Soner Tari
313da5cfca
Add -A DefaultLeafCert option
...
Rename LeafCerts to LeafKey, TargetCertDir to LeafCertDir, CRL to
LeafCRLURL
2020-05-09 22:14:50 +03:00
Soner Tari
aba07a53ee
Disable conn ids unless debugging
...
We don't need parent or child ids unless debugging. IDLE and EXPIRED
conn logs do not need to report ids either. Ids are useful only in
detailed debug logs.
2020-05-08 01:11:50 +03:00
Soner Tari
5285b9e433
Fix valgrind REDIR warning about strncpy(), use memcpy() instead
...
REDIR: 0x562c100 (libc.so.6:__strncpy_ssse3) redirected to 0x4c32fb0
(strncpy)
The src strings are not NULL terminated at the correct positions.
2020-05-07 14:06:09 +03:00
Soner Tari
be80523036
Use the new inline max() function instead of MAX() macro function in sslproxy
...
Do not pass pxy_thr_print_children() or bufferevent_getfd() to MAX() or
util_max() macro functions as params, or else they are called twice.
Since MAX() macro call duplicates params, do not call it nested either,
or else we get very long macro expansions.
2020-05-07 00:10:42 +03:00
Soner Tari
e63d6dd3aa
Remove BEV_OPT_THREADSAFE in lp too
...
thrmgr and conn handling threads in lp are cleanly decoupled now.
2020-05-06 23:54:50 +03:00
Soner Tari
8a96565d99
Zero out msg buf as in sslsplit
...
ce5f409dbe
("Zero all bytes when passing file descriptors over AF_UNIX sockets",
2018-11-12)
Also, bufferevent_getfd() returns -1 if no file descriptor is associated
with the bufferevent.
2020-05-06 12:45:55 +03:00
Soner Tari
128838c70f
Fix -g flag for lp, use Mk/buildinfo.mk of sslproxy
...
This is necessary to detect the .git folder at the project root. So
remove Mk/buildinfo.mk of lp.
2020-05-06 02:08:23 +03:00
Soner Tari
3e706ea022
Fix leaks and errors reported by valgrind
...
Free vars.
Finalize sqlite3 statements.
Close sqlite3 db.
Init memory.
Do not close fd -1.
Some of these may be harmless, but we fix them anyway. Now valgrind
reports 0 "lost" memory, but some "still reachable", both for sslproxy
and lp.
2020-05-06 02:06:08 +03:00
Soner Tari
1d75bfb17f
Fix a possible sync issue between thr load and conn children list on error
...
Refactor and rename functions, struct fields, and vars
Simplify if conditions and fix/improve logs
Clean up
2020-05-05 15:42:41 +03:00
Soner Tari
14cfd3286b
Update ctime and first atime on conn handling thr, not on thrmgr
...
This offloads the thrmgr by saving a time() call.
Also remove an unnecessary NULL assignment.
2020-05-04 21:30:50 +03:00
Soner Tari
71dff82305
Terminate conn on socket connect error
...
And rename a function.
2020-05-04 21:05:35 +03:00
Soner Tari
18c882ad37
Refactor and rename assign/attach conn to thr functions
...
And fix comments.
2020-05-04 12:16:03 +03:00
Soner Tari
f069637fda
Include errno.h in pxyconn.c too to fix travis issue
2020-05-04 00:21:42 +03:00
Soner Tari
61edeeedb1
Include errno.h, revert log.h to fix travis issue
2020-05-04 00:16:12 +03:00
Soner Tari
906d961168
Fix travis issue due to errno
...
errno and EMFILE are provided by <unistd.h>, but we need log.h anyway,
which includes logger.h, and which includes <unistd.h> in turn.
2020-05-04 00:05:17 +03:00
Soner Tari
6c5165fa6e
Update lp with sslproxy changes and clean up
2020-05-03 23:28:21 +03:00
Soner Tari
05654e3bee
Avoid possible crashes caused by passing NULL pointers to str*() functions
2020-04-18 11:28:55 +03:00
Soner Tari
a1f24e26d0
Clean up
2020-04-17 22:14:19 +03:00
Soner Tari
fd3aa5a394
Update lp with sslproxy changes, fix dst events
...
Enable dst r/w events before socket connect.
Improve verbose debug logs using common header fields to better identify
connections.
Create function macros for fine* debug logs.
2020-04-17 19:36:41 +03:00
Soner Tari
554fd3bd3a
Improve code reuse, reduce code, clean up whitespace
2020-04-17 15:31:30 +03:00
Soner Tari
2b702495b0
Remove comixwall.org
2020-04-16 15:33:50 +03:00
Soner Tari
64c0078ecb
Update comments about writecb before connected
2020-04-15 22:04:18 +03:00
Soner Tari
a0d74baa43
Update copyright year to 2020
2020-04-14 18:12:16 +03:00
Soner Tari
c3c228d8ce
Remove ssl_shutdown_retry_delay and SSLShutdownRetryDelay, not used anymore
2020-04-12 16:05:16 +03:00
Soner Tari
10573a1b7c
Copy BSDmakefile to subfolders
...
So we can individually make clean them
2020-04-12 15:51:41 +03:00
Soner Tari
3af16b3228
Improve verbose debug logs using common header fields to better identify connections
...
Create function macros for fine* debug logs
Fix a few memory leaks when DEBUG_PROXY enabled
Add main.mk to MKFS list
Put a few function params within DEBUG_PROXY directives
Check retval of a snprintf() call
Fix segfault with -w/-W options if no ssl proxyspec specified, also fixed in sslsplit develop: https://github.com/droe/sslsplit/issues/271
Various clean-up
2020-04-09 21:47:09 +03:00
Soner Tari
4503203c1b
Remove MEDIUM ciphers
...
Cipher assertions become useless if we set ciphers to MEDIUM:HIGH, too
many ciphers would be possible
2020-04-05 22:22:36 +03:00
Soner Tari
c2e93dbbc0
Remove NO_TLS10 test case
...
The problem with LibreSSL 2.7.4 was not that it didn't support tls10,
but that MEDIUM and HIGH cipher definitions were different from the
openssl version of testproxy, hence tests were failing due to no shared
ciphers
2020-04-05 21:52:02 +03:00
Soner Tari
f1c2e9e881
Detect tls protos using output of sslproxy -V
...
But this is not going to work, because LibreSSL 2.7.4 says it supports
tls10, but SSL handshake fails if testproxy e2e tests for tls10 are
enabled.
2020-04-05 21:43:44 +03:00
Soner Tari
73724bd673
Fix assertions for tls10 tests, TLSv1.0 == SSLv3
2020-04-04 19:11:18 +03:00
Soner Tari
d42ba28729
Remove tls12 tests for older versions of openssl
...
Clean up
2020-04-04 19:01:35 +03:00
Soner Tari
9ac5a93823
Fix testproxy e2e tests for older versions of openssl and libressl
...
OpenSSL 0.9.8zh and 1.0.0s do not support TLSv11.
LibreSSL 2.2.7 uses other cipher names too.
LibreSSL 2.7.4 (since 2.3.0) does not support TLSv10.
2020-04-04 18:18:01 +03:00
Soner Tari
d4aca98834
Enable debug logs for testproxy
2020-04-03 00:38:28 +03:00
Soner Tari
fc1bb39de3
Fix xnu paths for osx
2020-04-03 00:33:13 +03:00
Soner Tari
519d797459
Fix osx build, no need for nat_used()
2020-04-02 23:38:09 +03:00
Soner Tari
e2fc1086cf
Try fix sudo env
2020-04-02 20:51:44 +03:00
Soner Tari
fb500d9a33
Clean up lp make file
2020-04-02 16:49:11 +03:00
Soner Tari
50c1c9477d
Try with first travis machine, remove openssl from lp, revert trials
2020-04-01 22:59:40 +03:00
Soner Tari
61f3c86eab
Fix e2e test for deny OCSP request
...
It is not certain if the server should receive the ocsp request of the
client or not, it depends on libevent and various conditions at that
moment
2020-04-01 17:40:41 +03:00
Soner Tari
8a1db3d469
Fix export
2020-04-01 01:00:13 +03:00
Soner Tari
b1edd7e049
Export LD_LIBRARY_PATH before running lp
2020-04-01 00:46:47 +03:00
Soner Tari
d1374e70bb
Set testproxy log level to 4
2020-03-31 21:33:55 +03:00
Soner Tari
454ae1d81a
Comment out non-existing users
2020-03-31 19:43:04 +03:00
Soner Tari
85dded1953
Include errno.h
2020-03-31 19:31:39 +03:00
Soner Tari
e3adfba4ba
Add errno.h
2020-03-31 19:22:22 +03:00
Soner Tari
3ebfba3044
Disable lp pkg-config for openssl
2020-03-31 18:18:07 +03:00
Soner Tari
2723171e05
Add openssl to lp, fix xnu path, clean up
2020-03-31 18:10:20 +03:00
Soner Tari
7e8fe08a98
Remove lp binary
2020-03-31 17:40:49 +03:00
Soner Tari
155b83c045
Do not export vars to the shell, instead create a main.mk and include it when needed
...
Otherwise it is almost impossible to stop var redefinitions in
successive builds
2020-03-31 16:19:02 +03:00
Soner Tari
6d9cdeb8f5
Install cargo and testproxy to only one linux machine for now
2020-03-31 11:55:30 +03:00
Soner Tari
cf0b3a38cf
Create make file to automate testproxy e2e tests Move lp under testproxy
2020-03-31 11:54:00 +03:00
Soner Tari
af3366b84f
Create make files for src and tests/check folders
...
Move folders and files related with check tests under tests/check folder
Fix check unit tests accordingly
2020-03-29 16:55:02 +03:00
Soner Tari
8eab8d1da8
Restructure source tree, create src and tests folders, move files accordingly
...
Remove docker
2020-03-27 14:28:08 +03:00