Maximilian Hils
5af9df326a
fix certificate verification
...
This commit fixes netlib's optional (turned off by default)
certificate verification, which previously did not validate the
cert's host name. As it turns out, verifying the connection's host
name on an intercepting proxy is not really straightforward - if
we receive a connection in transparent mode without SNI, we have no
clue which hosts the client intends to connect to. There are two
basic approaches to solve this problem:
1. Exactly mirror the host names presented by the server in the
spoofed certificate presented to the client.
2. Require the client to send the TLS Server Name Indication
extension. While this does not work with older clients,
we can validate the hostname on the proxy.
Approach 1 is problematic in mitmproxy's use case, as we may want
to deliberately divert connections without the client's knowledge.
As a consequence, we opt for approach 2. While mitmproxy does now
require a SNI value to be sent by the client if certificate
verification is turned on, we retain our ability to present
certificates to the client which are accepted with a maximum
likelihood.
2015-11-01 18:15:30 +01:00
Maximilian Hils
b4eb4eab92
adjust test certificate generation
2015-11-01 17:48:34 +01:00
Maximilian Hils
267837f441
add test certificate generator
2015-10-16 18:12:36 +02:00
Maximilian Hils
2e1f7ecd55
fix tests
2015-09-28 14:04:25 +02:00
Maximilian Hils
67229fbdf7
Merge branch 'http-models'
2015-09-28 13:53:59 +02:00
Maximilian Hils
5261bcdf4b
properly adjust tests for 87566da3ba
2015-09-28 11:46:18 +02:00
Maximilian Hils
87566da3ba
fix mitmproxy/mitmproxy#784
2015-09-28 11:18:00 +02:00
Maximilian Hils
23d13e4c12
test response model, push coverage to 100% branch cov
2015-09-27 00:49:41 +02:00
Maximilian Hils
466888b01a
improve request tests, coverage++
2015-09-26 20:07:11 +02:00
Maximilian Hils
49ea8fc0eb
refactor response model
2015-09-26 17:39:50 +02:00
Maximilian Hils
106f7046d3
refactor request model
2015-09-26 00:39:04 +02:00
Maximilian Hils
f937522773
Headers: return str on all Python versions
2015-09-22 01:48:35 +02:00
Maximilian Hils
9dea36e439
remove nose references
2015-09-21 01:22:05 +02:00
Maximilian Hils
73586b1be9
python 3++
2015-09-21 00:44:17 +02:00
Maximilian Hils
daebd1bd27
python3++
2015-09-20 20:35:45 +02:00
Maximilian Hils
292a0aa9e6
make tests compatible with py.test
2015-09-20 19:56:57 +02:00
Maximilian Hils
0ad5cbc6bf
python3++
2015-09-20 19:56:45 +02:00
Maximilian Hils
693cdfc6d7
python3++
2015-09-20 19:40:09 +02:00
Maximilian Hils
3f1ca556d1
python3++
2015-09-20 18:12:55 +02:00
Maximilian Hils
551d9f11e5
experimental: don't interfere with headers
2015-09-18 18:05:50 +02:00
Maximilian Hils
f2c87cff8a
fix py3 tests
2015-09-17 17:32:59 +02:00
Maximilian Hils
266b80238d
fix tests
2015-09-17 17:29:55 +02:00
Maximilian Hils
d798ed955d
python3++
2015-09-17 16:31:50 +02:00
Maximilian Hils
8d71059d77
clean up http message models
2015-09-17 15:16:12 +02:00
Maximilian Hils
a07e43df8b
http1: add assemble_body function
2015-09-17 02:39:42 +02:00
Maximilian Hils
dad9f06cb9
organize exceptions, improve content-length handling
2015-09-17 02:14:14 +02:00
Maximilian Hils
265f31e878
adjust http1-related code
2015-09-16 18:43:24 +02:00
Maximilian Hils
a077d8877d
finish netlib.http.http1 refactor
2015-09-16 00:04:23 +02:00
Maximilian Hils
11e7f476bd
wip
2015-09-15 19:12:15 +02:00
Maximilian Hils
997fcde8ce
make clean_bin unicode-aware
2015-09-12 17:03:09 +02:00
Maximilian Hils
92c763f469
fix mitmproxy/mitmproxy#759
2015-09-10 12:32:38 +02:00
Maximilian Hils
fc86bbd03e
let Headers inherit from object
...
fixes mitmproxy/mitmproxy#753
2015-09-08 15:16:25 +02:00
Maximilian Hils
66ee1f465f
headers: adjust everything
2015-09-05 18:15:47 +02:00
Maximilian Hils
3718e59308
finalize Headers, add tests
2015-09-05 15:27:48 +02:00
Thomas Kriechbaumer
daf512ce93
http2: fix tests
2015-08-26 21:04:13 +02:00
Maximilian Hils
21858995ae
request -> request_method
2015-08-24 18:16:34 +02:00
Thomas Kriechbaumer
cd9701050f
read_response depends on request for stream_id
2015-08-21 10:04:57 +02:00
Thomas Kriechbaumer
6fc2ff9469
http2: fix tests
2015-08-21 09:18:14 +02:00
Thomas Kriechbaumer
00ed982ea0
cleanup
2015-08-20 20:44:58 +02:00
Thomas Kriechbaumer
9686a77dcb
http2: implement request target
2015-08-18 22:17:00 +02:00
Thomas Kriechbaumer
07a1356e2f
http2: add support for too large header frames
2015-08-18 21:22:42 +02:00
Thomas Kriechbaumer
0d384ac2a9
http2: add support for too large data frames
2015-08-18 21:22:42 +02:00
Thomas Kriechbaumer
12efa61e3a
fix request-target tests
2015-08-18 21:22:27 +02:00
Aldo Cortesi
99e89a1efc
Remove stray prints from test suite
2015-08-16 21:47:26 +12:00
Thomas Kriechbaumer
6a30ad2ad2
fix minor style offences
2015-08-10 20:50:05 +02:00
Thomas Kriechbaumer
ff27d65f08
cleanup whitespace
2015-08-10 20:44:36 +02:00
Thomas Kriechbaumer
476badf45c
cleanup imports
2015-08-10 20:36:47 +02:00
Thomas Kriechbaumer
690b8b4f4e
add move tests and code from mitmproxy
2015-08-10 20:34:27 +02:00
Maximilian Hils
c2832ef72b
fix mitmproxy/mitmproxy#705
2015-08-03 18:06:31 +02:00
Thomas Kriechbaumer
1c12e7c2b8
move encoding tests from mitmproxy to netlib
2015-08-01 14:53:13 +02:00