./net/mitmproxy, Interactive console program for inspecting and editing traffic flows

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]

Branch: CURRENT, Version: 4.0.4, Package name: mitmproxy-4.0.4, Maintainer: leot

This package contains tool for HTTP(S) sniffing.

mitmproxy is an interactive, SSL-capable man-in-the-middle proxy
for HTTP with a console interface.

mitmdump is the command-line version of mitmproxy. Think tcpdump
for HTTP.

mitmweb is a web-based interface for mitmproxy.

pathoc and pathod are perverse HTTP client and server applications
designed to let you craft almost any conceivable HTTP request,
including ones that creatively violate the standards.

Required to run:
[security/py-OpenSSL] [devel/py-urwid] [security/py-asn1] [devel/py-blinker] [www/py-tornado] [devel/py-pyparsing] [security/py-passlib] [security/py-cryptography] [devel/py-click] [x11/py-pyperclip] [security/py-certifi] [www/py-h2] [www/py-hyperframe] [devel/py-ruamel-yaml] [databases/py-ldap3] [devel/py-sortedcontainers] [archivers/py-brotlipy] [devel/py-kaitaistruct] [www/py-wsproto] [lang/python37]

Required to build:

Master sites:

SHA1: 67871cbf7751d34d254ccc733f5e2cd23fbe8faf
RMD160: d4935a325081544ef0cc9b5551d5eb976ce21777
Filesize: 26495.813 KB

Version history: (Expand)

CVS history: (Expand)

   2018-08-09 13:51:41 by Leonardo Taccari | Files touched by this commit (4) | Package updated
Log message:
mitmproxy: Update net/mitmproxy to 4.0.4

pkgsrc changes:
 - Instead of maintaining patches/patch-setup.py rewrite the logic to avoid
   too strict version dependencies via SUBST.

31 July 2018: mitmproxy 4.0.4
    * Security: Protect mitmweb against DNS rebinding. (CVE-2018-14505, @atx)
    * Reduce certificate lifetime to two years to be conformant with
      the current CA/Browser Forum Baseline Requirements. (@muffl0n)
      (https://cabforum.org/2017/03/17/ballot- … lifetimes/)
    * Update cryptography to version 2.3.

15 June 2018: mitmproxy 4.0.3
    * Add support for IPv6 transparent mode on Windows (#3174)
    * Add Docker images for ARMv7 - Raspberry Pi (#3190)
    * Major overhaul of our release workflow - you probably won't notice it, but \ 
for us it's a big thing!
    * Fix the Python version detection on Python 3.5, we now show a more \ 
intuitive error message (#3188)
    * Fix application shutdown on Windows (#3172)
    * Fix IPv6 scope suffixes in block addon (#3164)
    * Fix options update when added (#3157)
    * Fix "Edit Flow" button in mitmweb (#3136)

15 June 2018: mitmproxy 4.0.2
    * Skipped!
   2018-05-17 15:06:13 by Leonardo Taccari | Files touched by this commit (4) | Package updated
Log message:
mitmproxy: Update net/mitmproxy to 4.0.1

pkgsrc changes:
 - Take MAINTAINERship
 - Sync DEPENDS with setup.py
 - Add Python 3.5 to PYTHON_VERSIONS_INCOMPATIBLE (mitmproxy now requires Python

mitmproxy 4.0.1
The previous release had a packaging issue, so we bumped it to
v4.0.1 and re-released it. This contains no actual bugfixes or
new features.

mitmproxy 4.0
 * mitmproxy now requires Python 3.6!
 * Moved the core to asyncio - which gives us a very significant performance
 * Reduce memory consumption by using `SO_KEEPALIVE` (#3076)
 * Export request as httpie command (#3031)
 * Configure mitmproxy console keybindings with the keys.yaml file. See docs
   for more.

Breaking Changes
 * The --conf command-line flag is now --confdir, and specifies the mitmproxy
   configuration directory, instead of the options yaml file (which is at
   `config.yaml` under the configuration directory).
 * `allow_remote` got replaced by `block_global` and `block_private` (#3100)
 * No more custom events (#3093)
 * The `cadir` option has been renamed to `confdir`
 * We no longer magically capture print statements in addons and translate
   them to logs. Please use `ctx.log.info` explicitly.

 * Correctly block connections from remote clients with IPv4-mapped IPv6
   client addresses (#3099)
 * Expand `~` in paths during the `cut` command (#3078)
 * Remove socket listen backlog constraint
 * Improve handling of user script exceptions (#3050, #2837)
 * Ignore signal errors on windows
 * Fix traceback for commands with un-terminated escape characters (#2810)
 * Fix request replay when proxy is bound to local interface (#2647)
 * Fix traceback when running scripts on a flow twice (#2838)
 * Fix traceback when killing intercepted flow (#2879)
 * And lots of typos, docs improvements, revamped examples, and general fixes!
   2018-04-05 19:53:02 by Leonardo Taccari | Files touched by this commit (4) | Package updated
Log message:
mitmproxy: Update net/mitmproxy to 3.0.4

pkgsrc changes:
 - py-h11 and py-requests are no longer needed, delete them from
   DEPENDS (`h11' is no more used while `requests' is only an extra

05 April 2018: mitmproxy 3.0.4

  * Fix an issue that caused mitmproxy to not retry HTTP requests on timeout.
  * Misc bug fixes and improvements
   2018-02-26 13:28:48 by Leonardo Taccari | Files touched by this commit (5) | Package updated
Log message:
mitmproxy: Update net/mitmproxy to 3.0.3

pkgsrc changes:
 - Sync DEPENDS with upstream setup.py
 - Update DESCR to reflect current reality

23 February 2018: mitmproxy 3.0
  * Fix a quote-related issue affecting the mitmproxy console command prompt

22 February 2018: mitmproxy 3.0
    Major Changes
  * Commands: A consistent, typed mechanism that allows addons to expose
    actions to users.
  * Options: A typed settings store for use by mitmproxy and addons.
  * Shift most of mitmproxy's own functionality into addons.
  * Major improvements to mitmproxy console, including an almost complete
    rewrite of the user interface, integration of commands, key bindings, and
    multi-pane layouts.
  * Major Improvements to mitmproxy’s web interface, mitmweb. (Matthew Shao,
    Google Summer of Code 2017)
  * Major Improvements to mitmproxy’s content views and protocol layers (Ujjwal
    Verma, Google Summer of Code 2017)
  * Faster JavaScript and CSS beautifiers. (Ujjwal Verma)

    Minor Changes
  * Vastly improved JavaScript test coverage (Matthew Shao)
  * Options editor for mitmweb (Matthew Shao)
  * Static web-based flow viewer (Matthew Shao)
  * Request streaming for HTTP/1.x and HTTP/2 (Ujjwal Verma)
  * Implement more robust content views using Kaitai Struct (Ujjwal Verma)
  * Protobuf decoding now works without protoc being installed on the host
    system (Ujjwal Verma)
  * PNG, GIF, and JPEG can now be parsed without Pillow, which simplifies
    mitmproxy installation and moves parsing from unsafe C to pure Python
    (Ujjwal Verma)
  * Add parser for ICO files (Ujjwal Verma)
  * Migrate WebSockets implementation to wsproto. This reduces code size and
    adds WebSocket compression support. (Ujjwal Verma)
  * Add “split view” to split mitmproxy’s UI into two separate panes.
  * Add key binding viewer and editor
  * Add a command to spawn a preconfigured Chrome browser instance from
  * Fully support mitmproxy under the Windows Subsystem for Linux (WSL), work
    around display errors
  * Add XSS scanner addon (@ddworken)
  * Add ability to toggle interception (@mattweidner)
  * Numerous documentation improvements (@pauloromeira, @rst0git, @rgerganov,
    @fulldecent, @zhigang1992, @F1ashhimself, @vinaydargar, @jonathanrfisher1,
    @BasThomas, @LuD1161, @ayamamori, @TomTasche)
  * Add filters for websocket flows (@s4chin)
  * Make it possible to create a response to CONNECT requests in http_connect
  * Redirect stdout in scripts to ctx.log.warn (@nikofil)
  * Fix a crash when clearing the event log (@krsoninikhil)
  * Store the generated certificate for each flow (@dlenski)
  * Add --keep-host-header to retain the host header in reverse proxy mode
  * Fix setting palette options (@JordanLoehr)
  * Fix a crash with brotli encoding (@whackashoe)
  * Provide certificate installation instructions on mitm.it (@ritiek)
  * Fix a bug where we did not properly fall back to IPv4 when IPv6 is
    unavailable (@titeuf87)
  * Fix transparent mode on IPv6-enabled macOS systems (@Ga-ryo)
  * Fix handling of HTTP messages with multiple Content-Length headers
  * Fix IPv6 authority form parsing in CONNECT requests (@r1b)
  * Fix event log display in mitmweb (@syahn)
  * Remove private key from PKCS12 file in ~/.mitmproxy (@ograff).
  * Add LDAP as a proxy authentication backend (@charlesdhdt)
  * Use mypy to check the whole codebase (@iharsh234)
  * Fix a crash when duplicating flows (@iharsh234)
  * Fix testsuite when the path contains a “.” (@felixonmars)
  * Store proxy authentication with flows (@lymanZerga11)
  * Match ~d and ~u filters against pretty_host (@dequis)
  * Update WBXML content view (@davidpshaw)
  * Handle HEAD requests for mitm.it to support Chrome in transparent mode on
    iOS (@tomlabaude)
  * Update dns spoofing example to use --keep-host-header (@krsoninikhil)
  * Call error handler on HTTPException (@tarnacious)
  * Make it possible to remove TLS from upstream HTTP connections
  * Update to pyOpenSSL 17.5, cryptography 2.1.4, and OpenSSL 1.1.0g
  * Make it possible to retroactively increase log verbosity.
  * Make logging from addons thread-safe
  * Tolerate imports in user scripts that match hook names (`from mitmproxy
    import log`)
  * Update mitmweb to React 16, which brings performance improvements
  * Fix a bug where reverting duplicated flows crashes mitmproxy
  * Fix a bug where successive requests are sent to the wrong host after a
    request has been redirected.
  * Fix a bug that binds outgoing connections to the wrong interface
  * Fix a bug where custom certificates are ignored in reverse proxy mode
  * Fix import of flows that have been created with mitmproxy 0.17
  * Fix formatting of (IPv6) IP addresses in a number of places
  * Fix replay for HTTP/2 flows
  * Decouple mitmproxy version and flow file format version
  * Fix a bug where “mitmdump -nr” does not exit automatically
  * Fix a crash when exporting flows to curl
  * Fix formatting of sticky cookies
  * Improve script reloading reliability by polling the filesystem instead of
    using watchdog
  * Fix a crash when refreshing Set-Cookie headers
  * Add connection indicator to mitmweb to alert users when the proxy server
    stops running
  * Add support for certificates with cyrillic domains
  * Simplify output of mitmproxy --version
  * Add Request.make to simplify request creation in scripts
  * Pathoc: Include a host header on CONNECT requests
  * Remove HTML outline contentview (#2572)
  * Remove Python and Locust export (#2465)
  * Remove emojis from tox.ini because flake8 cannot parse that. :(
   2017-09-03 10:53:18 by Thomas Klausner | Files touched by this commit (165)
Log message:
Follow some redirects.
   2017-06-21 10:34:01 by Leonardo Taccari | Files touched by this commit (2) | Package updated
Log message:
Update net/mitmproxy to 2.0.2.

28 April 2017: mitmproxy 2.0.2
    * Fix mitmweb's Content-Security-Policy to work with Chrome 58+
    * HTTP/2: actually use header normalization from hyper-h2
   2017-04-14 15:15:04 by Leonardo Taccari | Files touched by this commit (4) | Package updated
Log message:
Update net/mitmproxy to 2.0.1

15 March 2017: mitmproxy 2.0.1
    * bump cryptography dependency
    * bump pyparsing dependency
    * HTTP/2: use header normalization from hyper-h2

21 February 2017: mitmproxy 2.0
    * HTTP/2 is now enabled by default.
    * Image ContentView: Parse images with Kaitai Struct (kaitai.io) instead of \ 
      This simplifies installation, reduces binary size, and allows parsing in \ 
pure Python.
    * Web: Add missing flow filters.
    * Add transparent proxy support for OpenBSD.
    * Check the mitmproxy CA for expiration and warn the user to regenerate it \ 
if necessary.
    * Testing: Tremendous improvements, enforced 100% coverage for large parts of the
      codebase, increased overall coverage.
    * Enforce individual coverage: one source file -> one test file with 100% \ 
    * A myriad of other small improvements throughout the project.
    * Numerous bugfixes.

26 December 2016: mitmproxy 1.0
    * All mitmproxy tools are now Python 3 only! We plan to support Python 3.5 \ 
and higher.
    * Web-Based User Interface: Mitmproxy now offically has a web-based user \ 
      called mitmweb. We consider it stable for all features currently exposed
      in the UI, but it still misses a lot of mitmproxy’s options.
    * Windows Compatibility: With mitmweb, mitmproxy is now useable on Windows.
      We are also introducing an installer (kindly sponsored by BitRock) that
      simplifies setup.
    * Configuration: The config file format is now a single YAML file. In most cases,
      converting to the new format should be trivial - please see the docs for
      more information.
    * Console: Significant UI improvements - including sorting of flows by
      size, type and url, status bar improvements, much faster indentation for
      HTTP views, and more.
    * HTTP/2: Significant improvements, but is temporarily disabled by default
      due to wide-spread protocol implementation errors on some large website
    * WebSocket: The protocol implementation is now mature, and is enabled by
      default. Complete UI support is coming in the next release. Hooks for
      message interception and manipulation are available.
    * A myriad of other small improvements throughout the project.

16 October 2016: mitmproxy 0.18
    * Python 3 Compatibility for mitmproxy and pathod (Shadab Zafar, GSoC 2016)
    * Major improvements to mitmweb (Clemens Brunner & Jason Hao, GSoC 2016)
    * Internal Core Refactor: Separation of most features into isolated Addons
    * Initial Support for WebSockets
    * Improved HTTP/2 Support
    * Reverse Proxy Mode now automatically adjusts host headers and TLS Server \ 
Name Indication
    * Improved HAR export
    * Improved export functionality for curl, python code, raw http etc.
    * Flow URLs are now truncated in the console for better visibility
    * New filters for TCP, HTTP and marked flows.
    * Mitmproxy now handles comma-separated Cookie headers
    * Merge mitmproxy and pathod documentation
    * Mitmdump now sanitizes its console output to not include control characters
    * Improved message body handling for HTTP messages:
      .raw_content provides the message body as seen on the wire
      .content provides the decompressed body (e.g. un-gzipped)
      .text provides the body decompressed and decoded body
    * New HTTP Message getters/setters for cookies and form contents.
    * Add ability to view only marked flows in mitmproxy
    * Improved Script Reloader (Always use polling, watch for whole directory)
    * Use tox for testing
    * Unicode support for tnetstrings
    * Add dumpfile converters for mitmproxy versions 0.11 and 0.12
    * Numerous bugfixes
   2017-03-16 15:34:41 by Leonardo Taccari | Files touched by this commit (1) | Package updated
Log message:
Add (missing but needed) dependency to devel/py-requests