Grasscutters/mitmproxy
3
0
Fork 0
mirror of https://github.com/Grasscutters/mitmproxy.git synced 2024-11-23 16:17:49 +00:00
Code Issues Projects Releases Wiki Activity
6,540 Commits 1 Branch 67 Tags 50 MiB
f908ea220f
Commit Graph

1516 Commits

Author SHA1 Message Date
Aldo Cortesi
09c503563a Enable config file parsing 
We support 4 different config files:

~/.mitmproxy/common.conf:       Options that are common to all tools
~/.mitmproxy/mitmproxy.conf:    Options for mitmproxy
~/.mitmproxy/mitmdump.conf:     Options for mitmdump
~/.mitmproxy/mitmweb.conf:      Options for mitmweb

Options in the tool-specific config files over-ride options in common.conf. If
a non-common option is put in common.conf, an error will be raised if a
non-supporting tool is used.
 2014-11-15 17:25:05 +13:00
Aldo Cortesi
9c88622e25 Adjust tests 2014-11-15 16:17:05 +13:00
Maximilian Hils
0c52b4e3b9 handle script hooks in replay, fix tests, fix #402 2014-11-14 00:26:22 +01:00
Maximilian Hils
a325ae638b fix tests 2014-11-11 13:09:05 +01:00
Maximilian Hils
4d090e09c7 fix tests 2014-11-07 09:59:11 +01:00
Aldo Cortesi
0fe83ce87b Fix bug in flow dumping, add unit test that should have caught this in the first place 2014-11-06 10:35:00 +13:00
Aldo Cortesi
34d419ead8 Merge branch 'master' of ssh.github.com:mitmproxy/mitmproxy 2014-11-04 10:22:13 +13:00
Aldo Cortesi
d0de490ef1 Release prep: binaries build script, release checklist, fuzzing 2014-11-02 18:04:57 +13:00
Wade 524
c4c42fa040 Updating OPTIONS test with related issue number. 2014-10-31 12:45:31 -07:00
Wade 524
2c64b90a3d Adding some test coverage for handling HTTP OPTIONS requests. 2014-10-31 11:49:45 -07:00
Aldo Cortesi
340d0570bf Legibility 2014-10-26 18:32:45 +13:00
Aldo Cortesi
16654ad6a4 Fix crash while streaming 
Found using fuzzing. Reproduction with pathoc, given "mitmproxy -s" and
pathod running on 9999:

get:'http://localhost:9999/p/':s'200:b\'foo\':h\'Content-Length\'=\'3\'':i58,'\x1a':r

 return flow.FlowMaster.run(self)
   File "/Users/aldo/mitmproxy/mitmproxy/libmproxy/controller.py", line 111, in run
     self.tick(self.masterq, 0.01)
   File "/Users/aldo/mitmproxy/mitmproxy/libmproxy/flow.py", line 613, in tick
     return controller.Master.tick(self, q, timeout)
   File "/Users/aldo/mitmproxy/mitmproxy/libmproxy/controller.py", line 101, in tick
     self.handle(*msg)
   File "/Users/aldo/mitmproxy/mitmproxy/libmproxy/controller.py", line 118, in handle
     m(obj)
   File "/Users/aldo/mitmproxy/mitmproxy/libmproxy/flow.py", line 738, in handle_responseheaders
     self.stream_large_bodies.run(f, False)
   File "/Users/aldo/mitmproxy/mitmproxy/libmproxy/flow.py", line 155, in run
     r.headers, is_request, flow.request.method, code
   File "/Users/aldo/mitmproxy/mitmproxy/netlib/http.py", line 401, in expected_http_body_size
     raise HttpError(400 if is_request else 502, "Invalid content-length header: %s" % headers["content-length"])
 netlib.http.HttpError: Invalid content-length header: ['\x1a3']
 2014-10-26 17:58:36 +13:00
Aldo Cortesi
efd6fdb0e2 Start a fuzzing architecture for mitmproxy 2014-10-26 17:13:25 +13:00
Maximilian Hils
c79bdeb4e5 fix #346 2014-10-22 14:03:19 +02:00
Maximilian Hils
37cc6ae0bb fix race conditions in tests 2014-10-19 01:26:08 +02:00
Maximilian Hils
e114858438 add generic tcp proxying, fix #374 2014-10-18 18:29:35 +02:00
Maximilian Hils
d7341e7798 add test case for #375 2014-10-17 17:08:41 +02:00
Marcelo Glezer
81f5636389 --replay-ignore-content & --replay-ignore-param ported from branch 0.10 2014-10-03 07:29:44 -03:00
Aldo Cortesi
d998790c2f Clean up and clarify StateObject 
- Flatten the class hierarchy
- get_state, load_state, from_state are public
- Simplify code
- Remove __eq__ and __neq__. This fundamentally changes the semantics of
inherited objects in a way that's not part of the core function of the
class
 2014-09-17 11:41:42 +12:00
Aldo Cortesi
17868f61a9 Remove external app option, make tick timeout explicit 2014-09-14 11:46:01 +12:00
Maximilian Hils
2842f25b82 fix tests 2014-09-12 03:16:52 +02:00
Maximilian Hils
5f5af9535a update distribution: pip install now works on Windows 2014-09-09 00:06:10 +02:00
Maximilian Hils
fbc4bb38df mitmproxy -> libmproxy.main. do some leanup on the way 2014-09-08 23:34:43 +02:00
Maximilian Hils
ece15b3c8a reverse proxy: adjust dst when reading flows, fix #346 2014-09-08 14:43:32 +02:00
Maximilian Hils
d06b4bfa4e remove proxy mode abstraction: always be clear which mode we are in 2014-09-08 14:32:42 +02:00
Maximilian Hils
2b2d21aff0 add --ignore ui indication 2014-09-08 12:20:40 +02:00
Maximilian Hils
ac27d1236f improve change_server api, add example how to change the upstream server 2014-09-07 18:01:37 +02:00
Aldo Cortesi
bf5fef1e0b Merge pull request #347 from mitmproxy/issue_341 
Remove BackReferenceMixin
 2014-09-07 13:04:18 +12:00
Maximilian Hils
df129736c3 test streaming 2014-09-06 13:30:00 +02:00
Maximilian Hils
3c65510ef5 coverage++ 2014-09-06 13:09:57 +02:00
Maximilian Hils
fdd7b2f108 Merge branch 'issue_341' into server_change_api 2014-09-06 12:43:32 +02:00
Maximilian Hils
0e0cff638c Merge branch 'master' into issue_341 2014-09-06 12:42:52 +02:00
Maximilian Hils
b6c8a22b67 coverage++ 2014-09-06 12:23:05 +02:00
Maximilian Hils
2a6337343a update docs, mostly revert 2f44b26b4c 2014-09-05 15:16:20 +02:00
Maximilian Hils
f2570c773a iframe injector example: use inline script 2014-09-05 15:05:44 +02:00
Maximilian Hils
a7a3b5703a change replay_request behaviour, refs #346; test upstream proxy mode 2014-09-05 00:18:17 +02:00
Maximilian Hils
b23a1aa4a4 much tests. so tcp. very wow. 2014-09-04 19:08:54 +02:00
Maximilian Hils
795e19f6b7 coverage++ 2014-09-04 16:37:50 +02:00
Maximilian Hils
f4d4332472 coverage++ 2014-09-04 14:46:25 +02:00
Maximilian Hils
1d45c54a04 Merge branch 'issue_341' into server_change_api 2014-09-04 14:18:21 +02:00
Maximilian Hils
1135666ee6 Merge branch 'master' into issue_341 2014-09-04 14:18:07 +02:00
Maximilian Hils
39fa579dd5 remove outdated IOError test case (f5fdfd8a9f) 2014-09-04 14:15:49 +02:00
Maximilian Hils
2f44b26b4c improve HTTPRequest syntax 2014-09-03 23:44:54 +02:00
Maximilian Hils
0c3b6ee667 fix IOError handling 2014-09-03 17:33:08 +02:00
Maximilian Hils
b0cfeff06d fix #341 - work on flows instead of request/response internally. 2014-09-03 16:57:56 +02:00
Maximilian Hils
1e4e332ef9 improve error handling 2014-09-02 18:13:18 +02:00
Maximilian Hils
1f47f7b6b2 refactor protocol handling, fix #332 2014-08-30 20:15:19 +02:00
Maximilian Hils
b97b1f17cf fix #328 2014-08-24 14:22:11 +02:00
Maximilian Hils
94fbf066f7 fix script tests 2014-08-18 01:47:39 +02:00
Maximilian Hils
bb2ce689a9 adjust to netlib changes 2014-08-17 23:06:25 +02:00
Maximilian Hils
a193c267f3 adjust tests 2014-08-10 16:20:04 +02:00
Maximilian Hils
4d2109ef92 fix display of urls in upstream mode, refs #308 2014-08-08 17:49:02 +02:00
Maximilian Hils
de05484d9d fix #318 2014-08-08 04:43:44 +02:00
Maximilian Hils
a3c3e4e504 remove platform.setup 2014-08-08 03:38:59 +02:00
Maximilian Hils
13f030ccb5 suppress SPDY/HTTP2 announcement headers, fix #277 2014-08-03 16:25:38 +02:00
Maximilian Hils
3133136da7 fix #307 2014-08-03 02:34:29 +02:00
Maximilian Hils
e9401a2123 Merge branch 'stream' 
Conflicts:
	libmproxy/protocol/http.py
 2014-07-31 22:29:13 +02:00
Maximilian Hils
3e3dbee936 fix tests 2014-07-31 22:18:57 +02:00
Maximilian Hils
c9be57b682 fix #313 2014-07-27 03:28:23 +02:00
Maximilian Hils
e9c834a30d fix #259 2014-07-26 12:02:18 +02:00
Maximilian Hils
a73ad1d945 fix tests 2014-07-26 11:51:27 +02:00
Maximilian Hils
562ac9e721 unify stream handling 2014-07-21 14:09:24 +02:00
Maximilian Hils
7398db80db simplify responseheader scripthook 2014-07-20 11:17:53 +02:00
Brad Peabody
560e23af09 fixed handling of Transfer-Encoding header during streaming; wrote tests for streaming support 2014-07-19 19:10:14 -07:00
Maximilian Hils
a48cccadb5 fix tests on windows 2014-07-18 03:13:52 +02:00
Maximilian Hils
b0c366aa45 Merge pull request #300 from zbrdge/freebsd-platform 
Freebsd 10 platform
 2014-07-03 02:24:00 +02:00
Zack B
64c265b710 added unit test update. coverage still at 97% 2014-07-01 16:33:48 -07:00
Vyacheslav Bakhmutov
b7c1d05782 Remove global should_exit and fix tests 2014-06-13 14:14:55 +07:00
Maximilian Hils
00fd243810 fix up error messages 2014-05-15 18:16:42 +02:00
Maximilian Hils
a17a53269d fix #253 2014-05-15 14:37:05 +02:00
Maximilian Hils
d883d93566 fix linux tests... 2014-03-13 01:30:26 +01:00
Maximilian Hils
1bfc164692 adjust tests, fix option handling 2014-03-13 01:22:12 +01:00
Maximilian Hils
aefb30ea60 restrict -e to mitmproxy only (not mitmdump) 2014-03-12 22:13:00 +01:00
Maximilian Hils
14db30080f Merge branch 'master' of github.com:mitmproxy/mitmproxy 2014-03-11 02:16:30 +01:00
Maximilian Hils
15c82f743f fix temporary server change, coverage++ 2014-03-11 02:16:22 +01:00
Aldo Cortesi
e89e035d4a Certificate forwarding. 2014-03-11 13:02:10 +13:00
Maximilian Hils
fe58c1c6eb add advanced proxying options, add SSL-terminating capability to mitmproxy 2014-03-10 05:11:51 +01:00
Maximilian Hils
78750a8b4d lay the foundations for --(in|out)(abs|rel) command line switches, as proposed in https://groups.google.com/forum/#!topic/mitmproxy/nApno2TXS0c 2014-03-10 02:32:27 +01:00
Maximilian Hils
5598a8de82 finish proxy.py split up 2014-03-09 21:51:24 +01:00
Maximilian Hils
fc4fe83eaf split up proxy.py 2014-03-09 21:13:08 +01:00
Maximilian Hils
2e50b10735 fix windows tests, include improvements from 0.10.1 2014-03-08 17:19:47 +01:00
Maximilian Hils
2b01c4eee7 Merge branch 'master' of github.com:mitmproxy/mitmproxy 2014-03-08 15:47:27 +01:00
Maximilian Hils
3032672f10 combine asterisk-form and origin-form into relative form 2014-03-08 15:47:09 +01:00
Aldo Cortesi
221973aff6 Revert to old cert names, use a subdir for test conf dir. 2014-03-07 16:38:24 +13:00
Aldo Cortesi
d65f2215cb Much more sophisticated cert handling 
- Specify per-domain certificates and keys
- Certs are no longer regenerated for SANs
- And more. :)
 2014-03-05 17:28:04 +13:00
Aldo Cortesi
32af668814 Minor cleanups. 2014-03-02 22:15:53 +13:00
Aldo Cortesi
f373ac5b6c Improve explicit certificate specification 
- Support cert/key in the same PEM file
- Rationalize arguments, expand tests, clean up a bit
 2014-03-02 17:27:24 +13:00
Aldo Cortesi
863b1e1455 Update for pathod.SSLOptions changes. 2014-03-02 15:58:53 +13:00
Aldo Cortesi
a34a483184 Adapt for new pathod and netlib APIs. 2014-03-02 15:14:22 +13:00
Pedro Worcel
cffae49e34 add helpful messages on wrap 2014-02-22 18:04:56 +13:00
Pedro Worcel
3e50034428 fix the wrapping on backward searches 2014-02-22 17:15:37 +13:00
Pedro Worcel
4284fd3614 add multi-line support to backwards search 2014-02-22 16:32:22 +13:00
Pedro Worcel
3c02865e8b add multi-line support 2014-02-22 15:32:35 +13:00
Pedro Worcel
7a154e1ae1 add basic backwards search 2014-02-22 15:00:10 +13:00
Aldo Cortesi
a85974eaa8 Fix flow initialization order error 
Resolves #210
 2014-02-08 17:17:35 +13:00
Aldo Cortesi
fe4bab2e6f Cleanup: fix unit tests, simpler app test, remove print statements 2014-02-08 12:33:59 +13:00
Maximilian Hils
33b10da57c fix tests 2014-02-07 18:26:42 +01:00
Maximilian Hils
735e4400c4 add tests for reconnect to upstream proxy, ensure that server_reconnect is always hooked 2014-02-07 18:14:15 +01:00
Maximilian Hils
545fc2506b Achievement Unlocked: Proxy Chain 2014-02-07 07:08:59 +01:00
Maximilian Hils
9526c5d565 fix race conditions in test suite 2014-02-07 04:15:24 +01:00
Maximilian Hils
d07029d575 coverage++ 2014-02-07 03:56:57 +01:00
Maximilian Hils
9f5f2b7071 test libmproxy.app, increase coverage 2014-02-07 02:36:39 +01:00
Maximilian Hils
cb397ec788 fix bugs, expose timestamp information to console ui 2014-02-06 00:53:39 +01:00
Maximilian Hils
80683e77bc mock urwid to run console tests on windows, push failing testcases down to 0. :-) 2014-02-05 23:17:26 +01:00
Maximilian Hils
f26d91cb81 add skeleton to change destinatin server during intercept, fix all testcases on windows 2014-02-05 20:26:47 +01:00
Maximilian Hils
d864a326d2 fix all tests except those using set_url and get_url 2014-02-05 14:33:17 +01:00
Maximilian Hils
6a53ae5fd3 push failing tests down to 43 2014-02-04 05:02:17 +01:00
Maximilian Hils
2db5f9de26 bring failing tests back into the double-digit range 2014-01-31 04:45:39 +01:00
Maximilian Hils
7d96ff00ef remove _flow_map from state, improve logging 2014-01-31 03:01:51 +01:00
Maximilian Hils
607f777811 fix most testsuite errors, improve proxy error handling 2014-01-29 02:49:11 +01:00
Maximilian Hils
1e3e0dd127 merge master 2014-01-28 17:29:28 +01:00
Maximilian Hils
17f09aa0af unify ipv4/ipv6 address handling 2014-01-28 17:28:20 +01:00
Maximilian Hils
125166020b move test requirements out of main requirements.txt 2014-01-28 03:09:21 +01:00
Aldo Cortesi
069aca1df4 Deprecate Flow.unload_script in favor of Flow.unload_scripts 
In the presence of arguments, unloading a single script is clumsy and
less useful.
 2014-01-13 14:20:34 +13:00
Aldo Cortesi
4f69eef8f3 Extract command parsing and use in script grid editor 2014-01-13 14:15:17 +13:00
Aldo Cortesi
42d4a2fae9 Script refactoring: move script command parsing into script module. 2014-01-12 23:02:29 +13:00
Aldo Cortesi
e5776b8be3 Clean up and clarify script API 2014-01-12 13:59:32 +13:00
Aldo Cortesi
58e1b3a47f Start refactoring scripts 
- Move ScriptContext into script module
- Use mock module instead of hand-rolled mock objects in tests
 2014-01-12 12:49:19 +13:00
Maximilian Hils
2f63da99c9 ignore console test utilities on windows 2014-01-10 01:39:16 +01:00
Aldo Cortesi
d5f9b02615 Merge pull request #192 from mitmproxy/refactor_read_http_body 
move CONTINUE checks into mitmproxy
 2014-01-04 14:37:47 -08:00
Aldo Cortesi
7d37e0ce10 Merge pull request #193 from droope/search-functionality 
Search functionality
 2014-01-04 14:34:20 -08:00
Aldo Cortesi
ac31039ad3 Merge pull request #198 from Kami/add_css_view 
Add CSS view which beautifies minified CSS files
 2014-01-04 14:04:02 -08:00
Tomaz Muraus
e9f6302ec7 Add CSS view which beautifies CSS files if cssutils library is available, 
otherwise it acts as a no-op.
 2014-01-04 04:49:50 +01:00
Aldo Cortesi
45eab17e0c Decouple message type from message class name. 2014-01-04 14:42:32 +13:00
Aldo Cortesi
1e07d9e6e7 Move app mechanism to flow.py 
Disable apps while message passing is improved.
 2014-01-04 14:35:11 +13:00
Pedro Worcel
799c877676 now really fix it + test 2013-12-26 22:18:34 +13:00
Pedro Worcel
21efe2f2c8 add looping around 2013-12-26 17:04:18 +13:00
Pedro Worcel
9cf8a1a89d fix failing test 2013-12-25 21:08:20 +13:00
root
95406bd119 Add focusing, and fixes non-clearance of prev searches. Add 
documentation.
 2013-12-25 16:50:29 +13:00
root
932464d0a0 test passing, UI still not working 2013-12-24 14:28:20 +13:00
Maximilian Hils
e643759ef6 merge smurfix/fix2, add serverconnect hook docs, adjust tests 2013-12-16 22:10:06 +01:00
Maximilian Hils
f4b58ba495 move CONTINUE checks into mitmproxy 2013-12-15 06:33:18 +01:00
Maximilian Hils
6ec2e6f24f fix script path error in tests 2013-12-15 02:51:35 +01:00
Maximilian Hils
605950bfdf add @concurrent decorator for inline scripts, fixes #176 2013-12-15 02:43:16 +01:00
Maximilian Hils
39ffe10334 add content-length 0 if we remove header for chunked encoding, fixes #186 2013-12-12 04:42:29 +01:00
Maximilian Hils
7db1430ee7 ignore missing CN in certificates. fixes #169 2013-12-12 03:24:17 +01:00
Maximilian Hils
28a234e28b store resolved ip addresses, fixes #187 2013-12-12 02:11:22 +01:00
Maximilian Hils
3bd238de37 backport changes to fix tests 2013-12-08 15:46:11 +01:00
Maximilian Hils
a509a9037b Merge branch 'master' into 0.10 2013-12-08 14:14:57 +01:00
Aldo Cortesi
3a1d85ab18 Merge pull request #134 from mhils/scripts_improvements 
Support multiple scripts and script arguments. refs #76
 2013-12-08 01:14:12 -08:00
Aldo Cortesi
7aeaf9d448 Merge pull request #161 from mitmproxy/external_webapp 
External webapp
 2013-12-08 01:09:46 -08:00
Aldo Cortesi
cb3a4a0f3c Remove obsolete test. 2013-12-08 21:58:55 +13:00
Maximilian Hils
2956c144d3 Merge branch 'master' into 0.10 2013-09-14 23:47:04 +02:00
Aldo Cortesi
aaba940dea Fix pretty_size unit tests. 2013-08-23 10:28:16 +12:00
Maximilian Hils
bb4748fb8f add option to expose webapp externally, remove distinct ip setting 2013-08-18 20:03:53 +02:00
Maximilian Hils
729677cd85 Merge branch 'master' into 0.10 2013-08-17 13:30:36 +02:00
Aldo Cortesi
f850bdd848 Revamp dummy cert store 
We no longer keep these on disk. This is for a number of reasons, including
some race conditions and the fact that some valid IDNA-encoded domain names are
not valid file names on Windows.
 2013-08-12 16:04:02 +12:00
Aldo Cortesi
439d9a294c Make use of a change to netlib.tcp that clarifies error conditions for flush and close. 
Should fix #144.
 2013-07-30 09:42:29 +12:00
Aldo Cortesi
10a9e3365f Some refactoring of the console inteface. 
Reduce some state duplication, by removing currentflow variable.

Fixes #141
 2013-07-28 18:00:49 +12:00
Aldo Cortesi
5c1157ddaf Move app instantiation out of proxy.py. 2013-07-24 10:32:56 +12:00
Maximilian Hils
6fe175913e fix request_timestamps test case 2013-06-18 00:54:07 +02:00
Maximilian Hils
ca9740df20 skip tests on windows that don't make sense 2013-06-18 00:53:38 +02:00
Maximilian Hils
d462b444b7 update tests to reflect changes to options.scripts 2013-06-17 16:48:06 +02:00
Maximilian Hils
fd36142018 Merge remote-tracking branch 'origin/scripts_improvements' into 0.10 2013-06-16 00:41:43 +02:00
Maximilian Hils
ba47690a03 always read files in binary mode 2013-06-16 00:23:44 +02:00
Maximilian Hils
b4f6f09c83 update test script 2013-06-16 00:10:53 +02:00
Maximilian Hils
2b4af8d475 add support for multiple scripts and script arguments. refs #76 2013-06-13 16:09:38 +02:00
Aldo Cortesi
11cc48ca25 Adapt for new request_client_cert option in netlib. 2013-05-13 09:08:24 +12:00
Aldo Cortesi
5cd7563d12 Minor coverage. 2013-04-30 09:13:33 +12:00
Aldo Cortesi
61c794e08f Merge pull request #107 from rouli/master 
Adding remote TCP and SSL setup timestamps
 2013-04-19 17:19:26 -07:00
Nicolas Esteves
d4cfbbb822 Adds a new view for protocol buffers 
The view uses protoc from the Google protocol buffer
tools. If the tool isn't installed, the view isn't
shown.

Google protobuf repo:
https://code.google.com/p/protobuf/
 2013-04-06 19:21:13 +01:00
Aldo Cortesi
51b775cfd4 Merge pull request #101 from eentzel/keep-blank-params 
Keep blank URL parameters
 2013-04-04 15:55:51 -07:00
Aldo Cortesi
e3fd0e838d Add a basic built-in web app. 2013-03-25 09:20:26 +13:00
Rouli
c6bf28f3f7 adding tcp and ssl setup timestamps to get better resolution on flows performance 2013-03-19 18:21:52 +02:00
Aldo Cortesi
d2d3eb6490 Un-break unit tests. Tsk tsk. 2013-03-17 17:53:48 +13:00
Aldo Cortesi
0e993bec6f Add the --host option, which uses the value in the Host header for dispaly URLs. 
- Can be toggled with "o" then "h" in mitmproxy
- Useful for transparent mode
 2013-03-17 17:37:54 +13:00
Aldo Cortesi
cfb5ba89ce Introduce a filtered flow writer, and use it in dump.py 
Fixes #104
 2013-03-14 09:19:43 +13:00
Aldo Cortesi
8a850dc8e6 Few more fuzzing commands, exclude console app from coverage. 2013-03-03 22:39:26 +13:00
Aldo Cortesi
cde66cd584 Fuzzing, and fixes for errors found with fuzzing. 2013-03-03 22:03:27 +13:00
Aldo Cortesi
8216801728 Three more errors turned up with fuzzing. 
These are fixed in netlib, regression tests added here.
 2013-03-03 15:14:49 +13:00
Aldo Cortesi
7835e0c2c7 Begin some simple fuzzing with pathod. 
Finally doing what I started writing pathod for in the first place...
 2013-03-03 14:56:56 +13:00
Aldo Cortesi
e608d10f45 Remove __slots__ to make it possible to inherit from Options classes. 2013-03-03 12:26:20 +13:00
Aldo Cortesi
2465b8a376 100% unit test coverage on proxy.py. Hallelujah! 2013-03-03 12:13:33 +13:00
Aldo Cortesi
d5876a12ed Unit test proxy option parsing. 2013-03-03 11:58:57 +13:00
Aldo Cortesi
33cdd5d083 Unit test proxy auth. 2013-03-03 11:04:33 +13:00
Aldo Cortesi
5c6587d4a8 Move HTTP auth module to netlib. 2013-03-03 10:37:06 +13:00
Aldo Cortesi
bbdb59b9f9 Test controller message default reply. 2013-03-03 09:33:22 +13:00
Aldo Cortesi
c20d1d7d32 Extend unit tests for proxy.py to some tricky cases. 2013-03-02 22:42:36 +13:00
Aldo Cortesi
415844511c Test cert generation errors. 2013-03-02 16:59:16 +13:00
Aldo Cortesi
09c73019c5 Remove human_curl requirement for the test suite - it's pathoc all the way, baby. 2013-03-02 15:09:22 +13:00
Aldo Cortesi
a95d78438c Test SNI for transparent mode. 2013-03-02 15:06:49 +13:00
Aldo Cortesi
10db82e9a0 Test SNI for ordinary proxy connections. 2013-03-02 14:52:05 +13:00
Aldo Cortesi
ba674ad551 New SNI handling mechanism. 2013-03-01 09:05:39 +13:00
Aldo Cortesi
b077189dd5 Test cert file specification, spruce up server testing truss a bit. 2013-02-24 22:52:59 +13:00
Aldo Cortesi
0257815141 Significantly simplify server connection handling, and test. 2013-02-24 22:24:21 +13:00
Aldo Cortesi
705559d65e Refactor to prepare for SNI fixes. 2013-02-24 17:35:24 +13:00
Aldo Cortesi
d0639e8925 Handle server disconnects better. 
Server connections can be closed for legitimate reasons, like timeouts. If
we've already pumped data over a server connection, we reconnect on error. If
not, we treat it as a legitimate error and pass it on to the client.

Fixes #85
 2013-02-24 14:04:56 +13:00
Aldo Cortesi
64285140f9 Test a difficult-to-trigger IOError, fix cert generation in test suite. 2013-02-24 11:34:01 +13:00
Aldo Cortesi
51de9f9fdf Test client connection close conditions. 2013-02-24 10:51:14 +13:00
Aldo Cortesi
05e4d4468e Test request and response kill functionality. 2013-02-23 21:59:25 +13:00
Aldo Cortesi
269780c577 Unit test dummy response functions. 2013-02-23 16:34:59 +13:00
Aldo Cortesi
aaf892e3af Significantly refactor the master/slave message passing interface. 2013-02-17 12:42:48 +13:00
Aldo Cortesi
1ccb2c5dea Test WSGI app calling. 
- Factor out test servers into a separate file
- Adjust docs to note new Flask dependency
 2013-02-16 16:46:16 +13:00
Eric Entzel
6bcf29c0ed Keep blank URL parameters 
TODO: This should probably be configurable
 2013-02-11 13:22:25 +11:00
Aldo Cortesi
782bbee8c0 Unit tests for ServerConnectionPool 2013-01-29 11:35:57 +13:00
Aldo Cortesi
53792a5a28 Beef up unit tests for HAR utility functions - flow.py coverage now 100%. 2013-01-29 10:41:45 +13:00
Aldo Cortesi
6f157d936f Merge pull request #99 from rouli/master 
Adding helper functions to make HAR export easier
 2013-01-28 13:28:49 -08:00
Rouli
330fbfe8cc adding helper functions to make HAR export easier 2013-01-28 17:37:25 +02:00
Aldo Cortesi
57f01ffb07 Test suite, remove extraneous code. 2013-01-28 21:59:03 +13:00
Aldo Cortesi
25cb9471f0 Add tests for client certificate support. 2013-01-20 22:39:28 +13:00
Aldo Cortesi
6600c589ab Rudimentary testing for client certs. 2013-01-18 17:08:30 +13:00
Aldo Cortesi
0f406e9daa Speed up the test suite by reducing time sleeping in tests. 2013-01-18 14:52:19 +13:00
Aldo Cortesi
7a79eeb143 Merge branch 'master' of ssh.github.com:cortesi/mitmproxy 
Conflicts:
	test/test_server.py
 2013-01-18 14:50:31 +13:00
Rouli
6212b69fb4 fixes due to merge with master 2013-01-17 17:36:18 +02:00
Rouli
446f9f0a0f Merge remote-tracking branch 'upstream/master' 2013-01-17 17:33:29 +02:00
Rouli
20fa6a3083 changing requests and responses to have two timestamps, one marking their initiation, and the other their complete 2013-01-17 17:32:56 +02:00
Aldo Cortesi
d0ee4d60d0 Unit tests and minor code refactoring for ServerConnection. 2013-01-05 19:44:12 -08:00
Aldo Cortesi
891c441a6d Use new netlib certificate store implementation. 2013-01-06 01:16:08 +13:00
Aldo Cortesi
9cfc785cd3 Unit test love - 100% for flow.py, dump.py 2013-01-05 21:56:33 +13:00
Aldo Cortesi
46ab6ed491 Minor cleanups of proxy request handling. 2013-01-04 14:19:32 +13:00
Aldo Cortesi
f5e49ef598 First draft of "How mitmproxy works", a complete guide to the mechanics of the proxy process 2013-01-03 17:26:59 +13:00
Aldo Cortesi
e2dc7ba09d First draft of OSX transparent proxy mode. 2013-01-01 11:13:56 +13:00
Aldo Cortesi
5347cb9c26 More work on proxy auth 
- Strip auth header if auth succeeds, so it's not passed upstream
- Actually use realm specification to BasicProxyAuth, and make it mandatory
- Cleanups and unit tests
 2012-12-31 10:56:44 +13:00
Aldo Cortesi
3b84111493 Test and robustify BasicProxyAuth.parse_auth_value 
- This is partly in preparation for moving the implementation to netlib
- Also add an unparse_auth_value for testing (and use in pathod once the move is done)
 2012-12-31 10:34:25 +13:00
Aldo Cortesi
018c229ae4 Start solidifying proxy authentication 
- Add a unit test file
- Remove some extraneous methods
- Change the auth API to make the authenticate method take a header object.
 2012-12-31 09:15:56 +13:00
Aldo Cortesi
8c976ac7f0 Substantially rewrite AMF decoding. 
This is tricky, but we should now handle a lot more corner-cases.
 2012-11-26 13:25:07 +13:00
Aldo Cortesi
0d59fd7e01 Move cleanBin and hexdump into netutils. 2012-09-24 11:21:12 +12:00
Aldo Cortesi
d115b5ae70 Expand Flow.match to accept either a string or a compiled filter expression. 2012-09-14 09:41:01 +12:00
Aldo Cortesi
a77ccc406d Getter and setter for path component on Requests. 2012-08-19 13:03:21 +12:00
Aldo Cortesi
60659a89c3 Little bit of love for the unit tests. 2012-08-19 00:22:42 +12:00
Aldo Cortesi
1b7990897e Command-line options for header setting. 2012-08-19 00:14:16 +12:00
Aldo Cortesi
3e96015e61 Add SetHeaders, analogous to ReplaceHooks, with a graphical editor in mitmproxy (H shortcut). 
SetHeaders defines headers that are set on flows, based on a matching pattern.
Existing headers are over-ridden.
 2012-08-18 23:41:04 +12:00
Aldo Cortesi
b70e91bbd4 Send tracebacks from content viewers to event log. 
Also, 100% test coverage for content viewers.
 2012-08-18 17:42:40 +12:00
Aldo Cortesi
e8553f966f Further simplifcation and testing of contentviews. 2012-08-18 17:29:29 +12:00
Aldo Cortesi
11c63dcb9f Huge cleanup of content viewers. 2012-08-18 17:08:17 +12:00
Sahn Lam
3189d144a5 Optional AMF decoding support 
If PyAMF is installed, enable AMF decoding.
 2012-08-17 18:45:26 -07:00
Aldo Cortesi
a66d018363 Fix unit tests after argparse conversion. 2012-08-18 10:27:31 +12:00
Aldo Cortesi
32ad26f8bf Add a size() method to flow.Request and flow.Response. 2012-08-04 13:18:05 +12:00
Aldo Cortesi
84bffad3fc Fix flow read unit test to accomodate more tolerant dumpfile parsing. 2012-07-24 15:30:52 +12:00
András Veres-Szentkirályi
1a26f8215d removed assigned but unread variables 2012-07-15 22:42:59 +02:00
András Veres-Szentkirályi
da496669c2 removed unused imports 2012-07-15 22:42:45 +02:00
Aldo Cortesi
e4079aa746 Add an ~a filter expression, matching an asset content type in responses. 
Asset content types are Javascript, images, Flash and CSS. This is useful
because doing a quick "!~a" while auditing an app will filter out the majority
of the static asset cruft, letting you focus on what matters.
 2012-07-14 16:55:21 +12:00
Aldo Cortesi
01b8b0d876 Refine semantics of replay_request method. 2012-07-10 23:29:33 +12:00
Aldo Cortesi
04d9ec8c3c Make WSGI apps work in transparent mode. 2012-07-10 15:53:53 +12:00
Aldo Cortesi
79af9e89c4 Test replay corner cases. Fix discovered bugs. 2012-07-09 11:18:03 +12:00
Aldo Cortesi
aab45078ad Unit test request replay thread. 
This is a small patch, but is the culmination of lots of work: we can now unit
test the deep innards of mitmproxy, with coverage. There's a lot more to come
in this vein.
 2012-07-09 11:03:55 +12:00
Aldo Cortesi
e49c920d16 Refator server tests to use flow.FlowMaster and flow.State 2012-07-09 10:58:28 +12:00
Aldo Cortesi
572e8a4962 Add streaming to FlowMaster 2012-07-09 10:18:37 +12:00
Aldo Cortesi
4b6fdc92dc Remove ODict tests. ODict is now in netlib. 2012-07-09 09:54:15 +12:00
Aldo Cortesi
d02bcade3a Add a domain match filter (~d regex) 2012-07-06 22:21:44 +12:00
Aldo Cortesi
aa708a2d28 Fix error when serializing reverted SSL flows. 2012-07-05 11:52:56 +12:00
Aldo Cortesi
90365e270e Catch and handle SSL connection errors. 2012-07-01 12:10:32 +12:00
Aldo Cortesi
d74a341e5d Beef up logging substantially. 2012-07-01 00:15:03 +12:00
Aldo Cortesi
f070e4523a Handle invalid data more gracefully. 
Fixes #47
 2012-06-30 15:59:42 +12:00
Aldo Cortesi
47651b1ff2 Serialization and de-serialization of new cert format. 2012-06-28 14:29:15 +12:00
Aldo Cortesi
35ee0c098f Remove certutils from mitmproxy. 2012-06-27 16:43:33 +12:00
Aldo Cortesi
8ccfb376f3 Remove -T and -U command-line options. 
They're redundant convenience options, and we need more space.
 2012-06-26 19:57:59 +12:00
Aldo Cortesi
874649f134 Adapt for API changes in netlib. 2012-06-23 14:06:34 +12:00
Aldo Cortesi
7cb242c168 Move wsgi to netlib. 2012-06-19 10:42:55 +12:00
Aldo Cortesi
1b1ccab8b7 Extract protocol and tcp server implementations into netlib. 2012-06-19 09:58:50 +12:00
Aldo Cortesi
7b9756f48e Refactor protocol.py to remove dependence on flow and utils. 2012-06-17 10:52:39 +12:00
Aldo Cortesi
aae8a9959c Pull out protocol components into protocol.py 2012-06-16 21:23:32 +12:00
Aldo Cortesi
d5a0099f49 Test suite and refactoring for netlib. 2012-06-16 16:22:51 +12:00
Aldo Cortesi
4e53f1ee90 Rename our tcpserver to netlib, expand to include client network functions. 2012-06-16 13:38:10 +12:00
Aldo Cortesi
c7952371b7 Fix a problem in ODictCaseless that could cause duplicate headers. 2012-06-15 17:40:08 +12:00
Aldo Cortesi
8ae3270807 Basic transparent mode. 2012-06-15 09:47:04 +12:00
Aldo Cortesi
a9495dc02f Refactor test suite to make room for transparent mode tests. 2012-06-15 09:20:10 +12:00
Aldo Cortesi
8a9352b3f7 First draft conversion of server to PyOpenSSL. 2012-06-13 18:16:47 +12:00
Aldo Cortesi
d032504b17 Fix an exception when replaying a flow with no response. 2012-06-10 17:10:43 +12:00
Aldo Cortesi
d60fa9918b Localise client connection object manipulation. 
This simplifies the call signature for a bunch of functions.
 2012-06-10 16:49:59 +12:00
Aldo Cortesi
6ba5f0f35b Add HTTP version to response objects. 
Another change in the serialization format.
 2012-06-10 13:27:43 +12:00
Aldo Cortesi
52779d9db9 Refactoring of proxy.py 
- Correctly pass HTTP request version on to upstream servers
- Adjust tests not to hang due to a pathod response with no content-length
 2012-06-10 13:17:18 +12:00
Aldo Cortesi
55ddf853cd Add HTTP version to flow.Request 
This is a serialization format change, that makes us incompatible with previous
versions.
 2012-06-10 10:46:22 +12:00
Aldo Cortesi
a3b47e0cb5 Consolidate HTTP major and minor versions into a single variable. 2012-06-10 10:31:04 +12:00
Aldo Cortesi
8254187bf3 Add proxy.should_connection_close, and strip out unused code. 2012-06-10 10:10:46 +12:00
Aldo Cortesi
18c1b44475 Reverse proxy testing. 2012-06-09 20:41:28 +12:00
Aldo Cortesi
05492baf8d Move from requests to human_curl. 
It turns out that _none_ of the Python stdlib or anything that relies on it
supports CONNECT through a proxy. Beggars belief, but there you go.
 2012-06-09 16:17:51 +12:00
Aldo Cortesi
22192d1a46 Nose mopup: docs, no cover pragmas, a few missing path specs. 2012-06-09 13:55:55 +12:00
Aldo Cortesi
b7b357528c Port mitmproxy test suite entirely to nose. 2012-06-09 13:42:43 +12:00
Aldo Cortesi
a63240a848 Move pathod service testing truss to nose. 2012-06-09 12:13:01 +12:00
Aldo Cortesi
e78b48ab20 Start conversion to nose. 
RIP pry.
 2012-06-09 10:57:00 +12:00
Aldo Cortesi
7a312546f3 Shift mitmproxy test suite over to pathod. 
This opens a whole brave new world of testing for mitmproxy.
 2012-06-08 10:00:16 +12:00
Aldo Cortesi
e9109812e1 Split parsing of intial line into separate protocols. 2012-06-03 06:04:57 -07:00
Aldo Cortesi
491f9bdcee Add unit tests for console/help.py 2012-06-03 01:11:07 -07:00
Aldo Cortesi
ee2950cd19 Fix a crashing bug when replacing text in a flow with unicode bodies. 2012-05-25 18:10:31 -07:00
Aldo Cortesi
0a90a3eaba Refuse to replay a request with missing content. 2012-05-16 18:24:32 +12:00
Aldo Cortesi
0c2d894cea Add the ability to flag content as missing in a request or a response. 
We'll use this in a number of situations. First, we'll soon have response
streaming that directly pipes responses to clients. These will be content-less
from mitmproxy's perspective. Second, we'll be growing new events that fire
after headers are received, but before content is read.
 2012-05-16 15:42:58 +12:00
Aldo Cortesi
116fcfcf7a Internal error page for WSGI. 
Also, 100% test coverage.
 2012-04-27 15:56:42 +12:00
Aldo Cortesi
c8d2b2594b Add a WSGI adapter that lets us serve a WSGI app out of mitmproxy. 
This commit adds:
    - A WSGI App adapter for mitmproxy
    - An app registry in the proxy instance that lets us link WSGI apps with
    (hostname, port) combinations.
    - Fixes for a number of bugs discovered while creating this feature.
 2012-04-24 14:52:29 +12:00
Aldo Cortesi
8c96264304 Serialized data version check. 2012-04-11 10:10:53 +12:00
Aldo Cortesi
4e2d19714c Add an "f" shortcut key to load full body contents. 2012-04-08 19:44:01 +12:00
Aldo Cortesi
a4f7728fad XML/HTML pretty view tweaks. 2012-04-07 22:15:31 +12:00
Aldo Cortesi
f1dc3f2ab2 Integrate lxml for pretty-printing HTML and XML. 
Tackling the pretty-printing performance problem head-on, at the cost of a
major dependency.
 2012-04-07 13:47:03 +12:00
Aldo Cortesi
ab0e10e60f Serialize requestcount for ClientConnect objects. 2012-04-03 22:37:24 +12:00
Aldo Cortesi
61fab03b24 Add a details page, available from a flow view with the 'X' shortcut 
At the moment, this shows the upstream SSL certificate details. More
fine-grained detail that doesn't fit in the flow view itself will be added.
 2012-04-03 11:10:25 +12:00
Aldo Cortesi
f526e5fa12 Minor unit test bump. 2012-04-03 09:52:26 +12:00
Aldo Cortesi
4979a22d3e Add accessor method for SSLCert object on Response. 2012-04-02 17:02:23 +12:00
Aldo Cortesi
ab1d8fa350 Expand SSL cert support 
- Capture the remote SSL certificate
- Expose the remote cert as an attribute on Response
- Expand the certutils.SSLCert interface to expose more cert info
 2012-04-02 16:21:23 +12:00
Aldo Cortesi
c02fdb2463 Refactor proxy.Server to fix a crash when replaying with -n 2012-04-02 13:24:51 +12:00
Aldo Cortesi
15cc09f1b8 Start rationalizing content views. 
We now no longer have distinction between "pretty" view and hex/raw. Instead,
we simply a default AUTO view with a global override (M) and a local override
(m).
 2012-04-02 10:30:35 +12:00
Aldo Cortesi
7fef0ecdf5 Make "T" pretty view over-ride persistent when switching between flows. 
We do this by adding a flow settings mechanism to ConsoleState. This is pretty
rough at the moment and should become more sophisticated as needed.
 2012-04-02 09:30:38 +12:00
Aldo Cortesi
e9ac4bef20 Add a variant of cleanBin that escapes newlines and tabs. 
Use this to fix the hex display option.
 2012-03-27 11:25:50 +13:00
Aldo Cortesi
a050eeef05 Add a pretty-viewer for images. 
This shows basic image information like dimensions, plus extracted EXIF tags
and other metadata.
 2012-03-26 11:26:02 +13:00
Aldo Cortesi
2240d2a6a5 Pretty view now indents Javascript. 
Thanks to the JSBeautifier project, which is now included in the contrib directory.
 2012-03-25 10:56:45 +13:00
Aldo Cortesi
74c51df580 Re-enable simple multipart form parsing and preview. 2012-03-25 10:10:48 +13:00
Aldo Cortesi
62e51018d0 Refactor pretty view mechanism. 
Also start adding unit tests for this subsystem.
 2012-03-24 14:20:24 +13:00
Aldo Cortesi
ed74ed24a0 Add error indications to GridEditor. 2012-03-23 13:28:33 +13:00
Aldo Cortesi
2739cb4861 Add a simple parser for content type specifications. 2012-03-20 10:31:07 +13:00
Aldo Cortesi
5690e7c399 Generalize GridEditor to N columns. 
Start adding a replacement rule editor.
 2012-03-18 14:39:21 +13:00
Aldo Cortesi
76175672ad Add specification of replacement patterns on the command line. 2012-03-17 17:20:34 +13:00
Aldo Cortesi
c8ae1e85b3 Hooks -> ReplaceHooks 
It makes more sense to specialize this, which will let me build a nicer
interface for replacement hooks in mitmproxy.
 2012-03-17 11:31:05 +13:00
Aldo Cortesi
08f410cacc Add a hooks mechanism, based on filter expressions. 2012-03-16 17:13:11 +13:00
Aldo Cortesi
d138af7217 replace() methods now decode and re-encode contents before substitution. 2012-03-16 11:24:18 +13:00
Aldo Cortesi
d51b8cab0c Add a decoded context manager. 
This simplifies a common chore when modifying traffic - decoding the object,
modifying it, then re-encoding it with the same encoding afterwards. You can
now simply say:

with flow.decoded(request):
    request.content = "bar"
 2012-03-16 11:12:56 +13:00
Aldo Cortesi
fa6305ee98 Cleanliness fixes. 
- Remove unused code during previous commit.
- Code coverage fixes.
 2012-03-12 11:25:50 +13:00
Aldo Cortesi
d3aad7a185 Merge remote-tracking branch 'taiste/server-replay-pop' 2012-03-10 13:36:50 +13:00
Valtteri Virtanen
041eafba73 Added tests for ServerPlaybackState with nopop 2012-03-05 13:57:57 +02:00
Valtteri Virtanen
5b5b79f5c4 Fixed old tests 2012-03-05 13:40:18 +02:00
Aldo Cortesi
e1356dd2b6 Create an SSL certificate class. 2012-03-05 10:22:47 +13:00
András Veres-Szentkirályi
15ad7704d2 Removed imports left unused after Py{OpenSSL,ASN1} 
Commits 533f61f67a and
8b841bc9e3 left some imports unused while
swithing to PyOpenSSL and PyASN1 -- this commit removes these imports.
 2012-03-01 16:20:34 +01:00
Aldo Cortesi
533f61f67a Use PyOpenSSL and PyASN1 for certificate parsing. 
Yes, these are two more major dependencies for mitmproxy, but if we're going to
do all the cool things I want to do with SSL certs, there is no other way.
 2012-03-01 21:08:44 +13:00
Aldo Cortesi
8b841bc9e3 Factor out cert operations in to certutils.py. 2012-02-29 13:20:53 +13:00
Aldo Cortesi
688faa9baa Repair unit tests. 2012-02-27 20:34:47 +13:00
Aldo Cortesi
764724748b Fix cert generation harder. 2012-02-27 15:59:29 +13:00
Aldo Cortesi
2ba8296843 Better certificate parsing. 2012-02-27 15:21:05 +13:00
Aldo Cortesi
00942c1431 Add upstream certificate lookup. 
This initiates a connection to the server to obtain certificate information to
generate interception certificates. At the moment, the information used is the
Common Name, and the list of Subject Alternative Names.
 2012-02-27 15:05:45 +13:00
Aldo Cortesi
986a41d180 Unit test++. 2012-02-25 12:19:54 +13:00
Aldo Cortesi
25fa596cd6 Fix detection of URL-encoded forms. 
Thanks to Paul Capestany <capestany@gmail.com> for reporting this.
 2012-02-24 13:03:24 +13:00
Aldo Cortesi
ddc9155c24 Make "~q" filter work more intuitively. 
It now matches any flow that has no response.
 2012-02-23 17:06:09 +13:00
Aldo Cortesi
2df9c52c09 Refactor filter matching. 2012-02-23 17:03:58 +13:00
Aldo Cortesi
dbd75e02f7 Create ODictCaseless for headers, use vanilla ODict for everything else. 2012-02-20 11:29:36 +13:00
Aldo Cortesi
18029df99c Use ODict for request.get_form_urlencoded and set_form_urlencoded 2012-02-20 11:13:35 +13:00
Aldo Cortesi
b0f77dfefd Unit test import cleanups. 2012-02-20 11:04:07 +13:00
Aldo Cortesi
fa11b7c9be Use ODict for Request.get_query and Request.set_query 2012-02-20 10:44:47 +13:00
Aldo Cortesi
2616f490fe Rename Headers class to ODict 
ODict is an ordered dictionary class that will be useful in many other parts of
our API.
 2012-02-20 10:39:00 +13:00
Aldo Cortesi
d32d6bc5e3 Add "p" key binding to connection list view to copy a flow. 2012-02-19 00:17:47 +13:00
Aldo Cortesi
8ddc3b4ef2 Add API for duplicating flows. 2012-02-18 23:56:40 +13:00
Aldo Cortesi
7aa79b89e8 Firm up what we consider to be a valid proxy spec. 2012-02-18 16:29:02 +13:00
Aldo Cortesi
6ad8b1a15d Firm up reverse proxy specification. 
- Extract proxy spec parsing and unparsing functions.
- Add a status indicator in mitmproxy.
- Add the "R" keybinding for changing the reverse proxy from within mitmproxy.
 2012-02-18 16:27:09 +13:00
Aldo Cortesi
a7df6e1503 Refactor reverse proxying 
- Retain the specification from the Host header as a Request's description.
- Expand upstream proxy specifications to include the scheme. We now say https://hostname:port
- Move the "R" revert keybinding to "v" to make room for a reverse proxy
binding that matches the command-line flag.
 2012-02-18 14:45:22 +13:00
Aldo Cortesi
acdc2d00b4 Repair unit tests. 2012-02-18 12:27:59 +13:00
Aldo Cortesi
da1ccfddeb 100% test coverage for flow.py 2012-02-10 15:55:58 +13:00
Aldo Cortesi
1ad7e91527 Make filter matching act more sensibly. 2012-02-10 15:31:45 +13:00
Aldo Cortesi
5f785e26b9 Add filter for detecting flows with errors. 
Also, remove dependency on weird _is_response method.
 2012-02-10 15:22:26 +13:00
Aldo Cortesi
b14c29b25c Expand test coverage. 2012-02-10 15:04:20 +13:00
Aldo Cortesi
9c985f2d20 Methods for getting and setting form urlencoded data on Request. 2012-02-10 14:27:39 +13:00
Aldo Cortesi
2709441d5b Add get_query and set_query methods to Request. 2012-02-09 16:40:31 +13:00
Aldo Cortesi
cdd5a53767 Refactor console. 
Split the console implementation out into logical components.
 2012-02-07 16:39:37 +13:00
Aldo Cortesi
35a914a549 Fix unit tests broken during previous commit. 2012-01-21 14:39:36 +13:00
Aldo Cortesi
d5e3722c97 Fix an issue caused by some editors when editing a request/response body. 
Many editors make it hard save a file without a terminating newline on the last
line. When editing message bodies, this can cause problems. For now, I just
strip the newlines off the end of the body when we return from an editor.
 2012-01-21 12:43:00 +13:00
Mark E. Haase
05111f093d Add support for filtering by HTTP method (get, post, etc.) using ~m operator. 2011-12-28 17:32:29 -05:00
Aldo Cortesi
67f2610032 Add HTTP body size limit specification to command-line tools. 2011-09-09 15:27:31 +12:00
Aldo Cortesi
28daa93268 Basic infrastructure for request and response body size limits. 2011-09-09 14:49:34 +12:00
Aldo Cortesi
e5bded7dee Improve robustness against invalid data. 2011-09-05 07:47:47 +12:00
Aldo Cortesi
45f4768a5c Add attribution and license for tnetstring.py 2011-08-19 21:53:52 +12:00
Aldo Cortesi
a566684e32 Move to typed netstrings for serialization. 
This change is backwards incompatible with the old serialization format!
 2011-08-19 21:30:24 +12:00
Aldo Cortesi
b51aac8a86 Code cleanliness - appease pychecker. 2011-08-04 10:34:34 +12:00
Aldo Cortesi
730c78ac53 Move script.Context to flow.ScriptContext 2011-08-04 10:14:44 +12:00
Aldo Cortesi
7a3b871b33 Request class now has a clean pydoc profile. 2011-08-04 09:26:26 +12:00
Aldo Cortesi
0760607a7d Further interface cleaning. 2011-08-03 23:02:33 +12:00
Aldo Cortesi
9042d3f3b9 Clean up interfaces by making some methods pseudo-private. 2011-08-03 22:48:57 +12:00
Aldo Cortesi
57c653be5f Move all HTTP objects to flow.py 
That's Request, Response, ClientConnect, ClientDisconnect, Error, and Headers.
 2011-08-03 22:41:38 +12:00
Aldo Cortesi
e337682d8e Enable "|" command to run a oneshot script on a single flow. 2011-08-03 17:35:18 +12:00
Aldo Cortesi
179cf75862 Add script hooks, enable new engine for mitmdump. 2011-08-03 16:36:20 +12:00
Aldo Cortesi
12d2b1f926 Rip out old script interface, start replacing with new stubs. 
Scripts are broken for now.
 2011-08-03 13:20:36 +12:00
Aldo Cortesi
62088a6661 Start stubbing out a much more powerful script architecture. 2011-08-03 11:06:29 +12:00
Aldo Cortesi
a817db5bd6 Refresh current connection when toggling autodecode. 
Also fix the unit tests I forgot to commit...
 2011-08-02 20:47:53 +12:00
Aldo Cortesi
1ff6a767d0 Unit test++ 2011-08-02 16:52:47 +12:00
Aldo Cortesi
357502fe03 General cleanup. 
Cut out unused variables and code, generally shut up pychecker as much as is
reasonable.
 2011-08-02 16:14:33 +12:00
Aldo Cortesi
f3742f29da We no longer need to track clientconnections. 2011-08-02 14:56:09 +12:00
Aldo Cortesi
675b3133b4 Improve performance of loading flows from a file hugely. 
Fell into the "expensive __eq__ method" trap. Oh, Python, you little scamp.
 2011-08-01 11:26:09 +12:00
Aldo Cortesi
43f1c72511 Refactor the way we calculate views of the flow list. 
The naive approach we used before recalculated the view on every access, and
consequently had serious performance problems.
 2011-08-01 11:17:01 +12:00
Aldo Cortesi
ddb5748a76 Add decoding/encoding for requests. 2011-08-01 10:43:01 +12:00
Aldo Cortesi
c89c4361c3 Merge remote-tracking branch 'alts/encoding' 2011-07-28 11:19:07 +12:00
Stephen Altamirano
78049abac1 Changes replace logic to function in both Python 2.6.x and 2.7.x 
Tests now only assume Python 2.6.x rather than requiring 2.7.x. This does not preclude the use of flags as a kwarg in replace
 2011-07-26 22:47:08 -07:00
Stephen Altamirano
acd511f676 Adds test method for Response encoding and decoding 2011-07-26 22:38:42 -07:00
Aldo Cortesi
4043829cf2 Add an eventlog option to mitmdump 
This shows client connections, disconnections and requests (before a complete
flow is assembled). We need to add an analogous display to mitmproxy.
 2011-07-23 12:57:54 +12:00
Aldo Cortesi
47e1695512 Also replace strings path for requests. 2011-07-22 20:52:13 +12:00
Aldo Cortesi
1b961fc4ad Add utility functions to search and replace strings in flows 
This is a common task in pentesting scenarios. This commit adds the following
functions:

utils.Headers.replace
proxy.Request.replace
proxy.Response.replace
flow.Flow.replace
 2011-07-22 17:48:42 +12:00
Stephen Altamirano
ecd4645988 Adds encode counterparts to decode functions 2011-07-17 20:16:47 -07:00
Aldo Cortesi
ce41046786 Refine encoding support 
- Push decoding down into the LRU cache
- Cope gracefully with corrupted data and incorrect encoding headers
 2011-07-17 10:25:25 +12:00
alts
6dc0f105cc Adds support for content encoding, namely gip and deflate 2011-07-16 02:47:06 -07:00
Aldo Cortesi
94ae720a22 Add a pretty-printing mode for urlencoded form data. 2011-07-15 16:46:54 +12:00
Aldo Cortesi
76b4c6ba82 Introduce an anti-compression command-line argument. 
This is on by default, which means we avoid compressed content unless the -z
flag is specified.
 2011-07-15 15:24:56 +12:00
Aldo Cortesi
7e21ac0eb8 Refine path completion somewhat. 
Make it match the behaviour of vim and mutt more closely
 2011-07-14 16:54:04 +12:00
Aldo Cortesi
1c9e7b982a Rewrite Headers object to preserve order and case. 2011-07-14 16:01:54 +12:00
Aldo Cortesi
8e176c2086 Cast some data read from dump files to str, to prevent unicode promotion. 
This fixes a bug that caused a traceback when de-serialized requests were
replayed. Also adds unit tests for the problem.
 2011-07-01 14:20:42 +12:00
Aldo Cortesi
18d4c3a9e9 JSON pretty-printing. 
Also rename the display modes ("pretty" instead of "indent"), and expand the
built-in documentation.
 2011-06-30 13:27:27 +12:00
Aldo Cortesi
f004326855 Try not to hang when user views large request & response bodies 
Two different strategies here:

    - Use a simple heuristic to detect if we're looking at XML data when indent
    mode is used. On non-XML data we can hang even on small documents.

    - Only view partial data for large bodies. At the moment the cutoff is
    100k. I might finetune this later.
 2011-06-27 15:59:17 +12:00
Aldo Cortesi
7d7803a4d9 Add a hideous kludge to fix not-yet-valid certificates. 
- The OpenSSL x509 has no way to explicitly set the notBefore value on
certificates.

- If two systems have the same configured time, it's possible to return a
certificate before the validity start time has arrived.

- We "solve" this by waiting for one second when a certificate is first
generated before returning the cert. The alternative is to rewrite pretty much
all of our certificate generation, a thought too horrible to contemplate.
 2011-06-11 15:16:16 +12:00
Aldo Cortesi
613e9a298e Add a new flow loading mechanism. 
We now simulate the normal connection flow when we load flows. That means
that we can run scripts, hooks, sticky cookies, etc.
 2011-05-15 11:22:35 +12:00
Aldo Cortesi
c0bd1a39e4 unit test coverage ++ 2011-03-20 18:52:16 +13:00
Aldo Cortesi
c726519e73 Add a stickyauth option. 
This allows us to replay an HTTP Authorization header, in the same way as we
replay cookies using stickycookies. This lets us conveniently get at HTTP Basic
Auth protected resources through the proxy, but is not enough to do the same
for HTTP Digest auth. We'll put that on the todo list.
 2011-03-20 17:31:54 +13:00
Aldo Cortesi
4f877cde6a Reverse order of flows in mitmproxy. 
It matches user expectations much better to have new flows appended to the bottom.
 2011-03-20 09:31:39 +13:00
Aldo Cortesi
e22fd74d06 Revamp key generation. 
We now create three different files in the .mitmproxy directory when a dummy CA
is made:

mitmproxy-ca.pem - the CA, including private key

mitmproxy-ca-cert.p12 - A pkcs12 version of the certificate, for distribution to Windows.

mitmproxy-ca-cert.pem - A PEM version of the certificate, for distribution to everyone else.
 2011-03-18 16:45:31 +13:00
Aldo Cortesi
394bd1d6b0 Interrupt interception when deleting an intercepting flow. 
Prompting the user for this is annoying.
 2011-03-15 17:53:29 +13:00
Aldo Cortesi
6d5c32ad4b Fix hang on shutdown. 2011-03-15 17:21:35 +13:00
Aldo Cortesi
fb28e71f0b Do pre-processing of requests before replay. 
This enables scripts, anticache, server playback and sticky cookies for
request replays.
 2011-03-15 15:11:03 +13:00
Aldo Cortesi
fe1e2f16ff Improve responsiveness of request and response viewing. 
- Computing the view of a large body is expensive, so we introduce an LRU cache
to hold the latest 20 results.

- Use ListView more correctly, passing it individual urwid.Text snippets,
rather than a single large one. This hugely improves render time.
 2011-03-15 13:05:33 +13:00
Aldo Cortesi
2e70a0e44b Fix unit tests on OSX when a system proxy is configured. 2011-03-14 14:05:14 +13:00
Aldo Cortesi
e35fd7126b Fix flow formatting unit tests. 2011-03-14 13:49:30 +13:00
Aldo Cortesi
1e47167ac6 Fix a traceback sometimes triggered viewing a connection with no response. 2011-03-13 20:03:13 +13:00
Aldo Cortesi
324d7c3955 Add client plaback to mitmproxy. 2011-03-13 16:50:11 +13:00
Aldo Cortesi
3ef9d2cffc flow.py 100% test coverage 2011-03-13 14:51:25 +13:00
Aldo Cortesi
c901cbbada mitmproxy prompted input now display previously set value. 
E.g. if you set a limit, then re-enter the limit prompt, you start with the
currently set value.
 2011-03-13 11:24:49 +13:00
Aldo Cortesi
9a9a2d9125 Unit tests for proxy.read_chunked 2011-03-12 16:00:01 +13:00
Aldo Cortesi
4ce393cc41 Unit tests for cmdline.py 2011-03-12 15:14:25 +13:00
Aldo Cortesi
96b10ca486 console.py 100% test coverage 2011-03-12 15:08:06 +13:00
Aldo Cortesi
fbbc43a5b2 netstring.py 100% unit test coverage. 2011-03-12 14:39:41 +13:00
Aldo Cortesi
9f16a84a9e Make mitmdump handle invalid serialized data gracefully. 2011-03-11 15:16:31 +13:00
Aldo Cortesi
7d85db0da3 Display Errors and killed connections in mitmdump. 2011-03-11 13:06:51 +13:00
Aldo Cortesi
daa9653ebe Add --norefresh to stop refreshing server playback to mitmdump. 
Also, make cookie parsing for refreshing more error-tolerant.
 2011-03-11 11:56:10 +13:00
Aldo Cortesi
e99b1d1949 Stub out refresh for server-side replay. 2011-03-09 20:05:30 +13:00
Aldo Cortesi
03f1345385 Add an --anticache option to mitmdump. 
This removes all headers that might cause a server to return 304-not-modified.

For now, all the new features are going into mitmdump - everything will be
ported over to mitmproxy once I have the feature set locked down.
 2011-03-09 13:15:31 +13:00
Aldo Cortesi
765871bd11 Store timestamps on flow components as a UTC time tuple. 
Format is:

(tm_year,tm_mon,tm_mday,tm_hour,tm_min, tm_sec,tm_wday,tm_yday,tm_isdst)
 2011-03-07 13:46:02 +13:00
Aldo Cortesi
7330f5fccf Make mitmdump server playback also exit by default. 
Like client playback, the --keepserving option makes mitmdump keep serving.
 2011-03-06 17:08:56 +13:00
Aldo Cortesi
ec00b5a66e Make mitmdump exit after client replay is complete by default. 
Add an option --keepserving to make it keep serving after replay.
 2011-03-06 16:54:49 +13:00
Aldo Cortesi
e794cbc0d8 Add flow_count and active_flow_count methods to flow.State. 
Use these in unit tests where sensible.
 2011-03-06 16:11:45 +13:00
Aldo Cortesi
42ffded626 Bump unit tests, rearrange mitmdump command-line options slightly. 2011-03-06 16:02:28 +13:00
Aldo Cortesi
bad77f3470 Add client replay options to mitmdump. 2011-03-06 11:21:31 +13:00
Aldo Cortesi
d9cb083809 Reorganize test suite to remove confusion between test utils and libmproxy utils. 2011-03-05 15:58:48 +13:00
Aldo Cortesi
5da4099ddf Massage namespace to make room for client replay. 
Mostly replay -> server_replay
 2011-03-05 13:03:26 +13:00
Aldo Cortesi
96471fde1d Basic client playback state structure. 2011-03-04 13:08:43 +13:00
Aldo Cortesi
6921b9ff2a Add an indicator that sticky cookies have been applied in mitmdump. 2011-02-25 21:23:44 +13:00
Aldo Cortesi
8cade9fbbf Move stringification funcs from proxy to dump. 2011-02-25 21:11:44 +13:00
Aldo Cortesi
57f96c5fe0 Minor housekeeping - unused code, nocover directives. 
95% test coverage.
 2011-02-24 15:44:08 +13:00
Aldo Cortesi
79039eb5d2 More mature sticky cookie primitive. Use it in console.py. 2011-02-24 15:26:34 +13:00
Aldo Cortesi
57947b328e Start abstracting out sticky cookie state. 2011-02-24 10:33:39 +13:00
Aldo Cortesi
39207ffdd2 Add a way for users to specify header significance in server replay. 
Also add the --rheader command-line option to mitmdump to let the user specify
an arbitrary number of significant headers. The default is to treat no headers
as significant.
 2011-02-23 10:54:51 +13:00
Aldo Cortesi
7bc913c40d Move script hooks into the flow primitives. 
This lets handle scripts in corner cases like playback situations more easily.
 2011-02-21 11:40:49 +13:00
Aldo Cortesi
fe99871df8 Add --kill option to mitmdump 
If this option is passed all requests that are not part of a replayed
conversation are killed. If the option is not passed, such requests are passed
through to the server as usual.
 2011-02-21 11:08:35 +13:00
Aldo Cortesi
fd4dd8cb6b First pass of playback function for mitmdump. 2011-02-21 09:54:39 +13:00
Aldo Cortesi
deb79a9c5a Add a simple server playback state object. 
We use a loose hash to match incoming requests with recorded flows. At the
moment, this hash is over the host, port, scheme, method, path and content of
the request. Note that headers are not included here - if we do want to include
headers, we would have to do some work to normalize them to remove variations
between user agents, header order, etc. etc.
 2011-02-21 08:47:19 +13:00
Aldo Cortesi
aa16194518 Clean up and strip down netstrings module. 2011-02-20 14:03:32 +13:00
Aldo Cortesi
7ddba22f51 Certificates are now generated in a temporary per-session directory. 
This means that certificates don't accumulate in the conf directory, users
don't have to clear certificates if the CA is regenerated, and the user can
specify a custom CA without invalid certificates being loaded inadvertently.
 2011-02-20 13:29:41 +13:00
Aldo Cortesi
c2ae8285f4 Revamp SSL configuration. 
- Move option parsing utiliities to proxy.py

- Don't have a global config object. Pass it as an argument to ProxyServer.

- Simplify certificate generation logic.
 2011-02-20 12:53:42 +13:00
Aldo Cortesi
4fc807cedd Clean up certificate generation. 
- Use templates for config files. We can re-introduce customization of the
certificate attributes when we need them.

- Split CA and cert generation into separate functions.

- Generation methods provide an error return when generation fails.

- When the user explicitly specifies a certificate, we don't generate it, but
fail if it doesn't exist.
 2011-02-20 12:17:10 +13:00
Aldo Cortesi
d7ace1ce9e Bump unit tests for flow.py and dump.py 2011-02-20 09:55:42 +13:00
Aldo Cortesi
9c5c3c2b1a Implement state loading that doesn't change object identity. 
We need this to let us load state from copied Flows returned from scripts.
 2011-02-20 09:36:13 +13:00
Aldo Cortesi
1549ec8079 Bump test coverage to 100% for flow.py 2011-02-19 17:21:08 +13:00
Aldo Cortesi
d9c6be3d13 Fix serialization when a Request has no associated client connection. 2011-02-19 17:03:44 +13:00
Aldo Cortesi
5da27a9905 Refactor Flow primitives to remove HTTP1.0 assumption. 
This is a big patch removing the assumption that there's one connection per
Request/Response pair. It touches pretty much every part of mitmproxy, so
expect glitches until everything is ironed out.
 2011-02-19 17:00:24 +13:00
Aldo Cortesi
cd4eea3934 First pass of script hooks for mitmdump. 
Also stub out docs, improve mitmdump error handling.
 2011-02-18 12:40:45 +13:00
Aldo Cortesi
f028dc7e1b Add filtering to mitmdump. 2011-02-17 10:44:08 +13:00
Aldo Cortesi
f0f1fb4b55 Add file writing to mitmdump. 2011-02-17 10:18:38 +13:00
Aldo Cortesi
f5511350eb Tweaks and cleanups for mitmdump. 2011-02-16 23:03:46 +13:00
Aldo Cortesi
0dd1aa7cc7 Initial port of mitmdump to Flows. 2011-02-16 22:10:24 +13:00
Aldo Cortesi
66349c9783 FlowMaster bugfixes and unit tests. 2011-02-16 16:43:35 +13:00
Aldo Cortesi
33dac700fa Switch over to new serialization format. 
Remove BSON from contrib.
 2011-02-16 15:10:00 +13:00
Aldo Cortesi
0c6f846861 First draft of the new serialization mechanism. 2011-02-16 14:33:04 +13:00
Aldo Cortesi
5692c7359c Import Will McGugan's netstring module. 
Module is in the Public Domain.

I expect to modify and extend this module, so I've imported into main library
rather than contrib. Code has been reformatted to suite our code standard,
tests have been extrated into /tests directory.
 2011-02-16 11:21:06 +13:00
Aldo Cortesi
6339f521fc Repair unit test to match removal of arg from Response class. 2011-02-16 11:20:00 +13:00
Henrik Nordstrom
89627a702a drop unused protocol parameter from Response 2011-02-15 22:24:38 +01:00
Aldo Cortesi
759496e24e Repair unit test suite. 2011-02-11 11:06:30 +13:00
Aldo Cortesi
a4eaafab5a Further fine-tuning for pretty_xmlish. 2011-02-06 16:56:13 +13:00
Aldo Cortesi
7156d1a73a Rip out BeautifulSoup, and use a custom XML-ish prettyprinter. 2011-02-06 14:17:30 +13:00
Aldo Cortesi
d0c2d9480c Also serialize ClientConnection and flow backups. 2011-02-06 10:28:43 +13:00
Aldo Cortesi
2ad4c5adf3 Get rid of ReplayConnection - we now have only one ClientConnection class. 2011-02-04 10:58:08 +13:00
Aldo Cortesi
2cb7429d38 Change "connection" to the less confusing "client_conn" throughout. 2011-02-03 14:51:32 +13:00
Aldo Cortesi
7924f07971 Fine-tune completion a bit. 2011-02-03 13:50:57 +13:00
Aldo Cortesi
6c89749f0a Add timestamps to flows. 
For now, these are only displayed on the connection view screen, with second
granularity.
 2011-02-03 13:30:47 +13:00
Aldo Cortesi
d8cb826361 Test suite rejiggering and cleanup. 2011-02-03 12:16:03 +13:00
Aldo Cortesi
db99da6af5 Improve script handling. 
- Display output in external viewer when script exits with error.

- Add a "changed" indicator to show if a request can be reverted.
 2011-02-02 11:44:28 +13:00
Aldo Cortesi
405e60215c View script debug output (stderr) in pager. 2011-02-02 10:09:16 +13:00
Aldo Cortesi
b886f808be Add an external script API. 
External scripts can read a flow, modify it, and then return it to mitmproxy
using a simple API.

The "|" keyboard shortcut within mitmproxy prompts the user for a script.
 2011-01-31 13:26:56 +13:00
Aldo Cortesi
edb8228dd2 Factor out flow unit tests into speparate file. 2011-01-31 11:48:53 +13:00
Aldo Cortesi
152b97fa0b Restructure to make subclassing Flow unnecessary. 2011-01-31 11:44:52 +13:00
Aldo Cortesi
2a39387d27 UI tweaks 
- Make flow view state persistent (request/response, body view mode).
- Don't exit flow view mode when viewing help.
 2011-01-30 14:52:51 +13:00
Aldo Cortesi
0742bc4fd0 Nicer statusbar messages, with timed expiry. 2011-01-28 12:18:01 +13:00
Aldo Cortesi
dfefe3cdda Make pretty-printing more robust. 
Also, since BeautifulSoup is so damn slow, print a statusbar message saying
that we're calculating a pretty version of the response. Maybe I should add
hangman or something, becuase on a 200k document this can take ages.
 2011-01-28 12:08:25 +13:00
Aldo Cortesi
93ef691bad Basix XML/HTML pretty-printing in flow viewer. 2011-01-27 17:26:01 +13:00
Aldo Cortesi
460107589c Add tab completion for save and load path specs. 2011-01-27 10:29:37 +13:00
Aldo Cortesi
635f7a971d Add saving and loading of complete flows for later replay and analysis. 2011-01-26 16:50:17 +13:00
Aldo Cortesi
29d8007678 Add serialization hooks to flows and flow component objects. 2011-01-26 14:52:03 +13:00
Aldo Cortesi
7983dbb26a Abstract flow management out of the interactive code. 2011-01-25 15:02:48 +13:00
Aldo Cortesi
cb0e328709 Initial checkin. 2010-02-16 17:09:07 +13:00