Commit Graph

9677 Commits

Author SHA1 Message Date
nt8en
83b43b93a7
Fix a typo in addons-overview.md (#5088) 2022-01-25 09:39:54 +01:00
pmoulton
b5c1ef11c1
Pass length of hostname.encode() to X509_VERIFY_PARAM_set1_host (#5083)
* Pass length of hostname.encode() to X509_VERIFY_PARAM_set1_host

Passing zero for the size_t length argument of
X509_VERIFY_PARAM_set1_host causes MITM Proxy to crash when used with
BoringSSL.

https://www.openssl.org/docs/man1.1.1/man3/X509_VERIFY_PARAM_set1_host.html

https://boringssl.googlesource.com/boringssl/

* Update CHANGELOG.md

Co-authored-by: Maximilian Hils <github@maximilianhils.com>
2022-01-21 12:22:01 +01:00
EndUser509
11c22d8a4a
Fix #5077 (#5080)
* Example addon for saving streamed data including a small bug fix to make it work.

* Revert "Example addon for saving streamed data including a small bug fix to make it work."

This reverts commit 02ab78def9a52eaca1a89d0757cd9475ce250eaa.

* Fix for issue #5077
2022-01-20 08:46:52 +01:00
Maximilian Hils
53f60c88b1
fix a crash when refreshing headers with a negative unix timestamp, fix #5054 (#5078) 2022-01-18 22:32:38 +00:00
Maximilian Hils
d47fd3e9c3
ClientHello: add .raw_bytes(), refs #4877 (#5075) 2022-01-18 11:34:09 +00:00
ian klatzco
1abb8f6921
add keyboard shortcut n to mitmweb (by using runCommand inside the kb shortcut handler) (#5061)
* add keyboard shortcut n to mitmweb (by creating /flows/create route)

* add keyboard shortcut n to mitmweb (simplified, by using runCommand instead of a new route)
2022-01-16 15:34:07 +01:00
ian klatzco
2455632a9c
typo (#5062) 2022-01-16 00:37:57 +01:00
ian klatzco
33e58e2c2b
Clarify web frontend docs (#5055) 2022-01-14 13:00:47 +01:00
PavelICS
1e97073078
Fix crush shutdown when MITM has it's own loop (#5042)
When I call shutdown with a different loop in the current thread from MITM loop, it's crashes with the error:
`ValueError: The future belongs to a different loop than the one specified as the loop argument`

Setting a loop explicit fixes the problem.
2022-01-10 15:58:14 +01:00
Maximilian Hils
000e26674e
catch cancellation errors when draining writers, fix #5034 (#5040) 2022-01-08 08:06:58 +01:00
Maximilian Hils
ef8c88da1f
setup websocket connection before finishing HTTP response, fix #5017 (#5020) 2021-12-27 15:58:24 +00:00
Maximilian Hils
3fbf3cf8ee tlsconfig: don't overwrite existing TLS context, refs #5019 2021-12-27 12:22:08 +01:00
Maximilian Hils
9c5bebae9e better expose raw ClientHello bytes, fix #4877 2021-12-25 12:28:52 +01:00
Maximilian Hils
f68666d227 socks5: fix a (non-critical) off-by-one, fix #4998 2021-12-23 13:43:46 +01:00
Shubhangi Choudhary
9b75f52073
migrated the files to tsx (#4972)
* migrated the files to tsx

* reverted unecessary changes

* reverted unecessary changes to app.css

* fixed the fails

* fixed the fails
2021-12-21 13:05:55 +00:00
Maximilian Hils
efd2980b8a catch OpenSSL SysCallError, refs #4985 2021-12-20 22:23:23 +01:00
Maximilian Hils
96f77453cc
fix change_upstream_proxy.py example, fix #4981 (#5007) 2021-12-20 21:10:06 +00:00
Maximilian Hils
c74806feac
fix tests 2021-12-20 21:06:14 +01:00
Maximilian Hils
ca646ebd40
fix #4957 2021-12-20 20:36:40 +01:00
James Yale
ace07e7e3c
Example specified incorrect header (#4997)
* Example specified incorrect header

* Add CHANGELOG entry reference the documentation update

* fixup! Add CHANGELOG entry reference the documentation update
2021-12-20 20:18:00 +01:00
Maximilian Hils
6997129bc0
make sure that running() is only invoked once on startup. (#4964)
fix #3584
2021-11-27 13:11:23 +00:00
Maximilian Hils
3a2c87432c
[requires.io] dependency update (#4961)
Co-authored-by: requires.io <support@requires.io>
2021-11-26 23:14:19 +01:00
Brad Dixon
b1d0887db4
Add deepcopy to allow view.flows.resolve (issue #4916) (#4952)
* Add deepcopy to allow view.flows.resolve (issue #4916)

* try to simplify deepcopy implementation

* remove leftover check

Co-authored-by: Maximilian Hils <github@maximilianhils.com>
2021-11-26 23:14:06 +01:00
Felix Ingram
b1c1cd3f2f
Fixes AttributeError in transparent mode (#4951)
If we haven't connected to the upstream host in transparent mode, then the call to `write` on line 74 will raise an `AttributeError` as we haven't initialised `self.wfile`.

If we add `AttributeError` to the `except` line, then we'll catch the exception and call `_connect`, which will in turn initialise `wfile`.
2021-11-24 16:49:47 +01:00
Maximilian Hils
27e69651f6
[requires.io] dependency update (#4946)
Co-authored-by: requires.io <support@requires.io>
2021-11-23 21:12:32 +01:00
Maximilian Hils
2dd845ed95 catch malformed cert warning in tests
we may need to catch this properly in `get_cert` at some point,
let's see if this ever turns out to be an issue.
2021-11-22 12:55:17 +01:00
Maximilian Hils
9803c90341 make it possible to disable exit on SIGUSR1 2021-11-22 12:54:02 +01:00
Maximilian Hils
68bce90754 require cryptography 36+
3.3+ should mostly work fine, but our tests cover v36-specific behavior
2021-11-22 12:52:37 +01:00
Maximilian Hils
57ae779b15
Merge pull request #4944 from mitmproxy/requires-io-main
[requires.io] dependency update on main branch
2021-11-22 11:20:23 +01:00
Maximilian Hils
95089486ca cryptography now accepts some more invalid attrs - remove dead code paths 2021-11-22 11:14:15 +01:00
Maximilian Hils
9249c0ddd3 adjust lower version bounds 2021-11-22 11:09:04 +01:00
requires.io
dae098cd33 [requires.io] dependency update 2021-11-22 10:50:48 +01:00
requires.io
eea24bc22d [requires.io] dependency update 2021-11-22 10:50:47 +01:00
Maximilian Hils
a969739875
Merge pull request #4790 from mhils/ignore-after-clienthello
TLS: add `tls_handshake` hook, ignore-after-clienthello
2021-11-22 10:29:47 +01:00
Maximilian Hils
3cb87f5a2f split tls_handshake hook into client/server and success/fail variants 2021-11-22 10:23:21 +01:00
Maximilian Hils
a72f61ef57 Merge remote-tracking branch 'origin/main' into ignore-after-clienthello 2021-11-22 09:54:08 +01:00
Maximilian Hils
6398dc308a
WebSockets: don't assert that server is connected upon initialization (#4932)
there may already have been a disconnect, which is still in the processing queue.

fix #4931
2021-11-22 07:41:33 +01:00
Marius
1c93a93696
Add font types to asset filter (~a) (#4928)
* Add font types to asset filter (~a)

* Add PR number to changelog

* remove flash mention

* restore asset test

Co-authored-by: Maximilian Hils <github@maximilianhils.com>
2021-11-21 15:47:09 +01:00
Anthony Sottile
3847842f73
add runtime dependency on setuptools (#4919)
resolves #4918

Co-authored-by: Maximilian Hils <git@maximilianhils.com>
2021-11-21 14:14:47 +00:00
shindexro
9a469806eb
quote argument of view.flows.resolve (#4910)
* Fix #4902

* Update type signature

* Switch to None check

* Fix spacing

* Quote view.flows.resolve argument

* Switch to call_strings
2021-11-19 13:04:20 +01:00
Maximilian Hils
7be646f44a add note that spoof_source_address is unavailable, refs #4914 2021-11-18 15:39:23 +01:00
Maximilian Hils
0904cc3f5f
console: add error message for older Windows versions (#4911) 2021-11-18 07:45:28 +00:00
shindexro
888ce66f90
Correct flow-detail documentation (#4909)
* Fix #4902

* Update type signature

* Switch to None check

* Fix spacing

* Skip URL shortening when flow-detail is 0

* Sync docs with implementation

* Update URL shortening test
2021-11-18 08:26:05 +01:00
shindexro
39fa242e25
fix crash when invoking replay.server.count from console (#4905)
fix #4902
2021-11-17 16:53:43 +00:00
Maximilian Hils
83f05897ce fixup Windows transparent mode, fix #3876 and #3438 2021-11-16 21:12:09 +01:00
Christian Zenker
eb43ae4709
Use the slim base image for container (#4889) 2021-11-16 12:49:12 +01:00
Marius
301f8cf79d
Create search.py (#4900)
* Create search.py

* Address linter findings

* Address linter findings
2021-11-16 12:47:34 +01:00
Maximilian Hils
4f47612548 StackOverflow -> GitHub Discussions (part 2) 2021-11-16 11:02:57 +01:00
Maximilian Hils
9571491e50
StackOverflow -> GitHub Discussions 2021-11-16 10:26:38 +01:00
Karl Parkinson
df32d61086
Remove pyopenssl cruft (#4897)
* remove old pyopenssl cruft

* bump minimum version of pyopenssl

* add extra spaces to conform to style guide

* update changelog

* replace getattr with direct SSL method calls

* put version check back in but remove setdefault method calls

* tweak changelog wording

* bumb tox.ini pyOpenSSL dependency version

Co-authored-by: Karl Parkinson <karlparkinson@Karls-MBP.hitronhub.home>
2021-11-11 09:37:00 +01:00