Commit Graph

40 Commits

Author SHA1 Message Date
Soner Tari
009fe9f6ad Merge sslsplit develop changes 2019-08-08 12:23:04 +03:00
Soner Tari
fdcf138150 Put option dbg logs in between DEBUG_OPTS macro
Assume ownership of further code
Clean up
2019-07-23 12:55:06 +03:00
Soner Tari
58eb907d69 Separate global and proxyspec opts 2019-07-12 14:40:04 +03:00
Soner Tari
98c1186cb8 Improve documentation, and simplify code 2019-03-24 01:31:19 +03:00
Soner Tari
ad38b68ad7 Fix a possible multithreading issue: Ignore event_add() failure and do not try to close the conn after adding it to pending ssl conns list
Debug print pending ssl conns list
Remove redundant asprintf() calls and vars
Rename fields and fix whitespace
2019-03-23 23:34:38 +03:00
Soner Tari
bf67b617c2 Keep track of ssl conns waiting for the first packet, and remove them if they time out
Otherwise if no packet arrives, hence readcb does not fire, that ssl conn is lost causing memory and fd leak
Accepting a connection does not mean that a packet will be received
Use better names
2019-03-22 15:21:39 +03:00
Soner Tari
79ad5e86cc Fix expired conn handling, signal 6 crash: Do not lock conn thr mutex twice while freeing expired conns
Fix passthrough mode: Do not SSL_free() srvdst ssl anymore and do not add conn to thr conns list twice
2019-03-15 00:20:53 +03:00
Soner Tari
844e68116a Move userauth from thrmgr thread to conn handling threads, and do not enable r/w callbacks until userauth succeeds
Lock conn thread instead of thrmgr thread while adding conns (giant thrmgr lock versus conn thread level locks), so add conn thread mutex and remove thrmgr mutex
Offload thrmgr thread by moving many conn related setup to conn handling threads
Fix signal 6 crash caused by calling pxy_thrmgr_timer_cb() while failed conn is being freed, so use conn thread mutexes and defer adding conn to thr conn list until conn setup succeeds
Other fixes, improvements, and clean-up
2019-03-14 03:47:03 +03:00
Soner Tari
76a599d464 Put the getdtablecount() solution back in, otherwise sometimes, although rarely, we get "Error 24 on listener: Too many open files" nonstop, it's better to be safe(r) 2019-03-11 02:41:16 +03:00
Soner Tari
cde3fbca3f Redirect user to login page and redirect again to orig target after successful authentication, currently supported only on OpenBSD
Get ethernet address and compare with the one in userdb, on each conn setup
Create user_auth options
Rename and clean-up
2019-03-01 02:08:24 +03:00
Soner Tari
fb25c45c66 Clean-up 2019-02-16 17:52:57 +03:00
Soner Tari
304207e9e9 Add initial user database support using sqlite3 2019-02-16 17:29:14 +03:00
Soner Tari
70a22f4515 Do not break the event loop if out of fds, instead properly check all retvals of libevent functions
So remove getdtable*() solution
2018-11-30 02:49:37 +03:00
Soner Tari
9d435e180c Update with SSLsplit 0.5.2 and develop branch changes as of 270218 2018-02-27 22:20:58 +03:00
Soner Tari
4c8831bd90 Update with SSLsplit 0.5.1 changes, fix LibreSSL version issues
Add VerifyPeer and AllowWrongHost options
2018-01-18 03:18:53 +03:00
Soner Tari
b064ffa668 Use llu int as unique conn id, much simpler than uuid 2017-10-26 20:10:36 +03:00
Soner Tari
179aa4fc8f Close the conn if we are out of file descriptors, or libevent will crash us 2017-09-04 13:05:51 +03:00
Soner Tari
9ec58f821b Changes needed while adding SSL proxy support to WUI
Separate mail/mails to pop3/pop3s/smtp/smpts for statistics
Write connect logs to syslog too, for statistics
Fix log lines for statistics, remove fds from err logs
2017-08-20 01:46:57 +03:00
Soner Tari
5a136b7ce7 Add extra stats
Rearrange, clean-up
2017-07-30 00:34:46 +03:00
Soner Tari
67ddee1585 Import sslsplit-devel changes
Add stats logs, initial
Add SSLproxy_SrcAddr header field
Clean-up
2017-07-25 16:07:39 +03:00
Soner Tari
ae35623c15 Remove meta ctx completely
Fix issues
2017-07-15 04:07:42 +03:00
Soner Tari
09e1c858b9 Refactoring to remove mctx 2017-07-14 22:34:15 +03:00
Soner Tari
496a4f090d Refactoring: Simplify, reduce, rearrange, rename, and clean-up
Get rid of now unnecessary child info struct and functions
2017-07-12 22:37:36 +03:00
Soner Tari
d7094d7138 Refactoring: Simplify, reduce, rearrange, rename, and clean-up
Got rid of now unnecessary pxy_conn_is_ready_to_free*() functions
Got rid of now unnecessary duplicate child and parent free functions: pxy_*_conn_free()
Fix error handling
2017-07-12 16:46:51 +03:00
Soner Tari
e8332f11cf Make conn termination more similar to orig sslsplit code
Free child info struct of a deleted child
Rename, rearrange, and clean-up
2017-07-10 12:27:46 +03:00
Soner Tari
d6e1ed2cef Fix a potential issue which could forward a packet without any SSL proxy address
Rename, rearrange, and clean-up
2017-07-07 17:18:01 +03:00
Soner Tari
4d88906d24 Clean up and improve 2017-07-04 18:13:34 +03:00
Soner Tari
ad1f95e465 Remove conn mutexes: Use thrmgr mutex during attach/detatch only, do eveything in the same thread, do not touch the other threads
Flex, fix, and improve conn termination: Make it more similar to orig sslsplit code
Fix issues, and clean-up
2017-07-04 02:12:17 +03:00
Soner Tari
ecfaf24614 Add more child info to conns list, and clean-up 2017-07-02 17:47:26 +03:00
Soner Tari
5047df8cba Fix some of the compiler warnings, rearrange, and clean-up 2017-07-01 23:17:45 +03:00
Soner Tari
be54db770f Add comments, improvements, and clean-up 2017-07-01 18:08:28 +03:00
Soner Tari
833e1903e1 Dump conn info list
Remove conns using delete list of timed out conns
Fix issues, improvements
2017-06-30 00:38:37 +03:00
Soner Tari
d033ea68dd Plain TCP version is running good enough, next will try to switch the SSL on 2017-05-29 12:22:23 +03:00
Daniel Roethlisberger
0506024587 Update copyright notices to 2016 2016-03-25 12:19:23 +01:00
Daniel Roethlisberger
91da4674e5 Update copyright, license and tagline
-   Update copyright to 2015
-   Remove the non-standard "unmodified" from the 2-clause BSD license
-   Remove scalable from the tagline to avoid misinterpretations
2015-02-24 19:19:20 +01:00
Daniel Roethlisberger
ca923ee7f1 Update copyright notices to 2014 2014-01-06 14:09:18 +01:00
Daniel Roethlisberger
a0fd9c1050 Start thrmgr threads after forking 2013-07-02 15:54:46 +02:00
Daniel Roethlisberger
c972501063 Update copyright notices 2013-04-24 20:36:38 +02:00
Daniel Roethlisberger
439e8a8267 Use WUNRES and MALLOC attribs and fix sloppy code 2012-04-23 00:35:17 +02:00
Daniel Roethlisberger
4cfdef405a Initial import of sslsplit-0.4.2 2012-04-13 14:47:30 +02:00