Maximilian Hils
5af9df326a
fix certificate verification
...
This commit fixes netlib's optional (turned off by default)
certificate verification, which previously did not validate the
cert's host name. As it turns out, verifying the connection's host
name on an intercepting proxy is not really straightforward - if
we receive a connection in transparent mode without SNI, we have no
clue which hosts the client intends to connect to. There are two
basic approaches to solve this problem:
1. Exactly mirror the host names presented by the server in the
spoofed certificate presented to the client.
2. Require the client to send the TLS Server Name Indication
extension. While this does not work with older clients,
we can validate the hostname on the proxy.
Approach 1 is problematic in mitmproxy's use case, as we may want
to deliberately divert connections without the client's knowledge.
As a consequence, we opt for approach 2. While mitmproxy does now
require a SNI value to be sent by the client if certificate
verification is turned on, we retain our ability to present
certificates to the client which are accepted with a maximum
likelihood.
2015-11-01 18:15:30 +01:00
Maximilian Hils
b4eb4eab92
adjust test certificate generation
2015-11-01 17:48:34 +01:00
Maximilian Hils
5e90459569
Merge pull request #810 from gecko655/ctrl_fb
...
Use ctrl+f and ctrl+b to scroll a page
2015-10-31 18:00:14 +01:00
gecko655
6aa7454f92
Use ctrl+f and ctrl+b to scroll a page
2015-10-30 12:48:38 +09:00
Chris Czub
88451ef245
Declare & define insufficient_priv
2015-10-29 16:01:24 -04:00
Chris Czub
70c28f5d34
Better error handling/reporting for pfctl failures on OS X
2015-10-29 15:56:43 -04:00
Maximilian Hils
65c08ec899
Merge pull request #791 from tunz/master
...
Prevent flowview from creating duplicated windows
2015-10-28 13:10:38 +01:00
Maximilian Hils
8e9cd77b55
Merge pull request #805 from Badg/patch-1
...
Update ubuntu installation to includ libjpeg
2015-10-23 03:25:23 +02:00
Nick Badger
4537d561c6
Ubuntu install missing libjpeg8-dev, zlib1g-dev
...
As per https://pillow.readthedocs.org/en/3.0.0/installation.html#linux-installation , to avoid missing install dependencies.
2015-10-22 18:11:06 -07:00
Nick Badger
a6fee43384
Update ubuntu installation to includ libjpeg
...
Otherwise install fails with error "--enable-jpeg requested but jpeg not found"
2015-10-22 17:38:55 -07:00
Maximilian Hils
ed56eadd28
Merge branch 'master' of https://github.com/mitmproxy/mitmproxy
2015-10-22 02:38:14 +02:00
Maximilian Hils
726b70ccdc
fix #800
2015-10-22 02:38:00 +02:00
Maximilian Hils
267837f441
add test certificate generator
2015-10-16 18:12:36 +02:00
Maximilian Hils
4d772d7ce0
Merge pull request #801 from ben-lerner/doc_fix
...
doc typo fix
2015-10-14 09:37:24 +02:00
Ben Lerner
22191d63ab
doc typo fix
2015-10-13 21:09:56 -04:00
Maximilian Hils
7d8191ee37
update web builds, use watchify
2015-10-08 12:43:55 +02:00
Maximilian Hils
442f079e0b
Merge pull request #797 from colinbendell/colinbendell-patch-1
...
server_conn.address might not yet be established
2015-10-08 12:37:43 +02:00
Choongwoo Han
9c0efdf2ec
Refresh flowview instead of reopen the same flowview
2015-10-08 11:31:33 +09:00
Colin Bendell
a85e4bc75c
default should not be None
...
Fixed default value when self.address has not been set
2015-10-07 21:46:08 -04:00
Colin Bendell
77aeac11a9
Check if server connection hasn't yet been initiated
...
This fixes #761 when NoneType error is thrown when non-TLS requests initiate a client request but the server connection hasn't yet been initiated.
2015-10-07 20:30:31 -04:00
Maximilian Hils
09e36fae4e
Merge pull request #792 from tunz/patch-1
...
Correct a wrong link in CONTRIBUTING.md
2015-10-04 10:36:52 +02:00
Choongwoo Han
3ffc3404b0
Update CONTRIBUTING.md
...
Wrong link
2015-10-04 14:49:41 +09:00
Choongwoo Han
45494d1c79
Prevent flowview from creating duplicated windows
2015-10-04 14:21:51 +09:00
Maximilian Hils
ce38a05a20
Merge remote-tracking branch 'origin/master'
2015-10-03 23:59:13 +02:00
Maximilian Hils
26631621ee
fix #786
2015-10-03 14:48:51 +02:00
Maximilian Hils
d67f4fa3cc
Merge pull request #788 from sethp-jive/patch-1
...
Allow reading scripts from an anonymous pipe
2015-10-01 00:59:25 +02:00
sethp-jive
fd8c921a2f
Allow reading scripts from an anonymous pipe
...
Bash (and many other shells) provide a nifty feature in "anonymous pipe" or "anonymous fifo" whereby the output of a subshell may be treated as a simple file by the parent shell: http://unix.stackexchange.com/a/156088
Unfortunately, libmproxy complains because that "file" is not a regular file, as os.path.isfile checks, e.g. giving the error "Not a file: /dev/fd/11". This patch is intended to provide for the following use-case:
```
mitmdump -s <(echo "def response(context, flow):\n flow.response.headers['newheader'] = [`hostname`]")
```
where `hostname` may be replaced with a more complicated lookup.
2015-09-30 15:55:43 -07:00
Maximilian Hils
c6811bd0e8
fix #773
2015-09-28 14:55:13 +02:00
Maximilian Hils
0f9a72580a
fix coverage collection
2015-09-28 14:16:06 +02:00
Maximilian Hils
86ef19b450
fix tests
2015-09-28 14:04:41 +02:00
Maximilian Hils
2e1f7ecd55
fix tests
2015-09-28 14:04:25 +02:00
Maximilian Hils
c11ab3676d
Merge branch 'http-models'
2015-09-28 13:54:53 +02:00
Maximilian Hils
67229fbdf7
Merge branch 'http-models'
2015-09-28 13:53:59 +02:00
Maximilian Hils
5261bcdf4b
properly adjust tests for 87566da3ba
2015-09-28 11:46:18 +02:00
Maximilian Hils
87566da3ba
fix mitmproxy/mitmproxy#784
2015-09-28 11:18:00 +02:00
Maximilian Hils
6661770d4e
handle Expect: 100-continue header, fix #770
2015-09-28 10:59:10 +02:00
Maximilian Hils
6075957a97
move tests to netlib
2015-09-27 00:50:14 +02:00
Maximilian Hils
23d13e4c12
test response model, push coverage to 100% branch cov
2015-09-27 00:49:41 +02:00
Maximilian Hils
466888b01a
improve request tests, coverage++
2015-09-26 20:07:11 +02:00
Maximilian Hils
1b6ea5caf3
adjust to netlib response changes + docs
2015-09-26 17:41:14 +02:00
Maximilian Hils
fa722e0290
adjust to netlib changes
2015-09-26 17:40:22 +02:00
Maximilian Hils
49ea8fc0eb
refactor response model
2015-09-26 17:39:50 +02:00
Maximilian Hils
b13acd7956
adjust to netlib request changes + docs
2015-09-26 01:23:59 +02:00
Maximilian Hils
a163dba582
adjust to netlib request model changes
2015-09-26 00:40:01 +02:00
Maximilian Hils
106f7046d3
refactor request model
2015-09-26 00:39:04 +02:00
Maximilian Hils
45f2ea33b2
minor fixes
2015-09-25 18:24:18 +02:00
Maximilian Hils
c7b8322500
also accept bytes as arguments
2015-09-22 01:56:09 +02:00
Maximilian Hils
f937522773
Headers: return str on all Python versions
2015-09-22 01:48:35 +02:00
Maximilian Hils
a978c6b9ce
fix tests
2015-09-21 23:39:22 +02:00
Maximilian Hils
2536e1d3e7
appveyor: use py.test
2015-09-21 23:05:12 +02:00