Commit Graph

103 Commits

Author SHA1 Message Date
Soner Tari
313da5cfca Add -A DefaultLeafCert option
Rename LeafCerts to LeafKey, TargetCertDir to LeafCertDir, CRL to
LeafCRLURL
2020-05-09 22:14:50 +03:00
Soner Tari
aba07a53ee Disable conn ids unless debugging
We don't need parent or child ids unless debugging. IDLE and EXPIRED
conn logs do not need to report ids either. Ids are useful only in
detailed debug logs.
2020-05-08 01:11:50 +03:00
Soner Tari
5285b9e433 Fix valgrind REDIR warning about strncpy(), use memcpy() instead
REDIR: 0x562c100 (libc.so.6:__strncpy_ssse3) redirected to 0x4c32fb0
(strncpy)
The src strings are not NULL terminated at the correct positions.
2020-05-07 14:06:09 +03:00
Soner Tari
be80523036 Use the new inline max() function instead of MAX() macro function in sslproxy
Do not pass pxy_thr_print_children() or bufferevent_getfd() to MAX() or
util_max() macro functions as params, or else they are called twice.
Since MAX() macro call duplicates params, do not call it nested either,
or else we get very long macro expansions.
2020-05-07 00:10:42 +03:00
Soner Tari
e63d6dd3aa Remove BEV_OPT_THREADSAFE in lp too
thrmgr and conn handling threads in lp are cleanly decoupled now.
2020-05-06 23:54:50 +03:00
Soner Tari
8a96565d99 Zero out msg buf as in sslsplit
ce5f409dbe
("Zero all bytes when passing file descriptors over AF_UNIX sockets",
2018-11-12)

Also, bufferevent_getfd() returns -1 if no file descriptor is associated
with the bufferevent.
2020-05-06 12:45:55 +03:00
Soner Tari
128838c70f Fix -g flag for lp, use Mk/buildinfo.mk of sslproxy
This is necessary to detect the .git folder at the project root. So
remove Mk/buildinfo.mk of lp.
2020-05-06 02:08:23 +03:00
Soner Tari
3e706ea022 Fix leaks and errors reported by valgrind
Free vars.
Finalize sqlite3 statements.
Close sqlite3 db.
Init memory.
Do not close fd -1.

Some of these may be harmless, but we fix them anyway. Now valgrind
reports 0 "lost" memory, but some "still reachable", both for sslproxy
and lp.
2020-05-06 02:06:08 +03:00
Soner Tari
1d75bfb17f Fix a possible sync issue between thr load and conn children list on error
Refactor and rename functions, struct fields, and vars
Simplify if conditions and fix/improve logs
Clean up
2020-05-05 15:42:41 +03:00
Soner Tari
14cfd3286b Update ctime and first atime on conn handling thr, not on thrmgr
This offloads the thrmgr by saving a time() call.
Also remove an unnecessary NULL assignment.
2020-05-04 21:30:50 +03:00
Soner Tari
71dff82305 Terminate conn on socket connect error
And rename a function.
2020-05-04 21:05:35 +03:00
Soner Tari
18c882ad37 Refactor and rename assign/attach conn to thr functions
And fix comments.
2020-05-04 12:16:03 +03:00
Soner Tari
f069637fda Include errno.h in pxyconn.c too to fix travis issue 2020-05-04 00:21:42 +03:00
Soner Tari
61edeeedb1 Include errno.h, revert log.h to fix travis issue 2020-05-04 00:16:12 +03:00
Soner Tari
906d961168 Fix travis issue due to errno
errno and EMFILE are provided by <unistd.h>, but we need log.h anyway,
which includes logger.h, and which includes <unistd.h> in turn.
2020-05-04 00:05:17 +03:00
Soner Tari
6c5165fa6e Update lp with sslproxy changes and clean up 2020-05-03 23:28:21 +03:00
Soner Tari
05654e3bee Avoid possible crashes caused by passing NULL pointers to str*() functions 2020-04-18 11:28:55 +03:00
Soner Tari
a1f24e26d0 Clean up 2020-04-17 22:14:19 +03:00
Soner Tari
fd3aa5a394 Update lp with sslproxy changes, fix dst events
Enable dst r/w events before socket connect.
Improve verbose debug logs using common header fields to better identify
connections.
Create function macros for fine* debug logs.
2020-04-17 19:36:41 +03:00
Soner Tari
554fd3bd3a Improve code reuse, reduce code, clean up whitespace 2020-04-17 15:31:30 +03:00
Soner Tari
2b702495b0 Remove comixwall.org 2020-04-16 15:33:50 +03:00
Soner Tari
64c0078ecb Update comments about writecb before connected 2020-04-15 22:04:18 +03:00
Soner Tari
a0d74baa43 Update copyright year to 2020 2020-04-14 18:12:16 +03:00
Soner Tari
c3c228d8ce Remove ssl_shutdown_retry_delay and SSLShutdownRetryDelay, not used anymore 2020-04-12 16:05:16 +03:00
Soner Tari
10573a1b7c Copy BSDmakefile to subfolders
So we can individually make clean them
2020-04-12 15:51:41 +03:00
Soner Tari
3af16b3228 Improve verbose debug logs using common header fields to better identify connections
Create function macros for fine* debug logs
Fix a few memory leaks when DEBUG_PROXY enabled
Add main.mk to MKFS list
Put a few function params within DEBUG_PROXY directives
Check retval of a snprintf() call
Fix segfault with -w/-W options if no ssl proxyspec specified, also fixed in sslsplit develop: https://github.com/droe/sslsplit/issues/271
Various clean-up
2020-04-09 21:47:09 +03:00
Soner Tari
4503203c1b Remove MEDIUM ciphers
Cipher assertions become useless if we set ciphers to MEDIUM:HIGH, too
many ciphers would be possible
2020-04-05 22:22:36 +03:00
Soner Tari
c2e93dbbc0 Remove NO_TLS10 test case
The problem with LibreSSL 2.7.4 was not that it didn't support tls10,
but that MEDIUM and HIGH cipher definitions were different from the
openssl version of testproxy, hence tests were failing due to no shared
ciphers
2020-04-05 21:52:02 +03:00
Soner Tari
f1c2e9e881 Detect tls protos using output of sslproxy -V
But this is not going to work, because LibreSSL 2.7.4 says it supports
tls10, but SSL handshake fails if testproxy e2e tests for tls10 are
enabled.
2020-04-05 21:43:44 +03:00
Soner Tari
73724bd673 Fix assertions for tls10 tests, TLSv1.0 == SSLv3 2020-04-04 19:11:18 +03:00
Soner Tari
d42ba28729 Remove tls12 tests for older versions of openssl
Clean up
2020-04-04 19:01:35 +03:00
Soner Tari
9ac5a93823 Fix testproxy e2e tests for older versions of openssl and libressl
OpenSSL 0.9.8zh and 1.0.0s do not support TLSv11.
LibreSSL 2.2.7 uses other cipher names too.
LibreSSL 2.7.4 (since 2.3.0) does not support TLSv10.
2020-04-04 18:18:01 +03:00
Soner Tari
d4aca98834 Enable debug logs for testproxy 2020-04-03 00:38:28 +03:00
Soner Tari
fc1bb39de3 Fix xnu paths for osx 2020-04-03 00:33:13 +03:00
Soner Tari
519d797459 Fix osx build, no need for nat_used() 2020-04-02 23:38:09 +03:00
Soner Tari
e2fc1086cf Try fix sudo env 2020-04-02 20:51:44 +03:00
Soner Tari
fb500d9a33 Clean up lp make file 2020-04-02 16:49:11 +03:00
Soner Tari
50c1c9477d Try with first travis machine, remove openssl from lp, revert trials 2020-04-01 22:59:40 +03:00
Soner Tari
61f3c86eab Fix e2e test for deny OCSP request
It is not certain if the server should receive the ocsp request of the
client or not, it depends on libevent and various conditions at that
moment
2020-04-01 17:40:41 +03:00
Soner Tari
8a1db3d469 Fix export 2020-04-01 01:00:13 +03:00
Soner Tari
b1edd7e049 Export LD_LIBRARY_PATH before running lp 2020-04-01 00:46:47 +03:00
Soner Tari
d1374e70bb Set testproxy log level to 4 2020-03-31 21:33:55 +03:00
Soner Tari
454ae1d81a Comment out non-existing users 2020-03-31 19:43:04 +03:00
Soner Tari
85dded1953 Include errno.h 2020-03-31 19:31:39 +03:00
Soner Tari
e3adfba4ba Add errno.h 2020-03-31 19:22:22 +03:00
Soner Tari
3ebfba3044 Disable lp pkg-config for openssl 2020-03-31 18:18:07 +03:00
Soner Tari
2723171e05 Add openssl to lp, fix xnu path, clean up 2020-03-31 18:10:20 +03:00
Soner Tari
7e8fe08a98 Remove lp binary 2020-03-31 17:40:49 +03:00
Soner Tari
155b83c045 Do not export vars to the shell, instead create a main.mk and include it when needed
Otherwise it is almost impossible to stop var redefinitions in
successive builds
2020-03-31 16:19:02 +03:00
Soner Tari
6d9cdeb8f5 Install cargo and testproxy to only one linux machine for now 2020-03-31 11:55:30 +03:00
Soner Tari
cf0b3a38cf Create make file to automate testproxy e2e tests Move lp under testproxy 2020-03-31 11:54:00 +03:00
Soner Tari
af3366b84f Create make files for src and tests/check folders
Move folders and files related with check tests under tests/check folder
Fix check unit tests accordingly
2020-03-29 16:55:02 +03:00
Soner Tari
8eab8d1da8 Restructure source tree, create src and tests folders, move files accordingly
Remove docker
2020-03-27 14:28:08 +03:00