Archives
/
SSLproxy
mirror of https://github.com/sonertari/SSLproxy
2
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
752 Commits
2 Branches
25 Tags
3.0 MiB
develop
master
v0.5.0
v0.5.1
v0.5.2
v0.5.3
v0.5.4
v0.5.5
v0.5.6
v0.5.7
v0.5.8
v0.5.9
v0.6.0
v0.7.0
v0.8.0
v0.8.1
v0.8.2
v0.8.3
v0.8.4
v0.8.5
v0.8.6
v0.9.0
v0.9.1
v0.9.2
v0.9.3
v0.9.4
v0.9.5
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '4a05b4bf05'
${ noResults }
Commit Graph

89 Commits (4a05b4bf05d10a64d6625a34e4a9677dd7d59b8c)

Author SHA1 Message Date
Soner Tari 58eb907d69 Separate global and proxyspec opts 5 years ago
Soner Tari c3abe74776 Add client filtering to PassSite option, per site filters can be defined using client IP addresses, users, and description keywords 5 years ago
Soner Tari 24972bda48 Rearrange debug log messages 5 years ago
Soner Tari 8c2fd3cc31 Replace recursion with while loop in child max fd computation and debug logging 5 years ago
Soner Tari 3c8d6e7e4e Fix the location of the assertion checking NULL thr conns list, nice catch by this assert() call, that it is misplaced, so add further assertions 5 years ago
Soner Tari 98c1186cb8 Improve documentation, and simplify code 5 years ago
Soner Tari ad38b68ad7 Fix a possible multithreading issue: Ignore event_add() failure and do not try to close the conn after adding it to pending ssl conns list 
Debug print pending ssl conns list
Remove redundant asprintf() calls and vars
Rename fields and fix whitespace
 5 years ago
Soner Tari 50740b9f77 Remove redundant ctx fields, rename vars, rearrange code, and improve documentation 5 years ago
Soner Tari 42eb887ebb Do not modify conn thread fields without locking on thrmgr thread, so we only modify thr load and thr conn list, no tread stats, on thrmgr now 5 years ago
Soner Tari bf67b617c2 Keep track of ssl conns waiting for the first packet, and remove them if they time out 
Otherwise if no packet arrives, hence readcb does not fire, that ssl conn is lost causing memory and fd leak
Accepting a connection does not mean that a packet will be received
Use better names
 5 years ago
Soner Tari e145ca6eed Refactor add/remove conn/child code 
Fix whitespace
 5 years ago
Soner Tari cc0b94c17f Do not do anything with the conn ctx on the thrmgr thread after setting event callbacks and/or socket connect 
Always lock conn thr while reading ctx fields, otherwise we may get wrong values
 5 years ago
Soner Tari 17122fa6a8 Always keep thr load and conns list in sync 5 years ago
Soner Tari c43e359a1b Do not modify thr stats without locking, otherwise max fd stats were sometimes wrong 5 years ago
Soner Tari 3147723774 Add attribs, enclose debug params between debug macros, and improve documentation 5 years ago
Soner Tari dcaaa49f90 Improve documentation and use better names 5 years ago
Soner Tari 79ad5e86cc Fix expired conn handling, signal 6 crash: Do not lock conn thr mutex twice while freeing expired conns 
Fix passthrough mode: Do not SSL_free() srvdst ssl anymore and do not add conn to thr conns list twice
 5 years ago
Soner Tari 844e68116a Move userauth from thrmgr thread to conn handling threads, and do not enable r/w callbacks until userauth succeeds 
Lock conn thread instead of thrmgr thread while adding conns (giant thrmgr lock versus conn thread level locks), so add conn thread mutex and remove thrmgr mutex
Offload thrmgr thread by moving many conn related setup to conn handling threads
Fix signal 6 crash caused by calling pxy_thrmgr_timer_cb() while failed conn is being freed, so use conn thread mutexes and defer adding conn to thr conn list until conn setup succeeds
Other fixes, improvements, and clean-up
 5 years ago
Soner Tari 7b11eb15fa Update copyright year to 2019 5 years ago
Soner Tari 4f4b41d5ad Add user and proto validation info to connection logs 5 years ago
Soner Tari 1f451aa04d Change user db table name to users, change mac column name to ether 
Clean up
 5 years ago
Soner Tari cde3fbca3f Redirect user to login page and redirect again to orig target after successful authentication, currently supported only on OpenBSD 
Get ethernet address and compare with the one in userdb, on each conn setup
Create user_auth options
Rename and clean-up
 5 years ago
Soner Tari fb25c45c66 Clean-up 5 years ago
Soner Tari 304207e9e9 Add initial user database support using sqlite3 5 years ago
Soner Tari 3f148cf3b9 Move thrmgr->conn_count inc for conn id back to conn acceptcb, because acceptcb runs on thrmgr thread which is single threaded, so there is no multithreading issues there 6 years ago
Soner Tari 360b951ade Prevent possible multithreading issues, which would not cause crashes but incorrect conn ids and memory leaks due to broken thread conn linked lists 6 years ago
Soner Tari 12ecc96648 Assume co-ownership of refactored and new pxy and proto source files by adding copyright line below the original copyright line 6 years ago
Soner Tari 5351e78740 Combine term and enomem handling code and improve 6 years ago
Soner Tari c085cafe0f Rename srv_dst to srvdst 
Clean up
 6 years ago
Soner Tari a314be6e94 Add conn context and is_child fields to proxy context struct to get rid of extra function params and to simplify conditionals 
Remove redundant parent/conn pointer vars
Use conn instead of parent amap
 6 years ago
Soner Tari 6f023e5990 Avoid comparison between signed and unsigned integer, reported by @janusloo on Linux DietPi 4.14.22-v7+ #1096 SMP Mon Feb 26 19:14:22 GMT 2018 armv7l GNU/Linux, I don't see such warnings on 64-bit OpenBSD or Linux though, even with -Wsign-compare 6 years ago
Soner Tari 0fee063e0c Use %zu for size_t, and avoid comparison between signed and unsigned integer, reported by @janusloo 6 years ago
Soner Tari f6a63c33b1 Fix time_t portability, see https://www.openbsd.org/papers/eurobsdcon_2013_time_t/mgp00029.html 6 years ago
Soner Tari 9d435e180c Update with SSLsplit 0.5.2 and develop branch changes as of 270218 6 years ago
Soner Tari 4c8831bd90 Update with SSLsplit 0.5.1 changes, fix LibreSSL version issues 
Add VerifyPeer and AllowWrongHost options
 7 years ago
Soner Tari 3ae89131dc Use different syslog facilities for error, conn, and stats logs, so they can be filtered into separate log files in syslog.conf 7 years ago
Soner Tari b064ffa668 Use llu int as unique conn id, much simpler than uuid 7 years ago
Soner Tari 137f017cb5 Fix EXPIRED message bug, other fixes and improvements 7 years ago
Soner Tari a1c5d05143 Add support for log priority to error logs, so syslogd prints the correct prio for error logs now 7 years ago
Soner Tari 9ec58f821b Changes needed while adding SSL proxy support to WUI 
Separate mail/mails to pop3/pop3s/smtp/smpts for statistics
Write connect logs to syslog too, for statistics
Fix log lines for statistics, remove fds from err logs
 7 years ago
Soner Tari 7748e3ec1b Add conf file support, with -f command line option, supports a subset of all possible options 7 years ago
Soner Tari 1a6eab50a5 Tidy and clean logs up 
Add DEBUG_PROXY directive around all log_dbg_level_printf() and related lines
Log stats to syslog, similar to error logs, so that it is simpler to rotate and parse
-O w/o -g is failing bufferevent_socket_connect for parent dst, so either enable -O w/ -g, or disable -O w/o -g (-O2 is failing too)
Refactoring
 7 years ago
Soner Tari 9e637dd2cc Clean-up 7 years ago
Soner Tari 5a136b7ce7 Add extra stats 
Rearrange, clean-up
 7 years ago
Soner Tari 2411f79582 Add plain or ssl info to SSLproxy specific header line 
Fix child eof bug
Flickr keeps redirecting to https with 301 unless we remove the Via line of squid, so apparently flickr assumes the existence of Via header field or squid keyword a sign of plain http, even if we are using https
Also do not send the loopback address to the Internet
Other fixes
 7 years ago
Soner Tari 67ddee1585 Import sslsplit-devel changes 
Add stats logs, initial
Add SSLproxy_SrcAddr header field
Clean-up
 7 years ago
Soner Tari 378c8c03ef Fix/improve logging, clean-up 7 years ago
Soner Tari 1b9a192947 Remove recursion while freeing children, parent frees children in a loop now 
Improve, simplify, clean-up
 7 years ago
Soner Tari ae35623c15 Remove meta ctx completely 
Fix issues
 7 years ago
Soner Tari 09e1c858b9 Refactoring to remove mctx 7 years ago