Merge remote-tracking branch 'origin/master' into stable

4c8a607a · Benjamin "Ziirish" SANS · 8a178930 · 579be0f8 · 4c8a607a · 4c8a607a
Commit 4c8a607a authored Dec 19, 2016 by Benjamin "Ziirish" SANS
15 changed files
--- a/CHANGELOG.rst
+++ b/CHANGELOG.rst
 Changelog
 =========

+0.4.2 (12/16/2016)
+------------------
+
+- Fix: bui-agent was broken
+- Fix: handle i18n exceptions
+- Fix: enable db migration only when needed
+- Fix: wrong escape in translation
+
 0.4.1 (12/15/2016)
 ------------------


--- a/burpui/VERSION
+++ b/burpui/VERSION
-0.4.1
+0.4.2
--- a/burpui/__main__.py
+++ b/burpui/__main__.py
@@ -21,6 +21,7 @@ sys.path.insert(0, os.path.join(ROOT, '..'))


 def parse_args(mode=True, name=None):
+    mname = name
    if not name:
        mname = 'burp-ui'
    parser = ArgumentParser(prog=mname)

--- a/burpui/cli.py
+++ b/burpui/cli.py
@@ -16,6 +16,7 @@ import subprocess

 from .app import create_app

+ROOT = os.path.dirname(os.path.realpath(__file__))
 DEBUG = os.environ.get('BUI_DEBUG') or os.environ.get('FLASK_DEBUG') or False
 if DEBUG and DEBUG.lower() in ['true', 'yes', '1']:
    DEBUG = True
@@ -46,14 +47,21 @@ try:
    from .ext.sql import db
    from flask_migrate import Migrate

-    app.config['WITH_SQL'] = True
-    create_db(app, True)
-
-    mig_dir = os.getenv('BUI_MIGRATIONS')
-    if mig_dir:
-        migrate = Migrate(app, db, mig_dir)
+    # This may have been reseted by create_app
+    if isinstance(app.database, bool):
+        app.config['WITH_SQL'] = app.database
    else:
-        migrate = Migrate(app, db)
+        app.config['WITH_SQL'] = app.database and \
+            app.database.lower() != 'none'
+
+    if app.config['WITH_SQL']:
+        create_db(app, True)
+
+        mig_dir = os.getenv('BUI_MIGRATIONS')
+        if mig_dir:
+            migrate = Migrate(app, db, mig_dir)
+        else:
+            migrate = Migrate(app, db)
 except ImportError:
    pass

@@ -61,6 +69,13 @@ except ImportError:
 @app.cli.command()
 def legacy():
    """Legacy server for backward compatibility"""
+    click.echo(
+        click.style(
+            'If you want to pass options, you should run \'python -m burpui '
+            '-m legacy [...]\' instead',
+            fg='yellow'
+        )
+    )
    app.manual_run()


@@ -138,6 +153,14 @@ def create_user(backend, password, ask, verbose, name):
 @click.argument('language')
 def init_translation(language):
    """Initialize a new translation for the given language."""
+    try:
+        import babel  # noqa
+    except ImportError:
+        click.echo(
+            click.style('Missing i18n requirements, giving up', fg='yellow')
+        )
+        return
+    os.chdir(os.path.join(ROOT, '..'))
    os.system('pybabel extract -F babel.cfg -k __ -k lazy_gettext -o messages.pot burpui')
    os.system('pybabel init -i messages.pot -d burpui/translations -l {}'.format(language))
    os.unlink('messages.pot')
@@ -146,6 +169,14 @@ def init_translation(language):
 @app.cli.command()
 def update_translation():
    """Update translation files."""
+    try:
+        import babel  # noqa
+    except ImportError:
+        click.echo(
+            click.style('Missing i18n requirements, giving up', fg='yellow')
+        )
+        return
+    os.chdir(os.path.join(ROOT, '..'))
    os.system('pybabel extract -F babel.cfg -k __ -k lazy_gettext -o messages.pot burpui')
    os.system('pybabel update -i messages.pot -d burpui/translations')
    os.unlink('messages.pot')
@@ -154,6 +185,14 @@ def update_translation():
 @app.cli.command()
 def compile_translation():
    """Compile translations."""
+    try:
+        import babel  # noqa
+    except ImportError:
+        click.echo(
+            click.style('Missing i18n requirements, giving up', fg='yellow')
+        )
+        return
+    os.chdir(os.path.join(ROOT, '..'))
    os.system('pybabel compile -f -d burpui/translations')



--- a/burpui/misc/backend/burp2.py
+++ b/burpui/misc/backend/burp2.py
@@ -862,7 +862,7 @@ class Burp(Burp1):
        # read timeout
        timeout = None
        if top == '*':
-            timeout = max(self.timeout, 120)
+            timeout = max(self.timeout, 300)

        query = self.status(
            'c:{0}:b:{1}:p:{2}\n'.format(name, backup, top),

--- a/burpui/misc/backend/multi.py
+++ b/burpui/misc/backend/multi.py
@@ -428,7 +428,7 @@ class NClient(BUIbackend):
            notimeout = True
        if data['func'] == 'get_tree' and data['args'].get('root') == '*':
            # arbitrary raise timeout
-            timeout = max(timeout, 120)
+            timeout = max(timeout, 300)
        try:
            # don't need a context manager here
            if data['func'] == 'get_file':

--- a/burpui/translations/fr/LC_MESSAGES/messages.po
+++ b/burpui/translations/fr/LC_MESSAGES/messages.po
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -4,7 +4,7 @@ redis:

 burpui:
  restart: always
-  image: registry.ziirish.me/ziirish/burp-ui:0.4.1
+  image: registry.ziirish.me/ziirish/burp-ui:0.4.2
  links:
    - redis
  ports:

--- a/docker/docker-release/assets/config/gunicorn.d/burp-ui
+++ b/docker/docker-release/assets/config/gunicorn.d/burp-ui
@@ -4,6 +4,7 @@ CONFIG = {
        '--user=burpui',
        '--group=burpui',
        '--workers=5',
+        '--preload',
        '--worker-class=gevent',
        '--access-logfile=/var/log/gunicorn/burp-ui_access.log',
        '--error-logfile=/var/log/gunicorn/burp-ui_error.log',

--- a/docker/docker-release/assets/init
+++ b/docker/docker-release/assets/init
@@ -17,8 +17,8 @@ appStart () {
  DATABASE_URL=${DATABASE_URL:-sqlite:////var/lib/burpui/store.db}

  # Create burp-ui User
-  groupadd -g $BURPUI_GID burpui
-  useradd -r -m -d /var/lib/burpui -c 'Burp-UI daemon user' -u $BURPUI_UID -g $BURPUI_GID burpui
+  getent group | grep -q burpui || groupadd -g $BURPUI_GID burpui
+  getent passwd | grep -q burpui || useradd -r -m -d /var/lib/burpui -c 'Burp-UI daemon user' -u $BURPUI_UID -g $BURPUI_GID burpui
  chown -R burpui: /var/log/gunicorn

  [ -e /etc/burp/this_is_a_decoy_file_to_know_if_we_can_chown ] && {
@@ -50,18 +50,39 @@ appStart () {
    su -l burpui -c "/usr/local/bin/bui-manage -c $BURPUI_CONFIG db upgrade"
  }

-  perl -i -pe "s#\@BURPUI_CONFIG\@#$BURPUI_CONFIG#" /etc/gunicorn.d/burp-ui
+  # You can change log verbosity at runtime
+  [ -e /etc/gunicorn.d/burp-ui.example ] || cp -a /etc/gunicorn.d/burp-ui /etc/gunicorn.d/burp-ui.example
+  perl -pe "s#\@BURPUI_CONFIG\@#$BURPUI_CONFIG#" /etc/gunicorn.d/burp-ui.example >/etc/gunicorn.d/burp-ui
  perl -i -pe "s#\@BURPUI_VERBOSE\@#$BURPUI_VERBOSE#" /etc/gunicorn.d/burp-ui

-  # pre-generate burp certs because of https://github.com/grke/burp/issues/512
-  TMPFILE=$(mktemp)
-  /usr/sbin/burp -c $BURP_CLIENT_CONFIG -a l 2>&1 >$TMPFILE
-  for file in $(grep "Could not find ssl" $TMPFILE | cut -d' ' -f8 | sed "s/:$//")
-  do
-    chgrp burpui $file
-    chmod g+rw $file
-  done
-  rm $TMPFILE
+  ssl_cert_ca=$(grep -E "^\s*ssl_cert_ca\s*=" $BURP_CLIENT_CONFIG | cut -d= -f2 | sed -e "s/\s*//g")
+  ssl_cert=$(grep -E "^\s*ssl_cert\s*=" $BURP_CLIENT_CONFIG | cut -d= -f2 | sed -e "s/\s*//g")
+  ssl_key=$(grep -E "^\s*ssl_key\s*=" $BURP_CLIENT_CONFIG | cut -d= -f2 | sed -e "s/\s*//g")
+
+  [ -z "$ssl_cert_ca" ] && {
+    echo "Unable to locate ssl_cert_ca in $BURP_CLIENT_CONFIG"
+    exit 1
+  }
+  [ -z "$ssl_cert" ] && {
+    echo "Unable to locate ssl_cert in $BURP_CLIENT_CONFIG"
+    exit 1
+  }
+  [ -z "$ssl_key" ] && {
+    echo "Unable to locate ssl_key in $BURP_CLIENT_CONFIG"
+    exit 1
+  }
+
+  [ ! -e "$ssl_cert_ca" -a ! -e "$ssl_cert" -a ! -e "$ssl_key" ] && {
+    # pre-generate burp certs because of https://github.com/grke/burp/issues/512
+    TMPFILE=$(mktemp)
+    /usr/sbin/burp -c $BURP_CLIENT_CONFIG -a l 2>&1 >$TMPFILE
+    for file in $(grep "Could not find ssl" $TMPFILE | cut -d' ' -f8 | sed "s/:$//")
+    do
+      chgrp burpui $file
+      chmod g+rw $file
+    done
+    rm $TMPFILE
+  }

  # start supervisord
  /usr/bin/supervisord -c /etc/supervisor/supervisord.conf

--- a/docs/docker.rst
+++ b/docs/docker.rst
@@ -56,7 +56,7 @@ For instance:
 ::

    groupadd -g 5337 burpui
-    useradd -r -m -d /var/lib/burpui -c 'Burp-UI daemon user' -u 5337 burpui
+    useradd -r -m -d /var/lib/burpui -c 'Burp-UI daemon user' -u 5337 -g 5337 burpui


 Usage

--- a/docs/installation.rst
+++ b/docs/installation.rst
@@ -164,7 +164,10 @@ wish to change this, you would run something like:

 ::

-    burp-ui -h 0.0.0.0 -p 8080
+    burp-ui -- -h 0.0.0.0 -p 8080
+
+
+.. note:: The ``--`` is mendatory.


 .. _Flask: http://flask.pocoo.org/

--- a/setup.py
+++ b/setup.py
@@ -213,7 +213,7 @@ setup(
    version=open(os.path.join(ROOT, 'burpui', 'VERSION')).read().rstrip(),
    description=description,
    long_description=readme(),
-    license=open(os.path.join(ROOT, 'LICENSE')).read(),
+    license=open(os.path.join(ROOT, 'LICENSE')).readline().rstrip(),
    author=author,
    author_email=author_email,
    url=url,

--- a/share/burpui/etc/buiagent.sample.cfg
+++ b/share/burpui/etc/buiagent.sample.cfg
 # Burp-UI agent configuration file
-# @version@ - 0.4.1
+# @version@ - 0.4.2
 # @release@ - stable
 [Global]
 # On which port is the application listening

--- a/share/burpui/etc/burpui.sample.cfg
+++ b/share/burpui/etc/burpui.sample.cfg
 # Burp-UI configuration file
-# @version@ - 0.4.1
+# @version@ - 0.4.2
 # @release@ - stable
 [Global]
 # burp server version 1 or 2