aboutsummaryrefslogtreecommitdiffstats
path: root/libmproxy/utils.py
Commit message (Collapse)AuthorAgeFilesLines
* Factor out cert operations in to certutils.py.Aldo Cortesi2012-02-291-236/+2
|
* Fix cert generation harder.Aldo Cortesi2012-02-271-2/+2
|
* Fix problems with SANs and certificate generation.Aldo Cortesi2012-02-271-1/+9
|
* Better certificate parsing.Aldo Cortesi2012-02-271-3/+1
|
* Add upstream certificate lookup.Aldo Cortesi2012-02-271-4/+69
| | | | | | This initiates a connection to the server to obtain certificate information to generate interception certificates. At the moment, the information used is the Common Name, and the list of Subject Alternative Names.
* Firm up what we consider to be a valid proxy spec.Aldo Cortesi2012-02-181-1/+1
|
* Firm up reverse proxy specification.Aldo Cortesi2012-02-181-0/+17
| | | | | | - Extract proxy spec parsing and unparsing functions. - Add a status indicator in mitmproxy. - Add the "R" keybinding for changing the reverse proxy from within mitmproxy.
* Refactor reverse proxyingAldo Cortesi2012-02-181-1/+7
| | | | | | | - Retain the specification from the Host header as a Request's description. - Expand upstream proxy specifications to include the scheme. We now say https://hostname:port - Move the "R" revert keybinding to "v" to make room for a reverse proxy binding that matches the command-line flag.
* Add get_query and set_query methods to Request.Aldo Cortesi2012-02-091-1/+11
|
* KVEditor: "e" shortcut spawns an external editor on a field.Aldo Cortesi2012-02-081-0/+12
|
* Address an issue that allows a malicious client to place certificate files ↵Aldo Cortesi2012-01-211-4/+5
| | | | | | in arbitrary directories. Thanks to David Black (disclosure@d1b.org) for pointing this out.
* Fix an issue caused by some editors when editing a request/response body.Aldo Cortesi2012-01-211-4/+1
| | | | | | Many editors make it hard save a file without a terminating newline on the last line. When editing message bodies, this can cause problems. For now, I just strip the newlines off the end of the body when we return from an editor.
* Add HTTP body size limit specification to command-line tools.Aldo Cortesi2011-09-091-0/+30
|
* Improve robustness against invalid data.Aldo Cortesi2011-09-051-2/+5
|
* Replaced unnecessary lists with generatorsAndrás Veres-Szentkirályi2011-08-181-2/+2
|
* Code cleanliness - appease pychecker.Aldo Cortesi2011-08-041-1/+1
|
* Move all HTTP objects to flow.pyAldo Cortesi2011-08-031-118/+26
| | | | That's Request, Response, ClientConnect, ClientDisconnect, Error, and Headers.
* Unit test++Aldo Cortesi2011-08-021-5/+4
|
* General cleanup.Aldo Cortesi2011-08-021-31/+7
| | | | | Cut out unused variables and code, generally shut up pychecker as much as is reasonable.
* Changes replace logic to function in both Python 2.6.x and 2.7.xStephen Altamirano2011-07-261-8/+8
| | | | Tests now only assume Python 2.6.x rather than requiring 2.7.x. This does not preclude the use of flags as a kwarg in replace
* Add utility functions to search and replace strings in flowsAldo Cortesi2011-07-221-0/+15
| | | | | | | | | | This is a common task in pentesting scenarios. This commit adds the following functions: utils.Headers.replace proxy.Request.replace proxy.Response.replace flow.Flow.replace
* Drop cert expiry time to avoid a bug in some OpenSSL versions.Aldo Cortesi2011-07-221-3/+4
|
* Add a pretty-printing mode for urlencoded form data.Aldo Cortesi2011-07-151-1/+6
|
* Rewrite Headers object to preserve order and case.Aldo Cortesi2011-07-141-98/+56
|
* JSON pretty-printing.Aldo Cortesi2011-06-301-0/+9
| | | | | Also rename the display modes ("pretty" instead of "indent"), and expand the built-in documentation.
* Make the certificate wait time configurable.Aldo Cortesi2011-06-271-1/+0
| | | | | | | | | Since OpenSSL doesn't let us set certificate start times in the past, the client and proxy machine time must be synchronized, or the client might reject the certificate. We can bodgy over small discrepancies by waiting a few seconds after a new certificate is generated (i.e. the first time an SSL domain is contacted). Make this a configurable option, and turn it off by default.
* Try not to hang when user views large request & response bodiesAldo Cortesi2011-06-271-1/+12
| | | | | | | | | | Two different strategies here: - Use a simple heuristic to detect if we're looking at XML data when indent mode is used. On non-XML data we can hang even on small documents. - Only view partial data for large bodies. At the moment the cutoff is 100k. I might finetune this later.
* Add a hideous kludge to fix not-yet-valid certificates.Aldo Cortesi2011-06-111-0/+2
| | | | | | | | | | | | - The OpenSSL x509 has no way to explicitly set the notBefore value on certificates. - If two systems have the same configured time, it's possible to return a certificate before the validity start time has arrived. - We "solve" this by waiting for one second when a certificate is first generated before returning the cert. The alternative is to rewrite pretty much all of our certificate generation, a thought too horrible to contemplate.
* Revamp key generation.Aldo Cortesi2011-03-181-5/+47
| | | | | | | | | | | We now create three different files in the .mitmproxy directory when a dummy CA is made: mitmproxy-ca.pem - the CA, including private key mitmproxy-ca-cert.p12 - A pkcs12 version of the certificate, for distribution to Windows. mitmproxy-ca-cert.pem - A PEM version of the certificate, for distribution to everyone else.
* We have to pass -CAcreateserial after all.Aldo Cortesi2011-03-181-0/+1
|
* Docs, minor cert tweaks.Aldo Cortesi2011-03-181-1/+0
|
* Improve responsiveness of request and response viewing.Aldo Cortesi2011-03-151-1/+39
| | | | | | | | - Computing the view of a large body is expensive, so we introduce an LRU cache to hold the latest 20 results. - Use ListView more correctly, passing it individual urwid.Text snippets, rather than a single large one. This hugely improves render time.
* We no longer use pytz.Aldo Cortesi2011-03-141-1/+1
|
* Fix stickycookie setting, indented view traceback.Aldo Cortesi2011-03-131-0/+1
|
* Think harder about timestamps. Just save seconds since the epoch as a float.Aldo Cortesi2011-03-091-4/+5
|
* Store timestamps on flow components as a UTC time tuple.Aldo Cortesi2011-03-071-2/+10
| | | | | | Format is: (tm_year,tm_mon,tm_mday,tm_hour,tm_min, tm_sec,tm_wday,tm_yday,tm_isdst)
* Minor housekeeping - unused code, nocover directives.Aldo Cortesi2011-02-241-10/+0
| | | | 95% test coverage.
* More mature sticky cookie primitive. Use it in console.py.Aldo Cortesi2011-02-241-0/+8
|
* Clean up and strip down netstrings module.Aldo Cortesi2011-02-201-8/+5
|
* Revamp SSL configuration.Aldo Cortesi2011-02-201-49/+9
| | | | | | | | - Move option parsing utiliities to proxy.py - Don't have a global config object. Pass it as an argument to ProxyServer. - Simplify certificate generation logic.
* Clean up certificate generation.Aldo Cortesi2011-02-201-137/+88
| | | | | | | | | | | | - Use templates for config files. We can re-introduce customization of the certificate attributes when we need them. - Split CA and cert generation into separate functions. - Generation methods provide an error return when generation fails. - When the user explicitly specifies a certificate, we don't generate it, but fail if it doesn't exist.
* Add file writing to mitmdump.Aldo Cortesi2011-02-171-1/+1
|
* Extract common SSL certificate option processingHenrik Nordstrom2011-02-161-1/+17
|
* Extract common SSL certificate options into a group.Aldo Cortesi2011-02-161-0/+29
| | | | Use this only in mitmdump and mitmproxy for now.
* Implement a dummy CAHenrik Nordstrom2011-02-101-19/+152
|
* Import cache store control into console controllerHenrik Nordstrom2011-02-101-1/+10
|
* Sort header names for a predictable resultHenrik Nordstrom2011-02-101-1/+1
|
* Move try_del to utilsHenrik Nordstrom2011-02-101-0/+7
|
* Further fine-tuning for pretty_xmlish.Aldo Cortesi2011-02-061-8/+8
|
* Rip out BeautifulSoup, and use a custom XML-ish prettyprinter.Aldo Cortesi2011-02-061-9/+41
|