diff --git a/libmproxy/flow.py b/libmproxy/flow.py index 3520cc93f..d081e66c0 100644 --- a/libmproxy/flow.py +++ b/libmproxy/flow.py @@ -215,7 +215,7 @@ class State: Add an error response to the state. Returns the matching flow, or None if there isn't one. """ - f = self.flow_map.get(err.flow.request) + f = self.flow_map.get(err.request) if err.request else None if not f: return None f.error = err diff --git a/libmproxy/proxy.py b/libmproxy/proxy.py index f70fad254..ed1c3d608 100644 --- a/libmproxy/proxy.py +++ b/libmproxy/proxy.py @@ -6,6 +6,7 @@ Development started from Neil Schemenauer's munchy.py """ import sys, os, time, string, socket, urlparse, re, select, copy, base64 +import shutil, tempfile import optparse, SocketServer, ssl import utils, controller @@ -21,11 +22,11 @@ class ProxyError(Exception): class Config: - def __init__(self, certfile = None, certpath = None, ciphers = None, cacert = None): + def __init__(self, certfile = None, ciphers = None, cacert = None): self.certfile = certfile - self.certpath = certpath self.ciphers = ciphers self.cacert = cacert + self.certdir = None def read_chunked(fp): @@ -369,8 +370,8 @@ class ClientConnect(controller.Msg): class Error(controller.Msg): - def __init__(self, flow, msg, timestamp=None): - self.flow, self.msg = flow, msg + def __init__(self, request, msg, timestamp=None): + self.request, self.msg = request, msg self.timestamp = timestamp or time.time() controller.Msg.__init__(self) @@ -509,7 +510,7 @@ class ProxyHandler(SocketServer.StreamRequestHandler): self.finish() def handle_request(self, cc): - server = None + server, request = None, None try: request = self.read_request(cc) if request is None: @@ -538,7 +539,7 @@ class ProxyHandler(SocketServer.StreamRequestHandler): except IOError: pass except ProxyError, e: - err = Error(cc, e.msg) + err = Error(request, e.msg) err.send(self.mqueue) cc.close = True self.send_error(e.code, e.msg) @@ -549,7 +550,7 @@ class ProxyHandler(SocketServer.StreamRequestHandler): if self.config.certfile: return self.config.certfile else: - ret = utils.dummy_cert(self.config.certpath, self.config.cacert, host) + ret = utils.dummy_cert(self.config.certdir, self.config.cacert, host) if not ret: raise ProxyError(400, "mitmproxy: Unable to generate dummy cert.") return ret @@ -667,6 +668,8 @@ class ProxyServer(ServerBase): self.config, self.port, self.address = config, port, address ServerBase.__init__(self, (address, port), ProxyHandler) self.masterq = None + self.certdir = tempfile.mkdtemp(prefix="mitmproxy") + config.certdir = self.certdir def set_mqueue(self, q): self.masterq = q @@ -675,6 +678,7 @@ class ProxyServer(ServerBase): self.RequestHandlerClass(self.config, request, client_address, self, self.masterq) def shutdown(self): + shutil.rmtree(self.certdir) ServerBase.shutdown(self) @@ -691,11 +695,6 @@ def certificate_option_group(parser): type = "str", dest="cacert", default="~/.mitmproxy/ca.pem", help = "SSL CA certificate file. Generated if it doesn't exist." ) - group.add_option( - "--certpath", action="store", - type = "str", dest="certpath", default="~/.mitmproxy/", - help = "SSL certificate store path." - ) group.add_option( "--ciphers", action="store", type = "str", dest="ciphers", default=None, @@ -713,21 +712,11 @@ def process_certificate_option_group(parser, options): if options.cacert: options.cacert = os.path.expanduser(options.cacert) if not os.path.exists(options.cacert): - dummy_ca(options.cacert) - if options.certpath: - options.certpath = os.path.expanduser(options.certpath) - elif options.cacert: - options.certpath = os.path.dirname(options.cacert) - + utils.dummy_ca(options.cacert) if getattr(options, "cache", None) is not None: options.cache = os.path.expanduser(options.cache) - return Config( certfile = options.cert, - certpath = options.certpath, cacert = options.cacert, ciphers = options.ciphers ) - - - diff --git a/mitmdump b/mitmdump index 56210f39d..477260915 100755 --- a/mitmdump +++ b/mitmdump @@ -54,16 +54,8 @@ if __name__ == '__main__': if options.quiet: options.verbose = 0 - proxy.process_certificate_option_group(parser, options) - - config = proxy.Config( - certfile = options.cert, - certpath = options.certpath, - cacert = options.cacert, - ciphers = options.ciphers - ) + config = proxy.process_certificate_option_group(parser, options) server = proxy.ProxyServer(config, options.port) - dumpopts = dump.Options( verbosity = options.verbose, wfile = options.wfile, diff --git a/mitmplayback b/mitmplayback index 428d9a041..1553a6042 100755 --- a/mitmplayback +++ b/mitmplayback @@ -56,17 +56,11 @@ if __name__ == '__main__': if options.quiet: options.verbose = 0 - proxy.process_certificate_option_group(parser, options) if options.cache is not None: options.cache = os.path.expanduser(options.cache) - config = proxy.Config( - certfile = options.cert, - certpath = options.certpath, - cacert = options.cacert, - ciphers = options.ciphers - ) + config = proxy.process_certificate_option_group(parser, options) server = proxy.ProxyServer(config, options.port) m = playback.PlaybackMaster(server, options) m.run() diff --git a/mitmproxy b/mitmproxy index 0a9e81c00..7c70fb446 100755 --- a/mitmproxy +++ b/mitmproxy @@ -85,22 +85,16 @@ if __name__ == '__main__': options, args = parser.parse_args() - proxy.process_certificate_option_group(parser, options) if options.cache is not None: options.cache = os.path.expanduser(options.cache) - - config = proxy.Config( - certfile = options.cert, - certpath = options.certpath, - cacert = options.cacert, - ciphers = options.ciphers - ) if options.cache is not None: utils.mkdir_p(options.cache) if os.path.exists(options.cache + "/index.txt"): print >> sys.stderr, "ERROR: data already recorded in %s"%options.cache sys.exit(1) + + config = proxy.process_certificate_option_group(parser, options) server = proxy.ProxyServer(config, options.port, options.addr) m = console.ConsoleMaster(server, options) diff --git a/mitmrecord b/mitmrecord index ec35bc85c..62542036a 100755 --- a/mitmrecord +++ b/mitmrecord @@ -61,14 +61,7 @@ if __name__ == '__main__': if options.quiet: options.verbose = 0 - proxy.process_certificate_option_group(parser, options) - - config = proxy.Config( - certfile = options.cert, - certpath = options.certpath, - cacert = options.cacert, - ciphers = options.ciphers - ) + config = proxy.process_certificate_option_group(parser, options) server = proxy.ProxyServer(config, options.port) utils.mkdir_p(options.cache) if os.path.exists(options.cache + "/index.txt"): diff --git a/test/test_flow.py b/test/test_flow.py index 168b4e745..7714ad977 100644 --- a/test/test_flow.py +++ b/test/test_flow.py @@ -47,12 +47,12 @@ class uFlow(libpry.AutoTree): assert f == flow.Flow.from_state(state) f.response = None - f.error = proxy.Error(f, "error") + f.error = proxy.Error(f.request, "error") state = f.get_state() assert f == flow.Flow.from_state(state) f2 = utils.tflow() - f2.error = proxy.Error(f, "e2") + f2.error = proxy.Error(f.request, "e2") assert not f == f2 f.load_state(f2.get_state()) assert f == f2 @@ -143,10 +143,10 @@ class uState(libpry.AutoTree): c = flow.State() req = utils.treq() f = c.add_request(req) - e = proxy.Error(f, "message") + e = proxy.Error(f.request, "message") assert c.add_error(e) - e = proxy.Error(utils.tflow(), "message") + e = proxy.Error(utils.tflow().request, "message") assert not c.add_error(e) def test_view(self): @@ -190,7 +190,7 @@ class uState(libpry.AutoTree): def _add_error(self, state): req = utils.treq() f = state.add_request(req) - f.error = proxy.Error(f, "msg") + f.error = proxy.Error(f.request, "msg") def test_kill_flow(self): c = flow.State() @@ -269,7 +269,7 @@ class uFlowMaster(libpry.AutoTree): dc = proxy.ClientDisconnect(req.client_conn) fm.handle_clientdisconnect(dc) - err = proxy.Error(f, "msg") + err = proxy.Error(f.request, "msg") fm.handle_error(err)