13:00
Aldo Cortesi
c6150cc198 Address an issue that allows a malicious client to place certificate files in arbitrary directories.
Thanks to David Black (disclosure@d1b.org) for pointing this out.
2012-01-21 14:26:36 +13:00
Aldo Cortesi
d5e3722c97 Fix an issue caused by some editors when editing a request/response body.
Many editors make it hard save a file without a terminating newline on the last
line. When editing message bodies, this can cause problems. For now, I just
strip the newlines off the end of the body when we return from an editor.
2012-01-21 12:43:00 +13:00
Mark E. Haase
05111f093d Add support for filtering by HTTP method (get, post, etc.) using ~m operator. 2011-12-28 17:32:29 -05:00
Mark E. Haase
965d318164 Help docs have ~r as an example but ~r isn't valid. I think it's supposed to be ~q. 2011-12-28 16:47:30 -05:00
Aldo Cortesi
28fd3bd461 Merge branch 'master' of github.com:cortesi/mitmproxy 2011-10-26 14:49:48 +13:00
Aldo Cortesi
3b246f7e27 Simple fix for a unicode error when editing a request URL. 2011-10-26 14:49:15 +13:00
meeee
ae79fe1660 Handle missing message/reason phrase in HTTP response status line gracefully by adding an empty one. 2011-09-26 00:44:43 +03:00
Aldo Cortesi
ee71bcfbe8 Fix a rare crash when a new cert is generated during cerdir removal. 2011-09-11 09:06:46 +12:00
Aldo Cortesi
d9db1cf5b3 Change size limit cmdline flag to -Z, enable size limits for replay. 2011-09-09 17:31:36 +12:00
Aldo Cortesi
67f2610032 Add HTTP body size limit specification to command-line tools. 2011-09-09 15:27:31 +12:00
Aldo Cortesi
28daa93268 Basic infrastructure for request and response body size limits. 2011-09-09 14:49:34 +12:00
Aldo Cortesi
e5bded7dee Improve robustness against invalid data. 2011-09-05 07:47:47 +12:00
Aldo Cortesi
4cb0e5bfb4 Merge branch 'master' of github.com:cortesi/mitmproxy 2011-09-04 10:51:09 +12:00
Aldo Cortesi
d1ff527550 Reset exit flag when proxy starts. 2011-09-04 10:50:00 +12:00
Aldo Cortesi
4ac59a7859 Fix a rare crash in sticky cookies. 2011-08-26 18:03:03 +12:00
Aldo Cortesi
8fbba59e8d Fix a problem with sticky cookie domain matching.
Just like everything else cookie-related in the standard library,
cookielib.domain_match is fucked up.
2011-08-26 17:37:12 +12:00
Aldo Cortesi
45f4768a5c Add attribution and license for tnetstring.py 2011-08-19 21:53:52 +12:00
Aldo Cortesi
a566684e32 Move to typed netstrings for serialization.
This change is backwards incompatible with the old serialization format!
2011-08-19 21:30:24 +12:00
Aldo Cortesi
34adc83c71 Revert changes to contrib/pyparsing.py
We want this module to match upstream.
2011-08-19 09:58:44 +12:00
András Veres-Szentkirályi
6f00987850 Optimized single character check 2011-08-18 23:33:14 +02:00
András Veres-Szentkirályi
9abff4f0ac Removed unused imports 2011-08-18 23:30:02 +02:00
András Veres-Szentkirályi
e9006ae199 Optimized list appending 2011-08-18 23:30:02 +02:00
András Veres-Szentkirályi
82245298f4 Removed assignments to unused variables 2011-08-18 23:30:02 +02:00
András Veres-Szentkirályi
b1dc418a53 Replaced unnecessary lists with generators 2011-08-18 23:29:57 +02:00
Aldo Cortesi
25f12b0e5d Add a basic Flow processor example. 2011-08-13 13:51:38 +12:00
Stephen Altamirano
4d02ae0582 First pass at implementing pretty view for multipart/form-data 2011-08-10 00:49:21 -07:00
Aldo Cortesi
8309ab0ec8 Prep for 0.6 release.
- Update contributors file.
- Bump version number
- Include version number in docs
2011-08-06 21:19:22 +12:00
Aldo Cortesi
f23818ceea Add a "done" event for scripts.
Called exactly once after all other events.
2011-08-05 14:08:03 +12:00
Aldo Cortesi
ce48cb4deb Make scripted rewriting of saved traffic work in mitmdump. 2011-08-05 09:41:29 +12:00
Aldo Cortesi
87623a8d75 Rip out autodecode
We simplify things as follows:

    - If we're in "pretty" view mode, we autodecode.
    - Otherwise, we display raw data, and the user can manually encode/decode
    with z shortcut.
2011-08-04 10:54:42 +12:00
Aldo Cortesi
b51aac8a86 Code cleanliness - appease pychecker. 2011-08-04 10:34:34 +12:00
Aldo Cortesi
730c78ac53 Move script.Context to flow.ScriptContext 2011-08-04 10:14:44 +12:00
Aldo Cortesi
1662b8505b Clean pydoc profile for flow.Flow 2011-08-04 09:56:44 +12:00
Aldo Cortesi
8ef208a9e2 Clean pydoc profile for flow.Response, flow.Error 2011-08-04 09:44:48 +12:00
Aldo Cortesi
7a3b871b33 Request class now has a clean pydoc profile. 2011-08-04 09:26:26 +12:00
Aldo Cortesi
0760607a7d Further interface cleaning. 2011-08-03 23:02:33 +12:00
Aldo Cortesi
9042d3f3b9 Clean up interfaces by making some methods pseudo-private. 2011-08-03 22:48:57 +12:00
Aldo Cortesi
57c653be5f Move all HTTP objects to flow.py
That's Request, Response, ClientConnect, ClientDisconnect, Error, and Headers.
2011-08-03 22:41:38 +12:00
Aldo Cortesi
9d0e3c8d61 Doc and help adjustments. 2011-08-03 19:15:01 +12:00
Aldo Cortesi
028d5bacc5 Make "C" clear eventlog when it has focus. 2011-08-03 17:41:13 +12:00
Aldo Cortesi
e337682d8e Enable "|" command to run a oneshot script on a single flow. 2011-08-03 17:35:18 +12:00
Aldo Cortesi
cfc6e8777e Add script set/unset shortcut for mitmproxy. 2011-08-03 17:14:11 +12:00
Aldo Cortesi
e3196dac4d Move commands around to make space for "s" script shortcut.
New commands are:

"w" - save all flows
"W" - save this flow
"S" - server replay
2011-08-03 16:52:41 +12:00
Aldo Cortesi
179cf75862 Add script hooks, enable new engine for mitmdump. 2011-08-03 16:36:20 +12:00
Aldo Cortesi
f7e4e89b12 Move the event notification mechanism into flow.py 2011-08-03 13:33:18 +12:00
Aldo Cortesi
12d2b1f926 Rip out old script interface, start replacing with new stubs.
Scripts are broken for now.
2011-08-03 13:20:36 +12:00
Aldo Cortesi
62088a6661 Start stubbing out a much more powerful script architecture. 2011-08-03 11:06:29 +12:00
Aldo Cortesi
a817db5bd6 Refresh current connection when toggling autodecode.
Also fix the unit tests I forgot to commit...
2011-08-02 20:47:53 +12:00
Aldo Cortesi
8cc0469ee7 Tweak encoding behaviour
- Don't fail to identity encoding when an unknown encoding is specified.
- Don't constrain encodings. I want to try to modify traffic as little as
possible by default.
- When decoding, delete content-encoding header rather than set it to "identity"
- Refuse to decode/encode when there is an existing but unknown
content-encoding header.
2011-08-02 20:42:46 +12:00
Aldo Cortesi
bb6ec29b18 Fix encoding import crash. 2011-08-02 16:55:54 +12:00
Aldo Cortesi
1ff6a767d0 Unit test++ 2011-08-02 16:52:47 +12:00
Aldo Cortesi
357502fe03 General cleanup.
Cut out unused variables and code, generally shut up pychecker as much as is
reasonable.
2011-08-02 16:14:33 +12:00
Aldo Cortesi
17835b9b78 Fix a rare undefined variable crash in proxy.py. 2011-08-02 15:43:35 +12:00
Aldo Cortesi
a1456742a8 Make ConnectionList key bindings work even if there are no entries. 2011-08-02 15:35:54 +12:00
Aldo Cortesi
f3742f29da We no longer need to track clientconnections. 2011-08-02 14:56:09 +12:00
Aldo Cortesi
f3f8462ddc Make the mitmproxy eventlog display useful information. 2011-08-02 14:17:15 +12:00
Aldo Cortesi
73a7d893e3 Give a visual indication that the eventlog has focus. 2011-08-02 11:02:23 +12:00
Aldo Cortesi
759f5d71a6 Initial key bindings and event handlers for event log. 2011-08-02 10:48:29 +12:00
Aldo Cortesi
af92153974 Start stubbing out a UI for the eventlog in mtimproxy. 2011-08-02 09:17:54 +12:00
Aldo Cortesi
9b398c03ab Exit with error if mitmproxy can't load a file specified on cmdline. 2011-08-01 13:27:46 +12:00
Aldo Cortesi
675b3133b4 Improve performance of loading flows from a file hugely.
Fell into the "expensive __eq__ method" trap. Oh, Python, you little scamp.
2011-08-01 11:26:09 +12:00
Aldo Cortesi
43f1c72511 Refactor the way we calculate views of the flow list.
The naive approach we used before recalculated the view on every access, and
consequently had serious performance problems.
2011-08-01 11:17:01 +12:00
Aldo Cortesi
ddb5748a76 Add decoding/encoding for requests. 2011-08-01 10:43:01 +12:00
Aldo Cortesi
c89c4361c3 Merge remote-tracking branch 'alts/encoding' 2011-07-28 11:19:07 +12:00
Stephen Altamirano
78049abac1 Changes replace logic to function in both Python 2.6.x and 2.7.x
Tests now only assume Python 2.6.x rather than requiring 2.7.x. This does not preclude the use of flags as a kwarg in replace
2011-07-26 22:47:08 -07:00
Stephen Altamirano
c1eaa9f74c Adds encode and decode methods to Response objects 2011-07-26 22:03:41 -07:00
Aldo Cortesi
e6288e2d07 Fix crash when sticky cookies are read from file.
Cookielib expects strings, not unicode.
2011-07-24 16:08:27 +12:00
Aldo Cortesi
0f4ae61e7d Fix a crash in mitmdump event display. 2011-07-23 16:59:48 +12:00
Aldo Cortesi
6cd32bf96f Unbreak mitmproxy. Oops. 2011-07-23 13:39:17 +12:00
Aldo Cortesi
3648c7953a Extend eventlog information.
Also, squash an SSL-related bug revealed by the extended logging.
2011-07-23 13:37:06 +12:00
Aldo Cortesi
4043829cf2 Add an eventlog option to mitmdump
This shows client connections, disconnections and requests (before a complete
flow is assembled). We need to add an analogous display to mitmproxy.
2011-07-23 12:57:54 +12:00
Aldo Cortesi
689f5f0d1f Don't turn off output if -v flag is passed more than twice. 2011-07-23 11:50:30 +12:00
Aldo Cortesi
47e1695512 Also replace strings path for requests. 2011-07-22 20:52:13 +12:00
Aldo Cortesi
6ce8b49e05 Make script pipe globally available. 2011-07-22 19:09:32 +12:00
Aldo Cortesi
1b961fc4ad Add utility functions to search and replace strings in flows
This is a common task in pentesting scenarios. This commit adds the following
functions:

utils.Headers.replace
proxy.Request.replace
proxy.Response.replace
flow.Flow.replace
2011-07-22 17:48:42 +12:00
Stephen Altamirano
9c24401b18 Removes last_encoding attribute from Response. Prompts for encoding on identity responses 2011-07-21 22:09:48 -07:00
Stephen Altamirano
74d8b18408 Removes should_autodecode attribute from Response. Adds commandline option 'd' to toggle autodecode, adds togglable option 'd' to do the same 2011-07-21 20:22:13 -07:00
Aldo Cortesi
5936a48e59 Drop cert expiry time to avoid a bug in some OpenSSL versions. 2011-07-22 11:11:45 +12:00
Stephen Altamirano
aa7f8ac90b Switches hotkeys. En/decode is now bound to 'z', kill connection now 'X' 2011-07-20 00:14:24 -07:00
Stephen Altamirano
ebfa9b2a5d Fixes issue #10 regarding broken json printing 2011-07-19 10:51:49 -07:00
Stephen Altamirano
25b0631190 Switches hotkey to unused 'g', adds help message 2011-07-18 22:04:23 -07:00
Stephen Altamirano
1c5434d72c Adds ability to toggle between encodings in the response view 2011-07-18 21:52:40 -07:00
Stephen Altamirano
ecd4645988 Adds encode counterparts to decode functions 2011-07-17 20:16:47 -07:00
Aldo Cortesi
b0849387b7 Add explicit notice when data has been auto-decoded. 2011-07-18 14:18:47 +12:00
Aldo Cortesi
669ce8ee7c Correctly detect urlencoded data
This broke when we introduced case preservation for headers.
2011-07-17 15:31:58 +12:00
Aldo Cortesi
6df4be93e3 Fix error in anticomp commandline specification. 2011-07-17 14:36:38 +12:00
Aldo Cortesi
f756d3bec1 Make help display for options nicer. 2011-07-17 11:14:18 +12:00
Aldo Cortesi
1559ded009 Expose the anticompression flag as an option through the "o" key in mitmproxy. 2011-07-17 10:34:43 +12:00
Aldo Cortesi
ce41046786 Refine encoding support
- Push decoding down into the LRU cache
- Cope gracefully with corrupted data and incorrect encoding headers
2011-07-17 10:25:25 +12:00
alts
6dc0f105cc Adds support for content encoding, namely gip and deflate 2011-07-16 02:47:06 -07:00
Aldo Cortesi
94ae720a22 Add a pretty-printing mode for urlencoded form data. 2011-07-15 16:46:54 +12:00
Aldo Cortesi
76b4c6ba82 Introduce an anti-compression command-line argument.
This is on by default, which means we avoid compressed content unless the -z
flag is specified.
2011-07-15 15:24:56 +12:00
Aldo Cortesi
1a963b91bb Don't sort headers when displaying them in mitmproxy. 2011-07-14 17:20:32 +12:00
Aldo Cortesi
7e21ac0eb8 Refine path completion somewhat.
Make it match the behaviour of vim and mutt more closely
2011-07-14 16:54:04 +12:00
Aldo Cortesi
1c9e7b982a Rewrite Headers object to preserve order and case. 2011-07-14 16:01:54 +12:00
Aldo Cortesi
b6e1bf63c3 Merge branch 'master' of github.com:cortesi/mitmproxy 2011-07-11 16:14:32 +12:00
Felix Wolfsteller
1a5b157c8f Specify certificate creation waiting time argument to fix type error in proxy.py . 2011-07-09 08:07:22 +00:00
Aldo Cortesi
65fbb7bd0d Bail out if no command was specified after | shortcut. 2011-07-08 21:41:00 +12:00
Aldo Cortesi
8e176c2086 Cast some data read from dump files to str, to prevent unicode promotion.
This fixes a bug that caused a traceback when de-serialized requests were
replayed. Also adds unit tests for the problem.
2011-07-01 14:20:42 +12:00
Aldo Cortesi
2a90ea69fd Show view mode in statusbar.
Also make "m" keyboard shortcut available globally.
2011-06-30 14:49:11 +12:00
Aldo Cortesi
37c8d3425d Fix edit prompt display, return code editing. 2011-06-30 14:30:48 +12:00
Aldo Cortesi
18d4c3a9e9 JSON pretty-printing.
Also rename the display modes ("pretty" instead of "indent"), and expand the
built-in documentation.
2011-06-30 13:27:27 +12:00
Aldo Cortesi
46ec8f52e7 Prep for 0.5 release
- Update CHANGELOG and CONTRIBUTORS
- Bump version
- Include Apple Gamecenter highscore setting tutorial in docs
2011-06-27 16:38:00 +12:00
Aldo Cortesi
0a642f2441 Make the certificate wait time configurable.
Since OpenSSL doesn't let us set certificate start times in the past, the
client and proxy machine time must be synchronized, or the client might reject
the certificate. We can bodgy over small discrepancies by waiting a few seconds
after a new certificate is generated (i.e. the first time an SSL domain is contacted).

Make this a configurable option, and turn it off by default.
2011-06-27 16:10:17 +12:00
Aldo Cortesi
f004326855 Try not to hang when user views large request & response bodies
Two different strategies here:

    - Use a simple heuristic to detect if we're looking at XML data when indent
    mode is used. On non-XML data we can hang even on small documents.

    - Only view partial data for large bodies. At the moment the cutoff is
    100k. I might finetune this later.
2011-06-27 15:59:17 +12:00
Aldo Cortesi
2ae7808ca9 Don't redraw the screen more often than necessary. 2011-06-27 14:01:08 +12:00
Aldo Cortesi
b04d074341 Repair a problem that sometimes caused SSL connections to peg the CPU. 2011-06-23 17:00:55 +12:00
Aldo Cortesi
0d9e0eac9a Don't backup flows before replay.
This lets us revert to the original request, even after replaying an edit.
2011-06-23 14:47:34 +12:00
Yuangxuan Wang
e56793f01e Fix urwid version parsing error when it's something like 0.9.10-pre 2011-06-20 16:18:55 +08:00
Aldo Cortesi
7d7803a4d9 Add a hideous kludge to fix not-yet-valid certificates.
- The OpenSSL x509 has no way to explicitly set the notBefore value on
certificates.

- If two systems have the same configured time, it's possible to return a
certificate before the validity start time has arrived.

- We "solve" this by waiting for one second when a certificate is first
generated before returning the cert. The alternative is to rewrite pretty much
all of our certificate generation, a thought too horrible to contemplate.
2011-06-11 15:16:16 +12:00
Aldo Cortesi
07110bbbf1 Anticache and refresh_server_playback options are applied before flows are loaded.
You can now use mitmdump to preview how these options work, by running mitmdump
against a set of saved flows, and viewing the output.
2011-05-15 12:23:34 +12:00
Aldo Cortesi
e285b17e3f Add -r option to mitmdump and mitmproxy.
This option reads a set of flows from a file. I've also regularized the
mitmdump and mitmproxy command-line signatures by removing mitmproxy's old way
of specifying flow loads through naked arguments.
2011-05-15 11:54:12 +12:00
Aldo Cortesi
613e9a298e Add a new flow loading mechanism.
We now simulate the normal connection flow when we load flows. That means
that we can run scripts, hooks, sticky cookies, etc.
2011-05-15 11:22:35 +12:00
Aldo Cortesi
6175d92583 Minor code cleanup - no need to recreate the master queue. 2011-05-14 12:12:03 +12:00
Aldo Cortesi
f89581be1b Add a -n option which tells the tools not to bind a proxy.
This is useful when you just want to inspect or process dumps.
2011-05-14 10:44:25 +12:00
Aldo Cortesi
d917cfd916 Refactoring. 2011-03-29 10:57:50 +13:00
Aldo Cortesi
c3105153a5 Add some debugging output to help troubleshoot a performance problem. 2011-03-27 13:10:06 +13:00
Aldo Cortesi
c0bd1a39e4 unit test coverage ++ 2011-03-20 18:52:16 +13:00
Aldo Cortesi
c726519e73 Add a stickyauth option.
This allows us to replay an HTTP Authorization header, in the same way as we
replay cookies using stickycookies. This lets us conveniently get at HTTP Basic
Auth protected resources through the proxy, but is not enough to do the same
for HTTP Digest auth. We'll put that on the todo list.
2011-03-20 17:31:54 +13:00
Aldo Cortesi
4f877cde6a Reverse order of flows in mitmproxy.
It matches user expectations much better to have new flows appended to the bottom.
2011-03-20 09:31:39 +13:00
Aldo Cortesi
e22fd74d06 Revamp key generation.
We now create three different files in the .mitmproxy directory when a dummy CA
is made:

mitmproxy-ca.pem - the CA, including private key

mitmproxy-ca-cert.p12 - A pkcs12 version of the certificate, for distribution to Windows.

mitmproxy-ca-cert.pem - A PEM version of the certificate, for distribution to everyone else.
2011-03-18 16:45:31 +13:00
Aldo Cortesi
3fbf343985 Tweak CA and cert setup to be nice to Windows.
For some reason Satan's Operating System doesn't join up the certification path
if the key identifiers are set to hash. This took a few hours of trial and
error to figure out.
2011-03-18 14:48:43 +13:00
Aldo Cortesi
907536503c Enable request and response script commandline arguments for mitmproxy. 2011-03-18 10:43:43 +13:00
Aldo Cortesi
fc9e0dcacb Maintain focus in mitmproxy when flows are loaded from file. 2011-03-18 10:33:32 +13:00
Aldo Cortesi
0e62dd479b Do id-based comparison rather than value-based comparison to establish flow focus.
This fixes a bug where focus would jump unpredictably between identical flows.
2011-03-18 10:21:59 +13:00
Aldo Cortesi
894d3cc62d Use path_prompt rather than plain prompt where needed in mitmproxy. 2011-03-18 10:14:57 +13:00
Aldo Cortesi
89b0ac5195 Server replay shortcut in mitmproxy can now be used to interrupt a current replay. 2011-03-18 09:43:47 +13:00
Aldo Cortesi
f97c144869 Client playback shortcut in mitmproxy can now be used to interrupt a current client playback. 2011-03-18 09:38:51 +13:00
Aldo Cortesi
4893e5e5a4 We have to pass -CAcreateserial after all. 2011-03-18 09:24:04 +13:00
Aldo Cortesi
e983253ecc Docs, minor cert tweaks. 2011-03-18 09:04:49 +13:00
Aldo Cortesi
394bd1d6b0 Interrupt interception when deleting an intercepting flow.
Prompting the user for this is annoying.
2011-03-15 17:53:29 +13:00
Aldo Cortesi
e3ad3790de Fix minor styling and glitches. 2011-03-15 17:37:09 +13:00
Aldo Cortesi
6d5c32ad4b Fix hang on shutdown. 2011-03-15 17:21:35 +13:00
Aldo Cortesi
fb28e71f0b Do pre-processing of requests before replay.
This enables scripts, anticache, server playback and sticky cookies for
request replays.
2011-03-15 15:11:03 +13:00
Aldo Cortesi
fe1e2f16ff Improve responsiveness of request and response viewing.
- Computing the view of a large body is expensive, so we introduce an LRU cache
to hold the latest 20 results.

- Use ListView more correctly, passing it individual urwid.Text snippets,
rather than a single large one. This hugely improves render time.
2011-03-15 13:05:33 +13:00
Aldo Cortesi
bb8adfb731 Use .stop() and .start() to restart curses around external spawns. 2011-03-14 16:09:06 +13:00
Aldo Cortesi
974cb03631 Merge branch 'master' of github.com:cortesi/mitmproxy 2011-03-14 15:56:52 +13:00
Aldo Cortesi
9b961a8236 Use raw_display instead of curses_display. 2011-03-14 15:56:25 +13:00
Aldo Cortesi
c17cf5c6a0 Fix traceback when viewing hex mode. 2011-03-14 14:34:55 +13:00
Aldo Cortesi
897bd5c2b8 We no longer use pytz. 2011-03-14 13:47:51 +13:00
Aldo Cortesi
b4fab58c61 Indicate request and response replay status separately. 2011-03-13 21:53:26 +13:00
Aldo Cortesi
6cb40d03f4 Fix a number of small UI infelicities.
- Make request/response view switching behave sensibly
- Avoid having an empty string appear in connection view text. This makes urwid
misbehave.
- Make it clear that intercept and cookies specifications are filters.
2011-03-13 21:16:42 +13:00
Aldo Cortesi
038a6eb1a7 I've now added all the features I want for 0.4. Bump the version number. 2011-03-13 20:42:55 +13:00
Aldo Cortesi
1e47167ac6 Fix a traceback sometimes triggered viewing a connection with no response. 2011-03-13 20:03:13 +13:00
Aldo Cortesi
8d0152f2ff Add server replay to mitmproxy. 2011-03-13 17:11:59 +13:00
Aldo Cortesi
324d7c3955 Add client plaback to mitmproxy. 2011-03-13 16:50:11 +13:00
Aldo Cortesi
49c1532af7 Add anticache support for mitmproxy
Also stub out an option toggle command for anticache, killextra and norefresh
options.
2011-03-13 16:21:41 +13:00
Aldo Cortesi
ef27e2fb29 Rejigger status bar somewhat. Add indicators for various bits of state.
In particular, we now display limits, sticky cookie expressions and intercepts
in the bar.
2011-03-13 15:55:47 +13:00
Aldo Cortesi
18d25ec1a1 Fix stickycookie setting, indented view traceback. 2011-03-13 11:43:55 +13:00
Aldo Cortesi
0042687f0d Remove beep functionality from mitmproxy.
This acts funny (sometimes works, sometimes doesn't) and isn't really useful.
2011-03-13 11:26:30 +13:00
Aldo Cortesi
c901cbbada mitmproxy prompted input now display previously set value.
E.g. if you set a limit, then re-enter the limit prompt, you start with the
currently set value.
2011-03-13 11:24:49 +13:00
Aldo Cortesi
4ce393cc41 Unit tests for cmdline.py 2011-03-12 15:14:25 +13:00
Aldo Cortesi
96b10ca486 console.py 100% test coverage 2011-03-12 15:08:06 +13:00
Aldo Cortesi
fbbc43a5b2 netstring.py 100% unit test coverage. 2011-03-12 14:39:41 +13:00
Aldo Cortesi
2f457e041e Unify mitmproxy and mitmdump commandline
- Extract common options into cmdline.py
- Change mitmproxy keybindings to fit command line

Some cmdline options and keybindings aren't in operation yet - just stubs
where functionality will be added in the next few commits.
2011-03-12 14:30:12 +13:00
Aldo Cortesi
40e9067b83 Handle invalid bind address specifications gracefully. 2011-03-12 13:47:37 +13:00
Aldo Cortesi
9f16a84a9e Make mitmdump handle invalid serialized data gracefully. 2011-03-11 15:16:31 +13:00
Aldo Cortesi
7d85db0da3 Display Errors and killed connections in mitmdump. 2011-03-11 13:06:51 +13:00
Aldo Cortesi
daa9653ebe Add --norefresh to stop refreshing server playback to mitmdump.
Also, make cookie parsing for refreshing more error-tolerant.
2011-03-11 11:56:10 +13:00
Aldo Cortesi
e99b1d1949 Stub out refresh for server-side replay. 2011-03-09 20:05:30 +13:00
Aldo Cortesi
03f1345385 Add an --anticache option to mitmdump.
This removes all headers that might cause a server to return 304-not-modified.

For now, all the new features are going into mitmdump - everything will be
ported over to mitmproxy once I have the feature set locked down.
2011-03-09 13:15:31 +13:00
Aldo Cortesi
592812467d Move version constants to version.py, add version to serialized flows.
For now, we don't do anything with the serialized version info, but this should
give us some future-proofing for serialization format changes.
2011-03-09 12:36:14 +13:00
Aldo Cortesi
897c4bfc52 Think harder about timestamps. Just save seconds since the epoch as a float. 2011-03-09 12:18:08 +13:00
Aldo Cortesi
765871bd11 Store timestamps on flow components as a UTC time tuple.
Format is:

(tm_year,tm_mon,tm_mday,tm_hour,tm_min, tm_sec,tm_wday,tm_yday,tm_isdst)
2011-03-07 13:46:02 +13:00
Aldo Cortesi
7330f5fccf Make mitmdump server playback also exit by default.
Like client playback, the --keepserving option makes mitmdump keep serving.
2011-03-06 17:08:56 +13:00
Aldo Cortesi
ec00b5a66e Make mitmdump exit after client replay is complete by default.
Add an option --keepserving to make it keep serving after replay.
2011-03-06 16:54:49 +13:00
Aldo Cortesi
e794cbc0d8 Add flow_count and active_flow_count methods to flow.State.
Use these in unit tests where sensible.
2011-03-06 16:11:45 +13:00
Aldo Cortesi
42ffded626 Bump unit tests, rearrange mitmdump command-line options slightly. 2011-03-06 16:02:28 +13:00
Aldo Cortesi
4f02480482 Allow client replays to be replayed against server replays.
Useful for testing.
2011-03-06 14:48:16 +13:00
Aldo Cortesi
bad77f3470 Add client replay options to mitmdump. 2011-03-06 11:21:31 +13:00
Aldo Cortesi
5da4099ddf Massage namespace to make room for client replay.
Mostly replay -> server_replay
2011-03-05 13:03:26 +13:00
Aldo Cortesi
96471fde1d Basic client playback state structure. 2011-03-04 13:08:43 +13:00
Aldo Cortesi
6921b9ff2a Add an indicator that sticky cookies have been applied in mitmdump. 2011-02-25 21:23:44 +13:00
Aldo Cortesi
8cade9fbbf Move stringification funcs from proxy to dump. 2011-02-25 21:11:44 +13:00
Aldo Cortesi
3792b0084e Add -c and -C options to mitmdump to control sticky cookies.
It's dumb that this needs to be two different options, but optparse doesn't
support optional arguments. It would be much nicer to just have "-c" for "all",
and "-c filter" for a specified filter.
2011-02-25 17:32:03 +13:00
Aldo Cortesi
57f96c5fe0 Minor housekeeping - unused code, nocover directives.
95% test coverage.
2011-02-24 15:44:08 +13:00
Aldo Cortesi
79039eb5d2 More mature sticky cookie primitive. Use it in console.py. 2011-02-24 15:26:34 +13:00
Aldo Cortesi
57947b328e Start abstracting out sticky cookie state. 2011-02-24 10:33:39 +13:00
Aldo Cortesi
3c1db00ebb Remove first iteration playback/record.
Bonus: unit test coverage goes from 70% to 94% with one commit. ;)
2011-02-23 12:40:30 +13:00
Aldo Cortesi
39207ffdd2 Add a way for users to specify header significance in server replay.
Also add the --rheader command-line option to mitmdump to let the user specify
an arbitrary number of significant headers. The default is to treat no headers
as significant.
2011-02-23 10:54:51 +13:00
Aldo Cortesi
c80214ba55 Minor housekeeping: bump version, clean todo. 2011-02-21 12:27:01 +13:00
Aldo Cortesi
7bc913c40d Move script hooks into the flow primitives.
This lets handle scripts in corner cases like playback situations more easily.
2011-02-21 11:40:49 +13:00
Aldo Cortesi
fe99871df8 Add --kill option to mitmdump
If this option is passed all requests that are not part of a replayed
conversation are killed. If the option is not passed, such requests are passed
through to the server as usual.
2011-02-21 11:08:35 +13:00
Aldo Cortesi
c3e3897071 Fix a subtle Unicode problem in Response.assemble
If msg is Unicode, the proto string is automatically promoted to Unicode.  If
the proto string is promoted to Unicode, then the FMT interpolation is also
done in Unicode. If this happens, then binary data in content will cause an
exception.
2011-02-21 10:11:50 +13:00
Aldo Cortesi
fd4dd8cb6b First pass of playback function for mitmdump. 2011-02-21 09:54:39 +13:00
Aldo Cortesi
deb79a9c5a Add a simple server playback state object.
We use a loose hash to match incoming requests with recorded flows. At the
moment, this hash is over the host, port, scheme, method, path and content of
the request. Note that headers are not included here - if we do want to include
headers, we would have to do some work to normalize them to remove variations
between user agents, header order, etc. etc.
2011-02-21 08:47:19 +13:00
Aldo Cortesi
aa16194518 Clean up and strip down netstrings module. 2011-02-20 14:03:32 +13:00
Aldo Cortesi
7ddba22f51 Certificates are now generated in a temporary per-session directory.
This means that certificates don't accumulate in the conf directory, users
don't have to clear certificates if the CA is regenerated, and the user can
specify a custom CA without invalid certificates being loaded inadvertently.
2011-02-20 13:29:41 +13:00
Aldo Cortesi
c2ae8285f4 Revamp SSL configuration.
- Move option parsing utiliities to proxy.py

- Don't have a global config object. Pass it as an argument to ProxyServer.

- Simplify certificate generation logic.
2011-02-20 12:53:42 +13:00
Aldo Cortesi
4fc807cedd Clean up certificate generation.
- Use templates for config files. We can re-introduce customization of the
certificate attributes when we need them.

- Split CA and cert generation into separate functions.

- Generation methods provide an error return when generation fails.

- When the user explicitly specifies a certificate, we don't generate it, but
fail if it doesn't exist.
2011-02-20 12:17:10 +13:00
Aldo Cortesi
9c5c3c2b1a Implement state loading that doesn't change object identity.
We need this to let us load state from copied Flows returned from scripts.
2011-02-20 09:36:13 +13:00
Aldo Cortesi
58fc0041fa Stub out doc structure, add screenshots for configuring certs in Firefox. 2011-02-19 19:43:44 +13:00
Aldo Cortesi
1549ec8079 Bump test coverage to 100% for flow.py 2011-02-19 17:21:08 +13:00
Aldo Cortesi
d9c6be3d13 Fix serialization when a Request has no associated client connection. 2011-02-19 17:03:44 +13:00
Aldo Cortesi
5da27a9905 Refactor Flow primitives to remove HTTP1.0 assumption.
This is a big patch removing the assumption that there's one connection per
Request/Response pair. It touches pretty much every part of mitmproxy, so
expect glitches until everything is ironed out.
2011-02-19 17:00:24 +13:00
Aldo Cortesi
cd4eea3934 First pass of script hooks for mitmdump.
Also stub out docs, improve mitmdump error handling.
2011-02-18 12:40:45 +13:00
Aldo Cortesi
7769e5a898 Whitespace in mitmdump output. 2011-02-17 15:56:54 +13:00