Commit Graph

287 Commits

Author SHA1 Message Date
Maximilian Hils
7f7ccd3a18 100% test coverage 2015-04-09 00:57:37 +02:00
Maximilian Hils
6fbe3006af fail gracefully if we cannot start a new thread 2015-04-09 00:13:01 +02:00
Maximilian Hils
d5eff70b6e fix tests on Windows 2015-03-07 01:31:31 +01:00
Maximilian Hils
dbadc1b613 clean up cert handling, fix mitmproxy/mitmproxy#472 2015-03-07 01:22:02 +01:00
Maximilian Hils
d71f3b68fd make tests more robust, fix coveralls 2015-02-27 22:27:23 +01:00
Maximilian Hils
da1eb94ccd 100% test coverage 🎉 2015-02-27 22:02:52 +01:00
Maximilian Hils
63fb433690 fix #53 2015-02-27 20:40:17 +01:00
Maximilian Hils
738a7b34a2 Merge branch 'master' of github.com:mitmproxy/netlib 2015-02-27 17:00:19 +01:00
Maximilian Hils
224f737646 add option to log ssl keys
refs mitmproxy/mitmproxy#475
2015-02-27 16:59:29 +01:00
Maximilian Hils
2a2402dfff ...two years is not enough. 2015-02-17 00:10:10 +01:00
Aldo Cortesi
7e5bb74e72 5 years is enough... 2015-02-17 12:03:52 +13:00
Aldo Cortesi
c9de3e770b By popular demand, bump dummy cert expiry to 5 years
fixes #52
2015-02-17 11:59:07 +13:00
Aldo Cortesi
3c919631d4 Bump version 2014-12-28 22:46:19 +13:00
Maximilian Hils
438c1fbc7d TCPClient: Use TLS1.1+ where available, BaseHandler: disable SSLv2 2014-12-15 12:32:36 +01:00
Aldo Cortesi
7098c90a6d Bump version to 0.11.1 2014-11-15 12:45:06 +13:00
Aldo Cortesi
c56e7a90d8 Fix tracebacks in connection finish 2014-11-15 12:31:13 +13:00
Maximilian Hils
60584387ff be more explicit about requirements 2014-11-11 12:26:20 +01:00
Aldo Cortesi
0811a9ebde .flush can raise NetlibDisconnect. This fixes a traceback found in fuzzing. 2014-11-07 16:01:41 +13:00
Aldo Cortesi
9ce2f473f6 Simplify expected_http_body_size signature, fixing a traceback found in fuzzing 2014-11-07 15:59:00 +13:00
Aldo Cortesi
ba468f12b8 Whitespace and legibility 2014-10-26 17:30:26 +13:00
Maximilian Hils
ed5e685565 refactor tcp close, fix mitmproxy/mitmproxy#376 2014-10-22 17:54:20 +02:00
Maximilian Hils
29a4e91050 fix mitmproxy/mitmproxy#375 2014-10-17 18:48:30 +02:00
Maximilian Hils
e6a8730f98 fix tcp closing for ssled connections 2014-10-09 04:42:39 +02:00
Maximilian Hils
987fa22e64 make socks reading more bulletproof 2014-10-09 01:46:08 +02:00
Maximilian Hils
9ef84ccc1c clean up code 2014-10-09 00:15:39 +02:00
Maximilian Hils
fdb6f5552d CertStore: add support for cert chains 2014-10-08 20:46:30 +02:00
Maximilian Hils
274688172d fix mitmproxy/mitmproxy#373 2014-10-08 18:40:46 +02:00
Maximilian Hils
e73a2dbab1 minor changes 2014-09-28 03:15:26 +02:00
Aldo Cortesi
0e30796469 Short-form getstate 2014-09-17 14:04:26 +12:00
Aldo Cortesi
414a0a1602 Adjust for state object protocol changes in mitmproxy. 2014-09-17 11:47:07 +12:00
Aldo Cortesi
b21df0cf44 Merge branch 'master' of ssh.github.com:cortesi/netlib 2014-09-09 10:10:10 +12:00
Aldo Cortesi
63c1efd394 Remove avoidable imports from OpenSSL
Fixes #38
2014-09-09 10:08:56 +12:00
Maximilian Hils
f90ea89e69 more verbose errors 2014-09-08 18:38:05 +02:00
Aldo Cortesi
5dcc7f78df Merge pull request #34 from bbaetz/master
Change the criticality of a number of X509 extentions, to match
2014-09-07 12:50:36 +12:00
Aldo Cortesi
754b627937 Merge pull request #48 from mitmproxy/mitmproxy_issue_341
Adjust netlib to mitmproxy changes
2014-09-07 12:47:49 +12:00
Aldo Cortesi
f4013dcd40 Add a FIXME note for discarded credentials 2014-09-07 12:47:17 +12:00
Aldo Cortesi
52f430c934 Merge pull request #37 from pritambaral/urlparse
More accurate host, port parsing
2014-09-07 12:46:01 +12:00
Aldo Cortesi
f98989b075 Merge branch 'master' into mitmproxy_issue_341
Conflicts:
	netlib/tcp.py
2014-09-07 12:39:59 +12:00
Aldo Cortesi
b688661ffb Merge branch 'func' 2014-09-07 11:25:28 +12:00
Aldo Cortesi
3b81d678c4 Use print function after future import 2014-09-07 11:24:41 +12:00
Maximilian Hils
c2e74ef95c Merge branch 'master' into mitmproxy_issue_341 2014-09-04 21:21:03 +02:00
Maximilian Hils
d9a731b23a make inequality comparison work 2014-09-04 19:18:43 +02:00
Maximilian Hils
4bf7f3c0ff set source_address if not manually specified 2014-09-04 16:55:02 +02:00
Maximilian Hils
ec628bc37d fix tcp.Address inequality comparison 2014-09-04 01:10:44 +02:00
Maximilian Hils
3d489f3bb7 adapt netlib.wsgi to changes in mitmproxy/mitmproxy#341 2014-09-03 17:15:50 +02:00
Maximilian Hils
6d1b601ddf minor cleanups 2014-08-16 15:53:07 +02:00
Maximilian Hils
1c1167eda0 use passlib instead of md5crypt 2014-08-16 15:28:09 +02:00
Maximilian Hils
1b8529649c Merge pull request #42 from mitmproxy/stream
Stream
2014-07-31 22:05:44 +02:00
kronick
197dae9183 Made attribute optional (as it is in pyOpenSSL)
See 0d7e8a1af2 -- It looks like this constant isn't set on some platforms (including Raspberry Pi's libssl)
2014-07-29 15:12:13 +02:00
Maximilian Hils
254a686235 Merge branch 'master' into stream
Conflicts:
	netlib/http.py
2014-07-21 14:02:56 +02:00
Maximilian Hils
6bd5df79f8 refactor response length handling 2014-07-21 14:01:24 +02:00
Maximilian Hils
d382bb27bf certstore: add support for asterisk form to DNTree replacement 2014-07-19 00:02:31 +02:00
Maximilian Hils
a7837846a2 temporarily replace DNTree with a simpler cert lookup mechanism, fix mitmproxy/mitmproxy#295 2014-07-18 22:55:25 +02:00
Brad Peabody
280d9b8625 added some additional functions for dealing with chunks - needed for mitmproxy streaming capability 2014-07-17 22:34:29 -07:00
Maximilian Hils
24ef9c61a3 improve docs 2014-07-14 17:38:49 +02:00
Brad Peabody
273c25a705 added option for read_response to only read the headers, beginnings of implementing streamed result in mitmproxy 2014-07-12 22:42:06 -07:00
Maximilian Hils
4d5d8b6511 mark nsCertType non-critical, fix #39 2014-06-29 13:10:07 +02:00
Maximilian Hils
e69133f98c remove ntop windows workaround 2014-06-25 21:16:47 +02:00
Maximilian Hils
6405595ae8 socks module: polish, add tests 2014-06-25 20:31:28 +02:00
Maximilian Hils
dc3d3e5f0a add inet_ntop/inet_pton functions 2014-06-25 20:31:10 +02:00
Maximilian Hils
217660f5db add socks module 2014-06-25 14:30:42 +02:00
Pritam Baral
dc071c4ea7 Ignore username:password part in url 2014-05-28 07:10:10 +05:30
Maximilian Hils
66ac56509f add support for ctx.load_verify_locations, refs mitmproxy/mitmproxy#174 2014-05-21 01:14:55 +02:00
Maximilian Hils
52c6ba8880 properly subclass Exception in HTTPError 2014-05-15 18:15:29 +02:00
Maximilian Hils
71834aeab1 make cert and key mandatory 2014-05-15 14:15:33 +02:00
Maximilian Hils
a8345af282 extract cert creation to be accessible in handle_sni callbacks 2014-05-15 13:51:59 +02:00
Maximilian Hils
92081eee04 Update certutils.py
refs mitmproxy/mitmproxy#200
2014-04-25 19:40:37 +02:00
Maximilian Hils
c2c952b3cc make error message example less abstract. 2014-03-31 12:44:20 +02:00
Pedro Worcel
bb10dfc505 Instead of removing the error, for consistency, leaving the error as-was
and replaced the message with something that may or may not be more
understandable :P
2014-03-31 20:19:23 +13:00
Pedro Worcel
e7c3e4c5ac Change error into awesome user-friendlyness
Hi there,

I was getting a very weird error "ODict valuelist should be lists", when attempting to add a header.

My code was as followed:

```
        msg.headers["API-Key"] = new_headers["API-Key"]                                                                                                                                                                              
 42         msg.headers["API-Sign"] = new_headers["API-Sign"]
```

In the end, that was because there could be multiple equal headers. In order to cater to that, it you guys might enjoy the patch I attach, for it converts strings automatically into lists of multiple headers.

I think it should work, but I haven't tested it :$

It'd allow me to have the above code, instead of this one below:

```
        msg.headers["API-Key"] = [new_headers["API-Key"]]                                                                                                                                                                               
 42         msg.headers["API-Sign"] = [new_headers["API-Sign"]]
```
2014-03-30 20:58:47 +13:00
Bradley Baetz
d8f54c7c03 Change the criticality of a number of X509 extentions, to match
the RFCs and real-world CAs/certs.

This improve compatability with older browsers/clients.
2014-03-20 11:12:11 +11:00
Maximilian Hils
34e469eb55 create dhparam file if it doesn't exist, fix mitmproxy/mitmproxy#235 2014-03-11 20:23:27 +01:00
Maximilian Hils
4bd15a28b7 fix #28 2014-03-10 17:43:39 +01:00
Aldo Cortesi
f5cc63d653 Certificate flags 2014-03-10 17:29:27 +13:00
Aldo Cortesi
2a12aa3c47 Support Ephemeral Diffie-Hellman 2014-03-07 16:38:50 +13:00
Aldo Cortesi
52b14aa1d1 CertStore: cope with certs that have no common name 2014-03-05 17:29:14 +13:00
Aldo Cortesi
86730a9a4c Handler convert_to_ssl now takes a key object, not a path. 2014-03-05 13:43:52 +13:00
Aldo Cortesi
0c3bc1cff2 Much more sophisticated certificate store
- Handle wildcard lookup
- Handle lookup of SANs
- Provide hooks for registering override certs and keys for specific
domains (including wildcard specifications)
2014-03-05 13:19:16 +13:00
Aldo Cortesi
7c82418e0b Beef up CertStore, add DH params. 2014-03-04 14:12:58 +13:00
Aldo Cortesi
cfaa3da25c Use PyOpenSSL's underlying ffi interface to get current cipher for connections. 2014-03-02 21:37:28 +13:00
Aldo Cortesi
1acaf1c880 Re-add state operations to ODict. 2014-03-02 16:54:21 +13:00
Aldo Cortesi
e381c03668 Cleanups, tests, and no-cover directives for code sections we can't test. 2014-03-02 16:47:10 +13:00
Aldo Cortesi
7788391903 Minor improvement to CertStore interface 2014-03-02 13:50:19 +13:00
Aldo Cortesi
3443bae94e Cipher suite selection for client connections, improved error handling 2014-02-27 18:35:16 +13:00
Maximilian Hils
c276b4294c allow super() on TCPServer, add thread names for better debugging 2014-02-15 23:16:28 +01:00
Maximilian Hils
a72ae4d85c Bump version
Do it now already so that mitmproxy will warn the user if netlib is not from master.
2014-02-11 12:09:58 +01:00
Aldo Cortesi
3d52d16e8d Merge branch 'tcp_proxy' 2014-02-07 10:50:23 +13:00
Maximilian Hils
7fc544bc7f adjust netlib.wsgi to reflect changes in mitmproxys flow format 2014-02-05 21:34:14 +01:00
Maximilian Hils
0bbc40dc33 store used sni in TCPClient, add equality check for tcp.Address 2014-02-04 04:51:41 +01:00
Maximilian Hils
dc45b4bf19 move StateObject back into libmproxy 2014-01-31 01:06:53 +01:00
Maximilian Hils
ff9656be80 remove subclassing of tuple in tcp.Address, move StateObject into netlib 2014-01-30 20:07:30 +01:00
Maximilian Hils
e18ac4b672 re-add server attribute to BaseHandler 2014-01-28 20:30:16 +01:00
Maximilian Hils
763cb90b66 add tcp.Address to unify ipv4/ipv6 address handling 2014-01-28 17:26:35 +01:00
Aldo Cortesi
8266699acd Silence pyflakes, adjust requirements.txt 2014-01-19 18:17:06 +13:00
Maximilian Hils
71c1017575 Merge branch 'master' into tcp_proxy 2014-01-18 22:55:51 +01:00
Maximilian Hils
0f22039bca add CONNECT request to list of request types that don't have a response body 2014-01-18 22:55:40 +01:00
Maximilian Hils
d0a6d2e254 fix tests, remove duplicate code 2014-01-09 05:33:21 +01:00
Maximilian Hils
b0b93d1c3e Merge remote-tracking branch 'origin/master' into tcp_proxy 2014-01-09 01:57:50 +01:00
Maximilian Hils
951f2d517f change parameter names to reflect changes 2014-01-09 01:57:37 +01:00
Aldo Cortesi
ac1a700fa1 Make certificate not-before time 48 hours.
Fixes #200
2014-01-08 14:46:55 +13:00