2021-12-30 14:05:42 by Adam Ciarcinski | Files touched by this commit (125) |
Log message:
Forget about Python 3.6
|
2021-10-26 13:07:15 by Nia Alarie | Files touched by this commit (958) |
Log message:
net: Replace RMD160 checksums with BLAKE2s checksums
All checksums have been double-checked against existing RMD160 and
SHA512 hashes
Not committed (merge conflicts...):
net/radsecproxy/distinfo
The following distfiles could not be fetched (fetched conditionally?):
./net/citrix_ica/distinfo citrix_ica-10.6.115659/en.linuxx86.tar.gz
./net/djbdns/distinfo dnscache-1.05-multiple-ip.patch
./net/djbdns/distinfo djbdns-1.05-test28.diff.xz
./net/djbdns/distinfo djbdns-1.05-ignoreip2.patch
./net/djbdns/distinfo djbdns-1.05-multiip.diff
./net/djbdns/distinfo djbdns-cachestats.patch
|
2021-10-07 16:43:07 by Nia Alarie | Files touched by this commit (962) |
Log message:
net: Remove SHA1 hashes for distfiles
|
2021-09-16 13:52:19 by Leonardo Taccari | Files touched by this commit (2) |
Log message:
mitmproxy: Update to 7.0.3
Changes:
7.0.3
-----
* CVE-2021-39214: Fix request smuggling vulnerabilities reported by @chinchila
* Expose TLS 1.0 as possible minimum version on older pyOpenSSL releases
* Fix compatibility with Python 3.10
7.0.2
-----
* Fix a WebSocket crash introduced in 7.0.1
7.0.1
-----
* Performance: Re-use OpenSSL contexts to enable TLS session resumption
* Disable HTTP/2 CONNECT for Secure Web Proxies to fix compatibility with
Firefox
* Use local IP address as certificate subject if no other info is available
* Make it possible to return multiple chunks for HTTP stream modification
* Don't send WebSocket CONTINUATION frames when the peer does not send any
* Fix HTTP stream modify example.
* Fix a crash caused by no-op assignments to `Server.address`
* Fix a crash when encountering invalid certificates
* Fix a crash when pressing the Home/End keys in some screens
* Fix a crash when reading corrupted flow dumps
* Fix multiple crashes on flow export
* Fix a bug where ASGI apps did not see the request body
* Minor documentation improvements
|
2021-07-17 16:14:47 by Leonardo Taccari | Files touched by this commit (3) |
Log message:
mitmproxy: Update to 7.0.0
Changes:
## 16 July 2021: mitmproxy 7.0.0
### New Proxy Core (@mhils, [blog \
post](https://www.mitmproxy.org/posts/releases/mitmproxy7/))
Mitmproxy has a completely new proxy core, fixing many longstanding issues:
* **Secure Web Proxy:** Mitmproxy now supports TLS-over-TLS to already
encrypt the connection to the proxy.
* **Server-Side Greetings:** Mitmproxy now supports proxying raw TCP
connections, including ones that start with a server-side greeting (e.g. SMTP).
* **HTTP/1 – HTTP/2 Interoperability:** mitmproxy can now accept an
HTTP/2 connection from the client, and forward it to an HTTP/1 server.
* **HTTP/2 Redirects:** The request destination can now be changed on
HTTP/2 flows.
* **Connection Strategy:** Users can now specify if they want mitmproxy
to eagerly connect upstream or wait as long as possible. Eager
connections are required to detect protocols with server-side
greetings, lazy connections enable the replay of responses without
connecting to an upstream server.
* **Timeout Handling:** Mitmproxy will now clean up idle connections
and also abort requests if the client disconnects in the meantime.
* **Host Header-based Proxying:** If the request destination is
unknown, mitmproxy now falls back to proxying based on the Host
header. This means that requests can often be redirected to mitmproxy
using DNS spoofing only.
* **Internals:** All protocol logic is now separated from I/O
(["sans-io"](https://sans-io.readthedocs.io/)).
This greatly improves testing capabilities, prevents a wide array of
race conditions, and increases proper isolation between layers.
### Additional Changes
* mitmproxy's command line interface now supports Windows (@mhils)
* The `clientconnect`, `clientdisconnect`, `serverconnect`,
`serverdisconnect`, and `log` events have been replaced with new
events, see addon documentation for details (@mhils)
* Contentviews now implement `render_priority` instead of
`should_render`, allowing more specialization (@mhils)
* Addition of block_list option to block requests with a set status
code (@ericbeland)
* Make mitmweb columns configurable and customizable (@gorogoroumaru)
* Automatic JSON view mode when `+json` suffix in content type (@kam800)
* Use pyca/cryptography to generate certificates, not pyOpenSSL (@mhils)
* Remove the legacy protocol stack (@Kriechi)
* Remove all deprecated pathod and pathoc tools and modules (@Kriechi)
* In reverse proxy mode, mitmproxy now does not assume TLS if no scheme
is given but a custom port is provided (@mhils)
* Remove the following options: `http2_priority`,
`relax_http_form_validation`, `upstream_bind_address`,
`spoof_source_address`, and `stream_websockets`. If you depended on
one of them please let us know. mitmproxy never phones home, which
means we don't know how prominently these options were used. (@mhils)
* Fix IDNA host 'Bad HTTP request line' error (@grahamrobbins)
* Pressing `?` now exits console help view (@abitrolly)
* `--modify-headers` now works correctly when modifying a header that
is also part of the filter expression (@Prinzhorn)
* Fix SNI-related reproducibility issues when exporting to curl/httpie
commands. (@dkasak)
* Add option `export_preserve_original_ip` to force exported command to
connect to IP from original request.
Only supports curl at the moment. (@dkasak)
* Major proxy protocol testing (@r00t-)
* Switch Docker image release to be based on Debian (@PeterDaveHello)
* Multiple Browsers: The `browser.start` command may be executed more
than once to start additional browser sessions. (@rbdixon)
* Improve readability of SHA256 fingerprint. (@wrekone)
* Metadata and Replay Flow Filters: Flows may be filtered based on
metadata and replay status. (@rbdixon)
* Flow control: don't read connection data faster than it can be
forwarded. (@hazcod)
* Docker images for ARM64 architecture (@hazcod, @mhils)
* Fix parsing of certificate issuer/subject with escaped special
characters (@Prinzhorn)
* Customize markers with emoji, and filters: The `flow.mark` command
may be used to mark a flow with either the default "red ball" marker,
a single character, or an emoji like `:grapes:`. Use the `~marker`
filter to filter on marker characters. (@rbdixon)
* New `flow.comment` command to add a comment to the flow. Add
`~comment <regex>` filter syntax to search flow comments. (@rbdixon)
* Fix multipart forms losing `boundary` values on edit. (@roytu)
* `Transfer-Encoding: chunked` HTTP message bodies are now retained if
they are below the stream_large_bodies limit. (@mhils)
* `json()` method for HTTP Request and Response instances will return
decoded JSON body. (@rbdixon)
* Support for HTTP/2 Push Promises has been dropped. (@mhils)
* Make it possible to set sequence options from the command line. (@Yopi)
|
2021-02-26 09:47:03 by Leonardo Taccari | Files touched by this commit (1) |
Log message:
mitmproxy: Add missing dependency to py-sqlite3
Reported by Austin Wise via <https://github.com/NetBSD/pkgsrc/pull/84>, thanks!
PKGREVISION++
|
2020-12-19 12:54:42 by Leonardo Taccari | Files touched by this commit (3) | |
Log message:
mitmproxy: Update to 6.0.2
Changes:
15 December 2020: mitmproxy 6.0.2
=================================
* Fix reading of saved flows in mitmweb.
13 December 2020: mitmproxy 6.0.1
=================================
* Fix flow serialization in mitmweb.
13 December 2020: mitmproxy 6.0
===============================
* Mitmproxy now requires Python 3.8 or above.
* Deprecation of pathod and pathoc tools and modules. Future releases will not \
contain them! (@Kriechi)
* SSLKEYLOGFILE now supports TLS 1.3 secrets (@mhils)
* Fix query parameters in asgiapp addon (@jpstotz)
* Fix command history failing on file I/O errors (@Kriechi)
* Add example addon to suppress unwanted error messages sent by mitmproxy. \
(@anneborcherding)
* Updated imports and styles for web scanner helper addons. (@anneborcherding)
* Inform when underscore-formatted options are used in client arg. (@jrblixt)
* ASGIApp now ignores loaded HTTP flows from somewhere. (@linw1995)
* Binaries are now built with Python 3.9 (@mhils)
* Fixed the web UI showing blank page on clicking details tab when server \
address is missing (@samhita-sopho)
* Tests: Replace asynctest with stdlib mock (@felixonmars)
* MapLocal now keeps its configuration when other options are set. (@mhils)
* Host headers with non-standard ports are now properly updated in reverse proxy \
mode. (@mhils)
* Fix missing host header when replaying HTTP/2 flows (@Granitosaurus)
|
2020-12-04 21:45:51 by Nia Alarie | Files touched by this commit (456) |
Log message:
Revbump packages with a runtime Python dep but no version prefix.
For the Python 3.8 default switch.
|
2020-11-24 18:06:50 by Leonardo Taccari | Files touched by this commit (3) |
Log message:
mitmproxy: Update to 5.3.0
Changes:
5.3.0
=====
* Support for Python 3.9 (@mhils)
* Add MsgPack content viewer (@tasn)
* Use `@charset` to decode CSS files if available (@prinzhorn)
* Fix links to anticache docs in mitmweb and use HTTPS for links to
documentation (@rugk)
* Updated typing for WebsocketMessage.content (@prinzhorn)
* Add option `console_strip_trailing_newlines`, and no longer strip trailing
newlines by default (@capt8bit)
* Prevent transparent mode from connecting to itself in the basic
cases (@prinzhorn)
* Display HTTP trailers in mitmweb (@sanlengjingvv)
* Revamp onboarding app (@mhils)
* Add ASGI support for embedded apps (@mhils)
* Updated raw exports to not remove headers (@wchasekelley)
* Fix file unlinking before external viewer finishes loading (@wchasekelley)
* Add --cert-passphrase command line argument (@mirosyn)
* Add interactive tutorials to the documentation (@mplattner)
* Support `deflateRaw` for `Content-Encoding`'s (@kjoconnor)
* Fix broken requests without body on HTTP/2 (@Kriechi)
* Add support for sending (but not parsing) HTTP Trailers to the HTTP/1.1
protocol (@bburky)
* Add support to echo http trailers in dumper addon (@shiv6146)
* Fix OpenSSL requiring different CN for root and leaf certificates (@mhils)
* ... and various other fixes, documentation improvements, dependency
version bumps, etc.
|
2020-07-19 18:01:28 by Leonardo Taccari | Files touched by this commit (3) |
Log message:
mitmproxy: Update to 5.2
Changes:
5.2
---
* Add Filter message to mitmdump (@sarthak212)
* Display TCP flows at flow list (@Jessonsotoventura, @nikitastupin, @mhils)
* Colorize JSON Contentview (@sarthak212)
* Fix console crash when entering regex escape character in half-open
string (@sarthak212)
* Integrate contentviews to TCP flow details (@nikitastupin)
* Added add-ons that enhance the performance of web application
scanners (@anneborcherding)
* Increase WebSocket message timestamp precision (@JustAnotherArchivist)
* Fix HTTP reason value on HTTP/2 reponses (@rbdixon)
* mitmweb: support wslview to open a web browser (@G-Rath)
* Fix dev version detection with parent git repo (@JustAnotherArchivist)
* Restructure examples and supported addons (@mhils)
* Certificate generation: mark SAN as critical if no CN is set (@mhils)
* Simplify Replacements with new ModifyBody addon (@mplattner)
* Rename SetHeaders addon to ModifyHeaders (@mplattner)
* mitmweb: "New -> File" menu option has been renamed to \
"Clear All"
(@yogeshojha)
* Add new MapRemote addon to rewrite URLs of requests (@mplattner)
* Add support for HTTP Trailers to the HTTP/2 protocol
(@sanlengjingvv and @Kriechi)
* Fix certificate runtime error during expire cleanup (@gorogoroumaru)
* Fixed the DNS Rebind Protection for secure support of IPv6 addresses
(@tunnelpr0)
* WebSockets: match the HTTP-WebSocket flow for the ~websocket filter
(@Kriechi)
* Fix deadlock caused by the "replay.client.stop" command (@gorogoroumaru)
* Add new MapLocal addon to serve local files instead of remote
resources (@mplattner and @mhils)
* Add minimal TCP interception and modification (@nikitastupin)
* Add new CheckSSLPinning addon to check SSL-Pinning on client (@su-vikas)
* Add a JSON dump script: write data into a file or send to an endpoint as
JSON (@emedvedev)
* Fix console output formatting (@sarthak212)
* Add example for proxy authentication using selenium
(@anneborcherding and @weichweich)
|