Layers/Filters

[jgraef]

Layers have been removed

Layers are the basic abstraction that let us individually inspect/modify flows. E.g. there is a layer that handles TLS by decrypting and re-encrypting data using a built-in certificate authority. Similarly HTTP is handled by a layer that decodes and encodes HTTP requests and responses.

Layers have a "source" and "target" side, where the source is closer to the socks/etc. proxy and the target is closer to the outgoing TCP socket that sends the requests for the intended destination.

All except the innermost layer wrap a layer, such that they can be composed, e.g. Tls(Http(Passthrough)).

Filters

Filters are layers that match rules to provided flows. They might then call an inner layer depending on the matched rules. Filter/rule sets should be turned into a layer stack such that a flow is unwrapped only a much as is necessary. E.g. if a flow doesn't match the TCP destination address, we don't need to invoke the TLS or HTTP layer, and can instead just pass trough the raw data.

TODO

• [x] tls layer
• [x] http1 layer
• [ ] http2 layer
• [x] parsing mitmproxy filter expressions
• [ ] effects of filters?
• [ ] build Layer stack from filter set
• [x] build hard-coded Layer so we can prototype stuff
• [ ] fix fn_layer lifetimes

[jgraef]

Layers have been removed, but some of this information will still be useful. I'll create a new issue.