Maximilian Hils
2dfba2105b
move sslversion mapping to netlib
2015-08-29 12:34:01 +02:00
Maximilian Hils
1cc48345e1
clean up config/cmdline, fix bugs, remove cruft
2015-08-28 01:51:13 +02:00
Maximilian Hils
a86491eeed
Revert "unify SSL version/method handling"
...
This reverts commit 14e49f4fc7
.
2015-08-27 18:37:16 +02:00
Maximilian Hils
5b17496c7e
start fixing proxy config
2015-08-27 18:31:15 +02:00
Maximilian Hils
778644d4b8
http2: fix bugs, chrome works 🎉
2015-08-26 15:12:04 +02:00
Maximilian Hils
8ce0de8bed
minor fixes
2015-08-25 18:24:17 +02:00
Thomas Kriechbaumer
c9fa8491cc
improve next_layer detection
2015-08-19 16:32:02 +02:00
Maximilian Hils
ab1549e0ef
yield -> callbacks
2015-08-18 15:59:44 +02:00
Maximilian Hils
96de7ad562
various fixes
2015-08-18 14:15:08 +02:00
Maximilian Hils
a2b8504889
improve protocol handling
2015-08-16 23:25:02 +02:00
Thomas Kriechbaumer
1e40d34e94
add ALPN to proxy connections
2015-08-16 11:36:31 +02:00
Maximilian Hils
0dd243c5e4
various fixes
2015-08-15 16:26:12 +02:00
Maximilian Hils
747699b126
more work on http protocol
2015-08-14 16:49:52 +02:00
Maximilian Hils
aef3b626a7
wip commit
2015-08-11 20:32:14 +02:00
Maximilian Hils
026330a3b0
cleaner Exceptions, ssl -> tls, upstream proxy mode
2015-08-11 20:32:13 +02:00
Maximilian Hils
314e0f5839
add reverseproxy mode, fix bugs
2015-08-11 20:32:12 +02:00
Maximilian Hils
c1d016823c
move files around
2015-08-11 20:32:09 +02:00
Maximilian Hils
be995ddbd6
add ssl layer
2015-08-11 20:32:09 +02:00
Maximilian Hils
863113f989
first initial proof-of-concept
2015-08-11 20:32:08 +02:00
Thomas Kriechbaumer
b732a1cb3d
reimplement streaming for HTTP/1
2015-08-01 14:37:33 +02:00
Thomas Kriechbaumer
8a05151170
revert ALPN-related changes to fix master
...
In the future this should be added again to support HTTP/2.
2015-08-01 14:37:32 +02:00
Thomas Kriechbaumer
4f38c6b90e
attach application protocol to connection
2015-07-30 19:53:29 +02:00
Thomas Kriechbaumer
89f22f7359
refactor connection & protocol handling
2015-07-30 13:53:17 +02:00
Maximilian Hils
0892649d31
Merge pull request #675 from Kriechi/protocol-refactor
...
HTTP protocol refactoring
2015-07-24 17:52:44 +02:00
Maximilian Hils
9b3fe80697
minor style improvements
2015-07-22 16:00:32 +02:00
Thomas Kriechbaumer
bb265d0c40
use new netlib module names
2015-07-22 15:30:11 +02:00
Maximilian Hils
4c831992aa
fix #593 , fix #656 , coverage++
2015-07-03 02:47:12 +02:00
Kyle Morton
f0ad1f334c
Enabling upstream server verification. Added flags --verify_upstream_cert,
...
--upstream-trusted-cadir, and --upstream-trusted-ca.
2015-06-29 11:00:20 -07:00
Maximilian Hils
b369962cbe
remove certforward feature
...
The certforward feature was implemented to support #gotofail,
which only works on unpatched iOS devices. Given that many apps don't
support iOS 7 anymore, jailbreak+ssl killswitch is usually the better option.
By removing certforward, we can make netlib a pure python module again,
which significantly simplifies distribution.
2015-06-26 13:27:40 +02:00
Thomas Kriechbaumer
14e49f4fc7
unify SSL version/method handling
2015-06-23 12:05:34 +02:00
iroiro123
fbb23b5c9f
changed error handling (ssl spoof mode)
2015-06-23 01:49:22 +09:00
iroiro123
fd90367329
SSL Spoof mode
2015-06-21 00:51:56 +09:00
iroiro123
378aa78324
Spoof mode
2015-06-20 21:43:50 +09:00
iroiro123
59ec291b6c
HTTP Transparent Proxy
2015-06-18 23:53:27 +09:00
Aldo Cortesi
a05a70d816
Add coding style check, reformat.
2015-05-30 12:03:28 +12:00
Maximilian Hils
15a8a93a4e
adjust to changed netlib api
2015-03-07 01:39:01 +01:00
Maximilian Hils
75ba0a92e4
do some housekeeping
2015-03-02 14:35:50 +01:00
elitest
5e07fe08ea
Update Server.py to fix SNI handling
...
Forgot to change ciphers->client_ciphers.
2015-03-02 00:19:06 -06:00
elitest
c6f54605a7
Update Config.py to clarify help messages
2015-03-01 20:49:03 -06:00
elitest
13e74facb6
Update config.py
2015-03-01 20:21:35 -06:00
Jim Shaver
b063d6020f
specified cipher_list in a few more locations, added a missing comma
2015-03-01 20:12:27 -06:00
elitest
6a1e294149
Update Server.py to improve cipher selection
...
Differentiated client ciphers and added server ciphers.
2015-02-28 11:07:18 -06:00
elitest
0b7b0ac33d
Update Config.py to improve cipher selection
...
added support for specifying cipher suites on both sides of the proxy instead of just the one.
2015-02-28 10:16:31 -06:00
Maximilian Hils
3323b29f10
always include SNI as SAN entry
...
To be as robust as possible, we include the SNI value always as a Subject
Alternative Name. Second, we make sure that the server address is in the
list as well.
2015-02-27 12:51:06 +01:00
Maximilian Hils
81a274eb51
fix #479
2015-02-27 09:17:41 +01:00
Maximilian Hils
120ab5c4cd
fix #427 , tolerate servers that reject connections without SNI
2014-12-15 13:02:47 +01:00
Maximilian Hils
4e635d7a6f
allow specification of SSL version, only allow TLS1.0+ by default
2014-12-15 12:46:13 +01:00
Aldo Cortesi
24c4df07e3
First-order integration of configargparser to add config file support
2014-11-15 16:14:08 +13:00
Maximilian Hils
be449b7129
fix #409
2014-11-14 16:13:45 +01:00
Maximilian Hils
3b0964f365
fix #391
2014-10-30 17:38:23 +01:00