2020-06-17 10:49:07 +00:00
|
|
|
#
|
|
|
|
|
# spec file for package python-mitmproxy
|
|
|
|
|
#
|
- Update to 11.1.2:
* CVE-2025-23217: mitmweb's API now requires an authentication token by
default. The mitmweb API is bound to localhost only, but @gronke found
that an attacker can circumvent that restriction by tunneling requests
through the proxy server itself in an SSRF-style attack.
(fa89055, @mhils) (bsc#1236890)
* Add (optional) password protection for mitmweb. The web_password option
replaces the randomly-generated token authentication with a fixed secret
that survives mitmproxy restarts. (0bd573a, @mhils)
* mitmweb can now be hosted under arbitrary domains, the previously-used
DNS rebind protection is not required anymore. (62693af, @mhils)
* Security Hardening: mitmweb's xsrf_token cookie is now HttpOnly;
SameSite=Strict. (#7491, @mhils)
* Fix console freezing due to DNS queries with an empty question
section. (#7497, @sujaldev)
* Fixed a bug that caused mitmproxy to crash when loading prior knowledge
h2 flows. (#7514, @sujaldev)
* Fix a bug where mitmproxy would get stuck in secure web proxy mode when
using ignore_hosts or allow_hosts. (#7519, @mhils)
* Copy request/response data to the clipboard in mitmweb (#7352, @lups2000)
* Fix a bug where exporting a curl or httpie command with escaped
characters would lead to different data being sent.
(#7520, @proteusvacuum)
* Local Capture Mode is now available on Linux as well. (#7440, @mhils)
* mitmproxy now requires Python 3.12 or above. (#7440, @mhils)
* Add cache-busting for mitmweb's front end code. (#7386, @mhils)
* Clicking the URL in mitmweb now places the cursor at the current
position instead of selecting the entire URL. (#7385, @lups2000)
* Add missing status codes (#7455, @jwadolowski)
* All filter expressions are now case-insensitive by default. Users can
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-mitmproxy?expand=0&rev=24
2025-02-10 04:57:19 +00:00
|
|
|
# Copyright (c) 2025 SUSE LLC
|
2020-06-17 10:49:07 +00:00
|
|
|
#
|
|
|
|
|
# All modifications and additions to the file contributed by third parties
|
|
|
|
|
# remain the property of their copyright owners, unless otherwise agreed
|
|
|
|
|
# upon. The license for this file, and modifications and additions to the
|
|
|
|
|
# file, is the same license as for the pristine package itself (unless the
|
|
|
|
|
# license for the pristine package is not an Open Source License, in which
|
|
|
|
|
# case the license is the MIT License). An "Open Source License" is a
|
|
|
|
|
# license that conforms to the Open Source Definition (Version 1.9)
|
|
|
|
|
# published by the Open Source Initiative.
|
|
|
|
|
|
|
|
|
|
# Please submit bugfixes or comments via https://bugs.opensuse.org/
|
|
|
|
|
#
|
|
|
|
|
|
|
|
|
|
|
2024-01-29 21:27:48 +00:00
|
|
|
%{?sle15_python_module_pythons}
|
- Update to 11.1.2:
* CVE-2025-23217: mitmweb's API now requires an authentication token by
default. The mitmweb API is bound to localhost only, but @gronke found
that an attacker can circumvent that restriction by tunneling requests
through the proxy server itself in an SSRF-style attack.
(fa89055, @mhils) (bsc#1236890)
* Add (optional) password protection for mitmweb. The web_password option
replaces the randomly-generated token authentication with a fixed secret
that survives mitmproxy restarts. (0bd573a, @mhils)
* mitmweb can now be hosted under arbitrary domains, the previously-used
DNS rebind protection is not required anymore. (62693af, @mhils)
* Security Hardening: mitmweb's xsrf_token cookie is now HttpOnly;
SameSite=Strict. (#7491, @mhils)
* Fix console freezing due to DNS queries with an empty question
section. (#7497, @sujaldev)
* Fixed a bug that caused mitmproxy to crash when loading prior knowledge
h2 flows. (#7514, @sujaldev)
* Fix a bug where mitmproxy would get stuck in secure web proxy mode when
using ignore_hosts or allow_hosts. (#7519, @mhils)
* Copy request/response data to the clipboard in mitmweb (#7352, @lups2000)
* Fix a bug where exporting a curl or httpie command with escaped
characters would lead to different data being sent.
(#7520, @proteusvacuum)
* Local Capture Mode is now available on Linux as well. (#7440, @mhils)
* mitmproxy now requires Python 3.12 or above. (#7440, @mhils)
* Add cache-busting for mitmweb's front end code. (#7386, @mhils)
* Clicking the URL in mitmweb now places the cursor at the current
position instead of selecting the entire URL. (#7385, @lups2000)
* Add missing status codes (#7455, @jwadolowski)
* All filter expressions are now case-insensitive by default. Users can
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-mitmproxy?expand=0&rev=24
2025-02-10 04:57:19 +00:00
|
|
|
# Upstream only supports Python 3.12+!
|
|
|
|
|
%define skip_python311 1
|
2020-06-17 10:49:07 +00:00
|
|
|
Name: python-mitmproxy
|
- Update to 11.1.2:
* CVE-2025-23217: mitmweb's API now requires an authentication token by
default. The mitmweb API is bound to localhost only, but @gronke found
that an attacker can circumvent that restriction by tunneling requests
through the proxy server itself in an SSRF-style attack.
(fa89055, @mhils) (bsc#1236890)
* Add (optional) password protection for mitmweb. The web_password option
replaces the randomly-generated token authentication with a fixed secret
that survives mitmproxy restarts. (0bd573a, @mhils)
* mitmweb can now be hosted under arbitrary domains, the previously-used
DNS rebind protection is not required anymore. (62693af, @mhils)
* Security Hardening: mitmweb's xsrf_token cookie is now HttpOnly;
SameSite=Strict. (#7491, @mhils)
* Fix console freezing due to DNS queries with an empty question
section. (#7497, @sujaldev)
* Fixed a bug that caused mitmproxy to crash when loading prior knowledge
h2 flows. (#7514, @sujaldev)
* Fix a bug where mitmproxy would get stuck in secure web proxy mode when
using ignore_hosts or allow_hosts. (#7519, @mhils)
* Copy request/response data to the clipboard in mitmweb (#7352, @lups2000)
* Fix a bug where exporting a curl or httpie command with escaped
characters would lead to different data being sent.
(#7520, @proteusvacuum)
* Local Capture Mode is now available on Linux as well. (#7440, @mhils)
* mitmproxy now requires Python 3.12 or above. (#7440, @mhils)
* Add cache-busting for mitmweb's front end code. (#7386, @mhils)
* Clicking the URL in mitmweb now places the cursor at the current
position instead of selecting the entire URL. (#7385, @lups2000)
* Add missing status codes (#7455, @jwadolowski)
* All filter expressions are now case-insensitive by default. Users can
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-mitmproxy?expand=0&rev=24
2025-02-10 04:57:19 +00:00
|
|
|
Version: 11.1.2
|
2020-06-17 10:49:07 +00:00
|
|
|
Release: 0
|
2020-08-11 17:17:34 +00:00
|
|
|
Summary: An interactive, SSL/TLS-capable intercepting proxy
|
2020-06-17 10:49:07 +00:00
|
|
|
License: MIT
|
|
|
|
|
URL: https://mitmproxy.org
|
2024-10-18 08:13:39 +00:00
|
|
|
Source: https://github.com/mitmproxy/mitmproxy/archive/refs/tags/v%{version}.tar.gz#/mitmproxy-%{version}.tar.gz
|
2020-06-17 10:49:07 +00:00
|
|
|
BuildRequires: %{python_module Brotli >= 1.0}
|
- Update to 11.1.2:
* CVE-2025-23217: mitmweb's API now requires an authentication token by
default. The mitmweb API is bound to localhost only, but @gronke found
that an attacker can circumvent that restriction by tunneling requests
through the proxy server itself in an SSRF-style attack.
(fa89055, @mhils) (bsc#1236890)
* Add (optional) password protection for mitmweb. The web_password option
replaces the randomly-generated token authentication with a fixed secret
that survives mitmproxy restarts. (0bd573a, @mhils)
* mitmweb can now be hosted under arbitrary domains, the previously-used
DNS rebind protection is not required anymore. (62693af, @mhils)
* Security Hardening: mitmweb's xsrf_token cookie is now HttpOnly;
SameSite=Strict. (#7491, @mhils)
* Fix console freezing due to DNS queries with an empty question
section. (#7497, @sujaldev)
* Fixed a bug that caused mitmproxy to crash when loading prior knowledge
h2 flows. (#7514, @sujaldev)
* Fix a bug where mitmproxy would get stuck in secure web proxy mode when
using ignore_hosts or allow_hosts. (#7519, @mhils)
* Copy request/response data to the clipboard in mitmweb (#7352, @lups2000)
* Fix a bug where exporting a curl or httpie command with escaped
characters would lead to different data being sent.
(#7520, @proteusvacuum)
* Local Capture Mode is now available on Linux as well. (#7440, @mhils)
* mitmproxy now requires Python 3.12 or above. (#7440, @mhils)
* Add cache-busting for mitmweb's front end code. (#7386, @mhils)
* Clicking the URL in mitmweb now places the cursor at the current
position instead of selecting the entire URL. (#7385, @lups2000)
* Add missing status codes (#7455, @jwadolowski)
* All filter expressions are now case-insensitive by default. Users can
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-mitmproxy?expand=0&rev=24
2025-02-10 04:57:19 +00:00
|
|
|
BuildRequires: %{python_module Flask >= 3.0}
|
|
|
|
|
BuildRequires: %{python_module aioquic >= 1.1.0}
|
|
|
|
|
BuildRequires: %{python_module argon2-cffi >= 23.1.0}
|
2021-01-28 11:27:21 +00:00
|
|
|
BuildRequires: %{python_module asgiref >= 3.2.10}
|
2020-06-17 10:49:07 +00:00
|
|
|
BuildRequires: %{python_module certifi >= 2019.9.11}
|
- Update to 11.1.2:
* CVE-2025-23217: mitmweb's API now requires an authentication token by
default. The mitmweb API is bound to localhost only, but @gronke found
that an attacker can circumvent that restriction by tunneling requests
through the proxy server itself in an SSRF-style attack.
(fa89055, @mhils) (bsc#1236890)
* Add (optional) password protection for mitmweb. The web_password option
replaces the randomly-generated token authentication with a fixed secret
that survives mitmproxy restarts. (0bd573a, @mhils)
* mitmweb can now be hosted under arbitrary domains, the previously-used
DNS rebind protection is not required anymore. (62693af, @mhils)
* Security Hardening: mitmweb's xsrf_token cookie is now HttpOnly;
SameSite=Strict. (#7491, @mhils)
* Fix console freezing due to DNS queries with an empty question
section. (#7497, @sujaldev)
* Fixed a bug that caused mitmproxy to crash when loading prior knowledge
h2 flows. (#7514, @sujaldev)
* Fix a bug where mitmproxy would get stuck in secure web proxy mode when
using ignore_hosts or allow_hosts. (#7519, @mhils)
* Copy request/response data to the clipboard in mitmweb (#7352, @lups2000)
* Fix a bug where exporting a curl or httpie command with escaped
characters would lead to different data being sent.
(#7520, @proteusvacuum)
* Local Capture Mode is now available on Linux as well. (#7440, @mhils)
* mitmproxy now requires Python 3.12 or above. (#7440, @mhils)
* Add cache-busting for mitmweb's front end code. (#7386, @mhils)
* Clicking the URL in mitmweb now places the cursor at the current
position instead of selecting the entire URL. (#7385, @lups2000)
* Add missing status codes (#7455, @jwadolowski)
* All filter expressions are now case-insensitive by default. Users can
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-mitmproxy?expand=0&rev=24
2025-02-10 04:57:19 +00:00
|
|
|
BuildRequires: %{python_module cryptography >= 42.0}
|
- Remove fix-big-integer.patch
- Update to version 9.0.1:
- The precompiled binaries now ship with OpenSSL 3.0.7, which resolves
CVE-2022-3602 and CVE-2022-3786.
- Performance and stability improvements for WireGuard mode. (#5694, @mhils,
@decathorpe)
- Fix a bug where the standalone Linux binaries would require libffi to be
installed. (#5699, @mhils)
- Hard exit when mitmproxy cannot write logs, fixes endless loop when parent
process exits. (#4669, @Prinzhorn)
- Fix a permission error affecting the Docker images. (#5700, @mhils)
- 9.0.0
# Major Features
- Add Raw UDP support. (#5414, @meitinger)
- Add WireGuard mode to enable transparent proxying via WireGuard. (#5562,
@decathorpe, @mhils)
- Add DTLS support. (#5397, @kckeiks).
- Add a quick help bar to mitmproxy. (#5381, #5652, @kckeiks, @mhils).
# Deprecations
- Deprecate add_log event hook. Users should use the builtin logging module
instead. See the docs for details and upgrade instructions. (#5590, @mhils)
- Deprecate mitmproxy.ctx.log in favor of Python's builtin logging module.
See the docs for details and upgrade instructions. (#5590, @mhils)
# Breaking Changes
- The mode option is now a list of server specs instead of a single spec. The
CLI interface is unaffected, but users may need to update their
config.yaml. (#5393, @mhils)
# Full Changelog
- Mitmproxy binaries now ship with Python 3.11. (#5678, @mhils)
- One mitmproxy instance can now spawn multiple proxy servers. (#5393,
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-mitmproxy?expand=0&rev=14
2022-12-15 17:21:57 +00:00
|
|
|
BuildRequires: %{python_module h11 >= 0.11}
|
2022-03-22 18:34:09 +00:00
|
|
|
BuildRequires: %{python_module h2 >= 4.1}
|
2021-01-28 11:27:21 +00:00
|
|
|
BuildRequires: %{python_module hyperframe >= 6.0}
|
2020-06-17 10:49:07 +00:00
|
|
|
BuildRequires: %{python_module hypothesis >= 5.8}
|
- Remove fix-big-integer.patch
- Update to version 9.0.1:
- The precompiled binaries now ship with OpenSSL 3.0.7, which resolves
CVE-2022-3602 and CVE-2022-3786.
- Performance and stability improvements for WireGuard mode. (#5694, @mhils,
@decathorpe)
- Fix a bug where the standalone Linux binaries would require libffi to be
installed. (#5699, @mhils)
- Hard exit when mitmproxy cannot write logs, fixes endless loop when parent
process exits. (#4669, @Prinzhorn)
- Fix a permission error affecting the Docker images. (#5700, @mhils)
- 9.0.0
# Major Features
- Add Raw UDP support. (#5414, @meitinger)
- Add WireGuard mode to enable transparent proxying via WireGuard. (#5562,
@decathorpe, @mhils)
- Add DTLS support. (#5397, @kckeiks).
- Add a quick help bar to mitmproxy. (#5381, #5652, @kckeiks, @mhils).
# Deprecations
- Deprecate add_log event hook. Users should use the builtin logging module
instead. See the docs for details and upgrade instructions. (#5590, @mhils)
- Deprecate mitmproxy.ctx.log in favor of Python's builtin logging module.
See the docs for details and upgrade instructions. (#5590, @mhils)
# Breaking Changes
- The mode option is now a list of server specs instead of a single spec. The
CLI interface is unaffected, but users may need to update their
config.yaml. (#5393, @mhils)
# Full Changelog
- Mitmproxy binaries now ship with Python 3.11. (#5678, @mhils)
- One mitmproxy instance can now spawn multiple proxy servers. (#5393,
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-mitmproxy?expand=0&rev=14
2022-12-15 17:21:57 +00:00
|
|
|
BuildRequires: %{python_module kaitaistruct >= 0.10}
|
2021-01-28 11:27:21 +00:00
|
|
|
BuildRequires: %{python_module ldap3 >= 2.8}
|
- Update to 11.1.2:
* CVE-2025-23217: mitmweb's API now requires an authentication token by
default. The mitmweb API is bound to localhost only, but @gronke found
that an attacker can circumvent that restriction by tunneling requests
through the proxy server itself in an SSRF-style attack.
(fa89055, @mhils) (bsc#1236890)
* Add (optional) password protection for mitmweb. The web_password option
replaces the randomly-generated token authentication with a fixed secret
that survives mitmproxy restarts. (0bd573a, @mhils)
* mitmweb can now be hosted under arbitrary domains, the previously-used
DNS rebind protection is not required anymore. (62693af, @mhils)
* Security Hardening: mitmweb's xsrf_token cookie is now HttpOnly;
SameSite=Strict. (#7491, @mhils)
* Fix console freezing due to DNS queries with an empty question
section. (#7497, @sujaldev)
* Fixed a bug that caused mitmproxy to crash when loading prior knowledge
h2 flows. (#7514, @sujaldev)
* Fix a bug where mitmproxy would get stuck in secure web proxy mode when
using ignore_hosts or allow_hosts. (#7519, @mhils)
* Copy request/response data to the clipboard in mitmweb (#7352, @lups2000)
* Fix a bug where exporting a curl or httpie command with escaped
characters would lead to different data being sent.
(#7520, @proteusvacuum)
* Local Capture Mode is now available on Linux as well. (#7440, @mhils)
* mitmproxy now requires Python 3.12 or above. (#7440, @mhils)
* Add cache-busting for mitmweb's front end code. (#7386, @mhils)
* Clicking the URL in mitmweb now places the cursor at the current
position instead of selecting the entire URL. (#7385, @lups2000)
* Add missing status codes (#7455, @jwadolowski)
* All filter expressions are now case-insensitive by default. Users can
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-mitmproxy?expand=0&rev=24
2025-02-10 04:57:19 +00:00
|
|
|
BuildRequires: %{python_module mitmproxy-rs >= 0.11}
|
2021-01-28 11:27:21 +00:00
|
|
|
BuildRequires: %{python_module msgpack >= 1.0.0}
|
2020-06-17 10:49:07 +00:00
|
|
|
BuildRequires: %{python_module parver >= 0.1}
|
|
|
|
|
BuildRequires: %{python_module passlib >= 1.6.5}
|
2024-02-29 08:59:25 +00:00
|
|
|
BuildRequires: %{python_module pip}
|
2020-06-17 10:49:07 +00:00
|
|
|
BuildRequires: %{python_module publicsuffix2 >= 2.20190812}
|
- Remove fix-big-integer.patch
- Update to version 9.0.1:
- The precompiled binaries now ship with OpenSSL 3.0.7, which resolves
CVE-2022-3602 and CVE-2022-3786.
- Performance and stability improvements for WireGuard mode. (#5694, @mhils,
@decathorpe)
- Fix a bug where the standalone Linux binaries would require libffi to be
installed. (#5699, @mhils)
- Hard exit when mitmproxy cannot write logs, fixes endless loop when parent
process exits. (#4669, @Prinzhorn)
- Fix a permission error affecting the Docker images. (#5700, @mhils)
- 9.0.0
# Major Features
- Add Raw UDP support. (#5414, @meitinger)
- Add WireGuard mode to enable transparent proxying via WireGuard. (#5562,
@decathorpe, @mhils)
- Add DTLS support. (#5397, @kckeiks).
- Add a quick help bar to mitmproxy. (#5381, #5652, @kckeiks, @mhils).
# Deprecations
- Deprecate add_log event hook. Users should use the builtin logging module
instead. See the docs for details and upgrade instructions. (#5590, @mhils)
- Deprecate mitmproxy.ctx.log in favor of Python's builtin logging module.
See the docs for details and upgrade instructions. (#5590, @mhils)
# Breaking Changes
- The mode option is now a list of server specs instead of a single spec. The
CLI interface is unaffected, but users may need to update their
config.yaml. (#5393, @mhils)
# Full Changelog
- Mitmproxy binaries now ship with Python 3.11. (#5678, @mhils)
- One mitmproxy instance can now spawn multiple proxy servers. (#5393,
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-mitmproxy?expand=0&rev=14
2022-12-15 17:21:57 +00:00
|
|
|
BuildRequires: %{python_module pyOpenSSL >= 22.1}
|
2020-06-17 10:49:07 +00:00
|
|
|
BuildRequires: %{python_module pyparsing >= 2.4.2}
|
- Update to 11.1.2:
* CVE-2025-23217: mitmweb's API now requires an authentication token by
default. The mitmweb API is bound to localhost only, but @gronke found
that an attacker can circumvent that restriction by tunneling requests
through the proxy server itself in an SSRF-style attack.
(fa89055, @mhils) (bsc#1236890)
* Add (optional) password protection for mitmweb. The web_password option
replaces the randomly-generated token authentication with a fixed secret
that survives mitmproxy restarts. (0bd573a, @mhils)
* mitmweb can now be hosted under arbitrary domains, the previously-used
DNS rebind protection is not required anymore. (62693af, @mhils)
* Security Hardening: mitmweb's xsrf_token cookie is now HttpOnly;
SameSite=Strict. (#7491, @mhils)
* Fix console freezing due to DNS queries with an empty question
section. (#7497, @sujaldev)
* Fixed a bug that caused mitmproxy to crash when loading prior knowledge
h2 flows. (#7514, @sujaldev)
* Fix a bug where mitmproxy would get stuck in secure web proxy mode when
using ignore_hosts or allow_hosts. (#7519, @mhils)
* Copy request/response data to the clipboard in mitmweb (#7352, @lups2000)
* Fix a bug where exporting a curl or httpie command with escaped
characters would lead to different data being sent.
(#7520, @proteusvacuum)
* Local Capture Mode is now available on Linux as well. (#7440, @mhils)
* mitmproxy now requires Python 3.12 or above. (#7440, @mhils)
* Add cache-busting for mitmweb's front end code. (#7386, @mhils)
* Clicking the URL in mitmweb now places the cursor at the current
position instead of selecting the entire URL. (#7385, @lups2000)
* Add missing status codes (#7455, @jwadolowski)
* All filter expressions are now case-insensitive by default. Users can
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-mitmproxy?expand=0&rev=24
2025-02-10 04:57:19 +00:00
|
|
|
BuildRequires: %{python_module pyperclip >= 1.9.0}
|
2021-01-28 11:27:21 +00:00
|
|
|
BuildRequires: %{python_module pytest >= 6.1.0}
|
2022-03-22 18:34:09 +00:00
|
|
|
BuildRequires: %{python_module pytest-asyncio >= 0.17.0}
|
2020-06-17 10:49:07 +00:00
|
|
|
BuildRequires: %{python_module requests >= 2.9.1}
|
|
|
|
|
BuildRequires: %{python_module ruamel.yaml >= 0.16}
|
|
|
|
|
BuildRequires: %{python_module setuptools}
|
2021-01-28 11:27:21 +00:00
|
|
|
BuildRequires: %{python_module sortedcontainers >= 2.3}
|
- Update to 11.1.2:
* CVE-2025-23217: mitmweb's API now requires an authentication token by
default. The mitmweb API is bound to localhost only, but @gronke found
that an attacker can circumvent that restriction by tunneling requests
through the proxy server itself in an SSRF-style attack.
(fa89055, @mhils) (bsc#1236890)
* Add (optional) password protection for mitmweb. The web_password option
replaces the randomly-generated token authentication with a fixed secret
that survives mitmproxy restarts. (0bd573a, @mhils)
* mitmweb can now be hosted under arbitrary domains, the previously-used
DNS rebind protection is not required anymore. (62693af, @mhils)
* Security Hardening: mitmweb's xsrf_token cookie is now HttpOnly;
SameSite=Strict. (#7491, @mhils)
* Fix console freezing due to DNS queries with an empty question
section. (#7497, @sujaldev)
* Fixed a bug that caused mitmproxy to crash when loading prior knowledge
h2 flows. (#7514, @sujaldev)
* Fix a bug where mitmproxy would get stuck in secure web proxy mode when
using ignore_hosts or allow_hosts. (#7519, @mhils)
* Copy request/response data to the clipboard in mitmweb (#7352, @lups2000)
* Fix a bug where exporting a curl or httpie command with escaped
characters would lead to different data being sent.
(#7520, @proteusvacuum)
* Local Capture Mode is now available on Linux as well. (#7440, @mhils)
* mitmproxy now requires Python 3.12 or above. (#7440, @mhils)
* Add cache-busting for mitmweb's front end code. (#7386, @mhils)
* Clicking the URL in mitmweb now places the cursor at the current
position instead of selecting the entire URL. (#7385, @lups2000)
* Add missing status codes (#7455, @jwadolowski)
* All filter expressions are now case-insensitive by default. Users can
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-mitmproxy?expand=0&rev=24
2025-02-10 04:57:19 +00:00
|
|
|
BuildRequires: %{python_module tornado >= 6.4}
|
|
|
|
|
BuildRequires: %{python_module urwid >= 2.6.14}
|
2024-02-29 08:59:25 +00:00
|
|
|
BuildRequires: %{python_module wheel}
|
2021-01-28 11:27:21 +00:00
|
|
|
BuildRequires: %{python_module wsproto >= 1.0}
|
- Update to 11.1.2:
* CVE-2025-23217: mitmweb's API now requires an authentication token by
default. The mitmweb API is bound to localhost only, but @gronke found
that an attacker can circumvent that restriction by tunneling requests
through the proxy server itself in an SSRF-style attack.
(fa89055, @mhils) (bsc#1236890)
* Add (optional) password protection for mitmweb. The web_password option
replaces the randomly-generated token authentication with a fixed secret
that survives mitmproxy restarts. (0bd573a, @mhils)
* mitmweb can now be hosted under arbitrary domains, the previously-used
DNS rebind protection is not required anymore. (62693af, @mhils)
* Security Hardening: mitmweb's xsrf_token cookie is now HttpOnly;
SameSite=Strict. (#7491, @mhils)
* Fix console freezing due to DNS queries with an empty question
section. (#7497, @sujaldev)
* Fixed a bug that caused mitmproxy to crash when loading prior knowledge
h2 flows. (#7514, @sujaldev)
* Fix a bug where mitmproxy would get stuck in secure web proxy mode when
using ignore_hosts or allow_hosts. (#7519, @mhils)
* Copy request/response data to the clipboard in mitmweb (#7352, @lups2000)
* Fix a bug where exporting a curl or httpie command with escaped
characters would lead to different data being sent.
(#7520, @proteusvacuum)
* Local Capture Mode is now available on Linux as well. (#7440, @mhils)
* mitmproxy now requires Python 3.12 or above. (#7440, @mhils)
* Add cache-busting for mitmweb's front end code. (#7386, @mhils)
* Clicking the URL in mitmweb now places the cursor at the current
position instead of selecting the entire URL. (#7385, @lups2000)
* Add missing status codes (#7455, @jwadolowski)
* All filter expressions are now case-insensitive by default. Users can
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-mitmproxy?expand=0&rev=24
2025-02-10 04:57:19 +00:00
|
|
|
BuildRequires: %{python_module zstandard >= 0.15}
|
2020-06-17 10:49:07 +00:00
|
|
|
BuildRequires: fdupes
|
|
|
|
|
BuildRequires: python-rpm-macros
|
|
|
|
|
Requires: python-Brotli >= 1.0
|
- Update to 11.1.2:
* CVE-2025-23217: mitmweb's API now requires an authentication token by
default. The mitmweb API is bound to localhost only, but @gronke found
that an attacker can circumvent that restriction by tunneling requests
through the proxy server itself in an SSRF-style attack.
(fa89055, @mhils) (bsc#1236890)
* Add (optional) password protection for mitmweb. The web_password option
replaces the randomly-generated token authentication with a fixed secret
that survives mitmproxy restarts. (0bd573a, @mhils)
* mitmweb can now be hosted under arbitrary domains, the previously-used
DNS rebind protection is not required anymore. (62693af, @mhils)
* Security Hardening: mitmweb's xsrf_token cookie is now HttpOnly;
SameSite=Strict. (#7491, @mhils)
* Fix console freezing due to DNS queries with an empty question
section. (#7497, @sujaldev)
* Fixed a bug that caused mitmproxy to crash when loading prior knowledge
h2 flows. (#7514, @sujaldev)
* Fix a bug where mitmproxy would get stuck in secure web proxy mode when
using ignore_hosts or allow_hosts. (#7519, @mhils)
* Copy request/response data to the clipboard in mitmweb (#7352, @lups2000)
* Fix a bug where exporting a curl or httpie command with escaped
characters would lead to different data being sent.
(#7520, @proteusvacuum)
* Local Capture Mode is now available on Linux as well. (#7440, @mhils)
* mitmproxy now requires Python 3.12 or above. (#7440, @mhils)
* Add cache-busting for mitmweb's front end code. (#7386, @mhils)
* Clicking the URL in mitmweb now places the cursor at the current
position instead of selecting the entire URL. (#7385, @lups2000)
* Add missing status codes (#7455, @jwadolowski)
* All filter expressions are now case-insensitive by default. Users can
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-mitmproxy?expand=0&rev=24
2025-02-10 04:57:19 +00:00
|
|
|
Requires: python-Flask >= 3.0
|
|
|
|
|
Requires: python-aioquic >= 1.1.0
|
|
|
|
|
Requires: python-argon2-cffi >= 23.1.0
|
2021-01-28 11:27:21 +00:00
|
|
|
Requires: python-asgiref >= 3.2.10
|
2020-06-17 10:49:07 +00:00
|
|
|
Requires: python-certifi >= 2019.9.11
|
- Update to 11.1.2:
* CVE-2025-23217: mitmweb's API now requires an authentication token by
default. The mitmweb API is bound to localhost only, but @gronke found
that an attacker can circumvent that restriction by tunneling requests
through the proxy server itself in an SSRF-style attack.
(fa89055, @mhils) (bsc#1236890)
* Add (optional) password protection for mitmweb. The web_password option
replaces the randomly-generated token authentication with a fixed secret
that survives mitmproxy restarts. (0bd573a, @mhils)
* mitmweb can now be hosted under arbitrary domains, the previously-used
DNS rebind protection is not required anymore. (62693af, @mhils)
* Security Hardening: mitmweb's xsrf_token cookie is now HttpOnly;
SameSite=Strict. (#7491, @mhils)
* Fix console freezing due to DNS queries with an empty question
section. (#7497, @sujaldev)
* Fixed a bug that caused mitmproxy to crash when loading prior knowledge
h2 flows. (#7514, @sujaldev)
* Fix a bug where mitmproxy would get stuck in secure web proxy mode when
using ignore_hosts or allow_hosts. (#7519, @mhils)
* Copy request/response data to the clipboard in mitmweb (#7352, @lups2000)
* Fix a bug where exporting a curl or httpie command with escaped
characters would lead to different data being sent.
(#7520, @proteusvacuum)
* Local Capture Mode is now available on Linux as well. (#7440, @mhils)
* mitmproxy now requires Python 3.12 or above. (#7440, @mhils)
* Add cache-busting for mitmweb's front end code. (#7386, @mhils)
* Clicking the URL in mitmweb now places the cursor at the current
position instead of selecting the entire URL. (#7385, @lups2000)
* Add missing status codes (#7455, @jwadolowski)
* All filter expressions are now case-insensitive by default. Users can
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-mitmproxy?expand=0&rev=24
2025-02-10 04:57:19 +00:00
|
|
|
Requires: python-cryptography >= 42.0
|
- Remove fix-big-integer.patch
- Update to version 9.0.1:
- The precompiled binaries now ship with OpenSSL 3.0.7, which resolves
CVE-2022-3602 and CVE-2022-3786.
- Performance and stability improvements for WireGuard mode. (#5694, @mhils,
@decathorpe)
- Fix a bug where the standalone Linux binaries would require libffi to be
installed. (#5699, @mhils)
- Hard exit when mitmproxy cannot write logs, fixes endless loop when parent
process exits. (#4669, @Prinzhorn)
- Fix a permission error affecting the Docker images. (#5700, @mhils)
- 9.0.0
# Major Features
- Add Raw UDP support. (#5414, @meitinger)
- Add WireGuard mode to enable transparent proxying via WireGuard. (#5562,
@decathorpe, @mhils)
- Add DTLS support. (#5397, @kckeiks).
- Add a quick help bar to mitmproxy. (#5381, #5652, @kckeiks, @mhils).
# Deprecations
- Deprecate add_log event hook. Users should use the builtin logging module
instead. See the docs for details and upgrade instructions. (#5590, @mhils)
- Deprecate mitmproxy.ctx.log in favor of Python's builtin logging module.
See the docs for details and upgrade instructions. (#5590, @mhils)
# Breaking Changes
- The mode option is now a list of server specs instead of a single spec. The
CLI interface is unaffected, but users may need to update their
config.yaml. (#5393, @mhils)
# Full Changelog
- Mitmproxy binaries now ship with Python 3.11. (#5678, @mhils)
- One mitmproxy instance can now spawn multiple proxy servers. (#5393,
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-mitmproxy?expand=0&rev=14
2022-12-15 17:21:57 +00:00
|
|
|
Requires: python-h11 >= 0.11
|
2022-03-22 18:34:09 +00:00
|
|
|
Requires: python-h2 >= 4.1
|
2021-01-28 11:27:21 +00:00
|
|
|
Requires: python-hyperframe >= 6.0
|
- Remove fix-big-integer.patch
- Update to version 9.0.1:
- The precompiled binaries now ship with OpenSSL 3.0.7, which resolves
CVE-2022-3602 and CVE-2022-3786.
- Performance and stability improvements for WireGuard mode. (#5694, @mhils,
@decathorpe)
- Fix a bug where the standalone Linux binaries would require libffi to be
installed. (#5699, @mhils)
- Hard exit when mitmproxy cannot write logs, fixes endless loop when parent
process exits. (#4669, @Prinzhorn)
- Fix a permission error affecting the Docker images. (#5700, @mhils)
- 9.0.0
# Major Features
- Add Raw UDP support. (#5414, @meitinger)
- Add WireGuard mode to enable transparent proxying via WireGuard. (#5562,
@decathorpe, @mhils)
- Add DTLS support. (#5397, @kckeiks).
- Add a quick help bar to mitmproxy. (#5381, #5652, @kckeiks, @mhils).
# Deprecations
- Deprecate add_log event hook. Users should use the builtin logging module
instead. See the docs for details and upgrade instructions. (#5590, @mhils)
- Deprecate mitmproxy.ctx.log in favor of Python's builtin logging module.
See the docs for details and upgrade instructions. (#5590, @mhils)
# Breaking Changes
- The mode option is now a list of server specs instead of a single spec. The
CLI interface is unaffected, but users may need to update their
config.yaml. (#5393, @mhils)
# Full Changelog
- Mitmproxy binaries now ship with Python 3.11. (#5678, @mhils)
- One mitmproxy instance can now spawn multiple proxy servers. (#5393,
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-mitmproxy?expand=0&rev=14
2022-12-15 17:21:57 +00:00
|
|
|
Requires: python-kaitaistruct >= 0.10
|
2021-01-28 11:27:21 +00:00
|
|
|
Requires: python-ldap3 >= 2.8
|
- Update to 11.1.2:
* CVE-2025-23217: mitmweb's API now requires an authentication token by
default. The mitmweb API is bound to localhost only, but @gronke found
that an attacker can circumvent that restriction by tunneling requests
through the proxy server itself in an SSRF-style attack.
(fa89055, @mhils) (bsc#1236890)
* Add (optional) password protection for mitmweb. The web_password option
replaces the randomly-generated token authentication with a fixed secret
that survives mitmproxy restarts. (0bd573a, @mhils)
* mitmweb can now be hosted under arbitrary domains, the previously-used
DNS rebind protection is not required anymore. (62693af, @mhils)
* Security Hardening: mitmweb's xsrf_token cookie is now HttpOnly;
SameSite=Strict. (#7491, @mhils)
* Fix console freezing due to DNS queries with an empty question
section. (#7497, @sujaldev)
* Fixed a bug that caused mitmproxy to crash when loading prior knowledge
h2 flows. (#7514, @sujaldev)
* Fix a bug where mitmproxy would get stuck in secure web proxy mode when
using ignore_hosts or allow_hosts. (#7519, @mhils)
* Copy request/response data to the clipboard in mitmweb (#7352, @lups2000)
* Fix a bug where exporting a curl or httpie command with escaped
characters would lead to different data being sent.
(#7520, @proteusvacuum)
* Local Capture Mode is now available on Linux as well. (#7440, @mhils)
* mitmproxy now requires Python 3.12 or above. (#7440, @mhils)
* Add cache-busting for mitmweb's front end code. (#7386, @mhils)
* Clicking the URL in mitmweb now places the cursor at the current
position instead of selecting the entire URL. (#7385, @lups2000)
* Add missing status codes (#7455, @jwadolowski)
* All filter expressions are now case-insensitive by default. Users can
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-mitmproxy?expand=0&rev=24
2025-02-10 04:57:19 +00:00
|
|
|
Requires: python-mitmproxy-rs >= 0.11
|
2021-01-28 11:27:21 +00:00
|
|
|
Requires: python-msgpack >= 1.0.0
|
|
|
|
|
Requires: python-passlib >= 1.6.5
|
2020-06-17 10:49:07 +00:00
|
|
|
Requires: python-publicsuffix2 >= 2.20190812
|
- Remove fix-big-integer.patch
- Update to version 9.0.1:
- The precompiled binaries now ship with OpenSSL 3.0.7, which resolves
CVE-2022-3602 and CVE-2022-3786.
- Performance and stability improvements for WireGuard mode. (#5694, @mhils,
@decathorpe)
- Fix a bug where the standalone Linux binaries would require libffi to be
installed. (#5699, @mhils)
- Hard exit when mitmproxy cannot write logs, fixes endless loop when parent
process exits. (#4669, @Prinzhorn)
- Fix a permission error affecting the Docker images. (#5700, @mhils)
- 9.0.0
# Major Features
- Add Raw UDP support. (#5414, @meitinger)
- Add WireGuard mode to enable transparent proxying via WireGuard. (#5562,
@decathorpe, @mhils)
- Add DTLS support. (#5397, @kckeiks).
- Add a quick help bar to mitmproxy. (#5381, #5652, @kckeiks, @mhils).
# Deprecations
- Deprecate add_log event hook. Users should use the builtin logging module
instead. See the docs for details and upgrade instructions. (#5590, @mhils)
- Deprecate mitmproxy.ctx.log in favor of Python's builtin logging module.
See the docs for details and upgrade instructions. (#5590, @mhils)
# Breaking Changes
- The mode option is now a list of server specs instead of a single spec. The
CLI interface is unaffected, but users may need to update their
config.yaml. (#5393, @mhils)
# Full Changelog
- Mitmproxy binaries now ship with Python 3.11. (#5678, @mhils)
- One mitmproxy instance can now spawn multiple proxy servers. (#5393,
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-mitmproxy?expand=0&rev=14
2022-12-15 17:21:57 +00:00
|
|
|
Requires: python-pyOpenSSL >= 22.1
|
2020-06-17 10:49:07 +00:00
|
|
|
Requires: python-pyparsing >= 2.4.2
|
- Update to 11.1.2:
* CVE-2025-23217: mitmweb's API now requires an authentication token by
default. The mitmweb API is bound to localhost only, but @gronke found
that an attacker can circumvent that restriction by tunneling requests
through the proxy server itself in an SSRF-style attack.
(fa89055, @mhils) (bsc#1236890)
* Add (optional) password protection for mitmweb. The web_password option
replaces the randomly-generated token authentication with a fixed secret
that survives mitmproxy restarts. (0bd573a, @mhils)
* mitmweb can now be hosted under arbitrary domains, the previously-used
DNS rebind protection is not required anymore. (62693af, @mhils)
* Security Hardening: mitmweb's xsrf_token cookie is now HttpOnly;
SameSite=Strict. (#7491, @mhils)
* Fix console freezing due to DNS queries with an empty question
section. (#7497, @sujaldev)
* Fixed a bug that caused mitmproxy to crash when loading prior knowledge
h2 flows. (#7514, @sujaldev)
* Fix a bug where mitmproxy would get stuck in secure web proxy mode when
using ignore_hosts or allow_hosts. (#7519, @mhils)
* Copy request/response data to the clipboard in mitmweb (#7352, @lups2000)
* Fix a bug where exporting a curl or httpie command with escaped
characters would lead to different data being sent.
(#7520, @proteusvacuum)
* Local Capture Mode is now available on Linux as well. (#7440, @mhils)
* mitmproxy now requires Python 3.12 or above. (#7440, @mhils)
* Add cache-busting for mitmweb's front end code. (#7386, @mhils)
* Clicking the URL in mitmweb now places the cursor at the current
position instead of selecting the entire URL. (#7385, @lups2000)
* Add missing status codes (#7455, @jwadolowski)
* All filter expressions are now case-insensitive by default. Users can
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-mitmproxy?expand=0&rev=24
2025-02-10 04:57:19 +00:00
|
|
|
Requires: python-pyperclip >= 1.9.0
|
2020-06-17 10:49:07 +00:00
|
|
|
Requires: python-ruamel.yaml >= 0.16
|
2021-01-28 11:27:21 +00:00
|
|
|
Requires: python-sortedcontainers >= 2.3
|
- Update to 11.1.2:
* CVE-2025-23217: mitmweb's API now requires an authentication token by
default. The mitmweb API is bound to localhost only, but @gronke found
that an attacker can circumvent that restriction by tunneling requests
through the proxy server itself in an SSRF-style attack.
(fa89055, @mhils) (bsc#1236890)
* Add (optional) password protection for mitmweb. The web_password option
replaces the randomly-generated token authentication with a fixed secret
that survives mitmproxy restarts. (0bd573a, @mhils)
* mitmweb can now be hosted under arbitrary domains, the previously-used
DNS rebind protection is not required anymore. (62693af, @mhils)
* Security Hardening: mitmweb's xsrf_token cookie is now HttpOnly;
SameSite=Strict. (#7491, @mhils)
* Fix console freezing due to DNS queries with an empty question
section. (#7497, @sujaldev)
* Fixed a bug that caused mitmproxy to crash when loading prior knowledge
h2 flows. (#7514, @sujaldev)
* Fix a bug where mitmproxy would get stuck in secure web proxy mode when
using ignore_hosts or allow_hosts. (#7519, @mhils)
* Copy request/response data to the clipboard in mitmweb (#7352, @lups2000)
* Fix a bug where exporting a curl or httpie command with escaped
characters would lead to different data being sent.
(#7520, @proteusvacuum)
* Local Capture Mode is now available on Linux as well. (#7440, @mhils)
* mitmproxy now requires Python 3.12 or above. (#7440, @mhils)
* Add cache-busting for mitmweb's front end code. (#7386, @mhils)
* Clicking the URL in mitmweb now places the cursor at the current
position instead of selecting the entire URL. (#7385, @lups2000)
* Add missing status codes (#7455, @jwadolowski)
* All filter expressions are now case-insensitive by default. Users can
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-mitmproxy?expand=0&rev=24
2025-02-10 04:57:19 +00:00
|
|
|
Requires: python-tornado >= 6.4
|
|
|
|
|
Requires: python-urwid >= 2.6.14
|
2021-01-28 11:27:21 +00:00
|
|
|
Requires: python-wsproto >= 1.0
|
- Update to 11.1.2:
* CVE-2025-23217: mitmweb's API now requires an authentication token by
default. The mitmweb API is bound to localhost only, but @gronke found
that an attacker can circumvent that restriction by tunneling requests
through the proxy server itself in an SSRF-style attack.
(fa89055, @mhils) (bsc#1236890)
* Add (optional) password protection for mitmweb. The web_password option
replaces the randomly-generated token authentication with a fixed secret
that survives mitmproxy restarts. (0bd573a, @mhils)
* mitmweb can now be hosted under arbitrary domains, the previously-used
DNS rebind protection is not required anymore. (62693af, @mhils)
* Security Hardening: mitmweb's xsrf_token cookie is now HttpOnly;
SameSite=Strict. (#7491, @mhils)
* Fix console freezing due to DNS queries with an empty question
section. (#7497, @sujaldev)
* Fixed a bug that caused mitmproxy to crash when loading prior knowledge
h2 flows. (#7514, @sujaldev)
* Fix a bug where mitmproxy would get stuck in secure web proxy mode when
using ignore_hosts or allow_hosts. (#7519, @mhils)
* Copy request/response data to the clipboard in mitmweb (#7352, @lups2000)
* Fix a bug where exporting a curl or httpie command with escaped
characters would lead to different data being sent.
(#7520, @proteusvacuum)
* Local Capture Mode is now available on Linux as well. (#7440, @mhils)
* mitmproxy now requires Python 3.12 or above. (#7440, @mhils)
* Add cache-busting for mitmweb's front end code. (#7386, @mhils)
* Clicking the URL in mitmweb now places the cursor at the current
position instead of selecting the entire URL. (#7385, @lups2000)
* Add missing status codes (#7455, @jwadolowski)
* All filter expressions are now case-insensitive by default. Users can
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-mitmproxy?expand=0&rev=24
2025-02-10 04:57:19 +00:00
|
|
|
Requires: python-zstandard >= 0.15
|
2020-06-17 10:49:07 +00:00
|
|
|
Requires(post): update-alternatives
|
2024-01-29 21:27:48 +00:00
|
|
|
Requires(postun): update-alternatives
|
2020-06-17 10:49:07 +00:00
|
|
|
BuildArch: noarch
|
|
|
|
|
%python_subpackages
|
|
|
|
|
|
|
|
|
|
%description
|
|
|
|
|
mitmproxy is an interactive, SSL/TLS-capable intercepting proxy with a console
|
|
|
|
|
interface for HTTP/1, HTTP/2, and WebSockets.
|
|
|
|
|
|
|
|
|
|
mitmdump is the command-line version of mitmproxy. Think tcpdump for HTTP.
|
|
|
|
|
|
|
|
|
|
mitmweb is a web-based interface for mitmproxy.
|
|
|
|
|
|
|
|
|
|
%prep
|
- Update to version 8.1.1:
* Support specifying the local address for outgoing connections (#5364,
@meitinger)
* Fix a bug where an excess empty chunk has been sent for chunked HEAD
request. (#5372, @jixunmoe)
* Drop pkg_resources dependency. (#5401, @PavelICS)
* Fix huge (>65kb) http2 responses corrupted. (#5428, @dhabensky)
* Remove overambitious assertions in the HTTP state machine, fix some error
handling. (#5383, @mhils)
* Use default_factory for parser_options. (#5474, @rathann)
- mitmproxy 8.1.0
* DNS support (#5232, @meitinger)
* Mitmproxy now requires Python 3.9 or above. (#5233, @mhils)
* Fix a memory leak in mitmdump where flows were kept in memory. (#4786,
@mhils)
* Replayed flows retain their current position in the flow list. (#5227,
@mhils)
* Periodically send HTTP/2 ping frames to keep connections alive. (#5046,
@EndUser509)
* Console Performance Improvements (#3427, @BkPHcgQL3V)
* Warn users if server side event responses are received without streaming.
(#4469, @mhils)
* Add flatpak support to the browser addon (#5200, @pauloromeira)
* Add example addon to dump contents to files based on a filter expression
(#5190, @redraw)
* Fix a bug where the wrong SNI is sent to an upstream HTTPS proxy (#5109,
@mhils)
* Make sure that mitmproxy displays error messages on startup. (#5225,
@mhils)
* Add example addon for domain fronting. (#5217, @randomstuff)
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-mitmproxy?expand=0&rev=12
2022-10-07 11:04:51 +00:00
|
|
|
%autosetup -p1 -n mitmproxy-%{version}
|
2020-08-11 17:17:34 +00:00
|
|
|
rm mitmproxy/contrib/kaitaistruct/make.sh
|
2020-06-17 10:49:07 +00:00
|
|
|
|
2022-01-08 23:33:22 +00:00
|
|
|
echo "
|
|
|
|
|
# increase test deadline for slow obs executions
|
|
|
|
|
import hypothesis
|
|
|
|
|
hypothesis.settings.register_profile(
|
|
|
|
|
'obs',
|
|
|
|
|
deadline=5000,
|
|
|
|
|
suppress_health_check=[hypothesis.HealthCheck.too_slow]
|
|
|
|
|
)
|
|
|
|
|
" >> test/conftest.py
|
|
|
|
|
|
2020-06-17 10:49:07 +00:00
|
|
|
%build
|
2024-02-29 08:59:25 +00:00
|
|
|
%pyproject_wheel
|
2020-06-17 10:49:07 +00:00
|
|
|
|
|
|
|
|
%install
|
2024-02-29 08:59:25 +00:00
|
|
|
%pyproject_install
|
2020-06-17 10:49:07 +00:00
|
|
|
%python_expand %fdupes %{buildroot}%{$python_sitelib}
|
|
|
|
|
%python_clone -a %{buildroot}%{_bindir}/mitmdump
|
|
|
|
|
%python_clone -a %{buildroot}%{_bindir}/mitmproxy
|
|
|
|
|
%python_clone -a %{buildroot}%{_bindir}/mitmweb
|
|
|
|
|
|
|
|
|
|
%check
|
|
|
|
|
# test_refresh fails on i586... wrong timestamp type, maybe?
|
2020-06-17 12:43:23 +00:00
|
|
|
# test_rollback and test_output[None-expected_out0-expected_err0] just randomly fail on i586
|
2024-10-18 08:13:39 +00:00
|
|
|
# test_dns and test_name_servers require networking
|
- Update to 11.1.2:
* CVE-2025-23217: mitmweb's API now requires an authentication token by
default. The mitmweb API is bound to localhost only, but @gronke found
that an attacker can circumvent that restriction by tunneling requests
through the proxy server itself in an SSRF-style attack.
(fa89055, @mhils) (bsc#1236890)
* Add (optional) password protection for mitmweb. The web_password option
replaces the randomly-generated token authentication with a fixed secret
that survives mitmproxy restarts. (0bd573a, @mhils)
* mitmweb can now be hosted under arbitrary domains, the previously-used
DNS rebind protection is not required anymore. (62693af, @mhils)
* Security Hardening: mitmweb's xsrf_token cookie is now HttpOnly;
SameSite=Strict. (#7491, @mhils)
* Fix console freezing due to DNS queries with an empty question
section. (#7497, @sujaldev)
* Fixed a bug that caused mitmproxy to crash when loading prior knowledge
h2 flows. (#7514, @sujaldev)
* Fix a bug where mitmproxy would get stuck in secure web proxy mode when
using ignore_hosts or allow_hosts. (#7519, @mhils)
* Copy request/response data to the clipboard in mitmweb (#7352, @lups2000)
* Fix a bug where exporting a curl or httpie command with escaped
characters would lead to different data being sent.
(#7520, @proteusvacuum)
* Local Capture Mode is now available on Linux as well. (#7440, @mhils)
* mitmproxy now requires Python 3.12 or above. (#7440, @mhils)
* Add cache-busting for mitmweb's front end code. (#7386, @mhils)
* Clicking the URL in mitmweb now places the cursor at the current
position instead of selecting the entire URL. (#7385, @lups2000)
* Add missing status codes (#7455, @jwadolowski)
* All filter expressions are now case-insensitive by default. Users can
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-mitmproxy?expand=0&rev=24
2025-02-10 04:57:19 +00:00
|
|
|
# test_tun_mode requires root to create a TUN device
|
|
|
|
|
%pytest -k "not (test_refresh or test_rollback or test_output or test_name_servers or test_dns or test_tun_mode)" --hypothesis-profile="obs"
|
2020-06-17 10:49:07 +00:00
|
|
|
|
|
|
|
|
%post
|
|
|
|
|
%python_install_alternative mitmdump
|
|
|
|
|
%python_install_alternative mitmproxy
|
|
|
|
|
%python_install_alternative mitmweb
|
|
|
|
|
|
|
|
|
|
%postun
|
|
|
|
|
%python_uninstall_alternative mitmdump
|
|
|
|
|
%python_uninstall_alternative mitmproxy
|
|
|
|
|
%python_uninstall_alternative mitmweb
|
|
|
|
|
|
|
|
|
|
%files %{python_files}
|
2021-12-09 12:25:23 +00:00
|
|
|
%doc README.md CHANGELOG.md
|
2020-06-17 10:49:07 +00:00
|
|
|
%license LICENSE
|
- Remove fix-big-integer.patch
- Update to version 9.0.1:
- The precompiled binaries now ship with OpenSSL 3.0.7, which resolves
CVE-2022-3602 and CVE-2022-3786.
- Performance and stability improvements for WireGuard mode. (#5694, @mhils,
@decathorpe)
- Fix a bug where the standalone Linux binaries would require libffi to be
installed. (#5699, @mhils)
- Hard exit when mitmproxy cannot write logs, fixes endless loop when parent
process exits. (#4669, @Prinzhorn)
- Fix a permission error affecting the Docker images. (#5700, @mhils)
- 9.0.0
# Major Features
- Add Raw UDP support. (#5414, @meitinger)
- Add WireGuard mode to enable transparent proxying via WireGuard. (#5562,
@decathorpe, @mhils)
- Add DTLS support. (#5397, @kckeiks).
- Add a quick help bar to mitmproxy. (#5381, #5652, @kckeiks, @mhils).
# Deprecations
- Deprecate add_log event hook. Users should use the builtin logging module
instead. See the docs for details and upgrade instructions. (#5590, @mhils)
- Deprecate mitmproxy.ctx.log in favor of Python's builtin logging module.
See the docs for details and upgrade instructions. (#5590, @mhils)
# Breaking Changes
- The mode option is now a list of server specs instead of a single spec. The
CLI interface is unaffected, but users may need to update their
config.yaml. (#5393, @mhils)
# Full Changelog
- Mitmproxy binaries now ship with Python 3.11. (#5678, @mhils)
- One mitmproxy instance can now spawn multiple proxy servers. (#5393,
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-mitmproxy?expand=0&rev=14
2022-12-15 17:21:57 +00:00
|
|
|
%{python_sitelib}/mitmproxy
|
- Update to 11.1.2:
* CVE-2025-23217: mitmweb's API now requires an authentication token by
default. The mitmweb API is bound to localhost only, but @gronke found
that an attacker can circumvent that restriction by tunneling requests
through the proxy server itself in an SSRF-style attack.
(fa89055, @mhils) (bsc#1236890)
* Add (optional) password protection for mitmweb. The web_password option
replaces the randomly-generated token authentication with a fixed secret
that survives mitmproxy restarts. (0bd573a, @mhils)
* mitmweb can now be hosted under arbitrary domains, the previously-used
DNS rebind protection is not required anymore. (62693af, @mhils)
* Security Hardening: mitmweb's xsrf_token cookie is now HttpOnly;
SameSite=Strict. (#7491, @mhils)
* Fix console freezing due to DNS queries with an empty question
section. (#7497, @sujaldev)
* Fixed a bug that caused mitmproxy to crash when loading prior knowledge
h2 flows. (#7514, @sujaldev)
* Fix a bug where mitmproxy would get stuck in secure web proxy mode when
using ignore_hosts or allow_hosts. (#7519, @mhils)
* Copy request/response data to the clipboard in mitmweb (#7352, @lups2000)
* Fix a bug where exporting a curl or httpie command with escaped
characters would lead to different data being sent.
(#7520, @proteusvacuum)
* Local Capture Mode is now available on Linux as well. (#7440, @mhils)
* mitmproxy now requires Python 3.12 or above. (#7440, @mhils)
* Add cache-busting for mitmweb's front end code. (#7386, @mhils)
* Clicking the URL in mitmweb now places the cursor at the current
position instead of selecting the entire URL. (#7385, @lups2000)
* Add missing status codes (#7455, @jwadolowski)
* All filter expressions are now case-insensitive by default. Users can
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-mitmproxy?expand=0&rev=24
2025-02-10 04:57:19 +00:00
|
|
|
%{python_sitelib}/mitmproxy-%{version}.dist-info
|
2020-06-17 10:49:07 +00:00
|
|
|
%python_alternative %{_bindir}/mitmdump
|
|
|
|
|
%python_alternative %{_bindir}/mitmproxy
|
|
|
|
|
%python_alternative %{_bindir}/mitmweb
|
|
|
|
|
|
|
|
|
|
%changelog
|
