Maximilian Hils
be995ddbd6
add ssl layer
2015-08-11 20:32:09 +02:00
Maximilian Hils
863113f989
first initial proof-of-concept
2015-08-11 20:32:08 +02:00
Thomas Kriechbaumer
b732a1cb3d
reimplement streaming for HTTP/1
2015-08-01 14:37:33 +02:00
Thomas Kriechbaumer
8a05151170
revert ALPN-related changes to fix master
...
In the future this should be added again to support HTTP/2.
2015-08-01 14:37:32 +02:00
Thomas Kriechbaumer
4f38c6b90e
attach application protocol to connection
2015-07-30 19:53:29 +02:00
Thomas Kriechbaumer
89f22f7359
refactor connection & protocol handling
2015-07-30 13:53:17 +02:00
Maximilian Hils
0892649d31
Merge pull request #675 from Kriechi/protocol-refactor
...
HTTP protocol refactoring
2015-07-24 17:52:44 +02:00
Maximilian Hils
9b3fe80697
minor style improvements
2015-07-22 16:00:32 +02:00
Thomas Kriechbaumer
bb265d0c40
use new netlib module names
2015-07-22 15:30:11 +02:00
Maximilian Hils
4c831992aa
fix #593 , fix #656 , coverage++
2015-07-03 02:47:12 +02:00
Kyle Morton
f0ad1f334c
Enabling upstream server verification. Added flags --verify_upstream_cert,
...
--upstream-trusted-cadir, and --upstream-trusted-ca.
2015-06-29 11:00:20 -07:00
Maximilian Hils
b369962cbe
remove certforward feature
...
The certforward feature was implemented to support #gotofail,
which only works on unpatched iOS devices. Given that many apps don't
support iOS 7 anymore, jailbreak+ssl killswitch is usually the better option.
By removing certforward, we can make netlib a pure python module again,
which significantly simplifies distribution.
2015-06-26 13:27:40 +02:00
Thomas Kriechbaumer
14e49f4fc7
unify SSL version/method handling
2015-06-23 12:05:34 +02:00
iroiro123
fbb23b5c9f
changed error handling (ssl spoof mode)
2015-06-23 01:49:22 +09:00
iroiro123
fd90367329
SSL Spoof mode
2015-06-21 00:51:56 +09:00
iroiro123
378aa78324
Spoof mode
2015-06-20 21:43:50 +09:00
iroiro123
59ec291b6c
HTTP Transparent Proxy
2015-06-18 23:53:27 +09:00
Aldo Cortesi
a05a70d816
Add coding style check, reformat.
2015-05-30 12:03:28 +12:00
Maximilian Hils
15a8a93a4e
adjust to changed netlib api
2015-03-07 01:39:01 +01:00
Maximilian Hils
75ba0a92e4
do some housekeeping
2015-03-02 14:35:50 +01:00
elitest
5e07fe08ea
Update Server.py to fix SNI handling
...
Forgot to change ciphers->client_ciphers.
2015-03-02 00:19:06 -06:00
elitest
c6f54605a7
Update Config.py to clarify help messages
2015-03-01 20:49:03 -06:00
elitest
13e74facb6
Update config.py
2015-03-01 20:21:35 -06:00
Jim Shaver
b063d6020f
specified cipher_list in a few more locations, added a missing comma
2015-03-01 20:12:27 -06:00
elitest
6a1e294149
Update Server.py to improve cipher selection
...
Differentiated client ciphers and added server ciphers.
2015-02-28 11:07:18 -06:00
elitest
0b7b0ac33d
Update Config.py to improve cipher selection
...
added support for specifying cipher suites on both sides of the proxy instead of just the one.
2015-02-28 10:16:31 -06:00
Maximilian Hils
3323b29f10
always include SNI as SAN entry
...
To be as robust as possible, we include the SNI value always as a Subject
Alternative Name. Second, we make sure that the server address is in the
list as well.
2015-02-27 12:51:06 +01:00
Maximilian Hils
81a274eb51
fix #479
2015-02-27 09:17:41 +01:00
Maximilian Hils
120ab5c4cd
fix #427 , tolerate servers that reject connections without SNI
2014-12-15 13:02:47 +01:00
Maximilian Hils
4e635d7a6f
allow specification of SSL version, only allow TLS1.0+ by default
2014-12-15 12:46:13 +01:00
Aldo Cortesi
24c4df07e3
First-order integration of configargparser to add config file support
2014-11-15 16:14:08 +13:00
Maximilian Hils
be449b7129
fix #409
2014-11-14 16:13:45 +01:00
Maximilian Hils
3b0964f365
fix #391
2014-10-30 17:38:23 +01:00
Aldo Cortesi
efd6fdb0e2
Start a fuzzing architecture for mitmproxy
2014-10-26 17:13:25 +13:00
Maximilian Hils
6cef6fbfec
tweak SSL detection heuristics
2014-10-21 15:08:39 +02:00
Maximilian Hils
e114858438
add generic tcp proxying, fix #374
2014-10-18 18:29:35 +02:00
Maximilian Hils
52b29d4926
remove default_ca
2014-10-18 15:26:10 +02:00
Maximilian Hils
d0809a210b
fix cert forwarding
2014-10-09 02:47:32 +02:00
Maximilian Hils
7c56a3bb01
Add SOCKS5 mode, fix #305
2014-10-09 01:59:02 +02:00
Maximilian Hils
5b33f78961
add mini documentation
2014-10-09 00:49:11 +02:00
Maximilian Hils
d5c318b070
fix support for chained certificates
2014-10-08 20:44:52 +02:00
Maximilian Hils
102bd07568
implement FlowStore basics
2014-09-17 17:30:19 +02:00
Aldo Cortesi
b4ecd96beb
Introduce short form object state, and connect the ends to send data to web app
2014-09-17 13:58:56 +12:00
Aldo Cortesi
d998790c2f
Clean up and clarify StateObject
...
- Flatten the class hierarchy
- get_state, load_state, from_state are public
- Simplify code
- Remove __eq__ and __neq__. This fundamentally changes the semantics of
inherited objects in a way that's not part of the core function of the
class
2014-09-17 11:41:42 +12:00
Maximilian Hils
fbc4bb38df
mitmproxy -> libmproxy.main. do some leanup on the way
2014-09-08 23:34:43 +02:00
Maximilian Hils
d06b4bfa4e
remove proxy mode abstraction: always be clear which mode we are in
2014-09-08 14:32:42 +02:00
Maximilian Hils
2b2d21aff0
add --ignore ui indication
2014-09-08 12:20:40 +02:00
Aldo Cortesi
bf5fef1e0b
Merge pull request #347 from mitmproxy/issue_341
...
Remove BackReferenceMixin
2014-09-07 13:04:18 +12:00
Maximilian Hils
3c65510ef5
coverage++
2014-09-06 13:09:57 +02:00
Maximilian Hils
2a6337343a
update docs, mostly revert 2f44b26b4c
2014-09-05 15:16:20 +02:00
Maximilian Hils
795e19f6b7
coverage++
2014-09-04 16:37:50 +02:00
Maximilian Hils
cd43c5ba9c
simplify server changes for inline scripts
2014-09-03 20:12:30 +02:00
Maximilian Hils
1e4e332ef9
improve error handling
2014-09-02 18:13:18 +02:00
Maximilian Hils
1a41c15c03
minor fixes
2014-08-31 16:52:26 +02:00
Maximilian Hils
1f47f7b6b2
refactor protocol handling, fix #332
2014-08-30 20:15:19 +02:00
Maximilian Hils
94fbf066f7
fix script tests
2014-08-18 01:47:39 +02:00
Maximilian Hils
5b7e19a77e
fix #327
2014-08-18 00:55:30 +02:00
Maximilian Hils
da3e7c0187
do not connect if inline script already connected to upstream server
2014-08-12 02:55:32 +02:00
Maximilian Hils
858b0af0bb
fix #270
2014-08-10 16:10:49 +02:00
Maximilian Hils
ecf8081ba6
implement passthrough mode, fixes #175
2014-08-09 03:03:21 +02:00
Maximilian Hils
2e6a698287
fix #308
2014-08-08 19:04:58 +02:00
Maximilian Hils
4d2109ef92
fix display of urls in upstream mode, refs #308
2014-08-08 17:49:02 +02:00
Maximilian Hils
de05484d9d
fix #318
2014-08-08 04:43:44 +02:00
Maximilian Hils
a3c3e4e504
remove platform.setup
2014-08-08 03:38:59 +02:00
Maximilian Hils
a9e6121a08
properly express state information on server connections, refs #315
2014-08-08 02:45:24 +02:00
Maximilian Hils
10a6d4fbe5
fix #317
2014-08-03 02:01:40 +02:00
Maximilian Hils
e9401a2123
Merge branch 'stream'
...
Conflicts:
libmproxy/protocol/http.py
2014-07-31 22:29:13 +02:00
Maximilian Hils
e9c834a30d
fix #259
2014-07-26 12:02:18 +02:00
Maximilian Hils
d9ac029ec7
always initialize HTTPResponse.stream attribute
2014-07-23 00:21:33 +02:00
Maximilian Hils
c7425f42db
if no_upstream_cert is set, include SNI value als SubjectAltName, fix #291
2014-07-18 23:04:24 +02:00
Maximilian Hils
05a8c52f8f
add transparent proxy mode on windows (docs still missing)
2014-07-16 00:47:44 +02:00
Maximilian Hils
c039e4a2e3
fix ProxyError inheritance
2014-06-25 23:25:49 +02:00
Maximilian Hils
84a016dccf
expose sockname
2014-06-25 23:03:15 +02:00
Maximilian Hils
decb6f998a
add support for certificate chains, refs #174
2014-05-21 01:16:22 +02:00
Maximilian Hils
00fd243810
fix up error messages
2014-05-15 18:16:42 +02:00
Maximilian Hils
221bbb7369
re-use cert creation from netlib in handle_sni, fix #272
2014-05-15 13:56:09 +02:00
Maximilian Hils
4f1fe11549
Merge pull request #269 from shvar/master
...
init ProxyConfig.certstore with custom certs
2014-04-29 16:54:58 +02:00
Eli Shvartsman
1f29b16fb7
fix default certs
2014-04-29 16:13:12 +03:00
Eli Shvartsman
e2501960d3
init ProxyConfig.certstore with custom certs
2014-04-29 15:54:11 +03:00
Eli Shvartsman
ed91e19e0b
Update server.py
...
We should ask for upstream cert only if there is:
1) no no_upstream_cert option specified
2) ssl connection to server is established
2014-04-29 12:41:59 +03:00
Maximilian Hils
a66913d4a3
forward proxy -> upstream proxy
2014-03-14 00:02:00 +01:00
Maximilian Hils
4e17b00ce8
order command line options, add disting proxy option group
2014-03-13 23:43:26 +01:00
Maximilian Hils
1bfc164692
adjust tests, fix option handling
2014-03-13 01:22:12 +01:00
Maximilian Hils
4d9799f103
add support for log levels
2014-03-13 01:04:45 +01:00
Maximilian Hils
14db30080f
Merge branch 'master' of github.com:mitmproxy/mitmproxy
2014-03-11 02:16:30 +01:00
Maximilian Hils
15c82f743f
fix temporary server change, coverage++
2014-03-11 02:16:22 +01:00
Aldo Cortesi
e89e035d4a
Certificate forwarding.
2014-03-11 13:02:10 +13:00
Maximilian Hils
c1fff51b1b
always use relative imports, fix status bar bug
2014-03-10 22:36:47 +01:00
Maximilian Hils
e6349b540f
split up protocol\__init__.py
2014-03-10 21:57:50 +01:00
Maximilian Hils
9cc10630c8
update docs, fix #215
2014-03-10 17:01:30 +01:00
Maximilian Hils
fe58c1c6eb
add advanced proxying options, add SSL-terminating capability to mitmproxy
2014-03-10 05:11:51 +01:00
Maximilian Hils
78750a8b4d
lay the foundations for --(in|out)(abs|rel) command line switches, as proposed in https://groups.google.com/forum/#!topic/mitmproxy/nApno2TXS0c
2014-03-10 02:32:27 +01:00
Maximilian Hils
5598a8de82
finish proxy.py split up
2014-03-09 21:51:24 +01:00