aboutsummaryrefslogtreecommitdiffstats
path: root/netlib
Commit message (Collapse)AuthorAgeFilesLines
* fix #956Maximilian Hils2016-02-191-5/+1
|
* Merge remote-tracking branch 'duffer/pretty-host'Maximilian Hils2016-02-181-1/+24
|\
| * Incorporate comments made during reviewShadab Zafar2016-02-181-5/+3
| |
| * Use host header values only when the ports matchShadab Zafar2016-02-181-1/+6
| |
| * Handle port numbers in host headerShadab Zafar2016-02-171-3/+23
| | | | | | | | from: https://github.com/mitmproxy/netlib/pull/121
* | fix test paths, move coverage config into setup.pyMaximilian Hils2016-02-181-1/+1
| |
* | combine projectsMaximilian Hils2016-02-1832-107/+0
|/
* move tservers helperThomas Kriechbaumer2016-02-161-109/+0
|
* fix wheel creation, re-add MANIFEST.inMaximilian Hils2016-02-161-3/+1
|
* Preserve host header when modifying request pathWill Coster2016-02-151-3/+6
| | | | | | | | | | | | | Currently the path_components and query setters of the Request object use the url setter under the hood. The url setter updates all parts of the URL including the host. If the host header and the host in the request URL are different (as is common when making HTTPS requests) then the host header will be updated to the value in the URL as a result of modifying the path. This change fixes this problem by modifying the query and path_components setters to not use the url setter and instead directly update the path field.
* remove MANIFEST.in, move Dockerfile to rootMaximilian Hils2016-02-161-4/+0
|
* fix release tool, refs #947Maximilian Hils2016-02-161-5/+0
|
* use own shields instance, update pathod readmeMaximilian Hils2016-02-151-8/+8
|
* adjust travisMaximilian Hils2016-02-152-12/+4
|
* fix testsMaximilian Hils2016-02-152-3/+8
|
* move tests into shared folderMaximilian Hils2016-02-1548-4385/+0
|
* merge metadata filesMaximilian Hils2016-02-159-209/+0
|
* add netlibMaximilian Hils2016-02-1592-0/+4718
|
* bump versionMaximilian Hils2016-02-141-1/+1
|
* bump versionMaximilian Hils2016-02-081-1/+1
|
* fix http version stringMaximilian Hils2016-02-081-2/+2
|
* fix docstringsMaximilian Hils2016-02-081-4/+11
|
* fix py3 compatMaximilian Hils2016-02-083-7/+6
|
* add Serializable ABCMaximilian Hils2016-02-088-24/+101
|
* minor fixesMaximilian Hils2016-02-083-3/+3
|
* expose OpenSSL's HAS_ALPNMaximilian Hils2016-02-081-3/+4
|
* Merge branch 'master' of https://github.com/mitmproxy/netlibMaximilian Hils2016-02-021-5/+0
|\
| * bump dependency and remove deprecated fieldsThomas Kriechbaumer2016-02-021-5/+0
| |
* | allow creation of certs without CNMaximilian Hils2016-02-021-1/+4
|/
* Merge pull request #116 from Kriechi/hyperframeThomas Kriechbaumer2016-02-013-707/+84
|\ | | | | migrate to hyperframe
| * test on python3Thomas Kriechbaumer2016-01-312-24/+30
| |
| * migrate to hyperframeThomas Kriechbaumer2016-01-313-691/+62
| |
* | remove code duplicationMaximilian Hils2016-02-011-20/+18
| |
* | tests++Maximilian Hils2016-02-011-1/+1
| |
* | fix #113, make Reader.peek() work on Python 3Maximilian Hils2016-02-011-5/+25
|/
* fix test request and response headersThomas Kriechbaumer2016-01-302-3/+3
|
* move tservers to netlib moduleThomas Kriechbaumer2016-01-251-0/+109
|
* Simplified setting the source_address in the TCPClient constructorSandor Nemes2016-01-111-2/+1
|
* Added getter/setter for TCPClient source_addressSandor Nemes2016-01-081-0/+11
|
* bump versionMaximilian Hils2015-12-251-1/+1
|
* bump versionMaximilian Hils2015-12-031-1/+1
|
* Fix to ignore empty header value.Benjamin Lee2015-11-171-1/+1
| | | | | | | | | | | | | | | | According to Augmented BNF in the following RFCs http://tools.ietf.org/html/rfc5234#section-3.6 http://www.w3.org/Protocols/rfc2616/rfc2616-sec2.html#sec2.1 field-value = *( field-content | LWS ) http://tools.ietf.org/html/rfc7230#section-3.2 field-value = *( field-content / obs-fold ) ... the HTTP message header `field-value` is allowed to be empty.
* Porting to Python 3.4Sam Cleveland2015-11-111-5/+6
| | | | | | | | | | | | | | | | Updated wsgi to support Python 3.4 byte strings. Updated test_wsgi to remove py.test warning for TestApp having an __init__ constructor. samc$ sudo py.test netlib/test/test_wsgi.py -r w = test session starts = platform darwin -- Python 3.4.1, pytest-2.8.2, py-1.4.30, pluggy-0.3.1 rootdir: /Users/samc/src/python/netlib, inifile: collected 6 items netlib/test/test_wsgi.py ...... = 6 passed in 0.20 seconds =
* Porting to Python 3.4Sam Cleveland2015-11-111-2/+2
| | | | | | | | | | | | | Fixed byte string formatting for hexdump. = test session starts = platform darwin -- Python 3.4.1, pytest-2.8.2, py-1.4.30, pluggy-0.3.1 rootdir: /Users/samc/src/python/netlib, inifile: collected 11 items netlib/test/test_utils.py ........... = 11 passed in 0.23 seconds =
* Revert "Porting netlib to python3.4"Sam Cleveland2015-11-112-376/+8
| | | | This reverts commit 823718348598efb324298ca29ad4cb7d5097c084.
* Porting netlib to python3.4Sam Cleveland2015-11-112-8/+376
| | | | | | | | | | | | | | | | | Updated utils.py using 2to3-3.4 Updated hexdump to use .format() with .encode() to support python 3.4 Python 3.5 supports .format() on bytes objects, but 3.4 is the current default on Ubuntu. samc$ py.test netlib/test/test_utils.py = test session starts = platform darwin -- Python 3.4.1, pytest-2.8.2, py-1.4.30, pluggy-0.3.1 rootdir: /Users/samc/src/python/netlib, inifile: collected 11 items netlib/test/test_utils.py ........... = 11 passed in 0.19 seconds =
* Bump version for next release cycleAldo Cortesi2015-11-071-1/+1
|
* Bump versionAldo Cortesi2015-11-061-1/+1
|
* Merge remote-tracking branch 'origin/hostname-validation'Maximilian Hils2015-11-042-7/+35
|\
| * fix certificate verificationMaximilian Hils2015-11-012-7/+35
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This commit fixes netlib's optional (turned off by default) certificate verification, which previously did not validate the cert's host name. As it turns out, verifying the connection's host name on an intercepting proxy is not really straightforward - if we receive a connection in transparent mode without SNI, we have no clue which hosts the client intends to connect to. There are two basic approaches to solve this problem: 1. Exactly mirror the host names presented by the server in the spoofed certificate presented to the client. 2. Require the client to send the TLS Server Name Indication extension. While this does not work with older clients, we can validate the hostname on the proxy. Approach 1 is problematic in mitmproxy's use case, as we may want to deliberately divert connections without the client's knowledge. As a consequence, we opt for approach 2. While mitmproxy does now require a SNI value to be sent by the client if certificate verification is turned on, we retain our ability to present certificates to the client which are accepted with a maximum likelihood.