Archives
/
SSLproxy
mirror of https://github.com/sonertari/SSLproxy
2
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
209 Commits
2 Branches
26 Tags
3.0 MiB
develop
master
v0.5.0
v0.5.1
v0.5.2
v0.5.3
v0.5.4
v0.5.5
v0.5.6
v0.5.7
v0.5.8
v0.5.9
v0.6.0
v0.7.0
v0.8.0
v0.8.1
v0.8.2
v0.8.3
v0.8.4
v0.8.5
v0.8.6
v0.9.0
v0.9.1
v0.9.2
v0.9.3
v0.9.4
v0.9.5
v0.9.6
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '53e3d593c8'
${ noResults }
Commit Graph

209 Commits (53e3d593c89f412eb32e32af61826c0198d4df41)
 

Author SHA1 Message Date
Daniel Roethlisberger 53e3d593c8 Move build status into h1 10 years ago
Daniel Roethlisberger 67ed768fec Migrate documentation to markdown 
Issue:		#33
 10 years ago
Daniel Roethlisberger 50001e5458 Avoid apparently common misunderstandings 10 years ago
Daniel Roethlisberger 0648f84bfc Remove legacy TODO file; move to Github issues 10 years ago
Daniel Roethlisberger fb2841f645 Zero allocated elements before initializing them 
For some error conditions, the error handler depends on
ctx->thr[idx]->dnsbase to be zeroed expicitly after allocation.
To prevent this type of error, zero all allocated memory even
though it will get written to in any case.
 10 years ago
Daniel Roethlisberger 508435d929 Use correct pointer type in sizeof() 10 years ago
Daniel Roethlisberger 8dbea83b21 Prevent malloc(0) when ssl_x509_names() returns no names 10 years ago
Daniel Roethlisberger 259d470498 Use -I instead of -isystem with clang-analyzer 10 years ago
Daniel Roethlisberger d0665377ee Remove WGET_FLAGS from developer targets 10 years ago
Daniel Roethlisberger a299d7e3f3 Add unit tests for ssl_x509_subject() and ssl_x509_subject_cn() 10 years ago
Daniel Roethlisberger eca1ac9a5e Rewrite ssl_x509_subject_cn() error handling 10 years ago
Daniel Roethlisberger c210641783 Don't add XNU includes to cppcheck invocation 10 years ago
Daniel Roethlisberger 76aab3b816 Fix X509_NAME_get_text_by_NID() error handling 10 years ago
Daniel Roethlisberger 5219d494f3 Protect session cache calls from sess == NULL 10 years ago
Daniel Roethlisberger 78a573121d Add some CPPFLAGS to cppcheck arguments 10 years ago
Daniel Roethlisberger b9ab5a03e6 SSLsplit 0.4.9 release 10 years ago
Daniel Roethlisberger fcb64e85e7 Make SSLv2 support opt-in instead of opt-out 
Migrate knobs from DISABLE_SSLV2_CLIENT and DISABLE_SSLV2_SERVER to
WANT_SSLV2_CLIENT and WANT_SSLV2_SERVER and remove the
DISABLE_SSLV2_SESSION_CACHE knob entirely, automatically including the
respective code if SSLv2 support is compiled into SSLsplit.
 10 years ago
Daniel Roethlisberger edf1dac8fa Improve manual page re protocols and scalability 
Issue:		#42
 10 years ago
Daniel Roethlisberger 769fbd042d Filter HSTS response headers to allow cert override 
Also remove HTTP Strict Transport Security (HSTS, RFC 6797) headers from
HTTP responses.  With HSTS active, the user is not allowed to accept
untrusted certificates.
 10 years ago
Daniel Roethlisberger cc6cb59485 Rewrite Mac OS X support to use proper XNU headers 
Move from one set of headers per major OS X release to one set of
headers per XNU release.  Fetch the header files from Apple's official
Open Source site instead of GitHub in the fetchdeps developer target.
As a side effect, 10.6.x is now supported as well (untested), and proper
headers are used for 10.10.

Issue:		#39
 10 years ago
Daniel Roethlisberger 001615c53b Update khash.h to latest klib master 10 years ago
Daniel Roethlisberger b1a7b11aea Don't depend on the space when parsing HTTP headers 10 years ago
Daniel Roethlisberger d85e5ddbe2 Disable SSLv2 support by default 10 years ago
Daniel Roethlisberger d6f2fa067d Update TODO and refer to github issues 10 years ago
Daniel Roethlisberger 0a225ae65c Update documentation after merging pull req #35 10 years ago
Daniel Roethlisberger 42efb4a980 Slightly improve user experience for new option -m 10 years ago
Daniel Roethlisberger ee9d434cac Further improving OOM handling in early stages of main() 10 years ago
Daniel Roethlisberger b1b8fe09b9 Merge pull request #35 from fix-macosx/specify-custom-gid 
Add support for specifying an explicit group when dropping privileges.
 10 years ago
Daniel Roethlisberger bea022540f Handle strdup() failure in early stages of main() 
Issue:		#38
Reported by:	Markus Elfring
 10 years ago
Daniel Roethlisberger b105473629 Check return values of pthread_mutex_init and friends 
Issue:		#38
Reported by:	Markus Elfring
 10 years ago
Daniel Roethlisberger f575adadea Update documentation after merge of pull req #32 10 years ago
Daniel Roethlisberger 79c67ebed7 Merge pull request #32 from fix-macosx/macosx-yosemite 
Support Mac OS X 10.10 by using 10.9 headers
 10 years ago
Daniel Roethlisberger ed99fc0260 Use NULL instead of '\0' to avoid type conversion 10 years ago
Daniel Roethlisberger e64bf695dc Update documentation after merge of #34 10 years ago
Daniel Roethlisberger 2e418f1447 Merge pull request #34 from swills/master 
add DESTDIR, MANDIR to install target
 10 years ago
Steve Wills b8c8cb73ed add DESTDIR, MANDIR to install target 
DESTDIR to allow installing in chroot
MANDIR to allow specifying different dir for man pages
 10 years ago
Landon Fuller 9d54677009 Add support for specifying an explicit group when dropping privileges. 
This simplifies my use of pf(4) when using group-based
rules to exclude splitssl from redirection.
 10 years ago
Landon Fuller 8ef5011fcb Enable Mac OS X 10.10 feature detection 
This is pointed at the 10.9 pf headers for testing, as
the 10.10 kernel sources are unavailable.
 10 years ago
Landon Fuller ecbc84438a Fix crash in strdup() when no default NAT engine is available. 10 years ago
Daniel Roethlisberger 85b177f6b0 Special device nodes may be needed for -j to work 10 years ago
Daniel Roethlisberger 47c409cbb5 Don't rely on OpenSSL to pull in string.h 
Obtained from:	OpenBSD port patches
 10 years ago
Daniel Roethlisberger 3226d9bfcf No longer chroot() by default when run as root 
No longer implicitly use -j /var/empty by default and document clearly
the implications of using -j with -S and/or sni proxyspecs.

Issue:		#21
 11 years ago
Daniel Roethlisberger db0fa32b07 Load -t certificates before dropping privileges 
Load the certificates from the directory given by -t into the
certificate cache after preinit, but before dropping privileges.  This
fixes a number of issues, such as -t directory not being found after
chroot()ing to a different root, -t directory inaccessible due to
changing user with -u, and when using encrypted keys.  This bug was
introduced in 0675219 as a spurious part of fixing #5.

Issue:		#20, #19
Reported by:	Miroslav Stampar
 11 years ago
Daniel Roethlisberger ac98c2d9cc Fix segmentation fault when using -t without a CA 
The key type checks which are used to optimize the loading of DH and
ECDH parameters should check the type of the supplied server key, not
the global options key.
 11 years ago
Daniel Roethlisberger 4bd9dd1fa7 Fix glob to be compatible with /bin/dash 11 years ago
Daniel Roethlisberger 53a948cd18 Improve dependency tracking for targets/ certs 11 years ago
Daniel Roethlisberger 349cd1f6ec Add targets to .PHONY 11 years ago
Daniel Roethlisberger f669fbbca7 Add unit test for sys_dir_eachfile() 
Issue:		#19
Reported by:	Miroslav Stampar
 11 years ago
Daniel Roethlisberger 658bbfa6fe SSLsplit master 11 years ago
Daniel Roethlisberger c4ac9c60bc SSLsplit 0.4.8 release 11 years ago