Commit Graph

2317 Commits

Author SHA1 Message Date
Maximilian Hils
0bbb5ca345 reverse proxy: do not assume TLS for non-standard ports 2021-01-01 16:57:50 +01:00
Maximilian Hils
dfba6e81a6 alpn: str -> bytes 2020-12-30 22:52:07 +01:00
Maximilian Hils
8ac5af62f5 cert test coverage++ 2020-12-30 22:29:56 +01:00
Maximilian Hils
abbe9eeb79 sni/alpn: bytes -> str 2020-12-30 20:26:31 +01:00
Maximilian Hils
2a30172525 migrate certs.Cert to pyca/cryptography, re-add mitmcert 2020-12-30 15:20:49 +01:00
Maximilian Hils
48b166ab57 move cert serialization to cryptography 2020-12-29 23:36:12 +01:00
Maximilian Hils
3fe29b27be use cryptography to generate certificates
this fixes #4368, but we are not done here. the goal is to replace most
usages of pyOpenSSL's cert object with cryptography.
2020-12-29 01:19:58 +01:00
Maximilian Hils
74aeb3ae4c add memory leak detect script for certificate generation, refs #4368 2020-12-29 01:17:01 +01:00
Maximilian Hils
70f1d173e2 Reply: remove return value 2020-12-28 22:09:57 +01:00
Maximilian Hils
1655f54817 cleanup old proxy server 2020-12-28 14:33:10 +01:00
Maximilian Hils
a0f923aa14 coverage++ 2020-12-28 09:56:25 +01:00
Maximilian Hils
2db9a43fd6 add type annotations, test sslkeylogfile 2020-12-28 09:44:37 +01:00
Maximilian Hils
de46db53e9 minor fixes 2020-12-21 20:52:02 +01:00
Maximilian Hils
57f5d1af63 monkeypatch pyOpenSSL to accept new TLS methods 2020-12-21 16:34:37 +01:00
Maximilian Hils
8842abbb4f clean up tls bits 2020-12-21 16:20:03 +01:00
Maximilian Hils
61a2beac3c minor fixes 2020-12-20 14:17:43 +01:00
Maximilian Hils
8ce4bc7142 additional test speedups 2020-12-20 00:50:40 +01:00
Maximilian Hils
2f725e5f02 massively speed up tests by properly mocking ldap proxyauth 2020-12-20 00:34:30 +01:00
Maximilian Hils
b05c13daa6 remove old mitmproxy.net.tcp code
this is not needed anymore with sans-io
2020-12-20 00:12:21 +01:00
Maximilian Hils
1ffe406d24
Merge pull request #4359 from mhils/warn-no-nextlayer
Warn if no nextlayer addon is present
2020-12-18 03:08:21 +01:00
Thomas Kriechbaumer
47f8e1d115 asgi: refactor tests to new proxy core 2020-12-15 23:37:39 +01:00
Maximilian Hils
e0d5dea959 warn if no nextlayer addon is present 2020-12-15 23:35:43 +01:00
Thomas Kriechbaumer
df164f42e1 imports cleanup 2020-12-14 23:52:48 +01:00
Thomas Kriechbaumer
722d8f2db7 onboardingapp: test using nativ flask test client 2020-12-14 23:52:48 +01:00
Thomas Kriechbaumer
60342344e4 nuke sessions addon with sqlite an protobuf components 2020-12-14 22:14:44 +01:00
Thomas Kriechbaumer
acd985c4c9 fix extracting PEM from context.Server.certificate_list 2020-12-14 22:14:44 +01:00
Thomas Kriechbaumer
55a58ba8e8 fix deprecation warnings in context client/server 2020-12-14 22:14:44 +01:00
Thomas Kriechbaumer
d159897d98 nuke legacy protocol stack 2020-12-14 22:14:43 +01:00
Thomas Kriechbaumer
e6445af2cd cibuild: cleanup outdated providers 2020-12-14 20:01:32 +01:00
Thomas Kriechbaumer
c35316f85a remove pathod and pathoc 2020-12-13 20:21:11 +01:00
Maximilian Hils
a3909ee024 [sans-io] add dedicated proxy_debug option 2020-12-12 23:57:20 +01:00
Maximilian Hils
a768825fba [sans-io] docs++ 2020-12-12 21:55:58 +01:00
Maximilian Hils
8f49cde627 [sans-io] add tunnel tests 2020-12-12 21:24:21 +01:00
Maximilian Hils
f0bdf887fc [sans-io] tests++ 2020-12-12 21:24:21 +01:00
Maximilian Hils
641b1c425b [sans-io] add mode tests, minor fixes 2020-12-12 21:24:21 +01:00
Maximilian Hils
4c75765387 [sans-io] test coverage++ 2020-12-12 21:24:21 +01:00
Maximilian Hils
64d2ac8ef3 [sans-io] add Layer tests 2020-12-12 21:24:21 +01:00
Maximilian Hils
ed753d1a38 [sans-io] add read_sansio tests 2020-12-12 21:24:21 +01:00
Maximilian Hils
d3bd603fb9 [sans-io] add proxyserver tests 2020-12-12 21:24:21 +01:00
Maximilian Hils
8e7cbb3991 [sans-io] remove unused code 2020-12-12 21:24:21 +01:00
Maximilian Hils
efacbca0ca [sans-io] add clientplayback tests 2020-12-12 21:24:21 +01:00
Maximilian Hils
1c9e9660b8 [sans-io] add next_layer tests 2020-12-12 21:24:21 +01:00
Maximilian Hils
21293edce0 [sans-io] TLS: add handshake fuzzing 2020-12-12 21:24:21 +01:00
Maximilian Hils
de925ab397 [sans-io] fix tests 2020-12-12 21:24:21 +01:00
Maximilian Hils
8201a90e22 [sans-io] lint! 2020-12-12 21:24:21 +01:00
Maximilian Hils
00c54e68b8 [sans-io] HTTP/2: more fuzzing, improve cancellation logic 2020-12-12 21:24:21 +01:00
Maximilian Hils
8f516bfd81 [sans-io] HTTP/2: reset half-closed streams on error 2020-12-12 21:24:21 +01:00
Maximilian Hils
66868b1186 [sans-io] HTTP/2: protocol fixes, tests++ 2020-12-12 21:24:21 +01:00
Maximilian Hils
52479e94bb [sans-io] include non-standard ports in host header, refs #4280 2020-12-12 21:24:21 +01:00
Maximilian Hils
8ae2ab2aca [sans-io] fix HTTP/2 stream cancellation 2020-12-12 21:24:20 +01:00
Maximilian Hils
d32a5d5f33 [sans-io] websockets: fix bugs, 100% test coverage 🎉 2020-12-12 21:24:20 +01:00
Maximilian Hils
a4a0428bc6 [sans-io] handle 101 switching protocols 2020-12-12 21:24:20 +01:00
Maximilian Hils
19f8cd0839 [sans-io] add websocket proof-of-concept 2020-12-12 21:24:20 +01:00
Maximilian Hils
222d5cedc8 [sans-io] HTTP/1: Add tests for HTTP -> TCP pipe behavior 2020-12-12 21:24:20 +01:00
Maximilian Hils
4f0cbec308 [sans-io] http: emit error hook when killed 2020-12-12 21:24:20 +01:00
Maximilian Hils
41f69749f2 [sans-io] enable "Secure Web Proxy" mode 2020-12-12 21:24:20 +01:00
Maximilian Hils
1d4bdeb68d [sans-io] HTTP/2: enable END_STREAM for HEADERS
Akamai really doesn't like empty DATA frames with END_STREAM set,
so we mitigate this by indicating end stream in the MessageHeaders events.
2020-12-12 21:24:20 +01:00
Maximilian Hils
3c061b7863 [sans-io] fix playbook SendData merging 2020-12-12 21:24:20 +01:00
Maximilian Hils
1112135920 [sans-io] HTTP/2: respect max_concurrency_limit 2020-12-12 21:24:20 +01:00
Maximilian Hils
485c8eb3e9 [sans-io] fix HTTP/2 -> HTTP/1 interop, limit max connections / server / client 2020-12-12 21:24:20 +01:00
Maximilian Hils
32208b14eb [sans-io] fix HTTP/2 stream concurrency 2020-12-12 21:24:20 +01:00
Maximilian Hils
553f102d6e [sans-io] playbook: fix multiple placeholders of same type 2020-12-12 21:24:20 +01:00
Maximilian Hils
9251f7820a [sans-io] fix HTTP/2 client aborts 2020-12-12 21:24:20 +01:00
Maximilian Hils
3bffcf5e2f [sans-io] fix tcp half close behavior 2020-12-12 21:24:20 +01:00
Maximilian Hils
b5f59a1297 [sans-io] test NextLayer behavior on connection close 2020-12-12 21:24:20 +01:00
Maximilian Hils
65870b729f [sans-io] improve tcp half close behavior 2020-12-12 21:24:20 +01:00
Maximilian Hils
c639fafd64 [sans-io] more testing, more bugfixes! 2020-12-12 21:24:20 +01:00
Maximilian Hils
38f006eb9a [sans-io] more http testing, more bugfixes! 2020-12-12 21:24:20 +01:00
Maximilian Hils
25999ba9d4 [sans-io] http bugfixes! 2020-12-12 21:24:20 +01:00
Maximilian Hils
74f94fe5a3 disable asyncio debug mode, fix tests 2020-12-12 21:24:20 +01:00
Maximilian Hils
3fdbff3faa [sans-io] tlsconfig: add tests 2020-12-12 21:24:19 +01:00
Maximilian Hils
decd2b8c80 [sans-io] add minimal benchmarks 2020-12-12 21:24:19 +01:00
Maximilian Hils
75b7b743c4 [sans-io] fix tls tests 2020-12-12 21:24:19 +01:00
Maximilian Hils
97285512f1 [sans-io] rely on kill message instead of subclass 2020-12-12 21:24:19 +01:00
Maximilian Hils
40fc542cf6 [sans-io] add flow killing, tests++ 2020-12-12 21:24:19 +01:00
Maximilian Hils
34d96da876 [sans-io] extend HTTP/2 fuzzing, fix found bugs 2020-12-12 21:24:19 +01:00
Maximilian Hils
0549d50a47 [sans-io] add HTTP/2 fuzzing, various other fixes 2020-12-12 21:24:19 +01:00
Maximilian Hils
87ec81e435 [sans-io] complete h1/h2 interop 2020-12-12 21:24:19 +01:00
Maximilian Hils
ffa5a69ebf [sans-io] h2 client (wip) 2020-12-12 21:24:19 +01:00
Maximilian Hils
0646a4f1ba [sans-io] h2++, typeize Placeholder 2020-12-12 21:24:19 +01:00
Maximilian Hils
21000fca2c [sans-io] close client conn on CONNECT failure 2020-12-12 21:24:19 +01:00
Maximilian Hils
b9e3b46fd8 [sans-io] add http fuzzing tests 2020-12-12 21:24:19 +01:00
Maximilian Hils
a568721e86 [sans-io] add tests for unreachable http servers 2020-12-12 21:24:19 +01:00
Maximilian Hils
f12b2b7e87 [sans-io] better sockname/peername naming, refs #3896 2020-12-12 21:24:19 +01:00
Maximilian Hils
c5cb0d2f0b [sans-io] implement support for Expect: 100-continue 2020-12-12 21:24:19 +01:00
Maximilian Hils
c00a78751e [sans-io] enable proxying by host header
This mirrors the current examples/complex/dns_spoofing.py script.
2020-12-12 21:24:19 +01:00
Maximilian Hils
3f9441ac5f [sans-io] finalize upstream proxy mode 2020-12-12 21:24:19 +01:00
Maximilian Hils
549eb8df4b [sans-io] upstream proxy tests and fixes 2020-12-12 21:24:19 +01:00
Maximilian Hils
605da3afb6 [sans-io] refactor TLS layer to be a tunnel 2020-12-12 21:24:19 +01:00
Maximilian Hils
a30a6758f3 [sans-io] fixes, fixes, fixes 2020-12-12 21:24:18 +01:00
Maximilian Hils
b2060356b6 [sans-io] wip: tls establishment semantics 2020-12-12 21:24:18 +01:00
Maximilian Hils
7efe27be74 [sans-io] refactor 2020-12-12 21:24:18 +01:00
Maximilian Hils
0740c673bd [sans-io] implement http streaming, refine error handling 2020-12-12 21:24:18 +01:00
Maximilian Hils
5671012163 [sans-io] make hooks explicit 2020-12-12 21:24:18 +01:00
Maximilian Hils
03801aecb2 [sans-io] split http layer into smaller modules 2020-12-12 21:24:18 +01:00
Maximilian Hils
9e6548e581 [sans-io] tls: handle untrusted mitmproxy certs 2020-12-12 21:24:18 +01:00
Maximilian Hils
b075b7fc15 [sans-io] tls: handle invalid clienthellos 2020-12-12 21:24:18 +01:00
Maximilian Hils
6cf0bec912 [sans-io] tls: various improvements 2020-12-12 21:24:18 +01:00
Maximilian Hils
09b6257de0 [sans-io] tls tests++ 2020-12-12 21:24:18 +01:00
Maximilian Hils
7fbe8cece7 [sans-io] tls: test alpn 2020-12-12 21:24:18 +01:00