Commit Graph

354 Commits

Author SHA1 Message Date
Aldo Cortesi
e3fd0e838d Add a basic built-in web app. 2013-03-25 09:20:26 +13:00
Rouli
c6bf28f3f7 adding tcp and ssl setup timestamps to get better resolution on flows performance 2013-03-19 18:21:52 +02:00
Aldo Cortesi
d2d3eb6490 Un-break unit tests. Tsk tsk. 2013-03-17 17:53:48 +13:00
Aldo Cortesi
0e993bec6f Add the --host option, which uses the value in the Host header for dispaly URLs.
- Can be toggled with "o" then "h" in mitmproxy
- Useful for transparent mode
2013-03-17 17:37:54 +13:00
Aldo Cortesi
cfb5ba89ce Introduce a filtered flow writer, and use it in dump.py
Fixes #104
2013-03-14 09:19:43 +13:00
Aldo Cortesi
8a850dc8e6 Few more fuzzing commands, exclude console app from coverage. 2013-03-03 22:39:26 +13:00
Aldo Cortesi
cde66cd584 Fuzzing, and fixes for errors found with fuzzing. 2013-03-03 22:03:27 +13:00
Aldo Cortesi
8216801728 Three more errors turned up with fuzzing.
These are fixed in netlib, regression tests added here.
2013-03-03 15:14:49 +13:00
Aldo Cortesi
7835e0c2c7 Begin some simple fuzzing with pathod.
Finally doing what I started writing pathod for in the first place...
2013-03-03 14:56:56 +13:00
Aldo Cortesi
e608d10f45 Remove __slots__ to make it possible to inherit from Options classes. 2013-03-03 12:26:20 +13:00
Aldo Cortesi
2465b8a376 100% unit test coverage on proxy.py. Hallelujah! 2013-03-03 12:13:33 +13:00
Aldo Cortesi
d5876a12ed Unit test proxy option parsing. 2013-03-03 11:58:57 +13:00
Aldo Cortesi
33cdd5d083 Unit test proxy auth. 2013-03-03 11:04:33 +13:00
Aldo Cortesi
5c6587d4a8 Move HTTP auth module to netlib. 2013-03-03 10:37:06 +13:00
Aldo Cortesi
bbdb59b9f9 Test controller message default reply. 2013-03-03 09:33:22 +13:00
Aldo Cortesi
c20d1d7d32 Extend unit tests for proxy.py to some tricky cases. 2013-03-02 22:42:36 +13:00
Aldo Cortesi
415844511c Test cert generation errors. 2013-03-02 16:59:16 +13:00
Aldo Cortesi
09c73019c5 Remove human_curl requirement for the test suite - it's pathoc all the way, baby. 2013-03-02 15:09:22 +13:00
Aldo Cortesi
a95d78438c Test SNI for transparent mode. 2013-03-02 15:06:49 +13:00
Aldo Cortesi
10db82e9a0 Test SNI for ordinary proxy connections. 2013-03-02 14:52:05 +13:00
Aldo Cortesi
ba674ad551 New SNI handling mechanism. 2013-03-01 09:05:39 +13:00
Aldo Cortesi
b077189dd5 Test cert file specification, spruce up server testing truss a bit. 2013-02-24 22:52:59 +13:00
Aldo Cortesi
0257815141 Significantly simplify server connection handling, and test. 2013-02-24 22:24:21 +13:00
Aldo Cortesi
705559d65e Refactor to prepare for SNI fixes. 2013-02-24 17:35:24 +13:00
Aldo Cortesi
d0639e8925 Handle server disconnects better.
Server connections can be closed for legitimate reasons, like timeouts. If
we've already pumped data over a server connection, we reconnect on error. If
not, we treat it as a legitimate error and pass it on to the client.

Fixes #85
2013-02-24 14:04:56 +13:00
Aldo Cortesi
64285140f9 Test a difficult-to-trigger IOError, fix cert generation in test suite. 2013-02-24 11:34:01 +13:00
Aldo Cortesi
51de9f9fdf Test client connection close conditions. 2013-02-24 10:51:14 +13:00
Aldo Cortesi
05e4d4468e Test request and response kill functionality. 2013-02-23 21:59:25 +13:00
Aldo Cortesi
269780c577 Unit test dummy response functions. 2013-02-23 16:34:59 +13:00
Aldo Cortesi
aaf892e3af Significantly refactor the master/slave message passing interface. 2013-02-17 12:42:48 +13:00
Aldo Cortesi
1ccb2c5dea Test WSGI app calling.
- Factor out test servers into a separate file
- Adjust docs to note new Flask dependency
2013-02-16 16:46:16 +13:00
Eric Entzel
6bcf29c0ed Keep blank URL parameters
TODO: This should probably be configurable
2013-02-11 13:22:25 +11:00
Aldo Cortesi
782bbee8c0 Unit tests for ServerConnectionPool 2013-01-29 11:35:57 +13:00
Aldo Cortesi
53792a5a28 Beef up unit tests for HAR utility functions - flow.py coverage now 100%. 2013-01-29 10:41:45 +13:00
Aldo Cortesi
6f157d936f Merge pull request #99 from rouli/master
Adding helper functions to make HAR export easier
2013-01-28 13:28:49 -08:00
Rouli
330fbfe8cc adding helper functions to make HAR export easier 2013-01-28 17:37:25 +02:00
Aldo Cortesi
57f01ffb07 Test suite, remove extraneous code. 2013-01-28 21:59:03 +13:00
Aldo Cortesi
25cb9471f0 Add tests for client certificate support. 2013-01-20 22:39:28 +13:00
Aldo Cortesi
6600c589ab Rudimentary testing for client certs. 2013-01-18 17:08:30 +13:00
Aldo Cortesi
0f406e9daa Speed up the test suite by reducing time sleeping in tests. 2013-01-18 14:52:19 +13:00
Aldo Cortesi
7a79eeb143 Merge branch 'master' of ssh.github.com:cortesi/mitmproxy
Conflicts:
	test/test_server.py
2013-01-18 14:50:31 +13:00
Rouli
6212b69fb4 fixes due to merge with master 2013-01-17 17:36:18 +02:00
Rouli
446f9f0a0f Merge remote-tracking branch 'upstream/master' 2013-01-17 17:33:29 +02:00
Rouli
20fa6a3083 changing requests and responses to have two timestamps, one marking their initiation, and the other their complete 2013-01-17 17:32:56 +02:00
Aldo Cortesi
d0ee4d60d0 Unit tests and minor code refactoring for ServerConnection. 2013-01-05 19:44:12 -08:00
Aldo Cortesi
891c441a6d Use new netlib certificate store implementation. 2013-01-06 01:16:08 +13:00
Aldo Cortesi
9cfc785cd3 Unit test love - 100% for flow.py, dump.py 2013-01-05 21:56:33 +13:00
Aldo Cortesi
46ab6ed491 Minor cleanups of proxy request handling. 2013-01-04 14:19:32 +13:00
Aldo Cortesi
f5e49ef598 First draft of "How mitmproxy works", a complete guide to the mechanics of the proxy process 2013-01-03 17:26:59 +13:00
Aldo Cortesi
e2dc7ba09d First draft of OSX transparent proxy mode. 2013-01-01 11:13:56 +13:00
Aldo Cortesi
5347cb9c26 More work on proxy auth
- Strip auth header if auth succeeds, so it's not passed upstream
- Actually use realm specification to BasicProxyAuth, and make it mandatory
- Cleanups and unit tests
2012-12-31 10:56:44 +13:00
Aldo Cortesi
3b84111493 Test and robustify BasicProxyAuth.parse_auth_value
- This is partly in preparation for moving the implementation to netlib
- Also add an unparse_auth_value for testing (and use in pathod once the move is done)
2012-12-31 10:34:25 +13:00
Aldo Cortesi
018c229ae4 Start solidifying proxy authentication
- Add a unit test file
- Remove some extraneous methods
- Change the auth API to make the authenticate method take a header object.
2012-12-31 09:15:56 +13:00
Aldo Cortesi
8c976ac7f0 Substantially rewrite AMF decoding.
This is tricky, but we should now handle a lot more corner-cases.
2012-11-26 13:25:07 +13:00
Aldo Cortesi
0d59fd7e01 Move cleanBin and hexdump into netutils. 2012-09-24 11:21:12 +12:00
Aldo Cortesi
d115b5ae70 Expand Flow.match to accept either a string or a compiled filter expression. 2012-09-14 09:41:01 +12:00
Aldo Cortesi
a77ccc406d Getter and setter for path component on Requests. 2012-08-19 13:03:21 +12:00
Aldo Cortesi
60659a89c3 Little bit of love for the unit tests. 2012-08-19 00:22:42 +12:00
Aldo Cortesi
1b7990897e Command-line options for header setting. 2012-08-19 00:14:16 +12:00
Aldo Cortesi
3e96015e61 Add SetHeaders, analogous to ReplaceHooks, with a graphical editor in mitmproxy (H shortcut).
SetHeaders defines headers that are set on flows, based on a matching pattern.
Existing headers are over-ridden.
2012-08-18 23:41:04 +12:00
Aldo Cortesi
b70e91bbd4 Send tracebacks from content viewers to event log.
Also, 100% test coverage for content viewers.
2012-08-18 17:42:40 +12:00
Aldo Cortesi
e8553f966f Further simplifcation and testing of contentviews. 2012-08-18 17:29:29 +12:00
Aldo Cortesi
11c63dcb9f Huge cleanup of content viewers. 2012-08-18 17:08:17 +12:00
Sahn Lam
3189d144a5 Optional AMF decoding support
If PyAMF is installed, enable AMF decoding.
2012-08-17 18:45:26 -07:00
Aldo Cortesi
a66d018363 Fix unit tests after argparse conversion. 2012-08-18 10:27:31 +12:00
Aldo Cortesi
32ad26f8bf Add a size() method to flow.Request and flow.Response. 2012-08-04 13:18:05 +12:00
Aldo Cortesi
84bffad3fc Fix flow read unit test to accomodate more tolerant dumpfile parsing. 2012-07-24 15:30:52 +12:00
András Veres-Szentkirályi
1a26f8215d removed assigned but unread variables 2012-07-15 22:42:59 +02:00
András Veres-Szentkirályi
da496669c2 removed unused imports 2012-07-15 22:42:45 +02:00
Aldo Cortesi
e4079aa746 Add an ~a filter expression, matching an asset content type in responses.
Asset content types are Javascript, images, Flash and CSS. This is useful
because doing a quick "!~a" while auditing an app will filter out the majority
of the static asset cruft, letting you focus on what matters.
2012-07-14 16:55:21 +12:00
Aldo Cortesi
01b8b0d876 Refine semantics of replay_request method. 2012-07-10 23:29:33 +12:00
Aldo Cortesi
04d9ec8c3c Make WSGI apps work in transparent mode. 2012-07-10 15:53:53 +12:00
Aldo Cortesi
79af9e89c4 Test replay corner cases. Fix discovered bugs. 2012-07-09 11:18:03 +12:00
Aldo Cortesi
aab45078ad Unit test request replay thread.
This is a small patch, but is the culmination of lots of work: we can now unit
test the deep innards of mitmproxy, with coverage. There's a lot more to come
in this vein.
2012-07-09 11:03:55 +12:00
Aldo Cortesi
e49c920d16 Refator server tests to use flow.FlowMaster and flow.State 2012-07-09 10:58:28 +12:00
Aldo Cortesi
572e8a4962 Add streaming to FlowMaster 2012-07-09 10:18:37 +12:00
Aldo Cortesi
4b6fdc92dc Remove ODict tests. ODict is now in netlib. 2012-07-09 09:54:15 +12:00
Aldo Cortesi
d02bcade3a Add a domain match filter (~d regex) 2012-07-06 22:21:44 +12:00
Aldo Cortesi
aa708a2d28 Fix error when serializing reverted SSL flows. 2012-07-05 11:52:56 +12:00
Aldo Cortesi
90365e270e Catch and handle SSL connection errors. 2012-07-01 12:10:32 +12:00
Aldo Cortesi
d74a341e5d Beef up logging substantially. 2012-07-01 00:15:03 +12:00
Aldo Cortesi
f070e4523a Handle invalid data more gracefully.
Fixes #47
2012-06-30 15:59:42 +12:00
Aldo Cortesi
47651b1ff2 Serialization and de-serialization of new cert format. 2012-06-28 14:29:15 +12:00
Aldo Cortesi
35ee0c098f Remove certutils from mitmproxy. 2012-06-27 16:43:33 +12:00
Aldo Cortesi
8ccfb376f3 Remove -T and -U command-line options.
They're redundant convenience options, and we need more space.
2012-06-26 19:57:59 +12:00
Aldo Cortesi
874649f134 Adapt for API changes in netlib. 2012-06-23 14:06:34 +12:00
Aldo Cortesi
7cb242c168 Move wsgi to netlib. 2012-06-19 10:42:55 +12:00
Aldo Cortesi
1b1ccab8b7 Extract protocol and tcp server implementations into netlib. 2012-06-19 09:58:50 +12:00
Aldo Cortesi
7b9756f48e Refactor protocol.py to remove dependence on flow and utils. 2012-06-17 10:52:39 +12:00
Aldo Cortesi
aae8a9959c Pull out protocol components into protocol.py 2012-06-16 21:23:32 +12:00
Aldo Cortesi
d5a0099f49 Test suite and refactoring for netlib. 2012-06-16 16:22:51 +12:00
Aldo Cortesi
4e53f1ee90 Rename our tcpserver to netlib, expand to include client network functions. 2012-06-16 13:38:10 +12:00
Aldo Cortesi
c7952371b7 Fix a problem in ODictCaseless that could cause duplicate headers. 2012-06-15 17:40:08 +12:00
Aldo Cortesi
8ae3270807 Basic transparent mode. 2012-06-15 09:47:04 +12:00
Aldo Cortesi
a9495dc02f Refactor test suite to make room for transparent mode tests. 2012-06-15 09:20:10 +12:00
Aldo Cortesi
8a9352b3f7 First draft conversion of server to PyOpenSSL. 2012-06-13 18:16:47 +12:00
Aldo Cortesi
d032504b17 Fix an exception when replaying a flow with no response. 2012-06-10 17:10:43 +12:00
Aldo Cortesi
d60fa9918b Localise client connection object manipulation.
This simplifies the call signature for a bunch of functions.
2012-06-10 16:49:59 +12:00
Aldo Cortesi
6ba5f0f35b Add HTTP version to response objects.
Another change in the serialization format.
2012-06-10 13:27:43 +12:00
Aldo Cortesi
52779d9db9 Refactoring of proxy.py
- Correctly pass HTTP request version on to upstream servers
- Adjust tests not to hang due to a pathod response with no content-length
2012-06-10 13:17:18 +12:00