./net/mitmproxy, Interactive console program for inspecting and editing traffic flows

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]


Branch: CURRENT, Version: 8.1.1, Package name: mitmproxy-8.1.1, Maintainer: leot

This package contains tool for HTTP(S) sniffing.

mitmproxy is an interactive, SSL-capable man-in-the-middle proxy
for HTTP with a console interface.

mitmdump is the command-line version of mitmproxy. Think tcpdump
for HTTP.

mitmweb is a web-based interface for mitmproxy.

pathoc and pathod are perverse HTTP client and server applications
designed to let you craft almost any conceivable HTTP request,
including ones that creatively violate the standards.


Required to run:
[security/py-OpenSSL] [devel/py-urwid] [security/py-asn1] [devel/py-blinker] [www/py-flask] [www/py-tornado] [devel/py-pyparsing] [security/py-passlib] [security/py-cryptography] [devel/py-click] [devel/py-protobuf] [x11/py-pyperclip] [security/py-certifi] [www/py-h2] [www/py-hyperframe] [devel/py-ruamel-yaml] [databases/py-ldap3] [devel/py-sortedcontainers] [archivers/py-zstandard] [devel/py-kaitaistruct] [www/py-wsproto] [lang/python37] [archivers/py-brotli] [www/py-publicsuffix2]

Required to build:
[pkgtools/cwrappers]

Master sites:

Filesize: 27289.022 KB

Version history: (Expand)


CVS history: (Expand)


   2022-07-08 14:57:26 by Leonardo Taccari | Files touched by this commit (3)
Log message:
mitmproxy: Update to 8.1.1

pkgsrc changes:
 - Follow upstream requirements for py-cryptography (previously a workaround was
   added in order to avoid possible too new py-cryptography that was not yet
   present in pkgsrc)

Changes:
8.1.1
-----
* Support specifying the local address for outgoing connections
* Fix a bug where an excess empty chunk has been sent for chunked HEAD request.
* Drop pkg_resources dependency.
* Fix huge (>65kb) http2 responses corrupted.
* Remove overambitious assertions in the HTTP state machine,
  fix some error handling.
   2022-06-30 13:19:02 by Nia Alarie | Files touched by this commit (524)
Log message:
*: Revbump packages that use Python at runtime without a PKGNAME prefix
   2022-06-18 22:40:17 by Leonardo Taccari | Files touched by this commit (3)
Log message:
mitmproxy: Update to 8.1.0

pkgsrc changes:
 - Now needs Python>=3.9 per upstream
 - Further relax py-cryptography needs (seems to runs fine also with older
   py-cryptography) because in pkgsrc we do not have yet cryptography>=36.

Changes:
## 15 May 2022: mitmproxy 8.1.0

* Mostly a Bug fix release
* DNS support
* Mitmproxy now requires Python 3.9 or above.

## 19 March 2022: mitmproxy 8.0.0
### Major Changes

* Major improvements to the web interface
* Event hooks can now be async
* New `tls_{established,failed}_{client,server}` event hooks to record
  negotiation success/failure

### Security Fixes

* CVE-2022-24766: Fix request smuggling vulnerability reported by @zeyu2001
   2022-01-10 23:43:41 by Thomas Klausner | Files touched by this commit (2)
Log message:
mitmproxy: convert to egg.mk
   2021-12-30 14:05:42 by Adam Ciarcinski | Files touched by this commit (125)
Log message:
Forget about Python 3.6
   2021-10-26 13:07:15 by Nia Alarie | Files touched by this commit (958)
Log message:
net: Replace RMD160 checksums with BLAKE2s checksums

All checksums have been double-checked against existing RMD160 and
SHA512 hashes

Not committed (merge conflicts...):

net/radsecproxy/distinfo

The following distfiles could not be fetched (fetched conditionally?):

./net/citrix_ica/distinfo citrix_ica-10.6.115659/en.linuxx86.tar.gz
./net/djbdns/distinfo dnscache-1.05-multiple-ip.patch
./net/djbdns/distinfo djbdns-1.05-test28.diff.xz
./net/djbdns/distinfo djbdns-1.05-ignoreip2.patch
./net/djbdns/distinfo djbdns-1.05-multiip.diff
./net/djbdns/distinfo djbdns-cachestats.patch
   2021-10-07 16:43:07 by Nia Alarie | Files touched by this commit (962)
Log message:
net: Remove SHA1 hashes for distfiles
   2021-09-16 13:52:19 by Leonardo Taccari | Files touched by this commit (2)
Log message:
mitmproxy: Update to 7.0.3

Changes:
7.0.3
-----
* CVE-2021-39214: Fix request smuggling vulnerabilities reported by @chinchila
* Expose TLS 1.0 as possible minimum version on older pyOpenSSL releases
* Fix compatibility with Python 3.10

7.0.2
-----
* Fix a WebSocket crash introduced in 7.0.1

7.0.1
-----
* Performance: Re-use OpenSSL contexts to enable TLS session resumption
* Disable HTTP/2 CONNECT for Secure Web Proxies to fix compatibility with
  Firefox
* Use local IP address as certificate subject if no other info is available
* Make it possible to return multiple chunks for HTTP stream modification
* Don't send WebSocket CONTINUATION frames when the peer does not send any
* Fix HTTP stream modify example.
* Fix a crash caused by no-op assignments to `Server.address`
* Fix a crash when encountering invalid certificates
* Fix a crash when pressing the Home/End keys in some screens
* Fix a crash when reading corrupted flow dumps
* Fix multiple crashes on flow export
* Fix a bug where ASGI apps did not see the request body
* Minor documentation improvements