Commit 4c8a607a authored by Ziirish's avatar Ziirish

Merge remote-tracking branch 'origin/master' into stable

parents 8a178930 579be0f8
Changelog
=========
0.4.2 (12/16/2016)
------------------
- Fix: bui-agent was broken
- Fix: handle i18n exceptions
- Fix: enable db migration only when needed
- Fix: wrong escape in translation
0.4.1 (12/15/2016)
------------------
......
......@@ -21,6 +21,7 @@ sys.path.insert(0, os.path.join(ROOT, '..'))
def parse_args(mode=True, name=None):
mname = name
if not name:
mname = 'burp-ui'
parser = ArgumentParser(prog=mname)
......
......@@ -16,6 +16,7 @@ import subprocess
from .app import create_app
ROOT = os.path.dirname(os.path.realpath(__file__))
DEBUG = os.environ.get('BUI_DEBUG') or os.environ.get('FLASK_DEBUG') or False
if DEBUG and DEBUG.lower() in ['true', 'yes', '1']:
DEBUG = True
......@@ -46,14 +47,21 @@ try:
from .ext.sql import db
from flask_migrate import Migrate
app.config['WITH_SQL'] = True
create_db(app, True)
mig_dir = os.getenv('BUI_MIGRATIONS')
if mig_dir:
migrate = Migrate(app, db, mig_dir)
# This may have been reseted by create_app
if isinstance(app.database, bool):
app.config['WITH_SQL'] = app.database
else:
migrate = Migrate(app, db)
app.config['WITH_SQL'] = app.database and \
app.database.lower() != 'none'
if app.config['WITH_SQL']:
create_db(app, True)
mig_dir = os.getenv('BUI_MIGRATIONS')
if mig_dir:
migrate = Migrate(app, db, mig_dir)
else:
migrate = Migrate(app, db)
except ImportError:
pass
......@@ -61,6 +69,13 @@ except ImportError:
@app.cli.command()
def legacy():
"""Legacy server for backward compatibility"""
click.echo(
click.style(
'If you want to pass options, you should run \'python -m burpui '
'-m legacy [...]\' instead',
fg='yellow'
)
)
app.manual_run()
......@@ -138,6 +153,14 @@ def create_user(backend, password, ask, verbose, name):
@click.argument('language')
def init_translation(language):
"""Initialize a new translation for the given language."""
try:
import babel # noqa
except ImportError:
click.echo(
click.style('Missing i18n requirements, giving up', fg='yellow')
)
return
os.chdir(os.path.join(ROOT, '..'))
os.system('pybabel extract -F babel.cfg -k __ -k lazy_gettext -o messages.pot burpui')
os.system('pybabel init -i messages.pot -d burpui/translations -l {}'.format(language))
os.unlink('messages.pot')
......@@ -146,6 +169,14 @@ def init_translation(language):
@app.cli.command()
def update_translation():
"""Update translation files."""
try:
import babel # noqa
except ImportError:
click.echo(
click.style('Missing i18n requirements, giving up', fg='yellow')
)
return
os.chdir(os.path.join(ROOT, '..'))
os.system('pybabel extract -F babel.cfg -k __ -k lazy_gettext -o messages.pot burpui')
os.system('pybabel update -i messages.pot -d burpui/translations')
os.unlink('messages.pot')
......@@ -154,6 +185,14 @@ def update_translation():
@app.cli.command()
def compile_translation():
"""Compile translations."""
try:
import babel # noqa
except ImportError:
click.echo(
click.style('Missing i18n requirements, giving up', fg='yellow')
)
return
os.chdir(os.path.join(ROOT, '..'))
os.system('pybabel compile -f -d burpui/translations')
......
......@@ -862,7 +862,7 @@ class Burp(Burp1):
# read timeout
timeout = None
if top == '*':
timeout = max(self.timeout, 120)
timeout = max(self.timeout, 300)
query = self.status(
'c:{0}:b:{1}:p:{2}\n'.format(name, backup, top),
......
......@@ -428,7 +428,7 @@ class NClient(BUIbackend):
notimeout = True
if data['func'] == 'get_tree' and data['args'].get('root') == '*':
# arbitrary raise timeout
timeout = max(timeout, 120)
timeout = max(timeout, 300)
try:
# don't need a context manager here
if data['func'] == 'get_file':
......
......@@ -4,7 +4,7 @@ redis:
burpui:
restart: always
image: registry.ziirish.me/ziirish/burp-ui:0.4.1
image: registry.ziirish.me/ziirish/burp-ui:0.4.2
links:
- redis
ports:
......
......@@ -4,6 +4,7 @@ CONFIG = {
'--user=burpui',
'--group=burpui',
'--workers=5',
'--preload',
'--worker-class=gevent',
'--access-logfile=/var/log/gunicorn/burp-ui_access.log',
'--error-logfile=/var/log/gunicorn/burp-ui_error.log',
......
......@@ -17,8 +17,8 @@ appStart () {
DATABASE_URL=${DATABASE_URL:-sqlite:////var/lib/burpui/store.db}
# Create burp-ui User
groupadd -g $BURPUI_GID burpui
useradd -r -m -d /var/lib/burpui -c 'Burp-UI daemon user' -u $BURPUI_UID -g $BURPUI_GID burpui
getent group | grep -q burpui || groupadd -g $BURPUI_GID burpui
getent passwd | grep -q burpui || useradd -r -m -d /var/lib/burpui -c 'Burp-UI daemon user' -u $BURPUI_UID -g $BURPUI_GID burpui
chown -R burpui: /var/log/gunicorn
[ -e /etc/burp/this_is_a_decoy_file_to_know_if_we_can_chown ] && {
......@@ -50,18 +50,39 @@ appStart () {
su -l burpui -c "/usr/local/bin/bui-manage -c $BURPUI_CONFIG db upgrade"
}
perl -i -pe "s#\@BURPUI_CONFIG\@#$BURPUI_CONFIG#" /etc/gunicorn.d/burp-ui
# You can change log verbosity at runtime
[ -e /etc/gunicorn.d/burp-ui.example ] || cp -a /etc/gunicorn.d/burp-ui /etc/gunicorn.d/burp-ui.example
perl -pe "s#\@BURPUI_CONFIG\@#$BURPUI_CONFIG#" /etc/gunicorn.d/burp-ui.example >/etc/gunicorn.d/burp-ui
perl -i -pe "s#\@BURPUI_VERBOSE\@#$BURPUI_VERBOSE#" /etc/gunicorn.d/burp-ui
# pre-generate burp certs because of https://github.com/grke/burp/issues/512
TMPFILE=$(mktemp)
/usr/sbin/burp -c $BURP_CLIENT_CONFIG -a l 2>&1 >$TMPFILE
for file in $(grep "Could not find ssl" $TMPFILE | cut -d' ' -f8 | sed "s/:$//")
do
chgrp burpui $file
chmod g+rw $file
done
rm $TMPFILE
ssl_cert_ca=$(grep -E "^\s*ssl_cert_ca\s*=" $BURP_CLIENT_CONFIG | cut -d= -f2 | sed -e "s/\s*//g")
ssl_cert=$(grep -E "^\s*ssl_cert\s*=" $BURP_CLIENT_CONFIG | cut -d= -f2 | sed -e "s/\s*//g")
ssl_key=$(grep -E "^\s*ssl_key\s*=" $BURP_CLIENT_CONFIG | cut -d= -f2 | sed -e "s/\s*//g")
[ -z "$ssl_cert_ca" ] && {
echo "Unable to locate ssl_cert_ca in $BURP_CLIENT_CONFIG"
exit 1
}
[ -z "$ssl_cert" ] && {
echo "Unable to locate ssl_cert in $BURP_CLIENT_CONFIG"
exit 1
}
[ -z "$ssl_key" ] && {
echo "Unable to locate ssl_key in $BURP_CLIENT_CONFIG"
exit 1
}
[ ! -e "$ssl_cert_ca" -a ! -e "$ssl_cert" -a ! -e "$ssl_key" ] && {
# pre-generate burp certs because of https://github.com/grke/burp/issues/512
TMPFILE=$(mktemp)
/usr/sbin/burp -c $BURP_CLIENT_CONFIG -a l 2>&1 >$TMPFILE
for file in $(grep "Could not find ssl" $TMPFILE | cut -d' ' -f8 | sed "s/:$//")
do
chgrp burpui $file
chmod g+rw $file
done
rm $TMPFILE
}
# start supervisord
/usr/bin/supervisord -c /etc/supervisor/supervisord.conf
......
......@@ -56,7 +56,7 @@ For instance:
::
groupadd -g 5337 burpui
useradd -r -m -d /var/lib/burpui -c 'Burp-UI daemon user' -u 5337 burpui
useradd -r -m -d /var/lib/burpui -c 'Burp-UI daemon user' -u 5337 -g 5337 burpui
Usage
......
......@@ -164,7 +164,10 @@ wish to change this, you would run something like:
::
burp-ui -h 0.0.0.0 -p 8080
burp-ui -- -h 0.0.0.0 -p 8080
.. note:: The ``--`` is mendatory.
.. _Flask: http://flask.pocoo.org/
......
......@@ -213,7 +213,7 @@ setup(
version=open(os.path.join(ROOT, 'burpui', 'VERSION')).read().rstrip(),
description=description,
long_description=readme(),
license=open(os.path.join(ROOT, 'LICENSE')).read(),
license=open(os.path.join(ROOT, 'LICENSE')).readline().rstrip(),
author=author,
author_email=author_email,
url=url,
......
# Burp-UI agent configuration file
# @version@ - 0.4.1
# @version@ - 0.4.2
# @release@ - stable
[Global]
# On which port is the application listening
......
# Burp-UI configuration file
# @version@ - 0.4.1
# @version@ - 0.4.2
# @release@ - stable
[Global]
# burp server version 1 or 2
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment