Commit Graph

138 Commits

Author SHA1 Message Date
Soner Tari
63c51e9edd Fix packet size 2017-07-21 00:44:21 +03:00
Soner Tari
f38163f7ed Code reuse, improvements, clean-up 2017-07-20 17:55:00 +03:00
Soner Tari
f38c3b4552 Enable HTTP code, needs extensive refactoring and clean-up 2017-07-18 22:07:29 +03:00
Soner Tari
74c2e18e43 BEV_OPT_DEFER_CALLBACKS seems responsible for the issue with srv_dst, libevent acts as if we call event connect() ourselves. See: Launching connections on socket-based bufferevents at http://www.wangafu.net/~nickm/libevent-book/Ref6_bufferevent.html. So enable writecb and assume write event as CONNECTED too. 2017-07-17 12:47:42 +03:00
Soner Tari
72687803e1 Fix multithreading, potential NULL retval, and other refactoring issues
Fix clean-up after errors
2017-07-16 17:10:18 +03:00
Soner Tari
5aae8fa320 Detach while freeing parent ctx, because we attach while creating the parent ctx, this should fix a signal 10 crash 2017-07-16 02:22:35 +03:00
Soner Tari
e013eadf23 Make child eventcb more similar to parent's eventcb
Re-enable closing srv_dst, TCP conns still stall even without it
2017-07-15 23:42:22 +03:00
Soner Tari
a23d3ecb7b Closing srv_dst causes TCP conns to stall sometimes (SSL cons were ok), so disabled for now
Make eventcb more similar to original sslsplit code
2017-07-15 21:51:20 +03:00
Soner Tari
1b9a192947 Remove recursion while freeing children, parent frees children in a loop now
Improve, simplify, clean-up
2017-07-15 13:04:13 +03:00
Soner Tari
ae35623c15 Remove meta ctx completely
Fix issues
2017-07-15 04:07:42 +03:00
Soner Tari
09e1c858b9 Refactoring to remove mctx 2017-07-14 22:34:15 +03:00
Soner Tari
133584361f Rename and clean-up 2017-07-13 00:45:12 +03:00
Soner Tari
496a4f090d Refactoring: Simplify, reduce, rearrange, rename, and clean-up
Get rid of now unnecessary child info struct and functions
2017-07-12 22:37:36 +03:00
Soner Tari
d7094d7138 Refactoring: Simplify, reduce, rearrange, rename, and clean-up
Got rid of now unnecessary pxy_conn_is_ready_to_free*() functions
Got rid of now unnecessary duplicate child and parent free functions: pxy_*_conn_free()
Fix error handling
2017-07-12 16:46:51 +03:00
Soner Tari
1a446cd243 Refactoring: Create child ctx
Rearrange, clean-up
2017-07-12 01:45:15 +03:00
Soner Tari
fc60db0e74 Disable the workaround for dst connection issues, NULL r/w cbs
Reduce the conn timeout to 30s again
2017-07-10 22:08:44 +03:00
Soner Tari
85875be00f Sometimes dst write cb fires but not event cb, especially if the listener cb is not finished yet, so the conn stalls. This is a workaround for this error condition, nothing else seems to work.
Clean-up
2017-07-10 17:26:58 +03:00
Soner Tari
590a693998 Rearrange and clean-up 2017-07-10 15:48:57 +03:00
Soner Tari
e8332f11cf Make conn termination more similar to orig sslsplit code
Free child info struct of a deleted child
Rename, rearrange, and clean-up
2017-07-10 12:27:46 +03:00
Soner Tari
d6e1ed2cef Fix a potential issue which could forward a packet without any SSL proxy address
Rename, rearrange, and clean-up
2017-07-07 17:18:01 +03:00
Soner Tari
e3266cc811 Fix closing fd2 when uninit, i.e. fd2=0, which was freeing stdin
Clean-up and improvements
2017-07-06 15:38:32 +03:00
Soner Tari
8ad3b5db25 Defer all e2 setup until after parent is connected
Clean-up and improvements
2017-07-06 01:58:21 +03:00
Soner Tari
6975175117 Defer e2 setup until after parent is connected, to prevent multithreading issues
Refactoring, improvements
2017-07-05 22:32:10 +03:00
Soner Tari
4d88906d24 Clean up and improve 2017-07-04 18:13:34 +03:00
Soner Tari
4f6b207e57 Improve conn termination: Close children asap if there is no parent, close parent asap if there is no child 2017-07-04 12:28:04 +03:00
Soner Tari
ad1f95e465 Remove conn mutexes: Use thrmgr mutex during attach/detatch only, do eveything in the same thread, do not touch the other threads
Flex, fix, and improve conn termination: Make it more similar to orig sslsplit code
Fix issues, and clean-up
2017-07-04 02:12:17 +03:00
Soner Tari
ecfaf24614 Add more child info to conns list, and clean-up 2017-07-02 17:47:26 +03:00
Soner Tari
5047df8cba Fix some of the compiler warnings, rearrange, and clean-up 2017-07-01 23:17:45 +03:00
Soner Tari
be54db770f Add comments, improvements, and clean-up 2017-07-01 18:08:28 +03:00
Soner Tari
0b0f6b21dc Add uuid to all conn mctxs, otherwise we cannot uniquely identify them, causing trouble especially while deleting conns
Fix issues, clean-up
2017-07-01 00:29:39 +03:00
Soner Tari
833e1903e1 Dump conn info list
Remove conns using delete list of timed out conns
Fix issues, improvements
2017-06-30 00:38:37 +03:00
Soner Tari
c11ca7a195 Fix freeing of non-ssl buffer events and fds 2017-06-27 22:11:10 +03:00
Soner Tari
4a34c4792b travis-cgi.org issue seems to be gone now
Rely less on parent ctx, and more on meta ctx
Rearrange, improve, and clean-up
2017-06-27 17:09:01 +03:00
Soner Tari
82b58c2dab Fix multithreading
Clean-up
2017-06-25 14:21:32 +03:00
Soner Tari
9858928b73 Add debug levels, initial 2017-06-15 19:07:37 +03:00
Soner Tari
ab600c8215 Leave if getsockname() fails 2017-06-15 12:00:53 +03:00
Soner Tari
d71533f0b9 Remove SSL proxy specific header line from the packet on the egress exit
Insert our header line right after the first header line in the packet in case the packet is fragmented, otherwise Squid is confused when it cannot find our header line in the first packet
2017-06-13 12:42:10 +03:00
Soner Tari
85a96ec844 First working SSL version, surprisingly running so fine and stable for a first prototype that I think there is something wrong and it is just running in passthrough mode :), seriously this is just the beginning. 2017-06-10 21:50:03 +03:00
Soner Tari
d033ea68dd Plain TCP version is running good enough, next will try to switch the SSL on 2017-05-29 12:22:23 +03:00
Daniel Roethlisberger
ca7f20e442 Fix connect log for autossl connections 2016-03-27 13:49:50 +02:00
Daniel Roethlisberger
e67978f4dd Merge branch 'develop' into feature/autossl 2016-03-27 13:27:38 +02:00
Daniel Roethlisberger
3c20f473fa Rename and improve autossl peeking function 2016-03-27 13:26:39 +02:00
Daniel Roethlisberger
9843ead5d7 Copy SNI hostname from OpenSSL if ctx->sni is NULL 2016-03-27 13:25:50 +02:00
Daniel Roethlisberger
2f834419eb Handle inbound EOF before outbound CONNECTED
Fix segmentation fault upon receiving BEV_EVENT_EOF on the inbound
bufferevent while the outbound bufferevent has not received
BEV_EVENT_CONNECTED yet.

Issue:		#124
Patch by:	Eun Soo Park
2016-03-27 12:16:57 +02:00
Daniel Roethlisberger
25b096450d Modernize DHE and ECDHE support
Enable full strength DHE and ECDHE by default in order to allow modern
browsers to connect without weak crypto warnings.

Issue:		#119
Reported by:	@curioustwo
2016-03-25 16:28:30 +01:00
Daniel Roethlisberger
0506024587 Update copyright notices to 2016 2016-03-25 12:19:23 +01:00
Daniel Roethlisberger
b3b7a7ab17 Merge branch 'develop' into feature/autossl 2016-03-15 20:13:12 +01:00
Daniel Roethlisberger
ba2f451f5e Fix bev write handler for other->closed case
When other->closed is set, the bufferevent write handler accesses
other->bev even though it is invalid.  Fix this access, and as added
layer of defense against future bugs, set ->bev to NULL whenever
invalidating it, except where the connection is torn down completely.

Reported by:	Eun Soo Park
Introduced in:	2bcfaf4 17d753f
Issue:		#109
2015-11-08 15:44:02 +01:00
Daniel Roethlisberger
17d753fc2d Fix NULL pointer dereference in bev write handler
Only manipulate other->bev if it is not NULL to avoid a NULL pointer
dereference in the proxy bufferevent write handler when only one
direction is fully established, for example during connection shutdown.

Reported by:	@david-holonet
Introduced in:	2bcfaf4
Issue:		#109
2015-11-01 17:56:57 +01:00
Daniel Roethlisberger
2bcfaf4b44 Re-enable EV_READ if disabled and outbuf empty
The event buffer write handler failes to re-enable the corresponding
read event of the opposite connection if the buffer is not only down to
less than half the limit, but completely emptied.  In that case, the
read event would never be re-enabled and the connection would stall and
time out.

Issue:		#109
Patch by:	Eun Soo Park
2015-10-25 17:54:27 +01:00