Aldo Cortesi
176d819559
Move server comms to OpenSSL.
2012-06-14 21:57:55 +12:00
Aldo Cortesi
8dabf88ae5
Remove ability to specify SSL ciphers.
...
We can re-introduce this if there's demand - the feature needs a bit more thought.
2012-06-14 15:29:54 +12:00
Aldo Cortesi
8a9352b3f7
First draft conversion of server to PyOpenSSL.
2012-06-13 18:16:47 +12:00
Aldo Cortesi
d032504b17
Fix an exception when replaying a flow with no response.
2012-06-10 17:10:43 +12:00
Aldo Cortesi
d60fa9918b
Localise client connection object manipulation.
...
This simplifies the call signature for a bunch of functions.
2012-06-10 16:49:59 +12:00
Aldo Cortesi
1f659948cd
Refactor request processing at mitmproxy's core.
...
Gradually cleaning up towards a state machine model.
2012-06-10 16:02:48 +12:00
Aldo Cortesi
236447c65f
Pass server HTTP version back to clients.
2012-06-10 13:29:09 +12:00
Aldo Cortesi
6ba5f0f35b
Add HTTP version to response objects.
...
Another change in the serialization format.
2012-06-10 13:27:43 +12:00
Aldo Cortesi
52779d9db9
Refactoring of proxy.py
...
- Correctly pass HTTP request version on to upstream servers
- Adjust tests not to hang due to a pathod response with no content-length
2012-06-10 13:17:18 +12:00
Aldo Cortesi
55ddf853cd
Add HTTP version to flow.Request
...
This is a serialization format change, that makes us incompatible with previous
versions.
2012-06-10 10:46:22 +12:00
Aldo Cortesi
a3b47e0cb5
Consolidate HTTP major and minor versions into a single variable.
2012-06-10 10:31:04 +12:00
Aldo Cortesi
8254187bf3
Add proxy.should_connection_close, and strip out unused code.
2012-06-10 10:10:46 +12:00
Aldo Cortesi
0c458e2f1a
Refactor ServerConnection API.
2012-06-10 08:13:50 +12:00
Aldo Cortesi
987f443b5d
Ignore incorrectnesses in traffic if they don't affect us.
2012-06-09 21:45:22 +12:00
Aldo Cortesi
9130cd63d3
Significant cleanup of proxy internals.
...
Dispense with the loose parsing of client requests that we had before. We now
have service modes ("proxy" and "reverse proxy" for now), and we only accept
requests that are appropriate for the mode we're in.
2012-06-09 21:27:43 +12:00
Aldo Cortesi
05492baf8d
Move from requests to human_curl.
...
It turns out that _none_ of the Python stdlib or anything that relies on it
supports CONNECT through a proxy. Beggars belief, but there you go.
2012-06-09 16:17:51 +12:00
Aldo Cortesi
22192d1a46
Nose mopup: docs, no cover pragmas, a few missing path specs.
2012-06-09 13:55:55 +12:00
Aldo Cortesi
b7b357528c
Port mitmproxy test suite entirely to nose.
2012-06-09 13:42:43 +12:00
Aldo Cortesi
903038b8de
Merge branch 'master' into develop
2012-06-07 08:44:36 +12:00
Maximilian Hils
2a194f98ec
add missing parser.add_option_group(group)
2012-06-06 01:26:19 +02:00
Aldo Cortesi
e9109812e1
Split parsing of intial line into separate protocols.
2012-06-03 06:04:57 -07:00
Aldo Cortesi
0a25c2263d
Factor out conversion to SSL connection.
2012-06-03 01:54:11 -07:00
Aldo Cortesi
491f9bdcee
Add unit tests for console/help.py
2012-06-03 01:11:07 -07:00
Aldo Cortesi
b36e37f9da
Fix a traceback that sometimes occurred when an invalid limit was entered.
2012-06-02 18:41:44 -07:00
Aldo Cortesi
ee2950cd19
Fix a crashing bug when replacing text in a flow with unicode bodies.
2012-05-25 18:10:31 -07:00
Aldo Cortesi
a0c63b6108
Fix crash when adding a Response when none existed before.
2012-05-24 16:56:18 -07:00
Paul
5f8855df55
Added a switch to send client certificates to hosts
2012-05-23 23:09:03 +02:00
Aldo Cortesi
08d6da2941
Fix AttributeError when shutting down a writing mitmdump.
2012-05-17 09:47:04 +12:00
Aldo Cortesi
0a90a3eaba
Refuse to replay a request with missing content.
2012-05-16 18:24:32 +12:00
Aldo Cortesi
b3901a7652
Add interface to mark content missing, and extend UI to indicate when content is missing.
2012-05-16 18:16:44 +12:00
Aldo Cortesi
0c2d894cea
Add the ability to flag content as missing in a request or a response.
...
We'll use this in a number of situations. First, we'll soon have response
streaming that directly pipes responses to clients. These will be content-less
from mitmproxy's perspective. Second, we'll be growing new events that fire
after headers are received, but before content is read.
2012-05-16 15:42:58 +12:00
Aldo Cortesi
12b8a43dbe
Bump version number.
2012-05-11 09:52:17 +12:00
Aldo Cortesi
d42fdc4ff6
Include a formatted exception in WSGI error page.
2012-05-07 21:34:01 +12:00
Aldo Cortesi
116fcfcf7a
Internal error page for WSGI.
...
Also, 100% test coverage.
2012-04-27 15:56:42 +12:00
Aldo Cortesi
2fe54d17df
Don't specify Content-Length on empty content.
...
Sometimes, mitmproxy would specify a content-length header value of 0 when
content was empty. Some rare servers (like piratebay.org) would barf on this.
2012-04-25 14:38:20 +12:00
Aldo Cortesi
efa98d514c
Docs and comments for WSGI app example.
2012-04-24 14:58:18 +12:00
Aldo Cortesi
c8d2b2594b
Add a WSGI adapter that lets us serve a WSGI app out of mitmproxy.
...
This commit adds:
- A WSGI App adapter for mitmproxy
- An app registry in the proxy instance that lets us link WSGI apps with
(hostname, port) combinations.
- Fixes for a number of bugs discovered while creating this feature.
2012-04-24 14:52:29 +12:00
Aldo Cortesi
51789228be
Fix PKCS12 cert generation.
2012-04-15 12:48:07 +12:00
Aldo Cortesi
2162ce1ae3
Shut mitmdump down gracefully on SIGTERM.
...
This is a hack at the moment, but needs must.
2012-04-15 10:35:19 +12:00
Aldo Cortesi
8c96264304
Serialized data version check.
2012-04-11 10:10:53 +12:00
Aldo Cortesi
24a8dc408c
Minor cruft removal.
2012-04-09 11:42:56 +12:00
Aldo Cortesi
d7748cea4f
Minor name refactoring, make flow list refresh after limit is applied.
2012-04-09 10:05:13 +12:00
Aldo Cortesi
8fa96d1f3f
Add an index counter to status bar.
2012-04-09 09:48:39 +12:00
Aldo Cortesi
5553eb6371
Add some missing help entries.
2012-04-08 20:16:25 +12:00
Aldo Cortesi
4e2d19714c
Add an "f" shortcut key to load full body contents.
2012-04-08 19:44:01 +12:00
Aldo Cortesi
618a9c0e2b
Merge branch 'master' of ssh.github.com:cortesi/mitmproxy
2012-04-08 15:15:02 +12:00
Aldo Cortesi
c1788c37a1
Wrap on any character for body text display.
2012-04-08 15:00:38 +12:00
Aldo Cortesi
7d90eb65ed
Catch all errors when using jsbeautifier.
...
Turns out there are some problems that can raise arbitrary exceptions.
2012-04-08 14:40:59 +12:00
Aldo Cortesi
a4f7728fad
XML/HTML pretty view tweaks.
2012-04-07 22:15:31 +12:00
Aldo Cortesi
f1dc3f2ab2
Integrate lxml for pretty-printing HTML and XML.
...
Tackling the pretty-printing performance problem head-on, at the cost of a
major dependency.
2012-04-07 13:47:03 +12:00
Aldo Cortesi
8385e586c0
Work around an Urwid crashing bug.
...
https://github.com/Nic0/tyrs/issues/115
2012-04-05 10:21:56 +12:00
Aldo Cortesi
5fdf710c81
Always use ODictCaseless for headers.
2012-04-04 19:46:39 +12:00
Aldo Cortesi
786e304bb9
Android configuration docs.
2012-04-04 15:58:46 +12:00
Aldo Cortesi
4da8054e21
Docs: replacements, upstream certs.
...
Also, move reverse proxy command-line flag to -P.
2012-04-04 14:17:26 +12:00
Aldo Cortesi
8110a9a3eb
Start prepping docs for 0.8
...
Also add an interactive upstream-cert option to mitmproxy, and repair help for
R shortcut.
2012-04-04 11:24:58 +12:00
Aldo Cortesi
79a0334a02
Improve revert model
...
- Flows are backed up whenever an interactive, non-script change is made.
- That backup is canonical and never changed - "V" will always revert to it.
This makes more sense than what we had previously....
2012-04-04 09:47:57 +12:00
Aldo Cortesi
ab0e10e60f
Serialize requestcount for ClientConnect objects.
2012-04-03 22:37:24 +12:00
Aldo Cortesi
b9737ed89e
Return a datetime object from SSLCert notbefore and notafter properties.
2012-04-03 22:23:07 +12:00
Aldo Cortesi
c6896d7392
Add ClientConnect info to details view.
2012-04-03 11:28:07 +12:00
Aldo Cortesi
61fab03b24
Add a details page, available from a flow view with the 'X' shortcut
...
At the moment, this shows the upstream SSL certificate details. More
fine-grained detail that doesn't fit in the flow view itself will be added.
2012-04-03 11:10:25 +12:00
Aldo Cortesi
f526e5fa12
Minor unit test bump.
2012-04-03 09:52:26 +12:00
Aldo Cortesi
4979a22d3e
Add accessor method for SSLCert object on Response.
2012-04-02 17:02:23 +12:00
Aldo Cortesi
ab1d8fa350
Expand SSL cert support
...
- Capture the remote SSL certificate
- Expose the remote cert as an attribute on Response
- Expand the certutils.SSLCert interface to expose more cert info
2012-04-02 16:21:23 +12:00
Aldo Cortesi
bb03255da0
Nicer coloring for HTTP response codes.
...
20x: green
30x: blue
40x: orange
50x: light red
other (non-standard or uncommon): dark red
2012-04-02 14:08:30 +12:00
Aldo Cortesi
c02fdb2463
Refactor proxy.Server to fix a crash when replaying with -n
2012-04-02 13:24:51 +12:00
Aldo Cortesi
f13e2213ea
Make it clearer when we fall back to Raw.
2012-04-02 11:22:01 +12:00
Aldo Cortesi
42d06a05c0
Add an option to allow clearing of display mode override.
2012-04-02 11:16:20 +12:00
Aldo Cortesi
7ed1c1c231
More sensible display mode override indicator.
2012-04-02 11:10:55 +12:00
Aldo Cortesi
c6ee813479
Only cache the calculated body of a view.
...
This simplifies the code, and loses no time.
2012-04-02 11:01:38 +12:00
Aldo Cortesi
2df2fe0e4c
Move "M" shortcut key to global scope.
...
You now don't have to be viewing a flow to change global default view.
2012-04-02 10:49:57 +12:00
Aldo Cortesi
15cc09f1b8
Start rationalizing content views.
...
We now no longer have distinction between "pretty" view and hex/raw. Instead,
we simply a default AUTO view with a global override (M) and a local override
(m).
2012-04-02 10:30:35 +12:00
Aldo Cortesi
7fef0ecdf5
Make "T" pretty view over-ride persistent when switching between flows.
...
We do this by adding a flow settings mechanism to ConsoleState. This is pretty
rough at the moment and should become more sophisticated as needed.
2012-04-02 09:30:38 +12:00
Aldo Cortesi
35f4a1c424
Tune content viewing to maintain responsiveness:
...
- Reduce display cutoff to 20k.
- Make sure that we only indent the visible part of a JS body, not the whole
thing.
2012-04-01 10:09:25 +12:00
Aldo Cortesi
585bf9423f
Fix GridEditor external edit functionality.
2012-03-30 19:51:40 +13:00
Aldo Cortesi
6dc945571d
When paging through flows in flowview, indicate when there are no more flows.
2012-03-28 10:21:48 +13:00
Aldo Cortesi
a6df72cfc8
Generate better-formed CAs.
...
If you're having trouble with your certs in Firefox, you may want to delete
your .mitmproxy directory to re-generate the CA.
2012-03-27 17:01:18 +13:00
Aldo Cortesi
e9ac4bef20
Add a variant of cleanBin that escapes newlines and tabs.
...
Use this to fix the hex display option.
2012-03-27 11:25:50 +13:00
Aldo Cortesi
a2fddb4404
Add image pretty viewer to forcing options.
2012-03-26 11:48:35 +13:00
Aldo Cortesi
d187965233
Don't auto-view request if there's no response.
...
This is confusing when flicking through many flows.
2012-03-26 11:28:52 +13:00
Aldo Cortesi
a050eeef05
Add a pretty-viewer for images.
...
This shows basic image information like dimensions, plus extracted EXIF tags
and other metadata.
2012-03-26 11:26:02 +13:00
Aldo Cortesi
b6725ee802
Add Javascript to manual pretty type over-rides.
2012-03-25 11:31:36 +13:00
Aldo Cortesi
a979e1ad50
Re-enable caching for content view calculation.
2012-03-25 11:18:33 +13:00
Aldo Cortesi
2240d2a6a5
Pretty view now indents Javascript.
...
Thanks to the JSBeautifier project, which is now included in the contrib directory.
2012-03-25 10:56:45 +13:00
Aldo Cortesi
74c51df580
Re-enable simple multipart form parsing and preview.
2012-03-25 10:10:48 +13:00
Aldo Cortesi
62e51018d0
Refactor pretty view mechanism.
...
Also start adding unit tests for this subsystem.
2012-03-24 14:20:24 +13:00
Aldo Cortesi
0d05068f91
Factor out content view apparatus into contentview.py
2012-03-24 11:21:58 +13:00
Aldo Cortesi
ed74ed24a0
Add error indications to GridEditor.
2012-03-23 13:28:33 +13:00
Aldo Cortesi
45ab22f0d9
Add modal help to GridEditor.
...
Also includes some minor refactoring and documentation stubs.
2012-03-22 14:57:57 +13:00
Aldo Cortesi
1441fade90
More work on pretty view forcing.
...
- Make this setting apply only to the currently viewed flow. I think it's more
likely that this is the behaviour the user will want, rather than globally
setting the pretty type.
- Update help.
2012-03-20 11:11:53 +13:00
Aldo Cortesi
2153835545
Refactor pretty view forcing somewhat.
...
- Use a lookup table of content types -> view modes.
- Add a urlencoded forcing. Remove "html" - at the moment it's the same as
"xmlish".
- Display type when forced.
2012-03-20 10:58:43 +13:00
Aldo Cortesi
2739cb4861
Add a simple parser for content type specifications.
2012-03-20 10:31:07 +13:00
Ulrich Petri
bc3ba4c993
Allow a flow view's pretty-printed body type auto-detection to be overridden by the user
2012-03-19 20:35:20 +01:00
Aldo Cortesi
50630d62fd
Grid editor refinements.
...
- Correct column width calculation used in keystrokes. Arrow keys should now
work as expected in multi-line fields.
- Enable multi-line editing throughout. You now need to tab or esc to exit edit
mode.
2012-03-19 10:57:27 +13:00
Aldo Cortesi
0de97ad9e0
Add column headers to GridEditor.
2012-03-19 10:42:30 +13:00
Aldo Cortesi
65e88f49d4
Specialize GridEditor into a number of subclasses.
2012-03-19 10:12:06 +13:00
Aldo Cortesi
5690e7c399
Generalize GridEditor to N columns.
...
Start adding a replacement rule editor.
2012-03-18 14:39:21 +13:00
Aldo Cortesi
18d0e840b5
KVEditor -> GridEditor
2012-03-18 09:48:27 +13:00
Aldo Cortesi
552146d015
Move mitmproxy reverse proxy shortcut to "P".
...
Also don't expose help from the help screen.
2012-03-18 09:22:43 +13:00
Aldo Cortesi
ac6987c54a
Fix unit tests.
2012-03-17 17:29:25 +13:00
Aldo Cortesi
76175672ad
Add specification of replacement patterns on the command line.
2012-03-17 17:20:34 +13:00
Aldo Cortesi
c8ae1e85b3
Hooks -> ReplaceHooks
...
It makes more sense to specialize this, which will let me build a nicer
interface for replacement hooks in mitmproxy.
2012-03-17 11:31:05 +13:00
Aldo Cortesi
08f410cacc
Add a hooks mechanism, based on filter expressions.
2012-03-16 17:13:11 +13:00
Aldo Cortesi
d138af7217
replace() methods now decode and re-encode contents before substitution.
2012-03-16 11:24:18 +13:00
Aldo Cortesi
d51b8cab0c
Add a decoded context manager.
...
This simplifies a common chore when modifying traffic - decoding the object,
modifying it, then re-encoding it with the same encoding afterwards. You can
now simply say:
with flow.decoded(request):
request.content = "bar"
2012-03-16 11:12:56 +13:00
Aldo Cortesi
8d662e6636
Set a "unique" serial number for each generated cert.
2012-03-14 11:20:25 +13:00
Aldo Cortesi
fa6305ee98
Cleanliness fixes.
...
- Remove unused code during previous commit.
- Code coverage fixes.
2012-03-12 11:25:50 +13:00
Aldo Cortesi
22d4559a7a
Use PyOpenSSL for certificate generation.
...
We no longer call external OpenSSL commands at all.
2012-03-11 14:34:17 +13:00
Aldo Cortesi
4e13ab1d05
Replace CA generation with PyOpenSSL version.
...
We no longer call an external command.
2012-03-11 13:33:22 +13:00
Aldo Cortesi
d57a1d6035
Merge remote-tracking branch 'meeee/master'
2012-03-10 13:48:13 +13:00
Aldo Cortesi
3f2d1381d0
Repair unit tests after nopop introduction.
2012-03-10 13:42:10 +13:00
Aldo Cortesi
d3aad7a185
Merge remote-tracking branch 'taiste/server-replay-pop'
2012-03-10 13:36:50 +13:00
Michael Frister
23f7214fc3
Fix SSL requests with Transfer-Encoding: chunked
...
Add size parameter to FileLike.readline, used by read_chunked.
2012-03-08 23:10:21 +01:00
Michael Frister
e67dbf6123
Handle Transfer-Encoding header values case insensitive
...
According to HTTP/1.1 RFC 2616 Section 3.6.
2012-03-08 23:09:19 +01:00
Valtteri Virtanen
93565392cd
Adds space between sentences on no-pop's help
2012-03-05 11:56:03 +02:00
Valtteri Virtanen
ed56d67cea
Adds no-pop option to server-side replay
2012-03-05 11:05:11 +02:00
Aldo Cortesi
e1356dd2b6
Create an SSL certificate class.
2012-03-05 10:22:47 +13:00
András Veres-Szentkirályi
15ad7704d2
Removed imports left unused after Py{OpenSSL,ASN1}
...
Commits 533f61f67a
and
8b841bc9e3
left some imports unused while
swithing to PyOpenSSL and PyASN1 -- this commit removes these imports.
2012-03-01 16:20:34 +01:00
Aldo Cortesi
533f61f67a
Use PyOpenSSL and PyASN1 for certificate parsing.
...
Yes, these are two more major dependencies for mitmproxy, but if we're going to
do all the cool things I want to do with SSL certs, there is no other way.
2012-03-01 21:08:44 +13:00
Aldo Cortesi
8b841bc9e3
Factor out cert operations in to certutils.py.
2012-02-29 13:20:53 +13:00
Aldo Cortesi
0bed5fae27
Rationalise upstream cert flag and variable names.
2012-02-28 11:37:48 +13:00
Aldo Cortesi
764724748b
Fix cert generation harder.
2012-02-27 15:59:29 +13:00
Aldo Cortesi
2c73e8f816
Fix problems with SANs and certificate generation.
2012-02-27 15:36:19 +13:00
Aldo Cortesi
2ba8296843
Better certificate parsing.
2012-02-27 15:21:05 +13:00
Aldo Cortesi
00942c1431
Add upstream certificate lookup.
...
This initiates a connection to the server to obtain certificate information to
generate interception certificates. At the moment, the information used is the
Common Name, and the list of Subject Alternative Names.
2012-02-27 15:05:45 +13:00
Aldo Cortesi
4a2964985c
Introduce a cache for flow list entries.
...
This gives a big boost to scroll performance for the flow list.
2012-02-27 10:00:44 +13:00
Aldo Cortesi
bd1d699040
Fix mitmproxy crash when passed -n flag.
2012-02-26 23:23:54 +13:00
Aldo Cortesi
3afa2c38fb
Merge remote-tracking branch 'remotes/runeh/master' into runeh
2012-02-25 13:02:12 +13:00
Rune Halvorsen
bbfdc7b7de
Use shlex to parse EDITOR.
2012-02-25 00:43:00 +01:00
Aldo Cortesi
986a41d180
Unit test++.
2012-02-25 12:19:54 +13:00
Aldo Cortesi
bcda65e453
Add mitmproxy version to status bar on Help screen.
...
Suggested by Jim Cheetham <jim.cheetham@otago.ac.nz>
2012-02-24 14:11:51 +13:00
Aldo Cortesi
5810e7c0df
Make return arrow match return code color.
...
Suggested by Jim Cheetham <jim.cheetham@otago.ac.nz>
2012-02-24 14:01:17 +13:00
Aldo Cortesi
25fa596cd6
Fix detection of URL-encoded forms.
...
Thanks to Paul Capestany <capestany@gmail.com> for reporting this.
2012-02-24 13:03:24 +13:00
Aldo Cortesi
ddc9155c24
Make "~q" filter work more intuitively.
...
It now matches any flow that has no response.
2012-02-23 17:06:09 +13:00
Aldo Cortesi
2df9c52c09
Refactor filter matching.
2012-02-23 17:03:58 +13:00
Aldo Cortesi
ee8058a2d9
Confirm when we clear a request body to add a form.
2012-02-23 16:27:08 +13:00
Aldo Cortesi
554047da85
License notifications, minor docs.
2012-02-23 15:52:01 +13:00
Aldo Cortesi
3f6619ff59
Fall-back for non-unicode terminals.
2012-02-23 12:41:01 +13:00
Aldo Cortesi
4f38b3a9c0
Documentation and screenshots.
2012-02-22 17:17:13 +13:00
Aldo Cortesi
a4270efaf2
Always return an ODict from get_query
2012-02-21 13:00:45 +13:00
Aldo Cortesi
d2f5db1f37
connection -> flow in libmitmproxy/console
...
"Flow" is the correct term here - every connection can have multiple flows.
2012-02-21 12:42:43 +13:00
Aldo Cortesi
1af26bb915
Minor docs and example script fixes.
2012-02-21 12:32:56 +13:00
Aldo Cortesi
70dff87240
Tweaks for reverse proxy mode
...
- Unify key bindings over connection and connection list view
- Add help entry
- Unset reverse proxy when a blank value is specified
2012-02-21 11:01:39 +13:00
Aldo Cortesi
dbd75e02f7
Create ODictCaseless for headers, use vanilla ODict for everything else.
2012-02-20 11:29:36 +13:00
Aldo Cortesi
18029df99c
Use ODict for request.get_form_urlencoded and set_form_urlencoded
2012-02-20 11:13:35 +13:00
Aldo Cortesi
fa11b7c9be
Use ODict for Request.get_query and Request.set_query
2012-02-20 10:44:47 +13:00
Aldo Cortesi
2616f490fe
Rename Headers class to ODict
...
ODict is an ordered dictionary class that will be useful in many other parts of
our API.
2012-02-20 10:39:00 +13:00
Aldo Cortesi
25a06c3ec1
Minor doc fixes and import cleanups.
2012-02-20 10:15:58 +13:00
Aldo Cortesi
0c3035a2b5
Start preparing for 0.7
...
Update CHANGELOG, CONTRIBUTORS, README.mkd, todo, and bump version.
2012-02-19 22:43:05 +13:00
Aldo Cortesi
86a19faf68
Fix crash when setting a limit when there are no flows.
2012-02-19 13:16:21 +13:00
Aldo Cortesi
9113277cd3
Fix bug in method filter matching.
2012-02-19 13:04:02 +13:00