* Wed Aug 01 2018 aloisio@gmx.com
- Added protect_against_DNS_rebinding.patch and
improve_DNS_rebinding_protection_support_IPv6.patch to address
CVE-2018-14505 (fixes boo#1102178)
- Added update_ldap3_dependency.patch for the package to work
with python3-ldap3 2.5 (fixes boo#1101457)
- Minor spec improvements
* Thu Apr 05 2018 aloisio@gmx.com
- Update to version 3.0.4
* Fix an issue that caused mitmproxy to not retry HTTP requests
on timeout.
* Various other fixes (@kira0204, @fenilgandhi, @tran-tien-dat,
@smonami, @luzpaz, @fristonio, @kajojify, @Oliver-Fish,
@hcbarry, @jplochocki, @MikeShi42, @ghillu, @emilstahl)
* Thu Feb 22 2018 aloisio@gmx.com
- Update to version 3.0.3
* A minor release that actually includes the fix meant for 3.0.2.
version 3.0.2
* Fix an issue that caused mitmproxy to lose keyboard control
after spawning an external editor.
version 3.0.1
* A quick point release to fix a bug that broke quoted arguments
in the console command editor.
version 3.0
Major Changes:
* Commands: A consistent, typed mechanism that allows addons to
expose actions to users.
* Options: A typed settings store for use by mitmproxy and
addons.
* Shift most of mitmproxy's own functionality into addons.
* Major improvements to mitmproxy console, including an almost
complete rewrite of the user interface, integration of
commands, key bindings, and multi-pane layouts.
* Major Improvements to mitmproxy’s web interface, mitmweb.
(Matthew Shao, Google Summer of Code 2017)
* Major Improvements to mitmproxy’s content views and protocol
layers (Ujjwal Verma, Google Summer of Code 2017)
* Faster JavaScript and CSS beautifiers. (Ujjwal Verma)
Minor Changes:
* Vastly improved JavaScript test coverage (Matthew Shao)
* Options editor for mitmweb (Matthew Shao)
* Static web-based flow viewer (Matthew Shao)
* Request streaming for HTTP/1.x and HTTP/2 (Ujjwal Verma)
* Implement more robust content views using Kaitai Struct
(Ujjwal Verma)
* Protobuf decoding now works without protoc being installed on
the host system (Ujjwal Verma)
* PNG, GIF, and JPEG can now be parsed without Pillow, which
simplifies mitmproxy installation and moves parsing from unsafe
C to pure Python (Ujjwal Verma)
* Add parser for ICO files (Ujjwal Verma)
* Migrate WebSockets implementation to wsproto. This reduces
code size and adds WebSocket compression support.
(Ujjwal Verma)
* Add “split view” to split mitmproxy’s UI into two separate
panes.
* Add key binding viewer and editor
* Add a command to spawn a preconfigured Chrome browser instance
from mitmproxy
* Fully support mitmproxy under the Windows Subsystem for Linux
(WSL), work around display errors
* Add XSS scanner addon (@ddworken)
* Add ability to toggle interception (@mattweidner)
* Numerous documentation improvements (@pauloromeira, @rst0git,
@rgerganov, @fulldecent, @zhigang1992, @F1ashhimself,
@vinaydargar, @jonathanrfisher1, @BasThomas, @LuD1161,
@ayamamori, @TomTasche)
* Add filters for websocket flows (@s4chin)
* Make it possible to create a response to CONNECT requests in
http_connect (@mengbiping)
* Redirect stdout in scripts to ctx.log.warn (@nikofil)
* Fix a crash when clearing the event log (@krsoninikhil)
* Store the generated certificate for each flow (@dlenski)
* Add --keep-host-header to retain the host header in reverse
proxy mode (@krsoninikhil)
* Fix setting palette options (@JordanLoehr)
* Fix a crash with brotli encoding (@whackashoe)
* Provide certificate installation instructions on mitm.it
(@ritiek)
* Fix a bug where we did not properly fall back to IPv4 when
IPv6 is unavailable (@titeuf87)
* Fix transparent mode on IPv6-enabled macOS systems (@Ga-ryo)
* Fix handling of HTTP messages with multiple Content-Length
headers (@surajt97)
* Fix IPv6 authority form parsing in CONNECT requests (@r1b)
* Fix event log display in mitmweb (@syahn)
* Remove private key from PKCS12 file in ~/.mitmproxy (@ograff).
* Add LDAP as a proxy authentication backend (@charlesdhdt)
* Use mypy to check the whole codebase (@iharsh234)
* Fix a crash when duplicating flows (@iharsh234)
* Fix testsuite when the path contains a “.” (@felixonmars)
* Store proxy authentication with flows (@lymanZerga11)
* Match ~d and ~u filters against pretty_host (@dequis)
* Update WBXML content view (@davidpshaw)
* Handle HEAD requests for mitm.it to support Chrome in
transparent mode on iOS (@tomlabaude)
* Update dns spoofing example to use --keep-host-header
(@krsoninikhil)
* Call error handler on HTTPException (@tarnacious)
* Make it possible to remove TLS from upstream HTTP connections
* Update to pyOpenSSL 17.5, cryptography 2.1.4, and OpenSSL
1.1.0g
* Make it possible to retroactively increase log verbosity.
* Make logging from addons thread-safe
* Tolerate imports in user scripts that match hook names (`from
mitmproxy import log`)
* Update mitmweb to React 16, which brings performance
improvements
* Fix a bug where reverting duplicated flows crashes mitmproxy
* Fix a bug where successive requests are sent to the wrong host
after a request has been redirected.
* Fix a bug that binds outgoing connections to the wrong
interface
* Fix a bug where custom certificates are ignored in reverse
proxy mode
* Fix import of flows that have been created with mitmproxy 0.17
* Fix formatting of (IPv6) IP addresses in a number of places
* Fix replay for HTTP/2 flows
* Decouple mitmproxy version and flow file format version
* Fix a bug where “mitmdump -nr” does not exit automatically
* Fix a crash when exporting flows to curl
* Fix formatting of sticky cookies
* Improve script reloading reliability by polling the filesystem
instead of using watchdog
* Fix a crash when refreshing Set-Cookie headers
* Add connection indicator to mitmweb to alert users when the
proxy server stops running
* Add support for certificates with cyrillic domains
* Simplify output of mitmproxy --version
* Add Request.make to simplify request creation in scripts
* Pathoc: Include a host header on CONNECT requests
* Remove HTML outline contentview (#2572)
* Remove Python and Locust export (#2465)
* Remove emojis from tox.ini because flake8 cannot parse that. :(
- Dropped python-mitmproxy-no_git.patch (no longer necessary)
* Fri Apr 28 2017 aloisio@gmx.com
- Update to version 2.0.2
* Fix mitmweb's Content-Security-Policy to work with Chrome
58+ (#2284)
* Wed Mar 15 2017 aloisio@gmx.com
- Update to version 2.0.1
* http2: fix h2 header normalization test (#2080)
* Tue Feb 21 2017 aloisio@gmx.com
- Update to version 2.0.0
* HTTP/2 is now enabled by default.
* Image ContentView: Parse images with Kaitai Struct
(kaitai.io) instead of Pillow.
This simplifies installation, reduces binary size, and
allows parsing in pure Python.
* Web: Add missing flow filters.
* Add transparent proxy support for OpenBSD.
* Check the mitmproxy CA for expiration and warn the user to
regenerate it if necessary.
* Testing: Tremendous improvements, enforced 100% coverage
for large parts of the codebase, increased overall
coverage.
* Enforce individual coverage: one source file -> one test
file with 100% coverage.
* A myriad of other small improvements throughout the
project.
* Numerous bugfixes.
- Added python3-mitmproxy-no_git.patch
* Thu Feb 02 2017 aloisio@gmx.com
- Update to version 1.0.2
* Fix compatibility with Python 3.5.0
1.0.1:
* Fix compatibility with Python 3.6
* Mon Dec 26 2016 aloisio@gmx.com
- Switched to python3 package
- Update to version 1.0
* All mitmproxy tools are now Python 3 only! We plan to
support Python 3.5 and higher.
* Web-Based User Interface: Mitmproxy now offically has a
web-based user interface called mitmweb. We consider it
stable for all features currently exposed in the UI,
but it still misses a lot of mitmproxy’s options.
* Windows Compatibility: With mitmweb, mitmproxy is now
useable on Windows.
We are also introducing an installer (kindly sponsored
by BitRock) that simplifies setup.
* Configuration: The config file format is now a single
YAML file. In most cases, converting to the new format
should be trivial - please see the docs for more
information.
* Console: Significant UI improvements - including sorting
of flows by size, type and url, status bar improvements,
much faster indentation for HTTP views, and more.
* HTTP/2: Significant improvements, but is temporarily
disabled by default due to wide-spread protocol
implementation errors on some large website
* WebSocket: The protocol implementation is now mature,
and is enabled by
default. Complete UI support is coming in the next
release. Hooks for message interception and manipulation
are available.
* A myriad of other small improvements throughout the
project.
version 0.18:
* Python 3 Compatibility for mitmproxy and pathod (Shadab
Zafar, GSoC 2016)
* Major improvements to mitmweb (Clemens Brunner & Jason
Hao, GSoC 2016)
* Internal Core Refactor: Separation of most features into
isolated Addons
* Initial Support for WebSockets
* Improved HTTP/2 Support
* Reverse Proxy Mode now automatically adjusts host
headers and TLS Server Name Indication
* Improved HAR export
* Improved export functionality for curl, python code, raw
http etc.
* Flow URLs are now truncated in the console for better
visibility
* New filters for TCP, HTTP and marked flows.
* Mitmproxy now handles comma-separated Cookie headers
* Merge mitmproxy and pathod documentation
* Mitmdump now sanitizes its console output to not include
control characters
* Improved message body handling for HTTP messages:
.raw_content provides the message body as seen on the
wire
.content provides the decompressed body (e.g. un-gzipped)
.text provides the body decompressed and decoded body
* New HTTP Message getters/setters for cookies and form
contents.
* Add ability to view only marked flows in mitmproxy
* Improved Script Reloader (Always use polling, watch for
whole directory)
* Use tox for testing
* Unicode support for tnetstrings
* Add dumpfile converters for mitmproxy versions 0.11 and
version 0.12
* Numerous bugfixes
version 0.17:
* Simplify repository and release structure. mitmproxy now
comes as a single package, including netlib and pathod.
* Rename the Python package from libmproxy to mitmproxy.
* New option to add server certs to client chain
(CVE-2016-2402, John Kozyrakis)
* Enable HTTP/2 by default (Thomas Kriechbaumer)
* Improved HAR extractor (Shadab Zafar)
* Add icon for OSX and Windows binaries
* Add content view for query parameters (Will Coster)
* Initial work on Python 3 compatibility
* locust.io export (Zohar Lorberbaum)
* Fix XSS vulnerability in HTTP errors (Will Coster)
* Numerous bugfixes and minor improvements
version 0.16:
* Completely revised HTTP2 implementation based on
hyper-h2 (Thomas Kriechbaumer)
* Export flows as cURL command, Python code or raw HTTP
(Shadab Zafar)
* Fixed compatibility with the Android Emulator (Will
Coster)
* Script Reloader: Inline scripts are reloaded
automatically if modified (Matthew Shao)
* Inline script hooks for TCP mode (Michael J. Bazzinotti)
* Add default ciphers to support iOS9 App Transport
Security (Jorge Villacorta)
* Basic Authentication for mitmweb (Guillem Anguera)
* Exempt connections from interception based on TLS Server
Name Indication (David Weinstein)
* Provide Python Wheels for faster installation
* Numerous bugfixes and minor improvements
version 0.15:
* Support for loading and converting older dumpfile
formats (0.13 and up)
* Content views for inline script (@chrisczub)
* Better handling of empty header values (Benjamin
Lee/@bltb)
* Fix a gnarly memory leak in mitmdump
* A number of bugfixes and small improvements
version 0.14:
* Statistics: 399 commits, 13 contributors, 79 closed
issues, 37 closed
PRs, 103 days
* Docs: Greatly updated docs now hosted on ReadTheDocs!
http://docs.mitmproxy.org
* Docs: Fixed Typos, updated URLs etc. (Nick Badger, Ben
Lerner, Choongwoo
Han, onlywade, Jurriaan Bremer)
* mitmdump: Colorized TTY output
* mitmdump: Use mitmproxy's content views for
human-readable output (Chris Czub)
* mitmproxy and mitmdump: Support for displaying UTF8
contents
* mitmproxy: add command line switch to disable mouse
interaction (Timothy Elliott)
* mitmproxy: bug fixes (Choongwoo Han, sethp-jive,
FreeArtMan)
* mitmweb: bug fixes (Colin Bendell)
* libmproxy: Add ability to fall back to TCP passthrough
for non-HTTP connections.
* libmproxy: Avoid double-connect in case of TLS Server
Name Indication. This yields a massive speedup for
TLS handshakes.
* libmproxy: Prevent unneccessary upstream connections
(macmantrl)
* Inline Scripts: New API for HTTP Headers:
http://docs.mitmproxy.org/en/latest/dev/models.html#netlib.http.Headers
* Inline Scripts: Properly handle exceptions in `done` hook
* Inline Scripts: Allow relative imports, provide
`__file__`
* Examples: Add probabilistic TLS passthrough as an inline
script
* netlib: Refactored HTTP protocol handling code
* netlib: ALPN support
* netlib: fixed a bug in the optional certificate
verification.
* netlib: Initial Python 3.5 support (this is the first
prerequisite for 3.x support in mitmproxy)
- Added python3-mitmproxy-rpmlintrc
* Wed Jan 27 2016 freitag@owncloud.com
- Fix a repo in requires list
* Sun Jul 26 2015 freitag@owncloud.com
- Update to upstream version 0.13
* Upstream certificate validation.
* Add HTTP transparent proxy mode.
* Add ~src and ~dst REGEX filters
* mitmproxy console: change g/G keyboard shortcuts to match less.
* mitmproxy console: Flow marking and unmarking.
* mitmproxy console: add marking of flows
* Remove the certforward feature
* Mon Mar 09 2015 freitag@owncloud.com
- Fixed download URL to use the one from python.org
- Fixed group
- Year in the header
* Wed Mar 04 2015 freitag@owncloud.com
- Fixed license.
* Thu Dec 13 2012 fcastelli@suse.com
- Another cleanup of the .spec file
* Mon Dec 10 2012 fcastelli@suse.com
- Cleanup .spec file
* Thu Nov 29 2012 fcastelli@suse.com
- Ensure libmproxy is found
- Require python-netlib at runtime
* Wed Nov 28 2012 fcastelli@suse.com
- Fix build on 12.2 x86_64.
* Wed Nov 28 2012 fcastelli@suse.com
- update to git rev 8c976ac7f0.
* Tue Oct 16 2012 fcastelli@suse.com
- created initial package for version 0.8