Archives/SSLproxy
2
0
Fork 0
mirror of https://github.com/sonertari/SSLproxy synced 2024-11-16 06:12:44 +00:00
Code Issues Packages Projects Releases Wiki Activity
1,089 Commits 2 Branches 27 Tags 3.1 MiB
6faecf21ff
Commit Graph

1089 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Soner Tari
6faecf21ff Fix unit tests with opaque x509 struct 
X509 is opaque since LibreSSL 3.5.2, as in OpenSSL 1.1:
https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-3.5.2-relnotes.txt
 2022-12-24 22:17:44 +13:00
Soner Tari
187f5c7893 Use htons() not hton() 
Fixes build error in the commit 7fa67d0071
 2022-12-24 22:17:44 +13:00
piolug93
37aa3d7ed5 Fix byte order for ports in mirror trafic 
Convert values between host and network byte order.
 2022-12-24 22:17:44 +13:00
Soner Tari
91fc80cb67 Fix warning for array subscript outside array bounds in function declaration 
Thanks to gcc version 11.2.0
 2022-09-24 11:09:30 +03:00
Soner Tari
e456f56001 Release v0.9.3 2022-05-02 22:40:39 +03:00
Soner Tari
b78a367d76 Silence warning for unused var on OpenBSD 2022-04-23 15:09:36 +03:00
Soner Tari
604fb58646 Fix macOS header selection 
Must have been broken since the restructuring of the source tree
 2022-04-19 21:34:43 +03:00
Soner Tari
c3feea53f9 Make sure natengine is not NULL before freeing 2022-04-19 21:27:45 +03:00
Soner Tari
674893cc79 Fix compiler warnings for format spec for size_t 2022-04-19 21:27:26 +03:00
Soner Tari
efc0be9991 Re-enable osx on travis 
XNU versions fixed now
 2022-04-19 21:26:51 +03:00
Soner Tari
01d0b156d6 Decouple autossl code handling underlying bufs 
And clean up redundant child callbacks
 2022-04-18 22:35:48 +03:00
Soner Tari
0124fb33c5 Update XNU headers for macOS 
About 2 years old.
 2022-04-18 18:21:57 +03:00
Soner Tari
3a215f4f3f Use parent protoctx for autossl ctx 
This fixes a crash.
And improve logging.
 2022-04-11 14:11:40 +03:00
Soner Tari
63a48308cd Fix autossl without STARTTLS in divert mode 
In the previous implementation, the use case for autossl was assumed to
be STARTTLS with POP3 or SMTP. But there are users who use autossl with
HTTP too. The split mode was fine, but the divert mode was broken. This
change makes autossl a generic upgrade mechanism.
Also fix sslproxy line in autossl, change p to s if upgraded.
Add e2e tests for autossl in divert and split mode.
 2022-04-11 01:11:54 +03:00
Soner Tari
45abd2e85c Make sure srvdst.bev is not NULL in autossl 2022-04-09 15:08:27 +03:00
Soner Tari
fce838e43b Move code handling underlying bevs to autossl 
Non-autossl protos do not have underlying bevs, so we should not try
check them. But there are still a couple of functions left which needs
to be moved to autossl.
 2022-04-09 14:39:34 +03:00
Soner Tari
571720e24c OR not AND retval -1 with term and enomem flags 
Similarly to what we do in pxy_listener_acceptcb_child().
 2022-04-09 12:19:38 +03:00
Soner Tari
fec19b8c8b Remove unnecessary function calls 2022-04-09 00:07:50 +03:00
Soner Tari
e43564635a Add WUNRES and NONNULL attribs to function types with return values 
Otherwise gcc does not issue warnings for them.
 2022-04-08 22:01:47 +03:00
Soner Tari
76ea48f2d0 Remove srvdst_xferred flag 
Setting srvdst.bev to NULL can be used as a flag to indicate that we
have reused the srvdst of the parent as the dst of the first child conn.
This also prevents access to srvdst.bev after we do the xfer, without
any extra flag.
 2022-04-08 21:42:48 +03:00
Soner Tari
02a6cc12e6 Remove redundant srvdst_xferred flag in child ctx 2022-04-08 12:43:33 +03:00
Soner Tari
dc40f74c13 Update copyright year to 2022 2022-04-06 22:35:26 +03:00
Soner Tari
722c2f59d2 Disable srvdst events asap when xferring to child and in split mode 
This is the correct implementation. And disabling later on is
problematic while terminating, and can even cause a crash.
 2022-04-06 20:30:06 +03:00
Soner Tari
61e28a5c86 Fix crash in split mode if we try to access srvdst while terminating 
Disable events and NULL callbacks of srvdst at assignment time to dst,
not at termination.
 2022-04-06 16:44:46 +03:00
Soner Tari
af6b40b5bf Fix natengine opt passed in proxyspec on command line 2022-04-06 14:43:41 +03:00
Soner Tari
2e8e677bac Discard underlying bufs while closing, sending errors, and denying ocsp 
Also refactor for code reuse.
Since we are closing in all such cases, performance is not important.
 2022-04-06 14:19:48 +03:00
Soner Tari
7143102efa Create callback functions for set/unset watermark 
Watermarking for underlying bevs is for autossl only. The other
protocols should not waste time with it.
 2022-04-05 18:49:27 +03:00
Soner Tari
013814317c Fix buffer watermarking for underlying bevs 2022-04-03 17:43:42 +03:00
Soner Tari
3efac5658f Fix build errors with OpenSSL 3.0.x, but not deprecation warnings 
This patch fixes errors only, so that build succeeds, but deprecation
warnings remain. It seems we need considerable changes to replace those
deprecated functions in the warnings.
 2022-04-03 17:40:36 +03:00
Soner Tari
3dea854173 Improve documentation 2021-12-29 15:38:37 +03:00
Soner Tari
59c28f6ad9 Fix enabling pcap and mirror logging, issue #37 
Reported by @Leonschmitt
 2021-12-22 14:35:02 +03:00
Soner Tari
7033afced1 Improve documentation 2021-11-25 22:50:42 +03:00
Soner Tari
7654f5e7b3 Fix unit tests with libressl 2.2.7 
OPENSSL_VERSION_NUMBER in libressl 2.2.7 is 20000000, which is >=
0x10100000L.
 2021-11-15 21:20:21 +03:00
Soner Tari
923bea195a Fix unit tests with libressl 3.4.1 2021-11-14 23:22:53 +03:00
Soner Tari
fe3bdc5dac Migrate to travis-ci.com 2021-11-14 21:57:02 +03:00
Soner Tari
8b2860b0b3 Fix unit tests with WITHOUT_USERAUTH enabled 2021-11-14 21:24:46 +03:00
Soner Tari
6bd0dea851 Disable travis e2e tests 2021-11-14 19:37:21 +03:00
Soner Tari
49c58048f6 Disable travis build with WITHOUT_MIRROR 
We cannot run unit tests with WITHOUT_MIRROR enabled, debug output for
filter rules have mirror logging
 2021-11-14 19:06:30 +03:00
Soner Tari
3f3c3623ad Fix unit tests for openssl-1.0.0s 2021-11-14 19:05:18 +03:00
Soner Tari
90b32e0595 Fix unit tests for openssl and libressl versions in travis config 2021-11-14 17:42:26 +03:00
Soner Tari
0600a5c2ea Do not verify server cert due to expired Let's Encrypt cert 2021-11-14 01:24:20 +03:00
Soner Tari
5bc6933f79 Fix unit tests for libressl-2.2.7, libressl-2.7.4, and openssl-1.1.0 2021-11-14 01:17:33 +03:00
Soner Tari
b3be019ffa Fix travis unit tests with max ssl proto 2021-11-13 19:37:05 +03:00
Soner Tari
c90f71f5ef Bump version to 0.9.2 2021-11-13 11:49:50 +03:00
Soner Tari
eba4eb3ea6 Fix syntax documentation for Log actions in struct filtering rules 
And clean up
 2021-11-13 10:57:16 +03:00
Soner Tari
677178c2d9 Fix use of uninitialised value error by valgrind 2021-11-10 20:42:13 +03:00
Soner Tari
2f2dd468f2 Free macros after setting filter rules during startup 2021-11-10 19:57:08 +03:00
Soner Tari
d876710acf Add the full text of the GPL and LGPL licenses 
This is required for complying with the LGPL license of the aho corasick
library.
 2021-11-10 18:11:15 +03:00
Soner Tari
3003d237c7 Reflect the license change of aho corasick library to LGPL 
Laurent Farhi, @farhiongit, the developer of the Aho Corasick library
has changed the license of the library to the LGPL. Thanks Laurent.
 2021-11-09 11:59:29 +03:00
Soner Tari
e05dd2b884 Update release date 2021-11-07 23:12:56 +03:00