cf4e9db0b3
pkgsrc changes: - Update DESCR and COMMENT based respectively on upstream's README and GitHub project description - Switch to non-versioned py-OpenSSL. mitmproxy now needs Rust-y bits also for mitmproxy_rs. Possibly avoiding Rust py-cryptography no longer helps. - Adjust SUBST-fu in order to address dependencies versions in pyproject.toml, not setup.py (per upstream usage) Changes: ## 06 January 2024: mitmproxy 10.2.1 * Fix a regression introduced in mitmproxy 10.2.0: WireGuard servers now bind to all interfaces again. * Remove stale reference to ctx.log in addon documentation. * Fix a bug where a traceback is shown during shutdown. ## 04 January 2024: mitmproxy 10.2.0 * Local Redirect Mode is now officially available on macOS and Windows. See the linked blog posts for details. * UDP streams are now backed by a new implementation in mitmproxy_rs. This represents a major API change as UDP traffic is now exposed as streams instead of a callback for each packet. * Fix a regression from mitmproxy 10.1.6 where ignore_hosts would terminate requests instead of forwarding them. * ignore_hosts now waits for the entire HTTP headers if it suspects the connection to be HTTP. ## 14 December 2023: mitmproxy 10.1.6 * Fix compatibility with Windows Schannel clients, which previously got confused by CA and leaf certificate sharing the same Subject Key Identifier. * Change keybinding for exporting flow from "e" to "x" to avoid conflict with "edit" keybinding. * Fix bug where response flows from HAR files had incorrect `content-length` headers * Improved handling for `allow_hosts`/`ignore_hosts` options in WireGuard mode. * Fix a bug where TCP connections were not closed properly. * DNS resolution is now exempted from `ignore_hosts` in WireGuard Mode. * Fix case sensitivity of URL added to blocklist * Fix a bug where logging was stopped prematurely during shutdown. * For plaintext traffic, `ignore_hosts` now also takes HTTP/1 host headers into account. * Fix empty cookie attributes being set to `Key=` instead of `Key` * Scripts with relative paths are now loaded relative to the config file and not where the command is ran * Fix `mitmweb` splitter becoming drag and drop. * Enhance documentation and add alert log messages when stream_large_bodies and modify_body are set * Subject Alternative Names are now represented as `cryptography.x509.GeneralNames` instead of `list[str]` across the codebase. This fixes a regression introduced in mitmproxy 10.1.1 related to punycode domain encoding. ## 14 November 2023: mitmproxy 10.1.5 * Remove stray `replay-extra` from CLI status bar. ## 13 November 2023: mitmproxy 10.1.4 * Fix a hang/freeze in the macOS distributions when doing TLS negotiation. * Update savehar addon to fix creating corrupt har files caused by empty response content * Update savehar addon to handle scenarios where "path" key in cookie attrs dict is missing. * Add `server_replay_extra` option to serverplayback to define behaviour when replayable response is missing. ## 04 November 2023: mitmproxy 10.1.3 * Fix a bug introduced in mitmproxy 10.1.2 where mitmweb would fail to establish a WebSocket connection. Affected users may need to clear their browser cache or hard-reload mitmweb (Ctrl+Shift+R). ## 03 November 2023: mitmproxy 10.1.2 * Add a raw hex stream contentview. * Add a contentview for DNS-over-HTTPS. * Replaced standalone mitmproxy binaries on macOS with an app bundle that contains the mitmproxy/mitmweb/mitmdump CLI tools. This change was necessary to support macOS code signing requirements. Homebrew remains the recommended installation method. * Fix certificate generation to work with strict mode OpenSSL 3.x clients * Fix path() documentation that the return value might include the query string * mitmproxy now officially supports Python 3.12. * Fix root-relative URLs so that mitmweb can run in subdirectories. * Add an optional parameter(ldap search filter key) to ProxyAuth-LDAP. * Fix a regression when using the proxyauth addon with clients that (rightfully) reuse connections. ## 27 September 2023: mitmproxy 10.1.1 * Fix certificate generation for punycode domains. * Fix a bug that would crash mitmweb when opening options. ## 24 September 2023: mitmproxy 10.1.0 * Add support for reading HAR files using the existing flow loading APIs, e.g. `mitmproxy -r example.har`. * Add support for writing HAR files using the `save.har` command and the `hardump` option for mitmdump. * Packaging changes: - `mitmproxy-rs` does not depend on a protobuf compiler being available anymore, we're now also providing a working source distribution for all platforms. - On macOS, `mitmproxy-rs` now depends on `mitmproxy-macos`. We only provide binary wheels for this package because it contains a code-signed system extension. Building from source requires a valid Apple Developer Id, see CI for details. - On Windows, `mitmproxy-rs` now depends on `mitmproxy-windows`. We only provide binary wheels for this package to simplify our deployment process, see CI for how to build from source. * Increase maximum dump file size accepted by mitmweb ## 04 August 2023: mitmproxy 10.0.0 * Add experimental support for HTTP/3 and QUIC. * ASGI/WSGI apps can now listen on all ports for a specific hostname. This makes it simpler to accept both HTTP and HTTPS. * Add `replay.server.add` command for adding flows to server replay buffer * Remove string escaping in raw view. * Updating `Request.port` now also updates the Host header if present. This aligns with `Request.host`, which already does this. * Fix editing of multipart HTTP requests from the CLI. * Add documentation on using Magisk module for intercepting traffic in Android production builds. * Fix a bug where the direction indicator in the message stream view would be in the wrong direction. * Fix a bug where peername would be None in tls_passthrough script, which would make it not working. * the `esc` key can now be used to exit the current view * focus-follow shortcut will now work in flow view context too. * Fix a bug where a server connection timeout would cause requests to be issued with a wrong SNI in reverse proxy mode. * The `server_replay_nopop` option has been renamed to `server_replay_reuse` to avoid confusing double-negation. * Add zstd to valid gRPC encoding schemes. * For reverse proxy directly accessed via IP address, the IP address is now included as a subject in the generated certificate. * Enable legacy SSL connect when connecting to server if the `ssl_insecure` flag is set. * Change wording in the http-reply-from-proxy.py example * Added option to specify an elliptic curve for key exchange between mitmproxy <-> server * Add "Prettier" code linting tool to mitmweb. * When logging exceptions, provide the entire exception object to log handlers * mitmproxy now requires Python 3.10 or above. ### Breaking Changes * The `onboarding_port` option has been removed. The onboarding app now responds to all requests for the hostname specified in `onboarding_host`. * `connection.Client` and `connection.Server` now accept keyword arguments only. This is a breaking change for custom addons that use these classes directly. ## 02 November 2022: mitmproxy 9.0.1 * The precompiled binaries now ship with OpenSSL 3.0.7, which resolves CVE-2022-3602 and CVE-2022-3786. * Performance and stability improvements for WireGuard mode. * Fix a bug where the standalone Linux binaries would require libffi to be installed. * Hard exit when mitmproxy cannot write logs, fixes endless loop when parent process exits. * Fix a permission error affecting the Docker images. ## 28 October 2022: mitmproxy 9.0.0 ### Major Features * Add Raw UDP support. * Add WireGuard mode to enable transparent proxying via WireGuard. * Add DTLS support. * Add a quick help bar to mitmproxy. ### Deprecations * Deprecate `add_log` event hook. Users should use the builtin `logging` module instead. * Deprecate `mitmproxy.ctx.log` in favor of Python's builtin `logging` module. ### Breaking Changes * The `mode` option is now a list of server specs instead of a single spec. The CLI interface is unaffected, but users may need to update their `config.yaml`. ### Full Changelog * Mitmproxy binaries now ship with Python 3.11. * One mitmproxy instance can now spawn multiple proxy servers. * Add syntax highlighting to JSON and msgpack content view. * Add MQTT content view. * Setting `connection_strategy` to `lazy` now also disables early upstream connections to fetch TLS certificate details. * Fix order of event hooks on startup. * Include server information in bind/listen errors. * Include information about lazy connection_strategy in related errors. * Fix `tls_version_server_min` and `tls_version_server_max` options. * Added Magisk module generation for Android onboarding. * Update Linux binary builder to Ubuntu 20.04, bumping the minimum glibc version to 2.31. * Add "Save filtered" button in mitmweb. * Render application/prpc content as gRPC/Protocol Buffers * Mitmweb now supports `content_view_lines_cutoff`. * Fix a mitmweb crash when scrolling down the flow list. * Add HTTP/3 binary frame content view. * Fix mitmweb not properly opening a browser and being stuck on some Linux. * Fix race condition when updating mitmweb WebSocket connections that are closing. * Fix mitmweb crash when using filters. * Fix missing default port when starting a browser. * Add docs for transparent mode on Windows.
70 lines
3 KiB
Makefile
70 lines
3 KiB
Makefile
# $NetBSD: Makefile,v 1.46 2024/01/06 23:39:24 leot Exp $
|
|
|
|
DISTNAME= mitmproxy-10.2.1
|
|
CATEGORIES= net
|
|
MASTER_SITES= https://downloads.mitmproxy.org/${PKGVERSION_NOREV}/
|
|
|
|
MAINTAINER= leot@NetBSD.org
|
|
HOMEPAGE= https://mitmproxy.org/
|
|
COMMENT= Interactive TLS-capable intercepting HTTP proxy
|
|
LICENSE= mit
|
|
|
|
DEPENDS+= ${PYPKGPREFIX}-aioquic>=0.9.24:../../www/py-aioquic
|
|
DEPENDS+= ${PYPKGPREFIX}-asgiref>=3.2.10:../../www/py-asgiref
|
|
DEPENDS+= ${PYPKGPREFIX}-brotli>=1.0:../../archivers/py-brotli
|
|
DEPENDS+= ${PYPKGPREFIX}-certifi>=2019.9.11:../../security/py-certifi
|
|
DEPENDS+= ${PYPKGPREFIX}-click>=7.0:../../devel/py-click
|
|
DEPENDS+= ${PYPKGPREFIX}-cryptography>=39.0:../../security/py-cryptography
|
|
DEPENDS+= ${PYPKGPREFIX}-flask>=1.1.1:../../www/py-flask
|
|
DEPENDS+= ${PYPKGPREFIX}-h11>=0.11:../../www/py-h11
|
|
DEPENDS+= ${PYPKGPREFIX}-h2>=4.1:../../www/py-h2
|
|
DEPENDS+= ${PYPKGPREFIX}-hyperframe>=6.0:../../www/py-hyperframe
|
|
DEPENDS+= ${PYPKGPREFIX}-kaitaistruct>=0.10:../../devel/py-kaitaistruct
|
|
DEPENDS+= ${PYPKGPREFIX}-ldap3>=2.8:../../databases/py-ldap3
|
|
DEPENDS+= ${PYPKGPREFIX}-mitmproxy_rs>=0.5.1:../../net/py-mitmproxy_rs
|
|
DEPENDS+= ${PYPKGPREFIX}-msgpack>=1.0.0:../../devel/py-msgpack
|
|
DEPENDS+= ${PYPKGPREFIX}-OpenSSL>=22.1:../../security/py-OpenSSL
|
|
DEPENDS+= ${PYPKGPREFIX}-passlib>=1.6.5:../../security/py-passlib
|
|
DEPENDS+= ${PYPKGPREFIX}-protobuf>=3.14:../../devel/py-protobuf
|
|
DEPENDS+= ${PYPKGPREFIX}-publicsuffix2>=2.20190812:../../www/py-publicsuffix2
|
|
DEPENDS+= ${PYPKGPREFIX}-pyparsing>=2.4.2:../../devel/py-pyparsing
|
|
DEPENDS+= ${PYPKGPREFIX}-pyperclip>=1.6.0:../../x11/py-pyperclip
|
|
DEPENDS+= ${PYPKGPREFIX}-ruamel-yaml>=0.16:../../devel/py-ruamel-yaml
|
|
DEPENDS+= ${PYPKGPREFIX}-sortedcontainers>=2.3:../../devel/py-sortedcontainers
|
|
DEPENDS+= ${PYPKGPREFIX}-tornado>=6.2:../../www/py-tornado
|
|
DEPENDS+= ${PYPKGPREFIX}-urwid>=2.1.1:../../devel/py-urwid
|
|
DEPENDS+= ${PYPKGPREFIX}-wsproto>=1.0:../../www/py-wsproto
|
|
DEPENDS+= ${PYPKGPREFIX}-zstandard>=0.11:../../archivers/py-zstandard
|
|
|
|
.include "../../lang/python/pyversion.mk"
|
|
|
|
.if ${PYTHON_VERSION} < 311
|
|
DEPENDS+= ${PYPKGPREFIX}-typing-extensions>=4.3:../../devel/py-typing-extensions
|
|
.endif
|
|
|
|
# Forked urwid-mitmproxy-2.1.2.1 contains patches for Windows. They should be
|
|
# not needed in pkgsrc and this spare us some kludges and maintainance due
|
|
# forked urwid.
|
|
SUBST_CLASSES+= urwid
|
|
SUBST_STAGE.urwid= pre-configure
|
|
SUBST_MESSAGE.urwid= Use non-forked urwid
|
|
SUBST_FILES.urwid= pyproject.toml
|
|
SUBST_SED.urwid+= -e 's/urwid-mitmproxy/urwid/g'
|
|
|
|
SUBST_CLASSES+= pyprojecttomlversions
|
|
SUBST_STAGE.pyprojecttomlversions= pre-configure
|
|
SUBST_MESSAGE.pyprojecttomlversions= Avoid too strict version requirements
|
|
SUBST_FILES.pyprojecttomlversions= pyproject.toml
|
|
SUBST_SED.pyprojecttomlversions+= -E -e '/[>=]=/ s/, *<[0-9.]+(",|;)/\1/g'
|
|
|
|
REPLACE_SH+= mitmproxy/contrib/kaitaistruct/make.sh
|
|
|
|
USE_LANGUAGES= # none
|
|
|
|
# Only for Python >=3.10
|
|
PYTHON_VERSIONS_INCOMPATIBLE= 27 38 39
|
|
|
|
.include "../../lang/python/batteries-included.mk"
|
|
.include "../../lang/python/application.mk"
|
|
.include "../../lang/python/wheel.mk"
|
|
.include "../../mk/bsd.pkg.mk"
|