Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Certs trust support in my-resources + auto trust Burp CA #123

Merged
merged 11 commits into from
Oct 25, 2023
Merged

Certs trust support in my-resources + auto trust Burp CA #123

merged 11 commits into from
Oct 25, 2023

Conversation

Skileau
Copy link
Contributor

@Skileau Skileau commented Mar 9, 2023

Description

It is now possible to add a Burp CA in my-resources/burp for it to be trusted in Firefox.
For example, the CA of BurpSuitePro from the host (which will be then able to intercept requests from Firefox in Exegol).

By default, if no CA was added to my-resouces/burp, the CA of BurpSuiteCommunity from the new container will be trusted instead.

Note : There are duplicates commits from PR #120 because they were required to have Burp CA trust working.

@ShutdownRepo
Copy link
Member

@Dramelac the duplicate commits mean we'll need to merge this PR after #120 is merged, do you concur?

@ShutdownRepo ShutdownRepo added the enhancement New feature or request label Mar 9, 2023
@Dramelac
Copy link
Member

Dramelac commented Mar 9, 2023

The merge will make easier to read the diff.
Depending on the situation, they might be some conflict, we will see.
I will review this PR after the merge of #120.

Dramelac
Dramelac requested changes Mar 9, 2023
View reviewed changes
sources/exegol/load_supported_setups.sh Outdated Show resolved Hide resolved
sources/exegol/load_supported_setups.sh Outdated Show resolved Hide resolved
sources/burp/conf.json Outdated Show resolved Hide resolved
ShutdownRepo
ShutdownRepo requested changes Mar 10, 2023
View reviewed changes
Copy link
Member

@ShutdownRepo ShutdownRepo left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Small changes to be done.
Also I was wondering, wouldn't make more sense to have a "certificates" folder in the firefox my-resources directory where the user should place the .DER certs to trust?
I think it would be more logical, and Burp's my-resources directory would only include changes to Burp.

sources/exegol/skel/supported_setups.md Outdated Show resolved Hide resolved
sources/exegol/skel/supported_setups.md Outdated Show resolved Hide resolved
@Dramelac
Copy link
Member

Small changes to be done.
Also I was wondering, wouldn't make more sense to have a "certificates" folder in the firefox my-resources directory where the user should place the .DER certs to trust?
I think it would be more logical, and Burp's my-resources directory would only include changes to Burp.

Agreed, if the user want to add custom CA, a dedicated directory might be helpful.
And not only DER but also PAM certificat would be great.

@Skileau
Copy link
Contributor Author

Skileau commented Mar 11, 2023

Small changes to be done.
Also I was wondering, wouldn't make more sense to have a "certificates" folder in the firefox my-resources directory where the user should place the .DER certs to trust?
I think it would be more logical, and Burp's my-resources directory would only include changes to Burp.

Agreed, if the user want to add custom CA, a dedicated directory might be helpful.
And not only DER but also PAM certificat would be great.

Yes we discussed it with @ShutdownRepo and the idea is now to have Firefox/certs folder which will contain all certs the user wants to trust (including Burp CA) and my-resources/burp will contain only things about burp (maybe user's extensions, and so on).

@Skileau
Copy link
Contributor Author

Skileau commented Mar 11, 2023

I will change PR #120 by adding certs folder support and this PR (#123) will concern initialization of container's Burp Community CA if there is no Burp CA in certs folder.

@Dramelac
Copy link
Member

Any news on this @Skileau ?
Can you update your PR from the current dev branch (to remove the duplicated changes in the review)

Thank you :)

@Skileau
Copy link
Contributor Author

Skileau commented Apr 17, 2023

Done :)

@Skileau
Copy link
Contributor Author

Skileau commented Apr 17, 2023

As discussed on Exegol's Discord, we will update this implementation to trust all of the users' CA in Firefox with my-resources and not only Burp CA.

@ShutdownRepo ShutdownRepo added the waiting for additional changes Further changes are requested label Apr 28, 2023
@ShutdownRepo ShutdownRepo linked an issue Jun 9, 2023 that may be closed by this pull request
Burp pro licence support for my-resources #109
Open
@ShutdownRepo
Copy link
Member

@Skileau converting PR to draft while changes are to be conducted

@ShutdownRepo ShutdownRepo marked this pull request as draft September 25, 2023 10:23
@ShutdownRepo
Copy link
Member

Any news on your end @Skileau ?

@Skileau
Copy link
Contributor Author

Skileau commented Oct 19, 2023

Any news on this @Skileau ?

Can you update your PR from the current dev branch (to remove the duplicated changes in the review)

Thank you :)

I did not have time to work on it in last months. I should be able to update it soon.

@ShutdownRepo ShutdownRepo marked this pull request as ready for review October 23, 2023 15:30
@ShutdownRepo
Copy link
Member

We now need two things

  • PR ready for Exegol-docs
  • local build and manual testing of the PR's additions

@ShutdownRepo ShutdownRepo changed the title Added automatic trust of Burp CA in Firefox Certs trust support in my-resources + auto trust Burp CA Oct 24, 2023
@ShutdownRepo ShutdownRepo removed the waiting for additional changes Further changes are requested label Oct 24, 2023
@ShutdownRepo ShutdownRepo added the my-resources Related to my-resources label Oct 24, 2023
@ShutdownRepo ShutdownRepo mentioned this pull request Oct 24, 2023
Merged
@ShutdownRepo
Copy link
Member

ShutdownRepo commented Oct 24, 2023
edited
Loading

Docs PR ready at ThePorgs/Exegol-docs#32
We now need the manual test results

@ShutdownRepo ShutdownRepo added the manual tests required Something needs to be tested manually label Oct 24, 2023
@ShutdownRepo ShutdownRepo merged commit 4752d5b into ThePorgs:dev Oct 25, 2023
6 of 7 checks passed
@Skileau Skileau deleted the burp_dev branch October 25, 2023 12:05
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Dramelac Dramelac Dramelac requested changes

@ShutdownRepo ShutdownRepo ShutdownRepo approved these changes

Assignees
No one assigned
Labels
enhancement New feature or request manual tests required Something needs to be tested manually my-resources Related to my-resources
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Burp pro licence support for my-resources
3 participants
@Skileau @ShutdownRepo @Dramelac