Soner Tari
0e8e2c3727
Fix e2e tests with openssl 3
9 months ago
Soner Tari
a9fec35d42
Fix possible segfault in proto smtp in split mode
...
srvdst is disabled in split mode, and srvdst.bev is null
9 months ago
Soner Tari
828c1c3c69
Fix retval of privsep_server_opensock_verify()
...
thanks to @Qbog
1 year ago
Soner Tari
e049f14cc2
Replace deprecated fail_unless() with ck_assert_msg() in unit tests
...
Fixes 1924 warnings such as:
warning: too many arguments for format [-Wformat-extra-args]
64 | fail_unless(!!buf, "no buffer returned");
1 year ago
Soner Tari
adf9a44d22
Fix possible double free of host and serv variables, thanks to @disaykin
1 year ago
Soner Tari
e2f83eaa3a
Fix possible integer overflow, thanks to @disaykin
...
The value of an arithmetic expression p[1] + (p[0] << 8) is subject to
overflow due to a failure to cast operands to a larger data type before
perfoming arithmetic
1 year ago
Soner Tari
1408e85513
Close fds only once, thanks to @disaykin
1 year ago
Soner Tari
d45e9a2f92
Fix memory leak, thanks to @disaykin
1 year ago
Soner Tari
6a92058b09
Handle ftell error, thanks to @disaykin
1 year ago
Soner Tari
3048f95485
Fix mismatched call arguments, thanks to @disaykin
1 year ago
Soner Tari
94fed777d4
Fix memory leak in case of cert key mismatch, thanks to @disaykin
1 year ago
Soner Tari
d48ba1da9a
Fix file descriptor leak, thanks to @disaykin
1 year ago
Soner Tari
fc7d57469d
Fix double free, thanks to @disaykin
...
Bug found by Svace static analyzer
1 year ago
Soner Tari
8168d32d03
Fix header-size calculation in IPv6 packet mirroring, thanks to @matoro
1 year ago
Soner Tari
0d7db139dd
Handle partial write, thanks to @disaykin
1 year ago
Soner Tari
521a1cc3a0
Handle return value of gmtime(), thanks to @disaykin
1 year ago
Soner Tari
7f201c59de
Fix double free, thanks to @disaykin
1 year ago
Soner Tari
30ed5b4200
Release v0.9.4
2 years ago
Soner Tari
bd4123375d
Update testproxy version to 0.0.5
...
The skip-test-harness option allows disabling the second test set in the
test harness: SSL config tests, which fails with the new versions of
OpenSSL.
TODO: We need more detailed tests and more detailed testproxy config
options.
2 years ago
Soner Tari
6faecf21ff
Fix unit tests with opaque x509 struct
...
X509 is opaque since LibreSSL 3.5.2, as in OpenSSL 1.1:
https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-3.5.2-relnotes.txt
2 years ago
Soner Tari
187f5c7893
Use htons() not hton()
...
Fixes build error in the commit 7fa67d0071
2 years ago
piolug93
37aa3d7ed5
Fix byte order for ports in mirror trafic
...
Convert values between host and network byte order.
2 years ago
Soner Tari
91fc80cb67
Fix warning for array subscript outside array bounds in function declaration
...
Thanks to gcc version 11.2.0
2 years ago
Soner Tari
e456f56001
Release v0.9.3
2 years ago
Soner Tari
b78a367d76
Silence warning for unused var on OpenBSD
2 years ago
Soner Tari
604fb58646
Fix macOS header selection
...
Must have been broken since the restructuring of the source tree
2 years ago
Soner Tari
c3feea53f9
Make sure natengine is not NULL before freeing
2 years ago
Soner Tari
674893cc79
Fix compiler warnings for format spec for size_t
2 years ago
Soner Tari
efc0be9991
Re-enable osx on travis
...
XNU versions fixed now
2 years ago
Soner Tari
01d0b156d6
Decouple autossl code handling underlying bufs
...
And clean up redundant child callbacks
2 years ago
Soner Tari
0124fb33c5
Update XNU headers for macOS
...
About 2 years old.
2 years ago
Soner Tari
3a215f4f3f
Use parent protoctx for autossl ctx
...
This fixes a crash.
And improve logging.
3 years ago
Soner Tari
63a48308cd
Fix autossl without STARTTLS in divert mode
...
In the previous implementation, the use case for autossl was assumed to
be STARTTLS with POP3 or SMTP. But there are users who use autossl with
HTTP too. The split mode was fine, but the divert mode was broken. This
change makes autossl a generic upgrade mechanism.
Also fix sslproxy line in autossl, change p to s if upgraded.
Add e2e tests for autossl in divert and split mode.
3 years ago
Soner Tari
45abd2e85c
Make sure srvdst.bev is not NULL in autossl
3 years ago
Soner Tari
fce838e43b
Move code handling underlying bevs to autossl
...
Non-autossl protos do not have underlying bevs, so we should not try
check them. But there are still a couple of functions left which needs
to be moved to autossl.
3 years ago
Soner Tari
571720e24c
OR not AND retval -1 with term and enomem flags
...
Similarly to what we do in pxy_listener_acceptcb_child().
3 years ago
Soner Tari
fec19b8c8b
Remove unnecessary function calls
3 years ago
Soner Tari
e43564635a
Add WUNRES and NONNULL attribs to function types with return values
...
Otherwise gcc does not issue warnings for them.
3 years ago
Soner Tari
76ea48f2d0
Remove srvdst_xferred flag
...
Setting srvdst.bev to NULL can be used as a flag to indicate that we
have reused the srvdst of the parent as the dst of the first child conn.
This also prevents access to srvdst.bev after we do the xfer, without
any extra flag.
3 years ago
Soner Tari
02a6cc12e6
Remove redundant srvdst_xferred flag in child ctx
3 years ago
Soner Tari
dc40f74c13
Update copyright year to 2022
3 years ago
Soner Tari
722c2f59d2
Disable srvdst events asap when xferring to child and in split mode
...
This is the correct implementation. And disabling later on is
problematic while terminating, and can even cause a crash.
3 years ago
Soner Tari
61e28a5c86
Fix crash in split mode if we try to access srvdst while terminating
...
Disable events and NULL callbacks of srvdst at assignment time to dst,
not at termination.
3 years ago
Soner Tari
af6b40b5bf
Fix natengine opt passed in proxyspec on command line
3 years ago
Soner Tari
2e8e677bac
Discard underlying bufs while closing, sending errors, and denying ocsp
...
Also refactor for code reuse.
Since we are closing in all such cases, performance is not important.
3 years ago
Soner Tari
7143102efa
Create callback functions for set/unset watermark
...
Watermarking for underlying bevs is for autossl only. The other
protocols should not waste time with it.
3 years ago
Soner Tari
013814317c
Fix buffer watermarking for underlying bevs
3 years ago
Soner Tari
3efac5658f
Fix build errors with OpenSSL 3.0.x, but not deprecation warnings
...
This patch fixes errors only, so that build succeeds, but deprecation
warnings remain. It seems we need considerable changes to replace those
deprecated functions in the warnings.
3 years ago
Soner Tari
3dea854173
Improve documentation
3 years ago
Soner Tari
59c28f6ad9
Fix enabling pcap and mirror logging, issue #37
...
Reported by @Leonschmitt
3 years ago