Daniel Roethlisberger
00253f34db
Quote dollar signs in shell invocation
...
Reported by: Justin Garrick
10 years ago
Daniel Roethlisberger
61cd0fb541
SSLsplit 0.4.10 release
10 years ago
Daniel Roethlisberger
5ac565f5df
Note that -j impacts -S and -F
10 years ago
Daniel Roethlisberger
008821cfca
Update NEWS.md
10 years ago
Daniel Roethlisberger
ab466aafb7
Allow -u root with pf proxyspecs on OS X
10 years ago
Daniel Roethlisberger
f076336e0b
Don't allow -u on Mac OS X with pf proxyspecs
...
Apple checks EUID==0 on ioctl(/dev/pf), whereas OpenBSD and FreeBSD only
check permissions on open(/dev/pf). This means that on OS X, it is not
possible to open /dev/pf, drop privileges, and send an ioctl to the file
descriptor opened earlier with EUID==0. It also means Apple broke the
Unix way of dealing with device nodes - why are there file permissions
on /dev/pf when they later enforce EUID==0 on use, thereby breaking
basic Unix mechanisms? Work around this by disallowing -u with pf
proxyspecs and by not automatically dropping to nobody on Mac OS X.
Issue: #65
Reported by: Vladimir Marteev
10 years ago
Daniel Roethlisberger
c4b22efa5a
Fix segmentation fault for aborted connections
10 years ago
Daniel Roethlisberger
9341f25e6d
Explicitly support Yosemite 10.10.1 with XNU 2782.1.97
10 years ago
Daniel Roethlisberger
47abb0030d
Update clean target for newer clang build artefacts
10 years ago
Daniel Roethlisberger
16a1beb655
Fix version output on local procinfo availability
10 years ago
Daniel Roethlisberger
a9bd438756
Minor updates to manual page
10 years ago
Daniel Roethlisberger
12ff6e6ddf
Merge https://github.com/fix-macosx/sslsplit
...
Conflicts:
GNUmakefile
main.c
10 years ago
Daniel Roethlisberger
65f56f634d
Improve error handling on logging calls
10 years ago
Daniel Roethlisberger
98520c8091
Remove old struct definition
10 years ago
Daniel Roethlisberger
c24d32e9e5
Remove obsolete preinit code
10 years ago
Daniel Roethlisberger
25edad1b6a
Merge branch 'rewrite/logthr'
10 years ago
Daniel Roethlisberger
d1d6d295df
Fixing error-case memory leaks in uid/gid lookups
10 years ago
Daniel Roethlisberger
b5e3856a97
Move open() and mkdir() to logger thread
10 years ago
Daniel Roethlisberger
5fd1d7de9c
Rename flags for clarity
10 years ago
Daniel Roethlisberger
77942a7abb
Fix compiler warning on type conversion
10 years ago
Daniel Roethlisberger
007823b16e
Fix connect logging for corner cases
10 years ago
Daniel Roethlisberger
80af8f7d52
Fix SSL_METHOD* const mismatch on OpenSSL < 1.0.0
10 years ago
Daniel Roethlisberger
125163a003
Add local process lookup on FreeBSD using sysctl() API
10 years ago
Daniel Roethlisberger
7b8ba7310d
Fix uid/gid lookup where sysconf(_SC_GETPW_R_SIZE_MAX) fails
...
On some platforms, sysconf(_SC_GETPW_R_SIZE_MAX) compiles but never
succeeds (e.g. FreeBSD 8.4). Fix this by dynamically enlarging an
initially small buffer until it is large enough, and reuse the
determined buffer size on subsequent calls to the same function.
10 years ago
Daniel Roethlisberger
c35e40a597
Update NEWS.md for OpenSSL 0.9.8y bug workaround
10 years ago
Daniel Roethlisberger
341d6b77d1
Use SSL_get_certificate() hack for OpenSSL 0.9.8y
...
OpenSSL 0.9.8y also crashes in OpenSSL's SSL_get_certificate() on a
NULL pointer dereference. Fix by also using the direct access hack
developed for OpenSSL 1.0.0k and 1.0.1e with OpenSSL 0.9.8y.
10 years ago
Daniel Roethlisberger
e1156a3482
Make awk regexp more robust
10 years ago
Daniel Roethlisberger
352b199166
Remove spurious space in netfilter output
10 years ago
Daniel Roethlisberger
c5b8fd127f
Add version and ciphersuite to connect and debug log
10 years ago
Daniel Roethlisberger
077fb8c348
Handle other address families and abort when found
10 years ago
Daniel Roethlisberger
fcd008df4b
Unify asprintf error handling
10 years ago
Daniel Roethlisberger
ec9cc5fb23
Fix usr/grp test with Linux `id`
10 years ago
Daniel Roethlisberger
b1ec5d0e09
Improve log_content_open() error handling
10 years ago
Daniel Roethlisberger
6f2f0af0c3
Fix usr/grp formatting unit test when id fails
10 years ago
Daniel Roethlisberger
328e3320f9
Fix build for !HAVE_LOCAL_PROCINFO
10 years ago
Daniel Roethlisberger
18c3e055e3
Refactor recursive mkdir() into sys_mkpath()
10 years ago
Daniel Roethlisberger
8c71970f33
Add unit test for sys_user_str and sys_group_str
10 years ago
Daniel Roethlisberger
84dfba04f2
Update manual page
10 years ago
Daniel Roethlisberger
e022b2af26
Add local process information to connect log
10 years ago
Daniel Roethlisberger
08ca5b2891
Also print pid if lookup (partially or fully) fails
10 years ago
Daniel Roethlisberger
48e00cf947
Remove stubs that should never be used
10 years ago
Daniel Roethlisberger
96ad8f92af
Add -i and restore order
10 years ago
Daniel Roethlisberger
544b93a9ab
Add procinfo status to -V
10 years ago
Daniel Roethlisberger
6cc01ec32b
Update NEWS.md for -i
10 years ago
Daniel Roethlisberger
150650c7e9
Make local procinfo run-time optional (-i) and use src host:port
10 years ago
Daniel Roethlisberger
42497693d1
Rename define for consistency
10 years ago
Daniel Roethlisberger
0237fe34dc
Only build local process info code where supported
10 years ago
Daniel Roethlisberger
3c7fe37583
Mark params as unused if Darwin libproc unavailable
10 years ago
Daniel Roethlisberger
a906147943
Fix memory leak and handle failure of pathspec formatting
10 years ago
Daniel Roethlisberger
86f509d2ea
Skip realloc and elem access for elem_len == 0
...
Besides obvious benefits, this prevents passing NULL to strncat().
10 years ago