Daniel Roethlisberger
7aca81a7b7
Improve CA cert/key config code and docs
...
Make -c and -k functional twins by also loading DH params in -c and by
fixing certificate loading in -k. Improve the documentation for both
switches and simplify the SYNOPSIS in sslsplit(1).
2012-04-22 22:59:00 +02:00
Daniel Roethlisberger
c5335afc3b
Handle empty strings correctly in Base64 routines
2012-04-22 22:30:32 +02:00
Daniel Roethlisberger
3fd9084fe1
Quickly decide on GET URIs obviously not OCSP
2012-04-22 21:55:19 +02:00
Daniel Roethlisberger
ee98c04b29
Add generic OCSP denial
2012-04-22 19:12:38 +02:00
Daniel Roethlisberger
bd86854be6
Add URL decoder
2012-04-22 18:39:15 +02:00
Daniel Roethlisberger
a224d1e7e8
Add facility to recognize OCSP requests
2012-04-22 18:02:58 +02:00
Daniel Roethlisberger
f354aecfd9
Add base64 encoder and decoder implementations
2012-04-22 17:59:49 +02:00
Daniel Roethlisberger
480dbca2bb
Remove bogus test case numbers
2012-04-22 16:47:29 +02:00
Daniel Roethlisberger
9f40fbc473
Replace empty strings with dash when logging
2012-04-22 13:36:44 +02:00
Daniel Roethlisberger
07d591fccf
Skip whitespace when parsing HTTP headers
2012-04-22 13:35:08 +02:00
Daniel Roethlisberger
f57062ccda
Add __attribute__((pure))
2012-04-22 13:25:57 +02:00
Daniel Roethlisberger
083b02d78d
Minor reformatting
2012-04-22 12:43:23 +02:00
Daniel Roethlisberger
94b5e8ba7b
Revert CDP syntax to be OpenSSL 0.9.x compatible
2012-04-18 00:05:15 +02:00
Daniel Roethlisberger
8474346ed9
Rebuild certs after config changes
2012-04-18 00:05:15 +02:00
Daniel Roethlisberger
8b520cf4de
Redirect BSD make to GNU make
2012-04-18 00:02:14 +02:00
Daniel Roethlisberger
d4be8c3e38
Refactor ssl_x509_names_to_str() for maintainability
2012-04-17 23:35:43 +02:00
Daniel Roethlisberger
04c9112621
Add OCSP URL parsing
2012-04-17 23:03:59 +02:00
Daniel Roethlisberger
c75e0569b3
Fix ssl_x509_names() DNSName segfault
2012-04-17 22:59:15 +02:00
Daniel Roethlisberger
6a93c73164
Add test server cert with OCSP and CDP extensions
2012-04-17 22:44:06 +02:00
Daniel Roethlisberger
ae306f3b0b
Fix ssl_x509_names() to NULL-terminate buffer
2012-04-17 21:55:47 +02:00
Daniel Roethlisberger
557537957f
Use FORCE target to force rebuild of version.o
2012-04-13 22:55:48 +02:00
Daniel Roethlisberger
423c1b0a32
Move volatile build-time information into separate compilation unit
2012-04-13 22:40:36 +02:00
Daniel Roethlisberger
cf0f3e66aa
Avoid using the non-portable echo -e
2012-04-13 22:22:57 +02:00
Daniel Roethlisberger
f76077c00f
Undefine IPv6 compat defs to fix nat_version()
...
For Linux netfilter, IPV6_ORIGINAL_DST and SOL_IPV6 are defined to
SO_ORIGINAL_DST and SOL_IP respectively if they are not defined by the
system headers (they aren't defined on vanilla kernels). Undefine these
compatibility definitions after use, in order not to mess up the
diagnostic output of nat_version().
2012-04-13 21:14:33 +02:00
Daniel Roethlisberger
419cb7d31f
Add targets for manual page conversion
2012-04-13 15:25:07 +02:00
Daniel Roethlisberger
4cfdef405a
Initial import of sslsplit-0.4.2
2012-04-13 14:47:30 +02:00