Soner Tari
009fe9f6ad
Merge sslsplit develop changes
2019-08-08 12:23:04 +03:00
Soner Tari
fdcf138150
Put option dbg logs in between DEBUG_OPTS macro
...
Assume ownership of further code
Clean up
2019-07-23 12:55:06 +03:00
Soner Tari
58eb907d69
Separate global and proxyspec opts
2019-07-12 14:40:04 +03:00
Soner Tari
98c1186cb8
Improve documentation, and simplify code
2019-03-24 01:31:19 +03:00
Soner Tari
ad38b68ad7
Fix a possible multithreading issue: Ignore event_add() failure and do not try to close the conn after adding it to pending ssl conns list
...
Debug print pending ssl conns list
Remove redundant asprintf() calls and vars
Rename fields and fix whitespace
2019-03-23 23:34:38 +03:00
Soner Tari
bf67b617c2
Keep track of ssl conns waiting for the first packet, and remove them if they time out
...
Otherwise if no packet arrives, hence readcb does not fire, that ssl conn is lost causing memory and fd leak
Accepting a connection does not mean that a packet will be received
Use better names
2019-03-22 15:21:39 +03:00
Soner Tari
79ad5e86cc
Fix expired conn handling, signal 6 crash: Do not lock conn thr mutex twice while freeing expired conns
...
Fix passthrough mode: Do not SSL_free() srvdst ssl anymore and do not add conn to thr conns list twice
2019-03-15 00:20:53 +03:00
Soner Tari
844e68116a
Move userauth from thrmgr thread to conn handling threads, and do not enable r/w callbacks until userauth succeeds
...
Lock conn thread instead of thrmgr thread while adding conns (giant thrmgr lock versus conn thread level locks), so add conn thread mutex and remove thrmgr mutex
Offload thrmgr thread by moving many conn related setup to conn handling threads
Fix signal 6 crash caused by calling pxy_thrmgr_timer_cb() while failed conn is being freed, so use conn thread mutexes and defer adding conn to thr conn list until conn setup succeeds
Other fixes, improvements, and clean-up
2019-03-14 03:47:03 +03:00
Soner Tari
76a599d464
Put the getdtablecount() solution back in, otherwise sometimes, although rarely, we get "Error 24 on listener: Too many open files" nonstop, it's better to be safe(r)
2019-03-11 02:41:16 +03:00
Soner Tari
cde3fbca3f
Redirect user to login page and redirect again to orig target after successful authentication, currently supported only on OpenBSD
...
Get ethernet address and compare with the one in userdb, on each conn setup
Create user_auth options
Rename and clean-up
2019-03-01 02:08:24 +03:00
Soner Tari
fb25c45c66
Clean-up
2019-02-16 17:52:57 +03:00
Soner Tari
304207e9e9
Add initial user database support using sqlite3
2019-02-16 17:29:14 +03:00
Soner Tari
70a22f4515
Do not break the event loop if out of fds, instead properly check all retvals of libevent functions
...
So remove getdtable*() solution
2018-11-30 02:49:37 +03:00
Soner Tari
9d435e180c
Update with SSLsplit 0.5.2 and develop branch changes as of 270218
2018-02-27 22:20:58 +03:00
Soner Tari
4c8831bd90
Update with SSLsplit 0.5.1 changes, fix LibreSSL version issues
...
Add VerifyPeer and AllowWrongHost options
2018-01-18 03:18:53 +03:00
Soner Tari
b064ffa668
Use llu int as unique conn id, much simpler than uuid
2017-10-26 20:10:36 +03:00
Soner Tari
179aa4fc8f
Close the conn if we are out of file descriptors, or libevent will crash us
2017-09-04 13:05:51 +03:00
Soner Tari
9ec58f821b
Changes needed while adding SSL proxy support to WUI
...
Separate mail/mails to pop3/pop3s/smtp/smpts for statistics
Write connect logs to syslog too, for statistics
Fix log lines for statistics, remove fds from err logs
2017-08-20 01:46:57 +03:00
Soner Tari
5a136b7ce7
Add extra stats
...
Rearrange, clean-up
2017-07-30 00:34:46 +03:00
Soner Tari
67ddee1585
Import sslsplit-devel changes
...
Add stats logs, initial
Add SSLproxy_SrcAddr header field
Clean-up
2017-07-25 16:07:39 +03:00
Soner Tari
ae35623c15
Remove meta ctx completely
...
Fix issues
2017-07-15 04:07:42 +03:00
Soner Tari
09e1c858b9
Refactoring to remove mctx
2017-07-14 22:34:15 +03:00
Soner Tari
496a4f090d
Refactoring: Simplify, reduce, rearrange, rename, and clean-up
...
Get rid of now unnecessary child info struct and functions
2017-07-12 22:37:36 +03:00
Soner Tari
d7094d7138
Refactoring: Simplify, reduce, rearrange, rename, and clean-up
...
Got rid of now unnecessary pxy_conn_is_ready_to_free*() functions
Got rid of now unnecessary duplicate child and parent free functions: pxy_*_conn_free()
Fix error handling
2017-07-12 16:46:51 +03:00
Soner Tari
e8332f11cf
Make conn termination more similar to orig sslsplit code
...
Free child info struct of a deleted child
Rename, rearrange, and clean-up
2017-07-10 12:27:46 +03:00
Soner Tari
d6e1ed2cef
Fix a potential issue which could forward a packet without any SSL proxy address
...
Rename, rearrange, and clean-up
2017-07-07 17:18:01 +03:00
Soner Tari
4d88906d24
Clean up and improve
2017-07-04 18:13:34 +03:00
Soner Tari
ad1f95e465
Remove conn mutexes: Use thrmgr mutex during attach/detatch only, do eveything in the same thread, do not touch the other threads
...
Flex, fix, and improve conn termination: Make it more similar to orig sslsplit code
Fix issues, and clean-up
2017-07-04 02:12:17 +03:00
Soner Tari
ecfaf24614
Add more child info to conns list, and clean-up
2017-07-02 17:47:26 +03:00
Soner Tari
5047df8cba
Fix some of the compiler warnings, rearrange, and clean-up
2017-07-01 23:17:45 +03:00
Soner Tari
be54db770f
Add comments, improvements, and clean-up
2017-07-01 18:08:28 +03:00
Soner Tari
833e1903e1
Dump conn info list
...
Remove conns using delete list of timed out conns
Fix issues, improvements
2017-06-30 00:38:37 +03:00
Soner Tari
d033ea68dd
Plain TCP version is running good enough, next will try to switch the SSL on
2017-05-29 12:22:23 +03:00
Daniel Roethlisberger
0506024587
Update copyright notices to 2016
2016-03-25 12:19:23 +01:00
Daniel Roethlisberger
91da4674e5
Update copyright, license and tagline
...
- Update copyright to 2015
- Remove the non-standard "unmodified" from the 2-clause BSD license
- Remove scalable from the tagline to avoid misinterpretations
2015-02-24 19:19:20 +01:00
Daniel Roethlisberger
ca923ee7f1
Update copyright notices to 2014
2014-01-06 14:09:18 +01:00
Daniel Roethlisberger
a0fd9c1050
Start thrmgr threads after forking
2013-07-02 15:54:46 +02:00
Daniel Roethlisberger
c972501063
Update copyright notices
2013-04-24 20:36:38 +02:00
Daniel Roethlisberger
439e8a8267
Use WUNRES and MALLOC attribs and fix sloppy code
2012-04-23 00:35:17 +02:00
Daniel Roethlisberger
4cfdef405a
Initial import of sslsplit-0.4.2
2012-04-13 14:47:30 +02:00