diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 0a234c2e..f757dab4 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -19,6 +19,18 @@ stages: - build - deploy +test:format: + stage: test + image: python:3.8 + script: + - black --check . + tags: + - lint + except: + - tags + - rc + - demo + test:lint:3.6: stage: test image: python:3.6 @@ -45,7 +57,7 @@ test:lint:3.7: test:lint:3.8: stage: test - image: python:3.8-rc + image: python:3.8 script: - pip install tox - tox -e pep8 @@ -88,10 +100,9 @@ test:py:3.7: reports: junit: .reports/burpui.junit.xml -# This test is temporarily disabled because werkzeug doesn't run yet on 3.8 test:py:3.8: stage: test - image: python:3.8-rc + image: python:3.8 script: - pip install tox - mkdir .reports diff --git a/CHANGELOG.rst b/CHANGELOG.rst index dc7412a7..98084257 100644 --- a/CHANGELOG.rst +++ b/CHANGELOG.rst @@ -9,8 +9,8 @@ Current - **BREAKING**: the authentication backends section have been renamed with the ``:AUTH`` suffix - **BREAKING**: the ``prefix`` option has been moved from the ``[Global]`` configuration section to the ``[Production]`` one - Add: new `audit logging `_ system -- Add: new ``bui-monitor`` processes pool + ``async`` backend to parallelize some requests `#278 `_ -- Add: new `listen` and `listen_status` options in burp-2.2.10 `#279 `_ +- Add: new ``bui-monitor`` processes pool + ``async`` backend to parallelize some requests `#278 `_ +- Add: new `listen` and `listen_status` options in burp-2.2.10 `#279 `_ - Add: new `order` keyword in ACL definitions in order to decide whether `rw` should be evaluated first or not `#305 `__ - Add: new `exclude` keyword in ACL definitions in order to exclude some clients from the rules `#305 `__ - Add: new *static templates* that allow you to create *onetime* (variables) templates `#280 `_ diff --git a/burpui/static/dashboard.css b/burpui/static/dashboard.css index a9ec37b6..6f186f2c 100644 --- a/burpui/static/dashboard.css +++ b/burpui/static/dashboard.css @@ -134,7 +134,7 @@ width:100%; -webkit-background-clip: padding-box; -moz-background-clip: padding; background-clip: padding-box; - width:100%; + width:100%; } .tt-suggestion { @@ -219,7 +219,7 @@ svg text { color: #697075; } -@keyframes blink { +@keyframes blink { 0% { opacity: 1.0; } 50% { opacity: 0.0; } 100% { opacity: 1.0; } diff --git a/burpui/static/extra/i18n/datatable-es.json b/burpui/static/extra/i18n/datatable-es.json index b784b7db..b9a8c7dc 100644 --- a/burpui/static/extra/i18n/datatable-es.json +++ b/burpui/static/extra/i18n/datatable-es.json @@ -23,4 +23,4 @@ "sSortAscending": ": Activar para ordenar la columna de manera ascendente", "sSortDescending": ": Activar para ordenar la columna de manera descendente" } -} \ No newline at end of file +} diff --git a/burpui/static/extra/i18n/datatable-it.json b/burpui/static/extra/i18n/datatable-it.json index a7a07a56..f6236044 100644 --- a/burpui/static/extra/i18n/datatable-it.json +++ b/burpui/static/extra/i18n/datatable-it.json @@ -22,4 +22,4 @@ "sSortAscending": ": attiva per ordinare la colonna in ordine crescente", "sSortDescending": ": attiva per ordinare la colonna in ordine decrescente" } -} \ No newline at end of file +} diff --git a/burpui/templates/js/admin/sessions.js b/burpui/templates/js/admin/sessions.js index 91e16a93..7126a7e5 100644 --- a/burpui/templates/js/admin/sessions.js +++ b/burpui/templates/js/admin/sessions.js @@ -116,7 +116,7 @@ var _sessions_table = $('#table-sessions').DataTable( { return ''+moment(data, moment.ISO_8601).tz(TIMEZONE).subtract(3, 'seconds').fromNow()+''; } }, - { + { data: 'ua', render: function( data, type, row ) { if (type === 'filter' || type === 'sort') { diff --git a/burpui/templates/js/client-browse.js b/burpui/templates/js/client-browse.js index 0a809318..9a096a45 100644 --- a/burpui/templates/js/client-browse.js +++ b/burpui/templates/js/client-browse.js @@ -71,7 +71,7 @@ $( document ).ready(function() { path: '{{ url_for("api.client_tree", name=cname, backup=nbackup, server=server) }}', }, }, - source: function() { + source: function() { {% if edit and edit.found -%} url = '{{ url_for("api.client_tree", name=cname, backup=nbackup, server=server, root=edit.roots, recursive=True, selected=True) }}'; {% else -%} @@ -230,7 +230,7 @@ $( document ).ready(function() { $("#form-restore").on('submit', function(e) { var $preparingFileModal = $("#restore-modal"); - + $preparingFileModal.modal('toggle'); {% if config.WITH_CELERY -%} diff --git a/burpui/templates/js/client-report.js b/burpui/templates/js/client-report.js index 1e0da740..20ce89d9 100644 --- a/burpui/templates/js/client-report.js +++ b/burpui/templates/js/client-report.js @@ -102,7 +102,7 @@ var _client = function() { var html = table.node().outerHTML; if (d.footer !== undefined) html += "
" + d.footer + "
"; - return html; + return html; }); _chart_stats.bars.forceY([0]); diff --git a/burpui/templates/js/user.js b/burpui/templates/js/user.js index 39754cfc..07b530bb 100644 --- a/burpui/templates/js/user.js +++ b/burpui/templates/js/user.js @@ -285,7 +285,7 @@ var _sessions_table = $('#table-sessions').DataTable( { return ''+moment(data, moment.ISO_8601).tz(TIMEZONE).subtract(3, 'seconds').fromNow()+''; } }, - { + { data: 'ua', render: function( data, type, row ) { if (type === 'filter' || type === 'sort') { diff --git a/burpui/templates/servers.html b/burpui/templates/servers.html index 40e0f2f8..009dc42f 100644 --- a/burpui/templates/servers.html +++ b/burpui/templates/servers.html @@ -3,9 +3,9 @@ {% include "notifications.html" %}
{% include "small_topbar.html" %} -
    -
  • {{ _('Home') }}
    • -
+
    +
  • {{ _('Home') }}
    • +

{{ _('Servers') }}

diff --git a/burpui/translations/es/LC_MESSAGES/messages.po b/burpui/translations/es/LC_MESSAGES/messages.po index 243a06a2..e4d7b3c0 100644 --- a/burpui/translations/es/LC_MESSAGES/messages.po +++ b/burpui/translations/es/LC_MESSAGES/messages.po @@ -2782,4 +2782,3 @@ msgstr "" #~ " moderator o con demo " #~ " / demo . \n" #~ " " - diff --git a/burpui/translations/fr/LC_MESSAGES/messages.po b/burpui/translations/fr/LC_MESSAGES/messages.po index fe4c60bd..a65b0381 100644 --- a/burpui/translations/fr/LC_MESSAGES/messages.po +++ b/burpui/translations/fr/LC_MESSAGES/messages.po @@ -2428,4 +2428,3 @@ msgstr "Mise à jour" #~ msgid "Backends list" #~ msgstr "Liste des Backends" - diff --git a/burpui/translations/it/LC_MESSAGES/messages.po b/burpui/translations/it/LC_MESSAGES/messages.po index 44f923af..315501c3 100644 --- a/burpui/translations/it/LC_MESSAGES/messages.po +++ b/burpui/translations/it/LC_MESSAGES/messages.po @@ -2709,4 +2709,3 @@ msgstr "" #~ " / moderator sia come " #~ "demo / demo.\n" #~ " " - diff --git a/docker/components/docker-burp/assets/config/burp-server.conf b/docker/components/docker-burp/assets/config/burp-server.conf index 406e0e1c..adecae63 100644 --- a/docker/components/docker-burp/assets/config/burp-server.conf +++ b/docker/components/docker-burp/assets/config/burp-server.conf @@ -1,7 +1,7 @@ # This is an example config file for the burp server. - -mode = server - + +mode = server + # The default addresses to listen on depend upon compile time options. # They may be overridden here. # The port and address options have been removed in 2.2.10 diff --git a/docker/demo/docker-burp1/assets/config/burp/CA.cnf b/docker/demo/docker-burp1/assets/config/burp/CA.cnf index 4d65f987..b6b1a9f5 100644 --- a/docker/demo/docker-burp1/assets/config/burp/CA.cnf +++ b/docker/demo/docker-burp1/assets/config/burp/CA.cnf @@ -31,4 +31,3 @@ basicConstraints = CA:FALSE [ policy_anything ] commonName = supplied - diff --git a/docker/demo/docker-burp1/assets/config/burp/burp.conf b/docker/demo/docker-burp1/assets/config/burp/burp.conf index 88c39b2f..c6b31ad5 100644 --- a/docker/demo/docker-burp1/assets/config/burp/burp.conf +++ b/docker/demo/docker-burp1/assets/config/burp/burp.conf @@ -54,7 +54,7 @@ ssl_cert = /tmp/burp/ssl_cert-client.pem ssl_key = /tmp/burp/ssl_cert-client.key # Client SSL ciphers -#ssl_ciphers = +#ssl_ciphers = # SSL key password ssl_key_password = password @@ -105,4 +105,3 @@ exclude_comp=bz2 exclude_comp=gz #encryption_password = My^$pAsswIrD%@ - diff --git a/docker/demo/docker-burp1/assets/patch/burp-libssl1.1.patch b/docker/demo/docker-burp1/assets/patch/burp-libssl1.1.patch index d5a157d7..119aca7b 100644 --- a/docker/demo/docker-burp1/assets/patch/burp-libssl1.1.patch +++ b/docker/demo/docker-burp1/assets/patch/burp-libssl1.1.patch @@ -5,7 +5,7 @@ index 4d48597c..63cb6ebf 100644 @@ -279,18 +279,22 @@ EVP_CIPHER_CTX *enc_setup(int encrypt, const char *encryption_password) // compilation warnings on Macs. unsigned char enc_iv[]={'[', 'l', 'k', 'd', '.', '$', 'G', 0xa3, '\0'}; - + - if(!(ctx=(EVP_CIPHER_CTX *)malloc(sizeof(EVP_CIPHER_CTX)))) + if(!(ctx=(EVP_CIPHER_CTX *)EVP_CIPHER_CTX_new())) { @@ -50,5 +50,5 @@ index 4d48597c..63cb6ebf 100644 + EVP_CIPHER_CTX_free(enc_ctx); + enc_ctx=NULL; } - + if(!ret) diff --git a/docker/demo/docker-burp2/assets/config/burp/CA.cnf b/docker/demo/docker-burp2/assets/config/burp/CA.cnf index 8d3f3268..1b088f9c 100644 --- a/docker/demo/docker-burp2/assets/config/burp/CA.cnf +++ b/docker/demo/docker-burp2/assets/config/burp/CA.cnf @@ -31,4 +31,3 @@ basicConstraints = CA:FALSE [ policy_anything ] commonName = supplied - diff --git a/docker/demo/docker-burp2/assets/config/burp/burp.conf b/docker/demo/docker-burp2/assets/config/burp/burp.conf index 90c2b5b4..1492c5ce 100644 --- a/docker/demo/docker-burp2/assets/config/burp/burp.conf +++ b/docker/demo/docker-burp2/assets/config/burp/burp.conf @@ -63,7 +63,7 @@ ssl_cert = /tmp/burp2/ssl_cert-client.pem ssl_key = /tmp/burp2/ssl_cert-client.key # Client SSL ciphers -#ssl_ciphers = +#ssl_ciphers = # Client SSL compression. Default is zlib5. Set to zlib0 to turn it off. #ssl_compression = zlib5 @@ -122,4 +122,3 @@ exclude_comp=gz # When enabled, this causes problems in the phase1 scan (such as an 'include' # being missing) to be treated as fatal errors. The default is 0. #scan_problem_raises_error=1 - diff --git a/docker/demo/docker-burpui/Dockerfile b/docker/demo/docker-burpui/Dockerfile index 42c5189b..b0406183 100644 --- a/docker/demo/docker-burpui/Dockerfile +++ b/docker/demo/docker-burpui/Dockerfile @@ -1,7 +1,7 @@ FROM registry.ziirish.me/ziirish/burp-ui:demo ADD assets/config/ /app/setup/config/ -ADD assets/init /app/init +ADD assets/init /app/init RUN chmod 755 /app/init diff --git a/docker/demo/docker-burpui/assets/config/nginx/nginx.conf b/docker/demo/docker-burpui/assets/config/nginx/nginx.conf index 6c1d1037..2e60f150 100644 --- a/docker/demo/docker-burpui/assets/config/nginx/nginx.conf +++ b/docker/demo/docker-burpui/assets/config/nginx/nginx.conf @@ -3,7 +3,7 @@ pid /tmp/nginx.pid; daemon off; events { - worker_connections 1024; + worker_connections 1024; use epoll; } @@ -14,7 +14,7 @@ http { access_log off; error_log off; - + sendfile on; keepalive_timeout 15; keepalive_disable msie6; @@ -25,7 +25,7 @@ http { client_body_temp_path /tmp/client_body 1 2; proxy_temp_path /tmp/proxy 1 2; - + gzip on; gzip_comp_level 5; gzip_min_length 512; diff --git a/docker/demo/docker-burpui/assets/config/nginx/workers_header.conf b/docker/demo/docker-burpui/assets/config/nginx/workers_header.conf index 7c7a2bd7..7bb4922e 100644 --- a/docker/demo/docker-burpui/assets/config/nginx/workers_header.conf +++ b/docker/demo/docker-burpui/assets/config/nginx/workers_header.conf @@ -1,3 +1,2 @@ upstream socketio_nodes { ip_hash; - diff --git a/docker/demo/docker-cli1/assets/config/burp/demo1.conf b/docker/demo/docker-cli1/assets/config/burp/demo1.conf index ee51bae1..74e5205c 100644 --- a/docker/demo/docker-cli1/assets/config/burp/demo1.conf +++ b/docker/demo/docker-cli1/assets/config/burp/demo1.conf @@ -54,7 +54,7 @@ ssl_cert = /etc/burp/ssl_cert-demo1.pem ssl_key = /etc/burp/ssl_cert-demo1.key # Client SSL ciphers -#ssl_ciphers = +#ssl_ciphers = # SSL key password ssl_key_password = password diff --git a/docker/demo/docker-cli1/assets/config/burp/demo2.conf b/docker/demo/docker-cli1/assets/config/burp/demo2.conf index dad3205b..acdaab3a 100644 --- a/docker/demo/docker-cli1/assets/config/burp/demo2.conf +++ b/docker/demo/docker-cli1/assets/config/burp/demo2.conf @@ -54,7 +54,7 @@ ssl_cert = /etc/burp/ssl_cert-demo2.pem ssl_key = /etc/burp/ssl_cert-demo2.key # Client SSL ciphers -#ssl_ciphers = +#ssl_ciphers = # SSL key password ssl_key_password = password diff --git a/docker/demo/docker-cli2/assets/config/burp/demo3.conf b/docker/demo/docker-cli2/assets/config/burp/demo3.conf index 65b082e4..c9bc4ffa 100644 --- a/docker/demo/docker-cli2/assets/config/burp/demo3.conf +++ b/docker/demo/docker-cli2/assets/config/burp/demo3.conf @@ -63,7 +63,7 @@ ssl_cert = /etc/burp/ssl_cert-demo3.pem ssl_key = /etc/burp/ssl_cert-demo3.key # Client SSL ciphers -#ssl_ciphers = +#ssl_ciphers = # Client SSL compression. Default is zlib5. Set to zlib0 to turn it off. #ssl_compression = zlib5 diff --git a/docker/demo/docker-cli2/assets/config/burp/demo4.conf b/docker/demo/docker-cli2/assets/config/burp/demo4.conf index 3fa71f58..44e6290f 100644 --- a/docker/demo/docker-cli2/assets/config/burp/demo4.conf +++ b/docker/demo/docker-cli2/assets/config/burp/demo4.conf @@ -63,7 +63,7 @@ ssl_cert = /etc/burp/ssl_cert-demo4.pem ssl_key = /etc/burp/ssl_cert-demo4.key # Client SSL ciphers -#ssl_ciphers = +#ssl_ciphers = # Client SSL compression. Default is zlib5. Set to zlib0 to turn it off. #ssl_compression = zlib5 diff --git a/docker/docker-alpine/assets/config/burp/burp-server.conf b/docker/docker-alpine/assets/config/burp/burp-server.conf index 178ddb5f..8de993e2 100644 --- a/docker/docker-alpine/assets/config/burp/burp-server.conf +++ b/docker/docker-alpine/assets/config/burp/burp-server.conf @@ -172,4 +172,3 @@ restore_client = agent # Whether or not the server process should cache the tree when a monitor client # is browsing a backup. Advantage: speed. Disadvantage: more memory is used. monitor_browse_cache = 1 - diff --git a/docker/docker-alpine/assets/config/burp/burp.conf b/docker/docker-alpine/assets/config/burp/burp.conf index 0d7b792e..8fd461be 100644 --- a/docker/docker-alpine/assets/config/burp/burp.conf +++ b/docker/docker-alpine/assets/config/burp/burp.conf @@ -63,7 +63,7 @@ ssl_cert = /etc/burp/ssl_cert-client.pem ssl_key = /etc/burp/ssl_cert-client.key # Client SSL ciphers -#ssl_ciphers = +#ssl_ciphers = # Client SSL compression. Default is zlib5. Set to zlib0 to turn it off. #ssl_compression = zlib5 @@ -122,4 +122,3 @@ exclude_comp=gz # When enabled, this causes problems in the phase1 scan (such as an 'include' # being missing) to be treated as fatal errors. The default is 0. #scan_problem_raises_error=1 - diff --git a/docker/docker-alpine/assets/config/nginx/nginx.conf b/docker/docker-alpine/assets/config/nginx/nginx.conf index 6c1d1037..2e60f150 100644 --- a/docker/docker-alpine/assets/config/nginx/nginx.conf +++ b/docker/docker-alpine/assets/config/nginx/nginx.conf @@ -3,7 +3,7 @@ pid /tmp/nginx.pid; daemon off; events { - worker_connections 1024; + worker_connections 1024; use epoll; } @@ -14,7 +14,7 @@ http { access_log off; error_log off; - + sendfile on; keepalive_timeout 15; keepalive_disable msie6; @@ -25,7 +25,7 @@ http { client_body_temp_path /tmp/client_body 1 2; proxy_temp_path /tmp/proxy 1 2; - + gzip on; gzip_comp_level 5; gzip_min_length 512; diff --git a/docker/docker-alpine/assets/config/nginx/workers_header.conf b/docker/docker-alpine/assets/config/nginx/workers_header.conf index 7c7a2bd7..7bb4922e 100644 --- a/docker/docker-alpine/assets/config/nginx/workers_header.conf +++ b/docker/docker-alpine/assets/config/nginx/workers_header.conf @@ -1,3 +1,2 @@ upstream socketio_nodes { ip_hash; - diff --git a/docs/_themes/flask/static/flasky.css_t b/docs/_themes/flask/static/flasky.css_t index 0f44f7c8..e7d24d98 100644 --- a/docs/_themes/flask/static/flasky.css_t +++ b/docs/_themes/flask/static/flasky.css_t @@ -8,11 +8,11 @@ {% set page_width = '940px' %} {% set sidebar_width = '220px' %} - + @import url("basic.css"); - + /* -- page layout ----------------------------------------------------------- */ - + body { font-family: 'Georgia', serif; font-size: 17px; @@ -43,7 +43,7 @@ div.sphinxsidebar { hr { border: 1px solid #B1B4B6; } - + div.body { background-color: #ffffff; color: #3E4349; @@ -54,7 +54,7 @@ img.floatingflask { padding: 0 0 10px 10px; float: right; } - + div.footer { width: {{ page_width }}; margin: 20px auto 30px auto; @@ -70,7 +70,7 @@ div.footer a { div.related { display: none; } - + div.sphinxsidebar a { color: #444; text-decoration: none; @@ -80,7 +80,7 @@ div.sphinxsidebar a { div.sphinxsidebar a:hover { border-bottom: 1px solid #999; } - + div.sphinxsidebar { font-size: 14px; line-height: 1.5; @@ -95,7 +95,7 @@ div.sphinxsidebarwrapper p.logo { margin: 0; text-align: center; } - + div.sphinxsidebar h3, div.sphinxsidebar h4 { font-family: 'Garamond', 'Georgia', serif; @@ -109,7 +109,7 @@ div.sphinxsidebar h4 { div.sphinxsidebar h4 { font-size: 20px; } - + div.sphinxsidebar h3 a { color: #444; } @@ -120,7 +120,7 @@ div.sphinxsidebar p.logo a:hover, div.sphinxsidebar h3 a:hover { border: none; } - + div.sphinxsidebar p { color: #555; margin: 10px 0; @@ -131,25 +131,25 @@ div.sphinxsidebar ul { padding: 0; color: #000; } - + div.sphinxsidebar input { border: 1px solid #ccc; font-family: 'Georgia', serif; font-size: 1em; } - + /* -- body styles ----------------------------------------------------------- */ - + a { color: #004B6B; text-decoration: underline; } - + a:hover { color: #6D4100; text-decoration: underline; } - + div.body h1, div.body h2, div.body h3, @@ -169,25 +169,25 @@ div.indexwrapper h1 { height: {{ theme_index_logo_height }}; } {% endif %} - + div.body h1 { margin-top: 0; padding-top: 0; font-size: 240%; } div.body h2 { font-size: 180%; } div.body h3 { font-size: 150%; } div.body h4 { font-size: 130%; } div.body h5 { font-size: 100%; } div.body h6 { font-size: 100%; } - + a.headerlink { color: #ddd; padding: 0 4px; text-decoration: none; } - + a.headerlink:hover { color: #444; background: #eaeaea; } - + div.body p, div.body dd, div.body li { line-height: 1.4em; } @@ -234,20 +234,20 @@ div.note { background-color: #eee; border: 1px solid #ccc; } - + div.seealso { background-color: #ffc; border: 1px solid #ff6; } - + div.topic { background-color: #eee; } - + p.admonition-title { display: inline; } - + p.admonition-title:after { content: ":"; } @@ -341,7 +341,7 @@ ul, ol { margin: 10px 0 10px 30px; padding: 0; } - + pre { background: #eee; padding: 7px 30px; @@ -358,7 +358,7 @@ dl dl pre { margin-left: -90px; padding-left: 90px; } - + tt { background-color: #ecf0f3; color: #222; diff --git a/docs/_themes/flask/theme.conf b/docs/_themes/flask/theme.conf index 85fdc2e4..761cb641 100644 --- a/docs/_themes/flask/theme.conf +++ b/docs/_themes/flask/theme.conf @@ -6,4 +6,4 @@ pygments_style = flask_theme_support.FlaskyStyle [options] index_logo = 'sleepycat.png' index_logo_height = 143px -touch_icon = +touch_icon = diff --git a/docs/_themes/flask_small/static/flasky.css_t b/docs/_themes/flask_small/static/flasky.css_t index 4a2ac863..4524dd9c 100644 --- a/docs/_themes/flask_small/static/flasky.css_t +++ b/docs/_themes/flask_small/static/flasky.css_t @@ -8,11 +8,11 @@ * :license: BSD, see LICENSE for details. * */ - + @import url("basic.css"); - + /* -- page layout ----------------------------------------------------------- */ - + body { font-family: 'Georgia', serif; font-size: 17px; @@ -35,7 +35,7 @@ div.bodywrapper { hr { border: 1px solid #B1B4B6; } - + div.body { background-color: #ffffff; color: #3E4349; @@ -46,7 +46,7 @@ img.floatingflask { padding: 0 0 10px 10px; float: right; } - + div.footer { text-align: right; color: #888; @@ -55,12 +55,12 @@ div.footer { width: 650px; margin: 0 auto 40px auto; } - + div.footer a { color: #888; text-decoration: underline; } - + div.related { line-height: 32px; color: #888; @@ -69,18 +69,18 @@ div.related { div.related ul { padding: 0 0 0 10px; } - + div.related a { color: #444; } - + /* -- body styles ----------------------------------------------------------- */ - + a { color: #004B6B; text-decoration: underline; } - + a:hover { color: #6D4100; text-decoration: underline; @@ -89,7 +89,7 @@ a:hover { div.body { padding-bottom: 40px; /* saved for footer */ } - + div.body h1, div.body h2, div.body h3, @@ -109,24 +109,24 @@ div.indexwrapper h1 { height: {{ theme_index_logo_height }}; } {% endif %} - + div.body h2 { font-size: 180%; } div.body h3 { font-size: 150%; } div.body h4 { font-size: 130%; } div.body h5 { font-size: 100%; } div.body h6 { font-size: 100%; } - + a.headerlink { color: white; padding: 0 4px; text-decoration: none; } - + a.headerlink:hover { color: #444; background: #eaeaea; } - + div.body p, div.body dd, div.body li { line-height: 1.4em; } @@ -164,25 +164,25 @@ div.note { background-color: #eee; border: 1px solid #ccc; } - + div.seealso { background-color: #ffc; border: 1px solid #ff6; } - + div.topic { background-color: #eee; } - + div.warning { background-color: #ffe4e4; border: 1px solid #f66; } - + p.admonition-title { display: inline; } - + p.admonition-title:after { content: ":"; } @@ -254,7 +254,7 @@ dl { dl dd { margin-left: 30px; } - + pre { padding: 0; margin: 15px -30px; diff --git a/docs/basic_usage.rst b/docs/basic_usage.rst index 66a2d8b8..073c56d9 100644 --- a/docs/basic_usage.rst +++ b/docs/basic_usage.rst @@ -11,7 +11,7 @@ Restoration In order to make the *online* restoration/download functionality work, you need to check a few things: -1. Provide the full path of the burp (client) binary file (field *burpbin* in +1. Provide the full path of the burp (client) binary file (field *burpbin* in `burp-ui configuration `__) 2. Provide a burp-client configuration file (field *bconfcli* in `burp-ui configuration `__) diff --git a/docs/gunicorn.rst b/docs/gunicorn.rst index de763e5a..9b497403 100644 --- a/docs/gunicorn.rst +++ b/docs/gunicorn.rst @@ -166,7 +166,7 @@ You will also need to increase the number of status clients by setting echo "max_status_children = 15" >>/etc/burp/burp-server.conf -Finally, make sure you set ``bconfcli: /var/lib/burpui/burp.conf`` in your +Finally, make sure you set ``bconfcli: /var/lib/burpui/burp.conf`` in your `Burp-UI`_ configuration file (*/etc/burp/burpui.cfg*). diff --git a/docs/manage.rst b/docs/manage.rst index 7eaf04f4..5cf88d76 100644 --- a/docs/manage.rst +++ b/docs/manage.rst @@ -155,10 +155,10 @@ Examples: [*] Adding 'user2' user... [+] Success: True - bui-manage create-user -a user3 + bui-manage create-user -a user3 [*] Adding 'user3' user... - Password: - Confirm: + Password: + Confirm: [+] Success: True diff --git a/docs/websocket.rst b/docs/websocket.rst index c4e039a2..0df0047b 100644 --- a/docs/websocket.rst +++ b/docs/websocket.rst @@ -11,7 +11,7 @@ In order to use this feature, you need some extra requirements: It is highly recommended to use a `Redis`_ *Broker* for the websocket server to interact with the celery workers and other pieces of the code. -It is also advised to run one or several dedicated WebSocket servers behind a +It is also advised to run one or several dedicated WebSocket servers behind a reverse-proxy because *gunicorn* does not play well with it. The details of the configuration may be found in the `WebSocket diff --git a/migrations/README b/migrations/README index 98e4f9c4..2500aa1b 100755 --- a/migrations/README +++ b/migrations/README @@ -1 +1 @@ -Generic single-database configuration. \ No newline at end of file +Generic single-database configuration. diff --git a/pyproject.toml b/pyproject.toml new file mode 100644 index 00000000..2c57b1a7 --- /dev/null +++ b/pyproject.toml @@ -0,0 +1,8 @@ +[tool.pylint.messages_control] +disable = "C0330, C0326" + +[tool.pylint.format] +max-line-length = "88" + +[tool.black] +extend-exclude = "(docker/docker-alpine/assets/config/burp-ui/burpui_gunicorn.py|pkgs/burp-ui-tpl/setup.py)" diff --git a/requirements.txt b/requirements.txt index e5c0f6ab..bc7b3eea 100644 --- a/requirements.txt +++ b/requirements.txt @@ -1,17 +1,17 @@ -trio==0.13.0 -Flask==1.1.1 -Flask-Login==0.4.1 +trio==0.18.0 +Flask==1.1.2 +Flask-Login==0.5.0 Flask-Bower==1.3.0 -Flask-Babel==1.0.0 +Flask-Babel==2.0.0 Flask-WTF==0.14.3 -flask-restx==0.2.0 -Flask-Caching==1.8.0 -Flask-Session==0.3.1 -WTForms==2.2.1 +flask-restx==0.3.0 +Flask-Caching==1.10.1 +Flask-Session==0.3.2 +WTForms==2.3.3 arrow==0.14.2 pluginbase==1.0.0 -tzlocal==2.0.0 -pyOpenSSL==19.1.0 +tzlocal==2.1 +pyOpenSSL==20.0.1 configobj==5.0.6 -async_generator -Click==7.1.1 +async_generator==1.10 +Click==7.1.2 diff --git a/setup.py b/setup.py index 8d4db02a..c3f7d1b2 100755 --- a/setup.py +++ b/setup.py @@ -262,7 +262,7 @@ url = __url__ with open(os.path.join(ROOT, "requirements.txt")) as f: requires = [x.strip() for x in f if x.strip()] -dev_requires = ["flake8", "pylint"] +dev_requires = ["flake8", "pylint", "black"] test_requires = [ "pytest", "pytest-cov", diff --git a/tests/burp/burp.conf b/tests/burp/burp.conf index 555cf7d1..72651ed0 100644 --- a/tests/burp/burp.conf +++ b/tests/burp/burp.conf @@ -69,7 +69,7 @@ ssl_cert = /etc/burp/ssl_cert-client.pem ssl_key = /etc/burp/ssl_cert-client.key # Client SSL ciphers -#ssl_ciphers = +#ssl_ciphers = # Client SSL compression. Default is zlib5. Set to zlib0 to turn it off. #ssl_compression = zlib5 diff --git a/tests/configs/test6.cfg b/tests/configs/test6.cfg index ffcb34ac..01577371 100644 --- a/tests/configs/test6.cfg +++ b/tests/configs/test6.cfg @@ -7,8 +7,8 @@ backend = burp1 # list the misc/auth directory to see the available backends # to disable authentication you can set "auth: none" auth = basic -# acl plugin -# list misc/auth directory to see the available backends +# acl plugin +# list misc/auth directory to see the available backends # default is no ACL acl = basic diff --git a/tests/configs/test7-1.cfg b/tests/configs/test7-1.cfg index dffe7bee..4b2a3044 100644 --- a/tests/configs/test7-1.cfg +++ b/tests/configs/test7-1.cfg @@ -7,8 +7,8 @@ backend = burp1 # list the misc/auth directory to see the available backends # to disable authentication you can set "auth: none" auth = basic -# acl plugin -# list misc/auth directory to see the available backends +# acl plugin +# list misc/auth directory to see the available backends # default is no ACL acl = basic diff --git a/tests/configs/test7-2.cfg b/tests/configs/test7-2.cfg index 51d243a1..09ffad62 100644 --- a/tests/configs/test7-2.cfg +++ b/tests/configs/test7-2.cfg @@ -7,8 +7,8 @@ backend = burp1 # list the misc/auth directory to see the available backends # to disable authentication you can set "auth: none" auth = basic -# acl plugin -# list misc/auth directory to see the available backends +# acl plugin +# list misc/auth directory to see the available backends # default is no ACL acl = basic diff --git a/tests/configs/test7-3.cfg b/tests/configs/test7-3.cfg index aeced453..e9ac8896 100644 --- a/tests/configs/test7-3.cfg +++ b/tests/configs/test7-3.cfg @@ -7,8 +7,8 @@ backend = burp1 # list the misc/auth directory to see the available backends # to disable authentication you can set "auth: none" auth = handler -# acl plugin -# list misc/auth directory to see the available backends +# acl plugin +# list misc/auth directory to see the available backends # default is no ACL acl = basic diff --git a/tests/configs/test7-4.cfg b/tests/configs/test7-4.cfg index 692d0324..9ac3ff26 100644 --- a/tests/configs/test7-4.cfg +++ b/tests/configs/test7-4.cfg @@ -7,8 +7,8 @@ backend = burp1 # list the misc/auth directory to see the available backends # to disable authentication you can set "auth: none" auth = basic -# acl plugin -# list misc/auth directory to see the available backends +# acl plugin +# list misc/auth directory to see the available backends # default is no ACL acl = basic diff --git a/tests/configs/test7-5.cfg b/tests/configs/test7-5.cfg index f10eaea4..4df2fbe9 100644 --- a/tests/configs/test7-5.cfg +++ b/tests/configs/test7-5.cfg @@ -7,8 +7,8 @@ backend = burp1 # list the misc/auth directory to see the available backends # to disable authentication you can set "auth: none" auth = basic -# acl plugin -# list misc/auth directory to see the available backends +# acl plugin +# list misc/auth directory to see the available backends # default is no ACL acl = basic diff --git a/tests/configs/test8.cfg b/tests/configs/test8.cfg index 895ed4fb..f19fefd0 100644 --- a/tests/configs/test8.cfg +++ b/tests/configs/test8.cfg @@ -7,8 +7,8 @@ backend = burp1 # list the misc/auth directory to see the available backends # to disable authentication you can set "auth: none" auth = basic -# acl plugin -# list misc/auth directory to see the available backends +# acl plugin +# list misc/auth directory to see the available backends # default is no ACL acl = basic diff --git a/tox.ini b/tox.ini index b7d85528..e0de3728 100644 --- a/tox.ini +++ b/tox.ini @@ -12,6 +12,7 @@ commands = flake8 [flake8] exclude = .tox,docs,migrations,.git,docker,pkgs -ignore = E501,E722,W605,W504 +extend-ignore = E203 +max-line-length = 88 show-source = true application-import-names = burpui