Archives
/
SSLproxy
mirror of https://github.com/sonertari/SSLproxy
2
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
506 Commits
2 Branches
26 Tags
3.0 MiB
develop
master
v0.5.0
v0.5.1
v0.5.2
v0.5.3
v0.5.4
v0.5.5
v0.5.6
v0.5.7
v0.5.8
v0.5.9
v0.6.0
v0.7.0
v0.8.0
v0.8.1
v0.8.2
v0.8.3
v0.8.4
v0.8.5
v0.8.6
v0.9.0
v0.9.1
v0.9.2
v0.9.3
v0.9.4
v0.9.5
v0.9.6
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '63c51e9edd'
${ noResults }
Commit Graph

138 Commits (63c51e9eddb579af6abf4eb48b955af4a163915b)

Author SHA1 Message Date
Soner Tari 63c51e9edd Fix packet size 7 years ago
Soner Tari f38163f7ed Code reuse, improvements, clean-up 7 years ago
Soner Tari f38c3b4552 Enable HTTP code, needs extensive refactoring and clean-up 7 years ago
Soner Tari 74c2e18e43 BEV_OPT_DEFER_CALLBACKS seems responsible for the issue with srv_dst, libevent acts as if we call event connect() ourselves. See: Launching connections on socket-based bufferevents at http://www.wangafu.net/~nickm/libevent-book/Ref6_bufferevent.html. So enable writecb and assume write event as CONNECTED too. 7 years ago
Soner Tari 72687803e1 Fix multithreading, potential NULL retval, and other refactoring issues 
Fix clean-up after errors
 7 years ago
Soner Tari 5aae8fa320 Detach while freeing parent ctx, because we attach while creating the parent ctx, this should fix a signal 10 crash 7 years ago
Soner Tari e013eadf23 Make child eventcb more similar to parent's eventcb 
Re-enable closing srv_dst, TCP conns still stall even without it
 7 years ago
Soner Tari a23d3ecb7b Closing srv_dst causes TCP conns to stall sometimes (SSL cons were ok), so disabled for now 
Make eventcb more similar to original sslsplit code
 7 years ago
Soner Tari 1b9a192947 Remove recursion while freeing children, parent frees children in a loop now 
Improve, simplify, clean-up
 7 years ago
Soner Tari ae35623c15 Remove meta ctx completely 
Fix issues
 7 years ago
Soner Tari 09e1c858b9 Refactoring to remove mctx 7 years ago
Soner Tari 133584361f Rename and clean-up 7 years ago
Soner Tari 496a4f090d Refactoring: Simplify, reduce, rearrange, rename, and clean-up 
Get rid of now unnecessary child info struct and functions
 7 years ago
Soner Tari d7094d7138 Refactoring: Simplify, reduce, rearrange, rename, and clean-up 
Got rid of now unnecessary pxy_conn_is_ready_to_free*() functions
Got rid of now unnecessary duplicate child and parent free functions: pxy_*_conn_free()
Fix error handling
 7 years ago
Soner Tari 1a446cd243 Refactoring: Create child ctx 
Rearrange, clean-up
 7 years ago
Soner Tari fc60db0e74 Disable the workaround for dst connection issues, NULL r/w cbs 
Reduce the conn timeout to 30s again
 7 years ago
Soner Tari 85875be00f Sometimes dst write cb fires but not event cb, especially if the listener cb is not finished yet, so the conn stalls. This is a workaround for this error condition, nothing else seems to work. 
Clean-up
 7 years ago
Soner Tari 590a693998 Rearrange and clean-up 7 years ago
Soner Tari e8332f11cf Make conn termination more similar to orig sslsplit code 
Free child info struct of a deleted child
Rename, rearrange, and clean-up
 7 years ago
Soner Tari d6e1ed2cef Fix a potential issue which could forward a packet without any SSL proxy address 
Rename, rearrange, and clean-up
 7 years ago
Soner Tari e3266cc811 Fix closing fd2 when uninit, i.e. fd2=0, which was freeing stdin 
Clean-up and improvements
 7 years ago
Soner Tari 8ad3b5db25 Defer all e2 setup until after parent is connected 
Clean-up and improvements
 7 years ago
Soner Tari 6975175117 Defer e2 setup until after parent is connected, to prevent multithreading issues 
Refactoring, improvements
 7 years ago
Soner Tari 4d88906d24 Clean up and improve 7 years ago
Soner Tari 4f6b207e57 Improve conn termination: Close children asap if there is no parent, close parent asap if there is no child 7 years ago
Soner Tari ad1f95e465 Remove conn mutexes: Use thrmgr mutex during attach/detatch only, do eveything in the same thread, do not touch the other threads 
Flex, fix, and improve conn termination: Make it more similar to orig sslsplit code
Fix issues, and clean-up
 7 years ago
Soner Tari ecfaf24614 Add more child info to conns list, and clean-up 7 years ago
Soner Tari 5047df8cba Fix some of the compiler warnings, rearrange, and clean-up 7 years ago
Soner Tari be54db770f Add comments, improvements, and clean-up 7 years ago
Soner Tari 0b0f6b21dc Add uuid to all conn mctxs, otherwise we cannot uniquely identify them, causing trouble especially while deleting conns 
Fix issues, clean-up
 7 years ago
Soner Tari 833e1903e1 Dump conn info list 
Remove conns using delete list of timed out conns
Fix issues, improvements
 7 years ago
Soner Tari c11ca7a195 Fix freeing of non-ssl buffer events and fds 7 years ago
Soner Tari 4a34c4792b travis-cgi.org issue seems to be gone now 
Rely less on parent ctx, and more on meta ctx
Rearrange, improve, and clean-up
 7 years ago
Soner Tari 82b58c2dab Fix multithreading 
Clean-up
 7 years ago
Soner Tari 9858928b73 Add debug levels, initial 7 years ago
Soner Tari ab600c8215 Leave if getsockname() fails 7 years ago
Soner Tari d71533f0b9 Remove SSL proxy specific header line from the packet on the egress exit 
Insert our header line right after the first header line in the packet in case the packet is fragmented, otherwise Squid is confused when it cannot find our header line in the first packet
 7 years ago
Soner Tari 85a96ec844 First working SSL version, surprisingly running so fine and stable for a first prototype that I think there is something wrong and it is just running in passthrough mode :), seriously this is just the beginning. 7 years ago
Soner Tari d033ea68dd Plain TCP version is running good enough, next will try to switch the SSL on 7 years ago
Daniel Roethlisberger ca7f20e442 Fix connect log for autossl connections 9 years ago
Daniel Roethlisberger e67978f4dd Merge branch 'develop' into feature/autossl 9 years ago
Daniel Roethlisberger 3c20f473fa Rename and improve autossl peeking function 9 years ago
Daniel Roethlisberger 9843ead5d7 Copy SNI hostname from OpenSSL if ctx->sni is NULL 9 years ago
Daniel Roethlisberger 2f834419eb Handle inbound EOF before outbound CONNECTED 
Fix segmentation fault upon receiving BEV_EVENT_EOF on the inbound
bufferevent while the outbound bufferevent has not received
BEV_EVENT_CONNECTED yet.

Issue:		#124
Patch by:	Eun Soo Park
 9 years ago
Daniel Roethlisberger 25b096450d Modernize DHE and ECDHE support 
Enable full strength DHE and ECDHE by default in order to allow modern
browsers to connect without weak crypto warnings.

Issue:		#119
Reported by:	@curioustwo
 9 years ago
Daniel Roethlisberger 0506024587 Update copyright notices to 2016 9 years ago
Daniel Roethlisberger b3b7a7ab17 Merge branch 'develop' into feature/autossl 9 years ago
Daniel Roethlisberger ba2f451f5e Fix bev write handler for other->closed case 
When other->closed is set, the bufferevent write handler accesses
other->bev even though it is invalid.  Fix this access, and as added
layer of defense against future bugs, set ->bev to NULL whenever
invalidating it, except where the connection is torn down completely.

Reported by:	Eun Soo Park
Introduced in:	2bcfaf4 17d753f
Issue:		#109
 9 years ago
Daniel Roethlisberger 17d753fc2d Fix NULL pointer dereference in bev write handler 
Only manipulate other->bev if it is not NULL to avoid a NULL pointer
dereference in the proxy bufferevent write handler when only one
direction is fully established, for example during connection shutdown.

Reported by:	@david-holonet
Introduced in:	2bcfaf4
Issue:		#109
 9 years ago
Daniel Roethlisberger 2bcfaf4b44 Re-enable EV_READ if disabled and outbuf empty 
The event buffer write handler failes to re-enable the corresponding
read event of the opposite connection if the buffer is not only down to
less than half the limit, but completely emptied.  In that case, the
read event would never be re-enabled and the connection would stall and
time out.

Issue:		#109
Patch by:	Eun Soo Park
 9 years ago