Daniel Roethlisberger
37758dda59
SSLsplit 0.4.5 release
12 years ago
Daniel Roethlisberger
005ebd1b95
Fix syslog for more error cases
...
Also fix issue #6 for target certificate loading error cases.
12 years ago
Daniel Roethlisberger
6e6868c051
Update NEWS
12 years ago
Daniel Roethlisberger
d3abdfd5dc
Fix race condition on proxy startup failure
...
Yield the CPU in the main thread until the proxy thread manager is fully
started. Otherwise, the main thread could free the proxy thread manager
while the threads are still starting up, leading to a deadlock.
12 years ago
Daniel Roethlisberger
bb15224d11
Flush error queue prior to exiting
...
Reorganize the cleanup code after detaching from the TTY in order to be
able to flush the error queue before calling exit(). Addresses issue #6
12 years ago
Daniel Roethlisberger
7713f82b62
Move more log writes after log initialization
12 years ago
Daniel Roethlisberger
71f06e501c
Update NEWS
12 years ago
Daniel Roethlisberger
1995dc4b89
Reinitialize SSL mutexes after fork
...
See issue #5 .
12 years ago
Daniel Roethlisberger
067521924a
Cleanup tgcrt loading to protect mutexes from fork
...
See issue #5 .
12 years ago
Daniel Roethlisberger
173b2435d2
Allocate thread queue in start() not new()
12 years ago
Daniel Roethlisberger
3d15f14239
Fix lost error message
12 years ago
Daniel Roethlisberger
bb9c353ecb
Initialize proxy after detaching from TTY
...
Fixes issue #5 .
12 years ago
Daniel Roethlisberger
0073cbdc47
Make cache initialization fork()-safe
...
POSIX threads require mutexes to be reinitialized after fork(). Not
doing so will break daemon mode, depending on pthread implementation.
See issue #5 .
12 years ago
Daniel Roethlisberger
b27175f910
Reorder initialization in main()
12 years ago
Daniel Roethlisberger
eb6162389f
Remove commit ids from NEWS file
12 years ago
Daniel Roethlisberger
807b7c1d3b
Fix typo in manpage
12 years ago
Daniel Roethlisberger
6b2bef3920
Add separate LICENSE file
12 years ago
Daniel Roethlisberger
cdfaeedb80
Ignore all DH param files under extra/pki
12 years ago
Daniel Roethlisberger
ff6fbef91f
Add 4096-bit Diffie-Hellman to dh target
12 years ago
Daniel Roethlisberger
35c3967eef
Remove obsolete dhall target from .PHONY
12 years ago
Daniel Roethlisberger
bd77e6a228
Improve ssl_tmp_dh_callback() error messages
12 years ago
Daniel Roethlisberger
79c2c6e520
Add support for 2048 and 4096 bit Diffie-Hellman
...
Add group parameters for 2048 and 4096 bit Diffie-Hellman in addition to
the previous 512 and 1024 bit parameters. Also add a meaningful error
message when a group size is requested which is not provided.
12 years ago
Daniel Roethlisberger
e19a97b21f
Update NEWS and TODO
12 years ago
Daniel Roethlisberger
6b4b121da2
Fix address family check in netfilter NAT lookup
...
Use src_addr instead of the (yet to be set) dst_addr for determining the
address family. Fixes issue #4 .
12 years ago
Daniel Roethlisberger
6106940e0c
Omit nat_getsockname_lookup_cb() unless it is used
12 years ago
Daniel Roethlisberger
1b20544333
Add temporary RSA keys to TODO
12 years ago
Daniel Roethlisberger
fda4f57aa7
Remove unused IPv6 code for netfilter NAT engine
13 years ago
Daniel Roethlisberger
fc8c0110c5
Do not generate ECC keys for unit tests
13 years ago
Daniel Roethlisberger
5ed3e5172b
Make explanation of DEBUG_CFLAGS clearer
13 years ago
Daniel Roethlisberger
2266f07b4f
Update TODO
13 years ago
Daniel Roethlisberger
a4040d8372
Suppress warnings for system headers with -isystem
...
Use -isystem instead of -I in CPPFLAGS to suppress compiler warnings for
system and library headers.
13 years ago
Daniel Roethlisberger
911e15763d
Add opts->debug branch prediction test case
13 years ago
Daniel Roethlisberger
ef1330d69f
Remove const from util_skipws() and add tests
13 years ago
Daniel Roethlisberger
5c048e3990
Remove unneeded include statements
13 years ago
Daniel Roethlisberger
6fe4c5bf01
Sign release tarball using GnuPG
13 years ago
Daniel Roethlisberger
62af96e413
Clarify when it is preferred to use SNI proxyspecs
13 years ago
Daniel Roethlisberger
11fdf52553
Add NEWS file, documenting release history
13 years ago
Daniel Roethlisberger
f75d1bc01b
Use some more markdown syntax
13 years ago
Daniel Roethlisberger
457c2621b8
Fix warning when SSLv2 session cache is enabled
13 years ago
Daniel Roethlisberger
8eb5165760
Optimize debug branching using __builtin_expect()
13 years ago
Daniel Roethlisberger
e270fb127b
Unconditionally define _GNU_SOURCE
...
Get rid of the fragile glibc auto-detection mechanism and define
_GNU_SOURCE unconditionally in order to fix the build on recent GNU libc
systems such as Debian and Ubuntu. On non-GNU libc implementations,
_GNU_SOURCE should not have any effect.
Issue: #2
Reported by: Vincent Bernat
13 years ago
Daniel Roethlisberger
3742404fe9
Update ECDH default curve name in manual page
13 years ago
Daniel Roethlisberger
7ad1deb680
Document intended use of SSLsplit
13 years ago
Daniel Roethlisberger
a3b6d58df4
State why ECDH is disabled with OpenSSL < 1.0.0e
13 years ago
Daniel Roethlisberger
38d22415af
Generic EC loading, new default curve 'secp160r2'
13 years ago
Daniel Roethlisberger
6d58824de2
Fix typo in manual page
13 years ago
Daniel Roethlisberger
759ce87ff9
Add some basic unit tests for dynbuf
13 years ago
Daniel Roethlisberger
707480a1dd
Add file comments
13 years ago
Daniel Roethlisberger
a592f7149c
Improve error handling for no origcrt situations
13 years ago
Daniel Roethlisberger
605c1ab6e6
Improve error recovery under low memory conditions
13 years ago