From b7701eb8c11dce5fdc00a3107a3eaacd80267346 Mon Sep 17 00:00:00 2001 From: Maximilian Hils Date: Wed, 17 Feb 2016 00:02:18 +0100 Subject: add combined MANIFEST.in and CHANGELOG --- CHANGELOG | 560 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 560 insertions(+) create mode 100644 CHANGELOG (limited to 'CHANGELOG') diff --git a/CHANGELOG b/CHANGELOG new file mode 100644 index 00000000..72d58d23 --- /dev/null +++ b/CHANGELOG @@ -0,0 +1,560 @@ +15 January 2016: mitmproxy 0.16 + + * Completely revised HTTP2 implementation based on hyper-h2 (Thomas Kriechbaumer) + + * Export flows as cURL command, Python code or raw HTTP (Shadab Zafar) + + * Fixed compatibility with the Android Emulator (Will Coster) + + * Script Reloader: Inline scripts are reloaded automatically if modified (Matthew Shao) + + * Inline script hooks for TCP mode (Michael J. Bazzinotti) + + * Add default ciphers to support iOS9 App Transport Security (Jorge Villacorta) + + * Basic Authentication for mitmweb (Guillem Anguera) + + * Exempt connections from interception based on TLS Server Name Indication (David Weinstein) + + * Provide Python Wheels for faster installation + + * Numerous bugfixes and minor improvements + + +4 December 2015: mitmproxy 0.15 + + * Support for loading and converting older dumpfile formats (0.13 and up) + + * Content views for inline script (@chrisczub) + + * Better handling of empty header values (Benjamin Lee/@bltb) + + * Fix a gnarly memory leak in mitmdump + + * A number of bugfixes and small improvements + + +6 November 2015: mitmproxy 0.14 + + * Statistics: 399 commits, 13 contributors, 79 closed issues, 37 closed + PRs, 103 days + + * Docs: Greatly updated docs now hosted on ReadTheDocs! + http://docs.mitmproxy.org + + * Docs: Fixed Typos, updated URLs etc. (Nick Badger, Ben Lerner, Choongwoo + Han, onlywade, Jurriaan Bremer) + + * mitmdump: Colorized TTY output + + * mitmdump: Use mitmproxy's content views for human-readable output (Chris + Czub) + + * mitmproxy and mitmdump: Support for displaying UTF8 contents + + * mitmproxy: add command line switch to disable mouse interaction (Timothy + Elliott) + + * mitmproxy: bug fixes (Choongwoo Han, sethp-jive, FreeArtMan) + + * mitmweb: bug fixes (Colin Bendell) + + * libmproxy: Add ability to fall back to TCP passthrough for non-HTTP + connections. + + * libmproxy: Avoid double-connect in case of TLS Server Name Indication. + This yields a massive speedup for TLS handshakes. + + * libmproxy: Prevent unneccessary upstream connections (macmantrl) + + * Inline Scripts: New API for HTTP Headers: + http://docs.mitmproxy.org/en/latest/dev/models.html#netlib.http.Headers + + * Inline Scripts: Properly handle exceptions in `done` hook + + * Inline Scripts: Allow relative imports, provide `__file__` + + * Examples: Add probabilistic TLS passthrough as an inline script + + * netlib: Refactored HTTP protocol handling code + + * netlib: ALPN support + + * netlib: fixed a bug in the optional certificate verification. + + * netlib: Initial Python 3.5 support (this is the first prerequisite for + 3.x support in mitmproxy) + + +24 July 2015: mitmproxy 0.13 + + * Upstream certificate validation. See the --verify-upstream-cert, + --upstream-trusted-cadir and --upstream-trusted-ca parameters. Thanks to + Kyle Morton (github.com/kyle-m) for his work on this. + + * Add HTTP transparent proxy mode. This uses the host headers from HTTP + traffic (rather than SNI and IP address information from the OS) to + implement perform transparent proxying. Thanks to github.com/ijiro123 for + this feature. + + * Add ~src and ~dst REGEX filters, allowing matching on source and + destination addresses in the form of : + + * mitmproxy console: change g/G keyboard shortcuts to match less. Thanks to + Jose Luis Honorato (github.com/jlhonora). + + * mitmproxy console: Flow marking and unmarking. Marked flows are not + deleted when the flow list is cleared. Thanks to Jake Drahos + (github.com/drahosj). + + * mitmproxy console: add marking of flows + + * Remove the certforward feature. It was added to allow exploitation of + #gotofail, which is no longer a common vulnerability. Permitting this + hugely increased the complexity of packaging and distributing mitmproxy. + + + + +3 June 2015: mitmproxy 0.12.1 + + * mitmproxy console: mouse interaction - scroll in the flow list, click on + flow to view, click to switch between tabs. + + * Update our crypto defaults: SHA256, 2048 bit RSA, 4096 bit DH parameters. + + * BUGFIX: crash under some circumstances when copying to clipboard. + + * BUGFIX: occasional crash when deleting flows. + + +18 May 2015: mitmproxy 0.12 + + * mitmproxy console: Significant revamp of the UI. The major changes are + listed below, and in addition almost every aspect of the UI has + been tweaked, and performance has improved significantly. + + * mitmproxy console: A new options screen has been created ("o" shortcut), + and many options that were previously manipulated directly via a + keybinding have been moved there. + + * mitmproxy console: Big improvement in palettes. This includes improvements + to all colour schemes. Palettes now set the terminal background colour by + default, and a new --palette-transparent option has been added to disable + this. + + * mitmproxy console: g/G shortcuts throughout mitmproxy console to jump + to the beginning/end of the current view. + + * mitmproxy console: switch palettes on the fly from the options screen. + + * mitmproxy console: A cookie editor has been added for mitmproxy console + at long last. + + * mitmproxy console: Various components of requests and responses can be + copied to the clipboard from mitmproxy - thanks to @marceloglezer. + + * Support for creating new requests from scratch in mitmproxy console (@marceloglezer). + + * SSLKEYLOGFILE environment variable to specify a logging location for TLS + master keys. This can be used with tools like Wireshark to allow TLS + decoding. + + * Server facing SSL cipher suite specification (thanks to Jim Shaver). + + * Official support for transparent proxying on FreeBSD - thanks to Mike C + (http://github.com/mike-pt). + + * Many other small bugfixes and improvemenets throughout the project. + + +29 Dec 2014: mitmproxy 0.11.2: + + * Configuration files - mitmproxy.conf, mitmdump.conf, common.conf in the + .mitmproxy directory. + * Better handling of servers that reject connections that are not SNI. + * Many other small bugfixes and improvements. + + +15 November 2014: mitmproxy 0.11.1: + + * Bug fixes: connection leaks some crashes + + +7 November 2014: mitmproxy 0.11: + + * Performance improvements for mitmproxy console + + * SOCKS5 proxy mode allows mitmproxy to act as a SOCKS5 proxy server + + * Data streaming for response bodies exceeding a threshold + (bradpeabody@gmail.com) + + * Ignore hosts or IP addresses, forwarding both HTTP and HTTPS traffic + untouched + + * Finer-grained control of traffic replay, including options to ignore + contents or parameters when matching flows (marcelo.glezer@gmail.com) + + * Pass arguments to inline scripts + + * Configurable size limit on HTTP request and response bodies + + * Per-domain specification of interception certificates and keys (see + --cert option) + + * Certificate forwarding, relaying upstream SSL certificates verbatim (see + --cert-forward) + + * Search and highlighting for HTTP request and response bodies in + mitmproxy console (pedro@worcel.com) + + * Transparent proxy support on Windows + + * Improved error messages and logging + + * Support for FreeBSD in transparent mode, using pf (zbrdge@gmail.com) + + * Content view mode for WBXML (davidshaw835@air-watch.com) + + * Better documentation, with a new section on proxy modes + + * Generic TCP proxy mode + + * Countless bugfixes and other small improvements + + +7 November 2014: pathod 0.11: + + * Hugely improved SSL support, including dynamic generation of certificates + using the mitproxy cacert + + * pathoc -S dumps information on the remote SSL certificate chain + + * Big improvements to fuzzing, including random spec selection and memoization to avoid repeating randomly generated patterns + + * Reflected patterns, allowing you to embed a pathod server response specification in a pathoc request, resolving both on client side. This makes fuzzing proxies and other intermediate systems much better. + + +28 January 2014: mitmproxy 0.10: + + * Support for multiple scripts and multiple script arguments + + * Easy certificate install through the in-proxy web app, which is now + enabled by default + + * Forward proxy mode, that forwards proxy requests to an upstream HTTP server + + * Reverse proxy now works with SSL + + * Search within a request/response using the "/" and "n" shortcut keys + + * A view that beatifies CSS files if cssutils is available + + * Bug fix, documentation improvements, and more. + + +25 August 2013: mitmproxy 0.9.2: + + * Improvements to the mitmproxywrapper.py helper script for OSX. + + * Don't take minor version into account when checking for serialized file + compatibility. + + * Fix a bug causing resource exhaustion under some circumstances for SSL + connections. + + * Revamp the way we store interception certificates. We used to store these + on disk, they're now in-memory. This fixes a race condition related to + cert handling, and improves compatibility with Windows, where the rules + governing permitted file names are weird, resulting in errors for some + valid IDNA-encoded names. + + * Display transfer rates for responses in the flow list. + + * Many other small bugfixes and improvements. + + +25 August 2013: pathod 0.9.2: + + * Adapt to interface changes in netlib + + +16 June 2013: mitmproxy 0.9.1: + + * Use "correct" case for Content-Type headers added by mitmproxy. + + * Make UTF environment detection more robust. + + * Improved MIME-type detection for viewers. + + * Always read files in binary mode (Windows compatibility fix). + + * Some developer documentation. + + +15 May 2013: mitmproxy 0.9: + + * Upstream certs mode is now the default. + + * Add a WSGI container that lets you host in-proxy web applications. + + * Full transparent proxy support for Linux and OSX. + + * Introduce netlib, a common codebase for mitmproxy and pathod + (http://github.com/cortesi/netlib). + + * Full support for SNI. + + * Color palettes for mitmproxy, tailored for light and dark terminal + backgrounds. + + * Stream flows to file as responses arrive with the "W" shortcut in + mitmproxy. + + * Extend the filter language, including ~d domain match operator, ~a to + match asset flows (js, images, css). + + * Follow mode in mitmproxy ("F" shortcut) to "tail" flows as they arrive. + + * --dummy-certs option to specify and preserve the dummy certificate + directory. + + * Server replay from the current captured buffer. + + * Huge improvements in content views. We now have viewers for AMF, HTML, + JSON, Javascript, images, XML, URL-encoded forms, as well as hexadecimal + and raw views. + + * Add Set Headers, analagous to replacement hooks. Defines headers that are set + on flows, based on a matching pattern. + + * A graphical editor for path components in mitmproxy. + + * A small set of standard user-agent strings, which can be used easily in + the header editor. + + * Proxy authentication to limit access to mitmproxy + + +15 May 2013: pathod 0.9 (version synced with mitmproxy): + + * Pathod proxy mode. You can now configure clients to use pathod as an + HTTP/S proxy. + + * Pathoc proxy support, including using CONNECT to tunnel directly to + targets. + + * Pathoc client certificate support. + + * API improvements, bugfixes. + + +16 November 2012: pathod 0.3: + + A release focusing on shoring up our fuzzing capabilities, especially with + pathoc. + + * pathoc -q and -r options, output full request and response text. + + * pathod -q and -r options, add full request and response text to pathod's + log buffer. + + * pathoc and pathod -x option, makes -q and -r options log in hex dump + format. + + * pathoc -C option, specify response codes to ignore. + + * pathoc -T option, instructs pathoc to ignore timeouts. + + * pathoc -o option, a one-shot mode that exits after the first non-ignored + response. + + * pathoc and pathod -e option, which explains the resulting message by + expanding random and generated portions, and logging a reproducible + specification. + + * Streamline the specification langauge. HTTP response message is now + specified using the "r" mnemonic. + + * Add a "u" mnemonic for specifying User-Agent strings. Add a set of + standard user-agent strings accessible through shortcuts. + + * Major internal refactoring and cleanup. + + * Many bugfixes. + + +22 August 2012: pathod 0.2: + + * Add pathoc, a pathological HTTP client. + + * Add libpathod.test, a truss for using pathod in unit tests. + + * Add an injection operator to the specification language. + + * Allow Python escape sequences in value literals. + + * Allow execution of requests and responses from file, using the new + operator. + + * Add daemonization to Pathod, and make it more robust for public-facing use. + + * Let pathod pick an arbitrary open port if -p 0 is specified. + + * Move from Tornado to netlib, the network library written for mitmproxy. + + * Move the web application to Flask. + + * Massively expand the documentation. + + +5 April 2012: mitmproxy 0.8: + + * Detailed tutorial for Android interception. Some features that land in + this release have finally made reliable Android interception possible. + + * Upstream-cert mode, which uses information from the upstream server to + generate interception certificates. + + * Replacement patterns that let you easily do global replacements in flows + matching filter patterns. Can be specified on the command-line, or edited + interactively. + + * Much more sophisticated and usable pretty printing of request bodies. + Support for auto-indentation of Javascript, inspection of image EXIF + data, and more. + + * Details view for flows, showing connection and SSL cert information (X + keyboard shortcut). + + * Server certificates are now stored and serialized in saved traffic for + later analysis. This means that the 0.8 serialization format is NOT + compatible with 0.7. + + * Many other improvements, including bugfixes, and expanded scripting API, + and more sophisticated certificate handling. + + +20 February 2012: mitmproxy 0.7: + + * New built-in key/value editor. This lets you interactively edit URL query + strings, headers and URL-encoded form data. + + * Extend script API to allow duplication and replay of flows. + + * API for easy manipulation of URL-encoded forms and query strings. + + * Add "D" shortcut in mitmproxy to duplicate a flow. + + * Reverse proxy mode. In this mode mitmproxy acts as an HTTP server, + forwarding all traffic to a specified upstream server. + + * UI improvements - use unicode characters to make GUI more compact, + improve spacing and layout throughout. + + * Add support for filtering by HTTP method. + + * Add the ability to specify an HTTP body size limit. + + * Move to typed netstrings for serialization format - this makes 0.7 + backwards-incompatible with serialized data from 0.6! + + * Significant improvements in speed and responsiveness of UI. + + * Many minor bugfixes and improvements. + + +7 August 2011: mitmproxy 0.6: + + * New scripting API that allows much more flexible and fine-grained + rewriting of traffic. See the docs for more info. + + * Support for gzip and deflate content encodings. A new "z" + keybinding in mitmproxy to let us quickly encode and decode content, plus + automatic decoding for the "pretty" view mode. + + * An event log, viewable with the "v" shortcut in mitmproxy, and the + "-e" command-line flag in mitmdump. + + * Huge performance improvements: mitmproxy interface, loading + large numbers of flows from file. + + * A new "replace" convenience method for all flow objects, that does a + universal regex-based string replacement. + + * Header management has been rewritten to maintain both case and order. + + * Improved stability for SSL interception. + + * Default expiry time on generated SSL certs has been dropped to avoid an + OpenSSL overflow bug that caused certificates to expire in the distant + past on some systems. + + * A "pretty" view mode for JSON and form submission data. + + * Expanded documentation and examples. + + * Countless other small improvements and bugfixes. + + +27 June 2011: mitmproxy 0.5: + + * An -n option to start the tools without binding to a proxy port. + + * Allow scripts, hooks, sticky cookies etc. to run on flows loaded from + save files. + + * Regularize command-line options for mitmproxy and mitmdump. + + * Add an "SSL exception" to mitmproxy's license to remove possible + distribution issues. + + * Add a --cert-wait-time option to make mitmproxy pause after a new SSL + certificate is generated. This can pave over small discrepancies in + system time between the client and server. + + * Handle viewing big request and response bodies more elegantly. Only + render the first 100k of large documents, and try to avoid running the + XML indenter on non-XML data. + + * BUGFIX: Make the "revert" keyboard shortcut in mitmproxy work after a + flow has been replayed. + + * BUGFIX: Repair a problem that sometimes caused SSL connections to consume + 100% of CPU. + + +30 March 2011: mitmproxy 0.4 + + * Full serialization of HTTP conversations + + * Client and server replay + + * On-the-fly generation of dummy SSL certificates + + * mitmdump has "grown up" into a powerful tcpdump-like tool for HTTP/S + + * Dozens of improvements to the mitmproxy console interface + + * Python scripting hooks for programmatic modification of traffic + + +1 March 2010: mitmproxy 0.2 + + * Big speed and responsiveness improvements, thanks to Thomas Roth + + * Support urwid 0.9.9 + + * Terminal beeping based on filter expressions + + * Filter expressions for terminal beeps, limits, interceptions and sticky + cookies can now be passed on the command line. + + * Save requests and responses to file + + * Split off non-interactive dump functionality into a new tool called + mitmdump + + * "A" will now accept all intercepted connections + + * Lots of bugfixes -- cgit v1.2.3